libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-8783 only checked master and realm admin roles when roles are specified in imported realm

Browse source
This commit is contained in:
Gideon Caranzo 2018-11-09 20:02:08 +08:00 committed by Marek Posolda
parent 78b2067f73
commit 9f88abb022
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
services/src/main/java/org/keycloak/services/managers/RealmManager.java
View file

@ -531,9 +531,11 @@ public class RealmManager {
setupMasterAdminManagement(realm); setupMasterAdminManagement(realm);
} }
// Assert all admin roles are available once import took place. This is needed due to import from previous version where JSON file may not contain all admin roles if (rep.getRoles() != null) {
checkMasterAdminManagementRoles(realm); // Assert all admin roles are available once import took place. This is needed due to import from previous version where JSON file may not contain all admin roles
checkRealmAdminManagementRoles(realm); checkMasterAdminManagementRoles(realm);
checkRealmAdminManagementRoles(realm);
}
// Could happen when migrating from older version and I have exported JSON file, which contains "realm-management" client but not "impersonation" client // Could happen when migrating from older version and I have exported JSON file, which contains "realm-management" client but not "impersonation" client
// I need to postpone impersonation because it needs "realm-management" client and its roles set // I need to postpone impersonation because it needs "realm-management" client and its roles set