<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">For example you can take a look at our
testsuite here :
<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/blob/master/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java#L726">https://github.com/keycloak/keycloak/blob/master/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/UserTest.java#L726</a><br>
<br>
Marek<br>
<br>
On 04/05/16 08:28, Hristo Stoyanov wrote:<br>
</div>
<blockquote
cite="mid:CAHiHDeS8FTSKkRj6bRAj2UYKvF2ZAO8kzo8U0JC=S89GjhyHew@mail.gmail.com"
type="cite">
<p dir="ltr">Hi,<br>
Can someone show me a working example of changing the realm set
of roles for a user?</p>
<p dir="ltr">Here is an example that does not appear to work in
KC1.9.3 - after the execution, there is no effect in the
console, the user roles remain unchanged. No error whatsoever???</p>
<p dir="ltr">private static void updateRoles(Plan newPlan,
UserResource user, RealmResource realm) {<br>
//Get all realm roles<br>
RolesResource realmRoles = realm.roles();</p>
<p dir="ltr"> //Get the user's realm level roles<br>
RoleScopeResource userRoles = user.roles().realmLevel();</p>
<p dir="ltr"> //Get all existing plan roles to be removed<br>
List<RoleRepresentation> rolesToRemove =
userRoles.listEffective()<br>
.stream()<br>
.filter((RoleRepresentation r) ->
!Roles.isPlanRole(r.getName()) &&
!Roles.isExpiredPlanRole(r.getName()))<br>
.collect(Collectors.toList());</p>
<p dir="ltr"> //Add the new plan role <br>
List<RoleRepresentation> rolesToAdd = new
ArrayList<>(1);<br>
realmRoles<br>
.list()<br>
.stream()<br>
.filter(r ->
r.getName().equals(newPlan.role.getName()))<br>
.findFirst().ifPresent((RoleRepresentation r)
-> rolesToAdd.add(r));<br>
<br>
//Perform remove<br>
userRoles.remove(rolesToRemove);<br>
<br>
//Perform add<br>
userRoles.add(rolesToAdd);<br>
<br>
//Go check the admin console - Surprise .. nothing really
changed???</p>
<p dir="ltr"> }<br>
<br>
And here is another example that does nothing:<br>
...<br>
RealmResource realm = admin.realm(RealmAdmin.REALM_NAME);<br>
UserResource userResource = realm.users().get(userId);<br>
UserRepresentation userRepresentation =
userResource.toRepresentation();<br>
...<br>
//Assign new plan role<br>
updateRoles(request.plan, userResource);<br>
userResource.update(userRepresentation);</p>
<p dir="ltr"> private static void updateRoles(Plan newPlan,
UserRepresentation userRepresentation) {<br>
List<String> newRoles =
userRepresentation.getRealmRoles();<br>
if(newRoles!=null){<br>
newRoles.stream()<br>
.filter(r -> !Roles.isPlanRole(r) &&
!Roles.isExpiredPlanRole(r))<br>
.collect(Collectors.toList());<br>
}else{<br>
newRoles = new ArrayList<>(1);<br>
}<br>
newRoles.add(newPlan.role.getName());<br>
userRepresentation.setRealmRoles(newRoles);<br>
}</p>
<p dir="ltr">/Hristo Stoyanov</p>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>