Class RoleContainerResource
- java.lang.Object
-
- org.keycloak.services.resources.admin.RoleResource
-
- org.keycloak.services.resources.admin.RoleContainerResource
-
public class RoleContainerResource extends RoleResource
- Version:
- $Revision: 1 $
- Author:
- Bill Burke
-
-
Field Summary
Fields Modifier and Type Field Description protected AdminPermissionEvaluator
auth
protected RoleContainerModel
roleContainer
-
Constructor Summary
Constructors Constructor Description RoleContainerResource(KeycloakSession session, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, AdminPermissionEvaluator auth, RoleContainerModel roleContainer, AdminEventBuilder adminEvent)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addComposites(String roleName, List<RoleRepresentation> roles)
Add a composite to the rolejavax.ws.rs.core.Response
createRole(RoleRepresentation rep)
Create a new role for the realm or clientvoid
deleteComposites(String roleName, List<RoleRepresentation> roles)
Remove roles from the role's compositevoid
deleteRole(String roleName)
Delete a role by nameStream<RoleRepresentation>
getClientRoleComposites(String roleName, String clientUuid)
Get client-level roles for the client that are in the role's compositeStream<GroupRepresentation>
getGroupsInRole(String roleName, Integer firstResult, Integer maxResults, boolean briefRepresentation)
Returns a stream of groups that have the specified role nameManagementPermissionReference
getManagementPermissions(String roleName)
Return object stating whether role Authorization permissions have been initialized or not and a referenceStream<RoleRepresentation>
getRealmRoleComposites(String roleName)
Get realm-level roles of the role's compositeRoleRepresentation
getRole(String roleName)
Get a role by nameStream<RoleRepresentation>
getRoleComposites(String roleName)
Get composites of the roleStream<RoleRepresentation>
getRoles(String search, Integer firstResult, Integer maxResults, boolean briefRepresentation)
Get all roles for the realm or clientStream<UserRepresentation>
getUsersInRole(String roleName, Integer firstResult, Integer maxResults)
Returns a stream of users that have the specified role name.ManagementPermissionReference
setManagementPermissionsEnabled(String roleName, ManagementPermissionReference ref)
Return object stating whether role Authorization permissions have been initialized or not and a referencejavax.ws.rs.core.Response
updateRole(String roleName, RoleRepresentation rep)
Update a role by name-
Methods inherited from class org.keycloak.services.resources.admin.RoleResource
addComposites, deleteComposites, deleteRole, getClientRoleComposites, getRealmRoleComposites, getRole, updateRole
-
-
-
-
Field Detail
-
auth
protected AdminPermissionEvaluator auth
-
roleContainer
protected RoleContainerModel roleContainer
-
-
Constructor Detail
-
RoleContainerResource
public RoleContainerResource(KeycloakSession session, javax.ws.rs.core.UriInfo uriInfo, RealmModel realm, AdminPermissionEvaluator auth, RoleContainerModel roleContainer, AdminEventBuilder adminEvent)
-
-
Method Detail
-
getRoles
@GET @Produces("application/json") public Stream<RoleRepresentation> getRoles(@QueryParam("search") @DefaultValue("") String search, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults, @QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation)
Get all roles for the realm or client- Returns:
-
createRole
@POST @Consumes("application/json") public javax.ws.rs.core.Response createRole(RoleRepresentation rep)
Create a new role for the realm or client- Parameters:
rep
-- Returns:
-
getRole
@Path("{role-name}") @GET @Produces("application/json") public RoleRepresentation getRole(@PathParam("role-name") String roleName)
Get a role by name- Parameters:
roleName
- role's name (not id!)- Returns:
-
deleteRole
@Path("{role-name}") @DELETE public void deleteRole(@PathParam("role-name") String roleName)
Delete a role by name- Parameters:
roleName
- role's name (not id!)
-
updateRole
@Path("{role-name}") @PUT @Consumes("application/json") public javax.ws.rs.core.Response updateRole(@PathParam("role-name") String roleName, RoleRepresentation rep)
Update a role by name- Parameters:
roleName
- role's name (not id!)rep
-- Returns:
-
addComposites
@Path("{role-name}/composites") @POST @Consumes("application/json") public void addComposites(@PathParam("role-name") String roleName, List<RoleRepresentation> roles)
Add a composite to the role- Parameters:
roleName
- role's name (not id!)roles
-
-
getRoleComposites
@Path("{role-name}/composites") @GET @Produces("application/json") public Stream<RoleRepresentation> getRoleComposites(@PathParam("role-name") String roleName)
Get composites of the role- Parameters:
roleName
- role's name (not id!)- Returns:
-
getRealmRoleComposites
@Path("{role-name}/composites/realm") @GET @Produces("application/json") public Stream<RoleRepresentation> getRealmRoleComposites(@PathParam("role-name") String roleName)
Get realm-level roles of the role's composite- Parameters:
roleName
- role's name (not id!)- Returns:
-
getClientRoleComposites
@Path("{role-name}/composites/clients/{clientUuid}") @GET @Produces("application/json") public Stream<RoleRepresentation> getClientRoleComposites(@PathParam("role-name") String roleName, @PathParam("clientUuid") String clientUuid)
Get client-level roles for the client that are in the role's composite- Parameters:
roleName
- role's name (not id!)clientUuid
-- Returns:
-
deleteComposites
@Path("{role-name}/composites") @DELETE @Consumes("application/json") public void deleteComposites(@PathParam("role-name") String roleName, List<RoleRepresentation> roles)
Remove roles from the role's composite- Parameters:
roleName
- role's name (not id!)roles
- roles to remove
-
getManagementPermissions
@Path("{role-name}/management/permissions") @GET @Produces("application/json") public ManagementPermissionReference getManagementPermissions(@PathParam("role-name") String roleName)
Return object stating whether role Authorization permissions have been initialized or not and a reference- Parameters:
roleName
-- Returns:
-
setManagementPermissionsEnabled
@Path("{role-name}/management/permissions") @PUT @Produces("application/json") @Consumes("application/json") public ManagementPermissionReference setManagementPermissionsEnabled(@PathParam("role-name") String roleName, ManagementPermissionReference ref)
Return object stating whether role Authorization permissions have been initialized or not and a reference- Parameters:
roleName
-- Returns:
- initialized manage permissions reference
-
getUsersInRole
@Path("{role-name}/users") @GET @Produces("application/json") public Stream<UserRepresentation> getUsersInRole(@PathParam("role-name") String roleName, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults)
Returns a stream of users that have the specified role name.- Parameters:
roleName
- the role name.firstResult
- first result to return. Ignored if negative ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.- Returns:
- a non-empty
Stream
of users.
-
getGroupsInRole
@Path("{role-name}/groups") @GET @Produces("application/json") public Stream<GroupRepresentation> getGroupsInRole(@PathParam("role-name") String roleName, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResults, @QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation)
Returns a stream of groups that have the specified role name- Parameters:
roleName
- the role name.firstResult
- first result to return. Ignored if negative ornull
.maxResults
- maximum number of results to return. Ignored if negative ornull
.briefRepresentation
- if false, return a full representation of theGroupRepresentation
objects.- Returns:
- a non-empty
Stream
of groups.
-
-