Re: [security-dev] query role mappings of a particular partition
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: security-dev(a)lists.jboss.org
Sent: Monday, June 24, 2013 9:21:18 AM
Subject: [security-dev] query role mappings of a particular partition
If I have Users defined in one partition (a realm) and roles defined in
another partition (Tier), how do I:
* grant a tier role to a realm user?
Is just a matter of creating/loading a role for a specific Tier and use
IM.grantRole(user, role). You can check if an user has a specific role by using IM.hasRole
method.
We have some test cases for that.
* query grants of a user for a specific tier?
You can use the Query API for that. Something like this:
// here we create an IM for a specific Tier
IdentityManager applicationA =
getIdentityManagerFactory().createIdentityManager(new Tier("Application A");
IdentityQuery<Role> query = applicationA.createIdentityQuery(Role.class);
// query all roles associated with user
query.setParameter(Role.ROLE_OF, user);
List<Role> result = query.getResultList();
Or:
RelationshipQuery<Grant> relationshipQuery =
identityManager.createRelationshipQuery(Grant.class);
relationshipQuery.setParameter(Grant.ASSIGNEE, user);
List<Grant> resultList = relationshipQuery.getResultList();
I guess I have to query for all the Grants for a particular user,
then
filter them out based on the Role's partition?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
security-dev mailing list
security-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/security-dev