libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-2924: Fire AdminEvents on user group membership changes.

Browse source 
We now fire AdminEvents if a user joins or leaves a group.
This information can be used to deduce potential role changes
in custom event listeners.
This commit is contained in:
Thomas Darimont 2016-04-27 11:14:24 +02:00
parent dcb6cedfb7
commit 27ef919d07
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
View file

@ -960,7 +960,10 @@ public class UsersResource {
}
try {
if (user.isMemberOf(group)) user.leaveGroup(group);
if (user.isMemberOf(group)){
user.leaveGroup(group);
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
}
} catch (ModelException me) {
Properties messages = AdminRoot.getMessages(session, realm, auth.getAuth().getToken().getLocale());
throw new ErrorResponseException(me.getMessage(), MessageFormat.format(messages.getProperty(me.getMessage(), me.getMessage()), me.getParameters()),
@ -982,7 +985,10 @@ public class UsersResource {
if (group == null) {
throw new NotFoundException("Group not found");
}
if (!user.isMemberOf(group)) user.joinGroup(group);
if (!user.isMemberOf(group)){
user.joinGroup(group);
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).success();
}
}