diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RoleResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RoleResource.java index 0c214ec239..9ac2cd91bb 100755 --- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RoleResource.java +++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RoleResource.java @@ -38,38 +38,38 @@ public interface RoleResource { @GET @Produces(MediaType.APPLICATION_JSON) - public RoleRepresentation toRepresentation(); + RoleRepresentation toRepresentation(); @PUT @Consumes(MediaType.APPLICATION_JSON) - public void update(RoleRepresentation roleRepresentation); + void update(RoleRepresentation roleRepresentation); @DELETE - public void remove(); + void remove(); @GET @Path("composites") @Produces(MediaType.APPLICATION_JSON) - public Set getChildren(); + Set getRoleComposites(); @GET @Path("composites/realm") @Produces(MediaType.APPLICATION_JSON) - public Set getRealmLevelChildren(); + Set getRealmRoleComposites(); @GET - @Path("composites/application/{appName}") + @Path("composites/clients/{appName}") @Produces(MediaType.APPLICATION_JSON) - public Set getApplicationLevelChildren(@PathParam("appName") String appName); + Set getClientRoleComposites(@PathParam("appName") String appName); @POST @Path("composites") @Consumes(MediaType.APPLICATION_JSON) - public void addChildren(List rolesToAdd); + void addComposites(List rolesToAdd); @DELETE @Path("composites") @Consumes(MediaType.APPLICATION_JSON) - public void removeChildren(List rolesToRemove); + void deleteComposites(List rolesToRemove); } diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RolesResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RolesResource.java index 7bb6abc002..835798a6a5 100755 --- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RolesResource.java +++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/RolesResource.java @@ -36,17 +36,17 @@ public interface RolesResource { @GET @Produces(MediaType.APPLICATION_JSON) - public List list(); + List list(); @POST @Consumes(MediaType.APPLICATION_JSON) - public void create(RoleRepresentation roleRepresentation); + void create(RoleRepresentation roleRepresentation); @Path("{roleName}") - public RoleResource get(@PathParam("roleName") String roleName); + RoleResource get(@PathParam("roleName") String roleName); @Path("{role-name}") @DELETE - public void deleteRole(final @PathParam("role-name") String roleName); + void deleteRole(final @PathParam("role-name") String roleName); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientRolesTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientRolesTest.java index 5fb7c7dd0b..60aec16627 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientRolesTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientRolesTest.java @@ -23,7 +23,14 @@ import org.junit.Test; import org.keycloak.admin.client.resource.ClientResource; import org.keycloak.admin.client.resource.RolesResource; import org.keycloak.representations.idm.RoleRepresentation; +import org.keycloak.testsuite.Assert; +import org.keycloak.testsuite.util.RoleBuilder; +import java.util.LinkedList; +import java.util.List; +import java.util.Set; + +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; @@ -75,4 +82,36 @@ public class ClientRolesTest extends AbstractClientTest { assertFalse(hasRole(rolesRsc, "role2")); } + @Test + public void testComposites() { + rolesRsc.create(makeRole("role-a")); + + assertFalse(rolesRsc.get("role-a").toRepresentation().isComposite()); + assertEquals(0, rolesRsc.get("role-a").getRoleComposites().size()); + + rolesRsc.create(makeRole("role-b")); + testRealmResource().roles().create(makeRole("role-c")); + + List l = new LinkedList<>(); + l.add(rolesRsc.get("role-b").toRepresentation()); + l.add(testRealmResource().roles().get("role-c").toRepresentation()); + rolesRsc.get("role-a").addComposites(l); + + Set composites = rolesRsc.get("role-a").getRoleComposites(); + + assertTrue(rolesRsc.get("role-a").toRepresentation().isComposite()); + Assert.assertNames(composites, "role-b", "role-c"); + + Set realmComposites = rolesRsc.get("role-a").getRealmRoleComposites(); + Assert.assertNames(realmComposites, "role-c"); + + Set clientComposites = rolesRsc.get("role-a").getClientRoleComposites(clientRsc.toRepresentation().getId()); + Assert.assertNames(clientComposites, "role-b"); + + rolesRsc.get("role-a").deleteComposites(l); + + assertFalse(rolesRsc.get("role-a").toRepresentation().isComposite()); + assertEquals(0, rolesRsc.get("role-a").getRoleComposites().size()); + } + } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientTemplateTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientTemplateTest.java index 2c282ff272..ffb6e8897f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientTemplateTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientTemplateTest.java @@ -162,7 +162,7 @@ public class ClientTemplateTest extends AbstractClientTest { roleRep2 = testRealmResource().roles().get("role2").toRepresentation(); // Add role2 as composite to role1 - testRealmResource().roles().get("role1").addChildren(Collections.singletonList(roleRep2)); + testRealmResource().roles().get("role1").addComposites(Collections.singletonList(roleRep2)); // create client template diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmRolesTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmRolesTest.java new file mode 100644 index 0000000000..17d9ad9f45 --- /dev/null +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmRolesTest.java @@ -0,0 +1,139 @@ +/* + * Copyright 2016 Red Hat, Inc. and/or its affiliates + * and other contributors as indicated by the @author tags. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.keycloak.testsuite.admin.realm; + +import org.junit.Before; +import org.junit.Test; +import org.keycloak.admin.client.resource.RoleByIdResource; +import org.keycloak.admin.client.resource.RolesResource; +import org.keycloak.representations.idm.RoleRepresentation; +import org.keycloak.testsuite.Assert; +import org.keycloak.testsuite.admin.AbstractAdminTest; +import org.keycloak.testsuite.admin.ApiUtil; +import org.keycloak.testsuite.util.ClientBuilder; +import org.keycloak.testsuite.util.RoleBuilder; + +import javax.ws.rs.NotFoundException; +import javax.ws.rs.core.Response; +import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +/** + * @author Stian Thorgersen + */ +public class RealmRolesTest extends AbstractAdminTest { + + private RolesResource resource; + + private Map ids = new HashMap<>(); + private String clientUuid; + + @Before + public void before() { + adminClient.realm(REALM_NAME).roles().create(RoleBuilder.create().name("role-a").description("Role A").build()); + adminClient.realm(REALM_NAME).roles().create(RoleBuilder.create().name("role-b").description("Role B").build()); + + Response response = adminClient.realm(REALM_NAME).clients().create(ClientBuilder.create().clientId("client-a").build()); + clientUuid = ApiUtil.getCreatedId(response); + adminClient.realm(REALM_NAME).clients().get(clientUuid).roles().create(RoleBuilder.create().name("role-c").description("Role C").build()); + + for (RoleRepresentation r : adminClient.realm(REALM_NAME).roles().list()) { + ids.put(r.getName(), r.getId()); + } + + for (RoleRepresentation r : adminClient.realm(REALM_NAME).clients().get(clientUuid).roles().list()) { + ids.put(r.getName(), r.getId()); + } + + resource = adminClient.realm(REALM_NAME).roles(); + } + + @Test + public void getRole() { + RoleRepresentation role = resource.get("role-a").toRepresentation(); + assertNotNull(role); + assertEquals("role-a", role.getName()); + assertEquals("Role A", role.getDescription()); + assertFalse(role.isComposite()); + } + + @Test + public void updateRole() { + RoleRepresentation role = resource.get("role-a").toRepresentation(); + + role.setName("role-a-new"); + role.setDescription("Role A New"); + + resource.get("role-a").update(role); + + role = resource.get("role-a-new").toRepresentation(); + + assertNotNull(role); + assertEquals("role-a-new", role.getName()); + assertEquals("Role A New", role.getDescription()); + assertFalse(role.isComposite()); + } + + @Test + public void deleteRole() { + assertNotNull(resource.get("role-a")); + resource.deleteRole("role-a"); + try { + resource.get("role-a").toRepresentation(); + fail("Expected 404"); + } catch (NotFoundException e) { + } + } + + @Test + public void composites() { + assertFalse(resource.get("role-a").toRepresentation().isComposite()); + assertEquals(0, resource.get("role-a").getRoleComposites().size()); + + List l = new LinkedList<>(); + l.add(RoleBuilder.create().id(ids.get("role-b")).build()); + l.add(RoleBuilder.create().id(ids.get("role-c")).build()); + resource.get("role-a").addComposites(l); + + Set composites = resource.get("role-a").getRoleComposites(); + + assertTrue(resource.get("role-a").toRepresentation().isComposite()); + Assert.assertNames(composites, "role-b", "role-c"); + + Set realmComposites = resource.get("role-a").getRealmRoleComposites(); + Assert.assertNames(realmComposites, "role-b"); + + Set clientComposites = resource.get("role-a").getClientRoleComposites(clientUuid); + Assert.assertNames(clientComposites, "role-c"); + + resource.get("role-a").deleteComposites(l); + + assertFalse(resource.get("role-a").toRepresentation().isComposite()); + assertEquals(0, resource.get("role-a").getRoleComposites().size()); + } + +} diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/RealmTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java similarity index 99% rename from testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/RealmTest.java rename to testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java index 54affa4340..84bb1b5a80 100755 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/RealmTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/realm/RealmTest.java @@ -15,7 +15,7 @@ * limitations under the License. */ -package org.keycloak.testsuite.admin; +package org.keycloak.testsuite.admin.realm; import org.apache.commons.io.IOUtils; import org.junit.Test; @@ -27,6 +27,7 @@ import org.keycloak.representations.idm.ClientRepresentation; import org.keycloak.representations.idm.RealmRepresentation; import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.testsuite.Assert; +import org.keycloak.testsuite.admin.AbstractAdminTest; import org.keycloak.testsuite.arquillian.AuthServerTestEnricher; import org.keycloak.testsuite.auth.page.AuthRealm; import org.keycloak.util.JsonSerialization; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/LegacyImportTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/LegacyImportTest.java index b0b4c12443..c648f5f1b0 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/LegacyImportTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/LegacyImportTest.java @@ -86,7 +86,7 @@ public class LegacyImportTest extends AbstractExportImportTest { assertRolesAvailable(roles); // Assert all admin roles are also available as composites of "realm-admin" - Set realmAdminComposites = foo11RealmManagementClient.roles().get(AdminRoles.REALM_ADMIN).getChildren(); + Set realmAdminComposites = foo11RealmManagementClient.roles().get(AdminRoles.REALM_ADMIN).getRoleComposites(); assertRolesAvailable(realmAdminComposites); // Assert "foo11-master" client correctly set and contains all admin roles. @@ -95,7 +95,7 @@ public class LegacyImportTest extends AbstractExportImportTest { assertRolesAvailable(roles); // Assert all admin roles are also available as composites of "admin" role - Set masterAdminComposites = adminClient.realm(Config.getAdminRealm()).roles().get(AdminRoles.ADMIN).getChildren(); + Set masterAdminComposites = adminClient.realm(Config.getAdminRealm()).roles().get(AdminRoles.ADMIN).getRoleComposites(); assertRolesAvailable(masterAdminComposites); }