Merge pull request #2701 from stianst/KEYCLOAK-2873
KEYCLOAK-2873 / KEYCLOAK-2875 Test RoleContainerResource
This commit is contained in:
commit
6776f5c341
7 changed files with 196 additions and 17 deletions
|
@ -38,38 +38,38 @@ public interface RoleResource {
|
|||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public RoleRepresentation toRepresentation();
|
||||
RoleRepresentation toRepresentation();
|
||||
|
||||
@PUT
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public void update(RoleRepresentation roleRepresentation);
|
||||
void update(RoleRepresentation roleRepresentation);
|
||||
|
||||
@DELETE
|
||||
public void remove();
|
||||
void remove();
|
||||
|
||||
@GET
|
||||
@Path("composites")
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Set<RoleRepresentation> getChildren();
|
||||
Set<RoleRepresentation> getRoleComposites();
|
||||
|
||||
@GET
|
||||
@Path("composites/realm")
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Set<RoleRepresentation> getRealmLevelChildren();
|
||||
Set<RoleRepresentation> getRealmRoleComposites();
|
||||
|
||||
@GET
|
||||
@Path("composites/application/{appName}")
|
||||
@Path("composites/clients/{appName}")
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public Set<RoleRepresentation> getApplicationLevelChildren(@PathParam("appName") String appName);
|
||||
Set<RoleRepresentation> getClientRoleComposites(@PathParam("appName") String appName);
|
||||
|
||||
@POST
|
||||
@Path("composites")
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public void addChildren(List<RoleRepresentation> rolesToAdd);
|
||||
void addComposites(List<RoleRepresentation> rolesToAdd);
|
||||
|
||||
@DELETE
|
||||
@Path("composites")
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public void removeChildren(List<RoleRepresentation> rolesToRemove);
|
||||
void deleteComposites(List<RoleRepresentation> rolesToRemove);
|
||||
|
||||
}
|
||||
|
|
|
@ -36,17 +36,17 @@ public interface RolesResource {
|
|||
|
||||
@GET
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
public List<RoleRepresentation> list();
|
||||
List<RoleRepresentation> list();
|
||||
|
||||
@POST
|
||||
@Consumes(MediaType.APPLICATION_JSON)
|
||||
public void create(RoleRepresentation roleRepresentation);
|
||||
void create(RoleRepresentation roleRepresentation);
|
||||
|
||||
@Path("{roleName}")
|
||||
public RoleResource get(@PathParam("roleName") String roleName);
|
||||
RoleResource get(@PathParam("roleName") String roleName);
|
||||
|
||||
@Path("{role-name}")
|
||||
@DELETE
|
||||
public void deleteRole(final @PathParam("role-name") String roleName);
|
||||
void deleteRole(final @PathParam("role-name") String roleName);
|
||||
|
||||
}
|
||||
|
|
|
@ -23,7 +23,14 @@ import org.junit.Test;
|
|||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
import org.keycloak.admin.client.resource.RolesResource;
|
||||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.util.RoleBuilder;
|
||||
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
|
@ -75,4 +82,36 @@ public class ClientRolesTest extends AbstractClientTest {
|
|||
assertFalse(hasRole(rolesRsc, "role2"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testComposites() {
|
||||
rolesRsc.create(makeRole("role-a"));
|
||||
|
||||
assertFalse(rolesRsc.get("role-a").toRepresentation().isComposite());
|
||||
assertEquals(0, rolesRsc.get("role-a").getRoleComposites().size());
|
||||
|
||||
rolesRsc.create(makeRole("role-b"));
|
||||
testRealmResource().roles().create(makeRole("role-c"));
|
||||
|
||||
List<RoleRepresentation> l = new LinkedList<>();
|
||||
l.add(rolesRsc.get("role-b").toRepresentation());
|
||||
l.add(testRealmResource().roles().get("role-c").toRepresentation());
|
||||
rolesRsc.get("role-a").addComposites(l);
|
||||
|
||||
Set<RoleRepresentation> composites = rolesRsc.get("role-a").getRoleComposites();
|
||||
|
||||
assertTrue(rolesRsc.get("role-a").toRepresentation().isComposite());
|
||||
Assert.assertNames(composites, "role-b", "role-c");
|
||||
|
||||
Set<RoleRepresentation> realmComposites = rolesRsc.get("role-a").getRealmRoleComposites();
|
||||
Assert.assertNames(realmComposites, "role-c");
|
||||
|
||||
Set<RoleRepresentation> clientComposites = rolesRsc.get("role-a").getClientRoleComposites(clientRsc.toRepresentation().getId());
|
||||
Assert.assertNames(clientComposites, "role-b");
|
||||
|
||||
rolesRsc.get("role-a").deleteComposites(l);
|
||||
|
||||
assertFalse(rolesRsc.get("role-a").toRepresentation().isComposite());
|
||||
assertEquals(0, rolesRsc.get("role-a").getRoleComposites().size());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -162,7 +162,7 @@ public class ClientTemplateTest extends AbstractClientTest {
|
|||
roleRep2 = testRealmResource().roles().get("role2").toRepresentation();
|
||||
|
||||
// Add role2 as composite to role1
|
||||
testRealmResource().roles().get("role1").addChildren(Collections.singletonList(roleRep2));
|
||||
testRealmResource().roles().get("role1").addComposites(Collections.singletonList(roleRep2));
|
||||
|
||||
|
||||
// create client template
|
||||
|
|
|
@ -0,0 +1,139 @@
|
|||
/*
|
||||
* Copyright 2016 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.admin.realm;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.RoleByIdResource;
|
||||
import org.keycloak.admin.client.resource.RolesResource;
|
||||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.admin.AbstractAdminTest;
|
||||
import org.keycloak.testsuite.admin.ApiUtil;
|
||||
import org.keycloak.testsuite.util.ClientBuilder;
|
||||
import org.keycloak.testsuite.util.RoleBuilder;
|
||||
|
||||
import javax.ws.rs.NotFoundException;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.util.HashMap;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.fail;
|
||||
|
||||
/**
|
||||
* @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
|
||||
*/
|
||||
public class RealmRolesTest extends AbstractAdminTest {
|
||||
|
||||
private RolesResource resource;
|
||||
|
||||
private Map<String, String> ids = new HashMap<>();
|
||||
private String clientUuid;
|
||||
|
||||
@Before
|
||||
public void before() {
|
||||
adminClient.realm(REALM_NAME).roles().create(RoleBuilder.create().name("role-a").description("Role A").build());
|
||||
adminClient.realm(REALM_NAME).roles().create(RoleBuilder.create().name("role-b").description("Role B").build());
|
||||
|
||||
Response response = adminClient.realm(REALM_NAME).clients().create(ClientBuilder.create().clientId("client-a").build());
|
||||
clientUuid = ApiUtil.getCreatedId(response);
|
||||
adminClient.realm(REALM_NAME).clients().get(clientUuid).roles().create(RoleBuilder.create().name("role-c").description("Role C").build());
|
||||
|
||||
for (RoleRepresentation r : adminClient.realm(REALM_NAME).roles().list()) {
|
||||
ids.put(r.getName(), r.getId());
|
||||
}
|
||||
|
||||
for (RoleRepresentation r : adminClient.realm(REALM_NAME).clients().get(clientUuid).roles().list()) {
|
||||
ids.put(r.getName(), r.getId());
|
||||
}
|
||||
|
||||
resource = adminClient.realm(REALM_NAME).roles();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getRole() {
|
||||
RoleRepresentation role = resource.get("role-a").toRepresentation();
|
||||
assertNotNull(role);
|
||||
assertEquals("role-a", role.getName());
|
||||
assertEquals("Role A", role.getDescription());
|
||||
assertFalse(role.isComposite());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void updateRole() {
|
||||
RoleRepresentation role = resource.get("role-a").toRepresentation();
|
||||
|
||||
role.setName("role-a-new");
|
||||
