I know keycloak has exposed below api,
<dependency>
<groupId>org.keycloak</groupId>
<artifactId>keycloak-services</artifactId>
<version>2.0.0.Final</version>
</dependency>
With complete documentation here. I cannot find the required api here to fetch all users with specific role mapped to them.
Problem Statement - I need to pick all users from keycloak server who have a specific role. I need to send email to all users with role mapped to them.
Based on the documentation it appears to be this API:
GET /{realm}/clients/{id}/roles/{role-name}/users
It is there for a while. In this older version however it was not possible to get more than 100 users this way. It was fixed later and pagination possibility was added.
There is an outstanding feature request asking for this function via the API.
In the meantime if your requirement is once-off you could obtain the user names (or email addresses) by interrogating the database joining KEYCLOAK_ROLE to USER_ROLE_MAPPING to USER_ENTITY
Something like:
SELECT username
FROM keycloak_role kr
JOIN user_role_mapping rm ON kr.id = rm.role_id
JOIN user_entity ue ON rm.user_id = ue.id
WHERE kr.name = 'your_role_name';
This should be now possible with the updated rest endpoint.
Set<UserRepresentation> usersOfRole = realmResource.roles().get(roleName).getRoleUserMembers();
Here is another interesting query, which would also display other useful fields.
SELECT kr_role.REALM_ID 'Realm', cl.CLIENT_ID 'Realm Client',
kr_role.NAME 'Role Name',
kr_role.DESCRIPTION 'Role Description',
user_ent.USERNAME 'Domain ID', user_ent.EMAIL 'Email'
FROM keycloak_role kr_role, user_role_mapping role_map,
user_entity user_ent, client cl
WHERE role_map.USER_ID = user_ent.ID
AND kr_role.ID = role_map.ROLE_ID
AND kr_role.CLIENT = cl.ID
AND cl.REALM_ID = '<realm_name>'
AND cl.CLIENT_ID = '<client_name>'
ORDER BY 1, 2, 3;
If anyone is still searching for a Postgres Query to find information regarding users/roles/groups in keycloak database, I came up with this one lately.
It uses two CTEs to have the groups and roles straight (recursing for groups in groups, because they can nest in arbitrary depth and fetching composite roles with their parents) and a simple UNION for group and direct assignments.
Please note the WHERE clause, where you can limit the realm and different aspects. You can search for
all roles from a specific user (just matching username)
all users, that have a particular role assigned (matching role_name)
everything coming from a specific group (I sometimes use it without the username column in the projection to just see, what roles a group has. Please note the prefix in the group column)
-- flat out GROUPS in GROUPS
WITH RECURSIVE groups AS (
SELECT
g.id,
g.id AS parent_group,
g.name,
g.name AS parent_name,
g.realm_id,
1 AS iter
FROM
keycloak_group g
UNION
SELECT
groups.id,
parents.parent_group,
groups.name,
parents.name,
groups.realm_id,
groups.iter + 1
FROM
groups
INNER JOIN keycloak_group parents ON groups.parent_group = parents.id
),
-- Collect roles and composite roles
roles AS (
SELECT
r.id,
r.name AS role_name,
null AS base_role,
c.client_id
FROM
keycloak_role r
LEFT JOIN client c ON r.client = c.id
UNION
SELECT
r.id,
r2.name,
r.name,
c.client_id
FROM
keycloak_role r
JOIN composite_role cr ON r.id = cr.composite
JOIN keycloak_role r2 ON r2.id = cr.child_role
LEFT JOIN client c ON r.client = c.id
)
SELECT DISTINCT
username,
role_name,
base_role, -- for composite roles
client_id,
source,
realm_name
FROM
(
-- Roles from Groups
SELECT
ue.username,
roles.role_name,
roles.base_role,
roles.client_id,
ue.realm_id,
'group ' || g.name AS source,
realm.name AS realm_name
FROM
user_entity ue
JOIN realm ON ue.realm_id = realm.id
JOIN user_group_membership ugm ON ue.id = ugm.user_id
JOIN groups g ON g.id = ugm.group_id
JOIN group_role_mapping grm ON g.parent_group = grm.group_id
JOIN roles roles ON roles.id = grm.role_id
UNION
-- direct role assignments on User
SELECT
ue.username,
roles.role_name,
roles.base_role,
roles.client_id,
ue.realm_id,
'direct',
realm.name
FROM
user_entity ue
JOIN realm ON ue.realm_id = realm.id
JOIN user_role_mapping urm ON ue.id = urm.user_id
JOIN roles roles ON roles.id = urm.role_id
) AS a
WHERE
realm_name = 'realm_name'
AND (
-- username = 'username'
role_name IN ('roleName')
-- source = 'group GROUPNAME'
)
ORDER BY
username,
role_name
;
This query works from keycloak 9 to 16.1.1 (the last jboss/keycloak version I got from docker hub).
SELECT username,
kr.NAME,
kr.REALM_ID
FROM KEYCLOAK_ROLE kr
JOIN USER_ROLE_MAPPING rm ON kr.id = rm.role_id
JOIN USER_ENTITY ue ON rm.user_id = ue.id
ORDER BY USERNAME,
NAME,
REALM_ID;
Related
We have an organization that can have more than one customer type basically. However, what a user wants to see is either the partner or direct type (customer type is either Direct, Partner1, Partner2, or Partner3 but can be direct plus a partner value but only can be one of the partner values). So if a customer is both (ex: Direct and Partner1) they just want the type that is a partner (ex: Partner1). So I tried splitting out partners only into one temp table from a few tables joining together different org data. I have the same query without any limit pulling into a different temp table. Then I calculate count and put that into a temp table. Then I tried gathering data from all the temp tables. That is where I run into trouble and lose some of the customers where the type is direct (I have a image link below for a directcustomer and a customer who is both). I have been out of SQL for a bit so this one is throwing me...I figure the issue is the fact that I have a case statement referencing a table that a direct customer will not exist in (#WLPO). However I am not sure how to achieve pulling in these customers while also only selecting which partner type it is for a customer that has a partner and is also direct. FYI using MSSMS for querying.
If OBJECT_ID('tempdb..#WLPO') IS NOT NULL
DROP TABLE #WLPO
IF OBJECT_ID('tempdb..#org') IS NOT NULL
DROP TABLE #org
IF OBJECT_ID('tempdb..#OrgCount') IS NOT NULL
DROP TABLE #OrgCount
IF OBJECT_ID('tempdb..#cc') IS NOT NULL
DROP TABLE #cc
Select
o.OrganizationID,
o.OrganizationName,
os.WhiteLabelPartnerID,
s.StateName
INTO #WLPO
from [Org].[Organizations] o
join [Org].[OrganizationStates] os on o.OrganizationID=os.OrganizationID --and os.WhiteLabelPartnerID = 1
join [Lookup].[States] s on os.StateID = s.StateID
join [Org].[PaymentOnFile] pof on pof.OrganizationID=o.OrganizationID
where os.WhiteLabelPartnerID in (2,3,4)
and os.StateID in (1, 2, 3)
and o.OrganizationID = 7613
select * from #WLPO
Select
o.OrganizationID,
o.OrganizationName,
os.WhiteLabelPartnerID,
s.StateName
INTO #org
from [Org].[Organizations] o
join [Org].[OrganizationStates] os on o.OrganizationID=os.OrganizationID --and os.WhiteLabelPartnerID = 1
join [Lookup].[States] s on os.StateID = s.StateID
join [Org].[PaymentOnFile] pof on pof.OrganizationID=o.OrganizationID
where 1=1--os.WhiteLabelPartnerID = 1
and os.StateID in (1, 2, 3)
and o.OrganizationID = 7613
select * from #org
Select
OrganizationID,
count(OrganizationID) AS CountOrgTypes
INTO #OrgCount
from #org
where OrganizationID = 7613
group by OrganizationID
select * from #OrgCount
Select distinct
ct.OrganizationID,
ok.OrganizationName,
ct.CountOrgTypes,
case when ct.CountOrgTypes = 2 then wlp.WhiteLabelPartnerID
when ct.CountOrgTypes = 1 then ok.WhiteLabelPartnerID
END AS CustomerTypeCode,
case when ct.CountOrgTypes = 2 then wlp.StateName
when ct.CountOrgTypes = 1 then ok.StateName END As OrgState
INTO #cc
from #org ok
left join #WLPO wlp on wlp.OrganizationID=ok.OrganizationID
join #OrgCount ct on wlp.OrganizationID=ct.OrganizationID
select * from #cc
Select
OrganizationID,
OrganizationName,
CountOrgTypes,
case when CustomerTypeCode = 1 then 'Direct'
when CustomerTypeCode = 2 then 'Partner1'
when CustomerTypeCode = 3 then 'Partner2'
when CustomerTypeCode = 4 then 'Partner3' ELSE Null END AS CustomerType,
OrgState
from #cc
order by OrganizationName asc
DirectCustomer
CustomerwithBoth
I am using moodle2.4.6. I want a list of user with their groups and their courses.
