Merge pull request #256 from patriot1burke/master
refactor getRoleById, fix bugs
This commit is contained in:
commit
ec309e7e02
62 changed files with 5458 additions and 5409 deletions
|
@ -349,18 +349,6 @@ module.config([ '$routeProvider', function($routeProvider) {
|
|||
},
|
||||
controller : 'ApplicationInstallationCtrl'
|
||||
})
|
||||
.when('/realms/:realm/applications/:application/sessions', {
|
||||
templateUrl : 'partials/application-sessions.html',
|
||||
resolve : {
|
||||
realm : function(RealmLoader) {
|
||||
return RealmLoader();
|
||||
},
|
||||
application : function(ApplicationLoader) {
|
||||
return ApplicationLoader();
|
||||
}
|
||||
},
|
||||
controller : 'ApplicationSessionsCtrl'
|
||||
})
|
||||
.when('/create/application/:realm', {
|
||||
templateUrl : 'partials/application-detail.html',
|
||||
resolve : {
|
||||
|
|
|
@ -3,6 +3,10 @@ module.controller('ApplicationRoleListCtrl', function($scope, $location, realm,
|
|||
$scope.roles = roles;
|
||||
$scope.application = application;
|
||||
|
||||
for (var i = 0; i < roles.length; i++) {
|
||||
console.log("role.id: " + roles[i].id + " role.name: " + roles[i].name);
|
||||
}
|
||||
|
||||
$scope.$watch(function() {
|
||||
return $location.path();
|
||||
}, function() {
|
||||
|
@ -39,11 +43,6 @@ module.controller('ApplicationCredentialsCtrl', function($scope, $location, real
|
|||
});
|
||||
});
|
||||
|
||||
module.controller('ApplicationSessionsCtrl', function($scope, $location, realm, application) {
|
||||
$scope.realm = realm;
|
||||
$scope.application = application;
|
||||
});
|
||||
|
||||
module.controller('ApplicationClaimsCtrl', function($scope, realm, application, claims,
|
||||
ApplicationClaims,
|
||||
$http, $location, Dialog, Notifications) {
|
||||
|
|
|
@ -510,7 +510,7 @@ module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, appli
|
|||
// Update/save the selected application with new default roles.
|
||||
Application.update({
|
||||
realm: $scope.realm.realm,
|
||||
id: $scope.application.name
|
||||
application: $scope.application.name
|
||||
}, $scope.application, function () {
|
||||
Notifications.success("Your changes have been saved to the application.");
|
||||
});
|
||||
|
@ -534,7 +534,7 @@ module.controller('RealmDefaultRolesCtrl', function ($scope, Realm, realm, appli
|
|||
// Update/save the selected application with new default roles.
|
||||
Application.update({
|
||||
realm: $scope.realm.realm,
|
||||
id: $scope.application.name
|
||||
application: $scope.application.name
|
||||
}, $scope.application, function () {
|
||||
Notifications.success("Your changes have been saved to the application.");
|
||||
});
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
<div id="content">
|
||||
<ol class="breadcrumb" data-ng-hide="create">
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
<div id="content">
|
||||
<ol class="breadcrumb" data-ng-hide="create">
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
<div id="content">
|
||||
<ol class="breadcrumb" data-ng-show="create">
|
||||
|
|
|
@ -8,7 +8,6 @@
|
|||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
|
||||
<div class="top-nav" data-ng-show="create">
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
|
||||
<div id="content">
|
||||
|
|
|
@ -8,7 +8,6 @@
|
|||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
|
||||
<div id="content">
|
||||
|
|
|
@ -8,7 +8,6 @@
|
|||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
|
||||
<div id="content">
|
||||
|
|
|
@ -1,23 +0,0 @@
|
|||
<div class="bs-sidebar col-md-3 clearfix" data-ng-include data-src="'partials/realm-menu.html'"></div>
|
||||
<div id="content-area" class="col-md-9" role="main">
|
||||
|
||||
<ul class="nav nav-tabs nav-tabs-pf" data-ng-show="!create">
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}">Settings</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/credentials">Credentials</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/installation">Installation</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/roles">Roles</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/claims">Claims</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/scope-mappings">Scope</a></li>
|
||||
<li class="active"><a href="#/realms/{{realm.realm}}/applications/{{application.name}}/sessions">Sessions</a></li>
|
||||
</ul>
|
||||
|
||||
<div id="content">
|
||||
<ol class="breadcrumb" data-ng-hide="create">
|
||||
<li><a href="#/realms/{{realm.realm}}">{{realm.realm}}</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
|
||||
<li><a href="#/realms/{{realm.realm}}/applications/{{application.name}}">{{application.name}}</a></li>
|
||||
<li class="active">Sessions</li>
|
||||
</ol>
|
||||
<h2 data-ng-hide="create"><span>{{application.name}}</span> Sessions (Placeholder Page)</h2>
