diff --git a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java index 578ecc9483..9f84087138 100755 --- a/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java +++ b/model/api/src/main/java/org/keycloak/models/utils/RepresentationToModel.java @@ -67,6 +67,8 @@ public class RepresentationToModel { if (rep.isEventsEnabled() != null) newRealm.setEventsEnabled(rep.isEventsEnabled()); if (rep.getEventsExpiration() != null) newRealm.setEventsExpiration(rep.getEventsExpiration()); if (rep.getEventsListeners() != null) newRealm.setEventsListeners(new HashSet<>(rep.getEventsListeners())); + if (rep.isAdminEventsEnabled() != null) newRealm.setAdminEventsEnabled(rep.isAdminEventsEnabled()); + if (rep.isAdminEventsDetailsEnabled() != null) newRealm.setAdminEventsDetailsEnabled(rep.isAdminEventsDetailsEnabled()); if (rep.getNotBefore() != null) newRealm.setNotBefore(rep.getNotBefore()); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java b/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java index a0c15f334c..b9d2036557 100644 --- a/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java @@ -25,6 +25,8 @@ import org.keycloak.representations.idm.IdentityProviderRepresentation; import org.keycloak.util.JsonSerialization; import org.keycloak.util.Time; +import javax.ws.rs.core.UriInfo; + public class AdminEventBuilder { private static final Logger log = Logger.getLogger(AdminEventBuilder.class); @@ -92,18 +94,6 @@ public class AdminEventBuilder { return this; } - public AdminEventBuilder authRealm(String realmId) { - AuthDetails authDetails = adminEvent.getAuthDetails(); - if(authDetails == null) { - authDetails = new AuthDetails(); - authDetails.setRealmId(realmId); - } else { - authDetails.setRealmId(realmId); - } - adminEvent.setAuthDetails(authDetails); - return this; - } - public AdminEventBuilder authClient(ClientModel client) { AuthDetails authDetails = adminEvent.getAuthDetails(); if(authDetails == null) { @@ -116,18 +106,6 @@ public class AdminEventBuilder { return this; } - public AdminEventBuilder authClient(String clientId) { - AuthDetails authDetails = adminEvent.getAuthDetails(); - if(authDetails == null) { - authDetails = new AuthDetails(); - authDetails.setClientId(clientId); - } else { - authDetails.setClientId(clientId); - } - adminEvent.setAuthDetails(authDetails); - return this; - } - public AdminEventBuilder authUser(UserModel user) { AuthDetails authDetails = adminEvent.getAuthDetails(); if(authDetails == null) { @@ -140,18 +118,6 @@ public class AdminEventBuilder { return this; } - public AdminEventBuilder authUser(String userId) { - AuthDetails authDetails = adminEvent.getAuthDetails(); - if(authDetails == null) { - authDetails = new AuthDetails(); - authDetails.setUserId(userId); - } else { - authDetails.setUserId(userId); - } - adminEvent.setAuthDetails(authDetails); - return this; - } - public AdminEventBuilder authIpAddress(String ipAddress) { AuthDetails authDetails = adminEvent.getAuthDetails(); if(authDetails == null) { @@ -163,59 +129,45 @@ public class AdminEventBuilder { adminEvent.setAuthDetails(authDetails); return this; } - - public AdminEventBuilder resourcePath(String resourcePath) { - adminEvent.setResourcePath(resourcePath); + + public AdminEventBuilder resourcePath(UriInfo uriInfo) { + String path = getResourcePath(uriInfo); + adminEvent.setResourcePath(path); return this; } - - public AdminEventBuilder resourcePath(String resourcePath, boolean segment) { - if(segment) { - int index = resourcePath.lastIndexOf('/'); - int subIndex = resourcePath.lastIndexOf('/', index - 1); - adminEvent.setResourcePath(resourcePath.substring(subIndex)); - } else { - adminEvent.setResourcePath(resourcePath.substring(resourcePath.lastIndexOf('/'))); + + public AdminEventBuilder resourcePath(UriInfo uriInfo, String id) { + StringBuilder sb = new StringBuilder(); + sb.append(getResourcePath(uriInfo)); + sb.append("/"); + sb.append(id); + adminEvent.setResourcePath(sb.toString()); + return this; + } + + private String getResourcePath(UriInfo uriInfo) { + String path = uriInfo.getPath(); + + StringBuilder sb = new StringBuilder(); + sb.append("/realms/"); + sb.append(realm.getName()); + sb.append("/"); + String realmRelative = sb.toString(); + + path = path.substring(path.indexOf(realmRelative) + realmRelative.length()); + + if (path.contains("clients-by-id")) { + path = path.replaceAll("clients-by-id", "clients"); + } else if (path.contains("roles-by-id")) { + path = path.replaceAll("roles-by-id", "roles"); + } else if (path.contains("role-mappings/realm")) { + path = path.replaceFirst("role-mappings/realm", "role-mappings"); + } else if (path.contains("role-mappings/clients")) { + path = path.replaceFirst("role-mappings/clients", "role-mappings"); } - return this; + + return path; } - - public AdminEventBuilder resourcePath(Object model) { - StringBuilder sb = new StringBuilder(); - sb.append(getResourcePath(model)); - adminEvent.setResourcePath(sb.toString()); - return this; - } - - public AdminEventBuilder resourcePath(Object model, String resourcePath) { - StringBuilder sb = new StringBuilder(); - sb.append(getResourcePath(model)); - sb.append(resourcePath.substring(resourcePath.lastIndexOf('/'))); - adminEvent.setResourcePath(sb.toString()); - return this; - } - - public AdminEventBuilder resourcePath(Object