You will need to do an SQL query to get this information.
Assuming you are using the default 'mdl_' prefix for tables, you will need to join together the following tables:
mdl_user - the details of the users
mdl_user_enrolments - (user_enrolments.userid = user.id) which course enrolments the user
has
mdl_enrol - (enrol.id = user_enrolments.enrolid) details of which
enrolment instances these are
mdl_course - (course.id = enrol.courseid) details of the courses these users are enroled in
mdl_groups_members - (groups_members.userid = user.id) details of the
groups these users are in
mdl_groups - (groups.id =
groups_members.groupid AND groups.courseid = course.id) name and
description of the groups the user is in (for each course)
Please comment if you need help turning that pseudo code into actual SQL, or if you need help with the Moodle database access API ( http://docs.moodle.org/dev/Data_manipulation_API )
SELECT
mdl_user.username,
mdl_user.firstname,
mdl_user.lastname,
mdl_course.fullname,
mdl_course.idnumber,
mdl_groups_members.groupid,
mdl_groups.name
FROM (mdl_groups_members
INNER JOIN ((mdl_course
INNER JOIN (mdl_user_enrolments
INNER JOIN mdl_enrol ON mdl_user_enrolments.enrolid = mdl_enrol.id)
ON mdl_course.id = mdl_enrol.courseid) INNER JOIN mdl_user ON mdl_user_enrolments.userid = mdl_user.id)
ON mdl_groups_members.userid = mdl_user.id) INNER JOIN mdl_groups
ON (mdl_groups.courseid = mdl_course.id) AND (mdl_groups_members.groupid = mdl_groups.id)
WHERE (((mdl_user.username) = "102993") AND ((mdl_course.category) = "36"))
I Have here firebird query and I dont think if this is correct.
SELECT
COUNT(STATUS) FROM(SELECT STATUS FROM T_TABLE2 WHERE STATUS = 'FAIL') AS FAIL,
DEVICENAME,
SITE_NUM,
COUNT(TEST_NUM)
FROM T_TABLE2 A
INNER JOIN T_TABLE1 B
ON A.TBL1_ID = B.ID
WHERE B.DEVICENAME = 'TANM1A009A_P28'
AND A.TEST_NUM = 'T810'
GROUP BY
DEVICENAME,
TESTER,
SITE_NUM
I want to count the row of TEST_NUM even if it has FAIL value and I also want to count the STATUS that has FAIL value.
Thanks
I really do not know FireBird but from MSSQL point of view why don'y you try this??
