libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

[KEYCLOAK-3172] - Migrating older versions with authorization services.

Browse source
This commit is contained in:
Pedro Igor 2016-06-29 12:07:49 -03:00
parent bc82f18acb
commit 8b0bf503c3
5 changed files with 85 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
server-spi/src/main/java/org/keycloak/migration/MigrationModel.java
View file

@ -26,7 +26,7 @@ public interface MigrationModel {
/** /**
* Must have the form of major.minor.micro as the version is parsed and numbers are compared * Must have the form of major.minor.micro as the version is parsed and numbers are compared
*/ */
String LATEST_VERSION = "1.9.2"; String LATEST_VERSION = "2.0.0";
String getStoredVersion(); String getStoredVersion();
void setStoredVersion(String version); void setStoredVersion(String version);

7
server-spi/src/main/java/org/keycloak/migration/MigrationModelManager.java
View file

@ -26,6 +26,7 @@ import org.keycloak.migration.migrators.MigrateTo1_7_0;
import org.keycloak.migration.migrators.MigrateTo1_8_0; import org.keycloak.migration.migrators.MigrateTo1_8_0;
import org.keycloak.migration.migrators.MigrateTo1_9_0; import org.keycloak.migration.migrators.MigrateTo1_9_0;
import org.keycloak.migration.migrators.MigrateTo1_9_2; import org.keycloak.migration.migrators.MigrateTo1_9_2;
import org.keycloak.migration.migrators.MigrateTo2_0_0;
import org.keycloak.migration.migrators.MigrationTo1_2_0_CR1; import org.keycloak.migration.migrators.MigrationTo1_2_0_CR1;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
@ -99,6 +100,12 @@ public class MigrationModelManager {
} }
new MigrateTo1_9_2().migrate(session); new MigrateTo1_9_2().migrate(session);
} }
if (stored == null || stored.lessThan(MigrateTo2_0_0.VERSION)) {
if (stored != null) {
logger.debug("Migrating older model to 2.0.0 updates");
}
new MigrateTo2_0_0().migrate(session);
}
model.setStoredVersion(MigrationModel.LATEST_VERSION); model.setStoredVersion(MigrationModel.LATEST_VERSION);
} }

66
server-spi/src/main/java/org/keycloak/migration/migrators/MigrateTo2_0_0.java Normal file
View file

@ -0,0 +1,66 @@
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.migration.migrators;
import org.keycloak.Config;
import org.keycloak.migration.ModelVersion;
import org.keycloak.models.AdminRoles;
import org.keycloak.models.ClientModel;
import org.keycloak.models.Constants;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.utils.KeycloakModelUtils;
public class MigrateTo2_0_0 {
public static final ModelVersion VERSION = new ModelVersion("2.0.0");
public void migrate(KeycloakSession session) {
for (RealmModel realm : session.realms().getRealms()) {
migrateAuthorizationServices(realm);
}
}
private void migrateAuthorizationServices(RealmModel realm) {
KeycloakModelUtils.setupAuthorizationServices(realm);
ClientModel client = realm.getMasterAdminClient();
if (client.getRole(AdminRoles.MANAGE_AUTHORIZATION) == null) {
RoleModel role = client.addRole(AdminRoles.MANAGE_AUTHORIZATION);
role.setDescription("${role_" + AdminRoles.MANAGE_AUTHORIZATION + "}");
role.setScopeParamRequired(false);
client.getRealm().getRole(AdminRoles.ADMIN).addCompositeRole(role);
}
if (!realm.getName().equals(Config.getAdminRealm())) {
client = realm.getClientByClientId(Constants.REALM_MANAGEMENT_CLIENT_ID);
if (client.getRole(AdminRoles.MANAGE_AUTHORIZATION) == null) {
RoleModel role = client.addRole(AdminRoles.MANAGE_AUTHORIZATION);
role.setDescription("${role_" + AdminRoles.MANAGE_AUTHORIZATION + "}");
role.setScopeParamRequired(false);
client.getRole(AdminRoles.REALM_ADMIN).addCompositeRole(role);
}
}
}
}

11
server-spi/src/main/java/org/keycloak/models/utils/KeycloakModelUtils.java
View file

@ -642,5 +642,14 @@ public final class KeycloakModelUtils {
return null; return null;
} }
public static void setupAuthorizationServices(RealmModel realm) {
for (String roleName : Constants.AUTHZ_DEFAULT_AUTHORIZATION_ROLES) {
if (realm.getRole(roleName) == null) {
RoleModel role = realm.addRole(roleName);
role.setDescription("${role_" + roleName + "}");
role.setScopeParamRequired(false);
realm.addDefaultRole(roleName);
}
}
}
} }

9
services/src/main/java/org/keycloak/services/managers/RealmManager.java
View file

@ -585,13 +585,6 @@ public class RealmManager implements RealmImporter {
} }
private void setupAuthorizationServices(RealmModel realm) { private void setupAuthorizationServices(RealmModel realm) {
for (String roleName : Constants.AUTHZ_DEFAULT_AUTHORIZATION_ROLES) { KeycloakModelUtils.setupAuthorizationServices(realm);
if (realm.getRole(roleName) == null) {
RoleModel role = realm.addRole(roleName);
role.setDescription("${role_" + roleName + "}");
role.setScopeParamRequired(false);
realm.addDefaultRole(roleName);
}
}
} }
} }