|
||||
</div>
|
||||
</div>
|
|
@ -49,4 +49,6 @@ public interface ClientModel {
|
|||
boolean validateSecret(String secret);
|
||||
String getSecret();
|
||||
public void setSecret(String secret);
|
||||
|
||||
RealmModel getRealm();
|
||||
}
|
||||
|
|
|
@ -101,6 +101,8 @@ public interface RealmModel extends RoleContainerModel, RoleMapperModel, ScopeMa
|
|||
|
||||
boolean removeUser(String name);
|
||||
|
||||
RoleModel getRoleById(String id);
|
||||
|
||||
List<String> getDefaultRoles();
|
||||
|
||||
void addDefaultRole(String name);
|
||||
|
@ -182,4 +184,6 @@ public interface RealmModel extends RoleContainerModel, RoleMapperModel, ScopeMa
|
|||
int getNotBefore();
|
||||
|
||||
void setNotBefore(int notBefore);
|
||||
|
||||
boolean removeRoleById(String id);
|
||||
}
|
||||
|
|
|
@ -12,9 +12,8 @@ public interface RoleContainerModel {
|
|||
|
||||
RoleModel addRole(String name);
|
||||
|
||||
boolean removeRoleById(String id);
|
||||
boolean removeRole(RoleModel role);
|
||||
|
||||
Set<RoleModel> getRoles();
|
||||
|
||||
RoleModel getRoleById(String id);
|
||||
}
|
||||
|
|
|
@ -24,10 +24,9 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
|||
|
||||
protected EntityManager em;
|
||||
protected ApplicationEntity applicationEntity;
|
||||
protected RealmModel realm;
|
||||
|
||||
public ApplicationAdapter(RealmModel realm, EntityManager em, ApplicationEntity applicationEntity) {
|
||||
super(applicationEntity);
|
||||
super(realm, applicationEntity);
|
||||
this.realm = realm;
|
||||
this.em = em;
|
||||
this.applicationEntity = applicationEntity;
|
||||
|
@ -48,7 +47,6 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
|||
entity.setName(name);
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public boolean isSurrogateAuthRequired() {
|
||||
return applicationEntity.isSurrogateAuthRequired();
|
||||
|
@ -103,11 +101,14 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
|||
}
|
||||
|
||||
@Override
|
||||
public boolean removeRoleById(String id) {
|
||||
RoleAdapter roleAdapter = getRoleById(id);
|
||||
public boolean removeRole(RoleModel roleModel) {
|
||||
RoleAdapter roleAdapter = (RoleAdapter)roleModel;
|
||||
if (roleAdapter == null) {
|
||||
return false;
|
||||
}
|
||||
if (!roleAdapter.getContainer().equals(this)) return false;
|
||||
|
||||
if (!(roleAdapter.getRole() instanceof ApplicationRoleEntity)) return false;
|
||||
|
||||
ApplicationRoleEntity role = (ApplicationRoleEntity)roleAdapter.getRole();
|
||||
|
||||
|
@ -134,16 +135,6 @@ public class ApplicationAdapter extends ClientAdapter implements ApplicationMode
|
|||
return list;
|
||||
}
|
||||
|
||||
@Override
|
||||
public RoleAdapter getRoleById(String id) {
|
||||
RoleEntity entity = em.find(RoleEntity.class, id);
|
||||
|
||||
// Check if it's application role and belongs to this application
|
||||
if (entity == null || !(entity instanceof ApplicationRoleEntity)) return null;
|
||||
ApplicationRoleEntity appRoleEntity = (ApplicationRoleEntity)entity;
|
||||
return (appRoleEntity.getApplication().equals(this.entity)) ? new RoleAdapter(this.realm, em, appRoleEntity) : null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<RoleModel> getApplicationRoleMappings(UserModel user) {
|
||||
Set<RoleModel> roleMappings = realm.getRoleMappings(user);
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package org.keycloak.models.jpa;
|
||||
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.jpa.entities.ClientEntity;
|
||||
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
||||
|
||||
|
@ -13,8 +14,10 @@ import java.util.Set;
|
|||
*/
|
||||
public class ClientAdapter implements ClientModel {
|
||||
protected ClientEntity entity;
|
||||
protected RealmModel realm;
|
||||
|
||||
public ClientAdapter(ClientEntity entity) {
|
||||
public ClientAdapter(RealmModel realm, ClientEntity entity) {
|
||||
this.realm = realm;
|
||||
this.entity = entity;
|
||||
}
|
||||
|
||||
|
@ -22,75 +25,111 @@ public class ClientAdapter implements ClientModel {
|
|||
return entity;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getId() {
|
||||
return entity.getId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public RealmModel getRealm() {
|
||||
return realm;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getClientId() {
|
||||
return entity.getName();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return entity.isEnabled();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setEnabled(boolean enabled) {
|
||||
entity.setEnabled(enabled);
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getAllowedClaimsMask() {
|
||||
return entity.getAllowedClaimsMask();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setAllowedClaimsMask(long mask) {
|
||||
