Merge pull request #256 from patriot1burke/master
refactor getRoleById, fix bugs
This commit is contained in:
Bill Burke
commit
ec309e7e02
62 changed files with 5458 additions and 5409 deletions
|
|
@ -349,18 +349,6 @@ module.config([ '$routeProvider', function($routeProvider) {
|
||||||
},
|
},
|
||||||
controller : 'ApplicationInstallationCtrl'
|
controller : 'ApplicationInstallationCtrl'
|
||||||
})
|
})
|
||||||
.when('/realms/:realm/applications/:application/sessions', {
|
|
||||||
templateUrl : 'partials/application-sessions.html',
|
|
||||||
resolve : {
|
|
||||||
realm : function(RealmLoader) {
|
|
||||||
return RealmLoader();
|
|
||||||
},
|
|
||||||
application : function(ApplicationLoader) {
|
|
||||||
return ApplicationLoader();
|
|
||||||
}
|
|
||||||
},
|
|
||||||
controller : 'ApplicationSessionsCtrl'
|
|
||||||
})
|
|
||||||
.when('/create/application/:realm', {
|
.when('/create/application/:realm', {
|
||||||
templateUrl : 'partials/application-detail.html',
|
templateUrl : 'partials/application-detail.html',
|
||||||
resolve : {
|
resolve : {
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,10 @@ module.controller('ApplicationRoleListCtrl', function($scope, $location, realm,
|
||||||
$scope.roles = roles;
|
$scope.roles = roles;
|
||||||
$scope.application = application;
|
$scope.application = application;
|
||||||
|
|
||||||
|
for (var i = 0; i < roles.length; i++) {
|
||||||
|
console.log("role.id: " + roles[i].id + " role.name: " + roles[i].name);
|
||||||
|
}
|
||||||
|
|
||||||
$scope.$watch(function() {
|
$scope.$watch(function() {
|
||||||
return $location.path();
|
return $location.path();
|
||||||
}, function() {
|
}, function() {
|
||||||
|
|
@ -39,11 +43,6 @@ module.controller('ApplicationCredentialsCtrl', function($scope, $location, real
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
module.controller('ApplicationSessionsCtrl', function($scope, $location, realm, application) {
|
|
||||||
$scope.realm = realm;
|
|
||||||
$scope.application = application;
|
|
||||||
});
|
|
||||||
|
|
||||||
module.controller('ApplicationClaimsCtrl', function($scope, realm, application, claims,
|
module.controller('ApplicationClaimsCtrl', function($scope, realm, application, claims,
|
||||||
ApplicationClaims,
|
ApplicationClaims,
|
||||||
$http, $location, Dialog, Notifications) {
|
$http, $location, Dialog, Notifications) {
|
||||||
|
|
|
||||||
|
|
@ -510,7 +510,7 @@ module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, appli
|
||||||
// Update/save the selected application with new default roles.
|
// Update/save the selected application with new default roles.
|
||||||
Application.update({
|
Application.update({
|
||||||
realm: $scope.realm.realm,
|
realm: $scope.realm.realm,
|
||||||
id: $scope.application.name
|
application: $scope.application.name
|
||||||
}, $scope.application, function () {
|
}, $scope.application, function () {
|
||||||
Notifications.success("Your changes have been saved to the application.");
|
Notifications.success("Your changes have been saved to the application.");
|
||||||
});
|
});
|
||||||
|
|
@ -534,7 +534,7 @@ module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, appli
|
||||||
// Update/save the selected application with new default roles.
|
// Update/save the selected application with new default roles.
|
||||||
Application.update({
|
Application.update({
|
||||||
realm: $scope.realm.realm,
|
realm: $scope.realm.realm,
|
||||||
id: $scope.application.name
|
application: $scope.application.name
|
||||||
}, $scope.application, function () {
|
}, $scope.application, function () {
|
||||||
Notifications.success("Your changes have been saved to the application.");
|
Notifications.success("Your changes have been saved to the application.");
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,6 @@
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
<div id="content">
|
<div id="content">
|
||||||
<ol class="breadcrumb" data-ng-hide="create">
|
<ol class="breadcrumb" data-ng-hide="create">
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,6 @@
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
<div id="content">
|
<div id="content">
|
||||||
<ol class="breadcrumb" data-ng-hide="create">
|
<ol class="breadcrumb" data-ng-hide="create">
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,6 @@
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
<div id="content">
|
<div id="content">
|
||||||
<ol class="breadcrumb" data-ng-show="create">
|
<ol class="breadcrumb" data-ng-show="create">
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,6 @@
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<div class="top-nav" data-ng-show="create">
|
<div class="top-nav" data-ng-show="create">
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,6 @@
|
||||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<div id="content">
|
<div id="content">
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,6 @@
|
||||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<div id="content">
|
<div id="content">
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,6 @@
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<div id="content">
|
<div id="content">
|
||||||
|
|
|
||||||
|
|
@ -1,23 +0,0 @@
|
||||||
<div class="bs-sidebar col-md-3 clearfix" data-ng-include data-src="'partials/realm-menu.html'"></div>
|
|
||||||
<div id="content-area" class="col-md-9" role="main">
|
|
||||||
|
|
||||||
<ul class="nav nav-tabs nav-tabs-pf" data-ng-show="!create">
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}">Settings</a></li>
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/credentials">Credentials</a></li>
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/installation">Installation</a></li>
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
|
||||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<div id="content">
|
|
||||||
<ol class="breadcrumb" data-ng-hide="create">
|
|
||||||
<li><a href="#/realms/{{realm.realm}}">{{realm.realm}}</a></li>
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
|
|
||||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}">{{application.name}}</a></li>
|
|
||||||
<li class="active">Sessions</li>
|
|
||||||
</ol>
|
|
||||||
<h2 data-ng-hide="create"><span>{{application.name}}</span> Sessions (Placeholder Page)</h2>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
