Remove effective roles filtering to avoid inconsistency (#28099)
* Changed effective roles filtering method Signed-off-by: Andreas Blaettlinger <bln1imb@bosch.com> * Adjusted remaining endpoints Signed-off-by: Andreas Blaettlinger <bln1imb@bosch.com> --------- Signed-off-by: Andreas Blaettlinger <bln1imb@bosch.com>
This commit is contained in:
parent
a918eb1e30
commit
f4178bfa26
1 changed files with 5 additions and 7 deletions
|
@ -60,7 +60,7 @@ public class EffectiveRoleMappingResource extends RoleMappingResource {
|
|||
this.auth.clients().requireView(clientScope);
|
||||
return toSortedClientRoles(
|
||||
addSubClientRoles(clientScope.getScopeMappingsStream())
|
||||
.filter(auth.roles()::canMapClientScope));
|
||||
);
|
||||
}
|
||||
|
||||
@GET
|
||||
|
@ -90,7 +90,7 @@ public class EffectiveRoleMappingResource extends RoleMappingResource {
|
|||
auth.clients().requireView(client);
|
||||
return toSortedClientRoles(
|
||||
addSubClientRoles(client.getScopeMappingsStream())
|
||||
.filter(auth.roles()::canMapRole));
|
||||
);
|
||||
}
|
||||
|
||||
@GET
|
||||
|
@ -120,7 +120,7 @@ public class EffectiveRoleMappingResource extends RoleMappingResource {
|
|||
auth.groups().requireView(group);
|
||||
return toSortedClientRoles(
|
||||
addSubClientRoles(addParents(group).flatMap(GroupModel::getRoleMappingsStream))
|
||||
.filter(auth.roles()::canMapRole));
|
||||
);
|
||||
}
|
||||
|
||||
@GET
|
||||
|
@ -154,7 +154,7 @@ public class EffectiveRoleMappingResource extends RoleMappingResource {
|
|||
user.getGroupsStream()
|
||||
.flatMap(g -> addParents(g))
|
||||
.flatMap(GroupModel::getRoleMappingsStream)))
|
||||
.filter(auth.roles()::canMapRole));
|
||||
);
|
||||
}
|
||||
|
||||
@GET
|
||||
|
@ -179,9 +179,7 @@ public class EffectiveRoleMappingResource extends RoleMappingResource {
|
|||
auth.roles().requireList(realm);
|
||||
final RoleModel defaultRole = this.realm.getDefaultRole();
|
||||
//this definitely does not return what the descriptions says
|
||||
return toSortedClientRoles(
|
||||
addSubClientRoles(Stream.of(defaultRole))
|
||||
.filter(auth.roles()::canMapRole));
|
||||
return toSortedClientRoles(addSubClientRoles(Stream.of(defaultRole)));
|
||||
}
|
||||
|
||||
private Stream<RoleModel> addSubClientRoles(Stream<RoleModel> roles) {
|
||||
|
|
Loading…
Reference in a new issue