Package org.keycloak.models.utils
Class RoleUtils
- java.lang.Object
-
- org.keycloak.models.utils.RoleUtils
-
public class RoleUtils extends Object
- Author:
- Stian Thorgersen
-
-
Constructor Summary
Constructors Constructor Description RoleUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static Set<RoleModel>expandCompositeRoles(Set<RoleModel> roles)static Stream<RoleModel>expandCompositeRolesStream(Stream<RoleModel> roles)static Set<RoleModel>getDeepUserRoleMappings(UserModel user)static booleanhasRole(Set<RoleModel> roles, RoleModel targetRole)static booleanhasRole(Stream<RoleModel> roles, RoleModel targetRole)static booleanhasRoleFromGroup(Stream<GroupModel> groups, RoleModel targetRole, boolean checkParentGroup)Checks whether thetargetRoleis contained in any of thegroupsor their parents (if requested)static booleanhasRoleFromGroup(GroupModel group, RoleModel targetRole, boolean checkParentGroup)Checks whether thetargetRoleis contained in the given group or its parents (if requested)static booleanisClientRole(RoleModel r, ClientModel c)static booleanisDirectMember(Stream<GroupModel> groups, GroupModel targetGroup)static booleanisMember(Stream<GroupModel> groups, GroupModel targetGroup)static booleanisRealmRole(RoleModel r)static booleanisRealmRole(RoleModel r, RealmModel realm)
-
-
-
Method Detail
-
isMember
public static boolean isMember(Stream<GroupModel> groups, GroupModel targetGroup)
- Parameters:
groups-targetGroup-- Returns:
- true if targetGroup is in groups (directly or indirectly via parent child relationship)
-
isDirectMember
public static boolean isDirectMember(Stream<GroupModel> groups, GroupModel targetGroup)
- Parameters:
groups-targetGroup-- Returns:
- true if targetGroup is in groups directly
-
hasRole
public static boolean hasRole(Set<RoleModel> roles, RoleModel targetRole)
- Parameters:
roles-targetRole-- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
hasRole
public static boolean hasRole(Stream<RoleModel> roles, RoleModel targetRole)
- Parameters:
roles-targetRole-- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
hasRoleFromGroup
public static boolean hasRoleFromGroup(GroupModel group, RoleModel targetRole, boolean checkParentGroup)
Checks whether thetargetRoleis contained in the given group or its parents (if requested)- Parameters:
group- Group to check role fortargetRole-checkParentGroup- Whentrue, also parent group is recursively checked for role- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
hasRoleFromGroup
public static boolean hasRoleFromGroup(Stream<GroupModel> groups, RoleModel targetRole, boolean checkParentGroup)
Checks whether thetargetRoleis contained in any of thegroupsor their parents (if requested)- Parameters:
groups-targetRole-checkParentGroup- Whentrue, also parent group is recursively checked for role- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
expandCompositeRoles
public static Set<RoleModel> expandCompositeRoles(Set<RoleModel> roles)
- Parameters:
roles-- Returns:
- new set with composite roles expanded
-
expandCompositeRolesStream
public static Stream<RoleModel> expandCompositeRolesStream(Stream<RoleModel> roles)
- Parameters:
roles-- Returns:
- stream with composite roles expanded
-
getDeepUserRoleMappings
public static Set<RoleModel> getDeepUserRoleMappings(UserModel user)
- Parameters:
user-- Returns:
- all user role mappings including all groups of user. Composite roles will be expanded
-
isRealmRole
public static boolean isRealmRole(RoleModel r)
-
isRealmRole
public static boolean isRealmRole(RoleModel r, RealmModel realm)
-
isClientRole
public static boolean isClientRole(RoleModel r, ClientModel c)
-
-