KEYCLOAK-2026 Fix realm.getMasterAdminClient() in JPA and Mongo models

2015-11-13 18:23:53 +01:00 · 2015-11-13 18:23:53 +01:00 · ea7709a104
commit ea7709a104
parent 1d5a01577e
4 changed files with 35 additions and 6 deletions
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
@ -1,5 +1,6 @@
 package org.keycloak.models.jpa;

+import org.keycloak.Config;
 import org.keycloak.connections.jpa.util.JpaUtils;
 import org.keycloak.common.enums.SslRequired;
 import org.keycloak.models.AuthenticationExecutionModel;
@ -1195,8 +1196,13 @@ public class RealmAdapter implements RealmModel {
    
    @Override
    public ClientModel getMasterAdminClient() {
-        ClientEntity client = realm.getMasterAdminClient();
-        return client!=null ? new ClientAdapter(this, em, session, realm.getMasterAdminClient()) : null;
+        ClientEntity masterAdminClient = realm.getMasterAdminClient();
+        if (masterAdminClient == null) {
+            return null;
+        }
+
+        RealmAdapter masterRealm = new RealmAdapter(session, em, masterAdminClient.getRealm());
+        return new ClientAdapter(masterRealm, em, session, masterAdminClient);
    }

    @Override
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
@ -1223,7 +1223,13 @@ public class RealmAdapter extends AbstractMongoAdapter<MongoRealmEntity> impleme
    @Override
    public ClientModel getMasterAdminClient() {
        MongoClientEntity appData = getMongoStore().loadEntity(MongoClientEntity.class, realm.getMasterAdminClient(), invocationContext);
-        return appData != null ? new ClientAdapter(session, this, appData, invocationContext) : null;
+        if (appData == null) {
+            return null;
+        }
+
+        MongoRealmEntity masterRealm = getMongoStore().loadEntity(MongoRealmEntity.class, appData.getRealmId(), invocationContext);
+        RealmModel masterRealmModel = new RealmAdapter(session, masterRealm, invocationContext);
+        return new ClientAdapter(session, masterRealmModel, appData, invocationContext);
    }

    @Override
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/UserAdapter.java
@ -453,7 +453,7 @@ public class UserAdapter extends AbstractMongoAdapter<MongoUserEntity> implement

    @Override
    public Set<GroupModel> getGroups() {
-        if (user.getGroupIds() == null && user.getGroupIds().size() == 0) return Collections.EMPTY_SET;
+        if (user.getGroupIds() == null || user.getGroupIds().size() == 0) return Collections.EMPTY_SET;
        Set<GroupModel> groups = new HashSet<>();
        for (String id : user.getGroupIds()) {
            groups.add(realm.getGroupById(id));
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AdapterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/AdapterTest.java
@ -4,6 +4,7 @@ import org.junit.Assert;
 import org.junit.FixMethodOrder;
 import org.junit.Test;
 import org.junit.runners.MethodSorters;
+import org.keycloak.Config;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.FederatedIdentityModel;
 import org.keycloak.models.ModelDuplicateException;
@ -146,11 +147,11 @@ public class AdapterTest extends AbstractModelTest {
        Assert.assertTrue(userProvider.validCredentials(realmModel, user, UserCredentialModel.password("geheim")));
        List<UserCredentialValueModel> creds = user.getCredentialsDirectly();
        Assert.assertEquals(creds.get(0).getHashIterations(), 1);
-        realmModel.setPasswordPolicy( new PasswordPolicy("hashIterations(200)"));
+        realmModel.setPasswordPolicy(new PasswordPolicy("hashIterations(200)"));
        Assert.assertTrue(userProvider.validCredentials(realmModel, user, UserCredentialModel.password("geheim")));
        creds = user.getCredentialsDirectly();
        Assert.assertEquals(creds.get(0).getHashIterations(), 200);
-        realmModel.setPasswordPolicy( new PasswordPolicy("hashIterations(1)"));
+        realmModel.setPasswordPolicy(new PasswordPolicy("hashIterations(1)"));
    }

    @Test
@ -797,6 +798,22 @@ public class AdapterTest extends AbstractModelTest {

    }

+    // KEYCLOAK-2026
+    @Test
+    public void testMasterAdminClient() {
+        realmModel = realmManager.createRealm("foo-realm");
+        ClientModel masterAdminClient = realmModel.getMasterAdminClient();
+        Assert.assertEquals(Config.getAdminRealm(), masterAdminClient.getRealm().getId());
+
+        commit();
+
+        realmModel = realmManager.getRealmByName("foo-realm");
+        masterAdminClient = realmModel.getMasterAdminClient();
+        Assert.assertEquals(Config.getAdminRealm(), masterAdminClient.getRealm().getId());
+
+        realmManager.removeRealm(realmModel);
+    }
+
    private KeyPair generateKeypair() throws NoSuchAlgorithmException {
        return KeyPairGenerator.getInstance("RSA").generateKeyPair();
    }