Package org.keycloak.models.utils
Class RoleUtils
- java.lang.Object
-
- org.keycloak.models.utils.RoleUtils
-
public class RoleUtils extends Object
- Author:
- Stian Thorgersen
-
-
Constructor Summary
Constructors Constructor Description RoleUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static Set<RoleModel>
expandCompositeRoles(Set<RoleModel> roles)
static Stream<RoleModel>
expandCompositeRolesStream(Stream<RoleModel> roles)
static Set<RoleModel>
getDeepUserRoleMappings(UserModel user)
static boolean
hasRole(Set<RoleModel> roles, RoleModel targetRole)
static boolean
hasRole(Stream<RoleModel> roles, RoleModel targetRole)
static boolean
hasRoleFromGroup(Stream<GroupModel> groups, RoleModel targetRole, boolean checkParentGroup)
Checks whether thetargetRole
is contained in any of thegroups
or their parents (if requested)static boolean
hasRoleFromGroup(GroupModel group, RoleModel targetRole, boolean checkParentGroup)
Checks whether thetargetRole
is contained in the given group or its parents (if requested)static boolean
isClientRole(RoleModel r, ClientModel c)
static boolean
isDirectMember(Stream<GroupModel> groups, GroupModel targetGroup)
static boolean
isMember(Stream<GroupModel> groups, GroupModel targetGroup)
static boolean
isRealmRole(RoleModel r)
static boolean
isRealmRole(RoleModel r, RealmModel realm)
-
-
-
Method Detail
-
isMember
public static boolean isMember(Stream<GroupModel> groups, GroupModel targetGroup)
- Parameters:
groups
-targetGroup
-- Returns:
- true if targetGroup is in groups (directly or indirectly via parent child relationship)
-
isDirectMember
public static boolean isDirectMember(Stream<GroupModel> groups, GroupModel targetGroup)
- Parameters:
groups
-targetGroup
-- Returns:
- true if targetGroup is in groups directly
-
hasRole
public static boolean hasRole(Set<RoleModel> roles, RoleModel targetRole)
- Parameters:
roles
-targetRole
-- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
hasRole
public static boolean hasRole(Stream<RoleModel> roles, RoleModel targetRole)
- Parameters:
roles
-targetRole
-- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
hasRoleFromGroup
public static boolean hasRoleFromGroup(GroupModel group, RoleModel targetRole, boolean checkParentGroup)
Checks whether thetargetRole
is contained in the given group or its parents (if requested)- Parameters:
group
- Group to check role fortargetRole
-checkParentGroup
- Whentrue
, also parent group is recursively checked for role- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
hasRoleFromGroup
public static boolean hasRoleFromGroup(Stream<GroupModel> groups, RoleModel targetRole, boolean checkParentGroup)
Checks whether thetargetRole
is contained in any of thegroups
or their parents (if requested)- Parameters:
groups
-targetRole
-checkParentGroup
- Whentrue
, also parent group is recursively checked for role- Returns:
- true if targetRole is in roles (directly or indirectly via composite role)
-
expandCompositeRoles
public static Set<RoleModel> expandCompositeRoles(Set<RoleModel> roles)
- Parameters:
roles
-- Returns:
- new set with composite roles expanded
-
expandCompositeRolesStream
public static Stream<RoleModel> expandCompositeRolesStream(Stream<RoleModel> roles)
- Parameters:
roles
-- Returns:
- stream with composite roles expanded
-
getDeepUserRoleMappings
public static Set<RoleModel> getDeepUserRoleMappings(UserModel user)
- Parameters:
user
-- Returns:
- all user role mappings including all groups of user. Composite roles will be expanded
-
isRealmRole
public static boolean isRealmRole(RoleModel r)
-
isRealmRole
public static boolean isRealmRole(RoleModel r, RealmModel realm)
-
isClientRole
public static boolean isClientRole(RoleModel r, ClientModel c)
-
-