role.setDescription("Role A New");
|
||||
|
||||
resource.get("role-a").update(role);
|
||||
|
||||
role = resource.get("role-a-new").toRepresentation();
|
||||
|
||||
assertNotNull(role);
|
||||
assertEquals("role-a-new", role.getName());
|
||||
assertEquals("Role A New", role.getDescription());
|
||||
assertFalse(role.isComposite());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void deleteRole() {
|
||||
assertNotNull(resource.get("role-a"));
|
||||
resource.deleteRole("role-a");
|
||||
try {
|
||||
resource.get("role-a").toRepresentation();
|
||||
fail("Expected 404");
|
||||
} catch (NotFoundException e) {
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void composites() {
|
||||
assertFalse(resource.get("role-a").toRepresentation().isComposite());
|
||||
assertEquals(0, resource.get("role-a").getRoleComposites().size());
|
||||
|
||||
List<RoleRepresentation> l = new LinkedList<>();
|
||||
l.add(RoleBuilder.create().id(ids.get("role-b")).build());
|
||||
l.add(RoleBuilder.create().id(ids.get("role-c")).build());
|
||||
resource.get("role-a").addComposites(l);
|
||||
|
||||
Set<RoleRepresentation> composites = resource.get("role-a").getRoleComposites();
|
||||
|
||||
assertTrue(resource.get("role-a").toRepresentation().isComposite());
|
||||
Assert.assertNames(composites, "role-b", "role-c");
|
||||
|
||||
Set<RoleRepresentation> realmComposites = resource.get("role-a").getRealmRoleComposites();
|
||||
Assert.assertNames(realmComposites, "role-b");
|
||||
|
||||
Set<RoleRepresentation> clientComposites = resource.get("role-a").getClientRoleComposites(clientUuid);
|
||||
Assert.assertNames(clientComposites, "role-c");
|
||||
|
||||
resource.get("role-a").deleteComposites(l);
|
||||
|
||||
assertFalse(resource.get("role-a").toRepresentation().isComposite());
|
||||
assertEquals(0, resource.get("role-a").getRoleComposites().size());
|
||||
}
|
||||
|
||||
}
|
|
@ -15,7 +15,7 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.keycloak.testsuite.admin;
|
||||
package org.keycloak.testsuite.admin.realm;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.junit.Test;
|
||||
|
@ -27,6 +27,7 @@ import org.keycloak.representations.idm.ClientRepresentation;
|
|||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.RoleRepresentation;
|
||||
import org.keycloak.testsuite.Assert;
|
||||
import org.keycloak.testsuite.admin.AbstractAdminTest;
|
||||
import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
|
||||
import org.keycloak.testsuite.auth.page.AuthRealm;
|
||||
import org.keycloak.util.JsonSerialization;
|
|
@ -86,7 +86,7 @@ public class LegacyImportTest extends AbstractExportImportTest {
|
|||
assertRolesAvailable(roles);
|
||||
|
||||
// Assert all admin roles are also available as composites of "realm-admin"
|
||||
Set<RoleRepresentation> realmAdminComposites = foo11RealmManagementClient.roles().get(AdminRoles.REALM_ADMIN).getChildren();
|
||||
Set<RoleRepresentation> realmAdminComposites = foo11RealmManagementClient.roles().get(AdminRoles.REALM_ADMIN).getRoleComposites();
|
||||
assertRolesAvailable(realmAdminComposites);
|
||||
|
||||
// Assert "foo11-master" client correctly set and contains all admin roles.
|
||||
|
@ -95,7 +95,7 @@ public class LegacyImportTest extends AbstractExportImportTest {
|
|||
assertRolesAvailable(roles);
|
||||
|
||||
// Assert all admin roles are also available as composites of "admin" role
|
||||
Set<RoleRepresentation> masterAdminComposites = adminClient.realm(Config.getAdminRealm()).roles().get(AdminRoles.ADMIN).getChildren();
|
||||
Set<RoleRepresentation> masterAdminComposites = adminClient.realm(Config.getAdminRealm()).roles().get(AdminRoles.ADMIN).getRoleComposites();
|
||||
assertRolesAvailable(masterAdminComposites);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue