Package org.keycloak.services.resources.admin

Class ClientRoleMappingsResource

java.lang.Object

org.keycloak.services.resources.admin.ClientRoleMappingsResource

public class ClientRoleMappingsResource
extends Object

Version:

$Revision: 1 $

Author:

Bill Burke

Field Summary

Fields

Modifier and Type	Field	Description
protected AdminEventBuilder	adminEvent
protected AdminPermissionEvaluator	auth
protected ClientModel	client
protected static final org.jboss.logging.Logger	logger
protected AdminPermissionEvaluator.RequirePermissionCheck	managePermission
protected RealmModel	realm
protected KeycloakSession	session
protected RoleMapperModel	user
protected AdminPermissionEvaluator.RequirePermissionCheck	viewPermission

Constructor Summary

Constructors

Constructor	Description
ClientRoleMappingsResource(jakarta.ws.rs.core.UriInfo uriInfo, KeycloakSession session, RealmModel realm, AdminPermissionEvaluator auth, RoleMapperModel user, ClientModel client, AdminEventBuilder adminEvent, AdminPermissionEvaluator.RequirePermissionCheck manageCheck, AdminPermissionEvaluator.RequirePermissionCheck viewCheck)

Method Summary

Modifier and Type	Method	Description
void	addClientRoleMapping(List<RoleRepresentation> roles)	Add client-level roles to the user role mapping
void	deleteClientRoleMapping(List<RoleRepresentation> roles)	Delete client-level roles from user role mapping
Stream<RoleRepresentation>	getAvailableClientRoleMappings()	Get available client-level roles that can be mapped to the user
Stream<RoleRepresentation>	getClientRoleMappings()	Get client-level role mappings for the user, and the app
Stream<RoleRepresentation>	getCompositeClientRoleMappings(boolean briefRepresentation)	Get effective client-level role mappings This recurses any composite roles

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

protected static final org.jboss.logging.Logger logger

session

protected KeycloakSession session

realm

protected RealmModel realm

auth

protected AdminPermissionEvaluator auth

user

protected RoleMapperModel user

client

protected ClientModel client

adminEvent

protected AdminEventBuilder adminEvent

managePermission

protected AdminPermissionEvaluator.RequirePermissionCheck managePermission

viewPermission

protected AdminPermissionEvaluator.RequirePermissionCheck viewPermission

Constructor Details

ClientRoleMappingsResource

public ClientRoleMappingsResource(jakarta.ws.rs.core.UriInfo uriInfo,
 KeycloakSession session,
 RealmModel realm,
 AdminPermissionEvaluator auth,
 RoleMapperModel user,
 ClientModel client,
 AdminEventBuilder adminEvent,
 AdminPermissionEvaluator.RequirePermissionCheck manageCheck,
 AdminPermissionEvaluator.RequirePermissionCheck viewCheck)

Method Details

getClientRoleMappings

@GET
@Produces("application/json")
public Stream<RoleRepresentation> getClientRoleMappings()

Get client-level role mappings for the user, and the app

Returns:

getCompositeClientRoleMappings

@Path("composite")
@GET
@Produces("application/json")
public Stream<RoleRepresentation> getCompositeClientRoleMappings(@QueryParam("briefRepresentation") @DefaultValue("true")
 boolean briefRepresentation)

Get effective client-level role mappings This recurses any composite roles

Parameters:

briefRepresentation - if false, return roles with their attributes

Returns:

getAvailableClientRoleMappings

@Path("available")
@GET
@Produces("application/json")
public Stream<RoleRepresentation> getAvailableClientRoleMappings()

Get available client-level roles that can be mapped to the user

Returns:

addClientRoleMapping

@POST
@Consumes("application/json")
public void addClientRoleMapping(List<RoleRepresentation> roles)

Add client-level roles to the user role mapping

Parameters:

roles -

deleteClientRoleMapping

@DELETE
@Consumes("application/json")
public void deleteClientRoleMapping(List<RoleRepresentation> roles)

Delete client-level roles from user role mapping

Parameters:

roles -