Example 71 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method rolesCanBeAssignedEvenWhenTheyAreAlreadyIndirectlyAssigned.
/**
* Test for KEYCLOAK-10603.
*/
@Test
public void rolesCanBeAssignedEvenWhenTheyAreAlreadyIndirectlyAssigned() {
RealmResource realm = adminClient.realms().realm("test");
createRealmRole(realm, RoleBuilder.create().name("realm-composite").build());
createRealmRole(realm, RoleBuilder.create().name("realm-child").build());
realm.roles().get("realm-composite").addComposites(Collections.singletonList(realm.roles().get("realm-child").toRepresentation()));
try (Response response = realm.clients().create(ClientBuilder.create().clientId("myclient").build())) {
String clientId = ApiUtil.getCreatedId(response);
getCleanup().addClientUuid(clientId);
realm.clients().get(clientId).roles().create(RoleBuilder.create().name("client-composite").build());
realm.clients().get(clientId).roles().create(RoleBuilder.create().name("client-child").build());
realm.clients().get(clientId).roles().get("client-composite").addComposites(Collections.singletonList(realm.clients().get(clientId).roles().get("client-child").toRepresentation()));
GroupRepresentation group = new GroupRepresentation();
group.setName("group");
// Roles+clients tested elsewhere
assertAdminEvents.clear();
String groupId = createGroup(realm, group).getId();
RoleMappingResource roles = realm.groups().group(groupId).roles();
// Make indirect assignments: assign composite roles
roles.realmLevel().add(Collections.singletonList(realm.roles().get("realm-composite").toRepresentation()));
RoleRepresentation clientComposite = realm.clients().get(clientId).roles().get("client-composite").toRepresentation();
roles.clientLevel(clientId).add(Collections.singletonList(clientComposite));
// Check state before making the direct assignments
assertNames(roles.realmLevel().listAll(), "realm-composite");
assertNames(roles.realmLevel().listAvailable(), "realm-child", "admin", "offline_access", Constants.AUTHZ_UMA_AUTHORIZATION, "user", "customer-user-premium", "realm-composite-role", "sample-realm-role", "attribute-role", Constants.DEFAULT_ROLES_ROLE_PREFIX + "-test");
assertNames(roles.realmLevel().listEffective(), "realm-composite", "realm-child");
assertNames(roles.clientLevel(clientId).listAll(), "client-composite");
assertNames(roles.clientLevel(clientId).listAvailable(), "client-child");
assertNames(roles.clientLevel(clientId).listEffective(), "client-composite", "client-child");
// Make direct assignments for roles which are already indirectly assigned
roles.realmLevel().add(Collections.singletonList(realm.roles().get("realm-child").toRepresentation()));
RoleRepresentation clientChild = realm.clients().get(clientId).roles().get("client-child").toRepresentation();
roles.clientLevel(clientId).add(Collections.singletonList(clientChild));
// List realm roles
assertNames(roles.realmLevel().listAll(), "realm-composite", "realm-child");
assertNames(roles.realmLevel().listAvailable(), "admin", "offline_access", Constants.AUTHZ_UMA_AUTHORIZATION, "user", "customer-user-premium", "realm-composite-role", "sample-realm-role", "attribute-role", Constants.DEFAULT_ROLES_ROLE_PREFIX + "-test");
assertNames(roles.realmLevel().listEffective(), "realm-composite", "realm-child");
// List client roles
assertNames(roles.clientLevel(clientId).listAll(), "client-composite", "client-child");
assertNames(roles.clientLevel(clientId).listAvailable());
assertNames(roles.clientLevel(clientId).listEffective(), "client-composite", "client-child");
// Get mapping representation
MappingsRepresentation all = roles.getAll();
assertNames(all.getRealmMappings(), "realm-composite", "realm-child");
assertEquals(1, all.getClientMappings().size());
assertNames(all.getClientMappings().get("myclient").getMappings(), "client-composite", "client-child");
}
}
Also used :
Response(javax.ws.rs.core.Response)
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
MappingsRepresentation(org.keycloak.representations.idm.MappingsRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
RoleMappingResource(org.keycloak.admin.client.resource.RoleMappingResource)
Test(org.junit.Test)
Example 72 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method searchGroupsOnGroupHierarchies.
