keycloak-memoizeit
Changes
model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ApplicationAdapter.java 57(+51 -6)
Details
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ApplicationAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ApplicationAdapter.java
index 72dd3d6..49bcd31 100644
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ApplicationAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ApplicationAdapter.java
@@ -130,6 +130,28 @@ public class ApplicationAdapter implements ApplicationModel {
}
@Override
+ public boolean hasRole(UserModel user, String role) {
+ RoleModel roleModel = getRole(role);
+ return hasRole(user, roleModel);
+ }
+
+ @Override
+ public boolean hasRole(UserModel user, RoleModel role) {
+ UserData userData = ((UserAdapter)user).getUser();
+
+ List<String> roleIds = userData.getRoleIds();
+ String roleId = role.getId();
+ if (roleIds != null) {
+ for (String currentId : roleIds) {
+ if (roleId.equals(currentId)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ @Override
public RoleAdapter addRole(String name) {
if (getRole(name) != null) {
throw new IllegalArgumentException("Role " + name + " already exists");
@@ -218,16 +240,26 @@ public class ApplicationAdapter implements ApplicationModel {
}
@Override
- public Set<String> getScopeMapping(UserModel agent) {
- UserData userData = ((UserAdapter)agent).getUser();
- List<String> scopeIds = userData.getScopeIds();
+ public void deleteScopeMapping(UserModel user, RoleModel role) {
+ UserData userData = ((UserAdapter)user).getUser();
+ noSQL.pullItemFromList(userData, "scopeIds", role.getId());
+ }
- Set<String> result = new HashSet<String>();
+ // Static so that it can be used from RealmAdapter as well
+ static List<RoleData> getAllScopesOfUser(UserModel user, NoSQL noSQL) {
+ UserData userData = ((UserAdapter)user).getUser();
+ List<String> roleIds = userData.getScopeIds();
NoSQLQuery query = noSQL.createQueryBuilder()
- .inCondition("_id", scopeIds)
+ .inCondition("_id", roleIds)
.build();
- List<RoleData> roles = noSQL.loadObjects(RoleData.class, query);
+ return noSQL.loadObjects(RoleData.class, query);
+ }
+
+ @Override
+ public Set<String> getScopeMappingValues(UserModel agent) {
+ Set<String> result = new HashSet<String>();
+ List<RoleData> roles = getAllScopesOfUser(agent, noSQL);
// TODO: Maybe improve as currently we need to obtain all roles and then filter programmatically...
for (RoleData role : roles) {
if (getId().equals(role.getApplicationId())) {
@@ -236,4 +268,17 @@ public class ApplicationAdapter implements ApplicationModel {
}
return result;
}
+
+ @Override
+ public List<RoleModel> getScopeMappings(UserModel agent) {
+ List<RoleModel> result = new ArrayList<RoleModel>();
+ List<RoleData> roles = getAllScopesOfUser(agent, noSQL);
+ // TODO: Maybe improve as currently we need to obtain all roles and then filter programmatically...
+ for (RoleData role : roles) {
+ if (getId().equals(role.getApplicationId())) {
+ result.add(new RoleAdapter(role, noSQL));
+ }
+ }
+ return result;
+ }
}
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/OAuthClientAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/OAuthClientAdapter.java
index d79b0a1..34f455e 100644
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/OAuthClientAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/OAuthClientAdapter.java
@@ -4,6 +4,7 @@ import org.keycloak.models.OAuthClientModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.mongo.api.NoSQL;
import org.keycloak.models.mongo.keycloak.data.OAuthClientData;
+import org.keycloak.models.mongo.keycloak.data.UserData;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
@@ -11,7 +12,7 @@ import org.keycloak.models.mongo.keycloak.data.OAuthClientData;
public class OAuthClientAdapter implements OAuthClientModel {
private final OAuthClientData delegate;
- private final UserAdapter oauthAgent;
+ private UserAdapter oauthAgent;
private final NoSQL noSQL;
public OAuthClientAdapter(OAuthClientData oauthClientData, UserAdapter oauthAgent, NoSQL noSQL) {