entity.setAllowedClaimsMask(mask);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getWebOrigins() {
|
||||
Set<String> result = new HashSet<String>();
|
||||
result.addAll(entity.getWebOrigins());
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setWebOrigins(Set<String> webOrigins) {
|
||||
entity.setWebOrigins(webOrigins);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addWebOrigin(String webOrigin) {
|
||||
entity.getWebOrigins().add(webOrigin);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeWebOrigin(String webOrigin) {
|
||||
entity.getWebOrigins().remove(webOrigin);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getRedirectUris() {
|
||||
Set<String> result = new HashSet<String>();
|
||||
result.addAll(entity.getRedirectUris());
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setRedirectUris(Set<String> redirectUris) {
|
||||
entity.setRedirectUris(redirectUris);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addRedirectUri(String redirectUri) {
|
||||
entity.getRedirectUris().add(redirectUri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void removeRedirectUri(String redirectUri) {
|
||||
entity.getRedirectUris().remove(redirectUri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getSecret() {
|
||||
return entity.getSecret();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setSecret(String secret) {
|
||||
entity.setSecret(secret);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean validateSecret(String secret) {
|
||||
return secret.equals(entity.getSecret());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object o) {
|
||||
if (this == o) return true;
|
||||
if (!this.getClass().equals(o.getClass())) return false;
|
||||
|
||||
ClientAdapter that = (ClientAdapter) o;
|
||||
return that.getId().equals(getId());
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
return entity.getId().hashCode();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package org.keycloak.models.jpa;
|
||||
|
||||
import org.keycloak.models.OAuthClientModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
||||
|
||||
|
@ -13,7 +14,9 @@ import java.util.Set;
|
|||
*/
|
||||
public class OAuthClientAdapter extends ClientAdapter implements OAuthClientModel {
|
||||
|
||||
public OAuthClientAdapter(OAuthClientEntity entity) {
|
||||
super(entity);
|
||||
public OAuthClientAdapter(RealmModel realm, OAuthClientEntity entity) {
|
||||
super(realm, entity);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -3,6 +3,7 @@ package org.keycloak.models.jpa;
|
|||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.RoleContainerModel;
|
||||
import org.keycloak.models.jpa.entities.ApplicationEntity;
|
||||
import org.keycloak.models.jpa.entities.ApplicationRoleEntity;
|
||||
import org.keycloak.models.jpa.entities.CredentialEntity;
|
||||
import org.keycloak.models.jpa.entities.OAuthClientEntity;
|
||||
import org.keycloak.models.jpa.entities.RealmEntity;
|
||||
|
@ -496,7 +497,7 @@ public class RealmAdapter implements RealmModel {
|
|||
if (application == null) return false;
|
||||
|
||||
for (RoleModel role : application.getRoles()) {
|
||||
application.removeRoleById(role.getId());
|
||||
application.removeRole(role);
|
||||
}
|
||||
|
||||
ApplicationEntity applicationEntity = null;
|
||||
|
@ -673,12 +674,14 @@ public class RealmAdapter implements RealmModel {
|
|||
data.setRealm(realm);
|
||||
em.persist(data);
|
||||
em.flush();
|
||||
return new OAuthClientAdapter(data);
|
||||
return new OAuthClientAdapter(this, data);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean removeOAuthClient(String id) {
|
||||
OAuthClientEntity client = em.find(OAuthClientEntity.class, id);
|
||||
OAuthClientModel oauth = getOAuthClientById(id);
|
||||
if (oauth == null) return false;
|
||||
OAuthClientEntity client = (OAuthClientEntity)((OAuthClientAdapter)oauth).getEntity();
|
||||
em.createQuery("delete from " + ScopeMappingEntity.class.getSimpleName() + " where client = :client").setParameter("client", client).executeUpdate();
|
||||
em.remove(client);
|
||||
return true;
|
||||
|
@ -692,7 +695,7 @@ public class RealmAdapter implements RealmModel {
|
|||
query.setParameter("realm", realm);
|
||||
List<OAuthClientEntity> entities = query.getResultList();
|
||||
if (entities.size() == 0) return null;
|
||||
return new OAuthClientAdapter(entities.get(0));
|
||||
return new OAuthClientAdapter(this, entities.get(0));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -700,8 +703,8 @@ public class RealmAdapter implements RealmModel {
|
|||
OAuthClientEntity client = em.find(OAuthClientEntity.class, id);
|
||||
|
||||
// Check if client belongs to this realm
|
||||
if (client == null || !this.realm.equals(client.getRealm())) return null;
|
||||
return new OAuthClientAdapter(client);
|
||||
