org.keycloak.authorization.admin.PermissionService の継承関係図

org.keycloak.authorization.admin.PermissionService 連携図

公開メンバ関数
	PermissionService (ResourceServer resourceServer, AuthorizationProvider authorization, AdminPermissionEvaluator auth, AdminEventBuilder adminEvent)

Object	getResource (@PathParam("type") String type)

Response	create (String payload)

Policy	create (AbstractPolicyRepresentation representation)

Response	findByName (@QueryParam("name") String name)

Response	findAll (@QueryParam("policyId") String id, @QueryParam("name") String name, @QueryParam("type") String type, @QueryParam("resource") String resource, @QueryParam("scope") String scope, @QueryParam("permission") Boolean permission, @QueryParam("owner") String owner, @QueryParam("first") Integer firstResult, @QueryParam("max") Integer maxResult)

Response	findPolicyProviders ()

PolicyEvaluationService	getPolicyEvaluateResource ()

限定公開メンバ関数
PolicyResourceService	doCreatePolicyResource (Policy policy)

PolicyTypeService	doCreatePolicyTypeResource (String type)

List< Object >	doSearch (Integer firstResult, Integer maxResult, Map< String, String[]> filters)

AbstractPolicyRepresentation	toRepresentation (Policy policy, AuthorizationProvider authorization)

AbstractPolicyRepresentation	doCreateRepresentation (String payload)

PolicyProviderAdminService	getPolicyProviderAdminResource (String policyType)

PolicyProviderFactory	getPolicyProviderFactory (String policyType)

限定公開変数類
final ResourceServer	resourceServer

final AuthorizationProvider	authorization

final AdminPermissionEvaluator	auth

final AdminEventBuilder	adminEvent

詳解

著者: Pedro Igor

構築子と解体子

◆ PermissionService()

org.keycloak.authorization.admin.PermissionService.PermissionService	(	ResourceServer	resourceServer,
		AuthorizationProvider	authorization,
		AdminPermissionEvaluator	auth,
		AdminEventBuilder	adminEvent
	)

inline

                                                                                                                                                               {
         super(resourceServer, authorization, auth, adminEvent);
     }

関数詳解

◆ create() [1/2]

Response org.keycloak.authorization.admin.PolicyService.create ( String payload )

inlineinherited

                                            {
         if (auth != null) {
             this.auth.realm().requireManageAuthorization();
         }
 
         AbstractPolicyRepresentation representation = doCreateRepresentation(payload);
         Policy policy = create(representation);
 
         representation.setId(policy.getId());
 
         audit(representation, representation.getId(), OperationType.CREATE);
 
         return Response.status(Status.CREATED).entity(representation).build();
     }

◆ create() [2/2]

Policy org.keycloak.authorization.admin.PolicyService.create ( AbstractPolicyRepresentation representation )

inlineinherited

                                                                       {
         PolicyStore policyStore = authorization.getStoreFactory().getPolicyStore();
         Policy existing = policyStore.findByName(representation.getName(), resourceServer.getId());
 
         if (existing != null) {
             throw new ErrorResponseException("Policy with name [" + representation.getName() + "] already exists", "Conflicting policy", Status.CONFLICT);
         }
 
         return policyStore.create(representation, resourceServer);
     }

◆ doCreatePolicyResource()

PolicyResourceService org.keycloak.authorization.admin.PermissionService.doCreatePolicyResource ( Policy policy )

inlineprotected

                                                                           {
         return new PolicyTypeResourceService(policy, resourceServer, authorization, auth, adminEvent);
     }

◆ doCreatePolicyTypeResource()

PolicyTypeService org.keycloak.authorization.admin.PermissionService.doCreatePolicyTypeResource ( String type )

inlineprotected

                                                                         {
         return new PolicyTypeService(type, resourceServer, authorization, auth, adminEvent) {
             @Override
             protected List<Object> doSearch(Integer firstResult, Integer maxResult, Map<String, String[]> filters) {
                 filters.put("permission", new String[] {Boolean.TRUE.toString()});
                 filters.put("type", new String[] {type});
                 return super.doSearch(firstResult, maxResult, filters);
             }
         };
     }

◆ doCreateRepresentation()

