Java Code Examples for org.keycloak.models.utils.KeycloakModelUtils#findGroupByPath()

The following examples show how to use org.keycloak.models.utils.KeycloakModelUtils#findGroupByPath() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: FineGrainAdminUnitTest.java    From keycloak with Apache License 2.0 6 votes vote down vote up
public static void invokeDelete(KeycloakSession session)  {
    RealmModel realm = session.realms().getRealmByName(TEST);
    AdminPermissionManagement management = AdminPermissions.management(session, realm);
    List<Resource> byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
    Assert.assertEquals(5, byResourceServer.size());
    RoleModel removedRole = realm.getRole("removedRole");
    realm.removeRole(removedRole);
    ClientModel client = realm.getClientByClientId("removedClient");
    RoleModel removedClientRole = client.getRole("removedClientRole");
    client.removeRole(removedClientRole);
    GroupModel group = KeycloakModelUtils.findGroupByPath(realm, "removedGroup");
    realm.removeGroup(group);
    byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
    Assert.assertEquals(2, byResourceServer.size());
    realm.removeClient(client.getId());
    byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
    Assert.assertEquals(1, byResourceServer.size());
    management.users().setPermissionsEnabled(false);
    Resource userResource = management.authz().getStoreFactory().getResourceStore().findByName("Users", management.realmResourceServer().getId());
    Assert.assertNull(userResource);
    byResourceServer = management.authz().getStoreFactory().getResourceStore().findByResourceServer(management.realmResourceServer().getId());
    Assert.assertEquals(0, byResourceServer.size());
}
 
Example 2
Source File: SSSDFederationProvider.java    From keycloak with Apache License 2.0 6 votes vote down vote up
protected UserModel importUserToKeycloak(RealmModel realm, String username) {
    Sssd sssd = new Sssd(username);
    User sssdUser = sssd.getUser();
    logger.debugf("Creating SSSD user: %s to local Keycloak storage", username);
    UserModel user = session.userLocalStorage().addUser(realm, username);
    user.setEnabled(true);
    user.setEmail(sssdUser.getEmail());
    user.setFirstName(sssdUser.getFirstName());
    user.setLastName(sssdUser.getLastName());
    for (String s : sssd.getGroups()) {
        GroupModel group = KeycloakModelUtils.findGroupByPath(realm, "/" + s);
        if (group == null) {
            group = session.realms().createGroup(realm, s);
        }
        user.joinGroup(group);
    }
    user.setFederationLink(model.getId());
    return validateAndProxy(realm, user);
}
 
Example 3
Source File: GroupLDAPStorageMapper.java    From keycloak with Apache License 2.0 6 votes vote down vote up
protected GroupModel findKcGroupByLDAPGroup(RealmModel realm, LDAPObject ldapGroup) {
    String groupNameAttr = config.getGroupNameLdapAttribute();
    String groupName = ldapGroup.getAttributeAsString(groupNameAttr);

    if (config.isPreserveGroupsInheritance()) {
        // Override if better effectivity or different algorithm is needed
        List<GroupModel> groups = getAllKcGroups(realm);
        for (GroupModel group : groups) {
            if (group.getName().equals(groupName)) {
                return group;
            }
        }

        return null;
    } else {
        // Without preserved inheritance, it's always at groups path
        return KeycloakModelUtils.findGroupByPath(realm, getKcGroupPathFromLDAPGroupName(groupName));
    }
}
 
Example 4
Source File: GroupLDAPStorageMapperFactory.java    From keycloak with Apache License 2.0 6 votes vote down vote up
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel config) throws ComponentValidationException {
    checkMandatoryConfigAttribute(GroupMapperConfig.GROUPS_DN, "LDAP Groups DN", config);
    checkMandatoryConfigAttribute(GroupMapperConfig.MODE, "Mode", config);

