feat: init role / roleclasspermission / roleisntancepermission models

terrestris · Jun 10, 2024 · 0667bd5 · 0667bd5
1 parent e258672
commit 0667bd5
Show file tree

Hide file tree

Showing 9 changed files with 336 additions and 4 deletions.
diff --git a/src/model/Group.ts b/src/model/Group.ts
@@ -13,8 +13,8 @@ export interface KeycloakGroupRepresentation extends ProviderGroupDetails {
   clientRoles?: {
     [key: string]: string[];
   };
-  subGroups: KeycloakGroupRepresentation[];
-  access: {
+  subGroups?: KeycloakGroupRepresentation[];
+  access?: {
     [key: string]: boolean;
   };
 }

diff --git a/src/model/Role.ts b/src/model/Role.ts
@@ -0,0 +1,35 @@
+import BaseEntity, { BaseEntityArgs } from './BaseEntity';
+
+export interface ProviderRoleDetails {}
+
+export interface KeycloakRoleRepresentation extends ProviderRoleDetails {
+  id?: string;
+  name?: string;
+  description?: string;
+  scopeParamRequired?: boolean;
+  composite?: boolean;
+  // TODO Recheck this type
+  composites?: string;
+  clientRole?: boolean;
+  containerId?: string;
+  attributes?: {
+    [key: string]: string[];
+  };
+}
+
+export interface RoleArgs<T extends ProviderRoleDetails = KeycloakRoleRepresentation> extends BaseEntityArgs {
+  authProviderId?: string;
+  providerDetails?: T;
+}
+
+export default class Role<T extends ProviderRoleDetails = KeycloakRoleRepresentation> extends BaseEntity {
+  authProviderId?: string;
+  providerDetails?: T;
+
+  constructor({ id, created, modified, authProviderId, providerDetails }: RoleArgs<T>) {
+    super({ id, created, modified });
+
+    this.authProviderId = authProviderId;
+    this.providerDetails = providerDetails;
+  }
+}
diff --git a/src/model/security/RoleClassPermission.ts b/src/model/security/RoleClassPermission.ts
@@ -0,0 +1,16 @@
+import Role from '../Role';
+import ClassPermission, { ClassPermissionArgs } from './ClassPermission';
+
+export interface RoleClassPermissionArgs extends ClassPermissionArgs {
+  role: Role;
+}
+
+export default class RoleClassPermission extends ClassPermission {
+  role: Role;
+
+  constructor({ id, created, modified, className, permission, role }: RoleClassPermissionArgs) {
+    super({ id, created, modified, className, permission });
+
+    this.role = role;
+  }
+}
diff --git a/src/model/security/RoleInstancePermission.ts b/src/model/security/RoleInstancePermission.ts
@@ -0,0 +1,16 @@
+import Role from '../Role';
+import InstancePermission, { InstancePermissionArgs } from './InstancePermission';
+
+export interface RoleInstancePermissionArgs extends InstancePermissionArgs {
+  role: Role;
+}
+
+export default class RoleInstancePermission extends InstancePermission {
+  role: Role;
+
+  constructor({ id, created, modified, entityId, permission, role }: RoleInstancePermissionArgs) {
+    super({ id, created, modified, entityId, permission });
+
+    this.role = role;
+  }
+}
diff --git a/src/service/PermissionService/index.ts b/src/service/PermissionService/index.ts
@@ -1,6 +1,8 @@
 import PermissionCollectionType from '../../model/enum/PermissionCollectionType';
 import GroupClassPermission from '../../model/security/GroupClassPermission';
 import GroupInstancePermission from '../../model/security/GroupInstancePermission';
+import RoleClassPermission from '../../model/security/RoleClassPermission';
+import RoleInstancePermission from '../../model/security/RoleInstancePermission';
 import UserClassPermission from '../../model/security/UserClassPermission';
 import UserInstancePermission from '../../model/security/UserInstancePermission';
 import { getBearerTokenHeader } from '../../security/getBearerTokenHeader';
@@ -55,6 +57,26 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async getRoleInstancePermissions(id: string | number, fetchOpts?: RequestInit): Promise<RoleInstancePermission[]> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/instance/role`, {
+        method: 'GET',
+        headers: {
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+
+      return await response.json();
+    } catch (error) {
+      throw new Error(`Error while requesting the role instance permissions: ${error}`);
+    }
+  }
+
   async getUserClassPermissions(id: string | number, fetchOpts?: RequestInit): Promise<UserClassPermission[]> {
     try {
       const response = await fetch(`${this.basePath}/${id}/permissions/class/user`, {
@@ -95,6 +117,26 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async getRoleClassPermissions(id: string | number, fetchOpts?: RequestInit): Promise<RoleClassPermission[]> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/class/role`, {
+        method: 'GET',
+        headers: {
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+
+      return await response.json();
+    } catch (error) {
+      throw new Error(`Error while requesting the role class permissions: ${error}`);
+    }
+  }
+
   async getUserInstancePermission(id: string | number, userId: string | number, fetchOpts?: RequestInit):
     Promise<UserInstancePermission> {
     try {
@@ -137,8 +179,29 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async getRoleInstancePermission(id: string | number, roleId: string | number, fetchOpts?: RequestInit):
+    Promise<RoleInstancePermission> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/instance/role/${roleId}`, {
+        method: 'GET',
+        headers: {
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+
+      return await response.json();
+    } catch (error) {
+      throw new Error(`Error while requesting the role instance permission: ${error}`);
+    }
+  }
+
   async getUserClassPermission(id: string | number, userId: string | number, fetchOpts?: RequestInit):
-    Promise<UserInstancePermission> {
+    Promise<UserClassPermission> {
     try {
       const response = await fetch(`${this.basePath}/${id}/permissions/class/user/${userId}`, {
         method: 'GET',
@@ -159,7 +222,7 @@ export class PermissionService extends GenericService {
   }
 