AbstractPolicyRepresentation org.keycloak.authorization.admin.PolicyService.doCreateRepresentation ( String payload )

inlineprotectedinherited

                                                                                   {
         PolicyRepresentation representation;
 
         try {
             representation = JsonSerialization.readValue(payload, PolicyRepresentation.class);
         } catch (IOException cause) {
             throw new RuntimeException("Failed to deserialize representation", cause);
         }
 
         return representation;
     }

◆ doSearch()

List<Object> org.keycloak.authorization.admin.PermissionService.doSearch	(	Integer	firstResult,
		Integer	maxResult,
		Map< String, String[]>	filters
	)

inlineprotected

                                                                                                            {
         filters.put("permission", new String[] {Boolean.TRUE.toString()});
         return super.doSearch(firstResult, maxResult, filters);
     }

◆ findAll()

Response org.keycloak.authorization.admin.PolicyService.findAll	(	@QueryParam("policyId") String	id,
		@QueryParam("name") String	name,
		@QueryParam("type") String	type,
		@QueryParam("resource") String	resource,
		@QueryParam("scope") String	scope,
		@QueryParam("permission") Boolean	permission,
		@QueryParam("owner") String	owner,
		@QueryParam("first") Integer	firstResult,
		@QueryParam("max") Integer	maxResult
	)

inlineinherited

                                                                   {
         if (auth != null) {
             this.auth.realm().requireViewAuthorization();
         }
 
         Map<String, String[]> search = new HashMap<>();
 
         if (id != null && !"".equals(id.trim())) {
             search.put("id", new String[] {id});
         }
 
         if (name != null && !"".equals(name.trim())) {
             search.put("name", new String[] {name});
         }
 
         if (type != null && !"".equals(type.trim())) {
             search.put("type", new String[] {type});
         }
 
         if (owner != null && !"".equals(owner.trim())) {
             search.put("owner", new String[] {owner});
         }
 
         StoreFactory storeFactory = authorization.getStoreFactory();
 
         if (resource != null && !"".equals(resource.trim())) {
             ResourceStore resourceStore = storeFactory.getResourceStore();
             Resource resourceModel = resourceStore.findById(resource, resourceServer.getId());
 
             if (resourceModel == null) {
                 Map<String, String[]> resourceFilters = new HashMap<>();
 
                 resourceFilters.put("name", new String[]{resource});
 
                 if (owner != null) {
                     resourceFilters.put("owner", new String[]{owner});
                 }
 
                 Set<String> resources = resourceStore.findByResourceServer(resourceFilters, resourceServer.getId(), -1, 1).stream().map(Resource::getId).collect(Collectors.toSet());
 
                 if (resources.isEmpty()) {
                     return Response.ok().build();
                 }
 
                 search.put("resource", resources.toArray(new String[resources.size()]));
             } else {
                 search.put("resource", new String[] {resourceModel.getId()});
             }
         }
 
         if (scope != null && !"".equals(scope.trim())) {
             ScopeStore scopeStore = storeFactory.getScopeStore();
             Scope scopeModel = scopeStore.findById(scope, resourceServer.getId());
 
             if (scopeModel == null) {
                 Map<String, String[]> scopeFilters = new HashMap<>();
 
                 scopeFilters.put("name", new String[]{scope});
 
                 Set<String> scopes = scopeStore.findByResourceServer(scopeFilters, resourceServer.getId(), -1, 1).stream().map(Scope::getId).collect(Collectors.toSet());
 
                 if (scopes.isEmpty()) {
                     return Response.ok().build();
                 }
 
                 search.put("scope", scopes.toArray(new String[scopes.size()]));
             } else {
                 search.put("scope", new String[] {scopeModel.getId()});
             }
         }
 
         if (permission != null) {
             search.put("permission", new String[] {permission.toString()});
         }
 
         return Response.ok(
                 doSearch(firstResult, maxResult, search))
                 .build();
     }

◆ findByName()

Response org.keycloak.authorization.admin.PolicyService.findByName ( @QueryParam("name") String name )

inlineinherited

                                                                 {
         if (auth != null) {
             this.auth.realm().requireViewAuthorization();
         }
 
