libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-1327 Updated for users

Browse source
This commit is contained in:
Stian Thorgersen 2015-05-29 14:31:38 +01:00
parent e1e65af8ea
commit 5f787028df
6 changed files with 228 additions and 214 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

91
forms/common-themes/src/main/resources/theme/base/admin/resources/js/controllers/users.js
View file

@ -14,23 +14,23 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, cl
$scope.clientMappings = [];
$scope.dummymodel = [];
$scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.addRealmRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/realm',
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.id + '/role-mappings/realm',
$scope.selectedRealmRoles).success(function() {
$scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.selectedRealmMappings = [];
$scope.selectRealmRoles = [];
if ($scope.client) {
console.log('load available');
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.selectedClientRoles = [];
$scope.selectedClientMappings = [];
}
@ -40,18 +40,18 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, cl
};
$scope.deleteRealmRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/realm',
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.id + '/role-mappings/realm',
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
$scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.id});
$scope.selectedRealmMappings = [];
$scope.selectRealmRoles = [];
if ($scope.client) {
console.log('load available');
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.selectedClientRoles = [];
$scope.selectedClientMappings = [];
}
@ -60,11 +60,11 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, cl
};
$scope.addClientRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients/' + $scope.client.id,
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.id + '/role-mappings/clients/' + $scope.client.id,
$scope.selectedClientRoles).success(function() {
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.selectedClientRoles = [];
$scope.selectedClientMappings = [];
Notifications.success("Role mappings updated.");
@ -72,11 +72,11 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, cl
};
$scope.deleteClientRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/clients/' + $scope.client.id,
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.id + '/role-mappings/clients/' + $scope.client.id,
{data : $scope.selectedClientMappings, headers : {"content-type" : "application/json"}}).success(function() {
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.selectedClientRoles = [];
$scope.selectedClientMappings = [];
Notifications.success("Role mappings updated.");
@ -88,9 +88,9 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, cl
console.log('changeClient');
if ($scope.client) {
console.log('load available');
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.username, client : $scope.client.id});
$scope.clientComposite = CompositeClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientRoles = AvailableClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
$scope.clientMappings = ClientRoleMapping.query({realm : realm.realm, userId : user.id, client : $scope.client.id});
} else {
$scope.clientRoles = null;
$scope.clientMappings = null;
@ -110,9 +110,9 @@ module.controller('UserSessionsCtrl', function($scope, realm, user, sessions, Us
$scope.sessions = sessions;
$scope.logoutAll = function() {
UserLogout.save({realm : realm.realm, user: user.username}, function () {
UserLogout.save({realm : realm.realm, user: user.id}, function () {
Notifications.success('Logged out user in all clients');
UserSessions.query({realm: realm.realm, user: user.username}, function(updated) {
UserSessions.query({realm: realm.realm, user: user.id}, function(updated) {
$scope.sessions = updated;
})
});
@ -121,7 +121,7 @@ module.controller('UserSessionsCtrl', function($scope, realm, user, sessions, Us
$scope.logoutSession = function(sessionId) {
console.log('here in logoutSession');
UserSessionLogout.delete({realm : realm.realm, session: sessionId}, function() {
UserSessions.query({realm: realm.realm, user: user.username}, function(updated) {
