libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-17749 Remove need for iterating by all clients

Browse source
This commit is contained in:
Hynek Mlnarik 2021-04-13 13:31:43 +02:00 committed by Hynek Mlnařík
parent b8a7750000
commit c2e2cbe180
1 changed files with 10 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
server-spi-private/src/main/java/org/keycloak/authorization/store/syncronization/UserSynchronizer.java
View file

@ -25,15 +25,12 @@ import java.util.Set;
import org.keycloak.authorization.AuthorizationProvider; import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.model.PermissionTicket; import org.keycloak.authorization.model.PermissionTicket;
import org.keycloak.authorization.model.Policy; import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.policy.provider.PolicyProviderFactory; import org.keycloak.authorization.policy.provider.PolicyProviderFactory;
import org.keycloak.authorization.store.PermissionTicketStore; import org.keycloak.authorization.store.PermissionTicketStore;
import org.keycloak.authorization.store.PolicyStore; import org.keycloak.authorization.store.PolicyStore;
import org.keycloak.authorization.store.ResourceServerStore;
import org.keycloak.authorization.store.ResourceStore; import org.keycloak.authorization.store.ResourceStore;
import org.keycloak.authorization.store.StoreFactory; import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.models.KeycloakSessionFactory; import org.keycloak.models.KeycloakSessionFactory;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel; import org.keycloak.models.UserModel;
import org.keycloak.models.UserModel.UserRemovedEvent; import org.keycloak.models.UserModel.UserRemovedEvent;
import org.keycloak.provider.ProviderFactory; import org.keycloak.provider.ProviderFactory;
@ -85,26 +82,18 @@ public class UserSynchronizer implements Synchronizer<UserRemovedEvent> {
StoreFactory storeFactory = authorizationProvider.getStoreFactory(); StoreFactory storeFactory = authorizationProvider.getStoreFactory();
PolicyStore policyStore = storeFactory.getPolicyStore(); PolicyStore policyStore = storeFactory.getPolicyStore();
ResourceStore resourceStore = storeFactory.getResourceStore(); ResourceStore resourceStore = storeFactory.getResourceStore();
ResourceServerStore resourceServerStore = storeFactory.getResourceServerStore();
RealmModel realm = event.getRealm();
UserModel userModel = event.getUser(); UserModel userModel = event.getUser();
realm.getClientsStream().forEach(clientModel -> { resourceStore.findByOwner(userModel.getId(), null, resource -> {
ResourceServer resourceServer = resourceServerStore.findById(clientModel.getId()); String resourceId = resource.getId();
policyStore.findByResource(resourceId, resource.getResourceServer()).forEach(policy -> {
if (resourceServer != null) { if (policy.getResources().size() == 1) {
resourceStore.findByOwner(userModel.getId(), resourceServer.getId()).forEach(resource -> { policyStore.delete(policy.getId());
String resourceId = resource.getId(); } else {
policyStore.findByResource(resourceId, resourceServer.getId()).forEach(policy -> { policy.removeResource(resource);
if (policy.getResources().size() == 1) { }
policyStore.delete(policy.getId()); });
} else { resourceStore.delete(resourceId);
policy.removeResource(resource);
}
});
resourceStore.delete(resourceId);
});
}
}); });
} }