         StoreFactory storeFactory = authorization.getStoreFactory();
 
         if (name == null) {
             return Response.status(Status.BAD_REQUEST).build();
         }
 
         Policy model = storeFactory.getPolicyStore().findByName(name, this.resourceServer.getId());
 
         if (model == null) {
             return Response.status(Status.OK).build();
         }
 
         return Response.ok(toRepresentation(model, authorization)).build();
     }

◆ findPolicyProviders()

Response org.keycloak.authorization.admin.PolicyService.findPolicyProviders ( )

inlineinherited

                                           {
         if (auth != null) {
             this.auth.realm().requireViewAuthorization();
         }
 
         return Response.ok(
                 authorization.getProviderFactories().stream()
                         .filter(factory -> !factory.isInternal())
                         .map(factory -> {
                             PolicyProviderRepresentation representation = new PolicyProviderRepresentation();
 
                             representation.setName(factory.getName());
                             representation.setGroup(factory.getGroup());
                             representation.setType(factory.getId());
 
                             return representation;
                         })
                         .collect(Collectors.toList()))
                 .build();
     }

◆ getPolicyEvaluateResource()

PolicyEvaluationService org.keycloak.authorization.admin.PolicyService.getPolicyEvaluateResource ( )

inlineinherited

                                                                {
         if (auth != null) {
             this.auth.realm().requireViewAuthorization();
         }
 
         PolicyEvaluationService resource = new PolicyEvaluationService(this.resourceServer, this.authorization, this.auth);
 
         ResteasyProviderFactory.getInstance().injectProperties(resource);
 
         return resource;
     }

◆ getPolicyProviderAdminResource()

PolicyProviderAdminService org.keycloak.authorization.admin.PolicyService.getPolicyProviderAdminResource ( String policyType )

inlineprotectedinherited

                                                                                            {
         return getPolicyProviderFactory(policyType).getAdminResource(resourceServer, authorization);
     }

◆ getPolicyProviderFactory()

PolicyProviderFactory org.keycloak.authorization.admin.PolicyService.getPolicyProviderFactory ( String policyType )

inlineprotectedinherited

                                                                                 {
         return authorization.getProviderFactory(policyType);
     }

◆ getResource()

Object org.keycloak.authorization.admin.PolicyService.getResource ( @PathParam("type") String type )

inlineinherited

                                                               {
         PolicyProviderFactory providerFactory = getPolicyProviderFactory(type);
 
         if (providerFactory != null) {
             return doCreatePolicyTypeResource(type);
         }
 
         Policy policy = authorization.getStoreFactory().getPolicyStore().findById(type, resourceServer.getId());
 
         return doCreatePolicyResource(policy);
     }

◆ toRepresentation()

AbstractPolicyRepresentation org.keycloak.authorization.admin.PermissionService.toRepresentation	(	Policy	policy,
		AuthorizationProvider	authorization
	)

inlineprotected

                                                                                                                 {
         return ModelToRepresentation.toRepresentation(policy, authorization, false, false);
     }

メンバ詳解

◆ adminEvent

final AdminEventBuilder org.keycloak.authorization.admin.PolicyService.adminEvent

protectedinherited

◆ auth

final AdminPermissionEvaluator org.keycloak.authorization.admin.PolicyService.auth

protectedinherited

◆ authorization

final AuthorizationProvider org.keycloak.authorization.admin.PolicyService.authorization

protectedinherited

◆ resourceServer

final ResourceServer org.keycloak.authorization.admin.PolicyService.resourceServer

protectedinherited

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/authorization/admin/PermissionService.java

公開メンバ関数

限定公開メンバ関数

限定公開変数類

詳解

構築子と解体子

◆ PermissionService()

関数詳解

◆ create() [1/2]

◆ create() [2/2]

◆ doCreatePolicyResource()

◆ doCreatePolicyTypeResource()

◆ doCreateRepresentation()

◆ doSearch()

◆ findAll()

◆ findByName()

◆ findPolicyProviders()

◆ getPolicyEvaluateResource()

◆ getPolicyProviderAdminResource()

◆ getPolicyProviderFactory()

◆ getResource()

◆ toRepresentation()

メンバ詳解

◆ adminEvent

◆ auth

◆ authorization

◆ resourceServer