@ -49,4 +49,6 @@ public interface ClientModel {
|
||||||
boolean validateSecret(String secret);
|
boolean validateSecret(String secret);
|
||||||
String getSecret();
|
String getSecret();
|
||||||
public void setSecret(String secret);
|
public void setSecret(String secret);
|
||||||
|
|
||||||
|
RealmModel getRealm();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -101,6 +101,8 @@ public interface RealmModel extends RoleContainerModel, RoleMapperModel, ScopeMa
|
||||||
|
|
||||||
boolean removeUser(String name);
|
boolean removeUser(String name);
|
||||||
|
|
||||||
|
RoleModel getRoleById(String id);
|
||||||
|
|
||||||
List<String> getDefaultRoles();
|
List<String> getDefaultRoles();
|
||||||
|
|
||||||
void addDefaultRole(String name);
|
void addDefaultRole(String name);
|
||||||
|
|
@ -182,4 +184,6 @@ public interface RealmModel extends RoleContainerModel, RoleMapperModel, ScopeMa
|
||||||
int getNotBefore();
|
int getNotBefore();
|
||||||
|
|
||||||
void setNotBefore(int notBefore);
|
void setNotBefore(int notBefore);
|
||||||
|
|
||||||
|
boolean removeRoleById(String id);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -12,9 +12,8 @@ public interface RoleContainerModel {
|
||||||
|
|
||||||
RoleModel addRole(String name);
|
RoleModel addRole(String name);
|
||||||
|
|
||||||
boolean removeRoleById(String id);
|
boolean removeRole(RoleModel role);
|
||||||
|
|
||||||
Set<RoleModel> getRoles();
|
Set<RoleModel> getRoles();
|
||||||
|
|
||||||
RoleModel getRoleById(String id);
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -24,10 +24,9 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
||||||
|
|
||||||
protected EntityManager em;
|
protected EntityManager em;
|
||||||
protected ApplicationEntity applicationEntity;
|
protected ApplicationEntity applicationEntity;
|
||||||
protected RealmModel realm;
|
|
||||||
|
|
||||||
public ApplicationAdapter(RealmModel realm, EntityManager em, ApplicationEntity applicationEntity) {
|
public ApplicationAdapter(RealmModel realm, EntityManager em, ApplicationEntity applicationEntity) {
|
||||||
super(applicationEntity);
|
super(realm, applicationEntity);
|
||||||
this.realm = realm;
|
this.realm = realm;
|
||||||
this.em = em;
|
this.em = em;
|
||||||
this.applicationEntity = applicationEntity;
|
this.applicationEntity = applicationEntity;
|
||||||
|
|
@ -48,7 +47,6 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
||||||
entity.setName(name);
|
entity.setName(name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean isSurrogateAuthRequired() {
|
public boolean isSurrogateAuthRequired() {
|
||||||
return applicationEntity.isSurrogateAuthRequired();
|
return applicationEntity.isSurrogateAuthRequired();
|
||||||
|
|
@ -103,11 +101,14 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeRoleById(String id) {
|
public boolean removeRole(RoleModel roleModel) {
|
||||||
RoleAdapter roleAdapter = getRoleById(id);
|
RoleAdapter roleAdapter = (RoleAdapter)roleModel;
|
||||||
if (roleAdapter == null) {
|
if (roleAdapter == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
if (!roleAdapter.getContainer().equals(this)) return false;
|
||||||
|
|
||||||
|
if (!(roleAdapter.getRole() instanceof ApplicationRoleEntity)) return false;
|
||||||
|
|
||||||
ApplicationRoleEntity role = (ApplicationRoleEntity)roleAdapter.getRole();
|
ApplicationRoleEntity role = (ApplicationRoleEntity)roleAdapter.getRole();
|
||||||
|
|
||||||
|
|
@ -134,16 +135,6 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
|
||||||
public RoleAdapter getRoleById(String id) {
|
|
||||||
RoleEntity entity = em.find(RoleEntity.class, id);
|
|
||||||
|
|
||||||
// Check if it's application role and belongs to this application
|
|
||||||
if (entity == null || !(entity instanceof ApplicationRoleEntity)) return null;
|
|
||||||
ApplicationRoleEntity appRoleEntity = (ApplicationRoleEntity)entity;
|
|
||||||
return (appRoleEntity.getApplication().equals(this.entity)) ? new RoleAdapter(this.realm, em, appRoleEntity) : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Set<RoleModel> getApplicationRoleMappings(UserModel user) {
|
public Set<RoleModel> getApplicationRoleMappings(UserModel user) {
|
||||||
Set<RoleModel> roleMappings = realm.getRoleMappings(user);
|
Set<RoleModel> roleMappings = realm.getRoleMappings(user);
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
package org.keycloak.models.jpa;
|
package org.keycloak.models.jpa;
|
||||||
|
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.jpa.entities.ClientEntity;
|
import org.keycloak.models.jpa.entities.ClientEntity;
|
||||||
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
||||||
|
|
||||||
|
|
@ -13,8 +14,10 @@ import java.util.Set;
|
||||||
*/
|
*/
|
||||||
public class ClientAdapter implements ClientModel {
|
public class ClientAdapter implements ClientModel {
|
||||||
protected ClientEntity entity;
|
protected ClientEntity entity;
|
||||||
|
protected RealmModel realm;
|
||||||
|
|
||||||
public ClientAdapter(ClientEntity entity) {
|
public ClientAdapter(RealmModel realm, ClientEntity entity) {
|
||||||
|
this.realm = realm;
|
||||||
this.entity = entity;
|
this.entity = entity;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -22,75 +25,111 @@ public class ClientAdapter implements ClientModel {
|
||||||
return entity;
|
return entity;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public String getId() {
|
public String getId() {
|
||||||
return entity.getId();
|
return entity.getId();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public RealmModel getRealm() {
|
||||||
|
return realm;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public String getClientId() {
|
public String getClientId() {
|
||||||
return entity.getName();
|
return entity.getName();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public boolean isEnabled() {
|
public boolean isEnabled() {
|
||||||
return entity.isEnabled();
|
return entity.isEnabled();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void setEnabled(boolean enabled) {
|
public void setEnabled(boolean enabled) {
|
||||||
entity.setEnabled(enabled);
|
entity.setEnabled(enabled);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public long getAllowedClaimsMask() {
|
public long getAllowedClaimsMask() {
|
||||||
return entity.getAllowedClaimsMask();
|
return entity.getAllowedClaimsMask();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void setAllowedClaimsMask(long mask) {