SELECT
COUNT(A.STATUS) as 'FAIL',
B.DEVICENAME,
(TableofYourSitenum)SITE_NUM, -- i do no know what table this from
(TableofYourTestnum)COUNT(TEST_NUM) as 'TESTNUM COUNT' --and this also you need to put the table name,
FROM T_TABLE2 A
INNER JOIN T_TABLE1 B
ON A.TBL1_ID = B.ID
WHERE B.DEVICENAME = 'TANM1A009A_P28'
AND A.TEST_NUM = 'T810'
GROUP BY
A.STATUS,
(TableofYourTestnum)TESTNUM
I using SugarCRM and when i exports prospects I can get all the fields, including the custom filed I added. but when i try to download the prospects from prospect list then only a few fields are exporting from the database. I need to get all the fields like the prospect download
I understand that Prospect_list.php file contains the code for exporting this one and I changed this one but database failure happening please help me to do this one.
$prospects_query = "SELECT p.id AS id, 'Prospects' AS related_type, '' AS \"name\", p.first_name AS first_name, p.last_name AS last_name,p.title AS title, p.salutation AS salutation,
p.primary_address_street AS primary_address_street,p.primary_address_city AS primary_address_city, p.primary_address_state AS primary_address_state, p.primary_address_postalcode AS primary_address_postalcode, p.primary_address_country AS primary_address_country,
p.account_name AS account_name,
ea.email_address AS email_address, ea.invalid_email AS invalid_email, ea.opt_out AS opt_out, ea.deleted AS ea_deleted, ear.deleted AS ear_deleted, ear.primary_address AS primary_address,
p.do_not_call AS do_not_call, p.phone_fax AS phone_fax, p.phone_other AS phone_other, p.phone_home AS phone_home, p.phone_mobile AS phone_mobile, p.phone_work AS phone_work , p.description As Description
FROM prospect_lists_prospects plp
INNER JOIN prospects p ON plp.related_id=p.id
LEFT JOIN email_addr_bean_rel ear ON ear.bean_id=p.id AND ear.deleted=0
LEFT JOIN email_addresses ea ON ear.email_address_id=ea.id
WHERE plp.prospect_list_id = $record_id AND plp.deleted=0
AND p.deleted=0
AND (ear.deleted=0 OR ear.deleted IS NULL)";
here the sugar team specified the fields to export but i need to get all the fields in the table[prospects] how to do this one.
Trying changing the query to this...
$prospects_query = "SELECT p.id AS id, 'Prospects' AS related_type, '' AS 'name', p.first_name AS first_name, p.last_name AS last_name,p.title AS title, p.salutation AS salutation,
p.primary_address_street AS primary_address_street,p.primary_address_city AS primary_address_city, p.primary_address_state AS primary_address_state, p.primary_address_postalcode AS primary_address_postalcode, p.primary_address_country AS primary_address_country,
p.account_name AS account_name,
ea.email_address AS email_address, ea.invalid_email AS invalid_email, ea.opt_out AS opt_out, ea.deleted AS ea_deleted, ear.deleted AS ear_deleted, ear.primary_address AS primary_address,
p.do_not_call AS do_not_call, p.phone_fax AS phone_fax, p.phone_other AS phone_other, p.phone_home AS phone_home, p.phone_mobile AS phone_mobile, p.phone_work AS phone_work , p.description As Description
FROM prospect_lists_prospects plp
INNER JOIN prospects p ON plp.related_id=p.id
LEFT JOIN email_addr_bean_rel ear ON ear.bean_id=p.id AND ear.deleted=0
LEFT JOIN email_addresses ea ON ear.email_address_id=ea.id
WHERE plp.prospect_list_id = '$record_id' AND plp.deleted=0
AND p.deleted=0
AND (ear.deleted=0 OR ear.deleted IS NULL)";
So I have this section of my proc:
SELECT
com_contact.rc_name_full as CreatedBy,
capComponent.cm_strike as CapStrike,
floorComponent.cm_strike as FloorStrike,
tq_nominal_notional as Notional,
maxComponent.cm_effective_dt as EffectiveDate,
maxComponent.cm_maturity_dt as MaturityDate,
CAST(CAST(DATEDIFF(mm,maxComponent.cm_effective_dt,maxComponent.cm_maturity_dt) as decimal(9,2))/12 as decimal(9,2)) as term,
(
CASE WHEN se_amort_term_mnth IS NOT NULL THEN se_amort_term_mnth / 12
ELSE CAST(CAST(DATEDIFF(mm,
ISNULL(cmam_amortization_start_dt, maxComponent.cm_effective_dt),
cmam_amortization_end_dt) as decimal(9,2))/12 as decimal(9,2))
END
) AS AmortTermYears,
tq_dd_product as Product,
dh_key_rate as KeyRate,
dh_pv01 as PV01,
dh_val_time_stamp as RateTimeStamp,
re_bnk_le.re_company_name as Company,
rc_contact_id as UserId,
stp_name as NickName,
'' as project,
'' as Borrower,
'' as Lender,
'' as AdditionalInfo,
CASE WHEN tpm_pd_permission_id = 85 THEN 'LLH' WHEN tpm_pd_permission_id = 86 THEN 'ALM' ELSE '' END as Permission,
tr_transaction_id as TransactionId,
NULL as IndicationId
FROM cfo_transaction
The line that says '' as project, we have to actually change to return data now.
