org.keycloak.services.resources.admin.permissions.GroupPermissions の継承関係図

org.keycloak.services.resources.admin.permissions.GroupPermissions 連携図

公開メンバ関数
	GroupPermissions (KeycloakSession session, RealmModel realm, AuthorizationProvider authz, MgmtPermissions root)

boolean	canList ()

void	requireList ()

boolean	isPermissionsEnabled (GroupModel group)

void	setPermissionsEnabled (GroupModel group, boolean enable)

Policy	viewMembersPermission (GroupModel group)

Policy	manageMembersPermission (GroupModel group)

Policy	manageMembershipPermission (GroupModel group)

Policy	viewPermission (GroupModel group)

Policy	managePermission (GroupModel group)

Resource	resource (GroupModel group)

Map< String, String >	getPermissions (GroupModel group)

boolean	canManage (GroupModel group)

void	requireManage (GroupModel group)

boolean	canView (GroupModel group)

void	requireView (GroupModel group)

boolean	canManage ()

void	requireManage ()

boolean	canView ()

void	requireView ()

boolean	canViewMembers (GroupModel group)

void	requireViewMembers (GroupModel group)

boolean	canManageMembers (GroupModel group)

void	requireManageMembers (GroupModel group)

boolean	canManageMembership (GroupModel group)

void	requireManageMembership (GroupModel group)

Map< String, Boolean >	getAccess (GroupModel group)

静的公開メンバ関数
static String	getManagePermissionGroup (GroupModel group)

static String	getManageMembersPermissionGroup (GroupModel group)

static String	getManageMembershipPermissionGroup (GroupModel group)

static String	getViewPermissionGroup (GroupModel group)

static String	getViewMembersPermissionGroup (GroupModel group)

静的公開変数類
static final String	MAP_ROLE_SCOPE = "map-role"

static final String	MANAGE_MEMBERSHIP_SCOPE = "manage-membership"

static final String	MANAGE_MEMBERS_SCOPE = "manage-members"

static final String	VIEW_MEMBERS_SCOPE = "view-members"

限定公開変数類
final KeycloakSession	session

final RealmModel	realm

final AuthorizationProvider	authz

final MgmtPermissions	root

非公開メンバ関数
void	initialize (GroupModel group)

Resource	groupResource (GroupModel group)

void	deletePermissions (GroupModel group)

boolean	hasView (GroupModel group)

boolean	canViewMembersEvaluation (GroupModel group)

静的非公開メンバ関数
static String	getGroupResourceName (GroupModel group)

静的非公開変数類
static final Logger	logger = Logger.getLogger(GroupPermissions.class)

詳解

著者: Bill Burke

バージョン

Revision: 1

構築子と解体子

◆ GroupPermissions()

org.keycloak.services.resources.admin.permissions.GroupPermissions.GroupPermissions	(	KeycloakSession	session,
		RealmModel	realm,
		AuthorizationProvider	authz,
		MgmtPermissions	root
	)

inline

                                                                                                                           {
         this.session = session;
         this.realm = realm;
         this.authz = authz;
         this.root = root;
     }

関数詳解

◆ canList()

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canList ( )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                              {
         return root.hasOneAdminRole(AdminRoles.VIEW_USERS, AdminRoles.MANAGE_USERS, AdminRoles.QUERY_GROUPS);
     }

◆ canManage() [1/2]

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canManage ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                {
         if (canManage()) return true;
         if (!root.isAdminSameRealm()) {
             return false;
         }
 
         ResourceServer server = root.realmResourceServer();
         if (server == null) return false;
 
         Resource resource =  authz.getStoreFactory().getResourceStore().findByName(getGroupResourceName(group), server.getId());
         if (resource == null) return false;
 
         Policy policy = managePermission(group);
         if (policy == null) {
             return false;
         }
 
         Set<Policy> associatedPolicies = policy.getAssociatedPolicies();
         // if no policies attached to permission then just do default behavior
         if (associatedPolicies == null || associatedPolicies.isEmpty()) {
             return false;
         }
 
         Scope scope = root.realmManageScope();
         return root.evaluatePermission(resource, scope, server);
     }

◆ canManage() [2/2]

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canManage ( )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                {
         return root.users().canManageDefault();
     }

◆ canManageMembers()

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canManageMembers ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                       {
         if (root.users().canManage()) return true;
 
         if (!root.isAdminSameRealm()) {
             return false;
         }
 
         ResourceServer server = root.realmResourceServer();
         if (server == null) return false;
 
