Best regards,
*Stefan Wachter
INST-ICM/BSV-BS*
Tel. +49(711)811-58477
*Be**QIK
*
Am 18.07.2018 um 16:14 schrieb Pedro Igor Silva:
I see. Well, I think we can include this as it just adds support for
another policy type. Another JIRA, please ? :)
On Wed, Jul 18, 2018 at 10:05 AM, stefan.wachter
<stefan.wachter(a)bosch-si.com <mailto:stefan.wachter@bosch-si.com>> wrote:
Ok. I understand. However, I would like to set the policy that
allows a certain user to access a resource upfront. For example
when a resource owner decides to share a resource with someone by
sending an email she wants to set the necessary policy at the same
time (and not later on in a separate approval step). This is what
the User Management UI already offers. But I would like to
implement that functionality by API calls.
Best regards,
*Stefan Wachter
INST-ICM/BSV-BS*
Tel. +49(711)811-58477
*Be**QIK
*
Am 18.07.2018 um 14:20 schrieb Pedro Igor Silva:
>
>
> On Wed, Jul 18, 2018 at 5:43 AM, stefan.wachter
> <stefan.wachter(a)bosch-si.com
> <mailto:stefan.wachter@bosch-si.com>> wrote:
>
> Hi,
>
> how can one set a user policy, (i.e. a set of users) to a
> user managed
> resource? Looking at the class
> org.keycloak.representations.idm.authorization.UmaPermissionRepresentation
>
> I do not see a field that could be used for specifiying a set
> of user ids.
>
>
> For users, the idea is that you would probably want to follow UMA
> flow. The idea behind this endpoint is allow resource servers to
> define additional permissions (in addition to users as provided
> by UMA flow) and still allow users to revoke them.
>
>
>
> public class UmaPermissionRepresentationextends
> AbstractPolicyRepresentation {
>
> private Stringid;
> private Stringdescription;
> private Set<String>roles;
> private Set<String>groups;
> private Set<String>clients;
> private Stringcondition;
> ...
> }
>
> public class AbstractPolicyRepresentation {
>
> private Stringid;
> private Stringname;
> private Stringdescription;
> private Stringtype;
> private Set<String>policies;
> private Set<String>resources;
> private Set<String>scopes;
> private Logiclogic = Logic.POSITIVE;
> private DecisionStrategydecisionStrategy =
> DecisionStrategy.UNANIMOUS;
> private Stringowner;
> ...
>
> }
>
> BTW: Why does the derived UmaPermissionRepresentation class
> have an id
> and description field of its own? I think these fields are
> inherited
> from its base class AbstractPolicyRepresentation.
>
>
> Good point. Need to refactor this.
>
>
> --
>
> Best regards,
>
> *Stefan Wachter
> INST-ICM/BSV-BS*
>
> Tel. +49(711)811-58477
>
> *Be**QIK
> *
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> <mailto:keycloak-user@lists.jboss.org>
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
> <
https://lists.jboss.org/mailman/listinfo/keycloak-user>
>
>