if (client == null || !this.realm.getId().equals(client.getRealm().getId())) return null;
|
||||
return new OAuthClientAdapter(this, client);
|
||||
}
|
||||
|
||||
|
||||
|
@ -711,7 +714,7 @@ public class RealmAdapter implements RealmModel {
|
|||
query.setParameter("realm", realm);
|
||||
List<OAuthClientEntity> entities = query.getResultList();
|
||||
List<OAuthClientModel> list = new ArrayList<OAuthClientModel>();
|
||||
for (OAuthClientEntity entity : entities) list.add(new OAuthClientAdapter(entity));
|
||||
for (OAuthClientEntity entity : entities) list.add(new OAuthClientAdapter(this, entity));
|
||||
return list;
|
||||
}
|
||||
|
||||
|
@ -761,12 +764,12 @@ public class RealmAdapter implements RealmModel {
|
|||
}
|
||||
|
||||
@Override
|
||||
public boolean removeRoleById(String id) {
|
||||
RoleModel role = getRoleById(id);
|
||||
|
||||
public boolean removeRole(RoleModel role) {
|
||||
if (role == null) {
|
||||
return false;
|
||||
}
|
||||
if (!role.getContainer().equals(this)) return false;
|
||||
|
||||
RoleEntity roleEntity = ((RoleAdapter)role).getRole();
|
||||
realm.getRoles().remove(role);
|
||||
realm.getDefaultRoles().remove(role);
|
||||
|
@ -793,11 +796,22 @@ public class RealmAdapter implements RealmModel {
|
|||
@Override
|
||||
public RoleModel getRoleById(String id) {
|
||||
RoleEntity entity = em.find(RoleEntity.class, id);
|
||||
if (entity == null) return null;
|
||||
if (entity instanceof RealmRoleEntity) {
|
||||
RealmRoleEntity roleEntity = (RealmRoleEntity)entity;
|
||||
if (!roleEntity.getRealm().getId().equals(getId())) return null;
|
||||
} else {
|
||||
ApplicationRoleEntity roleEntity = (ApplicationRoleEntity)entity;
|
||||
if (!roleEntity.getApplication().getRealm().getId().equals(getId())) return null;
|
||||
}
|
||||
return new RoleAdapter(this, em, entity);
|
||||
}
|
||||
|
||||
// Check if it's realm role and belongs to this realm
|
||||
if (entity == null || !(entity instanceof RealmRoleEntity)) return null;
|
||||
RealmRoleEntity realmRoleEntity = (RealmRoleEntity)entity;
|
||||
return (realmRoleEntity.getRealm().equals(this.realm)) ? new RoleAdapter(this, em, realmRoleEntity) : null;
|
||||
@Override
|
||||
public boolean removeRoleById(String id) {
|
||||
RoleModel role = getRoleById(id);
|
||||
if (role == null) return false;
|
||||
return role.getContainer().removeRole(role);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -124,13 +124,13 @@ public class RoleAdapter implements RoleModel {
|
|||
|
||||
RoleAdapter that = (RoleAdapter) o;
|
||||
|
||||
if (!role.equals(that.role)) return false;
|
||||
if (!role.getId().equals(that.role.getId())) return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
return role.hashCode();
|
||||
return role.getId().hashCode();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,6 +4,7 @@ import com.mongodb.DBObject;
|
|||
import com.mongodb.QueryBuilder;
|
||||
import org.keycloak.models.ApplicationModel;
|
||||
import org.keycloak.models.ClientModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
||||
|
@ -24,10 +25,12 @@ import java.util.Set;
|
|||
public class ApplicationAdapter extends AbstractAdapter implements ApplicationModel {
|
||||
|
||||
private final ApplicationEntity application;
|
||||
private final RealmModel realm;
|
||||
|
||||
public ApplicationAdapter(ApplicationEntity applicationEntity, MongoStoreInvocationContext invContext) {
|
||||
public ApplicationAdapter(RealmModel realm, ApplicationEntity applicationEntity, MongoStoreInvocationContext invContext) {
|
||||
super(invContext);
|
||||
this.application = applicationEntity;
|
||||
this.realm = realm;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -55,6 +58,11 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
|||
application.setName(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public RealmModel getRealm() {
|
||||
return realm;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return application.isEnabled();
|
||||
|
@ -116,19 +124,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
|||
if (role == null) {
|
||||
return null;
|
||||
} else {
|
||||
return new RoleAdapter(role, invocationContext);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public RoleModel getRoleById(String id) {
|
||||
RoleEntity role = getMongoStore().loadEntity(RoleEntity.class, id, invocationContext);
|
||||
|
||||
// Check that role belongs to this application
|
||||
if (role == null || !getId().equals(role.getApplicationId())) {
|
||||
return null;
|
||||
} else {
|
||||
return new RoleAdapter(role, this, invocationContext);
|
||||
return new RoleAdapter(getRealm(), role, invocationContext);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -144,12 +140,12 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
|||
roleEntity.setApplicationId(getId());
