Fixing tests and more client policy tests

2017-06-05 11:26:33 -03:00 · 2017-06-05 11:26:33 -03:00 · 23887f4031
commit 23887f4031
parent 3760f2753b
6 changed files with 48 additions and 16 deletions
--- a/authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/client/ClientPolicyProviderFactory.java
+++ b/authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/client/ClientPolicyProviderFactory.java
@ -3,10 +3,12 @@ package org.keycloak.authorization.policy.provider.client;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import java.util.stream.Collectors;

 import org.keycloak.Config;
 import org.keycloak.authorization.AuthorizationProvider;
@ -71,6 +73,21 @@ public class ClientPolicyProviderFactory implements PolicyProviderFactory<Client
        updateClients(policy, new HashSet<>(Arrays.asList(getClients(policy))), authorization);
    }

+    @Override
+    public void onExport(Policy policy, PolicyRepresentation representation, AuthorizationProvider authorizationProvider) {
+        ClientPolicyRepresentation userRep = toRepresentation(policy, new ClientPolicyRepresentation());
+        Map<String, String> config = new HashMap<>();
+
+        try {
+            RealmModel realm = authorizationProvider.getRealm();
+            config.put("clients", JsonSerialization.writeValueAsString(userRep.getClients().stream().map(id -> realm.getClientById(id).getClientId()).collect(Collectors.toList())));
+        } catch (IOException cause) {
+            throw new RuntimeException("Failed to export user policy [" + policy.getName() + "]", cause);
+        }
+
+        representation.setConfig(config);
+    }
+
    @Override
    public PolicyProvider create(KeycloakSession session) {
        return null;
@ -129,7 +146,7 @@ public class ClientPolicyProviderFactory implements PolicyProviderFactory<Client
    }

    private void updateClients(Policy policy, Set<String> clients, AuthorizationProvider authorization) {
-        RealmModel realm = authorization.getKeycloakSession().getContext().getRealm();
+        RealmModel realm = authorization.getRealm();

        if (clients == null || clients.isEmpty()) {
            throw new RuntimeException("No client provided.");
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@ -799,6 +799,10 @@ public class ModelToRepresentation {
    }

    public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, Class<R> representationType, AuthorizationProvider authorization) {
+        return toRepresentation(policy, representationType, authorization, false);
+    }
+
+    public static <R extends AbstractPolicyRepresentation> R toRepresentation(Policy policy, Class<R> representationType, AuthorizationProvider authorization, boolean export) {
        R representation;

        try {
@ -817,7 +821,7 @@ public class ModelToRepresentation {
        representation.setLogic(policy.getLogic());

        if (representation instanceof PolicyRepresentation) {
-            if (providerFactory != null) {
+            if (providerFactory != null && export) {
                providerFactory.onExport(policy, PolicyRepresentation.class.cast(representation), authorization);
            } else {
                PolicyRepresentation.class.cast(representation).setConfig(policy.getConfig());
--- a/services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
+++ b/services/src/main/java/org/keycloak/exportimport/util/ExportUtils.java
@ -358,11 +358,8 @@ public class ExportUtils {
    }

    private static PolicyRepresentation createPolicyRepresentation(AuthorizationProvider authorizationProvider, Policy policy) {
-        KeycloakSession session = authorizationProvider.getKeycloakSession();
-        RealmModel realm = authorizationProvider.getRealm();
-
        try {
-            PolicyRepresentation rep = toRepresentation(policy, PolicyRepresentation.class, authorizationProvider);
+            PolicyRepresentation rep = toRepresentation(policy, PolicyRepresentation.class, authorizationProvider, true);

            rep.setId(null);

--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java
@ -627,11 +627,12 @@ public class ExportImportUtil {
        assertPredicate(scopes, scopePredicates);

        List<PolicyRepresentation> policies = authzResource.policies().policies();
-        Assert.assertEquals(12, policies.size());
+        Assert.assertEquals(13, policies.size());
        List<Predicate<PolicyRepresentation>> policyPredicates = new ArrayList<>();
        policyPredicates.add(policyRepresentation -> "Any Admin Policy".equals(policyRepresentation.getName()));
        policyPredicates.add(policyRepresentation -> "Any User Policy".equals(policyRepresentation.getName()));
-        policyPredicates.add(representation -> "Client and Realm Role Policy".equals(representation.getName()) && representation.getConfig().get("roles").contains("\"id\":\"realm-management/impersonation\""));
+        policyPredicates.add(representation -> "Client and Realm Role Policy".equals(representation.getName()));
+        policyPredicates.add(representation -> "Client Test Policy".equals(representation.getName()));
        policyPredicates.add(policyRepresentation -> "Only Premium User Policy".equals(policyRepresentation.getName()));
        policyPredicates.add(policyRepresentation -> "wburke policy".equals(policyRepresentation.getName()));
        policyPredicates.add(policyRepresentation -> "All Users Policy".equals(policyRepresentation.getName()));
--- a/testsuite/integration-arquillian/tests/base/src/test/resources/model/testrealm.json
+++ b/testsuite/integration-arquillian/tests/base/src/test/resources/model/testrealm.json
@ -289,6 +289,15 @@
                            "roles": "[{\"id\":\"realm-management/impersonation\",\"required\":false},{\"id\":\"realm-management/manage-authorization\",\"required\":true},{\"id\":\"user\",\"required\":false}]"
                        }
                    },
+                    {
+                        "name": "Client Test Policy",
+                        "type": "client",
+                        "logic": "POSITIVE",
+                        "decisionStrategy": "UNANIMOUS",
+                        "config": {
+                            "clients": "[\"broker\",\"admin-cli\"]"
+                        }
+                    },
                    {
                        "name": "Only Premium User Policy",
                        "description": "Defines that only premium users can do something",
--- a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/ResourcesTable.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/ResourcesTable.java
@ -66,6 +66,7 @@ public class ResourcesTable extends DataTable {
    public ResourceRepresentation toRepresentation(WebElement row) {
        ResourceRepresentation representation = null;
        List<WebElement> tds = row.findElements(tagName("td"));
+        try {
            if (!(tds.isEmpty() || tds.get(0).getText().isEmpty())) {
                representation = new ResourceRepresentation();
                representation.setName(tds.get(0).getText());
@ -75,6 +76,9 @@ public class ResourcesTable extends DataTable {
                owner.setName(tds.get(3).getText());
                representation.setOwner(owner);
            }
+        } catch (IndexOutOfBoundsException cause) {
+            // is empty
+        }
        return representation;
    }
 }