         Resource resource =  authz.getStoreFactory().getResourceStore().findByName(getGroupResourceName(group), server.getId());
         if (resource == null) return false;
 
         Policy policy = manageMembersPermission(group);
         if (policy == null) {
             return false;
         }
 
         Set<Policy> associatedPolicies = policy.getAssociatedPolicies();
         // if no policies attached to permission then just do default behavior
         if (associatedPolicies == null || associatedPolicies.isEmpty()) {
             return false;
         }
 
         Scope scope = authz.getStoreFactory().getScopeStore().findByName(MANAGE_MEMBERS_SCOPE, server.getId());
         return root.evaluatePermission(resource, scope, server);
     }

◆ canManageMembership()

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canManageMembership ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                          {
         if (canManage(group)) return true;
 
         if (!root.isAdminSameRealm()) {
             return false;
         }
 
         ResourceServer server = root.realmResourceServer();
         if (server == null) return false;
 
         Resource resource =  authz.getStoreFactory().getResourceStore().findByName(getGroupResourceName(group), server.getId());
         if (resource == null) return false;
 
         Policy policy = manageMembershipPermission(group);
         if (policy == null) {
             return false;
         }
 
         Set<Policy> associatedPolicies = policy.getAssociatedPolicies();
         // if no policies attached to permission then just do default behavior
         if (associatedPolicies == null || associatedPolicies.isEmpty()) {
             return false;
         }
 
         Scope scope = authz.getStoreFactory().getScopeStore().findByName(MANAGE_MEMBERSHIP_SCOPE, server.getId());
         return root.evaluatePermission(resource, scope, server);
     }

◆ canView() [1/2]

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canView ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                              {
         return hasView(group) || canManage(group);
     }

◆ canView() [2/2]

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canView ( )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                              {
         return root.users().canViewDefault();
     }

◆ canViewMembers()

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canViewMembers ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                     {
         return canViewMembersEvaluation(group) || canManageMembers(group);
     }

◆ canViewMembersEvaluation()

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.canViewMembersEvaluation ( GroupModel group )

inlineprivate

                                                                {
         if (root.users().canView()) return true;
 
         if (!root.isAdminSameRealm()) {
             return false;
         }
 
         ResourceServer server = root.realmResourceServer();
         if (server == null) return false;
 
         Resource resource =  authz.getStoreFactory().getResourceStore().findByName(getGroupResourceName(group), server.getId());
         if (resource == null) return false;
 
         Policy policy = viewMembersPermission(group);
         if (policy == null) {
             return false;
         }
 
         Set<Policy> associatedPolicies = policy.getAssociatedPolicies();
         // if no policies attached to permission then just do default behavior
         if (associatedPolicies == null || associatedPolicies.isEmpty()) {
             return false;
         }
 
         Scope scope = authz.getStoreFactory().getScopeStore().findByName(VIEW_MEMBERS_SCOPE, server.getId());
 
         return root.evaluatePermission(resource, scope, server);
     }

◆ deletePermissions()

void org.keycloak.services.resources.admin.permissions.GroupPermissions.deletePermissions ( GroupModel group )

inlineprivate

                                                      {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return;
         Policy managePermission = managePermission(group);
         if (managePermission != null) {
             authz.getStoreFactory().getPolicyStore().delete(managePermission.getId());
         }
         Policy viewPermission = viewPermission(group);
         if (viewPermission != null) {
             authz.getStoreFactory().getPolicyStore().delete(viewPermission.getId());
         }
         Policy manageMembersPermission = manageMembersPermission(group);
         if (manageMembersPermission != null) {
             authz.getStoreFactory().getPolicyStore().delete(manageMembersPermission.getId());
         }
         Policy viewMembersPermission = viewMembersPermission(group);
         if (viewMembersPermission != null) {
             authz.getStoreFactory().getPolicyStore().delete(viewMembersPermission.getId());
         }
         Policy manageMembershipPermission = manageMembershipPermission(group);
         if (manageMembershipPermission != null) {
             authz.getStoreFactory().getPolicyStore().delete(manageMembershipPermission.getId());
         }
         Resource resource = groupResource(group);
         if (resource != null) authz.getStoreFactory().getResourceStore().delete(resource.getId());
     }

◆ getAccess()

Map<String, Boolean> org.keycloak.services.resources.admin.permissions.GroupPermissions.getAccess ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                             {
         Map<String, Boolean> map = new HashMap<>();
         map.put("view", canView(group));
         map.put("manage", canManage(group));
         map.put("manageMembership", canManageMembership(group));
         return map;
     }