|
public void setAllowedClaimsMask(long mask) {
|
||||||
entity.setAllowedClaimsMask(mask);
|
entity.setAllowedClaimsMask(mask);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public Set<String> getWebOrigins() {
|
public Set<String> getWebOrigins() {
|
||||||
Set<String> result = new HashSet<String>();
|
Set<String> result = new HashSet<String>();
|
||||||
result.addAll(entity.getWebOrigins());
|
result.addAll(entity.getWebOrigins());
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void setWebOrigins(Set<String> webOrigins) {
|
public void setWebOrigins(Set<String> webOrigins) {
|
||||||
entity.setWebOrigins(webOrigins);
|
entity.setWebOrigins(webOrigins);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void addWebOrigin(String webOrigin) {
|
public void addWebOrigin(String webOrigin) {
|
||||||
entity.getWebOrigins().add(webOrigin);
|
entity.getWebOrigins().add(webOrigin);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void removeWebOrigin(String webOrigin) {
|
public void removeWebOrigin(String webOrigin) {
|
||||||
entity.getWebOrigins().remove(webOrigin);
|
entity.getWebOrigins().remove(webOrigin);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public Set<String> getRedirectUris() {
|
public Set<String> getRedirectUris() {
|
||||||
Set<String> result = new HashSet<String>();
|
Set<String> result = new HashSet<String>();
|
||||||
result.addAll(entity.getRedirectUris());
|
result.addAll(entity.getRedirectUris());
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void setRedirectUris(Set<String> redirectUris) {
|
public void setRedirectUris(Set<String> redirectUris) {
|
||||||
entity.setRedirectUris(redirectUris);
|
entity.setRedirectUris(redirectUris);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void addRedirectUri(String redirectUri) {
|
public void addRedirectUri(String redirectUri) {
|
||||||
entity.getRedirectUris().add(redirectUri);
|
entity.getRedirectUris().add(redirectUri);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void removeRedirectUri(String redirectUri) {
|
public void removeRedirectUri(String redirectUri) {
|
||||||
entity.getRedirectUris().remove(redirectUri);
|
entity.getRedirectUris().remove(redirectUri);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public String getSecret() {
|
public String getSecret() {
|
||||||
return entity.getSecret();
|
return entity.getSecret();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void setSecret(String secret) {
|
public void setSecret(String secret) {
|
||||||
entity.setSecret(secret);
|
entity.setSecret(secret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public boolean validateSecret(String secret) {
|
public boolean validateSecret(String secret) {
|
||||||
return secret.equals(entity.getSecret());
|
return secret.equals(entity.getSecret());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean equals(Object o) {
|
||||||
|
if (this == o) return true;
|
||||||
|
if (!this.getClass().equals(o.getClass())) return false;
|
||||||
|
|
||||||
|
ClientAdapter that = (ClientAdapter) o;
|
||||||
|
return that.getId().equals(getId());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int hashCode() {
|
||||||
|
return entity.getId().hashCode();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
package org.keycloak.models.jpa;
|
package org.keycloak.models.jpa;
|
||||||
|
|
||||||
import org.keycloak.models.OAuthClientModel;
|
import org.keycloak.models.OAuthClientModel;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
||||||
|
|
||||||
|
|
@ -13,7 +14,9 @@ import java.util.Set;
|
||||||
*/
|
*/
|
||||||
public class OAuthClientAdapter extends ClientAdapter implements OAuthClientModel {
|
public class OAuthClientAdapter extends ClientAdapter implements OAuthClientModel {
|
||||||
|
|
||||||
public OAuthClientAdapter(OAuthClientEntity entity) {
|
public OAuthClientAdapter(RealmModel realm, OAuthClientEntity entity) {
|
||||||
super(entity);
|
super(realm, entity);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package org.keycloak.models.jpa;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
import org.keycloak.models.RoleContainerModel;
|
import org.keycloak.models.RoleContainerModel;
|
||||||
import org.keycloak.models.jpa.entities.ApplicationEntity;
|
import org.keycloak.models.jpa.entities.ApplicationEntity;
|
||||||
|
import org.keycloak.models.jpa.entities.ApplicationRoleEntity;
|
||||||
import org.keycloak.models.jpa.entities.CredentialEntity;
|
import org.keycloak.models.jpa.entities.CredentialEntity;
|
||||||
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
||||||
import org.keycloak.models.jpa.entities.RealmEntity;
|
import org.keycloak.models.jpa.entities.RealmEntity;
|
||||||
|
|
@ -496,7 +497,7 @@ public class RealmAdapter implements RealmModel {
|
||||||
if (application == null) return false;
|
if (application == null) return false;
|
||||||
|
|
||||||
for (RoleModel role : application.getRoles()) {
|
for (RoleModel role : application.getRoles()) {
|
||||||
application.removeRoleById(role.getId());
|
application.removeRole(role);
|
||||||
}
|
}
|
||||||
|
|
||||||
ApplicationEntity applicationEntity = null;
|
ApplicationEntity applicationEntity = null;
|
||||||
|
|
@ -673,12 +674,14 @@ public class RealmAdapter implements RealmModel {
|
||||||
data.setRealm(realm);
|
data.setRealm(realm);
|
||||||
em.persist(data);
|
em.persist(data);
|
||||||
em.flush();
|
em.flush();
|
||||||
return new OAuthClientAdapter(data);
|
return new OAuthClientAdapter(this, data);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeOAuthClient(String id) {
|
public boolean removeOAuthClient(String id) {
|
||||||
OAuthClientEntity client = em.find(OAuthClientEntity.class, id);
|
OAuthClientModel oauth = getOAuthClientById(id);
|
||||||
|
if (oauth == null) return false;
|
||||||
|
OAuthClientEntity client = (OAuthClientEntity)((OAuthClientAdapter)oauth).getEntity();
|
||||||
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where client = :client").setParameter("client", client).executeUpdate();
|
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where client = :client").setParameter("client", client).executeUpdate();
|
||||||
em.remove(client);
|
em.remove(client);
|
||||||
return true;
|
return true;
|
||||||
|
|
@ -692,7 +695,7 @@ public class RealmAdapter implements RealmModel {
|
||||||