/**
* Verifies that the group search works the same across group provider implementations for hierarchies
* @link https://issues.jboss.org/browse/KEYCLOAK-18390
*/
@Test
public void searchGroupsOnGroupHierarchies() throws Exception {
final RealmResource realm = this.adminClient.realms().realm("test");
final String searchFor = UUID.randomUUID().toString();
final GroupRepresentation g1 = new GroupRepresentation();
g1.setName("g1");
final GroupRepresentation g1_1 = new GroupRepresentation();
g1_1.setName("g1.1-" + searchFor);
createGroup(realm, g1);
addSubGroup(realm, g1, g1_1);
final GroupRepresentation expectedRootGroup = realm.groups().group(g1.getId()).toRepresentation();
final GroupRepresentation expectedChildGroup = realm.groups().group(g1_1.getId()).toRepresentation();
final List<GroupRepresentation> searchResultGroups = realm.groups().groups(searchFor, 0, 10);
Assert.assertFalse(searchResultGroups.isEmpty());
Assert.assertEquals(expectedRootGroup.getId(), searchResultGroups.get(0).getId());
Assert.assertEquals(expectedRootGroup.getName(), searchResultGroups.get(0).getName());
List<GroupRepresentation> searchResultSubGroups = searchResultGroups.get(0).getSubGroups();
Assert.assertEquals(expectedChildGroup.getId(), searchResultSubGroups.get(0).getId());
Assert.assertEquals(expectedChildGroup.getName(), searchResultSubGroups.get(0).getName());
searchResultSubGroups.remove(0);
Assert.assertTrue(searchResultSubGroups.isEmpty());
searchResultGroups.remove(0);
Assert.assertTrue(searchResultGroups.isEmpty());
}
Also used :
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
Test(org.junit.Test)
Example 73 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method allowSameGroupNameAtDifferentLevel.
@Test
public void allowSameGroupNameAtDifferentLevel() throws Exception {
RealmResource realm = adminClient.realms().realm("test");
// creating "/test-group"
GroupRepresentation topGroup = new GroupRepresentation();
topGroup.setName("test-group");
topGroup = createGroup(realm, topGroup);
getCleanup().addGroupId(topGroup.getId());
// creating "/test-group/test-group"
GroupRepresentation childGroup = new GroupRepresentation();
childGroup.setName("test-group");
try (Response response = realm.groups().group(topGroup.getId()).subGroup(childGroup)) {
assertEquals(201, response.getStatus());
getCleanup().addGroupId(ApiUtil.getCreatedId(response));
}
assertNotNull(realm.getGroupByPath("/test-group/test-group"));
}
Also used :
Response(javax.ws.rs.core.Response)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
Test(org.junit.Test)
Example 74 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method updatingGroupWithEmptyNameShouldFail.
// KEYCLOAK-17581
@Test
public void updatingGroupWithEmptyNameShouldFail() {
RealmResource realm = adminClient.realms().realm("test");
GroupRepresentation group = new GroupRepresentation();
group.setName("groupWithName");
String groupId = null;
try (Response response = realm.groups().add(group)) {
groupId = ApiUtil.getCreatedId(response);
}
try {
group.setName("");
realm.groups().group(groupId).update(group);
Assert.fail("Updating a group with empty name should fail");
} catch (Exception expected) {
Assert.assertNotNull(expected);
}
try {
group.setName(null);
realm.groups().group(groupId).update(group);
Assert.fail("Updating a group with null name should fail");
} catch (Exception expected) {
Assert.assertNotNull(expected);
}
}
Also used :
Response(javax.ws.rs.core.Response)
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
ClientErrorException(javax.ws.rs.ClientErrorException)
NotFoundException(javax.ws.rs.NotFoundException)
ExpectedException(org.junit.rules.ExpectedException)
IOException(java.io.IOException)
RunOnServerException(org.keycloak.testsuite.runonserver.RunOnServerException)
ModelDuplicateException(org.keycloak.models.ModelDuplicateException)
Test(org.junit.Test)
Example 75 with GroupRepresentation
use of org.keycloak.representations.idm.GroupRepresentation in project keycloak by keycloak.
the class GroupTest method searchForGroupsShouldOnlyReturnMatchingElementsOrIntermediatePaths.
