From 165791b1d7554b83fbb41fc62fb829930cec83ce Mon Sep 17 00:00:00 2001
From: vramik <vramik@redhat.com>
Date: Wed, 2 Feb 2022 13:22:11 +0100
Subject: [PATCH] Client Scopes: Ensure that parent's version ID is incremented
 when an attribute changes

Closes #9874
---
 .../keycloak/models/map/storage/jpa/JpaChildEntity.java  | 4 +++-
 .../jpa/client/entity/JpaClientAttributeEntity.java      | 3 +--
 .../entity/JpaClientScopeAttributeEntity.java            | 9 +++++++--
 .../jpa/clientscope/entity/JpaClientScopeEntity.java     | 3 ---
 .../storage/jpa/role/entity/JpaRoleAttributeEntity.java  | 4 +---
 5 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaChildEntity.java b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaChildEntity.java
index e18f45f0eb..24e8898528 100644
--- a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaChildEntity.java
+++ b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaChildEntity.java
@@ -16,10 +16,12 @@
  */
 package org.keycloak.models.map.storage.jpa;
 
+import java.io.Serializable;
+
 /**
  * Interface for all child entities for JPA map storage.
  */
-public interface JpaChildEntity<R> {
+public interface JpaChildEntity<R> extends Serializable {
 
     /**
      * Parent entity that should get its optimistic locking version updated upon changes in the child
diff --git a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/client/entity/JpaClientAttributeEntity.java b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/client/entity/JpaClientAttributeEntity.java
index 2c36ab6e26..e6b59921ab 100644
--- a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/client/entity/JpaClientAttributeEntity.java
+++ b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/client/entity/JpaClientAttributeEntity.java
@@ -16,7 +16,6 @@
  */
 package org.keycloak.models.map.storage.jpa.client.entity;
 
-import java.io.Serializable;
 import java.util.Objects;
 import java.util.UUID;
 import javax.persistence.Column;
@@ -32,7 +31,7 @@ import org.keycloak.models.map.storage.jpa.JpaChildEntity;
 
 @Entity
 @Table(name = "client_attribute")
-public class JpaClientAttributeEntity implements JpaChildEntity<JpaClientEntity>, Serializable {
+public class JpaClientAttributeEntity implements JpaChildEntity<JpaClientEntity> {
 
     @Id
     @Column
diff --git a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeAttributeEntity.java b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeAttributeEntity.java
index 9686b038ff..2c60f9920b 100644
--- a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeAttributeEntity.java
+++ b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeAttributeEntity.java
@@ -16,7 +16,6 @@
  */
 package org.keycloak.models.map.storage.jpa.clientscope.entity;
 
-import java.io.Serializable;
 import java.util.Objects;
 import java.util.UUID;
 import javax.persistence.Column;
@@ -28,10 +27,11 @@ import javax.persistence.JoinColumn;
 import javax.persistence.ManyToOne;
 import javax.persistence.Table;
 import org.hibernate.annotations.Nationalized;
+import org.keycloak.models.map.storage.jpa.JpaChildEntity;
 
 @Entity
 @Table(name = "client_scope_attribute")
-public class JpaClientScopeAttributeEntity implements Serializable {
+public class JpaClientScopeAttributeEntity implements JpaChildEntity<JpaClientScopeEntity> {
 
     @Id
     @Column
@@ -100,4 +100,9 @@ public class JpaClientScopeAttributeEntity implements Serializable {
                Objects.equals(getName(), that.getName()) &&
                Objects.equals(getValue(), that.getValue());
     }
+
+    @Override
+    public JpaClientScopeEntity getParent() {
+        return getClientScope();
+    }
 }
diff --git a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeEntity.java b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeEntity.java
index a4a7204d19..9819845f39 100644
--- a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeEntity.java
+++ b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/clientscope/entity/JpaClientScopeEntity.java
@@ -230,7 +230,6 @@ public class JpaClientScopeEntity extends AbstractClientScopeEntity implements J
             JpaClientScopeAttributeEntity attr = iterator.next();
             if (Objects.equals(attr.getName(), name)) {
                 iterator.remove();
-                attr.setClientScope(null);
             }
         }
     }
@@ -268,9 +267,7 @@ public class JpaClientScopeEntity extends AbstractClientScopeEntity implements J
     public void setAttributes(Map<String, List<String>> attributes) {
         checkEntityVersionForUpdate();
         for (Iterator<JpaClientScopeAttributeEntity> iterator = this.attributes.iterator(); iterator.hasNext();) {
-            JpaClientScopeAttributeEntity attr = iterator.next();
             iterator.remove();
-            attr.setClientScope(null);
         }
         if (attributes != null) {
             for (Map.Entry<String, List<String>> attrEntry : attributes.entrySet()) {
diff --git a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/role/entity/JpaRoleAttributeEntity.java b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/role/entity/JpaRoleAttributeEntity.java
index efe24957ba..bbc9eb2f35 100644
--- a/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/role/entity/JpaRoleAttributeEntity.java
+++ b/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/role/entity/JpaRoleAttributeEntity.java
@@ -16,7 +16,6 @@
  */
 package org.keycloak.models.map.storage.jpa.role.entity;
 
-import java.io.Serializable;
 import java.util.Objects;
 import java.util.UUID;
 import javax.persistence.Column;
@@ -29,11 +28,10 @@ import javax.persistence.ManyToOne;
 import javax.persistence.Table;
 import org.hibernate.annotations.Nationalized;
 import org.keycloak.models.map.storage.jpa.JpaChildEntity;
-import org.keycloak.models.map.storage.jpa.client.entity.JpaClientEntity;
 
 @Entity
 @Table(name = "role_attribute")
-public class JpaRoleAttributeEntity implements JpaChildEntity<JpaRoleEntity>, Serializable {
+public class JpaRoleAttributeEntity implements JpaChildEntity<JpaRoleEntity> {
 
     @Id
     @Column