model, String resourcePath, boolean segment) { - StringBuilder sb = new StringBuilder(); - sb.append(getResourcePath(model)); - int index = resourcePath.lastIndexOf('/'); - int subIndex = resourcePath.lastIndexOf('/', index - 1); - sb.append(resourcePath.substring(subIndex)); - adminEvent.setResourcePath(sb.toString()); - return this; - } - - public AdminEventBuilder resourcePath(Object model, Object subModel, String resourcePath) { - StringBuilder sb = new StringBuilder(); - sb.append(getResourcePath(model)); - int index = resourcePath.lastIndexOf('/'); - int subIndex = resourcePath.lastIndexOf('/', index - 1); - sb.append(resourcePath.substring(subIndex, index+1)); - sb.append(getResourcePath(subModel)); - adminEvent.setResourcePath(sb.toString()); - return this; - } - public void error(String error) { adminEvent.setOperationType(OperationType.valueOf(adminEvent.getOperationType().name() + "_ERROR")); @@ -268,47 +220,5 @@ public class AdminEventBuilder { } } } - - private String getResourcePath(Object model) { - StringBuilder sb = new StringBuilder(); - - if (model instanceof RealmModel) { - RealmModel realm = (RealmModel) model; - sb.append("realms/" + realm.getId()); - } else if (model instanceof ClientModel) { - ClientModel client = (ClientModel) model; - sb.append("clients/" + client.getId()); - } else if (model instanceof UserModel) { - UserModel user = (UserModel) model; - sb.append("users/" + user.getId()); - - } else if (model instanceof IdentityProviderModel) { - IdentityProviderModel provider = (IdentityProviderModel) model; - sb.append("identity-Providers/" + provider.getProviderId()); - } else if (model instanceof IdentityProviderRepresentation) { - IdentityProviderRepresentation provider = (IdentityProviderRepresentation) model; - sb.append("identity-Providers/" + provider.getProviderId()); - } else if (model instanceof IdentityProviderMapperModel) { - IdentityProviderMapperModel provider = (IdentityProviderMapperModel) model; - sb.append("identity-Provider-Mappers/" + provider.getId()); - } else if (model instanceof IdentityProviderFactory) { - IdentityProviderFactory provider = (IdentityProviderFactory) model; - sb.append("identity-Provider-Factory/" + provider.getId()); - - } else if (model instanceof ProtocolMapperModel) { - ProtocolMapperModel mapper = (ProtocolMapperModel) model; - sb.append("protocol-Mappers/" + mapper.getId()); - - } else if (model instanceof UserFederationProviderModel) { - UserFederationProviderModel provider = (UserFederationProviderModel) model; - sb.append("user-Federation-Providers/" + provider.getId()); - - } else if (model instanceof RoleModel) { - RoleModel role = (RoleModel) model; - sb.append("roles/" + role.getId()); - } - - return sb.toString(); - } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java index 3b91e3ec8f..c43f6d9575 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientAttributeCertificateResource.java @@ -138,9 +138,8 @@ public class ClientAttributeCertificateResource { info.setCertificate(client.getAttribute(certificateAttribute)); info.setPrivateKey(client.getAttribute(privateAttribute)); - adminEvent.operation(OperationType.ACTION) - .resourcePath(client, session.getContext().getUri().getPath()).representation(info).success(); - + adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(info).success(); + return info; } @@ -198,7 +197,7 @@ public class ClientAttributeCertificateResource { info.setCertificate(certPem); } - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).representation(info).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).representation(info).success(); return info; } @@ -324,10 +323,6 @@ public class ClientAttributeCertificateResource { stream.flush(); stream.close(); byte[] rtn = stream.toByteArray(); - - adminEvent.operation(OperationType.ACTION) - .resourcePath(client, session.getContext().getUri().getPath()).success(); - return rtn; } catch (Exception e) { throw new RuntimeException(e); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java index d9ab8dcd32..2a9bcfcaf4 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java @@ -102,7 +102,7 @@ public class ClientResource { try { RepresentationToModel.updateClient(rep, client); - adminEvent.operation(OperationType.UPDATE).resourcePath(client).representation(rep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); return Response.noContent().build(); } catch (ModelDuplicateException e) { return ErrorResponse.exists("Client " + rep.getClientId() + " already exists"); @@ -149,8 +149,6 @@ public class ClientResource { ClientManager clientManager = new ClientManager(new RealmManager(session)); Object rep = clientManager.toInstallationRepresentation(realm, client, getKeycloakApplication().getBaseUri(uriInfo)); - - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath(), true).success(); // TODO Temporary solution to pretty-print return JsonSerialization.mapper.writerWithDefaultPrettyPrinter().writeValueAsString(rep); @@ -170,9 +168,6 @@ public class ClientResource { auth.requireView(); ClientManager clientManager = new ClientManager(new RealmManager(session)); - - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath(), true).success(); - return clientManager.toJBossSubsystemConfig(realm, client, getKeycloakApplication().getBaseUri(uriInfo)); } @@ -185,7 +180,7 @@ public class ClientResource { public void deleteClient() { auth.requireManage(); new ClientManager(new RealmManager(session)).removeClient(realm, client); - adminEvent.operation(OperationType.DELETE).resourcePath(client).