keycloak-aplcache
Changes
integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientTemplatesResource.java 2(+1 -1)
Details
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientTemplatesResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientTemplatesResource.java
index 19addd7..2f3f9a7 100755
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientTemplatesResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientTemplatesResource.java
@@ -36,7 +36,7 @@ import java.util.List;
public interface ClientTemplatesResource {
@Path("{id}")
- public ClientTemplatesResource get(@PathParam("id") String id);
+ public ClientTemplateResource get(@PathParam("id") String id);
@POST
@Consumes(MediaType.APPLICATION_JSON)
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmCacheSession.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmCacheSession.java
index b4ed669..2a3880d 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmCacheSession.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/RealmCacheSession.java
@@ -220,6 +220,11 @@ public class RealmCacheSession implements CacheRealmProvider {
group.invalidate();
continue;
}
+ ClientTemplateAdapter clientTemplate = managedClientTemplates.get(id);
+ if (clientTemplate != null) {
+ clientTemplate.invalidate();
+ continue;
+ }
}
diff --git a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/stream/HasRolePredicate.java b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/stream/HasRolePredicate.java
index 13f1165..e0de8e7 100755
--- a/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/stream/HasRolePredicate.java
+++ b/model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/stream/HasRolePredicate.java
@@ -1,6 +1,7 @@
package org.keycloak.models.cache.infinispan.stream;
import org.keycloak.models.cache.infinispan.entities.CachedClient;
+import org.keycloak.models.cache.infinispan.entities.CachedClientTemplate;
import org.keycloak.models.cache.infinispan.entities.CachedGroup;
import org.keycloak.models.cache.infinispan.entities.CachedRole;
import org.keycloak.models.cache.infinispan.entities.Revisioned;
@@ -47,6 +48,11 @@ public class HasRolePredicate implements Predicate<Map.Entry<String, Revisioned>
if (cachedClient.getScope().contains(role)) return true;
}
+ if (value instanceof CachedClientTemplate) {
+ CachedClientTemplate cachedClientTemplate = (CachedClientTemplate)value;
+ if (cachedClientTemplate.getScope().contains(role)) return true;
+
+ }
return false;
}
}
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientTemplateTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientTemplateTest.java
new file mode 100644
index 0000000..8124695
--- /dev/null
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/ClientTemplateTest.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2016 Red Hat, Inc. and/or its affiliates
+ * and other contributors as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.keycloak.testsuite.admin.client;
+
+import java.util.Collections;
+import java.util.List;
+
+import javax.ws.rs.core.Response;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.keycloak.representations.idm.ClientTemplateRepresentation;
+import org.keycloak.representations.idm.RoleRepresentation;
+import org.keycloak.testsuite.admin.ApiUtil;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class ClientTemplateTest extends AbstractClientTest {
+
+
+ // KEYCLOAK-2809
+ @Test
+ public void testRemove() {
+ // Add realm role
+ RoleRepresentation roleRep = new RoleRepresentation();
+ roleRep.setName("foo-role");
+ testRealmResource().roles().create(roleRep);
+ roleRep = testRealmResource().roles().get("foo-role").toRepresentation();
+
+ // Add client template
+ ClientTemplateRepresentation templateRep = new ClientTemplateRepresentation();
+ templateRep.setName("bar-template");
+ templateRep.setFullScopeAllowed(false);
+ Response resp = testRealmResource().clientTemplates().create(templateRep);
+ resp.close();
+ String clientTemplateId = ApiUtil.getCreatedId(resp);
+
+ // Add realm role to scopes of clientTemplate
+ testRealmResource().clientTemplates().get(clientTemplateId).getScopeMappings().realmLevel().add(Collections.singletonList(roleRep));
+
+ List<RoleRepresentation> roleReps = testRealmResource().clientTemplates().get(clientTemplateId).getScopeMappings().realmLevel().listAll();
+ Assert.assertEquals(1, roleReps.size());
+ Assert.assertEquals("foo-role", roleReps.get(0).getName());
+
+ // Remove realm role
+ testRealmResource().roles().deleteRole("foo-role");
+
+ // Get scope mappings
+ roleReps = testRealmResource().clientTemplates().get(clientTemplateId).getScopeMappings().realmLevel().listAll();
+ Assert.assertEquals(0, roleReps.size());
+ }
+
+}