Skip to content

Commit

Permalink
group mongo
Browse files Browse the repository at this point in the history
  • Loading branch information
@patriot1burke
patriot1burke committed Nov 18, 2015
1 parent 4133111 commit 4f00f6c
Show file tree
Hide file tree
Showing 14 changed files with 311 additions and 11 deletions.
1 change: 1 addition & 0 deletions ...o/src/main/java/org/keycloak/connections/mongo/DefaultMongoConnectionFactoryProvider.java
View file
Expand Up @@ -35,6 +35,7 @@ public class DefaultMongoConnectionFactoryProvider implements MongoConnectionPro
"org.keycloak.models.mongo.keycloak.entities.MongoRealmEntity", "org.keycloak.models.mongo.keycloak.entities.MongoRealmEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoUserEntity", "org.keycloak.models.mongo.keycloak.entities.MongoUserEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoRoleEntity", "org.keycloak.models.mongo.keycloak.entities.MongoRoleEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoGroupEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoClientEntity", "org.keycloak.models.mongo.keycloak.entities.MongoClientEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoUserConsentEntity", "org.keycloak.models.mongo.keycloak.entities.MongoUserConsentEntity",
"org.keycloak.models.mongo.keycloak.entities.MongoMigrationModelEntity", "org.keycloak.models.mongo.keycloak.entities.MongoMigrationModelEntity",
Expand Down
1 change: 1 addition & 0 deletions model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserProvider.java
View file
Expand Up @@ -97,6 +97,7 @@ public boolean removeUser(RealmModel realm, UserModel user) {
private void removeUser(UserEntity user) { private void removeUser(UserEntity user) {
String id = user.getId(); String id = user.getId();
em.createNamedQuery("deleteUserRoleMappingsByUser").setParameter("user", user).executeUpdate(); em.createNamedQuery("deleteUserRoleMappingsByUser").setParameter("user", user).executeUpdate();
em.createNamedQuery("deleteUserGroupMembershipsByUser").setParameter("user", user).executeUpdate();
em.createNamedQuery("deleteFederatedIdentityByUser").setParameter("user", user).executeUpdate(); em.createNamedQuery("deleteFederatedIdentityByUser").setParameter("user", user).executeUpdate();
em.createNamedQuery("deleteUserConsentRolesByUser").setParameter("user", user).executeUpdate(); em.createNamedQuery("deleteUserConsentRolesByUser").setParameter("user", user).executeUpdate();
em.createNamedQuery("deleteUserConsentProtMappersByUser").setParameter("user", user).executeUpdate(); em.createNamedQuery("deleteUserConsentProtMappersByUser").setParameter("user", user).executeUpdate();
Expand Down
1 change: 1 addition & 0 deletions model/jpa/src/main/java/org/keycloak/models/jpa/RealmAdapter.java
View file
Expand Up @@ -1000,6 +1000,7 @@ public boolean removeRole(RoleModel role) {
String compositeRoleTable = JpaUtils.getTableNameForNativeQuery("COMPOSITE_ROLE", em); String compositeRoleTable = JpaUtils.getTableNameForNativeQuery("COMPOSITE_ROLE", em);
em.createNativeQuery("delete from " + compositeRoleTable + " where CHILD_ROLE = :role").setParameter("role", roleEntity).executeUpdate(); em.createNativeQuery("delete from " + compositeRoleTable + " where CHILD_ROLE = :role").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteScopeMappingByRole").setParameter("role", roleEntity).executeUpdate(); em.createNamedQuery("deleteScopeMappingByRole").setParameter("role", roleEntity).executeUpdate();
em.createNamedQuery("deleteGroupRoleMappingsByRole").setParameter("roleId", roleEntity.getId()).executeUpdate();


em.remove(roleEntity); em.remove(roleEntity);


Expand Down
30 changes: 23 additions & 7 deletions model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/GroupAdapter.java
View file
Expand Up @@ -6,6 +6,7 @@
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.models.GroupModel; import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession; import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ModelException;
import org.keycloak.models.RealmModel; import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleContainerModel; import org.keycloak.models.RoleContainerModel;
import org.keycloak.models.RoleModel; import org.keycloak.models.RoleModel;
Expand All @@ -20,6 +21,7 @@
import java.util.Collections; import java.util.Collections;
import java.util.HashMap; import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
Expand Down Expand Up @@ -146,7 +148,11 @@ public Set<RoleModel> getRoleMappings() {
if (group.getRoleIds() == null || group.getRoleIds().isEmpty()) return Collections.EMPTY_SET; if (group.getRoleIds() == null || group.getRoleIds().isEmpty()) return Collections.EMPTY_SET;
Set<RoleModel> roles = new HashSet<>(); Set<RoleModel> roles = new HashSet<>();
for (String id : group.getRoleIds()) { for (String id : group.getRoleIds()) {
roles.add(realm.getRoleById(id)); RoleModel roleById = realm.getRoleById(id);
if (roleById == null) {
throw new ModelException("role does not exist in group role mappings");
}
roles.add(roleById);
} }
return roles; return roles;
} }
Expand Down Expand Up @@ -198,18 +204,28 @@ public String getParentId() {


