module Keycloak::Admin

Os recursos desse module (admin) serão utilizadas apenas por usuários que possuem as roles do client realm-management

Public Class Methods

add_client_level_roles_to_user(id, client, role_representation, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 450
def self.add_client_level_roles_to_user(id, client, role_representation, access_token = nil)
  generic_post("users/#{id}/role-mappings/clients/#{client}", nil, role_representation, access_token)
end
count_users(access_token = nil) click to toggle source
# File lib/keycloak.rb, line 404
def self.count_users(access_token = nil)
  generic_get("users/count/", nil, access_token)
end
create_user(user_representation, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 400
def self.create_user(user_representation, access_token = nil)
  generic_post("users/", nil, user_representation, access_token)
end
delete_client_level_roles_from_user(id, client, role_representation, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 454
def self.delete_client_level_roles_from_user(id, client, role_representation, access_token = nil)
  generic_delete("users/#{id}/role-mappings/clients/#{client}", nil, role_representation, access_token)
end
delete_user(id, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 416
def self.delete_user(id, access_token = nil)
  generic_delete("users/#{id}", nil, nil, access_token)
end
generic_delete(service, query_parameters = nil, body_parameter = nil, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 531
def self.generic_delete(service, query_parameters = nil, body_parameter = nil, access_token = nil)
  Keycloak.generic_request(effective_access_token(access_token), full_url(service), query_parameters, body_parameter, 'DELETE')
end
generic_get(service, query_parameters = nil, access_token = nil) click to toggle source

Generics methods

# File lib/keycloak.rb, line 519
def self.generic_get(service, query_parameters = nil, access_token = nil)
  Keycloak.generic_request(effective_access_token(access_token), full_url(service), query_parameters, nil, 'GET')
end
generic_post(service, query_parameters, body_parameter, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 523
def self.generic_post(service, query_parameters, body_parameter, access_token = nil)
  Keycloak.generic_request(effective_access_token(access_token), full_url(service), query_parameters, body_parameter, 'POST')
end
generic_put(service, query_parameters, body_parameter, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 527
def self.generic_put(service, query_parameters, body_parameter, access_token = nil)
  Keycloak.generic_request(effective_access_token(access_token), full_url(service), query_parameters, body_parameter, 'PUT')
end
get_all_roles_client(id, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 442
def self.get_all_roles_client(id, access_token = nil)
  generic_get("clients/#{id}/roles", nil, access_token)
end
get_client_level_role_for_user_and_app(id, client, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 458
def self.get_client_level_role_for_user_and_app(id, client, access_token = nil)
  generic_get("users/#{id}/role-mappings/clients/#{client}", nil, access_token)
end
get_clients(query_parameters = nil, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 438
def self.get_clients(query_parameters = nil, access_token = nil)
  generic_get("clients/", query_parameters, access_token)
end
get_effective_client_level_role_composite_user(id, client, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 513
def self.get_effective_client_level_role_composite_user(id, client, access_token = nil)
  generic_get("users/#{id}/role-mappings/clients/#{client}/composite", nil, access_token)
end
get_role_mappings(id, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 434
def self.get_role_mappings(id, access_token = nil)
  generic_get("users/#{id}/role-mappings", nil, access_token)
end
get_roles_client_by_name(id, role_name, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 446
def self.get_roles_client_by_name(id, role_name, access_token = nil)
  generic_get("clients/#{id}/roles/#{role_name}", nil, access_token)
end
get_user(id, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 408
def self.get_user(id, access_token = nil)
  generic_get("users/#{id}", nil, access_token)
end
get_users(query_parameters = nil, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 396
def self.get_users(query_parameters = nil, access_token = nil)
  generic_get("users/", query_parameters, access_token)
end
reset_password(id, credential_representation, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 509
def self.reset_password(id, credential_representation, access_token = nil)
  generic_put("users/#{id}/reset-password", nil, credential_representation, access_token)
end
update_account_email(id, actions, redirect_uri = '', client_id = nil, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 427
def self.update_account_email(id, actions, redirect_uri = '', client_id = nil, access_token = nil)
  if client_id.nil?
    client_id = Keycloak::Client.client_id
  end
  generic_put("users/#{id}/execute-actions-email", {:redirect_uri => redirect_uri, :client_id => client_id}, actions, access_token)
end
update_effective_user_roles(id, client_id, roles_names, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 462
def self.update_effective_user_roles(id, client_id, roles_names, access_token = nil)
  client = JSON get_clients({ clientId: client_id }, access_token)

  user_roles = JSON get_client_level_role_for_user_and_app(id, client[0]['id'], access_token)

  roles = Array.new
  # Include new role
  roles_names.each do |r|
    if r && !r.empty?
      found = false
      user_roles.each do |ur|
        found = ur['name'] == r
        break if found
        found = false
      end
      if !found
        role = JSON get_roles_client_by_name(client[0]['id'], r, access_token)
        roles.push(role)
      end
    end
  end

  garbage_roles = Array.new
  # Exclude old role
  user_roles.each do |ur|
    found = false
    roles_names.each do |r|
      if r && !r.empty?
        found = ur['name'] == r
        break if found
        found = false
      end
    end
    if !found
      garbage_roles.push(ur)
    end
  end

  if garbage_roles.count > 0
    delete_client_level_roles_from_user(id, client[0]['id'], garbage_roles, access_token)
  end

  if roles.count > 0
    add_client_level_roles_to_user(id, client[0]['id'], roles, access_token)
  end
end
update_user(id, user_representation, access_token = nil) click to toggle source
# File lib/keycloak.rb, line 412
def self.update_user(id, user_representation, access_token = nil)
  generic_put("users/#{id}", nil, user_representation, access_token)
end

Private Class Methods

base_url() click to toggle source
# File lib/keycloak.rb, line 545
def self.base_url
  Keycloak::Client.auth_server_url + "/admin/realms/#{Keycloak::Client.realm}/"
end
effective_access_token(access_token) click to toggle source
# File lib/keycloak.rb, line 537
def self.effective_access_token(access_token)
  if access_token.blank?
    Keycloak::Client.token['access_token']
  else
    access_token
  end
end
full_url(service) click to toggle source
# File lib/keycloak.rb, line 549
def self.full_url(service)
  base_url + service
end