|
||||
|
||||
getMongoStore().insertEntity(roleEntity, invocationContext);
|
||||
return new RoleAdapter(roleEntity, this, invocationContext);
|
||||
return new RoleAdapter(getRealm(), roleEntity, this, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean removeRoleById(String id) {
|
||||
return getMongoStore().removeEntity(RoleEntity.class, id, invocationContext);
|
||||
public boolean removeRole(RoleModel role) {
|
||||
return getMongoStore().removeEntity(RoleEntity.class, role.getId(), invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -161,7 +157,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
|||
|
||||
Set<RoleModel> result = new HashSet<RoleModel>();
|
||||
for (RoleEntity role : roles) {
|
||||
result.add(new RoleAdapter(role, this, invocationContext));
|
||||
result.add(new RoleAdapter(getRealm(), role, this, invocationContext));
|
||||
}
|
||||
|
||||
return result;
|
||||
|
@ -174,7 +170,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
|||
|
||||
for (RoleEntity role : roles) {
|
||||
if (getId().equals(role.getApplicationId())) {
|
||||
result.add(new RoleAdapter(role, this, invocationContext));
|
||||
result.add(new RoleAdapter(getRealm(), role, this, invocationContext));
|
||||
}
|
||||
}
|
||||
return result;
|
||||
|
@ -192,7 +188,7 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
|||
|
||||
for (RoleEntity role : roles) {
|
||||
if (getId().equals(role.getApplicationId())) {
|
||||
result.add(new RoleAdapter(role, this, invocationContext));
|
||||
result.add(new RoleAdapter(getRealm(), role, this, invocationContext));
|
||||
}
|
||||
}
|
||||
return result;
|
||||
|
@ -301,5 +297,21 @@ public class ApplicationAdapter extends AbstractAdapter implements ApplicationMo
|
|||
return secret.equals(application.getSecret());
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object o) {
|
||||
if (this == o) return true;
|
||||
if (!(o instanceof ApplicationAdapter)) return false;
|
||||
if (!super.equals(o)) return false;
|
||||
|
||||
ApplicationAdapter that = (ApplicationAdapter) o;
|
||||
|
||||
if (!application.getId().equals(that.application.getId())) return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
return application.getId().hashCode();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package org.keycloak.models.mongo.keycloak.adapters;
|
||||
|
||||
import org.keycloak.models.OAuthClientModel;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.UserModel;
|
||||
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
||||
import org.keycloak.models.mongo.api.context.MongoStoreInvocationContext;
|
||||
|
@ -18,10 +19,12 @@ import java.util.Set;
|
|||
public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientModel {
|
||||
|
||||
private final OAuthClientEntity delegate;
|
||||
private final RealmModel realm;
|
||||
|
||||
public OAuthClientAdapter(OAuthClientEntity oauthClientEntity, MongoStoreInvocationContext invContext) {
|
||||
public OAuthClientAdapter(RealmModel realm, OAuthClientEntity oauthClientEntity, MongoStoreInvocationContext invContext) {
|
||||
super(invContext);
|
||||
this.delegate = oauthClientEntity;
|
||||
this.realm = realm;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -34,6 +37,11 @@ public class OAuthClientAdapter extends AbstractAdapter implements OAuthClientMo
|
|||
return delegate.getName();
|
||||
}
|
||||
|
||||
@Override
|
||||
public RealmModel getRealm() {
|
||||
return realm;
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getAllowedClaimsMask() {
|
||||
return delegate.getAllowedClaimsMask();
|
||||
|
|
|
@ -413,7 +413,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
if (role == null) {
|
||||
return null;
|
||||
} else {
|
||||
return new RoleAdapter(role, this, invocationContext);
|
||||
return new RoleAdapter(this, role, this, invocationContext);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -431,7 +431,12 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
roleEntity.setRealmId(getId());
|
||||
|
||||
getMongoStore().insertEntity(roleEntity, invocationContext);
|
||||
return new RoleAdapter(roleEntity, this, invocationContext);
|
||||
return new RoleAdapter(this, roleEntity, this, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean removeRole(RoleModel role) {
|
||||
return removeRoleById(role.getId());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -450,7 +455,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
|
||||
if (roles == null) return result;
|
||||
for (RoleEntity role : roles) {
|
||||
result.add(new RoleAdapter(role, this, invocationContext));
|
||||
result.add(new RoleAdapter(this, role, this, invocationContext));
|
||||
}
|
||||
|
||||
return result;
|
||||
|
@ -459,11 +464,14 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
@Override
|
||||