@@ -20,6 +21,11 @@ public class OAuthClientAdapter implements OAuthClientModel {
this.noSQL = noSQL;
}
+ public OAuthClientAdapter(OAuthClientData oauthClientData, NoSQL noSQL) {
+ this.delegate = oauthClientData;
+ this.noSQL = noSQL;
+ }
+
@Override
public String getId() {
return delegate.getId();
@@ -27,6 +33,11 @@ public class OAuthClientAdapter implements OAuthClientModel {
@Override
public UserModel getOAuthAgent() {
+ // This is not thread-safe. Assumption is that OAuthClientAdapter instance is per-client object
+ if (oauthAgent == null) {
+ UserData user = noSQL.loadObject(UserData.class, delegate.getOauthAgentId());
+ oauthAgent = user!=null ? new UserAdapter(user, noSQL) : null;
+ }
return oauthAgent;
}
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
index 73fcf3a..837f985 100644
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
@@ -513,16 +513,27 @@ public class RealmAdapter implements RealmModel {
@Override
public void addScopeMapping(UserModel agent, String roleName) {
- UserData userData = ((UserAdapter)agent).getUser();
RoleAdapter role = getRole(roleName);
if (role == null) {
throw new RuntimeException("Role not found");
}
+ addScopeMapping(agent, role);
+ }
+
+ @Override
+ public void addScopeMapping(UserModel agent, RoleModel role) {
+ UserData userData = ((UserAdapter)agent).getUser();
noSQL.pushItemToList(userData, "scopeIds", role.getId());
}
@Override
+ public void deleteScopeMapping(UserModel user, RoleModel role) {
+ UserData userData = ((UserAdapter)user).getUser();
+ noSQL.pullItemFromList(userData, "scopeIds", role.getId());
+ }
+
+ @Override
public OAuthClientModel addOAuthClient(String name) {
UserAdapter oauthAgent = addUser(name);
@@ -547,16 +558,35 @@ public class RealmAdapter implements RealmModel {
}
@Override
- public Set<String> getScopeMapping(UserModel agent) {
- UserData userData = ((UserAdapter)agent).getUser();
- List<String> scopeIds = userData.getScopeIds();
-
- Set<String> result = new HashSet<String>();
-
+ public List<OAuthClientModel> getOAuthClients() {
NoSQLQuery query = noSQL.createQueryBuilder()
- .inCondition("_id", scopeIds)
+ .andCondition("realmId", getOid())
.build();
- List<RoleData> roles = noSQL.loadObjects(RoleData.class, query);
+ List<OAuthClientData> results = noSQL.loadObjects(OAuthClientData.class, query);
+ List<OAuthClientModel> list = new ArrayList<OAuthClientModel>();
+ for (OAuthClientData data : results) {
+ list.add(new OAuthClientAdapter(data, noSQL));
+ }
+ return list;
+ }
+
+ @Override
+ public List<RoleModel> getScopeMappings(UserModel agent) {
+ List<RoleModel> result = new ArrayList<RoleModel>();
+ List<RoleData> roles = ApplicationAdapter.getAllScopesOfUser(agent, noSQL);
+ // TODO: Maybe improve as currently we need to obtain all roles and then filter programmatically...
+ for (RoleData role : roles) {
+ if (getOid().equals(role.getRealmId())) {
+ result.add(new RoleAdapter(role, noSQL));
+ }
+ }
+ return result;
+ }
+
+ @Override
+ public Set<String> getScopeMappingValues(UserModel agent) {
+ Set<String> result = new HashSet<String>();
+ List<RoleData> roles = ApplicationAdapter.getAllScopesOfUser(agent, noSQL);
// TODO: Maybe improve as currently we need to obtain all roles and then filter programmatically...
for (RoleData role : roles) {
if (getOid().equals(role.getRealmId())) {
diff --git a/testsuite/performance/src/test/java/org/keycloak/testsuite/performance/ReadUsersWorker.java b/testsuite/performance/src/test/java/org/keycloak/testsuite/performance/ReadUsersWorker.java
index 30bab60..416cd60 100644
--- a/testsuite/performance/src/test/java/org/keycloak/testsuite/performance/ReadUsersWorker.java
+++ b/testsuite/performance/src/test/java/org/keycloak/testsuite/performance/ReadUsersWorker.java
@@ -95,7 +95,7 @@ public class ReadUsersWorker implements Worker {
// Read scopes of user in realm
if (readScopes) {
- realm.getScopeMapping(user);
+ realm.getScopeMappings(user);
}
// Validate password (shoould be same as username)