diff --git a/examples/providers/user-storage-jpa/src/main/java/org/keycloak/examples/storage/user/EjbExampleUserStorageProvider.java b/examples/providers/user-storage-jpa/src/main/java/org/keycloak/examples/storage/user/EjbExampleUserStorageProvider.java
index 86b2a30ef3..97b1ea0b49 100644
--- a/examples/providers/user-storage-jpa/src/main/java/org/keycloak/examples/storage/user/EjbExampleUserStorageProvider.java
+++ b/examples/providers/user-storage-jpa/src/main/java/org/keycloak/examples/storage/user/EjbExampleUserStorageProvider.java
@@ -155,11 +155,6 @@ public class EjbExampleUserStorageProvider implements UserStorageProvider,
return true;
}
- @Override
- public void grantToAllUsers(RealmModel realm, RoleModel role) {
-
- }
-
@Override
public void onCache(RealmModel realm, CachedUserModel user, UserModel delegate) {
String password = ((UserAdapter)delegate).getPassword();
diff --git a/examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/FilePropertiesStorageProvider.java b/examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/FilePropertiesStorageProvider.java
index 514a8e4198..666928c124 100755
--- a/examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/FilePropertiesStorageProvider.java
+++ b/examples/providers/user-storage-simple/src/main/java/org/keycloak/examples/federation/properties/FilePropertiesStorageProvider.java
@@ -93,11 +93,6 @@ public class FilePropertiesStorageProvider extends BasePropertiesStorageProvider
return createAdapter(realm, username);
}
- @Override
- public void grantToAllUsers(RealmModel realm, RoleModel role) {
- // unsupported
- }
-
@Override
public boolean updateCredential(RealmModel realm, UserModel user, CredentialInput input) {
if (!(input instanceof UserCredentialModel)) return false;
diff --git a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
index 3fd8340608..ebde5d3442 100755
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/LDAPStorageProvider.java
@@ -168,11 +168,6 @@ public class LDAPStorageProvider implements UserStorageProvider,
return Collections.EMPTY_LIST;
}
- @Override
- public void grantToAllUsers(RealmModel realm, RoleModel role) {
-
- }
-
public boolean synchronizeRegistrations() {
return "true".equalsIgnoreCase(model.getConfig().getFirst(LDAPConstants.SYNC_REGISTRATIONS)) && editMode == UserStorageProvider.EditMode.WRITABLE;
}
diff --git a/server-spi/src/main/java/org/keycloak/models/UserProvider.java b/server-spi/src/main/java/org/keycloak/models/UserProvider.java
index 924470d83b..289c5a8b3c 100755
--- a/server-spi/src/main/java/org/keycloak/models/UserProvider.java
+++ b/server-spi/src/main/java/org/keycloak/models/UserProvider.java
@@ -19,6 +19,7 @@ package org.keycloak.models;
import org.keycloak.component.ComponentModel;
import org.keycloak.provider.Provider;
+import org.keycloak.storage.user.UserBulkUpdateProvider;
import org.keycloak.storage.user.UserLookupProvider;
import org.keycloak.storage.user.UserQueryProvider;
import org.keycloak.storage.user.UserRegistrationProvider;
@@ -33,7 +34,8 @@ import java.util.Set;
public interface UserProvider extends Provider,
UserLookupProvider,
UserQueryProvider,
- UserRegistrationProvider {
+ UserRegistrationProvider,
+ UserBulkUpdateProvider {
// Note: The reason there are so many query methods here is for layering a cache on top of an persistent KeycloakSession
public void addFederatedIdentity(RealmModel realm, UserModel user, FederatedIdentityModel socialLink);
diff --git a/server-spi/src/main/java/org/keycloak/storage/UserStorageProvider.java b/server-spi/src/main/java/org/keycloak/storage/UserStorageProvider.java
index 6cf8ba6d9e..922c3493cf 100644
--- a/server-spi/src/main/java/org/keycloak/storage/UserStorageProvider.java
+++ b/server-spi/src/main/java/org/keycloak/storage/UserStorageProvider.java
@@ -33,21 +33,22 @@ public interface UserStorageProvider extends Provider {
void preRemove(RealmModel realm, RoleModel role);
/**
- * Optional type that can be by implementations to describe edit mode of federation storage
+ * Optional type that can be used by implementations to
+ * describe edit mode of user storage
*
*/
enum EditMode {
/**
- * federation storage is read-only
+ * user storage is read-only
*/
READ_ONLY,
/**
- * federation storage is writable
+ * user storage is writable
*
*/
WRITABLE,
/**
- * updates to user are stored locally and not synced with federation storage.
