KEYCLOAK-17753 remove KeycloakModelUtils.isClientScopeUsed method
This commit is contained in:
vramik
Hynek Mlnařík
parent
38101d01c2
commit
2bf727d408
6 changed files with 5 additions and 76 deletions
|
|
@ -832,14 +832,11 @@ public class JpaRealmProvider implements RealmProvider, ClientProvider, ClientSc
|
|||
ClientScopeModel clientScope = getClientScopeById(realm, id);
|
||||
if (clientScope == null) return false;
|
||||
|
||||
if (KeycloakModelUtils.isClientScopeUsed(realm, clientScope)) {
|
||||
throw new ModelException("Cannot remove client scope, it is currently in use");
|
||||
}
|
||||
|
||||
session.users().preRemove(clientScope);
|
||||
realm.removeDefaultClientScope(clientScope);
|
||||
ClientScopeEntity clientScopeEntity = em.find(ClientScopeEntity.class, id, LockModeType.PESSIMISTIC_WRITE);
|
||||
|
||||
em.createNamedQuery("deleteClientScopeClientMappingByClientScope").setParameter("clientScopeId", clientScope.getId()).executeUpdate();
|
||||
em.createNamedQuery("deleteClientScopeRoleMappingByClientScope").setParameter("clientScope", clientScopeEntity).executeUpdate();
|
||||
em.remove(clientScopeEntity);
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,8 @@ import javax.persistence.Table;
|
|||
@NamedQueries({
|
||||
@NamedQuery(name="clientScopeClientMappingIdsByClient", query="select m.clientScopeId from ClientScopeClientMappingEntity m where m.clientId = :clientId and m.defaultScope = :defaultScope"),
|
||||
@NamedQuery(name="deleteClientScopeClientMapping", query="delete from ClientScopeClientMappingEntity where clientId = :clientId and clientScopeId = :clientScopeId"),
|
||||
@NamedQuery(name="deleteClientScopeClientMappingByClient", query="delete from ClientScopeClientMappingEntity where clientId = :clientId")
|
||||
@NamedQuery(name="deleteClientScopeClientMappingByClient", query="delete from ClientScopeClientMappingEntity where clientId = :clientId"),
|
||||
@NamedQuery(name="deleteClientScopeClientMappingByClientScope", query="delete from ClientScopeClientMappingEntity where clientScopeId = :clientScopeId")
|
||||
})
|
||||
@Entity
|
||||
@Table(name="CLIENT_SCOPE_CLIENT")
|
||||
|
|
|
|||
|
|
@ -115,10 +115,6 @@ public class MapClientScopeProvider<K> implements ClientScopeProvider {
|
|||
ClientScopeModel clientScope = getClientScopeById(realm, id);
|
||||
if (clientScope == null) return false;
|
||||
|
||||
if (KeycloakModelUtils.isClientScopeUsed(realm, clientScope)) {
|
||||
throw new ModelException("Cannot remove client scope, it is currently in use");
|
||||
}
|
||||
|
||||
session.users().preRemove(clientScope);
|
||||
realm.removeDefaultClientScope(clientScope);
|
||||
|
||||
|
|
|
|||
|
|
@ -696,13 +696,6 @@ public final class KeycloakModelUtils {
|
|||
Objects.equals(idp.getPostBrokerLoginFlowId(), model.getId()));
|
||||
}
|
||||
|
||||
public static boolean isClientScopeUsed(RealmModel realm, ClientScopeModel clientScope) {
|
||||
return realm.getClientsStream()
|
||||
.filter(c -> (c.getClientScopes(true).containsKey(clientScope.getName())) ||
|
||||
(c.getClientScopes(false).containsKey(clientScope.getName())))
|
||||
.findFirst().isPresent();
|
||||
}
|
||||
|
||||
public static ClientScopeModel getClientScopeByName(RealmModel realm, String clientScopeName) {
|
||||
return realm.getClientScopesStream()
|
||||
.filter(clientScope -> Objects.equals(clientScopeName, clientScope.getName()))
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ import org.keycloak.testsuite.admin.ApiUtil;
|
|||
import org.keycloak.testsuite.util.AdminEventPaths;
|
||||
import org.keycloak.testsuite.util.Matchers;
|
||||
|
||||
import javax.ws.rs.BadRequestException;
|
||||
import javax.ws.rs.ClientErrorException;
|
||||
import javax.ws.rs.NotFoundException;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
|
@ -335,7 +334,6 @@ public class ClientScopeTest extends AbstractClientTest {
|
|||
