KEYCLOAK-8419: Make most act mgt APIs only active in preview mode

2018-10-01 14:41:48 -04:00 · 2018-10-01 14:41:48 -04:00 · dba513c921
commit dba513c921
parent b4b3527df7
2 changed files with 24 additions and 2 deletions
--- a/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java
+++ b/services/src/main/java/org/keycloak/services/resources/account/AccountRestService.java
@ -47,6 +47,7 @@ import javax.ws.rs.core.Response;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
+import org.keycloak.common.Profile;

 /**
 * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
@ -205,6 +206,7 @@ public class AccountRestService {
    @Produces(MediaType.APPLICATION_JSON)
    @NoCache
    public Response sessions() {
+        checkAccount2Enabled();
        List<SessionRepresentation> reps = new LinkedList<>();

        List<UserSessionModel> sessions = session.sessions().getUserSessions(realm, user);
@ -242,6 +244,7 @@ public class AccountRestService {
    @Produces(MediaType.APPLICATION_JSON)
    @NoCache
    public Response sessionsLogout(@QueryParam("current") boolean removeCurrent) {
+        checkAccount2Enabled();
        UserSessionModel userSession = auth.getSession();

        List<UserSessionModel> userSessions = session.sessions().getUserSessions(realm, user);
@ -265,6 +268,7 @@ public class AccountRestService {
    @Produces(MediaType.APPLICATION_JSON)
    @NoCache
    public Response sessionLogout(@QueryParam("id") String id) {
+        checkAccount2Enabled();
        UserSessionModel userSession = session.sessions().getUserSession(realm, id);
        if (userSession != null && userSession.getUser().equals(user)) {
            AuthenticationManager.backchannelLogout(session, userSession, true);
@ -274,11 +278,17 @@ public class AccountRestService {

    @Path("/credentials")
    public AccountCredentialResource credentials() {
+        checkAccount2Enabled();
        return new AccountCredentialResource(session, event, user);
    }

   // TODO Federated identities
    // TODO Applications
    // TODO Logs
-
+    
+    private static void checkAccount2Enabled() {
+        if (!Profile.isFeatureEnabled(Profile.Feature.ACCOUNT2)) {
+            throw new NotFoundException();
+        }
+    }
 }
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/account/AccountRestServiceTest.java
@ -34,7 +34,6 @@ import org.keycloak.testsuite.AssertEvents;
 import org.keycloak.testsuite.util.TokenUtil;
 import org.keycloak.testsuite.util.UserBuilder;

-import javax.ws.rs.core.Response;
 import java.io.IOException;
 import java.util.Collections;
 import java.util.List;
@ -43,6 +42,9 @@ import static org.hamcrest.Matchers.containsInAnyOrder;
 import static org.junit.Assert.*;
 import org.keycloak.services.messages.Messages;

+import static org.keycloak.common.Profile.Feature.ACCOUNT2;
+import static org.keycloak.testsuite.ProfileAssume.assumeFeatureEnabled;
+
 /**
 * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
 */
@ -187,6 +189,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {

    @Test
    public void testGetSessions() throws IOException {
+        assumeFeatureEnabled(ACCOUNT2);
+        
        List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});

        assertEquals(1, sessions.size());
@ -194,11 +198,15 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {

    @Test
    public void testGetPasswordDetails() throws IOException {
+        assumeFeatureEnabled(ACCOUNT2);
+        
        getPasswordDetails();
    }

    @Test
    public void testPostPasswordUpdate() throws IOException {
+        assumeFeatureEnabled(ACCOUNT2);
+        
        //Get the time of lastUpdate
        AccountCredentialResource.PasswordDetails initialDetails = getPasswordDetails();

@ -222,6 +230,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {
    
    @Test
    public void testPasswordConfirmation() throws IOException {
+        assumeFeatureEnabled(ACCOUNT2);
+        
        updatePassword("password", "Str0ng3rP4ssw0rd", "confirmationDoesNotMatch", 400);
        
        updatePassword("password", "Str0ng3rP4ssw0rd", "Str0ng3rP4ssw0rd", 200);
@ -263,6 +273,8 @@ public class AccountRestServiceTest extends AbstractTestRealmKeycloakTest {

    @Test
    public void testDeleteSession() throws IOException {
+        assumeFeatureEnabled(ACCOUNT2);
+        
        TokenUtil viewToken = new TokenUtil("view-account-access", "password");
        String sessionId = oauth.doLogin("view-account-access", "password").getSessionState();
        List<SessionRepresentation> sessions = SimpleHttp.doGet(getAccountUrl("sessions"), client).auth(viewToken.getToken()).asJson(new TypeReference<List<SessionRepresentation>>() {});