libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-12268 Show page not found for /account/log if events are disabled for the realm

Browse source
This commit is contained in:
stianst 2020-02-18 20:50:28 +01:00 committed by Stian Thorgersen
parent 9a3a358b96
commit d8d81ee162
2 changed files with 18 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java
View file

@ -80,6 +80,7 @@ import org.keycloak.util.JsonSerialization;
import javax.ws.rs.Consumes; import javax.ws.rs.Consumes;
import javax.ws.rs.FormParam; import javax.ws.rs.FormParam;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
@ -287,6 +288,10 @@ public class AccountFormService extends AbstractSecuredLocalService {
@Path("log") @Path("log")
@GET @GET
public Response logPage() { public Response logPage() {
if (!realm.isEventsEnabled()) {
throw new NotFoundException();
}
if (auth != null) { if (auth != null) {
List<Event> events = eventStore.createQuery().type(Constants.EXPOSED_LOG_EVENTS).user(auth.getUser().getId()).maxResults(30).getResultList(); List<Event> events = eventStore.createQuery().type(Constants.EXPOSED_LOG_EVENTS).user(auth.getUser().getId()).maxResults(30).getResultList();
for (Event e : events) { for (Event e : events) {

16
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountFormServiceTest.java
View file

@ -1006,15 +1006,23 @@ public class AccountFormServiceTest extends AbstractTestRealmKeycloakTest {
Assert.assertEquals("No access", errorPage.getError()); Assert.assertEquals("No access", errorPage.getError());
} }
private void setEventsEnabled() { private void setEventsEnabled(boolean eventsEnabled) {
RealmRepresentation testRealm = testRealm().toRepresentation(); RealmRepresentation testRealm = testRealm().toRepresentation();
testRealm.setEventsEnabled(true); testRealm.setEventsEnabled(eventsEnabled);
testRealm().update(testRealm); testRealm().update(testRealm);
} }
@Test
public void viewLogNotEnabled() {
logPage.open();
assertTrue(errorPage.isCurrent());
assertEquals("Page not found", errorPage.getError());
}
@Test @Test
public void viewLog() { public void viewLog() {
setEventsEnabled(); setEventsEnabled(true);
List<EventRepresentation> expectedEvents = new LinkedList<>(); List<EventRepresentation> expectedEvents = new LinkedList<>();
@ -1053,6 +1061,8 @@ public class AccountFormServiceTest extends AbstractTestRealmKeycloakTest {
Assert.fail("Event not found " + e.getType()); Assert.fail("Event not found " + e.getType());
} }
} }
setEventsEnabled(false);
} }
@Test @Test