Prosoft Git

keycloak-uncached

KEYCLOAK-2408 KEYCLOAK-2330

2/1/2016 7:35:00 PM
Bill Burke

Bill Burke

Commit: 37cf335

Tree: 24ad079

Parents: 9bc5a45

Changes

services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java 8(+8 -0)

services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java 14(+7 -7)

Details

services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java 8(+8 -0) 

diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java
index 8dddacd..79d996f 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupResource.java
@@ -19,6 +19,7 @@ package org.keycloak.services.resources.admin;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
+import org.keycloak.events.admin.OperationType;
 import org.keycloak.models.GroupModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
@@ -88,14 +89,18 @@ public class GroupResource {
     @PUT
     @Consumes(MediaType.APPLICATION_JSON)
     public void updateGroup(GroupRepresentation rep) {
+        this.auth.requireManage();
         updateGroup(rep, group);
+        adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
 
 
     }
 
     @DELETE
     public void deleteGroup() {
+        this.auth.requireManage();
         realm.removeGroup(group);
+        adminEvent.operation(OperationType.DELETE).resourcePath(uriInfo).success();
     }
 
 
@@ -111,6 +116,7 @@ public class GroupResource {
     @Produces(MediaType.APPLICATION_JSON)
     @Consumes(MediaType.APPLICATION_JSON)
     public Response addChild(GroupRepresentation rep) {
+        this.auth.requireManage();
         Response.ResponseBuilder builder = Response.status(204);
         GroupModel child = null;
         if (rep.getId() != null) {
@@ -118,6 +124,7 @@ public class GroupResource {
             if (child == null) {
                 throw new NotFoundException("Could not find child by id");
             }
+            adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(rep).success();
         } else {
             child = realm.createGroup(rep.getName());
             updateGroup(rep, child);
@@ -125,6 +132,7 @@ public class GroupResource {
                                            .path(uriInfo.getMatchedURIs().get(1))
                                            .path(child.getId()).build();
             builder.status(201).location(uri);
+            adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
 
         }
         realm.moveGroup(child, group);

services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java 14(+7 -7) 

diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
index cc48796..2c8bf62 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
@@ -19,6 +19,7 @@ package org.keycloak.services.resources.admin;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
+import org.keycloak.events.admin.OperationType;
 import org.keycloak.models.GroupModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
@@ -53,17 +54,12 @@ public class GroupsResource {
         this.session = session;
         this.auth = auth;
         this.adminEvent = adminEvent;
+        auth.init(RealmAuth.Resource.USER);
+
     }
 
     @Context private UriInfo uriInfo;
 
-    public GroupsResource(RealmAuth auth, RealmModel realm, KeycloakSession session, AdminEventBuilder adminEvent) {
-        this.realm = realm;
-        this.session = session;
-        this.auth = auth;
-        this.adminEvent = adminEvent;
-    }
-
     /**
      * Get group hierarchy.  Only name and ids are returned.
      *
@@ -85,6 +81,7 @@ public class GroupsResource {
      */
     @Path("{id}")
     public GroupResource getGroupById(@PathParam("id") String id) {
+        this.auth.requireView();
         GroupModel group = realm.getGroupById(id);
         if (group == null) {
             throw new NotFoundException("Could not find group by id");
@@ -104,6 +101,7 @@ public class GroupsResource {
     @POST
     @Consumes(MediaType.APPLICATION_JSON)
     public Response addTopLevelGroup(GroupRepresentation rep) {
+        this.auth.requireManage();
         GroupModel child = null;
         Response.ResponseBuilder builder = Response.status(204);
         if (rep.getId() != null) {
@@ -111,12 +109,14 @@ public class GroupsResource {
             if (child == null) {
                 throw new NotFoundException("Could not find child by id");
             }
+            adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
         } else {
             child = realm.createGroup(rep.getName());
             GroupResource.updateGroup(rep, child);
             URI uri = uriInfo.getAbsolutePathBuilder()
                     .path(child.getId()).build();
             builder.status(201).location(uri);
+            adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo).representation(rep).success();
         }
         realm.moveGroup(child, null);
         return builder.build();

Bonobo Git Server (6.3.0.632) © 2015 Jakub Chodounský · Official Page · Github