Search in sources :

Example 96 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class GroupTest method adminEndpointAccessibleWhenAdminRoleAssignedToGroupAfterUserJoinedIt.

/**
 * Verifies that the role assigned to a user's group is correctly handled by Keycloak Admin endpoint.
 * @link https://issues.jboss.org/browse/KEYCLOAK-2964
 */
@Test
public void adminEndpointAccessibleWhenAdminRoleAssignedToGroupAfterUserJoinedIt() {
    String userName = "user-" + UUID.randomUUID();
    String groupName = "group-" + UUID.randomUUID();
    final String realmName = AuthRealm.MASTER;
    RealmResource realm = adminClient.realms().realm(realmName);
    RoleRepresentation adminRole = realm.roles().get(AdminRoles.ADMIN).toRepresentation();
    assertThat(adminRole, notNullValue());
    assertThat(adminRole.getId(), notNullValue());
    String userId = createUser(realmName, userName, "pwd");
    GroupRepresentation group = GroupBuilder.create().name(groupName).build();
    try (Response response = realm.groups().add(group)) {
        String groupId = ApiUtil.getCreatedId(response);
        realm.users().get(userId).joinGroup(groupId);
        RoleMappingResource mappings = realm.groups().group(groupId).roles();
        mappings.realmLevel().add(Collections.singletonList(adminRole));
    }
    try (Keycloak userClient = Keycloak.getInstance(getAuthServerContextRoot() + "/auth", realmName, userName, "pwd", Constants.ADMIN_CLI_CLIENT_ID, TLSUtils.initializeTLS())) {
        assertThat(// Any admin operation will do
        userClient.realms().findAll(), not(empty()));
    }
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) Response(javax.ws.rs.core.Response) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) Keycloak(org.keycloak.admin.client.Keycloak) RoleMappingResource(org.keycloak.admin.client.resource.RoleMappingResource) Test(org.junit.Test)

Example 97 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class GroupTest method updateGroup.

@Test
public void updateGroup() {
    RealmResource realm = adminClient.realms().realm("test");
    final String groupName = "group-" + UUID.randomUUID();
    GroupRepresentation group = GroupBuilder.create().name(groupName).singleAttribute("attr1", "attrval1").singleAttribute("attr2", "attrval2").build();
    createGroup(realm, group);
    group = realm.getGroupByPath("/" + groupName);
    Assert.assertNotNull(group);
    assertThat(group.getName(), is(groupName));
    assertThat(group.getAttributes().keySet(), containsInAnyOrder("attr1", "attr2"));
    assertThat(group.getAttributes(), hasEntry(is("attr1"), contains("attrval1")));
    assertThat(group.getAttributes(), hasEntry(is("attr2"), contains("attrval2")));
    final String groupNewName = "group-" + UUID.randomUUID();
    group.setName(groupNewName);
    group.getAttributes().remove("attr1");
    group.getAttributes().get("attr2").add("attrval2-2");
    group.getAttributes().put("attr3", Collections.singletonList("attrval2"));
    realm.groups().group(group.getId()).update(group);
    assertAdminEvents.assertEvent("test", OperationType.UPDATE, AdminEventPaths.groupPath(group.getId()), group, ResourceType.GROUP);
    group = realm.getGroupByPath("/" + groupNewName);
    assertThat(group.getName(), is(groupNewName));
    assertThat(group.getAttributes().keySet(), containsInAnyOrder("attr2", "attr3"));
    assertThat(group.getAttributes(), hasEntry(is("attr2"), containsInAnyOrder("attrval2", "attrval2-2")));
    assertThat(group.getAttributes(), hasEntry(is("attr3"), contains("attrval2")));
}
Also used : GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) Test(org.junit.Test)

Example 98 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class GroupTest method groupMembershipUsersOrder.

@Test
public // KEYCLOAK-6300
void groupMembershipUsersOrder() {
    RealmResource realm = adminClient.realms().realm("test");
    GroupRepresentation group = new GroupRepresentation();
    group.setName("group");
    String groupId = createGroup(realm, group).getId();
    List<String> usernames = new ArrayList<>();
    for (int i = 0; i < 9; i++) {
        UserRepresentation user = UserBuilder.create().username("user" + i).build();
        usernames.add(user.getUsername());
        try (Response create = realm.users().create(user)) {
            assertEquals(Status.CREATED, create.getStatusInfo());
            String userAId = ApiUtil.getCreatedId(create);
            realm.users().get(userAId).joinGroup(groupId);
        }
    }
    List<String> memberUsernames = new ArrayList<>();
    for (UserRepresentation member : realm.groups().group(groupId).members(0, 10)) {
        memberUsernames.add(member.getUsername());
    }
    assertArrayEquals("Expected: " + usernames + ", was: " + memberUsernames, usernames.toArray(), memberUsernames.toArray());
}
Also used : Response(javax.ws.rs.core.Response) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) ArrayList(java.util.ArrayList) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Example 99 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class GroupTest method createGroupWithEmptyNameShouldFail.

// KEYCLOAK-17581
@Test
public void createGroupWithEmptyNameShouldFail() {
    RealmResource realm = adminClient.realms().realm("test");
    GroupRepresentation group = new GroupRepresentation();
    group.setName("");
    try (Response response = realm.groups().add(group)) {
        if (response.getStatus() != 400) {
            Assert.fail("Creating a group with empty name should fail");
        }
    } catch (Exception expected) {
        Assert.assertNotNull(expected);
    }
    group.setName(null);
    try (Response response = realm.groups().add(group)) {
        if (response.getStatus() != 400) {
            Assert.fail("Creating a group with null name should fail");
        }
    } catch (Exception expected) {
        Assert.assertNotNull(expected);
    }
}
Also used : Response(javax.ws.rs.core.Response) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) ClientErrorException(javax.ws.rs.ClientErrorException) NotFoundException(javax.ws.rs.NotFoundException) ExpectedException(org.junit.rules.ExpectedException) IOException(java.io.IOException) RunOnServerException(org.keycloak.testsuite.runonserver.RunOnServerException) ModelDuplicateException(org.keycloak.models.ModelDuplicateException) Test(org.junit.Test)

Example 100 with RealmResource

use of org.keycloak.admin.client.resource.RealmResource in project keycloak by keycloak.

the class GroupTest method groupMembership.

@Test
public void groupMembership() {
    RealmResource realm = adminClient.realms().realm("test");
    GroupRepresentation group = new GroupRepresentation();
    group.setName("group");
    String groupId = createGroup(realm, group).getId();
    Response response = realm.users().create(UserBuilder.create().username("user-a").build());
    String userAId = ApiUtil.getCreatedId(response);
    response.close();
    assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userResourcePath(userAId), ResourceType.USER);
    response = realm.users().create(UserBuilder.create().username("user-b").build());
    String userBId = ApiUtil.getCreatedId(response);
    response.close();
    assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userResourcePath(userBId), ResourceType.USER);
    realm.users().get(userAId).joinGroup(groupId);
    assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userGroupPath(userAId, groupId), group, ResourceType.GROUP_MEMBERSHIP);
    List<UserRepresentation> members = realm.groups().group(groupId).members(0, 10);
    assertNames(members, "user-a");
    realm.users().get(userBId).joinGroup(groupId);
    assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userGroupPath(userBId, groupId), group, ResourceType.GROUP_MEMBERSHIP);
    members = realm.groups().group(groupId).members(0, 10);
    assertNames(members, "user-a", "user-b");
    realm.users().get(userAId).leaveGroup(groupId);
    assertAdminEvents.assertEvent("test", OperationType.DELETE, AdminEventPaths.userGroupPath(userAId, groupId), group, ResourceType.GROUP_MEMBERSHIP);
    members = realm.groups().group(groupId).members(0, 10);
    assertNames(members, "user-b");
}
Also used : Response(javax.ws.rs.core.Response) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) RealmResource(org.keycloak.admin.client.resource.RealmResource) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Test(org.junit.Test)

Aggregations

RealmResource (org.keycloak.admin.client.resource.RealmResource)263 Test (org.junit.Test)190 UserRepresentation (org.keycloak.representations.idm.UserRepresentation)67 AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)61 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)58 Response (javax.ws.rs.core.Response)55 RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)48 ClientResource (org.keycloak.admin.client.resource.ClientResource)39 OAuthClient (org.keycloak.testsuite.util.OAuthClient)37 GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)36 RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)34 Before (org.junit.Before)31 UserResource (org.keycloak.admin.client.resource.UserResource)30 IdentityProviderRepresentation (org.keycloak.representations.idm.IdentityProviderRepresentation)25 List (java.util.List)19 LinkedList (java.util.LinkedList)16 ClientScopeRepresentation (org.keycloak.representations.idm.ClientScopeRepresentation)16 VerifyProfileTest (org.keycloak.testsuite.forms.VerifyProfileTest)14 ProtocolMapperRepresentation (org.keycloak.representations.idm.ProtocolMapperRepresentation)13 AccessToken (org.keycloak.representations.AccessToken)12