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } @@ -204,7 +199,7 @@ public class ClientResource { logger.debug("regenerateSecret"); UserCredentialModel cred = KeycloakModelUtils.generateSecret(client); CredentialRepresentation rep = ModelToRepresentation.toRepresentation(cred); - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).representation(rep).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).representation(rep).success(); return rep; } @@ -238,7 +233,7 @@ public class ClientResource { @Path("roles") public RoleContainerResource getRoleContainerResource() { - return new RoleContainerResource(realm, auth, client, adminEvent); + return new RoleContainerResource(uriInfo, realm, auth, client, adminEvent); } /** @@ -271,7 +266,7 @@ public class ClientResource { auth.requireManage(); client.setWebOrigins(allowedOrigins); - adminEvent.operation(OperationType.UPDATE).resourcePath(client, uriInfo.getPath()).representation(client).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(client).success(); } /** @@ -290,7 +285,7 @@ public class ClientResource { for (String origin : allowedOrigins) { client.removeWebOrigin(origin); } - adminEvent.operation(OperationType.DELETE).resourcePath(client, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } /** @@ -301,8 +296,8 @@ public class ClientResource { @POST public GlobalRequestResult pushRevocation() { auth.requireManage(); - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success(); - return new ResourceAdminManager(session).pushClientRevocationPolicy(uriInfo.getRequestUri(), realm, client); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); + return new ResourceAdminManager(session).pushClientRevocationPolicy(uriInfo.getRequestUri(), realm, client); } @@ -355,9 +350,9 @@ public class ClientResource { @POST public GlobalRequestResult logoutAll() { auth.requireManage(); - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); return new ResourceAdminManager(session).logoutClient(uriInfo.getRequestUri(), realm, client); - + } /** @@ -372,9 +367,9 @@ public class ClientResource { if (user == null) { throw new NotFoundException("User not found"); } - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath(), true).success(); - new ResourceAdminManager(session).logoutUserFromClient(uriInfo.getRequestUri(), realm, client, user); - + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); + new ResourceAdminManager(session).logoutUserFromClient(uriInfo.getRequestUri(), realm, client, user); + } /** @@ -394,7 +389,7 @@ public class ClientResource { } if (logger.isDebugEnabled()) logger.debug("Register node: " + node); client.registerNode(node, Time.currentTime()); - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); } /** @@ -414,7 +409,7 @@ public class ClientResource { throw new NotFoundException("Client does not have a node " + node); } client.unregisterNode(node); - adminEvent.operation(OperationType.DELETE).resourcePath(client, uriInfo.getPath(), true).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } /** @@ -427,10 +422,10 @@ public class ClientResource { @NoCache public GlobalRequestResult testNodesAvailable() { auth.requireManage(); - logger.debug("Test availability of cluster nodes"); - adminEvent.operation(OperationType.ACTION).resourcePath(client, uriInfo.getPath()).success(); + logger.debug("Test availability of cluster nodes"); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); return new ResourceAdminManager(session).testNodesAvailability(uriInfo.getRequestUri(), realm, client); - + } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java index 51c509f74a..c899fdfe7b 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java @@ -94,7 +94,7 @@ public class ClientsResource { try { ClientModel clientModel = RepresentationToModel.createClient(session, realm, rep, true); - adminEvent.operation(OperationType.CREATE).resourcePath(clientModel).representation(rep).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, clientModel.getId()).representation(rep).success(); return Response.created(uriInfo.getAbsolutePathBuilder().path(getClientPath(clientModel)).build()).build(); } catch (ModelDuplicateException e) { diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java index 9b058a50d6..c97e9afbfa 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java @@ -86,7 +86,7 @@ public class IdentityProviderResource { this.realm.removeIdentityProviderByAlias(this.identityProviderModel.getAlias()); - adminEvent.operation(OperationType.DELETE).resourcePath(identityProviderModel).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); return Response.noContent().build(); } @@ -112,7 +112,7 @@ public class IdentityProviderResource { updateUsersAfterProviderAliasChange(this.session.users().getUsers(this.realm), oldProviderId, newProviderId); } - adminEvent.operation(OperationType.UPDATE).resourcePath(providerRep).representation(providerRep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(providerRep).success(); return Response.noContent().build(); } catch (ModelDuplicateException e) { @@ -169,7 +169,6 @@ public class IdentityProviderResource { try { this.auth.requireView(); IdentityProviderFactory factory = getIdentityProviderFactory(); - adminEvent.operation(OperationType.ACTION).resourcePath(identityProviderModel, uriInfo.getPath()).success(); return factory.create(identityProviderModel).export(uriInfo, realm, format); } catch (Exception e) { return ErrorResponse.error("Could not export public broker configuration for identity provider [" + identityProviderModel.getProviderId() + "].", Response.Status.NOT_FOUND); @@ -232,7 +231,7 @@ public class IdentityProviderResource { IdentityProviderMapperModel model = RepresentationToModel.toModel(mapper); model = realm.addIdentityProviderMapper(model); - adminEvent.operation(OperationType.CREATE).resourcePath(model, uriInfo.getPath()) + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, model.getId()) .representation(mapper).success(); return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build(); @@ -260,7 +259,7 @@ public class IdentityProviderResource { if (model == null) throw new NotFoundException("Model not found"); model = RepresentationToModel.toModel(rep); realm.updateIdentityProviderMapper(model); - adminEvent.operation(OperationType.UPDATE).resourcePath(model).representation(rep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); } @@ -272,7 +271,7 @@ public class IdentityProviderResource { IdentityProviderMapperModel model = realm.getIdentityProviderMapperById(id); if (model == null) throw new NotFoundException("Model not found"); realm.removeIdentityProviderMapper(model); - adminEvent.operation(OperationType.DELETE).resourcePath(model).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java index 3617631245..9b5bebba02 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java @@ -82,9 +82,6 @@ public class IdentityProvidersResource { InputStream inputStream = file.getBody(InputStream.class, null); IdentityProviderFactory providerFactory = getProviderFactorytById(providerId); Map config = providerFactory.parseConfig(inputStream); - - adminEvent.operation(OperationType.CREATE).resourcePath(providerFactory, uriInfo.getPath()).representation(config).success(); - return config; } @@ -102,7 +99,6 @@ public class IdentityProvidersResource { IdentityProviderFactory providerFactory = getProviderFactorytById(providerId); Map config; config = providerFactory.parseConfig(inputStream); - adminEvent.operation(OperationType.CREATE).resourcePath(providerFactory, uriInfo.getPath()).representation(config).success(); return config; } finally { try { @@ -137,7 +133,7 @@ public class IdentityProvidersResource { IdentityProviderModel identityProvider = RepresentationToModel.toModel(representation); this.realm.addIdentityProvider(identityProvider); - adminEvent.operation(OperationType.CREATE).resourcePath(identityProvider) + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, identityProvider.getInternalId()) .representation(representation).success(); return Response.created(uriInfo.getAbsolutePathBuilder().path(representation.getProviderId()).build()).build(); diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java index 1f59b68e59..da5800641e 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java @@ -89,7 +89,7 @@ public class ProtocolMappersResource { auth.requireManage(); ProtocolMapperModel model = RepresentationToModel.toModel(rep); model = client.addProtocolMapper(model); - adminEvent.operation(OperationType.CREATE).resourcePath(model).representation(rep).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, model.getId()).representation(rep).success(); return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build(); } /** @@ -107,7 +107,7 @@ public class ProtocolMappersResource { model = RepresentationToModel.toModel(rep); model = client.addProtocolMapper(model); } - adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo.getPath(), false).representation(reps).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(reps).success(); } @GET @@ -144,7 +144,7 @@ public class ProtocolMappersResource { if (model == null) throw new NotFoundException("Model not found"); model = RepresentationToModel.toModel(rep); client.updateProtocolMapper(model); - adminEvent.operation(OperationType.UPDATE).resourcePath(model).representation(rep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); } @DELETE @@ -155,7 +155,7 @@ public class ProtocolMappersResource { ProtocolMapperModel model = client.getProtocolMapperById(id); if (model == null) throw new NotFoundException("Model not found"); client.removeProtocolMapper(model); - adminEvent.operation(OperationType.DELETE).resourcePath(model).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java index 9f2a12fc81..c2a4730bee 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java @@ -132,7 +132,7 @@ public class RealmAdminResource { */ @Path("roles") public RoleContainerResource getRoleContainerResource() { - return new RoleContainerResource(realm, auth, realm, adminEvent); + return new RoleContainerResource(uriInfo, realm, auth, realm, adminEvent); } /** @@ -263,7 +263,7 @@ public class RealmAdminResource { @POST public GlobalRequestResult pushRevocation() { auth.requireManage(); - adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath(), false).