Package org.keycloak.models.utils

Class RoleUtils

java.lang.Object

org.keycloak.models.utils.RoleUtils

public class RoleUtils
extends Object

Author:

Stian Thorgersen

Constructor Summary

Constructors

Constructor	Description
RoleUtils()

Method Summary

Modifier and Type	Method	Description
static Set<RoleModel>	expandCompositeRoles(Set<RoleModel> roles)
static Stream<RoleModel>	expandCompositeRolesStream(Stream<RoleModel> roles)
static Set<RoleModel>	getDeepUserRoleMappings(UserModel user)
static boolean	hasRole(Set<RoleModel> roles, RoleModel targetRole)
static boolean	hasRole(Stream<RoleModel> roles, RoleModel targetRole)
static boolean	hasRoleFromGroup(Stream<GroupModel> groups, RoleModel targetRole, boolean checkParentGroup)	Checks whether the targetRole is contained in any of the groups or their parents (if requested)
static boolean	hasRoleFromGroup(GroupModel group, RoleModel targetRole, boolean checkParentGroup)	Checks whether the targetRole is contained in the given group or its parents (if requested)
static boolean	isClientRole(RoleModel r, ClientModel c)
static boolean	isDirectMember(Stream<GroupModel> groups, GroupModel targetGroup)
static boolean	isMember(Stream<GroupModel> groups, GroupModel targetGroup)
static boolean	isRealmRole(RoleModel r)
static boolean	isRealmRole(RoleModel r, RealmModel realm)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

RoleUtils

public RoleUtils()

Method Details

isMember

public static boolean isMember(Stream<GroupModel> groups,
 GroupModel targetGroup)

Parameters:

groups -

targetGroup -

Returns:

true if targetGroup is in groups (directly or indirectly via parent child relationship)

isDirectMember

public static boolean isDirectMember(Stream<GroupModel> groups,
 GroupModel targetGroup)

Parameters:

groups -

targetGroup -

Returns:

true if targetGroup is in groups directly

hasRole

public static boolean hasRole(Set<RoleModel> roles,
 RoleModel targetRole)

Parameters:

roles -

targetRole -

Returns:

true if targetRole is in roles (directly or indirectly via composite role)

hasRole

public static boolean hasRole(Stream<RoleModel> roles,
 RoleModel targetRole)

Parameters:

roles -

targetRole -

Returns:

true if targetRole is in roles (directly or indirectly via composite role)

hasRoleFromGroup

public static boolean hasRoleFromGroup(GroupModel group,
 RoleModel targetRole,
 boolean checkParentGroup)

Checks whether the targetRole is contained in the given group or its parents (if requested)

Parameters:

group - Group to check role for

targetRole -

checkParentGroup - When true, also parent group is recursively checked for role

Returns:

true if targetRole is in roles (directly or indirectly via composite role)

hasRoleFromGroup

public static boolean hasRoleFromGroup(Stream<GroupModel> groups,
 RoleModel targetRole,
 boolean checkParentGroup)

Checks whether the targetRole is contained in any of the groups or their parents (if requested)

Parameters:

groups -

targetRole -

checkParentGroup - When true, also parent group is recursively checked for role

Returns:

true if targetRole is in roles (directly or indirectly via composite role)

expandCompositeRoles

public static Set<RoleModel> expandCompositeRoles(Set<RoleModel> roles)

Parameters:

roles -

Returns:

new set with composite roles expanded

expandCompositeRolesStream

public static Stream<RoleModel> expandCompositeRolesStream(Stream<RoleModel> roles)

Parameters:

roles -

Returns:

stream with composite roles expanded

getDeepUserRoleMappings

public static Set<RoleModel> getDeepUserRoleMappings(UserModel user)

Parameters:

user -

Returns:

all user role mappings including all groups of user. Composite roles will be expanded

isRealmRole

public static boolean isRealmRole(RoleModel r)

isRealmRole

public static boolean isRealmRole(RoleModel r,
 RealmModel realm)

isClientRole

public static boolean isClientRole(RoleModel r,
 ClientModel c)