The table that next to the FROM, called cfo_transaction has an id on it called tr_transaction_id. We have another table called com_project_transaction_link, that links those id's with project id's, using two two columns called:
pt_tr_transaction_id and pt_pj_project_id, and then we have a table containing all the projects called com_project that has a pj_project_id and a pj_project_name.
GOAL: return the pj_project_name from that projects table where it links with the transactions being pulled.
I really don't know how to do this.
Thanks!
Try this:
SELECT
com_contact.rc_name_full as CreatedBy,
capComponent.cm_strike as CapStrike,
floorComponent.cm_strike as FloorStrike,
tq_nominal_notional as Notional,
maxComponent.cm_effective_dt as EffectiveDate,
maxComponent.cm_maturity_dt as MaturityDate,
CAST(CAST(DATEDIFF(mm,maxComponent.cm_effective_dt,maxComponent.cm_maturity_dt) as decimal(9,2))/12 as decimal(9,2)) as term,
(
CASE WHEN se_amort_term_mnth IS NOT NULL THEN se_amort_term_mnth / 12
ELSE CAST(CAST(DATEDIFF(mm,
ISNULL(cmam_amortization_start_dt, maxComponent.cm_effective_dt),
cmam_amortization_end_dt) as decimal(9,2))/12 as decimal(9,2))
END
) AS AmortTermYears,
tq_dd_product as Product,
dh_key_rate as KeyRate,
dh_pv01 as PV01,
dh_val_time_stamp as RateTimeStamp,
re_bnk_le.re_company_name as Company,
rc_contact_id as UserId,
stp_name as NickName,
PR.pj_project_name as project,
'' as Borrower,
'' as Lender,
'' as AdditionalInfo,
CASE WHEN tpm_pd_permission_id = 85 THEN 'LLH' WHEN tpm_pd_permission_id = 86 THEN 'ALM' ELSE '' END as Permission,
tr_transaction_id as TransactionId,
NULL as IndicationId
FROM cfo_transaction TR
INNER JOIN com_project_transaction_link TL
ON TR.tr_transaction_id = TL.pt_tr_transaction_id
INNER JOIN com_project PR
ON TL.pt_pj_project_id = PR.pj_project_id
The query above assumes that every transaction and project is on the table that joins your tables of projects and transactions (thus the INNER JOIN), but yo can change those to LEFT JOIN if you want
You just add a second join to the other table to the query.
select
yourfields,
p.pj_project_name as project
FROM cfo_transaction t
join com_project_transaction_link tl
on t.tr_transaction_id = tl.pt_tr_transaction_id
join com_project p
on tl.pt_pj_project_id = p.pj_project_id
SELECT ..., cp.pj_project_name
FROM cfo_transaction ct
INNER JOIN com_project_transaction_link cptl
ON ct.tr_transaction_id = cptl.pt_tr_transaction_id
INNER JOIN com_project cp
ON cptl.pt_pj_project_id = cp.pj_project_id