return testRealmResource().roles().get(roleName).toRepresentation();
|
||||
}
|
||||
|
||||
// KEYCLOAK-2844
|
||||
@Test
|
||||
public void testRemoveClientScopeInUse() {
|
||||
// Add client scope
|
||||
|
|
@ -352,21 +350,8 @@ public class ClientScopeTest extends AbstractClientTest {
|
|||
clientRep.setDefaultClientScopes(Collections.singletonList("foo-scope"));
|
||||
String clientDbId = createClient(clientRep);
|
||||
|
||||
// Can't remove clientScope
|
||||
try {
|
||||
clientScopes().get(scopeId).remove();
|
||||
Assert.fail("Not expected to successfully remove clientScope in use");
|
||||
} catch (BadRequestException bre) {
|
||||
ErrorRepresentation error = bre.getResponse().readEntity(ErrorRepresentation.class);
|
||||
Assert.assertEquals("Cannot remove client scope, it is currently in use", error.getErrorMessage());
|
||||
assertAdminEvents.assertEmpty();
|
||||
}
|
||||
|
||||
// Remove client
|
||||
removeClient(clientDbId);
|
||||
|
||||
// Can remove clientScope now
|
||||
removeClientScope(scopeId);
|
||||
removeClient(clientDbId);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -17,12 +17,10 @@
|
|||
*/
|
||||
package org.keycloak.testsuite.model;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.ClientScopeModel;
|
||||
import org.keycloak.models.KeycloakSession;
|
||||
import org.keycloak.models.ModelException;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.utils.KeycloakModelUtils;
|
||||
|
|
@ -39,14 +37,11 @@ import org.keycloak.testsuite.arquillian.annotation.ModelTest;
|
|||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.atomic.AtomicReference;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static org.hamcrest.core.Is.is;
|
||||
import static org.hamcrest.core.IsNull.notNullValue;
|
||||
import static org.hamcrest.core.IsNull.nullValue;
|
||||
import static org.junit.Assert.assertThat;
|
||||
import static org.hamcrest.MatcherAssert.assertThat;
|
||||
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
|
||||
|
||||
/**
|
||||
|
|
@ -410,44 +405,6 @@ public class ClientModelTest extends AbstractKeycloakTest {
|
|||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
@ModelTest
|
||||
public void testCannotRemoveBoundClientTemplate(KeycloakSession session) {
|
||||
AtomicReference<ClientScopeModel> scope1Atomic = new AtomicReference<>();
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCantRemoveBound1) -> {
|
||||
currentSession = sessionCantRemoveBound1;
|
||||
RealmModel realm = currentSession.realms().getRealmByName(realmName);
|
||||
client = realm.addClient("templatized");
|
||||
ClientScopeModel scope1 = realm.addClientScope("template");
|
||||
scope1.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
|
||||
scope1Atomic.set(scope1);
|
||||
client.addClientScope(scope1, true);
|
||||
});
|
||||
|
||||
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCantRemoveBound2) -> {
|
||||
currentSession = sessionCantRemoveBound2;
|
||||
RealmModel realm = currentSession.realms().getRealmByName(realmName);
|
||||
ClientScopeModel scope1 = scope1Atomic.get();
|
||||
client = realm.getClientByClientId("templatized");
|
||||
|
||||
assertThat("Scope name is wrong!!", scope1.getName(), is("template"));
|
||||
|
||||
try {
|
||||
realm.removeClientScope(scope1.getId());
|
||||
Assert.fail();
|
||||
} catch (ModelException e) {
|
||||
// Expected
|
||||
}
|
||||
|
||||
currentSession.clients().removeClient(realm, client.getId());
|
||||
realm.removeClientScope(scope1Atomic.get().getId());
|
||||
|
||||
assertThat("Error with removing Client from realm.", realm.getClientById(client.getId()), nullValue());
|
||||
assertThat("Error with removing Client Scope from realm.", realm.getClientScopeById(scope1.getId()), nullValue());
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
@ModelTest
|
||||
public void testDefaultDefaultClientScopes(KeycloakSession session) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue