libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Fix errors when importing realms with the organization feature enabled

Browse source 
Closes #29630

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
This commit is contained in:
Stefan Guilhen 2024-05-16 18:30:03 -03:00 committed by Pedro Igor
parent 74a80997c7
commit 1aab371912
3 changed files with 38 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
model/storage-services/src/main/java/org/keycloak/exportimport/dir/DirImportProvider.java
View file

@ -157,6 +157,7 @@ public class DirImportProvider extends AbstractFileBasedImportProvider {
KeycloakModelUtils.runJobInTransaction(factory, new ExportImportSessionTask() { KeycloakModelUtils.runJobInTransaction(factory, new ExportImportSessionTask() {
@Override @Override
protected void runExportImportTask(KeycloakSession session) throws IOException { protected void runExportImportTask(KeycloakSession session) throws IOException {
session.getContext().setRealm(session.realms().getRealmByName(realmName));
ImportUtils.importUsersFromStream(session, realmName, JsonSerialization.mapper, fis); ImportUtils.importUsersFromStream(session, realmName, JsonSerialization.mapper, fis);
logger.infof("Imported users from %s", userFile.getAbsolutePath()); logger.infof("Imported users from %s", userFile.getAbsolutePath());
} }
@ -168,6 +169,7 @@ public class DirImportProvider extends AbstractFileBasedImportProvider {
KeycloakModelUtils.runJobInTransaction(factory, new ExportImportSessionTask() { KeycloakModelUtils.runJobInTransaction(factory, new ExportImportSessionTask() {
@Override @Override
protected void runExportImportTask(KeycloakSession session) throws IOException { protected void runExportImportTask(KeycloakSession session) throws IOException {
session.getContext().setRealm(session.realms().getRealmByName(realmName));
ImportUtils.importFederatedUsersFromStream(session, realmName, JsonSerialization.mapper, fis); ImportUtils.importFederatedUsersFromStream(session, realmName, JsonSerialization.mapper, fis);
logger.infof("Imported federated users from %s", userFile.getAbsolutePath()); logger.infof("Imported federated users from %s", userFile.getAbsolutePath());
} }
@ -182,6 +184,7 @@ public class DirImportProvider extends AbstractFileBasedImportProvider {
@Override @Override
public void runExportImportTask(KeycloakSession session) { public void runExportImportTask(KeycloakSession session) {
session.getContext().setRealm(session.realms().getRealmByName(realmName));
RealmManager realmManager = new RealmManager(session); RealmManager realmManager = new RealmManager(session);
realmManager.setupClientServiceAccountsAndAuthorizationOnImport(realmRep, false); realmManager.setupClientServiceAccountsAndAuthorizationOnImport(realmRep, false);
} }

2
model/storage-services/src/main/java/org/keycloak/exportimport/util/ImportUtils.java
View file

@ -93,6 +93,7 @@ public class ImportUtils {
RealmModel realm = model.getRealmByName(realmName); RealmModel realm = model.getRealmByName(realmName);
if (realm != null) { if (realm != null) {
session.getContext().setRealm(realm);
if (strategy == Strategy.IGNORE_EXISTING) { if (strategy == Strategy.IGNORE_EXISTING) {
logger.infof("Realm '%s' already exists. Import skipped", realmName); logger.infof("Realm '%s' already exists. Import skipped", realmName);
return false; return false;
@ -105,6 +106,7 @@ public class ImportUtils {
// TODO: For migration between versions, it should be possible to delete just realm but keep it's users // TODO: For migration between versions, it should be possible to delete just realm but keep it's users
model.removeRealm(realm.getId()); model.removeRealm(realm.getId());
} }
session.getContext().setRealm(null);
} }
RealmManager realmManager = new RealmManager(session); RealmManager realmManager = new RealmManager(session);

33
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/organization/admin/OrganizationEnabledExportImportTest.java Normal file
View file

@ -0,0 +1,33 @@
/*
* Copyright 2024 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.testsuite.organization.admin;
import org.keycloak.common.Profile;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.exportimport.ExportImportTest;
/**
* Tests the export/import functionality with the organization feature enabled.
*
* NOTE: When export/import of organizations is implemented and the organization feature is supported, we should either enhance
* this class or the existing ExportImportTest to check org-specific settings.
*
* @author <a href="mailto:sguilhen@redhat.com">Stefan Guilhen</a>
*/
@EnableFeature(Profile.Feature.ORGANIZATION)
public class OrganizationEnabledExportImportTest extends ExportImportTest {
}