query.setParameter("realm", realm);
|
query.setParameter("realm", realm);
|
||||||
List<OAuthClientEntity> entities = query.getResultList();
|
List<OAuthClientEntity> entities = query.getResultList();
|
||||||
if (entities.size() == 0) return null;
|
if (entities.size() == 0) return null;
|
||||||
return new OAuthClientAdapter(entities.get(0));
|
return new OAuthClientAdapter(this, entities.get(0));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -700,8 +703,8 @@ public class RealmAdapter implements RealmModel {
|
||||||
OAuthClientEntity client = em.find(OAuthClientEntity.class, id);
|
OAuthClientEntity client = em.find(OAuthClientEntity.class, id);
|
||||||
|
|
||||||
// Check if client belongs to this realm
|
// Check if client belongs to this realm
|
||||||
if (client == null || !this.realm.equals(client.getRealm())) return null;
|
if (client == null || !this.realm.getId().equals(client.getRealm().getId())) return null;
|
||||||
return new OAuthClientAdapter(client);
|
return new OAuthClientAdapter(this, client);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -711,7 +714,7 @@ public class RealmAdapter implements RealmModel {
|
||||||
query.setParameter("realm", realm);
|
query.setParameter("realm", realm);
|
||||||
List<OAuthClientEntity> entities = query.getResultList();
|
List<OAuthClientEntity> entities = query.getResultList();
|
||||||
List<OAuthClientModel> list = new ArrayList<OAuthClientModel>();
|
List<OAuthClientModel> list = new ArrayList<OAuthClientModel>();
|
||||||
for (OAuthClientEntity entity : entities) list.add(new OAuthClientAdapter(entity));
|
for (OAuthClientEntity entity : entities) list.add(new OAuthClientAdapter(this, entity));
|
||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -761,12 +764,12 @@ public class RealmAdapter implements RealmModel {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeRoleById(String id) {
|
public boolean removeRole(RoleModel role) {
|
||||||
RoleModel role = getRoleById(id);
|
|
||||||
|
|
||||||
if (role == null) {
|
if (role == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
if (!role.getContainer().equals(this)) return false;
|
||||||
|
|
||||||
RoleEntity roleEntity = ((RoleAdapter)role).getRole();
|
RoleEntity roleEntity = ((RoleAdapter)role).getRole();
|
||||||
realm.getRoles().remove(role);
|
realm.getRoles().remove(role);
|
||||||
realm.getDefaultRoles().remove(role);
|
realm.getDefaultRoles().remove(role);
|
||||||
|
|
@ -793,11 +796,22 @@ public class RealmAdapter implements RealmModel {
|
||||||
@Override
|
@Override
|
||||||
public RoleModel getRoleById(String id) {
|
public RoleModel getRoleById(String id) {
|
||||||
RoleEntity entity = em.find(RoleEntity.class, id);
|
RoleEntity entity = em.find(RoleEntity.class, id);
|
||||||
|
if (entity == null) return null;
|
||||||
|
if (entity instanceof RealmRoleEntity) {
|
||||||
|
RealmRoleEntity roleEntity = (RealmRoleEntity)entity;
|
||||||
|
if (!roleEntity.getRealm().getId().equals(getId())) return null;
|
||||||
|
} else {
|
||||||
|
ApplicationRoleEntity roleEntity = (ApplicationRoleEntity)entity;
|
||||||
|
if (!roleEntity.getApplication().getRealm().getId().equals(getId())) return null;
|
||||||
|
}
|
||||||
|
return new RoleAdapter(this, em, entity);
|
||||||
|
}
|
||||||
|
|
||||||
// Check if it's realm role and belongs to this realm
|
@Override
|
||||||
if (entity == null || !(entity instanceof RealmRoleEntity)) return null;
|
public boolean removeRoleById(String id) {
|
||||||
RealmRoleEntity realmRoleEntity = (RealmRoleEntity)entity;
|
RoleModel role = getRoleById(id);
|
||||||
return (realmRoleEntity.getRealm().equals(this.realm)) ? new RoleAdapter(this, em, realmRoleEntity) : null;
|
if (role == null) return false;
|
||||||
|
return role.getContainer().removeRole(role);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
||||||
|
|
@ -124,13 +124,13 @@ public class RoleAdapter implements RoleModel {
|
||||||
|
|
||||||
RoleAdapter that = (RoleAdapter) o;
|
RoleAdapter that = (RoleAdapter) o;
|
||||||
|
|
||||||
if (!role.equals(that.role)) return false;
|
if (!role.getId().equals(that.role.getId())) return false;
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public int hashCode() {
|
public int hashCode() {
|
||||||
return role.hashCode();
|
return role.getId().hashCode();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ import com.mongodb.DBObject;
|
||||||
import com.mongodb.QueryBuilder;
|
import com.mongodb.QueryBuilder;
|
||||||
import org.keycloak.models.ApplicationModel;
|
import org.keycloak.models.ApplicationModel;
|
||||||
import org.keycloak.models.ClientModel;
|
import org.keycloak.models.ClientModel;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
||||||
|
|
@ -24,10 +25,12 @@ import java.util.Set;
|
||||||
public class ApplicationAdapter extends AbstractAdapter implements ApplicationModel {
|
public class ApplicationAdapter extends AbstractAdapter implements ApplicationModel {
|
||||||
|
|
||||||
private final ApplicationEntity application;
|
private final ApplicationEntity application;
|
||||||
|
private final RealmModel realm;
|
||||||
|
|
||||||
public ApplicationAdapter(ApplicationEntity applicationEntity, MongoStoreInvocationContext invContext) {
|
public ApplicationAdapter(RealmModel realm, ApplicationEntity applicationEntity, MongoStoreInvocationContext invContext) {
|
||||||
super(invContext);
|
super(invContext);
|
||||||
this.application = applicationEntity;
|
this.application = applicationEntity;
|
||||||
|
this.realm = realm;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -55,6 +58,11 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
||||||
application.setName(name);
|
application.setName(name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public RealmModel getRealm() {
|
||||||
|
return realm;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean isEnabled() {
|
public boolean isEnabled() {
|
||||||
return application.isEnabled();
|
return application.isEnabled();
|
||||||
|
|
@ -116,19 +124,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
||||||
if (role == null) {
|
if (role == null) {
|
||||||
return null;
|
return null;
|
||||||
} else {
|
} else {
|
||||||
return new RoleAdapter(role, invocationContext);
|
return new RoleAdapter(getRealm(), role, invocationContext);
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public RoleModel getRoleById(String id) {
|
|
||||||