public RoleModel getRoleById(String id) {
|
||||
RoleEntity role = getMongoStore().loadEntity(RoleEntity.class, id, invocationContext);
|
||||
if (role == null || !getId().equals(role.getRealmId())) {
|
||||
return null;
|
||||
if (role == null) return null;
|
||||
if (role.getRealmId() != null) {
|
||||
if (!role.getRealmId().equals(this.getId())) return null;
|
||||
} else {
|
||||
return new RoleAdapter(role, this, invocationContext);
|
||||
ApplicationModel app = getApplicationById(role.getApplicationId());
|
||||
if (app == null) return null;
|
||||
}
|
||||
return new RoleAdapter(this, role, null, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -514,7 +522,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
return null;
|
||||
}
|
||||
|
||||
return new ApplicationAdapter(appData, invocationContext);
|
||||
return new ApplicationAdapter(this, appData, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -524,7 +532,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
.and("name").is(name)
|
||||
.get();
|
||||
ApplicationEntity appEntity = getMongoStore().loadSingleEntity(ApplicationEntity.class, query, invocationContext);
|
||||
return appEntity==null ? null : new ApplicationAdapter(appEntity, invocationContext);
|
||||
return appEntity==null ? null : new ApplicationAdapter(this, appEntity, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -545,7 +553,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
|
||||
List<ApplicationModel> result = new ArrayList<ApplicationModel>();
|
||||
for (ApplicationEntity appData : appDatas) {
|
||||
result.add(new ApplicationAdapter(appData, invocationContext));
|
||||
result.add(new ApplicationAdapter(this, appData, invocationContext));
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
@ -558,7 +566,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
appData.setEnabled(true);
|
||||
getMongoStore().insertEntity(appData, invocationContext);
|
||||
|
||||
return new ApplicationAdapter(appData, invocationContext);
|
||||
return new ApplicationAdapter(this, appData, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -590,10 +598,10 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
|
||||
for (RoleEntity role : roles) {
|
||||
if (getId().equals(role.getRealmId())) {
|
||||
result.add(new RoleAdapter(role, this, invocationContext));
|
||||
result.add(new RoleAdapter(this, role, this, invocationContext));
|
||||
} else {
|
||||
// Likely applicationRole, but we don't have this application yet
|
||||
result.add(new RoleAdapter(role, invocationContext));
|
||||
result.add(new RoleAdapter(this, role, invocationContext));
|
||||
}
|
||||
}
|
||||
return result;
|
||||
|
@ -630,10 +638,10 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
|
||||
for (RoleEntity role : roles) {
|
||||
if (getId().equals(role.getRealmId())) {
|
||||
result.add(new RoleAdapter(role, this, invocationContext));
|
||||
result.add(new RoleAdapter(this, role, this, invocationContext));
|
||||
} else {
|
||||
// Likely applicationRole, but we don't have this application yet
|
||||
result.add(new RoleAdapter(role, invocationContext));
|
||||
result.add(new RoleAdapter(this, role, invocationContext));
|
||||
}
|
||||
}
|
||||
return result;
|
||||
|
@ -684,7 +692,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
oauthClient.setName(name);
|
||||
getMongoStore().insertEntity(oauthClient, invocationContext);
|
||||
|
||||
return new OAuthClientAdapter(oauthClient, invocationContext);
|
||||
return new OAuthClientAdapter(this, oauthClient, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -699,7 +707,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
.and("name").is(name)
|
||||
.get();
|
||||
OAuthClientEntity oauthClient = getMongoStore().loadSingleEntity(OAuthClientEntity.class, query, invocationContext);
|
||||
return oauthClient == null ? null : new OAuthClientAdapter(oauthClient, invocationContext);
|
||||
return oauthClient == null ? null : new OAuthClientAdapter(this, oauthClient, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -709,7 +717,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
// Check if client belongs to this realm
|
||||
if (clientEntity == null || !getId().equals(clientEntity.getRealmId())) return null;
|
||||
|
||||
return new OAuthClientAdapter(clientEntity, invocationContext);
|
||||
return new OAuthClientAdapter(this, clientEntity, invocationContext);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -720,7 +728,7 @@ public class RealmAdapter extends AbstractAdapter implements RealmModel {
|
|||
List<OAuthClientEntity> results = getMongoStore().loadEntities(OAuthClientEntity.class, query, invocationContext);
|
||||
List<OAuthClientModel> list = new ArrayList<OAuthClientModel>();
|
||||
for (OAuthClientEntity data : results) {
|
||||
