KEYCLOAK-2716

This commit is contained in:
Bill Burke 2016-03-30 18:15:11 -04:00
parent 9cf788c590
commit 545fb8b849
6 changed files with 61 additions and 35 deletions

View file

@ -25,6 +25,7 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.List;
@ -45,6 +46,10 @@ public interface ClientsResource {
@Produces(MediaType.APPLICATION_JSON)
public List<ClientRepresentation> findAll();
@GET
@Produces(MediaType.APPLICATION_JSON)
public List<ClientRepresentation> findByClientId(@QueryParam("clientId") String clientId);
}

View file

@ -627,26 +627,7 @@ public class ClientAdapter implements ClientModel, JpaModel<ClientEntity> {
@Override
public boolean removeRole(RoleModel roleModel) {
if (roleModel == null) {
return false;
}
if (!roleModel.getContainer().equals(this)) return false;
session.users().preRemove(getRealm(), roleModel);
RoleEntity role = RoleAdapter.toRoleEntity(roleModel, em);
if (!role.isClientRole()) return false;
entity.getDefaultRoles().remove(role);
String compositeRoleTable = JpaUtils.getTableNameForNativeQuery("COMPOSITE_ROLE", em);
em.createNativeQuery("delete from " + compositeRoleTable + " where CHILD_ROLE = :role").setParameter("role", role).executeUpdate();
em.createNamedQuery("deleteScopeMappingByRole").setParameter("role", role).executeUpdate();
em.createNamedQuery("deleteTemplateScopeMappingByRole").setParameter("role", role).executeUpdate();
role.setClient(null);
em.flush();
em.remove(role);
em.flush();
return true;
return session.realms().removeRole(realm, roleModel);
}
@Override

View file

@ -261,7 +261,7 @@ public class JpaRealmProvider implements RealmProvider {
em.createNativeQuery("delete from " + compositeRoleTable + " where CHILD_ROLE = :role").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteScopeMappingByRole").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteTemplateScopeMappingByRole").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteGroupRoleMappingsByRole").setParameter("roleId", roleEntity.getId()).executeUpdate();
int val = em.createNamedQuery("deleteGroupRoleMappingsByRole").setParameter("roleId", roleEntity.getId()).executeUpdate();
em.remove(roleEntity);
em.flush();

View file

@ -583,8 +583,7 @@ public class ClientAdapter extends AbstractMongoAdapter<MongoClientEntity> imple
@Override
public boolean removeRole(RoleModel role) {
session.users().preRemove(getRealm(), role);
return getMongoStore().removeEntity(MongoRoleEntity.class, role.getId(), invocationContext);
return session.realms().removeRole(realm, role);
}
@Override

View file

@ -36,6 +36,7 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@ -71,14 +72,18 @@ public class ClientsResource {
* Get clients belonging to the realm
*
* Returns a list of clients belonging to the realm
*
* @param clientId filter by clientId
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<ClientRepresentation> getClients() {
public List<ClientRepresentation> getClients(@QueryParam("clientId") String clientId) {
auth.requireAny();
List<ClientRepresentation> rep = new ArrayList<>();
if (clientId == null) {
List<ClientModel> clientModels = realm.getClients();
boolean view = auth.hasView();
@ -93,6 +98,12 @@ public class ClientsResource {
rep.add(client);
}
}
} else {
ClientModel client = realm.getClientByClientId(clientId);
if (client != null) {
rep.add(ModelToRepresentation.toRepresentation(client));
}
}
return rep;
}

View file

@ -36,6 +36,7 @@ import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.RefreshToken;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
@ -95,6 +96,35 @@ public class GroupTest {
@WebResource
protected OAuthClient oauth;
/**
* KEYCLOAK-2716
* @throws Exception
*/
@Test
public void testClientRemoveWithClientRoleGroupMapping() throws Exception {
RealmResource realm = keycloak.realms().realm("test");
ClientRepresentation client = new ClientRepresentation();
client.setClientId("foo");
client.setRootUrl("http://foo");
client.setProtocol("openid-connect");
Response response = realm.clients().create(client);
response.close();
client = realm.clients().findByClientId("foo").get(0);
RoleRepresentation role = new RoleRepresentation();
role.setName("foo-role");
realm.clients().get(client.getId()).roles().create(role);
role = realm.clients().get(client.getId()).roles().get("foo-role").toRepresentation();
GroupRepresentation group = new GroupRepresentation();
group.setName("2716");
realm.groups().add(group).close();
group = realm.getGroupByPath("/2716");
List<RoleRepresentation> list = new LinkedList<>();
list.add(role);
realm.groups().group(group.getId()).roles().clientLevel(client.getId()).add(list);
realm.clients().get(client.getId()).remove();
}
@Test
public void createAndTestGroups() throws Exception {
RealmResource realm = keycloak.realms().realm("test");