RoleEntity role = getMongoStore().loadEntity(RoleEntity.class, id, invocationContext);
|
|
||||||
|
|
||||||
// Check that role belongs to this application
|
|
||||||
if (role == null || !getId().equals(role.getApplicationId())) {
|
|
||||||
return null;
|
|
||||||
} else {
|
|
||||||
return new RoleAdapter(role, this, invocationContext);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -144,12 +140,12 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
||||||
roleEntity.setApplicationId(getId());
|
roleEntity.setApplicationId(getId());
|
||||||
|
|
||||||
getMongoStore().insertEntity(roleEntity, invocationContext);
|
getMongoStore().insertEntity(roleEntity, invocationContext);
|
||||||
return new RoleAdapter(roleEntity, this, invocationContext);
|
return new RoleAdapter(getRealm(), roleEntity, this, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean removeRoleById(String id) {
|
public boolean removeRole(RoleModel role) {
|
||||||
return getMongoStore().removeEntity(RoleEntity.class, id, invocationContext);
|
return getMongoStore().removeEntity(RoleEntity.class, role.getId(), invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -161,7 +157,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
||||||
|
|
||||||
Set<RoleModel> result = new HashSet<RoleModel>();
|
Set<RoleModel> result = new HashSet<RoleModel>();
|
||||||
for (RoleEntity role : roles) {
|
for (RoleEntity role : roles) {
|
||||||
result.add(new RoleAdapter(role, this, invocationContext));
|
result.add(new RoleAdapter(getRealm(), role, this, invocationContext));
|
||||||
}
|
}
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
|
|
@ -174,7 +170,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
||||||
|
|
||||||
for (RoleEntity role : roles) {
|
for (RoleEntity role : roles) {
|
||||||
if (getId().equals(role.getApplicationId())) {
|
if (getId().equals(role.getApplicationId())) {
|
||||||
result.add(new RoleAdapter(role, this, invocationContext));
|
result.add(new RoleAdapter(getRealm(), role, this, invocationContext));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return result;
|
return result;
|
||||||
|
|
@ -192,7 +188,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
||||||
|
|
||||||
for (RoleEntity role : roles) {
|
for (RoleEntity role : roles) {
|
||||||
if (getId().equals(role.getApplicationId())) {
|
if (getId().equals(role.getApplicationId())) {
|
||||||
result.add(new RoleAdapter(role, this, invocationContext));
|
result.add(new RoleAdapter(getRealm(), role, this, invocationContext));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return result;
|
return result;
|
||||||
|
|
@ -301,5 +297,21 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
||||||
return secret.equals(application.getSecret());
|
return secret.equals(application.getSecret());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean equals(Object o) {
|
||||||
|
if (this == o) return true;
|
||||||
|
if (!(o instanceof ApplicationAdapter)) return false;
|
||||||
|
if (!super.equals(o)) return false;
|
||||||
|
|
||||||
|
ApplicationAdapter that = (ApplicationAdapter) o;
|
||||||
|
|
||||||
|
if (!application.getId().equals(that.application.getId())) return false;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int hashCode() {
|
||||||
|
return application.getId().hashCode();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
package org.keycloak.models.mongo.keycloak.adapters;
|
package org.keycloak.models.mongo.keycloak.adapters;
|
||||||
|
|
||||||
import org.keycloak.models.OAuthClientModel;
|
import org.keycloak.models.OAuthClientModel;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.UserModel;
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
||||||
import org.keycloak.models.mongo.api.context.MongoStoreInvocationContext;
|
import org.keycloak.models.mongo.api.context.MongoStoreInvocationContext;
|
||||||
|
|
@ -18,10 +19,12 @@ import java.util.Set;
|
||||||
public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientModel {
|
public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientModel {
|
||||||
|
|
||||||
private final OAuthClientEntity delegate;
|
private final OAuthClientEntity delegate;
|
||||||
|
private final RealmModel realm;
|
||||||
|
|
||||||
public OAuthClientAdapter(OAuthClientEntity oauthClientEntity, MongoStoreInvocationContext invContext) {
|
public OAuthClientAdapter(RealmModel realm, OAuthClientEntity oauthClientEntity, MongoStoreInvocationContext invContext) {
|
||||||
super(invContext);
|
super(invContext);
|
||||||
this.delegate = oauthClientEntity;
|
this.delegate = oauthClientEntity;
|
||||||
|
this.realm = realm;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -34,6 +37,11 @@ public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientMo
|
||||||
return delegate.getName();
|
return delegate.getName();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public RealmModel getRealm() {
|
||||||
|
return realm;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public long getAllowedClaimsMask() {
|
public long getAllowedClaimsMask() {
|
||||||
return delegate.getAllowedClaimsMask();
|
return delegate.getAllowedClaimsMask();
|
||||||
|
|
|
||||||
|
|
@ -413,7 +413,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
if (role == null) {
|
if (role == null) {
|
||||||
return null;
|
return null;
|
||||||
} else {
|
} else {
|
||||||
return new RoleAdapter(role, this, invocationContext);
|
return new RoleAdapter(this, role, this, invocationContext);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -431,7 +431,12 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
roleEntity.setRealmId(getId());
|
roleEntity.setRealmId(getId());
|
||||||
|
|
||||||
getMongoStore().insertEntity(roleEntity, invocationContext);
|
getMongoStore().insertEntity(roleEntity, invocationContext);
|
||||||
return new RoleAdapter(roleEntity, this, invocationContext);
|
return new RoleAdapter(this, roleEntity, this, invocationContext);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean removeRole(RoleModel role) {
|
||||||
|
return removeRoleById(role.getId());
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -450,7 +455,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
|
|
||||||
if (roles == null) return result;
|
if (roles == null) return result;
|
||||||
for (RoleEntity role : roles) {
|
for (RoleEntity role : roles) {
|
||||||
result.add(new RoleAdapter(role, this, invocationContext));