◆ getGroupResourceName()

static String org.keycloak.services.resources.admin.permissions.GroupPermissions.getGroupResourceName ( GroupModel group )

inlinestaticprivate

                                                                  {
         return "group.resource." + group.getId();
     }

◆ getManageMembershipPermissionGroup()

static String org.keycloak.services.resources.admin.permissions.GroupPermissions.getManageMembershipPermissionGroup ( GroupModel group )

inlinestatic

                                                                               {
         return "manage.membership.permission.group." + group.getId();
     }

◆ getManageMembersPermissionGroup()

static String org.keycloak.services.resources.admin.permissions.GroupPermissions.getManageMembersPermissionGroup ( GroupModel group )

inlinestatic

                                                                            {
         return "manage.members.permission.group." + group.getId();
     }

◆ getManagePermissionGroup()

static String org.keycloak.services.resources.admin.permissions.GroupPermissions.getManagePermissionGroup ( GroupModel group )

inlinestatic

                                                                     {
         return "manage.permission.group." + group.getId();
     }

◆ getPermissions()

Map<String, String> org.keycloak.services.resources.admin.permissions.GroupPermissions.getPermissions ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                                 {
         initialize(group);
         Map<String, String> scopes = new LinkedHashMap<>();
         scopes.put(AdminPermissionManagement.VIEW_SCOPE, viewPermission(group).getId());
         scopes.put(AdminPermissionManagement.MANAGE_SCOPE, managePermission(group).getId());
         scopes.put(VIEW_MEMBERS_SCOPE, viewMembersPermission(group).getId());
         scopes.put(MANAGE_MEMBERS_SCOPE, manageMembersPermission(group).getId());
         scopes.put(MANAGE_MEMBERSHIP_SCOPE, manageMembershipPermission(group).getId());
         return scopes;
     }

◆ getViewMembersPermissionGroup()

static String org.keycloak.services.resources.admin.permissions.GroupPermissions.getViewMembersPermissionGroup ( GroupModel group )

inlinestatic

                                                                          {
         return "view.members.permission.group." + group.getId();
     }

◆ getViewPermissionGroup()

static String org.keycloak.services.resources.admin.permissions.GroupPermissions.getViewPermissionGroup ( GroupModel group )

inlinestatic

                                                                   {
         return "view.permission.group." + group.getId();
     }

◆ groupResource()

Resource org.keycloak.services.resources.admin.permissions.GroupPermissions.groupResource ( GroupModel group )

inlineprivate

                                                      {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return null;
         String groupResourceName = getGroupResourceName(group);
         return authz.getStoreFactory().getResourceStore().findByName(groupResourceName, server.getId());
     }

◆ hasView()

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.hasView ( GroupModel group )

inlineprivate

                                               {
         if (canView()) return true;
 
         if (!root.isAdminSameRealm()) {
             return false;
         }
 
         ResourceServer server = root.realmResourceServer();
         if (server == null) return false;
 
         Resource resource =  authz.getStoreFactory().getResourceStore().findByName(getGroupResourceName(group), server.getId());
         if (resource == null) return false;
 
         Policy policy = viewPermission(group);
         if (policy == null) {
             return false;
         }
 
         Set<Policy> associatedPolicies = policy.getAssociatedPolicies();
         // if no policies attached to permission then abort
         if (associatedPolicies == null || associatedPolicies.isEmpty()) {
             return false;
         }
 
         Scope scope = root.realmViewScope();
         return root.evaluatePermission(resource, scope, server);
     }

◆ initialize()

void org.keycloak.services.resources.admin.permissions.GroupPermissions.initialize ( GroupModel group )

inlineprivate

                                               {
         root.initializeRealmResourceServer();
         root.initializeRealmDefaultScopes();
         ResourceServer server = root.realmResourceServer();
         Scope manageScope = root.realmManageScope();
         Scope viewScope = root.realmViewScope();
         Scope manageMembersScope = root.initializeRealmScope(MANAGE_MEMBERS_SCOPE);
         Scope viewMembersScope = root.initializeRealmScope(VIEW_MEMBERS_SCOPE);
         Scope manageMembershipScope = root.initializeRealmScope(MANAGE_MEMBERSHIP_SCOPE);
 
         String groupResourceName = getGroupResourceName(group);
         Resource groupResource = authz.getStoreFactory().getResourceStore().findByName(groupResourceName, server.getId());
         if (groupResource == null) {
             groupResource = authz.getStoreFactory().getResourceStore().create(groupResourceName, server, server.getId());
             Set<Scope> scopeset = new HashSet<>();
             scopeset.add(manageScope);
             scopeset.add(viewScope);
             scopeset.add(viewMembersScope);
             scopeset.add(manageMembershipScope);
             scopeset.add(manageMembersScope);
             groupResource.updateScopes(scopeset);
         }
         String managePermissionName = getManagePermissionGroup(group);
         Policy managePermission = authz.getStoreFactory().getPolicyStore().findByName(managePermissionName, server.getId());
         if (managePermission == null) {
             Helper.addEmptyScopePermission(authz, server, managePermissionName, groupResource, manageScope);
         }
         String viewPermissionName = getViewPermissionGroup(group);
         Policy viewPermission = authz.getStoreFactory().getPolicyStore().findByName(viewPermissionName, server.getId());
         if (viewPermission == null) {
             Helper.addEmptyScopePermission(authz, server, viewPermissionName, groupResource, viewScope);
         }
         String manageMembersPermissionName = getManageMembersPermissionGroup(group);
         Policy manageMembersPermission = authz.getStoreFactory().getPolicyStore().findByName(manageMembersPermissionName, server.getId());
         if (manageMembersPermission == null) {
             Helper.addEmptyScopePermission(authz, server, manageMembersPermissionName, groupResource, manageMembersScope);
         }
         String viewMembersPermissionName = getViewMembersPermissionGroup(group);
         Policy viewMembersPermission = authz.getStoreFactory().getPolicyStore().findByName(viewMembersPermissionName, server.getId());
         if (viewMembersPermission == null) {
             Helper.addEmptyScopePermission(authz, server, viewMembersPermissionName, groupResource, viewMembersScope);
         }
         String manageMembershipPermissionName = getManageMembershipPermissionGroup(group);
         Policy manageMembershipPermission = authz.getStoreFactory().getPolicyStore().findByName(manageMembershipPermissionName, server.getId());
         if (manageMembershipPermission == null) {
             Helper.addEmptyScopePermission(authz, server, manageMembershipPermissionName, groupResource, manageMembershipScope);
         }
 
     }

◆ isPermissionsEnabled()

boolean org.keycloak.services.resources.admin.permissions.GroupPermissions.isPermissionsEnabled ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                           {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return false;
 
         return authz.getStoreFactory().getResourceStore().findByName(getGroupResourceName(group), server.getId()) != null;
     }

◆ manageMembershipPermission()

Policy org.keycloak.services.resources.admin.permissions.GroupPermissions.manageMembershipPermission ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                                {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return null;
         String manageMembershipPermissionName = getManageMembershipPermissionGroup(group);
         return authz.getStoreFactory().getPolicyStore().findByName(manageMembershipPermissionName, server.getId());
     }

◆ manageMembersPermission()

Policy org.keycloak.services.resources.admin.permissions.GroupPermissions.manageMembersPermission ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                             {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return null;
         String manageMembersPermissionName = getManageMembersPermissionGroup(group);
         return authz.getStoreFactory().getPolicyStore().findByName(manageMembersPermissionName, server.getId());
     }

◆ managePermission()

Policy org.keycloak.services.resources.admin.permissions.GroupPermissions.managePermission ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                      {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return null;
         String managePermissionName = getManagePermissionGroup(group);
         return authz.getStoreFactory().getPolicyStore().findByName(managePermissionName, server.getId());
     }

◆ requireList()

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireList ( )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                               {
         if (!canList()) {
             throw new ForbiddenException();
         }
     }

◆ requireManage() [1/2]

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireManage ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                 {
         if (!canManage(group)) {
             throw new ForbiddenException();
         }
     }

◆ requireManage() [2/2]

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireManage ( )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                 {
         if (!canManage()) {
             throw new ForbiddenException();
         }
     }

◆ requireManageMembers()

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireManageMembers ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                        {
         if (!canManageMembers(group)) {
             throw new ForbiddenException();
         }
     }

◆ requireManageMembership()

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireManageMembership ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                           {
         if (!canManageMembership(group)) {
             throw new ForbiddenException();
         }
     }

◆ requireView() [1/2]

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireView ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                               {
         if (!canView(group)) {
             throw new ForbiddenException();
         }
     }

◆ requireView() [2/2]

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireView ( )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                               {
         if (!canView()) {
             throw new ForbiddenException();
         }
     }

◆ requireViewMembers()

void org.keycloak.services.resources.admin.permissions.GroupPermissions.requireViewMembers ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionEvaluatorを実装しています。

                                                      {
         if (!canViewMembers(group)) {
             throw new ForbiddenException();
         }
     }

◆ resource()

Resource org.keycloak.services.resources.admin.permissions.GroupPermissions.resource ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return null;
         Resource resource =  authz.getStoreFactory().getResourceStore().findByName(getGroupResourceName(group), server.getId());
         if (resource == null) return null;
         return resource;
     }

◆ setPermissionsEnabled()

void org.keycloak.services.resources.admin.permissions.GroupPermissions.setPermissionsEnabled	(	GroupModel	group,
		boolean	enable
	)

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                                         {
        if (enable) {
            initialize(group);
        } else {
            deletePermissions(group);
        }
     }

◆ viewMembersPermission()

Policy org.keycloak.services.resources.admin.permissions.GroupPermissions.viewMembersPermission ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                           {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return null;
         String viewMembersPermissionName = getViewMembersPermissionGroup(group);
         return authz.getStoreFactory().getPolicyStore().findByName(viewMembersPermissionName, server.getId());
     }

◆ viewPermission()

Policy org.keycloak.services.resources.admin.permissions.GroupPermissions.viewPermission ( GroupModel group )

inline

org.keycloak.services.resources.admin.permissions.GroupPermissionManagementを実装しています。

                                                    {
         ResourceServer server = root.realmResourceServer();
         if (server == null) return null;
         String viewPermissionName = getViewPermissionGroup(group);
         return authz.getStoreFactory().getPolicyStore().findByName(viewPermissionName, server.getId());
     }

メンバ詳解

◆ authz

final AuthorizationProvider org.keycloak.services.resources.admin.permissions.GroupPermissions.authz

protected

◆ logger

final Logger org.keycloak.services.resources.admin.permissions.GroupPermissions.logger = Logger.getLogger(GroupPermissions.class)

staticprivate

◆ MANAGE_MEMBERS_SCOPE

final String org.keycloak.services.resources.admin.permissions.GroupPermissions.MANAGE_MEMBERS_SCOPE = "manage-members"

static

◆ MANAGE_MEMBERSHIP_SCOPE

final String org.keycloak.services.resources.admin.permissions.GroupPermissions.MANAGE_MEMBERSHIP_SCOPE = "manage-membership"

static

◆ MAP_ROLE_SCOPE

final String org.keycloak.services.resources.admin.permissions.GroupPermissions.MAP_ROLE_SCOPE = "map-role"

static

◆ realm

final RealmModel org.keycloak.services.resources.admin.permissions.GroupPermissions.realm

protected

◆ root

final MgmtPermissions org.keycloak.services.resources.admin.permissions.GroupPermissions.root

protected

◆ session

final KeycloakSession org.keycloak.services.resources.admin.permissions.GroupPermissions.session

protected

◆ VIEW_MEMBERS_SCOPE

final String org.keycloak.services.resources.admin.permissions.GroupPermissions.VIEW_MEMBERS_SCOPE = "view-members"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/services/resources/admin/permissions/GroupPermissions.java

公開メンバ関数

静的公開メンバ関数

静的公開変数類

限定公開変数類

非公開メンバ関数

静的非公開メンバ関数

静的非公開変数類

詳解

構築子と解体子

◆ GroupPermissions()

関数詳解

◆ canList()

◆ canManage() [1/2]

◆ canManage() [2/2]

◆ canManageMembers()

◆ canManageMembership()

◆ canView() [1/2]

◆ canView() [2/2]

◆ canViewMembers()

◆ canViewMembersEvaluation()

◆ deletePermissions()

◆ getAccess()

◆ getGroupResourceName()

◆ getManageMembershipPermissionGroup()

◆ getManageMembersPermissionGroup()

◆ getManagePermissionGroup()

◆ getPermissions()

◆ getViewMembersPermissionGroup()

◆ getViewPermissionGroup()

◆ groupResource()

◆ hasView()

◆ initialize()

◆ isPermissionsEnabled()

◆ manageMembershipPermission()

◆ manageMembersPermission()

◆ managePermission()

◆ requireList()

◆ requireManage() [1/2]

◆ requireManage() [2/2]

◆ requireManageMembers()

◆ requireManageMembership()

◆ requireView() [1/2]

◆ requireView() [2/2]

◆ requireViewMembers()

◆ resource()

◆ setPermissionsEnabled()

◆ viewMembersPermission()

◆ viewPermission()

メンバ詳解

◆ authz

◆ logger

◆ MANAGE_MEMBERS_SCOPE

◆ MANAGE_MEMBERSHIP_SCOPE

◆ MAP_ROLE_SCOPE

◆ realm

◆ root

◆ session

◆ VIEW_MEMBERS_SCOPE