KEYCLOAK-11412 Display more nice error message when creating top level group with same name

2020-03-16 11:18:33 +01:00 · 2020-03-16 11:18:33 +01:00 · 56d1ab19a8
commit 56d1ab19a8
parent d7688f6b12
2 changed files with 38 additions and 19 deletions
--- a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
@ -23,6 +23,7 @@ import org.keycloak.events.admin.OperationType;
 import org.keycloak.events.admin.ResourceType;
 import org.keycloak.models.GroupModel;
 import org.keycloak.models.KeycloakSession;
+import org.keycloak.models.ModelDuplicateException;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.representations.idm.GroupRepresentation;
@ -141,28 +142,27 @@ public class GroupsResource {
    public Response addTopLevelGroup(GroupRepresentation rep) {
        auth.groups().requireManage();

-        List<GroupRepresentation> search = ModelToRepresentation.searchForGroupByName(realm, false, rep.getName(), 0, 1);
-        if (search != null && !search.isEmpty() && Objects.equals(search.get(0).getName(), rep.getName())) {
-            return ErrorResponse.exists("Top level group named '" + rep.getName() + "' already exists.");
-        }
-
        GroupModel child;
        Response.ResponseBuilder builder = Response.status(204);
-        if (rep.getId() != null) {
-            child = realm.getGroupById(rep.getId());
-            if (child == null) {
-                throw new NotFoundException("Could not find child by id");
-            }
-            adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri());
-        } else {
-            child = realm.createGroup(rep.getName());
-            GroupResource.updateGroup(rep, child);
-            URI uri = session.getContext().getUri().getAbsolutePathBuilder()
-                    .path(child.getId()).build();
-            builder.status(201).location(uri);
+        try {
+            if (rep.getId() != null) {
+                child = realm.getGroupById(rep.getId());
+                if (child == null) {
+                    throw new NotFoundException("Could not find child by id");
+                }
+                adminEvent.operation(OperationType.UPDATE).resourcePath(session.getContext().getUri());
+            } else {
+                child = realm.createGroup(rep.getName());
+                GroupResource.updateGroup(rep, child);
+                URI uri = session.getContext().getUri().getAbsolutePathBuilder()
+                        .path(child.getId()).build();
+                builder.status(201).location(uri);

-            rep.setId(child.getId());
-            adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), child.getId());
+                rep.setId(child.getId());
+                adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), child.getId());
+            }
+        } catch (ModelDuplicateException mde) {
+            return ErrorResponse.exists("Top level group named '" + rep.getName() + "' already exists.");
        }

        adminEvent.representation(rep).success();
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
@ -248,17 +248,36 @@ public class GroupTest extends AbstractGroupTest {
        GroupRepresentation topGroup = new GroupRepresentation();
        topGroup.setName("test-group");
        topGroup = createGroup(realm, topGroup);
+        getCleanup().addGroupId(topGroup.getId());

        // creating "/test-group/test-group"
        GroupRepresentation childGroup = new GroupRepresentation();
        childGroup.setName("test-group");
        try (Response response = realm.groups().group(topGroup.getId()).subGroup(childGroup)) {
            assertEquals(201, response.getStatus());
+            getCleanup().addGroupId(ApiUtil.getCreatedId(response));
        }

        assertNotNull(realm.getGroupByPath("/test-group/test-group"));
    }

+    @Test
+    public void doNotAllowSameGroupNameAtTopLevel() throws Exception {
+        RealmResource realm = adminClient.realms().realm("test");
+
+        // creating "/test-group"
+        GroupRepresentation topGroup = new GroupRepresentation();
+        topGroup.setName("test-group");
+        topGroup = createGroup(realm, topGroup);
+        getCleanup().addGroupId(topGroup.getId());
+
+        GroupRepresentation group2 = new GroupRepresentation();
+        group2.setName("test-group");
+        try (Response response = realm.groups().add(group2)) {
+            assertEquals(Status.CONFLICT.getStatusCode(), response.getStatus());
+        }
+    }
+
    @Test
    @UncaughtServerErrorExpected
    public void doNotAllowSameGroupNameAtTopLevelInDatabase() throws Exception {