KEYCLOAK-17753 remove KeycloakModelUtils.isClientScopeUsed method

2021-05-27 23:52:59 +02:00 · 2021-05-27 23:52:59 +02:00 · 2bf727d408
commit 2bf727d408
parent 38101d01c2
6 changed files with 5 additions and 76 deletions
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaRealmProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaRealmProvider.java
@ -832,14 +832,11 @@ public class JpaRealmProvider implements RealmProvider, ClientProvider, ClientSc
        ClientScopeModel clientScope = getClientScopeById(realm, id);
        if (clientScope == null) return false;
        if (KeycloakModelUtils.isClientScopeUsed(realm, clientScope)) {
            throw new ModelException("Cannot remove client scope, it is currently in use");
        }
        session.users().preRemove(clientScope);
        realm.removeDefaultClientScope(clientScope);
        ClientScopeEntity clientScopeEntity = em.find(ClientScopeEntity.class, id, LockModeType.PESSIMISTIC_WRITE);
        em.createNamedQuery("deleteClientScopeClientMappingByClientScope").setParameter("clientScopeId", clientScope.getId()).executeUpdate();
        em.createNamedQuery("deleteClientScopeRoleMappingByClientScope").setParameter("clientScope", clientScopeEntity).executeUpdate();
        em.remove(clientScopeEntity);
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientScopeClientMappingEntity.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/ClientScopeClientMappingEntity.java
@ -35,7 +35,8 @@ import javax.persistence.Table;
@NamedQueries({
        @NamedQuery(name="clientScopeClientMappingIdsByClient", query="select m.clientScopeId from ClientScopeClientMappingEntity m where m.clientId = :clientId and m.defaultScope = :defaultScope"),
        @NamedQuery(name="deleteClientScopeClientMapping", query="delete from ClientScopeClientMappingEntity where clientId = :clientId and clientScopeId = :clientScopeId"),
-        @NamedQuery(name="deleteClientScopeClientMappingByClient", query="delete from ClientScopeClientMappingEntity where clientId = :clientId")
+        @NamedQuery(name="deleteClientScopeClientMappingByClient", query="delete from ClientScopeClientMappingEntity where clientId = :clientId"),
        @NamedQuery(name="deleteClientScopeClientMappingByClientScope", query="delete from ClientScopeClientMappingEntity where clientScopeId = :clientScopeId")
 })
@Entity
@Table(name="CLIENT_SCOPE_CLIENT")
--- a/model/map/src/main/java/org/keycloak/models/map/clientscope/MapClientScopeProvider.java
+++ b/model/map/src/main/java/org/keycloak/models/map/clientscope/MapClientScopeProvider.java
@ -115,10 +115,6 @@ public class MapClientScopeProvider<K> implements ClientScopeProvider {
        ClientScopeModel clientScope = getClientScopeById(realm, id);
        if (clientScope == null) return false;
        if (KeycloakModelUtils.isClientScopeUsed(realm, clientScope)) {
            throw new ModelException("Cannot remove client scope, it is currently in use");
        }
        session.users().preRemove(clientScope);
        realm.removeDefaultClientScope(clientScope);
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
@ -696,13 +696,6 @@ public final class KeycloakModelUtils {
                Objects.equals(idp.getPostBrokerLoginFlowId(), model.getId()));
    }
    public static boolean isClientScopeUsed(RealmModel realm, ClientScopeModel clientScope) {
        return realm.getClientsStream()
                .filter(c -> (c.getClientScopes(true).containsKey(clientScope.getName())) ||
                (c.getClientScopes(false).containsKey(clientScope.getName())))
                .findFirst().isPresent();
    }
    public static ClientScopeModel getClientScopeByName(RealmModel realm, String clientScopeName) {
        return realm.getClientScopesStream()
                .filter(clientScope -> Objects.equals(clientScopeName, clientScope.getName()))
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientScopeTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientScopeTest.java
@ -39,7 +39,6 @@ import org.keycloak.testsuite.admin.ApiUtil;
 import org.keycloak.testsuite.util.AdminEventPaths;
 import org.keycloak.testsuite.util.Matchers;
 import javax.ws.rs.BadRequestException;
 import javax.ws.rs.ClientErrorException;
 import javax.ws.rs.NotFoundException;
 import javax.ws.rs.core.Response;
@ -335,7 +334,6 @@ public class ClientScopeTest extends AbstractClientTest {
        return testRealmResource().roles().get(roleName).toRepresentation();
    }
    // KEYCLOAK-2844
    @Test
    public void testRemoveClientScopeInUse() {
        // Add client scope
@ -352,21 +350,8 @@ public class ClientScopeTest extends AbstractClientTest {
        clientRep.setDefaultClientScopes(Collections.singletonList("foo-scope"));
        String clientDbId = createClient(clientRep);
        // Can't remove clientScope
        try {
            clientScopes().get(scopeId).remove();
            Assert.fail("Not expected to successfully remove clientScope in use");
        } catch (BadRequestException bre) {
            ErrorRepresentation error = bre.getResponse().readEntity(ErrorRepresentation.class);
            Assert.assertEquals("Cannot remove client scope, it is currently in use", error.getErrorMessage());
            assertAdminEvents.assertEmpty();
        }
        // Remove client
        removeClient(clientDbId);
        // Can remove clientScope now
        removeClientScope(scopeId);
        removeClient(clientDbId);
    }
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/ClientModelTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/model/ClientModelTest.java
@ -17,12 +17,10 @@
 */
 package org.keycloak.testsuite.model;
 import org.junit.Assert;
 import org.junit.Test;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.ClientScopeModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.ModelException;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.RoleModel;
 import org.keycloak.models.utils.KeycloakModelUtils;
@ -39,14 +37,11 @@ import org.keycloak.testsuite.arquillian.annotation.ModelTest;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.atomic.AtomicReference;
 import java.util.stream.Collectors;
 import static org.hamcrest.core.Is.is;
 import static org.hamcrest.core.IsNull.notNullValue;
-import static org.hamcrest.core.IsNull.nullValue;
+import static org.hamcrest.MatcherAssert.assertThat;
 import static org.junit.Assert.assertThat;
 import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer;
 /**
@ -410,44 +405,6 @@ public class ClientModelTest extends AbstractKeycloakTest {
        });
    }
    @Test
    @ModelTest
    public void testCannotRemoveBoundClientTemplate(KeycloakSession session) {
        AtomicReference<ClientScopeModel> scope1Atomic = new AtomicReference<>();
        KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCantRemoveBound1) -> {
            currentSession = sessionCantRemoveBound1;
            RealmModel realm = currentSession.realms().getRealmByName(realmName);
            client = realm.addClient("templatized");
            ClientScopeModel scope1 = realm.addClientScope("template");
            scope1.setProtocol(OIDCLoginProtocol.LOGIN_PROTOCOL);
            scope1Atomic.set(scope1);
            client.addClientScope(scope1, true);
        });
        KeycloakModelUtils.runJobInTransaction(session.getKeycloakSessionFactory(), (KeycloakSession sessionCantRemoveBound2) -> {
            currentSession = sessionCantRemoveBound2;
            RealmModel realm = currentSession.realms().getRealmByName(realmName);
            ClientScopeModel scope1 = scope1Atomic.get();
            client = realm.getClientByClientId("templatized");
            assertThat("Scope name is wrong!!", scope1.getName(), is("template"));
            try {
                realm.removeClientScope(scope1.getId());
                Assert.fail();
            } catch (ModelException e) {
                // Expected
            }
            currentSession.clients().removeClient(realm, client.getId());
            realm.removeClientScope(scope1Atomic.get().getId());
            assertThat("Error with removing Client from realm.", realm.getClientById(client.getId()), nullValue());
            assertThat("Error with removing Client Scope from realm.", realm.getClientScopeById(scope1.getId()), nullValue());
        });
    }
    @Test
    @ModelTest
    public void testDefaultDefaultClientScopes(KeycloakSession session) {