[KEYCLOAK-13927] Accept only ticketId instead of the PermissionTicketRepresentation for delete in PermissionResource
This commit is contained in:
parent
56a70bd376
commit
9389332675
2 changed files with 9 additions and 14 deletions
|
@ -256,21 +256,17 @@ public class PermissionResource {
|
|||
}
|
||||
|
||||
/**
|
||||
* Deletes a permission ticket.
|
||||
*
|
||||
* @param ticket the permission ticket
|
||||
* Deletes a permission ticket by ID.
|
||||
* @param ticketId the permission ticket ID
|
||||
*/
|
||||
public void delete(final PermissionTicketRepresentation ticket) {
|
||||
if (ticket == null) {
|
||||
throw new IllegalArgumentException("Permission ticket must not be null or empty");
|
||||
}
|
||||
if (ticket.getId() == null) {
|
||||
throw new IllegalArgumentException("Permission ticket must have an id");
|
||||
public void delete(final String ticketId) {
|
||||
if (ticketId == null || ticketId.trim().isEmpty()) {
|
||||
throw new IllegalArgumentException("Permission ticket ID must not be null or empty");
|
||||
}
|
||||
Callable<Void> callable = new Callable<Void>() {
|
||||
@Override
|
||||
public Void call() throws Exception {
|
||||
http.<Void>delete(serverConfiguration.getPermissionEndpoint() + "/ticket/" + ticket.getId())
|
||||
http.<Void>delete(serverConfiguration.getPermissionEndpoint() + "/ticket/" + ticketId)
|
||||
.authorizationBearer(pat.call())
|
||||
.response()
|
||||
.execute();
|
||||
|
|
|
@ -258,14 +258,13 @@ public class UserManagedAccessTest extends AbstractResourceServerTest {
|
|||
|
||||
|
||||
for (PermissionTicketRepresentation ticket : tickets) {
|
||||
getAuthzClient().protection().permission().delete(ticket);
|
||||
getAuthzClient().protection().permission().delete(ticket.getId());
|
||||
}
|
||||
|
||||
tickets = getAuthzClient().protection().permission().find(resource.getId(), null, null, null, null, null, null, null);
|
||||
|
||||
assertEquals(0, tickets.size());
|
||||
try {
|
||||
|
||||
response = authorize("kolo", "password", resource.getId(), new String[] {"ScopeA", "ScopeB"});
|
||||
fail("User should not have access to resource from another user");
|
||||
} catch (AuthorizationDeniedException ade) {
|
||||
|
@ -531,7 +530,7 @@ public class UserManagedAccessTest extends AbstractResourceServerTest {
|
|||
}
|
||||
|
||||
for (PermissionTicketRepresentation ticket : permissionTickets) {
|
||||
permissionResource.delete(ticket);
|
||||
permissionResource.delete(ticket.getId());
|
||||
}
|
||||
|
||||
permissionTickets = permissionResource.findByResource(resource.getId());
|
||||
|
@ -612,7 +611,7 @@ public class UserManagedAccessTest extends AbstractResourceServerTest {
|
|||
|
||||
for (PermissionTicketRepresentation representation : new ArrayList<>(permissionTickets)) {
|
||||
if (representation.isGranted()) {
|
||||
permissionResource.delete(representation);
|
||||
permissionResource.delete(representation.getId());
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue