diff --git a/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProvider.java b/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProvider.java index 426c464ef8..1e0ebee2a9 100644 --- a/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProvider.java +++ b/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProvider.java @@ -42,16 +42,21 @@ public class JpaOrganizationProvider implements OrganizationProvider { private final EntityManager em; private final GroupProvider groupProvider; private final UserProvider userProvider; + private final RealmModel realm; public JpaOrganizationProvider(KeycloakSession session) { em = session.getProvider(JpaConnectionProvider.class).getEntityManager(); groupProvider = session.groups(); userProvider = session.users(); + realm = session.getContext().getRealm(); + if (realm == null) { + throw new IllegalArgumentException("Session not bound to a realm"); + } } @Override - public OrganizationModel createOrganization(RealmModel realm, String name) { - GroupModel group = createOrganizationGroup(realm, name); + public OrganizationModel create(String name) { + GroupModel group = createOrganizationGroup(name); OrganizationEntity entity = new OrganizationEntity(); entity.setId(KeycloakModelUtils.generateId()); @@ -65,14 +70,14 @@ public class JpaOrganizationProvider implements OrganizationProvider { } @Override - public boolean removeOrganization(RealmModel realm, OrganizationModel organization) { - GroupModel group = getOrganizationGroup(realm, organization); + public boolean remove(OrganizationModel organization) { + GroupModel group = getOrganizationGroup(organization); //TODO: won't scale, requires a better mechanism for bulk deleting users userProvider.getGroupMembersStream(realm, group).forEach(userModel -> userProvider.removeUser(realm, userModel)); groupProvider.removeGroup(realm, group); - OrganizationAdapter adapter = getAdapter(realm, organization.getId()); + OrganizationAdapter adapter = getAdapter(organization.getId()); em.remove(adapter.getEntity()); @@ -80,18 +85,18 @@ public class JpaOrganizationProvider implements OrganizationProvider { } @Override - public void removeOrganizations(RealmModel realm) { + public void removeAll() { //TODO: won't scale, requires a better mechanism for bulk deleting organizations within a realm - getOrganizationsStream(realm).forEach(organization -> removeOrganization(realm, organization)); + getAllStream().forEach(this::remove); } @Override - public boolean addOrganizationMember(RealmModel realm, OrganizationModel organization, UserModel user) { + public boolean addMember(OrganizationModel organization, UserModel user) { throwExceptionIfOrganizationIsNull(organization); if (user == null) { throw new ModelException("User can not be null"); } - OrganizationAdapter adapter = getAdapter(realm, organization.getId()); + OrganizationAdapter adapter = getAdapter(organization.getId()); GroupModel group = groupProvider.getGroupById(realm, adapter.getGroupId()); if (user.isMemberOf(group)) { @@ -109,13 +114,12 @@ public class JpaOrganizationProvider implements OrganizationProvider { } @Override - public OrganizationModel getOrganizationById(RealmModel realm, String id) { - return getAdapter(realm, id, false); + public OrganizationModel getById(String id) { + return getAdapter(id, false); } @Override - public Stream getOrganizationsStream(RealmModel realm) { - throwExceptionIfRealmIsNull(realm); + public Stream getAllStream() { TypedQuery query = em.createNamedQuery("getByRealm", OrganizationEntity.class); query.setParameter("realmId", realm.getId()); @@ -124,17 +128,16 @@ public class JpaOrganizationProvider implements OrganizationProvider { } @Override - public Stream getMembersStream(RealmModel realm, OrganizationModel organization) { + public Stream getMembersStream(OrganizationModel organization) { throwExceptionIfOrganizationIsNull(organization); - OrganizationAdapter adapter = getAdapter(realm, organization.getId()); - GroupModel group = getOrganizationGroup(realm, adapter); + OrganizationAdapter adapter = getAdapter(organization.getId()); + GroupModel group = getOrganizationGroup(adapter); return userProvider.getGroupMembersStream(realm, group); } @Override - public UserModel getMemberById(RealmModel realm, OrganizationModel organization, String id) { - throwExceptionIfRealmIsNull(realm); + public UserModel getMemberById(OrganizationModel organization, String id) { throwExceptionIfOrganizationIsNull(organization); UserModel user = userProvider.getUserById(realm, id); @@ -152,8 +155,7 @@ public class JpaOrganizationProvider implements OrganizationProvider { } @Override - public OrganizationModel getOrganizationByMember(RealmModel realm, UserModel member) { - throwExceptionIfRealmIsNull(realm); + public OrganizationModel getByMember(UserModel member) { if (member == null) { throw new ModelException("User can not be null"); } @@ -164,7 +166,7 @@ public class JpaOrganizationProvider implements OrganizationProvider { return null; } - return getOrganizationById(realm, orgId); + return getById(orgId); } @Override @@ -172,12 +174,11 @@ public class JpaOrganizationProvider implements OrganizationProvider { } - private OrganizationAdapter getAdapter(RealmModel realm, String id) { - return getAdapter(realm, id, true); + private OrganizationAdapter getAdapter(String id) { + return getAdapter(id, true); } - private OrganizationAdapter getAdapter(RealmModel realm, String id, boolean failIfNotFound) { - throwExceptionIfRealmIsNull(realm); + private OrganizationAdapter getAdapter(String id, boolean failIfNotFound) { OrganizationEntity entity = em.find(OrganizationEntity.class, id); if (entity == null) { @@ -194,8 +195,7 @@ public class JpaOrganizationProvider implements OrganizationProvider { return new OrganizationAdapter(realm, entity); } - private GroupModel createOrganizationGroup(RealmModel realm, String name) { - throwExceptionIfRealmIsNull(realm); + private GroupModel createOrganizationGroup(String name) { if (name == null) { throw new ModelException("name can not be null"); } @@ -214,9 +214,9 @@ public class JpaOrganizationProvider implements OrganizationProvider { return "kc.org." + name; } - private GroupModel getOrganizationGroup(RealmModel realm, OrganizationModel organization) { + private GroupModel getOrganizationGroup(OrganizationModel organization) { throwExceptionIfOrganizationIsNull(organization); - OrganizationAdapter adapter = getAdapter(realm, organization.getId()); + OrganizationAdapter adapter = getAdapter(organization.getId()); GroupModel group = groupProvider.getGroupById(realm, adapter.getGroupId()); @@ -232,10 +232,4 @@ public class JpaOrganizationProvider implements OrganizationProvider { throw new ModelException("organization can not be null"); } } - - private void throwExceptionIfRealmIsNull(RealmModel realm) { - if (realm == null) { - throw new ModelException("realm can not be null"); - } - } } diff --git a/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProviderFactory.java b/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProviderFactory.java index ff0e014339..310db293a0 100644 --- a/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProviderFactory.java +++ b/model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProviderFactory.java @@ -57,8 +57,7 @@ public class JpaOrganizationProviderFactory implements OrganizationProviderFacto if (event instanceof RealmRemovedEvent) { KeycloakSession session = ((RealmRemovedEvent) event).getKeycloakSession(); OrganizationProvider provider = session.getProvider(OrganizationProvider.class); - RealmModel realm = ((RealmRemovedEvent) event).getRealm(); - provider.removeOrganizations(realm); + provider.removeAll(); } } } diff --git a/model/jpa/src/main/java/org/keycloak/organization/jpa/OrganizationAdapter.java b/model/jpa/src/main/java/org/keycloak/organization/jpa/OrganizationAdapter.java index b761212965..731f5a4f3e 100644 --- a/model/jpa/src/main/java/org/keycloak/organization/jpa/OrganizationAdapter.java +++ b/model/jpa/src/main/java/org/keycloak/organization/jpa/OrganizationAdapter.java @@ -37,8 +37,7 @@ public final class OrganizationAdapter implements OrganizationModel, JpaModel getOrganizationsStream(RealmModel realm); + Stream getAllStream(); /** * Returns the members of a given {@code organization}. * - * @param realm the realm * @param organization the organization * @return the organization with the given {@code id} */ - Stream getMembersStream(RealmModel realm, OrganizationModel organization); + Stream getMembersStream(OrganizationModel organization); /** * Returns the member of an {@code organization} by its {@code id}. * - * @param realm the realm * @param organization the organization * @param id the member id * @return the organization with the given {@code id} */ - UserModel getMemberById(RealmModel realm, OrganizationModel organization, String id); + UserModel getMemberById(OrganizationModel organization, String id); /** * Returns the {@link OrganizationModel} that a {@code member} belongs to. * - * @param realm the realm * @param member the member of a organization * @return the organization the {@code member} belongs to */ - OrganizationModel getOrganizationByMember(RealmModel realm, UserModel member); + OrganizationModel getByMember(UserModel member); } diff --git a/server-spi/src/main/java/org/keycloak/models/OrganizationModel.java b/server-spi/src/main/java/org/keycloak/models/OrganizationModel.java index 0b21885b07..a58b2a6aab 100644 --- a/server-spi/src/main/java/org/keycloak/models/OrganizationModel.java +++ b/server-spi/src/main/java/org/keycloak/models/OrganizationModel.java @@ -26,6 +26,4 @@ public interface OrganizationModel { void setName(String name); String getName(); - - RealmModel getRealm(); } diff --git a/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationMemberResource.java b/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationMemberResource.java index 6c34d9d1a0..6c0814c185 100644 --- a/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationMemberResource.java +++ b/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationMemberResource.java @@ -94,7 +94,7 @@ public class OrganizationMemberResource { OrganizationProvider provider = session.getProvider(OrganizationProvider.class); try { - if (provider.addOrganizationMember(realm, organization, member)) { + if (provider.addMember(organization, member)) { return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(member.getId()).build()).build(); } } catch (ModelException me) { @@ -110,7 +110,7 @@ public class OrganizationMemberResource { @GET @Produces(MediaType.APPLICATION_JSON) public Stream getMembers() { - return provider.getMembersStream(realm, organization).map(this::toRepresentation); + return provider.getMembersStream(organization).map(this::toRepresentation); } @Path("{id}") @@ -152,7 +152,7 @@ public class OrganizationMemberResource { } UserModel member = getMember(id); - OrganizationModel organization = provider.getOrganizationByMember(realm, member); + OrganizationModel organization = provider.getByMember(member); OrganizationRepresentation rep = new OrganizationRepresentation(); rep.setId(organization.getId()); @@ -161,7 +161,7 @@ public class OrganizationMemberResource { } private UserModel getMember(String id) { - UserModel member = provider.getMemberById(realm, organization, id); + UserModel member = provider.getMemberById(organization, id); if (member == null) { throw new NotFoundException(); diff --git a/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationResource.java b/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationResource.java index 0b132bf4e9..25ed0af745 100644 --- a/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationResource.java +++ b/services/src/main/java/org/keycloak/organization/admin/resource/OrganizationResource.java @@ -34,7 +34,6 @@ import jakarta.ws.rs.core.Response; import jakarta.ws.rs.ext.Provider; import org.keycloak.models.KeycloakSession; import org.keycloak.models.OrganizationModel; -import org.keycloak.models.RealmModel; import org.keycloak.organization.OrganizationProvider; import org.keycloak.representations.idm.OrganizationRepresentation; import org.keycloak.services.resources.admin.AdminEventBuilder; @@ -68,8 +67,7 @@ public class OrganizationResource { throw new BadRequestException(); } - RealmModel realm = session.getContext().getRealm(); - OrganizationModel model = provider.createOrganization(realm, organization.getName()); + OrganizationModel model = provider.create(organization.getName()); return Response.created(session.getContext().getUri().getAbsolutePathBuilder().path(model.getId()).build()).build(); } @@ -77,7 +75,7 @@ public class OrganizationResource { @GET @Produces(MediaType.APPLICATION_JSON) public Stream get() { - return provider.getOrganizationsStream(session.getContext().getRealm()).map(this::toRepresentation); + return provider.getAllStream().map(this::toRepresentation); } @Path("{id}") @@ -88,7 +86,7 @@ public class OrganizationResource { throw new BadRequestException(); } - return toRepresentation(getOrganization(session.getContext().getRealm(), id)); + return toRepresentation(getOrganization(id)); } @Path("{id}") @@ -98,8 +96,7 @@ public class OrganizationResource { throw new BadRequestException(); } - RealmModel realm = session.getContext().getRealm(); - provider.removeOrganization(realm, getOrganization(realm, id)); + provider.remove(getOrganization(id)); return Response.noContent().build(); } @@ -108,8 +105,7 @@ public class OrganizationResource { @PUT @Consumes(MediaType.APPLICATION_JSON) public Response update(@PathParam("id") String id, OrganizationRepresentation organization) { - RealmModel realm = session.getContext().getRealm(); - OrganizationModel model = getOrganization(realm, id); + OrganizationModel model = getOrganization(id); toModel(organization, model); @@ -118,18 +114,16 @@ public class OrganizationResource { @Path("{id}/members") public OrganizationMemberResource members(@PathParam("id") String id) { - RealmModel realm = session.getContext().getRealm(); - OrganizationModel model = getOrganization(realm, id); - - return new OrganizationMemberResource(session, model, auth, adminEvent); + OrganizationModel organization = getOrganization(id); + return new OrganizationMemberResource(session, organization, auth, adminEvent); } - private OrganizationModel getOrganization(RealmModel realm, String id) { + private OrganizationModel getOrganization(String id) { if (id == null) { throw new BadRequestException(); } - OrganizationModel model = provider.getOrganizationById(realm, id); + OrganizationModel model = provider.getById(id); if (model == null) { throw new NotFoundException(); diff --git a/services/src/main/java/org/keycloak/protocol/oidc/mappers/OrganizationMembershipMapper.java b/services/src/main/java/org/keycloak/protocol/oidc/mappers/OrganizationMembershipMapper.java index ffeeb0e0d5..7dd21991ec 100644 --- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/OrganizationMembershipMapper.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/OrganizationMembershipMapper.java @@ -28,7 +28,6 @@ import org.keycloak.models.ClientSessionContext; import org.keycloak.models.KeycloakSession; import org.keycloak.models.OrganizationModel; import org.keycloak.models.ProtocolMapperModel; -import org.keycloak.models.RealmModel; import org.keycloak.models.UserModel; import org.keycloak.models.UserSessionModel; import org.keycloak.organization.OrganizationProvider; @@ -70,11 +69,9 @@ public class OrganizationMembershipMapper extends AbstractOIDCProtocolMapper imp @Override protected void setClaim(IDToken token, ProtocolMapperModel mappingModel, UserSessionModel userSession, KeycloakSession keycloakSession, ClientSessionContext clientSessionCtx) { - - RealmModel realm = keycloakSession.getContext().getRealm(); UserModel user = userSession.getUser(); OrganizationProvider organizationProvider = keycloakSession.getProvider(OrganizationProvider.class); - OrganizationModel organization = organizationProvider.getOrganizationByMember(realm, user); + OrganizationModel organization = organizationProvider.getByMember(user); if (organization != null) { Map> claim = new HashMap<>();