libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Fixing tests and more client policy tests

Browse source
This commit is contained in:
Pedro Igor 2017-06-05 11:26:33 -03:00
parent 3760f2753b
commit 23887f4031
6 changed files with 48 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/client/ClientPolicyProviderFactory.java
View file

@ -3,10 +3,12 @@ package org.keycloak.authorization.policy.provider.client;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import org.keycloak.Config; import org.keycloak.Config;
import org.keycloak.authorization.AuthorizationProvider; import org.keycloak.authorization.AuthorizationProvider;
@ -71,6 +73,21 @@ public class ClientPolicyProviderFactory implements PolicyProviderFactory<Client
updateClients(policy, new HashSet<>(Arrays.asList(getClients(policy))), authorization); updateClients(policy, new HashSet<>(Arrays.asList(getClients(policy))), authorization);
} }
@Override
public void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorizationProvider) {
ClientPolicyRepresentation userRep = toRepresentation(policy, new ClientPolicyRepresentation());
Map<String, String> config = new HashMap<>();
try {
RealmModel realm = authorizationProvider.getRealm();
config.put("clients", JsonSerialization.writeValueAsString(userRep.getClients().stream().map(id -> realm.getClientById(id).getClientId()).collect(Collectors.toList())));
} catch (IOException cause) {
throw new RuntimeException("Failed to export user policy [" + policy.getName() + "]", cause);
}
representation.setConfig(config);
}
@Override @Override
public PolicyProvider create(KeycloakSession session) { public PolicyProvider create(KeycloakSession session) {
return null; return null;
@ -129,7 +146,7 @@ public class ClientPolicyProviderFactory implements PolicyProviderFactory<Client
} }
private void updateClients(Policy policy, Set<String> clients, AuthorizationProvider authorization) { private void updateClients(Policy policy, Set<String> clients, AuthorizationProvider authorization) {
RealmModel realm = authorization.getKeycloakSession().getContext().getRealm(); RealmModel realm = authorization.getRealm();
if (clients == null || clients.isEmpty()) { if (clients == null || clients.isEmpty()) {
throw new RuntimeException("No client provided."); throw new RuntimeException("No client provided.");

6
server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
View file

@ -799,6 +799,10 @@ public class ModelToRepresentation {
} }
public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, Class<R> representationType, AuthorizationProvider authorization) { public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, Class<R> representationType, AuthorizationProvider authorization) {
return toRepresentation(policy, representationType, authorization, false);
}
public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, Class<R> representationType, AuthorizationProvider authorization, boolean export) {
R representation; R representation;
try { try {
@ -817,7 +821,7 @@ public class ModelToRepresentation {
representation.setLogic(policy.getLogic()); representation.setLogic(policy.getLogic());
if (representation instanceof PolicyRepresentation) { if (representation instanceof PolicyRepresentation) {
if (providerFactory != null) { if (providerFactory != null && export) {
providerFactory.onExport(policy, PolicyRepresentation.class.cast(representation), authorization); providerFactory.onExport(policy, PolicyRepresentation.class.cast(representation), authorization);
} else { } else {
PolicyRepresentation.class.cast(representation).setConfig(policy.getConfig()); PolicyRepresentation.class.cast(representation).setConfig(policy.getConfig());

5
services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
View file

@ -358,11 +358,8 @@ public class ExportUtils {
} }
private static PolicyRepresentation createPolicyRepresentation(AuthorizationProvider authorizationProvider, Policy policy) { private static PolicyRepresentation createPolicyRepresentation(AuthorizationProvider authorizationProvider, Policy policy) {
KeycloakSession session = authorizationProvider.getKeycloakSession();
RealmModel realm = authorizationProvider.getRealm();
try { try {
PolicyRepresentation rep = toRepresentation(policy, PolicyRepresentation.class, authorizationProvider); PolicyRepresentation rep = toRepresentation(policy, PolicyRepresentation.class, authorizationProvider, true);
rep.setId(null); rep.setId(null);