    String mt = config.getConfig().getFirst(CommonLDAPGroupMapperConfig.MEMBERSHIP_ATTRIBUTE_TYPE);
    MembershipType membershipType = mt==null ? MembershipType.DN : Enum.valueOf(MembershipType.class, mt);
    boolean preserveGroupInheritance = Boolean.parseBoolean(config.getConfig().getFirst(GroupMapperConfig.PRESERVE_GROUP_INHERITANCE));
    if (preserveGroupInheritance && membershipType != MembershipType.DN) {
        throw new ComponentValidationException("ldapErrorCantPreserveGroupInheritanceWithUIDMembershipType");
    }

    LDAPUtils.validateCustomLdapFilter(config.getConfig().getFirst(GroupMapperConfig.GROUPS_LDAP_FILTER));

    checkMandatoryConfigAttribute(GroupMapperConfig.LDAP_GROUPS_PATH, "Groups Path", config);
    String group = config.getConfig().getFirst(GroupMapperConfig.LDAP_GROUPS_PATH).trim();
    if (!"/".equals(group) && KeycloakModelUtils.findGroupByPath(realm, group) == null) {
        throw new ComponentValidationException("ldapErrorMissingGroupsPathGroup");
    }
}
 
Example 5
Source File: RealmAdminResource.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@GET
@Path("group-by-path/{path: .*}")
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public GroupRepresentation getGroupByPath(@PathParam("path") String path) {
    GroupModel found = KeycloakModelUtils.findGroupByPath(realm, path);
    if (found == null) {
        throw new NotFoundException("Group path does not exist");

    }
    auth.groups().requireView(found);
    return ModelToRepresentation.toGroupHierarchy(found, true);
}
 
Example 6
Source File: HardcodedLDAPGroupStorageMapper.java    From keycloak with Apache License 2.0 5 votes vote down vote up
private GroupModel getGroup(RealmModel realm) {
    String groupName = mapperModel.getConfig().getFirst(HardcodedLDAPGroupStorageMapper.GROUP);
    GroupModel group = KeycloakModelUtils.findGroupByPath(realm, groupName);
    if (group == null) {
        logger.warnf("Hardcoded group '%s' configured in mapper '%s' is not available anymore");
    }
    return group;
}
 
Example 7
Source File: HardcodedLDAPGroupStorageMapperFactory.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
public void validateConfiguration(KeycloakSession session, RealmModel realm, ComponentModel config) throws ComponentValidationException {
    String groupName = config.getConfig().getFirst(HardcodedLDAPGroupStorageMapper.GROUP);
    if (groupName == null) {
        throw new ComponentValidationException("Group can't be null");
    }
    GroupModel group = KeycloakModelUtils.findGroupByPath(realm, groupName);
    if (group == null) {
        throw new ComponentValidationException("There is no group corresponding to configured value");
    }
}
 
Example 8
Source File: GroupsPartialImport.java    From keycloak with Apache License 2.0 4 votes vote down vote up
private GroupModel findGroupModel(RealmModel realm, GroupRepresentation groupRep) {
    return KeycloakModelUtils.findGroupByPath(realm, groupRep.getPath());
}
 
Example 9
Source File: GroupLDAPStorageMapper.java    From keycloak with Apache License 2.0 4 votes vote down vote up
/**
 * Provides KC group defined as groups path or null (top-level group) if corresponding group is not available.
 */
protected GroupModel getKcGroupsPathGroup(RealmModel realm) {
    return config.isTopLevelGroupsPath() ? null : KeycloakModelUtils.findGroupByPath(realm, config.getGroupsPath());
}
 
Example 10
Source File: RequireGroupAuthenticator.java    From keycloak-extension-playground with Apache License 2.0 3 votes vote down vote up
private boolean isMemberOfGroup(RealmModel realm, UserModel user, String groupPath) {

        if (groupPath == null) {
            return false;
        }

        GroupModel group = KeycloakModelUtils.findGroupByPath(realm, groupPath);

        return user.isMemberOf(group);
    }