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); return new ResourceAdminManager(session).pushRealmRevocationPolicy(uriInfo.getRequestUri(), realm); } @@ -276,7 +276,7 @@ public class RealmAdminResource { @POST public GlobalRequestResult logoutAll() { session.sessions().removeUserSessions(realm); - adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo.getPath(), false).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); return new ResourceAdminManager(session).logoutAll(uriInfo.getRequestUri(), realm); } @@ -292,7 +292,7 @@ public class RealmAdminResource { UserSessionModel userSession = session.sessions().getUserSession(realm, sessionId); if (userSession == null) throw new NotFoundException("Sesssion not found"); AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, connection, headers, true); - adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo.getPath(), true).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java index 4ca16676a6..2f912f5198 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java @@ -39,7 +39,10 @@ public class RoleByIdResource extends RoleResource { private AdminEventBuilder adminEvent; @Context - protected KeycloakSession session; + private KeycloakSession session; + + @Context + private UriInfo uriInfo; public RoleByIdResource(RealmModel realm, RealmAuth auth, AdminEventBuilder adminEvent) { super(realm); @@ -95,7 +98,7 @@ public class RoleByIdResource extends RoleResource { RoleModel role = getRoleModel(id); auth.requireManage(); deleteRole(role); - adminEvent.operation(OperationType.DELETE).resourcePath(role).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } /** @@ -111,7 +114,7 @@ public class RoleByIdResource extends RoleResource { RoleModel role = getRoleModel(id); auth.requireManage(); updateRole(rep, role); - adminEvent.operation(OperationType.UPDATE).resourcePath(role).representation(rep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); } /** @@ -126,11 +129,7 @@ public class RoleByIdResource extends RoleResource { public void addComposites(final @PathParam("role-id") String id, List roles) { RoleModel role = getRoleModel(id); auth.requireManage(); - addComposites(roles, role); - - adminEvent.operation(OperationType.ACTION) - .resourcePath(role, session.getContext().getUri().getPath()).representation(roles).success(); - + addComposites(adminEvent, uriInfo, roles, role); } /** @@ -227,8 +226,7 @@ public class RoleByIdResource extends RoleResource { auth.requireManage(); deleteComposites(roles, role); - adminEvent.operation(OperationType.DELETE) - .resourcePath(role, session.getContext().getUri().getPath()).representation(roles).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).representation(roles).success(); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java index de2e3b425f..111942d458 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleContainerResource.java @@ -39,9 +39,11 @@ public class RoleContainerResource extends RoleResource { private final RealmAuth auth; protected RoleContainerModel roleContainer; private AdminEventBuilder adminEvent; + private UriInfo uriInfo; - public RoleContainerResource(RealmModel realm, RealmAuth auth, RoleContainerModel roleContainer, AdminEventBuilder adminEvent) { + public RoleContainerResource(UriInfo uriInfo, RealmModel realm, RealmAuth auth, RoleContainerModel roleContainer, AdminEventBuilder adminEvent) { super(realm); + this.uriInfo = uriInfo; this.realm = realm; this.auth = auth; this.roleContainer = roleContainer; @@ -56,7 +58,7 @@ public class RoleContainerResource extends RoleResource { @GET @NoCache @Produces(MediaType.APPLICATION_JSON) - public List getRoles(@Context final UriInfo uriInfo) { + public List getRoles() { auth.requireAny(); Set roleModels = roleContainer.getRoles(); @@ -70,20 +72,19 @@ public class RoleContainerResource extends RoleResource { /** * Create a new role for this realm or client * - * @param uriInfo * @param rep * @return */ @POST @Consumes(MediaType.APPLICATION_JSON) - public Response createRole(final @Context UriInfo uriInfo, final RoleRepresentation rep) { + public Response createRole(final RoleRepresentation rep) { auth.requireManage(); try { RoleModel role = roleContainer.addRole(rep.getName()); role.setDescription(rep.getDescription()); - adminEvent.operation(OperationType.CREATE).resourcePath(role).representation(rep).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, role.getId()).representation(rep).success(); return Response.created(uriInfo.getAbsolutePathBuilder().path(role.getName()).build()).build(); } catch (ModelDuplicateException e) { @@ -101,7 +102,7 @@ public class RoleContainerResource extends RoleResource { @GET @NoCache @Produces(MediaType.APPLICATION_JSON) - public RoleRepresentation getRole(@Context final UriInfo uriInfo, final @PathParam("role-name") String roleName) { + public RoleRepresentation getRole(final @PathParam("role-name") String roleName) { auth.requireView(); RoleModel roleModel = roleContainer.getRole(roleName); @@ -120,17 +121,17 @@ public class RoleContainerResource extends RoleResource { @Path("{role-name}") @DELETE @NoCache - public void deleteRole(@Context final UriInfo uriInfo, final @PathParam("role-name") String roleName) { + public void deleteRole(final @PathParam("role-name") String roleName) { auth.requireManage(); - RoleRepresentation rep = getRole(uriInfo, roleName); + RoleRepresentation rep = getRole(roleName); RoleModel role = roleContainer.getRole(roleName); if (role == null) { throw new NotFoundException("Could not find role: " + roleName); } deleteRole(role); - adminEvent.operation(OperationType.DELETE).resourcePath(role).