|
result.add(new RoleAdapter(this, role, this, invocationContext));
|
||||||
}
|
}
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
|
|
@ -459,11 +464,14 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
@Override
|
@Override
|
||||||
public RoleModel getRoleById(String id) {
|
public RoleModel getRoleById(String id) {
|
||||||
RoleEntity role = getMongoStore().loadEntity(RoleEntity.class, id, invocationContext);
|
RoleEntity role = getMongoStore().loadEntity(RoleEntity.class, id, invocationContext);
|
||||||
if (role == null || !getId().equals(role.getRealmId())) {
|
if (role == null) return null;
|
||||||
return null;
|
if (role.getRealmId() != null) {
|
||||||
|
if (!role.getRealmId().equals(this.getId())) return null;
|
||||||
} else {
|
} else {
|
||||||
return new RoleAdapter(role, this, invocationContext);
|
ApplicationModel app = getApplicationById(role.getApplicationId());
|
||||||
|
if (app == null) return null;
|
||||||
}
|
}
|
||||||
|
return new RoleAdapter(this, role, null, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -514,7 +522,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
return new ApplicationAdapter(appData, invocationContext);
|
return new ApplicationAdapter(this, appData, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -524,7 +532,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
.and("name").is(name)
|
.and("name").is(name)
|
||||||
.get();
|
.get();
|
||||||
ApplicationEntity appEntity = getMongoStore().loadSingleEntity(ApplicationEntity.class, query, invocationContext);
|
ApplicationEntity appEntity = getMongoStore().loadSingleEntity(ApplicationEntity.class, query, invocationContext);
|
||||||
return appEntity==null ? null : new ApplicationAdapter(appEntity, invocationContext);
|
return appEntity==null ? null : new ApplicationAdapter(this, appEntity, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -545,7 +553,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
|
|
||||||
List<ApplicationModel> result = new ArrayList<ApplicationModel>();
|
List<ApplicationModel> result = new ArrayList<ApplicationModel>();
|
||||||
for (ApplicationEntity appData : appDatas) {
|
for (ApplicationEntity appData : appDatas) {
|
||||||
result.add(new ApplicationAdapter(appData, invocationContext));
|
result.add(new ApplicationAdapter(this, appData, invocationContext));
|
||||||
}
|
}
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
@ -558,7 +566,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
appData.setEnabled(true);
|
appData.setEnabled(true);
|
||||||
getMongoStore().insertEntity(appData, invocationContext);
|
getMongoStore().insertEntity(appData, invocationContext);
|
||||||
|
|
||||||
return new ApplicationAdapter(appData, invocationContext);
|
return new ApplicationAdapter(this, appData, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -590,10 +598,10 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
|
|
||||||
for (RoleEntity role : roles) {
|
for (RoleEntity role : roles) {
|
||||||
if (getId().equals(role.getRealmId())) {
|
if (getId().equals(role.getRealmId())) {
|
||||||
result.add(new RoleAdapter(role, this, invocationContext));
|
result.add(new RoleAdapter(this, role, this, invocationContext));
|
||||||
} else {
|
} else {
|
||||||
// Likely applicationRole, but we don't have this application yet
|
// Likely applicationRole, but we don't have this application yet
|
||||||
result.add(new RoleAdapter(role, invocationContext));
|
result.add(new RoleAdapter(this, role, invocationContext));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return result;
|
return result;
|
||||||
|
|
@ -630,10 +638,10 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
|
|
||||||
for (RoleEntity role : roles) {
|
for (RoleEntity role : roles) {
|
||||||
if (getId().equals(role.getRealmId())) {
|
if (getId().equals(role.getRealmId())) {
|
||||||
result.add(new RoleAdapter(role, this, invocationContext));
|
result.add(new RoleAdapter(this, role, this, invocationContext));
|
||||||
} else {
|
} else {
|
||||||
// Likely applicationRole, but we don't have this application yet
|
// Likely applicationRole, but we don't have this application yet
|
||||||
result.add(new RoleAdapter(role, invocationContext));
|
result.add(new RoleAdapter(this, role, invocationContext));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return result;
|
return result;
|
||||||
|
|
@ -684,7 +692,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
oauthClient.setName(name);
|
oauthClient.setName(name);
|
||||||
getMongoStore().insertEntity(oauthClient, invocationContext);
|
getMongoStore().insertEntity(oauthClient, invocationContext);
|
||||||
|
|
||||||
return new OAuthClientAdapter(oauthClient, invocationContext);
|
return new OAuthClientAdapter(this, oauthClient, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -699,7 +707,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
.and("name").is(name)
|
.and("name").is(name)
|
||||||
.get();
|
.get();
|
||||||
OAuthClientEntity oauthClient = getMongoStore().loadSingleEntity(OAuthClientEntity.class, query, invocationContext);
|
OAuthClientEntity oauthClient = getMongoStore().loadSingleEntity(OAuthClientEntity.class, query, invocationContext);
|
||||||
return oauthClient == null ? null : new OAuthClientAdapter(oauthClient, invocationContext);
|
return oauthClient == null ? null : new OAuthClientAdapter(this, oauthClient, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -709,7 +717,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
// Check if client belongs to this realm
|
// Check if client belongs to this realm
|
||||||
if (clientEntity == null || !getId().equals(clientEntity.getRealmId())) return null;
|
if (clientEntity == null || !getId().equals(clientEntity.getRealmId())) return null;
|
||||||
|
|
||||||
return new OAuthClientAdapter(clientEntity, invocationContext);
|
return new OAuthClientAdapter(this, clientEntity, invocationContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -720,7 +728,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
||||||
List<OAuthClientEntity> results = getMongoStore().loadEntities(OAuthClientEntity.class, query, invocationContext);
|
List<OAuthClientEntity> results = getMongoStore().loadEntities(OAuthClientEntity.class, query, invocationContext);
|
||||||
List<OAuthClientModel> list = new ArrayList<OAuthClientModel>();
|
