KEYCLOAK-17753 remove KeycloakModelUtils.isClientScopeUsed method

This commit is contained in:
vramik 2021-05-27 23:52:59 +02:00 committed by Hynek Mlnařík
parent 38101d01c2
commit 2bf727d408
6 changed files with 5 additions and 76 deletions

View file

@ -832,14 +832,11 @@ public class JpaRealmProvider implements RealmProvider, ClientProvider, ClientSc
ClientScopeModel clientScope = getClientScopeById(realm, id);
if (clientScope == null) return false;
if (KeycloakModelUtils.isClientScopeUsed(realm, clientScope)) {
throw new ModelException("Cannot remove client scope, it is currently in use");
}
session.users().preRemove(clientScope);
realm.removeDefaultClientScope(clientScope);
ClientScopeEntity clientScopeEntity = em.find(ClientScopeEntity.class, id, LockModeType.PESSIMISTIC_WRITE);
em.createNamedQuery("deleteClientScopeClientMappingByClientScope").setParameter("clientScopeId", clientScope.getId()).executeUpdate();
em.createNamedQuery("deleteClientScopeRoleMappingByClientScope").setParameter("clientScope", clientScopeEntity).executeUpdate();
em.remove(clientScopeEntity);

View file

@ -35,7 +35,8 @@ import javax.persistence.Table;
@NamedQueries({
@NamedQuery(name="clientScopeClientMappingIdsByClient", query="select m.clientScopeId from ClientScopeClientMappingEntity m where m.clientId = :clientId and m.defaultScope = :defaultScope"),
@NamedQuery(name="deleteClientScopeClientMapping", query="delete from ClientScopeClientMappingEntity where clientId = :clientId and clientScopeId = :clientScopeId"),
@NamedQuery(name="deleteClientScopeClientMappingByClient", query="delete from ClientScopeClientMappingEntity where clientId = :clientId")
@NamedQuery(name="deleteClientScopeClientMappingByClient", query="delete from ClientScopeClientMappingEntity where clientId = :clientId"),
@NamedQuery(name="deleteClientScopeClientMappingByClientScope", query="delete from ClientScopeClientMappingEntity where clientScopeId = :clientScopeId")
})
@Entity
@Table(name="CLIENT_SCOPE_CLIENT")

View file

@ -115,10 +115,6 @@ public class MapClientScopeProvider<K> implements ClientScopeProvider {
ClientScopeModel clientScope = getClientScopeById(realm, id);
if (clientScope == null) return false;
if (KeycloakModelUtils.isClientScopeUsed(realm, clientScope)) {
throw new ModelException("Cannot remove client scope, it is currently in use");
}
session.users().preRemove(clientScope);
realm.removeDefaultClientScope(clientScope);

View file

@ -696,13 +696,6 @@ public final class KeycloakModelUtils {
Objects.equals(idp.getPostBrokerLoginFlowId(), model.getId()));
}
public static boolean isClientScopeUsed(RealmModel realm, ClientScopeModel clientScope) {
return realm.getClientsStream()
.filter(c -> (c.getClientScopes(true).containsKey(clientScope.getName())) ||
(c.getClientScopes(false).containsKey(clientScope.getName())))
.findFirst().isPresent();
}
public static ClientScopeModel getClientScopeByName(RealmModel realm, String clientScopeName) {
return realm.getClientScopesStream()
.filter(clientScope -> Objects.equals(clientScopeName, clientScope.getName()))

View file

@ -39,7 +39,6 @@ import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.Matchers;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.core.Response;
@ -335,7 +334,6 @@ public class ClientScopeTest extends AbstractClientTest {
return testRealmResource().roles().get(roleName).toRepresentation();
}
// KEYCLOAK-2844
@Test
public void testRemoveClientScopeInUse() {
// Add client scope
@ -352,21 +350,8 @@ public class ClientScopeTest extends AbstractClientTest {
clientRep.setDefaultClientScopes(Collections.singletonList("foo-scope"));
String clientDbId = createClient(clientRep);
// Can't remove clientScope
try {
clientScopes().get(scopeId).remove();
Assert.fail("Not expected to successfully remove clientScope in use");
} catch (BadRequestException bre) {
ErrorRepresentation error = bre.getResponse().readEntity(ErrorRepresentation.class);
Assert.assertEquals("Cannot remove client scope, it is currently in use", error.getErrorMessage());
assertAdminEvents.assertEmpty();
}
// Remove client
removeClient(clientDbId);
// Can remove clientScope now
removeClientScope(scopeId);
removeClient(clientDbId);
}

View file

@ -17,12 +17,10 @@
*/
package org.keycloak.testsuite.model;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelException;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.utils.KeycloakModelUtils;
@ -39,14 +37,11 @@ import org.keycloak.testsuite.arquillian.annotation.ModelTest;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import java.util.stream.Collectors;
import static org.hamcrest.core.Is.is;
import static org.hamcrest.core.IsNull.notNullValue;
import static org.hamcrest.core.IsNull.nullValue;
import static org.junit.Assert.assertThat;
import static org.hamcrest.MatcherAssert.assertThat;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
/**
@ -410,44 +405,6 @@ public class ClientModelTest extends AbstractKeycloakTest {
});
}
@Test
@ModelTest
public void testCannotRemoveBoundClientTemplate(KeycloakSession session) {
AtomicReference<ClientScopeModel> scope1Atomic = new AtomicReference<>();
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCantRemoveBound1) -> {
currentSession = sessionCantRemoveBound1;
RealmModel realm = currentSession.realms().getRealmByName(realmName);
client = realm.addClient("templatized");
ClientScopeModel scope1 = realm.addClientScope("template");
scope1.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
scope1Atomic.set(scope1);
client.addClientScope(scope1, true);
});
KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCantRemoveBound2) -> {
currentSession = sessionCantRemoveBound2;
RealmModel realm = currentSession.realms().getRealmByName(realmName);
ClientScopeModel scope1 = scope1Atomic.get();
client = realm.getClientByClientId("templatized");
assertThat("Scope name is wrong!!", scope1.getName(), is("template"));
try {
realm.removeClientScope(scope1.getId());
Assert.fail();
} catch (ModelException e) {
// Expected
}
currentSession.clients().removeClient(realm, client.getId());
realm.removeClientScope(scope1Atomic.get().getId());
assertThat("Error with removing Client from realm.", realm.getClientById(client.getId()), nullValue());
assertThat("Error with removing Client Scope from realm.", realm.getClientScopeById(scope1.getId()), nullValue());
});
}
@Test
@ModelTest
public void testDefaultDefaultClientScopes(KeycloakSession session) {