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } @@ -144,7 +145,7 @@ public class RoleContainerResource extends RoleResource { @Path("{role-name}") @PUT @Consumes(MediaType.APPLICATION_JSON) - public Response updateRole(@Context final UriInfo uriInfo, final @PathParam("role-name") String roleName, final RoleRepresentation rep) { + public Response updateRole(final @PathParam("role-name") String roleName, final RoleRepresentation rep) { auth.requireManage(); RoleModel role = roleContainer.getRole(roleName); @@ -154,7 +155,7 @@ public class RoleContainerResource extends RoleResource { try { updateRole(rep, role); - adminEvent.operation(OperationType.UPDATE).resourcePath(role).representation(rep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); return Response.noContent().build(); } catch (ModelDuplicateException e) { @@ -171,16 +172,14 @@ public class RoleContainerResource extends RoleResource { @Path("{role-name}/composites") @POST @Consumes(MediaType.APPLICATION_JSON) - public void addComposites(@Context final UriInfo uriInfo, final @PathParam("role-name") String roleName, List roles) { + public void addComposites(final @PathParam("role-name") String roleName, List roles) { auth.requireManage(); RoleModel role = roleContainer.getRole(roleName); if (role == null) { throw new NotFoundException("Could not find role: " + roleName); } - addComposites(roles, role); - adminEvent.operation(OperationType.ACTION).resourcePath(role, uriInfo.getPath()).representation(roles).success(); - + addComposites(adminEvent, uriInfo, roles, role); } /** @@ -193,7 +192,7 @@ public class RoleContainerResource extends RoleResource { @GET @NoCache @Produces(MediaType.APPLICATION_JSON) - public Set getRoleComposites(@Context final UriInfo uriInfo, final @PathParam("role-name") String roleName) { + public Set getRoleComposites(final @PathParam("role-name") String roleName) { auth.requireManage(); RoleModel role = roleContainer.getRole(roleName); @@ -213,7 +212,7 @@ public class RoleContainerResource extends RoleResource { @GET @NoCache @Produces(MediaType.APPLICATION_JSON) - public Set getRealmRoleComposites(@Context final UriInfo uriInfo, final @PathParam("role-name") String roleName) { + public Set getRealmRoleComposites(final @PathParam("role-name") String roleName) { auth.requireManage(); RoleModel role = roleContainer.getRole(roleName); @@ -234,7 +233,7 @@ public class RoleContainerResource extends RoleResource { @GET @NoCache @Produces(MediaType.APPLICATION_JSON) - public Set getClientRoleComposites(@Context final UriInfo uriInfo, + public Set getClientRoleComposites( final @PathParam("role-name") String roleName, final @PathParam("clientId") String clientId) { auth.requireManage(); @@ -290,7 +289,7 @@ public class RoleContainerResource extends RoleResource { @Path("{role-name}/composites") @DELETE @Consumes(MediaType.APPLICATION_JSON) - public void deleteComposites(@Context final UriInfo uriInfo, + public void deleteComposites( final @PathParam("role-name") String roleName, List roles) { auth.requireManage(); @@ -300,7 +299,7 @@ public class RoleContainerResource extends RoleResource { throw new NotFoundException("Could not find role: " + roleName); } deleteComposites(roles, role); - adminEvent.operation(OperationType.DELETE).resourcePath(role, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java b/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java index 8196528ccb..ee6c73a1ba 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleResource.java @@ -1,12 +1,14 @@ package org.keycloak.services.resources.admin; import org.jboss.resteasy.spi.NotFoundException; +import org.keycloak.events.admin.OperationType; import org.keycloak.models.ClientModel; import org.keycloak.models.RealmModel; import org.keycloak.models.RoleModel; import org.keycloak.models.utils.ModelToRepresentation; import org.keycloak.representations.idm.RoleRepresentation; +import javax.ws.rs.core.UriInfo; import java.util.Collections; import java.util.HashSet; import java.util.List; @@ -38,13 +40,15 @@ public abstract class RoleResource { role.setDescription(rep.getDescription()); } - protected void addComposites(List roles, RoleModel role) { + protected void addComposites(AdminEventBuilder adminEvent, UriInfo uriInfo, List roles, RoleModel role) { for (RoleRepresentation rep : roles) { RoleModel composite = realm.getRoleById(rep.getId()); if (composite == null) { throw new NotFoundException("Could not find composite role: " + rep.getName()); } role.addCompositeRole(composite); + + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, rep.getId()).representation(roles).success(); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedClientResource.java index 7f195c59f2..6a5c6a488c 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedClientResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedClientResource.java @@ -110,7 +110,7 @@ public class ScopeMappedClientResource { throw new NotFoundException("Role not found"); } client.addScopeMapping(roleModel); - adminEvent.operation(OperationType.CREATE).resourcePath(client, "/roles").representation(roles).