List<OAuthClientModel> list = new ArrayList<OAuthClientModel>();
|
||||||
for (OAuthClientEntity data : results) {
|
for (OAuthClientEntity data : results) {
|
||||||
list.add(new OAuthClientAdapter(data, invocationContext));
|
list.add(new OAuthClientAdapter(this, data, invocationContext));
|
||||||
}
|
}
|
||||||
return list;
|
return list;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
31
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RoleAdapter.java
Normal file → Executable file
31
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RoleAdapter.java
Normal file → Executable file
|
|
@ -7,6 +7,7 @@ import java.util.Set;
|
||||||
|
|
||||||
import com.mongodb.DBObject;
|
import com.mongodb.DBObject;
|
||||||
import com.mongodb.QueryBuilder;
|
import com.mongodb.QueryBuilder;
|
||||||
|
import org.keycloak.models.RealmModel;
|
||||||
import org.keycloak.models.RoleContainerModel;
|
import org.keycloak.models.RoleContainerModel;
|
||||||
import org.keycloak.models.RoleModel;
|
import org.keycloak.models.RoleModel;
|
||||||
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
||||||
|
|
@ -26,15 +27,17 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
||||||
|
|
||||||
private final RoleEntity role;
|
private final RoleEntity role;
|
||||||
private RoleContainerModel roleContainer;
|
private RoleContainerModel roleContainer;
|
||||||
|
private RealmModel realm;
|
||||||
|
|
||||||
public RoleAdapter(RoleEntity roleEntity, MongoStoreInvocationContext invContext) {
|
public RoleAdapter(RealmModel realm, RoleEntity roleEntity, MongoStoreInvocationContext invContext) {
|
||||||
this(roleEntity, null, invContext);
|
this(realm, roleEntity, null, invContext);
|
||||||
}
|
}
|
||||||
|
|
||||||
public RoleAdapter(RoleEntity roleEntity, RoleContainerModel roleContainer, MongoStoreInvocationContext invContext) {
|
public RoleAdapter(RealmModel realm, RoleEntity roleEntity, RoleContainerModel roleContainer, MongoStoreInvocationContext invContext) {
|
||||||
super(invContext);
|
super(invContext);
|
||||||
this.role = roleEntity;
|
this.role = roleEntity;
|
||||||
this.roleContainer = roleContainer;
|
this.roleContainer = roleContainer;
|
||||||
|
this.realm = realm;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -96,7 +99,7 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
||||||
|
|
||||||
Set<RoleModel> set = new HashSet<RoleModel>();
|
Set<RoleModel> set = new HashSet<RoleModel>();
|
||||||
for (RoleEntity childRole : childRoles) {
|
for (RoleEntity childRole : childRoles) {
|
||||||
set.add(new RoleAdapter(childRole, invocationContext));
|
set.add(new RoleAdapter(realm, childRole, invocationContext));
|
||||||
}
|
}
|
||||||
return set;
|
return set;
|
||||||
}
|
}
|
||||||
|
|
@ -116,7 +119,7 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
||||||
if (appEntity == null) {
|
if (appEntity == null) {
|
||||||
throw new IllegalStateException("Application with id: " + role.getApplicationId() + " doesn't exists");
|
throw new IllegalStateException("Application with id: " + role.getApplicationId() + " doesn't exists");
|
||||||
}
|
}
|
||||||
roleContainer = new ApplicationAdapter(appEntity, invocationContext);
|
roleContainer = new ApplicationAdapter(realm, appEntity, invocationContext);
|
||||||
} else {
|
} else {
|
||||||
throw new IllegalStateException("Both realmId and applicationId are null for role: " + this);
|
throw new IllegalStateException("Both realmId and applicationId are null for role: " + this);
|
||||||
}
|
}
|
||||||
|
|
@ -141,4 +144,22 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
||||||
public AbstractMongoIdentifiableEntity getMongoEntity() {
|
public AbstractMongoIdentifiableEntity getMongoEntity() {
|
||||||
return role;
|
return role;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean equals(Object o) {
|
||||||
|
if (this == o) return true;
|
||||||
|
if (o == null || getClass() != o.getClass()) return false;
|
||||||
|
|
||||||
|
RoleAdapter that = (RoleAdapter) o;
|
||||||
|
|
||||||
|
if (!role.getId().equals(that.role.getId())) return false;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int hashCode() {
|
||||||
|
return role.getId().hashCode();
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -241,8 +241,8 @@ public class AdapterTest extends AbstractModelTest {
|
||||||
Assert.assertFalse(realmModel.removeRoleById(realmRole.getId()));
|
Assert.assertFalse(realmModel.removeRoleById(realmRole.getId()));
|
||||||
Assert.assertNull(realmModel.getRole(realmRole.getName()));
|
Assert.assertNull(realmModel.getRole(realmRole.getName()));
|
||||||
|
|
||||||
Assert.assertTrue(app.removeRoleById(appRole.getId()));
|
Assert.assertTrue(realmModel.removeRoleById(appRole.getId()));
|
||||||
Assert.assertFalse(app.removeRoleById(appRole.getId()));
|
Assert.assertFalse(realmModel.removeRoleById(appRole.getId()));
|
||||||
Assert.assertNull(app.getRole(appRole.getName()));
|
Assert.assertNull(app.getRole(appRole.getName()));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -431,13 +431,9 @@ public class AdapterTest extends AbstractModelTest {
|
||||||
Set<RoleModel> appRoles = application.getRoles();
|
Set<RoleModel> appRoles = application.getRoles();
|
||||||
Assert.assertEquals(2, appRoles.size());
|
Assert.assertEquals(2, appRoles.size());
|
||||||
RoleModel appBarRole = application.getRole("bar");
|
RoleModel appBarRole = application.getRole("bar");
|
||||||
|
Assert.assertNotNull(appBarRole);
|
||||||
|
|
||||||
// This should return null because it's realmRole
|
found = realmModel.getRoleById(appBarRole.getId());
|
||||||
Assert.assertNull(application.getRoleById(realmUserRole.getId()));
|
|
||||||
|
|
||||||
// This should return null because appBarRole is application role
|
|
||||||
Assert.assertNull(realmModel.getRoleById(appBarRole.getId()));
|
|
||||||
found = application.getRoleById(appBarRole.getId());
|
|
||||||
Assert.assertNotNull(found);
|
Assert.assertNotNull(found);
|
||||||
assertRolesEquals(found, appBarRole);
|
assertRolesEquals(found, appBarRole);
|
||||||
|
|
||||||
|
|
|
||||||
11
model/tests/src/test/java/org/keycloak/model/test/MultipleRealmsTest.java
Normal file → Executable file
11
model/tests/src/test/java/org/keycloak/model/test/MultipleRealmsTest.java
Normal file → Executable file
|
|
@ -75,20 +75,11 @@ public class MultipleRealmsTest extends AbstractModelTest {
|
||||||
