From b29471e153a0e748f30d84ec997bc09688b82850 Mon Sep 17 00:00:00 2001 From: axel Date: Tue, 28 Nov 2023 14:07:08 +0100 Subject: [PATCH] getParentRoles --- server-spi/pom.xml | 2 +- .../resources/admin/RoleByIdResource.java | 35 +++++++++++++------ .../admin/RoleContainerResource.java | 2 -- .../resources/admin/RoleResource.java | 1 - 4 files changed, 25 insertions(+), 15 deletions(-) diff --git a/server-spi/pom.xml b/server-spi/pom.xml index 925ed7d77ea4..29bbc1132f17 100755 --- a/server-spi/pom.xml +++ b/server-spi/pom.xml @@ -4,7 +4,7 @@ ~ and other contributors as indicated by the @author tags. ~ ~ Licensed under the Apache License, Version 2.0 (the "License"); - ~ you may not use this file except in compliance with the License. + ~ you may not use this file except in compliance with the License.tt ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java index 9bd9d9a11bf0..25415657a795 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java @@ -16,13 +16,13 @@ */ package org.keycloak.services.resources.admin; +import jakarta.ws.rs.*; import org.eclipse.microprofile.openapi.annotations.Operation; import org.eclipse.microprofile.openapi.annotations.extensions.Extension; import org.eclipse.microprofile.openapi.annotations.parameters.Parameter; import org.eclipse.microprofile.openapi.annotations.tags.Tag; import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.cache.NoCache; -import jakarta.ws.rs.NotFoundException; import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.ResourceType; import org.keycloak.models.ClientModel; @@ -33,21 +33,11 @@ import org.keycloak.representations.idm.ManagementPermissionReference; import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.services.ErrorResponse; -import org.keycloak.services.ErrorResponseException; import org.keycloak.services.resources.KeycloakOpenAPI; import org.keycloak.services.resources.admin.permissions.AdminPermissionEvaluator; import org.keycloak.services.resources.admin.permissions.AdminPermissionManagement; import org.keycloak.services.resources.admin.permissions.AdminPermissions; -import jakarta.ws.rs.Consumes; -import jakarta.ws.rs.DELETE; -import jakarta.ws.rs.GET; -import jakarta.ws.rs.POST; -import jakarta.ws.rs.PUT; -import jakarta.ws.rs.Path; -import jakarta.ws.rs.PathParam; -import jakarta.ws.rs.Produces; -import jakarta.ws.rs.QueryParam; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; import java.util.List; @@ -270,6 +260,29 @@ public void deleteComposites(final @Parameter(description = "Role id") @PathPara auth.roles().requireManage(role); deleteComposites(adminEvent, session.getContext().getUri(), roles, role); } + + /** + * Get parents of the roles, thoses which have the given role as composite + * + * @param id Role id + * @param briefRepresentation if false, return a full representation of the roles with their attributes + * @return parents of the roles + */ + @Path("{role-id}/parents") + @GET + @NoCache + @Produces(MediaType.APPLICATION_JSON) + public Set getParentsRoles(final @PathParam("role-id") String id, + final @QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation) { + RoleModel role = getRoleModel(id); + auth.roles().requireManage(role); + + if (role == null) { + throw new NotFoundException("Could not find role"); + } + + return getParentsRoles(role, briefRepresentation); + } /** * Return object stating whether role Authoirzation permissions have been initialized or not and a reference diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java index 69b1fe45ea0b..c767c06d69b0 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java @@ -26,7 +26,6 @@ import org.keycloak.events.admin.OperationType; import org.keycloak.events.admin.ResourceType; import org.keycloak.models.*; -import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.models.utils.RoleUtils; import org.keycloak.representations.idm.GroupRepresentation; @@ -58,7 +57,6 @@ import java.util.function.Function; import java.util.stream.Collectors; import java.util.stream.Stream; -import org.keycloak.services.ErrorResponseException; /** * @resource Roles diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java index 15f7d49cef91..be49d2d199ba 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java @@ -36,7 +36,6 @@ import java.util.Set; import java.util.stream.Stream; -import java.util.Collections; import java.util.stream.Collectors; /**