@Override @Override
public Set<GroupModel> getSubGroups() { public Set<GroupModel> getSubGroups() {
DBObject query = new QueryBuilder()
.and("realmId").is(realm.getId())
.and("parentId").is(getId())
.get();
List<MongoGroupEntity> groups = getMongoStore().loadEntities(MongoGroupEntity.class, query, invocationContext);

Set<GroupModel> subGroups = new HashSet<>(); Set<GroupModel> subGroups = new HashSet<>();
for (GroupModel groupModel : realm.getGroups()) {
if (groupModel.getParent().equals(this)) { if (groups == null) return subGroups;
subGroups.add(groupModel); for (MongoGroupEntity group : groups) {
} subGroups.add(realm.getGroupById(group.getId()));
} }

return subGroups; return subGroups;
} }


@Override @Override
public void setParent(GroupModel group) { public void setParent(GroupModel parent) {
this.group.setParentId(group.getId()); if (parent == null) group.setParentId(null);
else {
group.setParentId(parent.getId());
}
updateGroup(); updateGroup();


} }
Expand Down
4 changes: 2 additions & 2 deletions model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/adapters/RealmAdapter.java
View file
Expand Up @@ -660,7 +660,7 @@ public List<GroupModel> getGroups() {


if (groups == null) return result; if (groups == null) return result;
for (MongoGroupEntity group : groups) { for (MongoGroupEntity group : groups) {
result.add(new GroupAdapter(session, this, group, invocationContext)); result.add(model.getGroupById(group.getId(), this));
} }


return result; return result;
Expand All @@ -672,7 +672,7 @@ public List<GroupModel> getTopLevelGroups() {
Iterator<GroupModel> it = all.iterator(); Iterator<GroupModel> it = all.iterator();
while (it.hasNext()) { while (it.hasNext()) {
GroupModel group = it.next(); GroupModel group = it.next();
if (group.getParent() != null) { if (group.getParentId() != null) {
it.remove(); it.remove();
} }
} }
Expand Down
4 changes: 4 additions & 0 deletions model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/entities/MongoRealmEntity.java
View file
Expand Up @@ -19,6 +19,10 @@ public void afterRemove(MongoStoreInvocationContext context) {
.and("realmId").is(getId()) .and("realmId").is(getId())
.get(); .get();


// Remove all roles of this realm
context.getMongoStore().removeEntities(MongoGroupEntity.class, query, true, context);


// Remove all roles of this realm // Remove all roles of this realm
context.getMongoStore().removeEntities(MongoRoleEntity.class, query, true, context); context.getMongoStore().removeEntities(MongoRoleEntity.class, query, true, context);


Expand Down
12 changes: 12 additions & 0 deletions model/mongo/src/main/java/org/keycloak/models/mongo/keycloak/entities/MongoRoleEntity.java
View file
Expand Up @@ -41,6 +41,18 @@ public void setNameIndex(String ignored) {
public void afterRemove(MongoStoreInvocationContext invContext) { public void afterRemove(MongoStoreInvocationContext invContext) {
MongoStore mongoStore = invContext.getMongoStore(); MongoStore mongoStore = invContext.getMongoStore();


{
DBObject query = new QueryBuilder()
.and("roleIds").is(getId())
.get();

List<MongoGroupEntity> groups = mongoStore.loadEntities(MongoGroupEntity.class, query, invContext);
for (MongoGroupEntity group : groups) {
mongoStore.pullItemFromList(group, "roleIds", getId(), invContext);
}

}

// Remove this scope from all clients, which has it // Remove this scope from all clients, which has it
DBObject query = new QueryBuilder() DBObject query = new QueryBuilder()
.and("scopeIds").is(getId()) .and("scopeIds").is(getId())
Expand Down
5 changes: 3 additions & 2 deletions ...suite/integration/src/test/java/org/keycloak/testsuite/exportimport/ExportImportTest.java
View file
Expand Up @@ -163,8 +163,9 @@ public void testDirRealmExportImport() throws Throwable {


testRealmExportImport(); testRealmExportImport();