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), roleModel.getId()).representation(roles).success(); } } @@ -129,7 +129,7 @@ public class ScopeMappedClientResource { for (RoleModel roleModel : roleModels) { client.deleteScopeMapping(roleModel); } - + adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).representation(roles).success(); } else { for (RoleRepresentation role : roles) { RoleModel roleModel = scopedClient.getRole(role.getName()); @@ -137,8 +137,8 @@ public class ScopeMappedClientResource { throw new NotFoundException("Role not found"); } client.deleteScopeMapping(roleModel); + adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri(), roleModel.getId()).representation(roles).success(); } } - adminEvent.operation(OperationType.DELETE).resourcePath(client, "/roles").representation(roles).success(); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java index 97b5e3b8e9..587114d19d 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java @@ -181,9 +181,8 @@ public class ScopeMappedResource { throw new NotFoundException("Role not found"); } client.addScopeMapping(roleModel); + adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), role.getId()).representation(roles).success(); } - adminEvent.operation(OperationType.CREATE).resourcePath(client, "/roles").representation(roles).success(); - } /** @@ -202,17 +201,17 @@ public class ScopeMappedResource { for (RoleModel roleModel : roleModels) { client.deleteScopeMapping(roleModel); } - - } else { + adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri()).representation(roles).success(); + } else { for (RoleRepresentation role : roles) { RoleModel roleModel = realm.getRoleById(role.getId()); if (roleModel == null) { throw new NotFoundException("Client not found"); } client.deleteScopeMapping(roleModel); + adminEvent.operation(OperationType.DELETE).resourcePath(session.getContext().getUri(), roleModel.getId()).representation(roles).success(); } } - adminEvent.operation(OperationType.DELETE).resourcePath(client, "/roles").representation(roles).success(); } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserClientRoleMappingsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserClientRoleMappingsResource.java index 9bd8160e57..34aafb7a72 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserClientRoleMappingsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserClientRoleMappingsResource.java @@ -39,12 +39,10 @@ public class UserClientRoleMappingsResource { protected UserModel user; protected ClientModel client; protected AdminEventBuilder adminEvent; - - @Context - protected KeycloakSession session; - + private UriInfo uriInfo; - public UserClientRoleMappingsResource(RealmModel realm, RealmAuth auth, UserModel user, ClientModel client, AdminEventBuilder adminEvent) { + public UserClientRoleMappingsResource(UriInfo uriInfo, RealmModel realm, RealmAuth auth, UserModel user, ClientModel client, AdminEventBuilder adminEvent) { + this.uriInfo = uriInfo; this.realm = realm; this.auth = auth; this.user = user; @@ -138,7 +136,7 @@ public class UserClientRoleMappingsResource { } user.grantRole(roleModel); } - adminEvent.operation(OperationType.CREATE).resourcePath(client, user, "/roles/").representation(roles).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(roles).success(); } @@ -171,6 +169,6 @@ public class UserClientRoleMappingsResource { user.deleteRoleMapping(roleModel); } } - adminEvent.operation(OperationType.DELETE).resourcePath(client, user, "/roles/").representation(roles).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).representation(roles).success(); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java index 7bc54a95fd..427f95f16f 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationResource.java @@ -131,7 +131,7 @@ public class UserFederationResource { new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId()); checkKerberosCredential(model); - adminEvent.operation(OperationType.CREATE).resourcePath(model).representation(rep).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(rep).success(); return Response.created(uriInfo.getAbsolutePathBuilder().path(model.getId()).build()).build(); } @@ -157,7 +157,7 @@ public class UserFederationResource { new UsersSyncManager().refreshPeriodicSyncForProvider(session.getKeycloakSessionFactory(), session.getProvider(TimerProvider.class), model, realm.getId()); checkKerberosCredential(model); - adminEvent.operation(OperationType.UPDATE).resourcePath(model).representation(rep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); } @@ -195,7 +195,7 @@ public class UserFederationResource { realm.removeUserFederationProvider(model); new UsersSyncManager().removePeriodicSyncForProvider(session.getProvider(TimerProvider.class), model); - adminEvent.operation(OperationType.DELETE).resourcePath(model).