+ * updates to user are stored locally and not synced with user storage.
*
*/
UNSYNCED
diff --git a/server-spi/src/main/java/org/keycloak/storage/user/UserBulkUpdateProvider.java b/server-spi/src/main/java/org/keycloak/storage/user/UserBulkUpdateProvider.java
new file mode 100644
index 0000000000..f8d56cff9b
--- /dev/null
+++ b/server-spi/src/main/java/org/keycloak/storage/user/UserBulkUpdateProvider.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.keycloak.storage.user;
+
+import org.keycloak.models.RealmModel;
+import org.keycloak.models.RoleModel;
+
+/**
+ * @author Bill Burke
+ * @version $Revision: 1 $
+ */
+public interface UserBulkUpdateProvider {
+ void grantToAllUsers(RealmModel realm, RoleModel role);
+}
diff --git a/server-spi/src/main/java/org/keycloak/storage/user/UserRegistrationProvider.java b/server-spi/src/main/java/org/keycloak/storage/user/UserRegistrationProvider.java
index 7697042f87..25bb35e353 100644
--- a/server-spi/src/main/java/org/keycloak/storage/user/UserRegistrationProvider.java
+++ b/server-spi/src/main/java/org/keycloak/storage/user/UserRegistrationProvider.java
@@ -30,6 +30,5 @@ public interface UserRegistrationProvider {
boolean removeUser(RealmModel realm, UserModel user);
- void grantToAllUsers(RealmModel realm, RoleModel role);
}
diff --git a/services/src/main/java/org/keycloak/storage/UserStorageManager.java b/services/src/main/java/org/keycloak/storage/UserStorageManager.java
index 256247039e..0e48c554d0 100755
--- a/services/src/main/java/org/keycloak/storage/UserStorageManager.java
+++ b/services/src/main/java/org/keycloak/storage/UserStorageManager.java
@@ -37,6 +37,7 @@ import org.keycloak.models.cache.CachedUserModel;
import org.keycloak.models.cache.OnUserCache;
import org.keycloak.storage.federated.UserFederatedStorageProvider;
import org.keycloak.storage.user.ImportedUserValidation;
+import org.keycloak.storage.user.UserBulkUpdateProvider;
import org.keycloak.storage.user.UserLookupProvider;
import org.keycloak.storage.user.UserQueryProvider;
import org.keycloak.storage.user.UserRegistrationProvider;
@@ -521,12 +522,11 @@ public class UserStorageManager implements UserProvider, OnUserCache {
@Override
public void grantToAllUsers(RealmModel realm, RoleModel role) {
- // not federation-aware for now
- List storageProviders = getStorageProviders(session, realm, UserRegistrationProvider.class);
- LinkedList providers = new LinkedList<>();
+ List storageProviders = getStorageProviders(session, realm, UserBulkUpdateProvider.class);
+ LinkedList providers = new LinkedList<>();
providers.add(localStorage());
providers.addAll(storageProviders);
- for (UserRegistrationProvider provider : providers) {
+ for (UserBulkUpdateProvider provider : providers) {
provider.grantToAllUsers(realm, role);
}
}
diff --git a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java
index ad6d16f688..c1ff83bdb2 100644
--- a/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java
+++ b/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/src/main/java/org/keycloak/testsuite/federation/DummyUserFederationProvider.java
@@ -88,11 +88,6 @@ public class DummyUserFederationProvider implements UserStorageProvider,
}
@Override
- public void grantToAllUsers(RealmModel realm, RoleModel role) {
-
- }
-
- @Override
public void preRemove(RealmModel realm) {
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserMapStorage.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserMapStorage.java
index 445b350a7a..cf19917d81 100644
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserMapStorage.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/federation/storage/UserMapStorage.java
@@ -149,11 +149,6 @@ public class UserMapStorage implements UserLookupProvider, UserStorageProvider,
return userPasswords.remove(user.getUsername()) != null;
}
- @Override
- public void grantToAllUsers(RealmModel realm, RoleModel role) {
-
- }
-
@Override
public void preRemove(RealmModel realm) {