UserSessions.query({realm: realm.realm, user: user.id}, function(updated) {
$scope.sessions = updated;
Notifications.success('Logged out session');
})
@ -141,8 +141,8 @@ module.controller('UserConsentsCtrl', function($scope, realm, user, userConsents
$scope.userConsents = userConsents;
$scope.revokeConsent = function(clientId) {
UserConsents.delete({realm : realm.realm, user: user.username, client: clientId }, function () {
UserConsents.query({realm: realm.realm, user: user.username}, function(updated) {
UserConsents.delete({realm : realm.realm, user: user.id, client: clientId }, function () {
UserConsents.query({realm: realm.realm, user: user.id}, function(updated) {
$scope.userConsents = updated;
})
Notifications.success('Consent revoked successfully');
@ -197,7 +197,7 @@ module.controller('UserListCtrl', function($scope, realm, User) {
module.controller('UserDetailCtrl', function($scope, realm, user, User, UserFederationInstances, $location, Dialog, Notifications) {
$scope.realm = realm;
$scope.create = !user.username;
$scope.create = !user.id;
if ($scope.create) {
$scope.user = { enabled: true, attributes: {} }
@ -237,17 +237,24 @@ module.controller('UserDetailCtrl', function($scope, realm, user, User, UserFede
if ($scope.create) {
User.save({
realm: realm.realm
}, $scope.user, function () {
}, $scope.user, function (data, headers) {
$scope.changed = false;
user = angular.copy($scope.user);
$location.url("/realms/" + realm.realm + "/users/" + $scope.user.username);
var l = headers().location;
console.debug("Location == " + l);
var id = l.substring(l.lastIndexOf("/") + 1);
$location.url("/realms/" + realm.realm + "/users/" + id);
Notifications.success("The user has been created.");
});
} else {
User.update({
realm: realm.realm,
userId: $scope.user.username
userId: $scope.user.id
}, $scope.user, function () {
$scope.changed = false;
user = angular.copy($scope.user);
@ -266,10 +273,10 @@ module.controller('UserDetailCtrl', function($scope, realm, user, User, UserFede
};
$scope.remove = function() {
Dialog.confirmDelete($scope.user.username, 'user', function() {
Dialog.confirmDelete($scope.user.id, 'user', function() {
$scope.user.$remove({
realm : realm.realm,
userId : $scope.user.username
userId : $scope.user.id
}, function() {
$location.url("/realms/" + realm.realm + "/users");
Notifications.success("The user has been deleted.");
@ -304,7 +311,7 @@ module.controller('UserCredentialsCtrl', function($scope, realm, user, User, Use
var msg = 'Are you sure you want to change the users password?';
Dialog.confirm(msgTitle, msg, function() {
UserCredentials.resetPassword({ realm: realm.realm, userId: user.username }, { type : "password", value : $scope.password, temporary: $scope.temporaryPassword }, function() {
UserCredentials.resetPassword({ realm: realm.realm, userId: user.id }, { type : "password", value : $scope.password, temporary: $scope.temporaryPassword }, function() {
Notifications.success("The password has been reset");
$scope.password = null;
$scope.confirmPassword = null;
@ -323,7 +330,7 @@ module.controller('UserCredentialsCtrl', function($scope, realm, user, User, Use
$scope.removeTotp = function() {
Dialog.confirm('Remove totp', 'Are you sure you want to remove the users totp configuration?', function() {
UserCredentials.removeTotp({ realm: realm.realm, userId: user.username }, { }, function() {
UserCredentials.removeTotp({ realm: realm.realm, userId: user.id }, { }, function() {
Notifications.success("The users totp configuration has been removed");
$scope.user.totp = false;
}, function() {
@ -334,7 +341,7 @@ module.controller('UserCredentialsCtrl', function($scope, realm, user, User, Use
$scope.resetPasswordEmail = function() {
Dialog.confirm('Reset password email', 'Are you sure you want to send password reset email to user?', function() {
UserCredentials.resetPasswordEmail({ realm: realm.realm, userId: user.username }, { }, function() {
UserCredentials.resetPasswordEmail({ realm: realm.realm, userId: user.id }, { }, function() {
Notifications.success("Password reset email sent to user");
}, function() {
Notifications.error("Failed to send password reset mail to user");

