[KEYCLOAK-18860] - Fixing attributes returned from user api

2021-07-22 10:50:49 -03:00 · 2021-07-22 10:50:49 -03:00 · 8260c3c623
commit 8260c3c623
parent fff27f8bd6
2 changed files with 36 additions and 4 deletions
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java
@ -285,11 +285,10 @@ public class UserResource {

        UserProfileProvider provider = session.getProvider(UserProfileProvider.class);
        UserProfile profile = provider.create(USER_API, user);
+        Map<String, List<String>> readableAttributes = profile.getAttributes().getReadable(false);

-        Map<String, List<String>> attributes = profile.getAttributes().getReadable(false);
-
-        if (!attributes.isEmpty()) {
-            rep.setAttributes(attributes);
+        if (rep.getAttributes() != null) {
+            rep.setAttributes(readableAttributes);
        }

        return rep;
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java
@ -1,6 +1,7 @@
 package org.keycloak.testsuite.admin;

 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
@ -39,6 +40,7 @@ public class DeclarativeUserTest extends AbstractAdminTest {
                + "{\"name\": \"lastName\", " + PERMISSIONS_ALL + "},"
                + "{\"name\": \"aName\", " + PERMISSIONS_ALL + "},"
                + "{\"name\": \"custom-a\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"custom-hidden\"},"
                + "{\"name\": \"attr1\", " + PERMISSIONS_ALL + "},"
                + "{\"name\": \"attr2\", " + PERMISSIONS_ALL + "}]}");
    }
@ -66,6 +68,37 @@ public class DeclarativeUserTest extends AbstractAdminTest {
        assertTrue(attributes.containsKey("aName"));
    }

+    @Test
+    public void testDoNotReturnAttributeIfNotReadble() {
+        UserRepresentation user1 = new UserRepresentation();
+        user1.setUsername("user1");
+        user1.singleAttribute("attr1", "value1user1");
+        user1.singleAttribute("attr2", "value2user1");
+        String user1Id = createUser(user1);
+
+        user1 = realm.users().get(user1Id).toRepresentation();
+        Map<String, List<String>> attributes = user1.getAttributes();
+        assertEquals(4, attributes.size());
+        assertFalse(attributes.containsKey("custom-hidden"));
+
+        setUserProfileConfiguration(this.realm, "{\"attributes\": ["
+                + "{\"name\": \"username\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"firstName\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"email\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"lastName\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"aName\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"custom-a\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"custom-hidden\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"attr1\", " + PERMISSIONS_ALL + "},"
+                + "{\"name\": \"attr2\", " + PERMISSIONS_ALL + "}]}");
+
+
+        user1 = realm.users().get(user1Id).toRepresentation();
+        attributes = user1.getAttributes();
+        assertEquals(5, attributes.size());
+        assertTrue(attributes.containsKey("custom-hidden"));
+    }
+
    private String createUser(UserRepresentation userRep) {
        Response response = realm.users().create(userRep);
        String createdId = ApiUtil.getCreatedId(response);