From 3d02fd5d0ea1106bd1d06d898211548f06760c46 Mon Sep 17 00:00:00 2001 From: Stian Thorgersen Date: Mon, 28 Apr 2014 12:50:01 +0100 Subject: [PATCH] KEYCLOAK-429 Remove role from composite roles when deleted --- .../org/keycloak/models/jpa/ApplicationAdapter.java | 1 + .../java/org/keycloak/models/jpa/RealmAdapter.java | 1 + .../org/keycloak/models/jpa/entities/RoleEntity.java | 4 +++- .../test/java/org/keycloak/model/test/AdapterTest.java | 4 ++++ .../org/keycloak/services/managers/RealmManager.java | 10 +--------- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java index 69600014f1..85a24caf85 100755 --- a/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java +++ b/model/jpa/src/main/java/org/keycloak/models/jpa/ApplicationAdapter.java @@ -125,6 +125,7 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode applicationEntity.getRoles().remove(role); applicationEntity.getDefaultRoles().remove(role); + em.createNativeQuery("delete from CompositeRole where role = :role").setParameter("role", role).executeUpdate(); em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate(); em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", role).executeUpdate(); role.setApplication(null); diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java index 4cbda3ce8b..54559ab881 100755 --- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java +++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java @@ -974,6 +974,7 @@ public class RealmAdapter implements RealmModel { realm.getRoles().remove(role); realm.getDefaultRoles().remove(role); + em.createNativeQuery("delete from CompositeRole where role = :role").setParameter("role", roleEntity).executeUpdate(); em.createQuery("delete from " + UserRoleMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate(); em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where role = :role").setParameter("role", roleEntity).executeUpdate(); diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java index 7e43ceab15..1bebe56d10 100755 --- a/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java +++ b/model/jpa/src/main/java/org/keycloak/models/jpa/entities/RoleEntity.java @@ -6,6 +6,8 @@ import javax.persistence.GeneratedValue; import javax.persistence.Id; import javax.persistence.Inheritance; import javax.persistence.InheritanceType; +import javax.persistence.JoinColumn; +import javax.persistence.JoinTable; import javax.persistence.ManyToMany; import java.util.ArrayList; import java.util.Collection; @@ -27,7 +29,7 @@ public abstract class RoleEntity { private String name; private String description; @ManyToMany(fetch = FetchType.LAZY, cascade = {}) - //@JoinTable(name = "COMPOSITE_ROLE") + @JoinTable(name = "CompositeRole", joinColumns = @JoinColumn(name = "composite"), inverseJoinColumns = @JoinColumn(name = "role")) private Collection compositeRoles = new ArrayList(); diff --git a/model/tests/src/test/java/org/keycloak/model/test/AdapterTest.java b/model/tests/src/test/java/org/keycloak/model/test/AdapterTest.java index 9ea7b1e1f6..9ea316340c 100755 --- a/model/tests/src/test/java/org/keycloak/model/test/AdapterTest.java +++ b/model/tests/src/test/java/org/keycloak/model/test/AdapterTest.java @@ -212,6 +212,10 @@ public class AdapterTest extends AbstractModelTest { realmModel.addScopeMapping(client, appRole); RoleModel realmRole = realmModel.addRole("test"); + RoleModel realmRole2 = realmModel.addRole("test2"); + realmRole.addCompositeRole(realmRole2); + realmRole.addCompositeRole(appRole); + realmModel.addScopeMapping(app, realmRole); Assert.assertTrue(identitySession.removeRealm(realmModel.getId())); diff --git a/services/src/main/java/org/keycloak/services/managers/RealmManager.java b/services/src/main/java/org/keycloak/services/managers/RealmManager.java index 14c22d3c2d..4f7b9e076b 100755 --- a/services/src/main/java/org/keycloak/services/managers/RealmManager.java +++ b/services/src/main/java/org/keycloak/services/managers/RealmManager.java @@ -105,15 +105,7 @@ public class RealmManager { public boolean removeRealm(RealmModel realm) { boolean removed = identitySession.removeRealm(realm.getId()); - RealmModel adminRealm = getKeycloakAdminstrationRealm(); - RoleModel adminRole = adminRealm.getRole(AdminRoles.ADMIN); - - ApplicationModel realmAdminApp = realm.getAdminApp(); - for (RoleModel r : realmAdminApp.getRoles()) { - adminRole.removeCompositeRole(r); - } - - adminRealm.removeApplication(realmAdminApp.getId()); + getKeycloakAdminstrationRealm().removeApplication(realm.getAdminApp().getId()); return removed; }