use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class GroupTest method adminEndpointAccessibleWhenAdminRoleAssignedToGroupAfterUserJoinedIt.
/**
* Verifies that the role assigned to a user's group is correctly handled by Keycloak Admin endpoint.
* @link https://issues.jboss.org/browse/KEYCLOAK-2964
*/
@Test
public void adminEndpointAccessibleWhenAdminRoleAssignedToGroupAfterUserJoinedIt() {
String userName = "user-" + UUID.randomUUID();
String groupName = "group-" + UUID.randomUUID();
final String realmName = AuthRealm.MASTER;
RealmResource realm = adminClient.realms().realm(realmName);
RoleRepresentation adminRole = realm.roles().get(AdminRoles.ADMIN).toRepresentation();
assertThat(adminRole, notNullValue());
assertThat(adminRole.getId(), notNullValue());
String userId = createUser(realmName, userName, "pwd");
GroupRepresentation group = GroupBuilder.create().name(groupName).build();
try (Response response = realm.groups().add(group)) {
String groupId = ApiUtil.getCreatedId(response);
realm.users().get(userId).joinGroup(groupId);
RoleMappingResource mappings = realm.groups().group(groupId).roles();
mappings.realmLevel().add(Collections.singletonList(adminRole));
}
try (Keycloak userClient = Keycloak.getInstance(getAuthServerContextRoot() + "/auth", realmName, userName, "pwd", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
assertThat(// Any admin operation will do
userClient.realms().findAll(), not(empty()));
}
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class GroupTest method updateGroup.
@Test
public void updateGroup() {
RealmResource realm = adminClient.realms().realm("test");
final String groupName = "group-" + UUID.randomUUID();
GroupRepresentation group = GroupBuilder.create().name(groupName).singleAttribute("attr1", "attrval1").singleAttribute("attr2", "attrval2").build();
createGroup(realm, group);
group = realm.getGroupByPath("/" + groupName);
Assert.assertNotNull(group);
assertThat(group.getName(), is(groupName));
assertThat(group.getAttributes().keySet(), containsInAnyOrder("attr1", "attr2"));
assertThat(group.getAttributes(), hasEntry(is("attr1"), contains("attrval1")));
assertThat(group.getAttributes(), hasEntry(is("attr2"), contains("attrval2")));
final String groupNewName = "group-" + UUID.randomUUID();
group.setName(groupNewName);
group.getAttributes().remove("attr1");
group.getAttributes().get("attr2").add("attrval2-2");
group.getAttributes().put("attr3", Collections.singletonList("attrval2"));
realm.groups().group(group.getId()).update(group);
assertAdminEvents.assertEvent("test", OperationType.UPDATE, AdminEventPaths.groupPath(group.getId()), group, ResourceType.GROUP);
group = realm.getGroupByPath("/" + groupNewName);
assertThat(group.getName(), is(groupNewName));
assertThat(group.getAttributes().keySet(), containsInAnyOrder("attr2", "attr3"));
assertThat(group.getAttributes(), hasEntry(is("attr2"), containsInAnyOrder("attrval2", "attrval2-2")));
assertThat(group.getAttributes(), hasEntry(is("attr3"), contains("attrval2")));
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class GroupTest method groupMembershipUsersOrder.
@Test
public // KEYCLOAK-6300
void groupMembershipUsersOrder() {
RealmResource realm = adminClient.realms().realm("test");
GroupRepresentation group = new GroupRepresentation();
group.setName("group");
String groupId = createGroup(realm, group).getId();
List<String> usernames = new ArrayList<>();
for (int i = 0; i < 9; i++) {
UserRepresentation user = UserBuilder.create().username("user" + i).build();
usernames.add(user.getUsername());
try (Response create = realm.users().create(user)) {
assertEquals(Status.CREATED, create.getStatusInfo());
String userAId = ApiUtil.getCreatedId(create);
realm.users().get(userAId).joinGroup(groupId);
}
}
List<String> memberUsernames = new ArrayList<>();
for (UserRepresentation member : realm.groups().group(groupId).members(0, 10)) {
memberUsernames.add(member.getUsername());
}
assertArrayEquals("Expected: " + usernames + ", was: " + memberUsernames, usernames.toArray(), memberUsernames.toArray());
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class GroupTest method createGroupWithEmptyNameShouldFail.
// KEYCLOAK-17581
@Test
public void createGroupWithEmptyNameShouldFail() {
RealmResource realm = adminClient.realms().realm("test");
GroupRepresentation group = new GroupRepresentation();
group.setName("");
try (Response response = realm.groups().add(group)) {
if (response.getStatus() != 400) {
Assert.fail("Creating a group with empty name should fail");
}
} catch (Exception expected) {
Assert.assertNotNull(expected);
}
group.setName(null);
try (Response response = realm.groups().add(group)) {
if (response.getStatus() != 400) {
Assert.fail("Creating a group with null name should fail");
}
} catch (Exception expected) {
Assert.assertNotNull(expected);
}
}
use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.
the class GroupTest method groupMembership.
@Test
public void groupMembership() {
RealmResource realm = adminClient.realms().realm("test");
GroupRepresentation group = new GroupRepresentation();
group.setName("group");
String groupId = createGroup(realm, group).getId();
Response response = realm.users().create(UserBuilder.create().username("user-a").build());
String userAId = ApiUtil.getCreatedId(response);
response.close();
assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userResourcePath(userAId), ResourceType.USER);
response = realm.users().create(UserBuilder.create().username("user-b").build());
String userBId = ApiUtil.getCreatedId(response);
response.close();
assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userResourcePath(userBId), ResourceType.USER);
realm.users().get(userAId).joinGroup(groupId);
assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userGroupPath(userAId, groupId), group, ResourceType.GROUP_MEMBERSHIP);
List<UserRepresentation> members = realm.groups().group(groupId).members(0, 10);
assertNames(members, "user-a");
realm.users().get(userBId).joinGroup(groupId);
assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userGroupPath(userBId, groupId), group, ResourceType.GROUP_MEMBERSHIP);
members = realm.groups().group(groupId).members(0, 10);
assertNames(members, "user-a", "user-b");
realm.users().get(userAId).leaveGroup(groupId);
assertAdminEvents.assertEvent("test", OperationType.DELETE, AdminEventPaths.userGroupPath(userAId, groupId), group, ResourceType.GROUP_MEMBERSHIP);
members = realm.groups().group(groupId).members(0, 10);
assertNames(members, "user-b");
}
Aggregations