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } @@ -239,7 +239,7 @@ public class UserFederationResource { } else if ("triggerChangedUsersSync".equals(action)) { syncManager.syncChangedUsers(session.getKeycloakSessionFactory(), realm.getId(), model); } - adminEvent.operation(OperationType.ACTION).resourcePath(model, "/sync").success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); return Response.noContent().build(); } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java index c84b635e7a..fa6b901928 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java @@ -97,7 +97,7 @@ public class UsersResource { public UsersResource(RealmModel realm, RealmAuth auth, TokenManager tokenManager, AdminEventBuilder adminEvent) { this.auth = auth; this.realm = realm; - this.adminEvent = adminEvent; + this.adminEvent = adminEvent; auth.init(RealmAuth.Resource.USER); } @@ -121,7 +121,7 @@ public class UsersResource { throw new NotFoundException("User not found"); } updateUserFromRep(user, rep); - adminEvent.operation(OperationType.UPDATE).resourcePath(user).representation(rep).success(); + adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success(); if (session.getTransaction().isActive()) { session.getTransaction().commit(); @@ -158,7 +158,7 @@ public class UsersResource { UserModel user = session.users().addUser(realm, rep.getUsername()); updateUserFromRep(user, rep); - adminEvent.operation(OperationType.CREATE).resourcePath(user).representation(rep).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, user.getId()).representation(rep).success(); if (session.getTransaction().isActive()) { session.getTransaction().commit(); @@ -312,7 +312,7 @@ public class UsersResource { FederatedIdentityModel socialLink = new FederatedIdentityModel(provider, rep.getUserId(), rep.getUserName()); session.users().addFederatedIdentity(realm, user, socialLink); - adminEvent.operation(OperationType.CREATE).resourcePath(user, uriInfo.getPath(), true).representation(rep).success(); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(rep).success(); return Response.noContent().build(); } @@ -328,7 +328,7 @@ public class UsersResource { if (!session.users().removeFederatedIdentity(realm, user, provider)) { throw new NotFoundException("Link not found"); } - adminEvent.operation(OperationType.DELETE).resourcePath(user, uriInfo.getPath(), true).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); } /** @@ -382,7 +382,7 @@ public class UsersResource { } else { throw new NotFoundException("Consent not found for user " + username + " and client " + clientId); } - adminEvent.operation(OperationType.ACTION).resourcePath(user, client, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); } /** @@ -404,7 +404,7 @@ public class UsersResource { for (UserSessionModel userSession : userSessions) { AuthenticationManager.backchannelLogout(session, realm, userSession, uriInfo, clientConnection, headers, true); } - adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); } /** @@ -426,7 +426,7 @@ public class UsersResource { boolean removed = new UserManager(session).removeUser(realm, user); if (removed) { - adminEvent.operation(OperationType.DELETE).resourcePath(user).success(); + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success(); return Response.noContent().build(); } else { return ErrorResponse.error("User couldn't be deleted", Response.Status.BAD_REQUEST); @@ -638,10 +638,8 @@ public class UsersResource { throw new NotFoundException("Role not found"); } user.grantRole(roleModel); + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, role.getId()).representation(roles).success(); } - - adminEvent.operation(OperationType.CREATE).resourcePath(user, realm, uriInfo.getPath()).representation(roles).success(); - } /** @@ -667,7 +665,7 @@ public class UsersResource { for (RoleModel roleModel : roleModels) { user.deleteRoleMapping(roleModel); } - + adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(roles).success(); } else { for (RoleRepresentation role : roles) { RoleModel roleModel = realm.getRole(role.getName()); @@ -675,10 +673,11 @@ public class UsersResource { throw new NotFoundException("Role not found"); } user.deleteRoleMapping(roleModel); + + adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo, role.getId()).representation(roles).success(); } } - adminEvent.operation(OperationType.DELETE).resourcePath(user, realm, uriInfo.getPath()).representation(roles).success(); } @Path("{username}/role-mappings/clients/{clientId}") @@ -693,7 +692,7 @@ public class UsersResource { if (client == null) { throw new NotFoundException("Client not found"); } - return new UserClientRoleMappingsResource(realm, auth, user, client, adminEvent); + return new UserClientRoleMappingsResource(uriInfo, realm, auth, user, client, adminEvent); } @Path("{username}/role-mappings/clients-by-id/{id}") @@ -709,7 +708,7 @@ public class UsersResource { throw new NotFoundException("Client not found"); } - return new UserClientRoleMappingsResource(realm, auth, user, client, adminEvent); + return new UserClientRoleMappingsResource(uriInfo, realm, auth, user, client, adminEvent); } /** @@ -743,7 +742,7 @@ public class UsersResource { } if (pass.isTemporary()) user.addRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD); - adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); } /** @@ -763,7 +762,7 @@ public class UsersResource { } user.setTotp(false); - adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); } /** @@ -840,7 +839,7 @@ public class UsersResource { //audit.user(user).detail(Details.EMAIL, user.getEmail()).detail(Details.CODE_ID, accessCode.getCodeId()).success(); - adminEvent.operation(OperationType.ACTION).resourcePath(user, uriInfo.getPath()).success(); + adminEvent.operation(OperationType.ACTION).resourcePath(uriInfo).success(); return Response.ok().build(); } catch (EmailException e) {