Class RolePolicyProvider
java.lang.Object
org.keycloak.authorization.policy.provider.role.RolePolicyProvider
- All Implemented Interfaces:
PartialEvaluationPolicyProvider,PolicyProvider,Provider
public class RolePolicyProvider
extends Object
implements PolicyProvider, PartialEvaluationPolicyProvider
- Author:
- Pedro Igor
-
Constructor Summary
ConstructorsConstructorDescriptionRolePolicyProvider(BiFunction<Policy, AuthorizationProvider, RolePolicyRepresentation> representationFunction) -
Method Summary
Modifier and TypeMethodDescriptionvoidclose()voidevaluate(Evaluation evaluation) booleanevaluate(KeycloakSession session, Policy policy, UserModel adminUser) Evaluate if the givenpolicygrants access to the givensubject.getPermissions(KeycloakSession session, ResourceType resourceType, UserModel subject) Returns a list ofPolicyinstances representing the permissions that apply to a givensubjectwhen partially evaluating the realm resources that can be accessed.booleanIf partial evaluation is supported for the givenpolicy.
-
Constructor Details
-
RolePolicyProvider
public RolePolicyProvider(BiFunction<Policy, AuthorizationProvider, RolePolicyRepresentation> representationFunction)
-
-
Method Details
-
evaluate
- Specified by:
evaluatein interfacePolicyProvider
-
close
public void close() -
getPermissions
public Stream<Policy> getPermissions(KeycloakSession session, ResourceType resourceType, UserModel subject) Description copied from interface:PartialEvaluationPolicyProviderReturns a list ofPolicyinstances representing the permissions that apply to a givensubjectwhen partially evaluating the realm resources that can be accessed.- Specified by:
getPermissionsin interfacePartialEvaluationPolicyProvider- Parameters:
session- the sessionresourceType- the type of the resourcesubject- the subject- Returns:
- the permissions that apply to the given
subject
-
evaluate
Description copied from interface:PartialEvaluationPolicyProviderEvaluate if the givenpolicygrants access to the givensubject.- Specified by:
evaluatein interfacePartialEvaluationPolicyProvider- Parameters:
session- the sessionpolicy- the policyadminUser- the subject- Returns:
trueif access is granted. Otherwise, returnsfalse
-
supports
Description copied from interface:PartialEvaluationPolicyProviderIf partial evaluation is supported for the givenpolicy.- Specified by:
supportsin interfacePartialEvaluationPolicyProvider- Parameters:
policy- the policy- Returns:
trueif supported. Otherwise, returnsfalse
-