// There should be 3 files in target directory (1 realm, 2 user, 1 version) // There should be 3 files in target directory (1 realm, 3 user, 1 version)
Assert.assertEquals(4, new File(targetDirPath).listFiles().length); File[] files = new File(targetDirPath).listFiles();
Assert.assertEquals(5, files.length);
} }


@Test @Test
Expand Down
44 changes: 44 additions & 0 deletions testsuite/jetty/jetty81/src/test/resources/keycloak-saml/testsaml.json
View file
Expand Up @@ -40,6 +40,30 @@
{ "type" : "password", { "type" : "password",
"value" : "password" } "value" : "password" }
] ]
},
{
"username" : "topGroupUser",
"enabled": true,
"email" : "top@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top"
]
},
{
"username" : "level2GroupUser",
"enabled": true,
"email" : "level2@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top/level2"
]
} }
], ],
"applications": [ "applications": [
Expand Down Expand Up @@ -347,6 +371,26 @@
} }
} }
], ],
"groups" : [
{
"name": "top",
"attributes": {
"topAttribute": ["true"]

},
"realmRoles": ["manager"],
"subGroups": [
{
"name": "level2",
"realmRoles": ["user"],
"attributes": {
"level2Attribute": ["true"]

}
}
]
}
],
"roles" : { "roles" : {
"realm" : [ "realm" : [
{ {
Expand Down
44 changes: 44 additions & 0 deletions testsuite/jetty/jetty91/src/test/resources/keycloak-saml/testsaml.json
View file
Expand Up @@ -40,6 +40,30 @@
{ "type" : "password", { "type" : "password",
"value" : "password" } "value" : "password" }
] ]
},
{
"username" : "topGroupUser",
"enabled": true,
"email" : "top@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top"
]
},
{
"username" : "level2GroupUser",
"enabled": true,
"email" : "level2@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top/level2"
]
} }
], ],
"applications": [ "applications": [
Expand Down Expand Up @@ -347,6 +371,26 @@
} }
} }
], ],
"groups" : [
{
"name": "top",
"attributes": {
"topAttribute": ["true"]

},
"realmRoles": ["manager"],
"subGroups": [
{
"name": "level2",
"realmRoles": ["user"],
"attributes": {
"level2Attribute": ["true"]

}
}
]
}
],
"roles" : { "roles" : {
"realm" : [ "realm" : [
{ {
Expand Down
44 changes: 44 additions & 0 deletions testsuite/jetty/jetty92/src/test/resources/keycloak-saml/testsaml.json
View file
Expand Up @@ -40,6 +40,30 @@
{ "type" : "password", { "type" : "password",
"value" : "password" } "value" : "password" }
] ]
},
{
"username" : "topGroupUser",
"enabled": true,
"email" : "top@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top"
]
},
{
"username" : "level2GroupUser",
"enabled": true,
"email" : "level2@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top/level2"
]
} }
], ],
"applications": [ "applications": [
Expand Down Expand Up @@ -347,6 +371,26 @@
} }
} }
], ],
"groups" : [
{
"name": "top",
"attributes": {
"topAttribute": ["true"]

},
"realmRoles": ["manager"],
"subGroups": [
{
"name": "level2",
"realmRoles": ["user"],
"attributes": {
"level2Attribute": ["true"]

}
}
]
}
],
"roles" : { "roles" : {
"realm" : [ "realm" : [
{ {
Expand Down
44 changes: 44 additions & 0 deletions testsuite/tomcat6/src/test/resources/keycloak-saml/testsaml.json
View file
Expand Up @@ -40,6 +40,30 @@
{ "type" : "password", { "type" : "password",
"value" : "password" } "value" : "password" }
] ]
},
{
"username" : "topGroupUser",
"enabled": true,
"email" : "top@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top"
]
},
{
"username" : "level2GroupUser",
"enabled": true,
"email" : "level2@redhat.com",
"credentials" : [
{ "type" : "password",
"value" : "password" }
],
"groups": [
"/top/level2"
]
} }
], ],
"applications": [ "applications": [
Expand Down Expand Up @@ -347,6 +371,26 @@
} }
} }
], ],
"groups" : [
{
"name": "top",
"attributes": {
"topAttribute": ["true"]

},
"realmRoles": ["manager"],
"subGroups": [
{
"name": "level2",
"realmRoles": ["user"],
"attributes": {
"level2Attribute": ["true"]

}
}
]
}
],
"roles" : { "roles" : {
"realm" : [ "realm" : [
{ {
Expand Down

0 comments on commit 4f00f6c

Please sign in to comment.