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java
View file

@ -627,11 +627,12 @@ public class ExportImportUtil {
assertPredicate(scopes, scopePredicates); assertPredicate(scopes, scopePredicates);
List<PolicyRepresentation> policies = authzResource.policies().policies(); List<PolicyRepresentation> policies = authzResource.policies().policies();
Assert.assertEquals(12, policies.size()); Assert.assertEquals(13, policies.size());
List<Predicate<PolicyRepresentation>> policyPredicates = new ArrayList<>(); List<Predicate<PolicyRepresentation>> policyPredicates = new ArrayList<>();
policyPredicates.add(policyRepresentation -> "Any Admin Policy".equals(policyRepresentation.getName())); policyPredicates.add(policyRepresentation -> "Any Admin Policy".equals(policyRepresentation.getName()));
policyPredicates.add(policyRepresentation -> "Any User Policy".equals(policyRepresentation.getName())); policyPredicates.add(policyRepresentation -> "Any User Policy".equals(policyRepresentation.getName()));
policyPredicates.add(representation -> "Client and Realm Role Policy".equals(representation.getName()) && representation.getConfig().get("roles").contains("\"id\":\"realm-management/impersonation\"")); policyPredicates.add(representation -> "Client and Realm Role Policy".equals(representation.getName()));
policyPredicates.add(representation -> "Client Test Policy".equals(representation.getName()));
policyPredicates.add(policyRepresentation -> "Only Premium User Policy".equals(policyRepresentation.getName())); policyPredicates.add(policyRepresentation -> "Only Premium User Policy".equals(policyRepresentation.getName()));
policyPredicates.add(policyRepresentation -> "wburke policy".equals(policyRepresentation.getName())); policyPredicates.add(policyRepresentation -> "wburke policy".equals(policyRepresentation.getName()));
policyPredicates.add(policyRepresentation -> "All Users Policy".equals(policyRepresentation.getName())); policyPredicates.add(policyRepresentation -> "All Users Policy".equals(policyRepresentation.getName()));

9
testsuite/integration-arquillian/tests/base/src/test/resources/model/testrealm.json
View file

@ -289,6 +289,15 @@
"roles": "[{\"id\":\"realm-management/impersonation\",\"required\":false},{\"id\":\"realm-management/manage-authorization\",\"required\":true},{\"id\":\"user\",\"required\":false}]" "roles": "[{\"id\":\"realm-management/impersonation\",\"required\":false},{\"id\":\"realm-management/manage-authorization\",\"required\":true},{\"id\":\"user\",\"required\":false}]"
} }
}, },
{
"name": "Client Test Policy",
"type": "client",
"logic": "POSITIVE",
"decisionStrategy": "UNANIMOUS",
"config": {
"clients": "[\"broker\",\"admin-cli\"]"
}
},
{ {
"name": "Only Premium User Policy", "name": "Only Premium User Policy",
"description": "Defines that only premium users can do something", "description": "Defines that only premium users can do something",

20
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/ResourcesTable.java
View file

@ -66,14 +66,18 @@ public class ResourcesTable extends DataTable {
public ResourceRepresentation toRepresentation(WebElement row) { public ResourceRepresentation toRepresentation(WebElement row) {
ResourceRepresentation representation = null; ResourceRepresentation representation = null;
List<WebElement> tds = row.findElements(tagName("td")); List<WebElement> tds = row.findElements(tagName("td"));
if (!(tds.isEmpty() || tds.get(0).getText().isEmpty())) { try {
representation = new ResourceRepresentation(); if (!(tds.isEmpty() || tds.get(0).getText().isEmpty())) {
representation.setName(tds.get(0).getText()); representation = new ResourceRepresentation();
representation.setType(tds.get(1).getText()); representation.setName(tds.get(0).getText());
representation.setUri(tds.get(2).getText()); representation.setType(tds.get(1).getText());
ResourceOwnerRepresentation owner = new ResourceOwnerRepresentation(); representation.setUri(tds.get(2).getText());
owner.setName(tds.get(3).getText()); ResourceOwnerRepresentation owner = new ResourceOwnerRepresentation();
representation.setOwner(owner); owner.setName(tds.get(3).getText());
representation.setOwner(owner);
}
} catch (IndexOutOfBoundsException cause) {
// is empty
} }
return representation; return representation;
} }