[KEYCLOAK-5135] - Wrong comparison when checking for duplicate resources during creation

2017-07-04 10:16:55 -03:00 · 2017-07-04 10:16:55 -03:00 · adffe16cb8
commit adffe16cb8
parent 1e6f099eb0
2 changed files with 36 additions and 31 deletions
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
@ -76,6 +76,7 @@ import org.keycloak.models.ScopeContainerModel;
 import org.keycloak.models.UserConsentModel;
 import org.keycloak.models.UserCredentialModel;
 import org.keycloak.models.UserModel;
+import org.keycloak.models.UserProvider;
 import org.keycloak.provider.ProviderConfigProperty;
 import org.keycloak.representations.idm.ApplicationRepresentation;
 import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
@ -2245,10 +2246,10 @@ public class RepresentationToModel {
            existing.setType(resource.getType());
            existing.setUri(resource.getUri());
            existing.setIconUri(resource.getIconUri());
-
            existing.updateScopes(resource.getScopes().stream()
                    .map((ScopeRepresentation scope) -> toModel(scope, resourceServer, authorization))
                    .collect(Collectors.toSet()));
+
            return existing;
        }

@ -2259,11 +2260,30 @@ public class RepresentationToModel {
            owner.setId(resourceServer.getClientId());
        }

-        if (owner.getId() == null) {
+        String ownerId = owner.getId();
+
+        if (ownerId == null) {
            throw new RuntimeException("No owner specified for resource [" + resource.getName() + "].");
        }

-        Resource model = resourceStore.create(resource.getName(), resourceServer, owner.getId());
+        if (!resourceServer.getClientId().equals(ownerId)) {
+            RealmModel realm = authorization.getRealm();
+            KeycloakSession keycloakSession = authorization.getKeycloakSession();
+            UserProvider users = keycloakSession.users();
+            UserModel ownerModel = users.getUserById(ownerId, realm);
+
+            if (ownerModel == null) {
+                ownerModel = users.getUserByUsername(ownerId, realm);
+            }
+
+            if (ownerModel == null) {
+                throw new RuntimeException("Owner must be a valid username or user identifier. If the resource server, the client id or null.");
+            }
+
+            owner.setId(ownerModel.getId());
+        }
+
+        Resource model = resourceStore.create(resource.getName(), resourceServer, ownerId);

        model.setType(resource.getType());
        model.setUri(resource.getUri());
--- a/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java
@ -101,39 +101,24 @@ public class ResourceSetService {
        Resource existingResource = storeFactory.getResourceStore().findByName(resource.getName(), this.resourceServer.getId());
        ResourceOwnerRepresentation owner = resource.getOwner();

-        if (existingResource != null && existingResource.getResourceServer().getId().equals(this.resourceServer.getId())
-                && existingResource.getOwner().equals(owner)) {
+        if (owner == null) {
+            owner = new ResourceOwnerRepresentation();
+            owner.setId(resourceServer.getClientId());
+        }
+
+        String ownerId = owner.getId();
+
+        if (ownerId == null) {
+            return ErrorResponse.error("You must specify the resource owner.", Status.BAD_REQUEST);
+        }
+
+        if (existingResource != null && existingResource.getOwner().equals(ownerId)) {
            return ErrorResponse.exists("Resource with name [" + resource.getName() + "] already exists.");
        }

-        if (owner != null) {
-            String ownerId = owner.getId();
-
-            if (ownerId != null) {
-                if (!resourceServer.getClientId().equals(ownerId)) {
-                    RealmModel realm = authorization.getRealm();
-                    KeycloakSession keycloakSession = authorization.getKeycloakSession();
-                    UserProvider users = keycloakSession.users();
-                    UserModel ownerModel = users.getUserById(ownerId, realm);
-
-                    if (ownerModel == null) {
-                        ownerModel = users.getUserByUsername(ownerId, realm);
-                    }
-
-                    if (ownerModel == null) {
-                        return ErrorResponse.error("Owner must be a valid username or user identifier. If the resource server, the client id or null.", Status.BAD_REQUEST);
-                    }
-
-                    owner.setId(ownerModel.getId());
-                }
-            }
-        }
-
-        Resource model = toModel(resource, this.resourceServer, authorization);
-
        ResourceRepresentation representation = new ResourceRepresentation();

-        representation.setId(model.getId());
+        representation.setId(toModel(resource, this.resourceServer, authorization).getId());

        return Response.status(Status.CREATED).entity(representation).build();
    }