Package org.keycloak.authorization.store

Interface PermissionTicketStore

public interface PermissionTicketStore

A PermissionTicketStore is responsible to manage the persistence of PermissionTicket instances.

Author:

Pedro Igor

Method Summary

Modifier and Type	Method	Description
long	count(ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes)	Returns count of PermissionTicket, filtered by the given attributes.
PermissionTicket	create(ResourceServer resourceServer, Resource resource, Scope scope, String requester)	Creates a new PermissionTicket instance.
void	delete(String id)	Deletes a permission from the underlying persistence mechanism.
List<PermissionTicket>	find(ResourceServer resourceServer, Map<PermissionTicket.FilterOption,String> attributes, Integer firstResult, Integer maxResults)	Returns a list of PermissionTicket, filtered by the given attributes.
PermissionTicket	findById(ResourceServer resourceServer, String id)	Returns a PermissionTicket with the given id
List<PermissionTicket>	findByOwner(ResourceServer resourceServer, String owner)	Returns a list of PermissionTicket associated with the given owner.
List<PermissionTicket>	findByResource(ResourceServer resourceServer, Resource resource)	Returns a list of PermissionTicket associated with the resource.
List<PermissionTicket>	findByResourceServer(ResourceServer resourceServer)	Returns a list of PermissionTicket associated with a ResourceServer.
List<PermissionTicket>	findByScope(ResourceServer resourceServer, Scope scope)	Returns a list of PermissionTicket associated with the scope.
List<PermissionTicket>	findGranted(ResourceServer resourceServer, String userId)	Returns a list of PermissionTicket granted to the given userId.
List<PermissionTicket>	findGranted(ResourceServer resourceServer, String resourceName, String userId)	Returns a list of PermissionTicket with name equal to resourceName granted to the given userId.
List<Resource>	findGrantedOwnerResources(String owner, Integer firstResult, Integer maxResults)	Returns a list of Resource granted by the owner to other users
List<Resource>	findGrantedResources(String requester, String name, Integer firstResult, Integer maxResults)	Returns a list of Resource granted to the given requester

Method Detail

count

long count(ResourceServer resourceServer,
           Map<PermissionTicket.FilterOption,String> attributes)

Returns count of PermissionTicket, filtered by the given attributes.

Parameters:

resourceServer - the resource server

attributes - permission tickets that do not match the attributes are not included with the count; possible filter options are given by PermissionTicket.FilterOption

Returns:

an integer indicating the amount of permission tickets

Throws:

IllegalArgumentException - when there is an unknown attribute in the attributes map

create

PermissionTicket create(ResourceServer resourceServer,
                        Resource resource,
                        Scope scope,
                        String requester)

Creates a new PermissionTicket instance.

Parameters:

resourceServer - the resource server to which this policy belongs

resource - resource id

scope - scope id

requester - the policy representation

Returns:

a new instance of PermissionTicket

delete

void delete(String id)

Deletes a permission from the underlying persistence mechanism.

Parameters:

id - the id of the policy to delete

findById

PermissionTicket findById(ResourceServer resourceServer,
                          String id)

Returns a PermissionTicket with the given id

Parameters:

resourceServer - the resource server

id - the identifier of the permission

Returns:

a permission with the given identifier.

findByResourceServer

List<PermissionTicket> findByResourceServer(ResourceServer resourceServer)

Returns a list of PermissionTicket associated with a ResourceServer.

Parameters:

resourceServer - the resource server

Returns:

a list of permissions belonging to the given resource server

findByOwner

List<PermissionTicket> findByOwner(ResourceServer resourceServer,
                                   String owner)

Returns a list of PermissionTicket associated with the given owner.

Parameters:

resourceServer - the resource server

owner - the identifier of a resource server

Returns:

a list of permissions belonging to the given owner

findByResource

List<PermissionTicket> findByResource(ResourceServer resourceServer,
                                      Resource resource)

Returns a list of PermissionTicket associated with the resource.

Parameters:

resourceServer - the resource server

resource - the resource

Returns:

a list of permissions associated with the given resource TODO: maybe we can get rid of reosourceServer param here as resource has method getResourceServer()

findByScope

List<PermissionTicket> findByScope(ResourceServer resourceServer,
                                   Scope scope)

Returns a list of PermissionTicket associated with the scope.

Parameters:

resourceServer - the resource server

scope - the scope

Returns:

a list of permissions associated with the given scopes TODO: maybe we can get rid of reosourceServer param here as resource has method getResourceServer()

find

List<PermissionTicket> find(ResourceServer resourceServer,
                            Map<PermissionTicket.FilterOption,String> attributes,
                            Integer firstResult,
                            Integer maxResults)

Returns a list of PermissionTicket, filtered by the given attributes.

Parameters:

resourceServer - a resource server that resulting tickets should belong to. Ignored if null

attributes - a map of keys and values to filter on; possible filter options are given by PermissionTicket.FilterOption

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a list of filtered and paginated permissions

Throws:

IllegalArgumentException - when there is an unknown attribute in the attributes map

findGranted

List<PermissionTicket> findGranted(ResourceServer resourceServer,
                                   String userId)

Returns a list of PermissionTicket granted to the given userId.

Parameters:

resourceServer - the resource server

userId - the user id

Returns:

a list of permissions granted for a particular user

findGranted

List<PermissionTicket> findGranted(ResourceServer resourceServer,
                                   String resourceName,
                                   String userId)

Returns a list of PermissionTicket with name equal to resourceName granted to the given userId.

Parameters:

resourceServer - the resource server

resourceName - the name of a resource

userId - the user id

Returns:

a list of permissions granted for a particular user TODO: investigate a way how to replace resourceName with Resource class

findGrantedResources

List<Resource> findGrantedResources(String requester,
                                    String name,
                                    Integer firstResult,
                                    Integer maxResults)

Returns a list of Resource granted to the given requester

Parameters:

requester - the requester

name - the keyword to query resources by name or null if any resource

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a list of Resource granted to the given requester

findGrantedOwnerResources

List<Resource> findGrantedOwnerResources(String owner,
                                         Integer firstResult,
                                         Integer maxResults)

Returns a list of Resource granted by the owner to other users

Parameters:

owner - the owner

firstResult - first result to return. Ignored if negative or null.

maxResults - maximum number of results to return. Ignored if negative or null.

Returns:

a list of Resource granted by the owner