   async getGroupClassPermission(id: string | number, groupId: string | number, fetchOpts?: RequestInit):
-    Promise<UserInstancePermission> {
+    Promise<UserClassPermission> {
     try {
       const response = await fetch(`${this.basePath}/${id}/permissions/class/group/${groupId}`, {
         method: 'GET',
@@ -179,6 +242,27 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async getRoleClassPermission(id: string | number, roleId: string | number, fetchOpts?: RequestInit):
+    Promise<RoleClassPermission> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/class/role/${roleId}`, {
+        method: 'GET',
+        headers: {
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+
+      return await response.json();
+    } catch (error) {
+      throw new Error(`Error while requesting the role class permission: ${error}`);
+    }
+  }
+
   async setUserInstancePermission(id: string | number, userId: string | number,
     permissionType: PermissionCollectionType, fetchOpts?: RequestInit): Promise<void> {
     try {
@@ -227,6 +311,30 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async setRoleInstancePermission(id: string | number, roleId: string | number,
+    permissionType: PermissionCollectionType, fetchOpts?: RequestInit): Promise<void> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/instance/role/${roleId}`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          ...getCsrfTokenHeader(),
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        body: JSON.stringify({
+          permission: permissionType
+        }),
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+    } catch (error) {
+      throw new Error(`Error while adding the role instance permission: ${error}`);
+    }
+  }
+
   async setUserClassPermission(id: string | number, userId: string | number,
     permissionType: PermissionCollectionType, fetchOpts?: RequestInit): Promise<void> {
     try {
@@ -275,6 +383,30 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async setRoleClassPermission(id: string | number, roleId: string | number,
+    permissionType: PermissionCollectionType, fetchOpts?: RequestInit): Promise<void> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/class/role/${roleId}`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          ...getCsrfTokenHeader(),
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        body: JSON.stringify({
+          permission: permissionType
+        }),
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+    } catch (error) {
+      throw new Error(`Error while adding the role class permission: ${error}`);
+    }
+  }
+
   async deleteUserInstancePermission(id: string | number, userId: string | number,
     fetchOpts?: RequestInit): Promise<void> {
     try {
@@ -315,6 +447,26 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async deleteRoleInstancePermission(id: string | number, roleId: string | number,
+    fetchOpts?: RequestInit): Promise<void> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/instance/role/${roleId}`, {
+        method: 'DELETE',
+        headers: {
+          ...getCsrfTokenHeader(),
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+    } catch (error) {
+      throw new Error(`Error while removing the role instance permission: ${error}`);
+    }
+  }
+
   async deleteUserClassPermission(id: string | number, userId: string | number,
     fetchOpts?: RequestInit): Promise<void> {
     try {
@@ -355,6 +507,26 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async deleteRoleClassPermission(id: string | number, roleId: string | number,
+    fetchOpts?: RequestInit): Promise<void> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/class/role/${roleId}`, {
+        method: 'DELETE',
+        headers: {
+          ...getCsrfTokenHeader(),
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+    } catch (error) {
+      throw new Error(`Error while removing the role class permission: ${error}`);
+    }
+  }
+
   async deleteUserInstancePermissions(id: string | number, fetchOpts?: RequestInit): Promise<void> {
     try {
       const response = await fetch(`${this.basePath}/${id}/permissions/instance/user`, {
@@ -393,6 +565,25 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async deleteRoleInstancePermissions(id: string | number, fetchOpts?: RequestInit): Promise<void> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/instance/role`, {
+        method: 'DELETE',
+        headers: {
+          ...getCsrfTokenHeader(),
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+    } catch (error) {
+      throw new Error(`Error while removing all role instance permissions: ${error}`);
+    }
+  }
+
   async deleteUserClassPermissions(id: string | number, fetchOpts?: RequestInit): Promise<void> {
     try {
       const response = await fetch(`${this.basePath}/${id}/permissions/class/user`, {
@@ -431,6 +622,25 @@ export class PermissionService extends GenericService {
     }
   }
 
+  async deleteRoleClassPermissions(id: string | number, fetchOpts?: RequestInit): Promise<void> {
+    try {
+      const response = await fetch(`${this.basePath}/${id}/permissions/class/role`, {
+        method: 'DELETE',
+        headers: {
+          ...getCsrfTokenHeader(),
+          ...getBearerTokenHeader(this.keycloak)
+        },
+        ...fetchOpts
+      });
+
+      if (!response.ok) {
+        throw new Error(`HTTP error status: ${response.status}`);
+      }
+    } catch (error) {
+      throw new Error(`Error while removing all role class permissions: ${error}`);
+    }
+  }
+
 }
 
 export default PermissionService;