diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
index ad7feec..0d7c890 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@@ -173,7 +173,7 @@ public class UsersResource {
}
}
- updateUserFromRep(user, rep, attrsToRemove, realm, session);
+ updateUserFromRep(user, rep, attrsToRemove, realm, session, true);
adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
if (session.getTransaction().isActive()) {
@@ -212,7 +212,7 @@ public class UsersResource {
try {
UserModel user = session.users().addUser(realm, rep.getUsername());
Set<String> emptySet = Collections.emptySet();
- updateUserFromRep(user, rep, emptySet, realm, session);
+ updateUserFromRep(user, rep, emptySet, realm, session, false);
adminEvent.operation(OperationType.CREATE).resourcePath(uriInfo, user.getId()).representation(rep).success();
@@ -229,7 +229,7 @@ public class UsersResource {
}
}
- public static void updateUserFromRep(UserModel user, UserRepresentation rep, Set<String> attrsToRemove, RealmModel realm, KeycloakSession session) {
+ public static void updateUserFromRep(UserModel user, UserRepresentation rep, Set<String> attrsToRemove, RealmModel realm, KeycloakSession session, boolean removeMissingRequiredActions) {
if (rep.getUsername() != null && realm.isEditUsernameAllowed()) {
user.setUsername(rep.getUsername());
}
@@ -251,7 +251,7 @@ public class UsersResource {
for (String action : allActions) {
if (reqActions.contains(action)) {
user.addRequiredAction(action);
- } else {
+ } else if (removeMissingRequiredActions) {
user.removeRequiredAction(action);
}
}
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/UserTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/UserTest.java
index b38b362..8919fb2 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/UserTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/admin/UserTest.java
@@ -42,6 +42,7 @@ import javax.ws.rs.core.UriBuilder;
import java.io.IOException;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
@@ -81,6 +82,7 @@ public class UserTest extends AbstractClientTest {
UserRepresentation user = new UserRepresentation();
user.setUsername(username);
user.setEmail(email);
+ user.setRequiredActions(Collections.<String>emptyList());
user.setEnabled(true);
Response response = realm.users().create(user);
@@ -663,6 +665,27 @@ public class UserTest extends AbstractClientTest {
}
}
+ @Test
+ public void testDefaultRequiredActionAdded() {
+ // Add UPDATE_PASSWORD as default required action
+ RequiredActionProviderRepresentation updatePasswordReqAction = realm.flows().getRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString());
+ updatePasswordReqAction.setDefaultAction(true);
+ realm.flows().updateRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString(), updatePasswordReqAction);
+
+ // Create user
+ String userId = createUser("user1", "user1@localhost");
+
+ UserRepresentation userRep = realm.users().get(userId).toRepresentation();
+ Assert.assertEquals(1, userRep.getRequiredActions().size());
+ Assert.assertEquals(UserModel.RequiredAction.UPDATE_PASSWORD.toString(), userRep.getRequiredActions().get(0));
+
+ // Remove UPDATE_PASSWORD default action
+ updatePasswordReqAction = realm.flows().getRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString());
+ updatePasswordReqAction.setDefaultAction(true);
+ realm.flows().updateRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString(), updatePasswordReqAction);
+ }
+
+
private void switchEditUsernameAllowedOn() {
RealmRepresentation rep = realm.toRepresentation();
rep.setEditUsernameAllowed(true);
