libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-3681: Delete top flow doesn't remove all subflows

Browse source
This commit is contained in:
Stan Silvert 2016-11-16 12:43:11 -05:00
parent 989a701e95
commit 55556fc63c
2 changed files with 34 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
View file

@ -251,7 +251,11 @@ public class AuthenticationManagementResource {
@NoCache @NoCache
public void deleteFlow(@PathParam("id") String id) { public void deleteFlow(@PathParam("id") String id) {
auth.requireManage(); auth.requireManage();
deleteFlow(id, true);
}
private void deleteFlow(String id, boolean isTopMostLevel) {
AuthenticationFlowModel flow = realm.getAuthenticationFlowById(id); AuthenticationFlowModel flow = realm.getAuthenticationFlowById(id);
if (flow == null) { if (flow == null) {
throw new NotFoundException("Could not find flow with id"); throw new NotFoundException("Could not find flow with id");
@ -259,18 +263,17 @@ public class AuthenticationManagementResource {
if (flow.isBuiltIn()) { if (flow.isBuiltIn()) {
throw new BadRequestException("Can't delete built in flow"); throw new BadRequestException("Can't delete built in flow");
} }
List<AuthenticationExecutionModel> executions = realm.getAuthenticationExecutions(id); List<AuthenticationExecutionModel> executions = realm.getAuthenticationExecutions(id);
for (AuthenticationExecutionModel execution : executions) { for (AuthenticationExecutionModel execution : executions) {
if(execution.getFlowId() != null) { if(execution.getFlowId() != null) {
AuthenticationFlowModel nonTopLevelFlow = realm.getAuthenticationFlowById(execution.getFlowId()); deleteFlow(execution.getFlowId(), false);
realm.removeAuthenticationFlow(nonTopLevelFlow); }
}
realm.removeAuthenticatorExecution(execution);
} }
realm.removeAuthenticationFlow(flow); realm.removeAuthenticationFlow(flow);
// Use just one event for top-level flow. Using separate events won't work properly for flows of depth 2 or bigger // Use just one event for top-level flow. Using separate events won't work properly for flows of depth 2 or bigger
adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); if (isTopMostLevel) adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
} }
/** /**

24
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java
View file

@ -37,6 +37,30 @@ import java.util.Map;
*/ */
public class FlowTest extends AbstractAuthenticationTest { public class FlowTest extends AbstractAuthenticationTest {
// KEYCLOAK-3681: Delete top flow doesn't delete all subflows
@Test
public void testRemoveSubflows() {
authMgmtResource.createFlow(newFlow("Foo", "Foo flow", "generic", true, false));
addFlowToParent("Foo", "child");
addFlowToParent("child", "grandchild");
List<AuthenticationFlowRepresentation> flows = authMgmtResource.getFlows();
AuthenticationFlowRepresentation found = findFlowByAlias("Foo", flows);
authMgmtResource.deleteFlow(found.getId());
authMgmtResource.createFlow(newFlow("Foo", "Foo flow", "generic", true, false));
addFlowToParent("Foo", "child");
addFlowToParent("child", "grandchild");
}
private void addFlowToParent(String parentAlias, String childAlias) {
Map<String, String> data = new HashMap<>();
data.put("alias", childAlias);
data.put("type", "generic");
data.put("description", childAlias + " flow");
authMgmtResource.addExecutionFlow(parentAlias, data);
}
@Test @Test
public void testAddRemoveFlow() { public void testAddRemoveFlow() {