list.add(new OAuthClientAdapter(data, invocationContext));
|
||||
list.add(new OAuthClientAdapter(this, data, invocationContext));
|
||||
}
|
||||
return list;
|
||||
}
|
||||
|
|
31
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RoleAdapter.java
Normal file → Executable file
31
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RoleAdapter.java
Normal file → Executable file
|
@ -7,6 +7,7 @@ import java.util.Set;
|
|||
|
||||
import com.mongodb.DBObject;
|
||||
import com.mongodb.QueryBuilder;
|
||||
import org.keycloak.models.RealmModel;
|
||||
import org.keycloak.models.RoleContainerModel;
|
||||
import org.keycloak.models.RoleModel;
|
||||
import org.keycloak.models.mongo.api.AbstractMongoIdentifiableEntity;
|
||||
|
@ -26,15 +27,17 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
|||
|
||||
private final RoleEntity role;
|
||||
private RoleContainerModel roleContainer;
|
||||
private RealmModel realm;
|
||||
|
||||
public RoleAdapter(RoleEntity roleEntity, MongoStoreInvocationContext invContext) {
|
||||
this(roleEntity, null, invContext);
|
||||
public RoleAdapter(RealmModel realm, RoleEntity roleEntity, MongoStoreInvocationContext invContext) {
|
||||
this(realm, roleEntity, null, invContext);
|
||||
}
|
||||
|
||||
public RoleAdapter(RoleEntity roleEntity, RoleContainerModel roleContainer, MongoStoreInvocationContext invContext) {
|
||||
public RoleAdapter(RealmModel realm, RoleEntity roleEntity, RoleContainerModel roleContainer, MongoStoreInvocationContext invContext) {
|
||||
super(invContext);
|
||||
this.role = roleEntity;
|
||||
this.roleContainer = roleContainer;
|
||||
this.realm = realm;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -96,7 +99,7 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
|||
|
||||
Set<RoleModel> set = new HashSet<RoleModel>();
|
||||
for (RoleEntity childRole : childRoles) {
|
||||
set.add(new RoleAdapter(childRole, invocationContext));
|
||||
set.add(new RoleAdapter(realm, childRole, invocationContext));
|
||||
}
|
||||
return set;
|
||||
}
|
||||
|
@ -116,7 +119,7 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
|||
if (appEntity == null) {
|
||||
throw new IllegalStateException("Application with id: " + role.getApplicationId() + " doesn't exists");
|
||||
}
|
||||
roleContainer = new ApplicationAdapter(appEntity, invocationContext);
|
||||
roleContainer = new ApplicationAdapter(realm, appEntity, invocationContext);
|
||||
} else {
|
||||
throw new IllegalStateException("Both realmId and applicationId are null for role: " + this);
|
||||
}
|
||||
|
@ -141,4 +144,22 @@ public class RoleAdapter extends AbstractAdapter implements RoleModel {
|
|||
public AbstractMongoIdentifiableEntity getMongoEntity() {
|
||||
return role;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object o) {
|
||||
if (this == o) return true;
|
||||
if (o == null || getClass() != o.getClass()) return false;
|
||||
|
||||
RoleAdapter that = (RoleAdapter) o;
|
||||
|
||||
if (!role.getId().equals(that.role.getId())) return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
return role.getId().hashCode();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -241,8 +241,8 @@ public class AdapterTest extends AbstractModelTest {
|
|||
Assert.assertFalse(realmModel.removeRoleById(realmRole.getId()));
|
||||
Assert.assertNull(realmModel.getRole(realmRole.getName()));
|
||||
|
||||
Assert.assertTrue(app.removeRoleById(appRole.getId()));
|
||||
Assert.assertFalse(app.removeRoleById(appRole.getId()));
|
||||
Assert.assertTrue(realmModel.removeRoleById(appRole.getId()));
|
||||
Assert.assertFalse(realmModel.removeRoleById(appRole.getId()));
|
||||
Assert.assertNull(app.getRole(appRole.getName()));
|
||||
}
|
||||
|
||||
|
@ -431,13 +431,9 @@ public class AdapterTest extends AbstractModelTest {
|
|||
Set<RoleModel> appRoles = application.getRoles();
|
||||
Assert.assertEquals(2, appRoles.size());
|
||||
RoleModel appBarRole = application.getRole("bar");
|
||||
Assert.assertNotNull(appBarRole);
|
||||
|
||||
// This should return null because it's realmRole
|
||||
Assert.assertNull(application.getRoleById(realmUserRole.getId()));
|
||||
|
||||
// This should return null because appBarRole is application role
|
||||
Assert.assertNull(realmModel.getRoleById(appBarRole.getId()));
|
||||
found = application.getRoleById(appBarRole.getId());
|
||||
found = realmModel.getRoleById(appBarRole.getId());
|
||||
Assert.assertNotNull(found);
|
||||
assertRolesEquals(found, appBarRole);
|
||||
|
||||
|
|
11
model/tests/src/test/java/org/keycloak/model/test/MultipleRealmsTest.java
Normal file → Executable file
11
model/tests/src/test/java/org/keycloak/model/test/MultipleRealmsTest.java
Normal file → Executable file
|
@ -75,20 +75,11 @@ public class MultipleRealmsTest extends AbstractModelTest {
