[keycloak-user] Users assigned to roles

Stian Thorgersen stian at redhat.com
Wed Nov 19 03:59:35 EST 2014



----- Original Message -----
> From: "Marek Posolda" <mposolda at redhat.com>
> To: "Alarik Myrin" <alarik at zwift.com>, keycloak-user at lists.jboss.org
> Sent: Wednesday, November 19, 2014 9:39:02 AM
> Subject: Re: [keycloak-user] Users assigned to roles
> 
> I don't think we have this at this moment. Feel free to create jira, but no
> promise if/when we provide it...
> 
> btv. it seems that your query doesn't handle composite roles, but really just
> those roles, which are directly assigned to user in user_role_mapping table.
> I don't know if you care about it... Fact is that doing single SQL query
> including composite roles is probably not doable unless you are on Oracle,
> which allows some kind of hierarchical queries afaik.

I reckon you could do it with an inner select that gets all roles that maps to the given role or is the role.

> 
> Marek
> 
> On 18.11.2014 18:37, Alarik Myrin wrote:
> 
> 
> 
> I was able to piece together a SQL query:
> 
> 
> 
> SELECT u.username, u.first_name, u.last_name, role.name AS role
> 
> FROM keycloak_role role
> 
> INNER JOIN realm ON role.realm = realm.id
> 
> INNER JOIN user_role_mapping rm ON role.id = rm.role_id
> 
> INNER JOIN user_entity u ON rm.user_id = u.id
> 
> WHERE realm.name =:1 AND role.name = :2
> 
> It might be nice to do this in the web console though...
> 
> On Tue, Nov 18, 2014 at 12:28 PM, Alarik Myrin < alarik at zwift.com > wrote:
> 
> 
> 
> Is there any easy way to see which users have been assigned a given role?
> 
> 
> 
> _______________________________________________
> keycloak-user mailing list keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
> 
> 
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list