2
forms/common-themes/src/main/resources/theme/base/admin/resources/partials/user-list.html
View file

@ -45,7 +45,7 @@
</tfoot>
<tbody>
<tr ng-repeat="user in users">
<td><a href="#/realms/{{realm.realm}}/users/{{user.username}}">{{user.username}}</a></td>
<td><a href="#/realms/{{realm.realm}}/users/{{user.id}}">{{user.username}}</a></td>
<td>{{user.lastName}}</td>
<td>{{user.firstName}}</td>
<td>{{user.email}}</td>

12
forms/common-themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-user.html
View file

@ -1,8 +1,8 @@
<ul class="nav nav-tabs" data-ng-show="!create">
<li ng-class="{active: !path[4]}"><a href="#/realms/{{realm.realm}}/users/{{user.username}}">Attributes</a></li>
<li ng-class="{active: path[4] == 'user-credentials'}" data-ng-show="access.manageUsers"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/user-credentials">Credentials</a></li>
<li ng-class="{active: path[4] == 'role-mappings'}" ><a href="#/realms/{{realm.realm}}/users/{{user.username}}/role-mappings">Role Mappings</a></li>
<li ng-class="{active: path[4] == 'consents'}"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/consents">Consents</a></li>
<li ng-class="{active: path[4] == 'sessions'}" ><a href="#/realms/{{realm.realm}}/users/{{user.username}}/sessions">Sessions</a></li>
<li ng-class="{active: path[4] == 'federated-identity'}" data-ng-show="user.federatedIdentities && user.federatedIdentities.length > 0"><a href="#/realms/{{realm.realm}}/users/{{user.username}}/federated-identity">Identity Provider Links</a></li>
<li ng-class="{active: !path[4]}"><a href="#/realms/{{realm.realm}}/users/{{user.id}}">Attributes</a></li>
<li ng-class="{active: path[4] == 'user-credentials'}" data-ng-show="access.manageUsers"><a href="#/realms/{{realm.realm}}/users/{{user.id}}/user-credentials">Credentials</a></li>
<li ng-class="{active: path[4] == 'role-mappings'}" ><a href="#/realms/{{realm.realm}}/users/{{user.id}}/role-mappings">Role Mappings</a></li>
<li ng-class="{active: path[4] == 'consents'}"><a href="#/realms/{{realm.realm}}/users/{{user.id}}/consents">Consents</a></li>
<li ng-class="{active: path[4] == 'sessions'}" ><a href="#/realms/{{realm.realm}}/users/{{user.id}}/sessions">Sessions</a></li>
<li ng-class="{active: path[4] == 'federated-identity'}" data-ng-show="user.federatedIdentities && user.federatedIdentities.length > 0"><a href="#/realms/{{realm.realm}}/users/{{user.id}}/federated-identity">Identity Provider Links</a></li>
</ul>

3
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/UsersResource.java
View file

@ -10,6 +10,7 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.List;
public interface UsersResource {
@ -31,7 +32,7 @@ public interface UsersResource {
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void create(UserRepresentation userRepresentation);
Response create(UserRepresentation userRepresentation);
@Path("{username}")
public UserResource get(@PathParam("username") String username);

167
services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
View file

@ -106,18 +106,18 @@ public class UsersResource {
/**
* Update the user
*
* @param username user name (not id!)
* @param id
* @param rep
* @return
*/
@Path("{username}")
@Path("{id}")
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public Response updateUser(final @PathParam("username") String username, final UserRepresentation rep) {
public Response updateUser(final @PathParam("id") String id, final UserRepresentation rep) {
auth.requireManage();
try {
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -165,7 +165,7 @@ public class UsersResource {
session.getTransaction().commit();
}
return Response.created(uriInfo.getAbsolutePathBuilder().path(user.getUsername()).build()).build();
return Response.created(uriInfo.getAbsolutePathBuilder().path(user.getId()).build()).build();
} catch (ModelDuplicateException e) {
if (session.getTransaction().isActive()) {
session.getTransaction().setRollbackOnly();
@ -211,17 +211,17 @@ public class UsersResource {
/**
* Get represenation of the user
*
* @param username username (not id!)
* @param id user id
* @return
*/
@Path("{username}")
@Path("{id}")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public UserRepresentation getUser(final @PathParam("username") String username) {
public UserRepresentation getUser(final @PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -245,16 +245,16 @@ public class UsersResource {
/**
* List set of sessions associated with this user.
*
* @param username
* @param id
* @return
*/
@Path("{username}/sessions")
@Path("{id}/sessions")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public List<UserSessionRepresentation> getSessions(final @PathParam("username") String username) {
public List<UserSessionRepresentation> getSessions(final @PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -270,16 +270,16 @@ public class UsersResource {
/**
* List set of social logins associated with this user.
*
* @param username
* @param id
* @return
*/
@Path("{username}/federated-identity")
@Path("{id}/federated-identity")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public List<FederatedIdentityRepresentation> getFederatedIdentity(final @PathParam("username") String username) {
public List<FederatedIdentityRepresentation> getFederatedIdentity(final @PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -298,12 +298,12 @@ public class UsersResource {
return result;
}
@Path("{username}/federated-identity/{provider}")
@Path("{id}/federated-identity/{provider}")
@POST
@NoCache
public Response addFederatedIdentity(final @PathParam("username") String username, final @PathParam("provider") String provider, FederatedIdentityRepresentation rep) {
public Response addFederatedIdentity(final @PathParam("id") String id, final @PathParam("provider") String provider, FederatedIdentityRepresentation rep) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -317,12 +317,12 @@ public class UsersResource {
return Response.noContent().build();
}
@Path("{username}/federated-identity/{provider}")
@Path("{id}/federated-identity/{provider}")
@DELETE
@NoCache
public void removeFederatedIdentity(final @PathParam("username") String username, final @PathParam("provider") String provider) {
public void removeFederatedIdentity(final @PathParam("id") String id, final @PathParam("provider") String provider) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -335,16 +335,16 @@ public class UsersResource {
/**
* List set of consents granted by this user.
*
* @param username
* @param id
* @return
*/
@Path("{username}/consents")
@Path("{id}/consents")
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public List<UserConsentRepresentation> getConsents(final @PathParam("username") String username) {
public List<UserConsentRepresentation> getConsents(final @PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -362,15 +362,15 @@ public class UsersResource {
/**
* Revoke consent for particular client
*
* @param username
* @param id
* @param clientId
*/
@Path("{username}/consents/{client}")
@Path("{id}/consents/{client}")
@DELETE
@NoCache
public void revokeConsent(final @PathParam("username") String username, final @PathParam("client") String clientId) {
public void revokeConsent(final @PathParam("id") String id, final @PathParam("client") String clientId) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -381,7 +381,7 @@ public class UsersResource {
// Logout clientSessions for this user and client
AuthenticationManager.backchannelUserFromClient(session, realm, user, client, uriInfo, headers);
} else {
throw new NotFoundException("Consent not found for user " + username + " and client " + clientId);
throw new NotFoundException("Consent not found for user " + id + " and client " + clientId);
}
adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success();
}
@ -390,13 +390,13 @@ public class UsersResource {
* Remove all user sessions associated with this user. And, for all client that have an admin URL, tell
* them to invalidate the sessions for this particular user.
*
* @param username username (not id!)
* @param id user id
*/
@Path("{username}/logout")
@Path("{id}/logout")
@POST
public void logout(final @PathParam("username") String username) {
public void logout(final @PathParam("id") String id) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -411,16 +411,15 @@ public class UsersResource {
/**
* delete this user
*
* @param username username (not id!)
* @param id user id
*/
@Path("{username}")
@Path("{id}")
@DELETE
@NoCache
public Response deleteUser(final @PathParam("username") String username) {
public Response deleteUser(final @PathParam("id") String id) {
auth.requireManage();
UserRepresentation rep = getUser(username);
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -491,17 +490,17 @@ public class UsersResource {
/**
* Get role mappings for this user
*
* @param username username (not id!)
* @param id user id
* @return
*/
@Path("{username}/role-mappings")
@Path("{id}/role-mappings")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public MappingsRepresentation getRoleMappings(@PathParam("username") String username) {
public MappingsRepresentation getRoleMappings(@PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -542,17 +541,17 @@ public class UsersResource {
/**
* Get realm-level role mappings for this user
*
* @param username username (not id!)
* @param id user id
* @return
*/
@Path("{username}/role-mappings/realm")
@Path("{id}/role-mappings/realm")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getRealmRoleMappings(@PathParam("username") String username) {
public List<RoleRepresentation> getRealmRoleMappings(@PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -568,17 +567,17 @@ public class UsersResource {
/**
* Effective realm-level role mappings for this user. Will recurse all composite roles to get this list.
*
* @param username username (not id!)
* @param id user id
* @return
*/
@Path("{username}/role-mappings/realm/composite")
@Path("{id}/role-mappings/realm/composite")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getCompositeRealmRoleMappings(@PathParam("username") String username) {
public List<RoleRepresentation> getCompositeRealmRoleMappings(@PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -596,17 +595,17 @@ public class UsersResource {
/**
* Realm-level roles that can be mapped to this user
*
* @param username username (not id!)
* @param id
* @return
*/
@Path("{username}/role-mappings/realm/available")
@Path("{id}/role-mappings/realm/available")
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
public List<RoleRepresentation> getAvailableRealmRoleMappings(@PathParam("username") String username) {
public List<RoleRepresentation> getAvailableRealmRoleMappings(@PathParam("id") String id) {
auth.requireView();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -618,17 +617,17 @@ public class UsersResource {
/**
* Add realm-level role mappings
*
* @param username username (not id!)
* @param id
* @param roles
*/
@Path("{username}/role-mappings/realm")
@Path("{id}/role-mappings/realm")
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void addRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
public void addRealmRoleMappings(@PathParam("id") String id, List<RoleRepresentation> roles) {
auth.requireManage();
logger.debugv("** addRealmRoleMappings: {0}", roles);
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -646,17 +645,17 @@ public class UsersResource {
/**
* Delete realm-level role mappings
*
* @param username username (not id!)
* @param id user id
* @param roles
*/
@Path("{username}/role-mappings/realm")
@Path("{id}/role-mappings/realm")
@DELETE
@Consumes(MediaType.APPLICATION_JSON)
public void deleteRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
public void deleteRealmRoleMappings(@PathParam("id") String id, List<RoleRepresentation> roles) {
auth.requireManage();
logger.debug("deleteRealmRoleMappings");
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -681,9 +680,9 @@ public class UsersResource {
}
@Path("{username}/role-mappings/clients/{client}")
public UserClientRoleMappingsResource getUserClientRoleMappingsResource(@PathParam("username") String username, @PathParam("client") String client) {
UserModel user = session.users().getUserByUsername(username, realm);
@Path("{id}/role-mappings/clients/{client}")
public UserClientRoleMappingsResource getUserClientRoleMappingsResource(@PathParam("id") String id, @PathParam("client") String client) {
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -700,16 +699,16 @@ public class UsersResource {
* Set up a temporary password for this user. User will have to reset this temporary password when they log
* in next.
*
* @param username username (not id!)
* @param id
* @param pass temporary password
*/
@Path("{username}/reset-password")
@Path("{id}/reset-password")
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public void resetPassword(@PathParam("username") String username, CredentialRepresentation pass) {
public void resetPassword(@PathParam("id") String id, CredentialRepresentation pass) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -733,15 +732,15 @@ public class UsersResource {
/**
*
*
* @param username username (not id!)
* @param id
*/
@Path("{username}/remove-totp")
@Path("{id}/remove-totp")
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public void removeTotp(@PathParam("username") String username) {
public void removeTotp(@PathParam("id") String id) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
throw new NotFoundException("User not found");
}
@ -755,18 +754,18 @@ public class UsersResource {
* The redirectUri and clientId parameters are optional. The default for the
* redirect is the account client.
*
* @param username username (not id!)
* @param id
* @param redirectUri redirect uri
* @param clientId client id
* @return
*/
@Path("{username}/reset-password-email")
@Path("{id}/reset-password-email")
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public Response resetPasswordEmail(@PathParam("username") String username, @QueryParam(OIDCLoginProtocol.REDIRECT_URI_PARAM) String redirectUri, @QueryParam(OIDCLoginProtocol.CLIENT_ID_PARAM) String clientId) {
public Response resetPasswordEmail(@PathParam("id") String id, @QueryParam(OIDCLoginProtocol.REDIRECT_URI_PARAM) String redirectUri, @QueryParam(OIDCLoginProtocol.CLIENT_ID_PARAM) String clientId) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
return ErrorResponse.error("User not found", Response.Status.NOT_FOUND);
}
@ -804,18 +803,18 @@ public class UsersResource {
* The redirectUri and clientId parameters are optional. The default for the
* redirect is the account client.
*
* @param username username (not id!)
* @param id
* @param redirectUri redirect uri
* @param clientId client id
* @return
*/
@Path("{username}/send-verify-email")
@Path("{id}/send-verify-email")
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public Response sendVerifyEmail(@PathParam("username") String username, @QueryParam(OIDCLoginProtocol.REDIRECT_URI_PARAM) String redirectUri, @QueryParam(OIDCLoginProtocol.CLIENT_ID_PARAM) String clientId) {
public Response sendVerifyEmail(@PathParam("id") String id, @QueryParam(OIDCLoginProtocol.REDIRECT_URI_PARAM) String redirectUri, @QueryParam(OIDCLoginProtocol.CLIENT_ID_PARAM) String clientId) {
auth.requireManage();
UserModel user = session.users().getUserByUsername(username, realm);
UserModel user = session.users().getUserById(id, realm);
if (user == null) {
return ErrorResponse.error("User not found", Response.Status.NOT_FOUND);
}

167
testsuite/integration/src/test/java/org/keycloak/testsuite/admin/UserTest.java
View file

@ -24,104 +24,94 @@ import static org.junit.Assert.fail;
*/
public class UserTest extends AbstractClientTest {
@Test
public void createUser() {
public String createUser() {
UserRepresentation user = new UserRepresentation();
user.setUsername("user1");
user.setEmail("user1@localhost");
realm.users().create(user);
Response response = realm.users().create(user);
String createdId = ApiUtil.getCreatedId(response);
response.close();
return createdId;
}
@Test
public void verifyCreateUser() {
createUser();
}
@Test
public void createDuplicatedUser1() {
createUser();
try {
UserRepresentation user = new UserRepresentation();
user.setUsername("user1");
realm.users().create(user);
fail("Expected failure");
} catch (ClientErrorException e) {
assertEquals(409, e.getResponse().getStatus());
UserRepresentation user = new UserRepresentation();
user.setUsername("user1");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
// Just to show how to retrieve underlying error message
ErrorRepresentation error = e.getResponse().readEntity(ErrorRepresentation.class);
Assert.assertEquals("User exists with same username", error.getErrorMessage());
}
// Just to show how to retrieve underlying error message
ErrorRepresentation error = response.readEntity(ErrorRepresentation.class);
Assert.assertEquals("User exists with same username", error.getErrorMessage());
response.close();
}
@Test
public void createDuplicatedUser2() {
createUser();
try {
UserRepresentation user = new UserRepresentation();
user.setUsername("user2");
user.setEmail("user1@localhost");
realm.users().create(user);
fail("Expected failure");
} catch (ClientErrorException e) {
assertEquals(409, e.getResponse().getStatus());
}
UserRepresentation user = new UserRepresentation();
user.setUsername("user2");
user.setEmail("user1@localhost");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
response.close();
}
@Test
public void createDuplicatedUser3() {
createUser();
try {
UserRepresentation user = new UserRepresentation();
user.setUsername("User1");
realm.users().create(user);
fail("Expected failure");
} catch (ClientErrorException e) {
assertEquals(409, e.getResponse().getStatus());
}
UserRepresentation user = new UserRepresentation();
user.setUsername("User1");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
response.close();
}
@Test
public void createDuplicatedUser4() {
createUser();
try {
UserRepresentation user = new UserRepresentation();
user.setUsername("USER1");
realm.users().create(user);
fail("Expected failure");
} catch (ClientErrorException e) {
assertEquals(409, e.getResponse().getStatus());
}
UserRepresentation user = new UserRepresentation();
user.setUsername("USER1");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
response.close();
}
@Test
public void createDuplicatedUser5() {
createUser();
try {
UserRepresentation user = new UserRepresentation();
user.setUsername("user2");
user.setEmail("User1@localhost");
realm.users().create(user);
fail("Expected failure");
} catch (ClientErrorException e) {
assertEquals(409, e.getResponse().getStatus());
}
UserRepresentation user = new UserRepresentation();
user.setUsername("user2");
user.setEmail("User1@localhost");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
response.close();
}
@Test
public void createDuplicatedUser6() {
createUser();
try {
UserRepresentation user = new UserRepresentation();
user.setUsername("user2");
user.setEmail("user1@LOCALHOST");
realm.users().create(user);
fail("Expected failure");
} catch (ClientErrorException e) {
assertEquals(409, e.getResponse().getStatus());
}
UserRepresentation user = new UserRepresentation();
user.setUsername("user2");
user.setEmail("user1@LOCALHOST");
Response response = realm.users().create(user);
assertEquals(409, response.getStatus());
response.close();
}
private void createUsers() {
@ -132,7 +122,7 @@ public class UserTest extends AbstractClientTest {
user.setFirstName("First" + i);
user.setLastName("Last" + i);
realm.users().create(user);
realm.users().create(user).close();
}
}
@ -200,8 +190,8 @@ public class UserTest extends AbstractClientTest {
addSampleIdentityProvider();
// Add sample user
createUser();
UserResource user = realm.users().get("user1");
String id = createUser();
UserResource user = realm.users().get(id);
assertEquals(0, user.getFederatedIdentity().size());
// Add social link to the user
@ -212,7 +202,7 @@ public class UserTest extends AbstractClientTest {
assertEquals(204, response.getStatus());
