Java Code Examples for org.keycloak.models.utils.KeycloakModelUtils#findGroupByPath()
The following examples show how to use
org.keycloak.models.utils.KeycloakModelUtils#findGroupByPath() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: FineGrainAdminUnitTest.java From keycloak with Apache License 2.0 | 6 votes |
|
public static void invokeDelete(KeycloakSession session) {
RealmModel realm = session.realms().getRealmByName(TEST);
AdminPermissionManagement management = AdminPermissions.management(session, realm);
List<Resource> byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
Assert.assertEquals(5, byResourceServer.size());
RoleModel removedRole = realm.getRole("removedRole");
realm.removeRole(removedRole);
ClientModel client = realm.getClientByClientId("removedClient");
RoleModel removedClientRole = client.getRole("removedClientRole");
client.removeRole(removedClientRole);
GroupModel group = KeycloakModelUtils.findGroupByPath(realm, "removedGroup");
realm.removeGroup(group);
byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
Assert.assertEquals(2, byResourceServer.size());
realm.removeClient(client.getId());
byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
Assert.assertEquals(1, byResourceServer.size());
management.users().setPermissionsEnabled(false);
Resource userResource = management.authz().getStoreFactory().getResourceStore().findByName("Users", management.realmResourceServer().getId());
Assert.assertNull(userResource);
byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
Assert.assertEquals(0, byResourceServer.size());
}
Example 2
| Source File: SSSDFederationProvider.java From keycloak with Apache License 2.0 | 6 votes |
|
protected UserModel importUserToKeycloak(RealmModel realm, String username) {
Sssd sssd = new Sssd(username);
User sssdUser = sssd.getUser();
logger.debugf("Creating SSSD user: %s to local Keycloak storage", username);
UserModel user = session.userLocalStorage().addUser(realm, username);
user.setEnabled(true);
user.setEmail(sssdUser.getEmail());
user.setFirstName(sssdUser.getFirstName());
user.setLastName(sssdUser.getLastName());
for (String s : sssd.getGroups()) {
GroupModel group = KeycloakModelUtils.findGroupByPath(realm, "/" + s);
if (group == null) {
group = session.realms().createGroup(realm, s);
}
user.joinGroup(group);
}
user.setFederationLink(model.getId());
return validateAndProxy(realm, user);
}
Example 3
| Source File: GroupLDAPStorageMapper.java From keycloak with Apache License 2.0 | 6 votes |
|
protected GroupModel findKcGroupByLDAPGroup(RealmModel realm, LDAPObject ldapGroup) {
String groupNameAttr = config.getGroupNameLdapAttribute();
String groupName = ldapGroup.getAttributeAsString(groupNameAttr);
if (config.isPreserveGroupsInheritance()) {
// Override if better effectivity or different algorithm is needed
List<GroupModel> groups = getAllKcGroups(realm);
for (GroupModel group : groups) {
if (group.getName().equals(groupName)) {
return group;
}
}
return null;
} else {
// Without preserved inheritance, it's always at groups path
return KeycloakModelUtils.findGroupByPath(realm, getKcGroupPathFromLDAPGroupName(groupName));
}
}
Example 4
| Source File: GroupLDAPStorageMapperFactory.java From keycloak with Apache License 2.0 | 6 votes |
|
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel config) throws ComponentValidationException {
checkMandatoryConfigAttribute(GroupMapperConfig.GROUPS_DN, "LDAP Groups DN", config);
checkMandatoryConfigAttribute(GroupMapperConfig.MODE, "Mode", config);
String mt = config.getConfig().getFirst(CommonLDAPGroupMapperConfig.MEMBERSHIP_ATTRIBUTE_TYPE);
MembershipType membershipType = mt==null ? MembershipType.DN : Enum.valueOf(MembershipType.class, mt);
boolean preserveGroupInheritance = Boolean.parseBoolean(config.getConfig().getFirst(GroupMapperConfig.PRESERVE_GROUP_INHERITANCE));
if (preserveGroupInheritance && membershipType != MembershipType.DN) {
throw new ComponentValidationException("ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType");
}
LDAPUtils.validateCustomLdapFilter(config.getConfig().getFirst(GroupMapperConfig.GROUPS_LDAP_FILTER));
checkMandatoryConfigAttribute(GroupMapperConfig.LDAP_GROUPS_PATH, "Groups Path", config);
String group = config.getConfig().getFirst(GroupMapperConfig.LDAP_GROUPS_PATH).trim();
if (!"/".equals(group) && KeycloakModelUtils.findGroupByPath(realm, group) == null) {
throw new ComponentValidationException("ldapErrorMissingGroupsPathGroup");
}
}
Example 5
| Source File: RealmAdminResource.java From keycloak with Apache License 2.0 | 5 votes |
|
@GET
@Path("group-by-path/{path: .*}")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public GroupRepresentation getGroupByPath(@PathParam("path") String path) {
GroupModel found = KeycloakModelUtils.findGroupByPath(realm, path);
if (found == null) {
throw new NotFoundException("Group path does not exist");
}
auth.groups().requireView(found);
return ModelToRepresentation.toGroupHierarchy(found, true);
}
Example 6
| Source File: HardcodedLDAPGroupStorageMapper.java From keycloak with Apache License 2.0 | 5 votes |
|
private GroupModel getGroup(RealmModel realm) {
String groupName = mapperModel.getConfig().getFirst(HardcodedLDAPGroupStorageMapper.GROUP);
GroupModel group = KeycloakModelUtils.findGroupByPath(realm, groupName);
if (group == null) {
logger.warnf("Hardcoded group '%s' configured in mapper '%s' is not available anymore");
}
return group;
}
Example 7
| Source File: HardcodedLDAPGroupStorageMapperFactory.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel config) throws ComponentValidationException {
String groupName = config.getConfig().getFirst(HardcodedLDAPGroupStorageMapper.GROUP);
if (groupName == null) {
throw new ComponentValidationException("Group can't be null");
}
GroupModel group = KeycloakModelUtils.findGroupByPath(realm, groupName);
if (group == null) {
throw new ComponentValidationException("There is no group corresponding to configured value");
}
}
Example 8
| Source File: GroupsPartialImport.java From keycloak with Apache License 2.0 | 4 votes |
|
private GroupModel findGroupModel(RealmModel realm, GroupRepresentation groupRep) {
return KeycloakModelUtils.findGroupByPath(realm, groupRep.getPath());
}
Example 9
| Source File: GroupLDAPStorageMapper.java From keycloak with Apache License 2.0 | 4 votes |
|
/**
* Provides KC group defined as groups path or null (top-level group) if corresponding group is not available.
*/
protected GroupModel getKcGroupsPathGroup(RealmModel realm) {
return config.isTopLevelGroupsPath() ? null : KeycloakModelUtils.findGroupByPath(realm, config.getGroupsPath());
}
Example 10
| Source File: RequireGroupAuthenticator.java From keycloak-extension-playground with Apache License 2.0 | 3 votes |
|
private boolean isMemberOfGroup(RealmModel realm, UserModel user, String groupPath) {
if (groupPath == null) {
return false;
}
GroupModel group = KeycloakModelUtils.findGroupByPath(realm, groupPath);
return user.isMemberOf(group);
}
