Details
diff --git a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java
index 8c1ae9f..47b4db4 100755
--- a/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java
+++ b/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ClientsResource.java
@@ -25,6 +25,7 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.List;
@@ -45,6 +46,10 @@ public interface ClientsResource {
@Produces(MediaType.APPLICATION_JSON)
public List<ClientRepresentation> findAll();
+ @GET
+ @Produces(MediaType.APPLICATION_JSON)
+ public List<ClientRepresentation> findByClientId(@QueryParam("clientId") String clientId);
+
}
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java b/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java
index adde0e4..8e126e5 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/ClientAdapter.java
@@ -627,26 +627,7 @@ public class ClientAdapter implements ClientModel, JpaModel<ClientEntity> {
@Override
public boolean removeRole(RoleModel roleModel) {
- if (roleModel == null) {
- return false;
- }
- if (!roleModel.getContainer().equals(this)) return false;
-
- session.users().preRemove(getRealm(), roleModel);
- RoleEntity role = RoleAdapter.toRoleEntity(roleModel, em);
- if (!role.isClientRole()) return false;
-
- entity.getDefaultRoles().remove(role);
- String compositeRoleTable = JpaUtils.getTableNameForNativeQuery("COMPOSITE_ROLE", em);
- em.createNativeQuery("delete from " + compositeRoleTable + " where CHILD_ROLE = :role").setParameter("role", role).executeUpdate();
- em.createNamedQuery("deleteScopeMappingByRole").setParameter("role", role).executeUpdate();
- em.createNamedQuery("deleteTemplateScopeMappingByRole").setParameter("role", role).executeUpdate();
- role.setClient(null);
- em.flush();
- em.remove(role);
- em.flush();
-
- return true;
+ return session.realms().removeRole(realm, roleModel);
}
@Override
diff --git a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaRealmProvider.java b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaRealmProvider.java
index 8ed10be..58b45fe 100755
--- a/model/jpa/src/main/java/org/keycloak/models/jpa/JpaRealmProvider.java
+++ b/model/jpa/src/main/java/org/keycloak/models/jpa/JpaRealmProvider.java
@@ -261,7 +261,7 @@ public class JpaRealmProvider implements RealmProvider {
em.createNativeQuery("delete from " + compositeRoleTable + " where CHILD_ROLE = :role").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteScopeMappingByRole").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteTemplateScopeMappingByRole").setParameter("role", roleEntity).executeUpdate();
- em.createNamedQuery("deleteGroupRoleMappingsByRole").setParameter("roleId", roleEntity.getId()).executeUpdate();
+ int val = em.createNamedQuery("deleteGroupRoleMappingsByRole").setParameter("roleId", roleEntity.getId()).executeUpdate();
em.remove(roleEntity);
em.flush();
diff --git a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java
index ff18fdf..f4983f9 100755
--- a/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java
+++ b/model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/ClientAdapter.java
@@ -583,8 +583,7 @@ public class ClientAdapter extends AbstractMongoAdapter<MongoClientEntity> imple
@Override
public boolean removeRole(RoleModel role) {
- session.users().preRemove(getRealm(), role);
- return getMongoStore().removeEntity(MongoRoleEntity.class, role.getId(), invocationContext);
+ return session.realms().removeRole(realm, role);
}
@Override
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
index 6dd5046..981e752 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
@@ -36,6 +36,7 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@@ -71,26 +72,36 @@ public class ClientsResource {
* Get clients belonging to the realm
*
* Returns a list of clients belonging to the realm
+ *
+ * @param clientId filter by clientId
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
- public List<ClientRepresentation> getClients() {
+ public List<ClientRepresentation> getClients(@QueryParam("clientId") String clientId) {
auth.requireAny();
List<ClientRepresentation> rep = new ArrayList<>();
- List<ClientModel> clientModels = realm.getClients();
-
- boolean view = auth.hasView();
- for (ClientModel clientModel : clientModels) {
- if (view) {
- rep.add(ModelToRepresentation.toRepresentation(clientModel));
- } else {
- ClientRepresentation client = new ClientRepresentation();
- client.setId(clientModel.getId());
- client.setClientId(clientModel.getClientId());
- client.setDescription(clientModel.getDescription());
- rep.add(client);
+
+ if (clientId == null) {
+ List<ClientModel> clientModels = realm.getClients();
+
+ boolean view = auth.hasView();
+ for (ClientModel clientModel : clientModels) {
+ if (view) {
+ rep.add(ModelToRepresentation.toRepresentation(clientModel));
+ } else {
+ ClientRepresentation client = new ClientRepresentation();
+ client.setId(clientModel.getId());
+ client.setClientId(clientModel.getClientId());
+ client.setDescription(clientModel.getDescription());
+ rep.add(client);
+ }
+ }
+ } else {
+ ClientModel client = realm.getClientByClientId(clientId);
+ if (client != null) {
+ rep.add(ModelToRepresentation.toRepresentation(client));
}
}
return rep;
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/GroupTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/GroupTest.java
index 7cc900b..572b52b 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/model/GroupTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/model/GroupTest.java
@@ -36,6 +36,7 @@ import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.RefreshToken;
+import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.GroupRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
@@ -95,6 +96,35 @@ public class GroupTest {
@WebResource
protected OAuthClient oauth;
+ /**
+ * KEYCLOAK-2716
+ * @throws Exception
+ */
+ @Test
+ public void testClientRemoveWithClientRoleGroupMapping() throws Exception {
+ RealmResource realm = keycloak.realms().realm("test");
+ ClientRepresentation client = new ClientRepresentation();
+ client.setClientId("foo");
+ client.setRootUrl("http://foo");
+ client.setProtocol("openid-connect");
+ Response response = realm.clients().create(client);
+ response.close();
+ client = realm.clients().findByClientId("foo").get(0);
+ RoleRepresentation role = new RoleRepresentation();
+ role.setName("foo-role");
+ realm.clients().get(client.getId()).roles().create(role);
+ role = realm.clients().get(client.getId()).roles().get("foo-role").toRepresentation();
+ GroupRepresentation group = new GroupRepresentation();
+ group.setName("2716");
+ realm.groups().add(group).close();
+ group = realm.getGroupByPath("/2716");
+ List<RoleRepresentation> list = new LinkedList<>();
+ list.add(role);
+ realm.groups().group(group.getId()).roles().clientLevel(client.getId()).add(list);
+ realm.clients().get(client.getId()).remove();
+
+ }
+
@Test
public void createAndTestGroups() throws Exception {
RealmResource realm = keycloak.realms().realm("test");