// Verify social link is here
user = realm.users().get("user1");
user = realm.users().get(id);
List<FederatedIdentityRepresentation> federatedIdentities = user.getFederatedIdentity();
assertEquals(1, federatedIdentities.size());
link = federatedIdentities.get(0);
@ -245,9 +235,9 @@ public class UserTest extends AbstractClientTest {
@Test
public void addRequiredAction() {
createUser();
String id = createUser();
UserResource user = realm.users().get("user1");
UserResource user = realm.users().get(id);
assertTrue(user.toRepresentation().getRequiredActions().isEmpty());
UserRepresentation userRep = user.toRepresentation();
@ -260,10 +250,17 @@ public class UserTest extends AbstractClientTest {
@Test
public void removeRequiredAction() {
addRequiredAction();
String id = createUser();
UserResource user = realm.users().get(id);
assertTrue(user.toRepresentation().getRequiredActions().isEmpty());
UserResource user = realm.users().get("user1");
UserRepresentation userRep = user.toRepresentation();
userRep.getRequiredActions().add("UPDATE_PASSWORD");
user.update(userRep);
user = realm.users().get(id);
userRep = user.toRepresentation();
userRep.getRequiredActions().clear();
user.update(userRep);
@ -276,20 +273,25 @@ public class UserTest extends AbstractClientTest {
user1.setUsername("user1");
user1.attribute("attr1", "value1user1");
user1.attribute("attr2", "value2user1");
realm.users().create(user1);
Response response = realm.users().create(user1);
String user1Id = ApiUtil.getCreatedId(response);
response.close();
UserRepresentation user2 = new UserRepresentation();
user2.setUsername("user2");
user2.attribute("attr1", "value1user2");
user2.attribute("attr2", "value2user2");
realm.users().create(user2);
user1 = realm.users().get("user1").toRepresentation();
response = realm.users().create(user2);
String user2Id = ApiUtil.getCreatedId(response);
response.close();
user1 = realm.users().get(user1Id).toRepresentation();
assertEquals(2, user1.getAttributes().size());
assertEquals("value1user1", user1.getAttributes().get("attr1"));
assertEquals("value2user1", user1.getAttributes().get("attr2"));
user2 = realm.users().get("user2").toRepresentation();
user2 = realm.users().get(user2Id).toRepresentation();
assertEquals(2, user2.getAttributes().size());
assertEquals("value1user2", user2.getAttributes().get("attr1"));
assertEquals("value2user2", user2.getAttributes().get("attr2"));
@ -297,26 +299,26 @@ public class UserTest extends AbstractClientTest {
user1.attribute("attr1", "value3user1");
user1.attribute("attr3", "value4user1");
realm.users().get("user1").update(user1);
realm.users().get(user1Id).update(user1);
user1 = realm.users().get("user1").toRepresentation();
user1 = realm.users().get(user1Id).toRepresentation();
assertEquals(3, user1.getAttributes().size());
assertEquals("value3user1", user1.getAttributes().get("attr1"));
assertEquals("value2user1", user1.getAttributes().get("attr2"));
assertEquals("value4user1", user1.getAttributes().get("attr3"));
user1.getAttributes().remove("attr1");
realm.users().get("user1").update(user1);
realm.users().get(user1Id).update(user1);
user1 = realm.users().get("user1").toRepresentation();
user1 = realm.users().get(user1Id).toRepresentation();
assertEquals(2, user1.getAttributes().size());
assertEquals("value2user1", user1.getAttributes().get("attr2"));
assertEquals("value4user1", user1.getAttributes().get("attr3"));
user1.getAttributes().clear();
realm.users().get("user1").update(user1);
realm.users().get(user1Id).update(user1);
user1 = realm.users().get("user1").toRepresentation();
user1 = realm.users().get(user1Id).toRepresentation();
assertNull(user1.getAttributes());
}
@ -324,8 +326,10 @@ public class UserTest extends AbstractClientTest {
public void sendResetPasswordEmail() {
UserRepresentation userRep = new UserRepresentation();
userRep.setUsername("user1");
realm.users().create(userRep);
UserResource user = realm.users().get("user1");
Response response = realm.users().create(userRep);
String id = ApiUtil.getCreatedId(response);
response.close();
UserResource user = realm.users().get(id);
try {
user.resetPasswordEmail();
@ -366,8 +370,11 @@ public class UserTest extends AbstractClientTest {
public void sendVerifyEmail() {
UserRepresentation userRep = new UserRepresentation();
userRep.setUsername("user1");
realm.users().create(userRep);
UserResource user = realm.users().get("user1");
Response response = realm.users().create(userRep);
String id = ApiUtil.getCreatedId(response);
response.close();
UserResource user = realm.users().get(id);
try {
user.sendVerifyEmail();