/**
* Groups search with query returns unwanted groups
* @link https://issues.redhat.com/browse/KEYCLOAK-18380
*/
@Test
public void searchForGroupsShouldOnlyReturnMatchingElementsOrIntermediatePaths() {
/*
* /g1/g1.1-gugu
* /g1/g1.2-test1234
* /g2-test1234
* /g3/g3.1-test1234/g3.1.1
*/
String needle = "test1234";
GroupRepresentation g1 = GroupBuilder.create().name("g1").build();
GroupRepresentation g1_1 = GroupBuilder.create().name("g1.1-bubu").build();
GroupRepresentation g1_2 = GroupBuilder.create().name("g1.2-" + needle).build();
GroupRepresentation g2 = GroupBuilder.create().name("g2-" + needle).build();
GroupRepresentation g3 = GroupBuilder.create().name("g3").build();
GroupRepresentation g3_1 = GroupBuilder.create().name("g3.1-" + needle).build();
GroupRepresentation g3_1_1 = GroupBuilder.create().name("g3.1.1").build();
String realmName = AuthRealm.TEST;
RealmResource realm = adminClient.realms().realm(realmName);
createGroup(realm, g1);
createGroup(realm, g2);
createGroup(realm, g3);
addSubGroup(realm, g1, g1_1);
addSubGroup(realm, g1, g1_2);
addSubGroup(realm, g3, g3_1);
addSubGroup(realm, g3_1, g3_1_1);
try {
// we search for "test1234" and expect only /g1/g1.2-test1234, /g2-test1234 and /g3/g3.1-test1234 as a result
List<GroupRepresentation> result = realm.groups().groups(needle, 0, 100);
assertEquals(3, result.size());
assertEquals("g1", result.get(0).getName());
assertEquals(1, result.get(0).getSubGroups().size());
assertEquals("g1.2-" + needle, result.get(0).getSubGroups().get(0).getName());
assertEquals("g2-" + needle, result.get(1).getName());
assertEquals("g3", result.get(2).getName());
assertEquals(1, result.get(2).getSubGroups().size());
assertEquals("g3.1-" + needle, result.get(2).getSubGroups().get(0).getName());
} finally {
if (g1.getId() != null) {
realm.groups().group(g1.getId()).remove();
}
if (g2.getId() != null) {
realm.groups().group(g2.getId()).remove();
}
if (g3.getId() != null) {
realm.groups().group(g3.getId()).remove();
}
}
}
Also used :
GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation)
RealmResource(org.keycloak.admin.client.resource.RealmResource)
Test(org.junit.Test)
Aggregations
GroupRepresentation (org.keycloak.representations.idm.GroupRepresentation)81
Test (org.junit.Test)62
RealmResource (org.keycloak.admin.client.resource.RealmResource)36
Response (javax.ws.rs.core.Response)24
UserRepresentation (org.keycloak.representations.idm.UserRepresentation)23
List (java.util.List)17
RoleRepresentation (org.keycloak.representations.idm.RoleRepresentation)17
ProtocolMappersResource (org.keycloak.admin.client.resource.ProtocolMappersResource)14
UserResource (org.keycloak.admin.client.resource.UserResource)13
AbstractKeycloakTest (org.keycloak.testsuite.AbstractKeycloakTest)12
ArrayList (java.util.ArrayList)10
HashMap (java.util.HashMap)10
IDToken (org.keycloak.representations.IDToken)10
OAuthClient (org.keycloak.testsuite.util.OAuthClient)10
LinkedList (java.util.LinkedList)8
Before (org.junit.Before)8
RealmRepresentation (org.keycloak.representations.idm.RealmRepresentation)7
Map (java.util.Map)6
NotFoundException (javax.ws.rs.NotFoundException)6
AuthorizationResource (org.keycloak.admin.client.resource.AuthorizationResource)6
