Package org.keycloak.authorization.store

Interface PermissionTicketStore

All Known Implementing Classes:
JPAPermissionTicketStore, StoreFactoryCacheSession.PermissionTicketCache
public interface PermissionTicketStore
A PermissionTicketStore is responsible to manage the persistence of PermissionTicket instances.
Author:
Pedro Igor

  • Method Details

    • count

      long count(ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes)
      Returns count of PermissionTicket, filtered by the given attributes.
      Parameters:
      resourceServer - the resource server.
      attributes - permission tickets that do not match the attributes are not included with the count; possible filter options are given by PermissionTicket.FilterOption
      Returns:
      an integer indicating the amount of permission tickets
      Throws:
      IllegalArgumentException - when there is an unknown attribute in the attributes map

    • create

      PermissionTicket create(ResourceServer resourceServer, Resource resource, Scope scope, String requester)
      Creates a new PermissionTicket instance.
      Parameters:
      resourceServer - the resource server to which this permission ticket belongs. Cannot be null.
      resource - resource. Cannot be null.
      scope - scope.
      requester - requester of the permission
      Returns:
      a new instance of PermissionTicket

    • delete

      void delete(String id)
      Deletes a permission from the underlying persistence mechanism.
      Parameters:
      id - the id of the policy to delete

    • findById

      PermissionTicket findById(ResourceServer resourceServer, String id)
      Returns a PermissionTicket with the given id
      Parameters:
      resourceServer - the resource server. Ignored if null.
      id - the identifier of the permission
      Returns:
      a permission with the given identifier.

    • findByResource

      List<PermissionTicket> findByResource(ResourceServer resourceServer, Resource resource)
      Returns a list of PermissionTicket associated with the resource.
      Parameters:
      resourceServer - the resource server. Cannot be null.
      resource - the resource. Cannot be null
      Returns:
      a list of permissions associated with the given resource

    • findByScope

      List<PermissionTicket> findByScope(ResourceServer resourceServer, Scope scope)
      Returns a list of PermissionTicket associated with the scope.
      Parameters:
      resourceServer - the resource server. Cannot be null.
      scope - the scope. Cannot be null.
      Returns:
      a list of permissions associated with the given scopes

    • find

      List<PermissionTicket> find(ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes, Integer firstResult, Integer maxResults)
      Returns a list of PermissionTicket, filtered by the given attributes.
      Parameters:
      resourceServer - a resource server that resulting tickets should belong to. Ignored if null.
      attributes - a map of keys and values to filter on; possible filter options are given by PermissionTicket.FilterOption
      firstResult - first result to return. Ignored if negative or null.
      maxResults - maximum number of results to return. Ignored if negative or null.
      Returns:
      a list of filtered and paginated permissions
      Throws:
      IllegalArgumentException - when there is an unknown attribute in the attributes map

    • findGranted

      List<PermissionTicket> findGranted(ResourceServer resourceServer, String userId)
      Returns a list of PermissionTicket granted to the given userId.
      Parameters:
      resourceServer - the resource server. Cannot be null
      userId - the user id
      Returns:
      a list of permissions granted for a particular user

    • findGranted

      List<PermissionTicket> findGranted(ResourceServer resourceServer, String resourceName, String userId)
      Returns a list of PermissionTicket with name equal to resourceName granted to the given userId.
      Parameters:
      resourceServer - the resource server. Cannot be null.
      resourceName - the name of a resource
      userId - the user id
      Returns:
      a list of permissions granted for a particular user TODO: investigate a way how to replace resourceName with Resource class

    • findGrantedResources

      List<Resource> findGrantedResources(String requester, String name, Integer firstResult, Integer maxResults)
      Returns a list of Resource granted to the given requester
      Parameters:
      requester - the requester
      name - the keyword to query resources by name or null if any resource
      firstResult - first result to return. Ignored if negative or null.
      maxResults - maximum number of results to return. Ignored if negative or null.
      Returns:
      a list of Resource granted to the given requester

    • findGrantedOwnerResources

      List<Resource> findGrantedOwnerResources(String owner, Integer firstResult, Integer maxResults)
      Returns a list of Resource granted by the owner to other users
      Parameters:
      owner - the owner
      firstResult - first result to return. Ignored if negative or null.
      maxResults - maximum number of results to return. Ignored if negative or null.
      Returns:
      a list of Resource granted by the owner