|
|||
Assert.assertEquals(r2cl1.getId(), realm2.getOAuthClientById(r2cl1.getId()).getId());
|
||||
|
||||
RoleModel r1App1Role = r1app1.getRole("app1Role1");
|
||||
Assert.assertNull(realm1.getRoleById(r1App1Role.getId()));
|
||||
Assert.assertNull(realm2.getRoleById(r1App1Role.getId()));
|
||||
Assert.assertEquals(r1App1Role, r1app1.getRoleById(r1App1Role.getId()));
|
||||
Assert.assertNull(r1app2.getRoleById(r1App1Role.getId()));
|
||||
Assert.assertNull(r2app1.getRoleById(r1App1Role.getId()));
|
||||
Assert.assertNull(r2app2.getRoleById(r1App1Role.getId()));
|
||||
Assert.assertEquals(r1App1Role, realm1.getRoleById(r1App1Role.getId()));
|
||||
|
||||
RoleModel r2Role1 = realm2.getRole("role2");
|
||||
Assert.assertNull(realm1.getRoleById(r2Role1.getId()));
|
||||
Assert.assertEquals(r2Role1, realm2.getRoleById(r2Role1.getId()));
|
||||
Assert.assertNull(r1app1.getRoleById(r2Role1.getId()));
|
||||
Assert.assertNull(r1app2.getRoleById(r2Role1.getId()));
|
||||
Assert.assertNull(r2app1.getRoleById(r2Role1.getId()));
|
||||
Assert.assertNull(r2app2.getRoleById(r2Role1.getId()));
|
||||
}
|
||||
|
||||
private void createObjects(RealmModel realm) {
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package org.keycloak.services.resources.admin;
|
||||
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.logging.Logger;
|
||||
import org.keycloak.models.ApplicationModel;
|
||||
import org.keycloak.models.Constants;
|
||||
import org.keycloak.models.OAuthClientModel;
|
||||
|
@ -28,6 +29,7 @@ import java.util.Set;
|
|||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class RoleByIdResource extends RoleResource {
|
||||
protected static final Logger logger = Logger.getLogger(RoleByIdResource.class);
|
||||
private final RealmModel realm;
|
||||
private final RealmAuth auth;
|
||||
|
||||
|
@ -101,6 +103,8 @@ public class RoleByIdResource extends RoleResource {
|
|||
@NoCache
|
||||
@Produces("application/json")
|
||||
public Set<RoleRepresentation> getRoleComposites(final @PathParam("role-id") String id) {
|
||||
|
||||
logger.info("*** getRoleComposites: '" + id + "'");
|
||||
RoleModel role = getRoleModel(id);
|
||||
auth.requireView();
|
||||
return getRoleComposites(role);
|
||||
|
|
|
@ -28,7 +28,7 @@ public abstract class RoleResource {
|
|||
}
|
||||
|
||||
protected void deleteRole(RoleModel role) {
|
||||
if (!role.getContainer().removeRoleById(role.getId())) {
|
||||
if (!role.getContainer().removeRole(role)) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -173,7 +173,7 @@ public class ScopeMappedResource {
|
|||
}
|
||||
|
||||
for (RoleRepresentation role : roles) {
|
||||
RoleModel roleModel = app.getRoleById(role.getId());
|
||||
RoleModel roleModel = app.getRole(role.getName());
|
||||
if (roleModel == null) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
@ -202,7 +202,7 @@ public class ScopeMappedResource {
|
|||
|
||||
} else {
|
||||
for (RoleRepresentation role : roles) {
|
||||
RoleModel roleModel = app.getRoleById(role.getId());
|
||||
RoleModel roleModel = app.getRole(role.getName());
|
||||
if (roleModel == null) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
|
|
|
@ -281,8 +281,8 @@ public class UsersResource {
|
|||
}
|
||||
|
||||
for (RoleRepresentation role : roles) {
|
||||
RoleModel roleModel = realm.getRoleById(role.getId());
|
||||
if (roleModel == null) {
|
||||
RoleModel roleModel = realm.getRole(role.getName());
|
||||
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
realm.grantRole(user, roleModel);
|
||||
|
@ -311,8 +311,8 @@ public class UsersResource {
|
|||
|
||||
} else {
|
||||
for (RoleRepresentation role : roles) {
|
||||
RoleModel roleModel = realm.getRoleById(role.getId());
|
||||
if (roleModel == null) {
|
||||
RoleModel roleModel = realm.getRole(role.getName());
|
||||
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
realm.deleteRoleMapping(user, roleModel);
|
||||
|
@ -368,8 +368,8 @@ public class UsersResource {
|
|||
}
|
||||
|
||||
for (RoleRepresentation role : roles) {
|
||||
RoleModel roleModel = application.getRoleById(role.getId());
|
||||
if (roleModel == null) {
|
||||
RoleModel roleModel = application.getRole(role.getName());
|
||||
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
realm.grantRole(user, roleModel);
|
||||
|
@ -406,8 +406,8 @@ public class UsersResource {
|
|||
|
||||
} else {
|
||||
for (RoleRepresentation role : roles) {
|
||||
RoleModel roleModel = application.getRoleById(role.getId());
|
||||
if (roleModel == null) {
|
||||
RoleModel roleModel = application.getRole(role.getName());
|
||||
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
|
||||
throw new NotFoundException();
|
||||
}
|
||||
realm.deleteRoleMapping(user, roleModel);
|
||||
|
|
Loading…
Reference in a new issue