Assert.assertEquals(r2cl1.getId(), realm2.getOAuthClientById(r2cl1.getId()).getId());
|
Assert.assertEquals(r2cl1.getId(), realm2.getOAuthClientById(r2cl1.getId()).getId());
|
||||||
|
|
||||||
RoleModel r1App1Role = r1app1.getRole("app1Role1");
|
RoleModel r1App1Role = r1app1.getRole("app1Role1");
|
||||||
Assert.assertNull(realm1.getRoleById(r1App1Role.getId()));
|
Assert.assertEquals(r1App1Role, realm1.getRoleById(r1App1Role.getId()));
|
||||||
Assert.assertNull(realm2.getRoleById(r1App1Role.getId()));
|
|
||||||
Assert.assertEquals(r1App1Role, r1app1.getRoleById(r1App1Role.getId()));
|
|
||||||
Assert.assertNull(r1app2.getRoleById(r1App1Role.getId()));
|
|
||||||
Assert.assertNull(r2app1.getRoleById(r1App1Role.getId()));
|
|
||||||
Assert.assertNull(r2app2.getRoleById(r1App1Role.getId()));
|
|
||||||
|
|
||||||
RoleModel r2Role1 = realm2.getRole("role2");
|
RoleModel r2Role1 = realm2.getRole("role2");
|
||||||
Assert.assertNull(realm1.getRoleById(r2Role1.getId()));
|
Assert.assertNull(realm1.getRoleById(r2Role1.getId()));
|
||||||
Assert.assertEquals(r2Role1, realm2.getRoleById(r2Role1.getId()));
|
Assert.assertEquals(r2Role1, realm2.getRoleById(r2Role1.getId()));
|
||||||
Assert.assertNull(r1app1.getRoleById(r2Role1.getId()));
|
|
||||||
Assert.assertNull(r1app2.getRoleById(r2Role1.getId()));
|
|
||||||
Assert.assertNull(r2app1.getRoleById(r2Role1.getId()));
|
|
||||||
Assert.assertNull(r2app2.getRoleById(r2Role1.getId()));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private void createObjects(RealmModel realm) {
|
private void createObjects(RealmModel realm) {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
package org.keycloak.services.resources.admin;
|
package org.keycloak.services.resources.admin;
|
||||||
|
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
|
import org.jboss.resteasy.logging.Logger;
|
||||||
import org.keycloak.models.ApplicationModel;
|
import org.keycloak.models.ApplicationModel;
|
||||||
import org.keycloak.models.Constants;
|
import org.keycloak.models.Constants;
|
||||||
import org.keycloak.models.OAuthClientModel;
|
import org.keycloak.models.OAuthClientModel;
|
||||||
|
|
@ -28,6 +29,7 @@ import java.util.Set;
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
public class RoleByIdResource extends RoleResource {
|
public class RoleByIdResource extends RoleResource {
|
||||||
|
protected static final Logger logger = Logger.getLogger(RoleByIdResource.class);
|
||||||
private final RealmModel realm;
|
private final RealmModel realm;
|
||||||
private final RealmAuth auth;
|
private final RealmAuth auth;
|
||||||
|
|
||||||
|
|
@ -101,6 +103,8 @@ public class RoleByIdResource extends RoleResource {
|
||||||
@NoCache
|
@NoCache
|
||||||
@Produces("application/json")
|
@Produces("application/json")
|
||||||
public Set<RoleRepresentation> getRoleComposites(final @PathParam("role-id") String id) {
|
public Set<RoleRepresentation> getRoleComposites(final @PathParam("role-id") String id) {
|
||||||
|
|
||||||
|
logger.info("*** getRoleComposites: '" + id + "'");
|
||||||
RoleModel role = getRoleModel(id);
|
RoleModel role = getRoleModel(id);
|
||||||
auth.requireView();
|
auth.requireView();
|
||||||
return getRoleComposites(role);
|
return getRoleComposites(role);
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ public abstract class RoleResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void deleteRole(RoleModel role) {
|
protected void deleteRole(RoleModel role) {
|
||||||
if (!role.getContainer().removeRoleById(role.getId())) {
|
if (!role.getContainer().removeRole(role)) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -173,7 +173,7 @@ public class ScopeMappedResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
for (RoleRepresentation role : roles) {
|
for (RoleRepresentation role : roles) {
|
||||||
RoleModel roleModel = app.getRoleById(role.getId());
|
RoleModel roleModel = app.getRole(role.getName());
|
||||||
if (roleModel == null) {
|
if (roleModel == null) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
|
|
@ -202,7 +202,7 @@ public class ScopeMappedResource {
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
for (RoleRepresentation role : roles) {
|
for (RoleRepresentation role : roles) {
|
||||||
RoleModel roleModel = app.getRoleById(role.getId());
|
RoleModel roleModel = app.getRole(role.getName());
|
||||||
if (roleModel == null) {
|
if (roleModel == null) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -281,8 +281,8 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
for (RoleRepresentation role : roles) {
|
for (RoleRepresentation role : roles) {
|
||||||
RoleModel roleModel = realm.getRoleById(role.getId());
|
RoleModel roleModel = realm.getRole(role.getName());
|
||||||
if (roleModel == null) {
|
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
realm.grantRole(user, roleModel);
|
realm.grantRole(user, roleModel);
|
||||||
|
|
@ -311,8 +311,8 @@ public class UsersResource {
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
for (RoleRepresentation role : roles) {
|
for (RoleRepresentation role : roles) {
|
||||||
RoleModel roleModel = realm.getRoleById(role.getId());
|
RoleModel roleModel = realm.getRole(role.getName());
|
||||||
if (roleModel == null) {
|
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
realm.deleteRoleMapping(user, roleModel);
|
realm.deleteRoleMapping(user, roleModel);
|
||||||
|
|
@ -368,8 +368,8 @@ public class UsersResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
for (RoleRepresentation role : roles) {
|
for (RoleRepresentation role : roles) {
|
||||||
RoleModel roleModel = application.getRoleById(role.getId());
|
RoleModel roleModel = application.getRole(role.getName());
|
||||||
if (roleModel == null) {
|
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
realm.grantRole(user, roleModel);
|
realm.grantRole(user, roleModel);
|
||||||
|
|
@ -406,8 +406,8 @@ public class UsersResource {
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
for (RoleRepresentation role : roles) {
|
for (RoleRepresentation role : roles) {
|
||||||
RoleModel roleModel = application.getRoleById(role.getId());
|
RoleModel roleModel = application.getRole(role.getName());
|
||||||
if (roleModel == null) {
|
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
realm.deleteRoleMapping(user, roleModel);
|
realm.deleteRoleMapping(user, roleModel);
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue