@Override public void removeAttribute(String name) { getDelegateForUpdate(); updated.removeAttribute(name); }
private void invalidateGroup(String id) { invalidations.add(id); GroupAdapter adapter = managedGroups.get(id); if (adapter != null) adapter.invalidate(); }
@Override public boolean hasRole(RoleModel role) { if (isUpdated()) return updated.hasRole(role); if (cached.getRoleMappings(modelSupplier).contains(role.getId())) return true; Set<RoleModel> mappings = getRoleMappings(); for (RoleModel mapping: mappings) { if (mapping.hasRole(role)) return true; } return false; }
@Override public Set<RoleModel> getRoleMappings() { if (isUpdated()) return updated.getRoleMappings(); Set<RoleModel> roles = new HashSet<RoleModel>(); for (String id : cached.getRoleMappings(modelSupplier)) { RoleModel roleById = keycloakSession.realms().getRoleById(id, realm); if (roleById == null) { // chance that role was removed, so just delegate to persistence and get user invalidated getDelegateForUpdate(); return updated.getRoleMappings(); } roles.add(roleById); } return roles; }
@Override public Set<RoleModel> getClientRoleMappings(ClientModel app) { if (updated != null) return updated.getClientRoleMappings(app); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> appMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof ClientModel) { if (((ClientModel) container).getId().equals(app.getId())) { appMappings.add(role); } } } return appMappings; }
@Override public GroupModel getGroupById(String id, RealmModel realm) { CachedGroup cached = cache.get(id, CachedGroup.class); if (cached != null && !cached.getRealm().equals(realm.getId())) { cached = null; } if (cached == null) { Long loaded = cache.getCurrentRevision(id); GroupModel model = getRealmDelegate().getGroupById(id, realm); if (model == null) return null; if (invalidations.contains(id)) return model; cached = new CachedGroup(loaded, realm, model); cache.addRevisioned(cached, startupRevision); } else if (invalidations.contains(id)) { return getRealmDelegate().getGroupById(id, realm); } else if (managedGroups.containsKey(id)) { return managedGroups.get(id); } GroupAdapter adapter = new GroupAdapter(cached, this, session, realm); managedGroups.put(id, adapter); return adapter; }
@Override public String getName() { if (isUpdated()) return updated.getName(); return cached.getName(); }
@Override public Set<RoleModel> getRealmRoleMappings() { if (isUpdated()) return updated.getRealmRoleMappings(); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> realmMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof RealmModel) { if (((RealmModel) container).getId().equals(realm.getId())) { realmMappings.add(role); } } } return realmMappings; }
@Override public Set<GroupModel> getSubGroups() { if (isUpdated()) return updated.getSubGroups(); Set<GroupModel> subGroups = new HashSet<>(); for (String id : cached.getSubGroups(modelSupplier)) { GroupModel subGroup = keycloakSession.realms().getGroupById(id, realm); if (subGroup == null) { // chance that role was removed, so just delegate to persistence and get user invalidated getDelegateForUpdate(); return updated.getSubGroups(); } subGroups.add(subGroup); } return subGroups; }
@Override public Set<RoleModel> getRealmRoleMappings() { if (updated != null) return updated.getRealmRoleMappings(); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> realmMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof RealmModel) { if (((RealmModel) container).getId().equals(realm.getId())) { realmMappings.add(role); } } } return realmMappings; }
@Override public GroupModel getGroupById(String id, RealmModel realm) { if (!cache.isEnabled()) return getDelegate().getGroupById(id, realm); CachedGroup cached = cache.getGroup(id); if (cached != null && !cached.getRealm().equals(realm.getId())) { cached = null; } if (cached == null) { GroupModel model = getDelegate().getGroupById(id, realm); if (model == null) return null; if (groupInvalidations.contains(id)) return model; cached = new CachedGroup(realm, model); cache.addCachedGroup(cached); } else if (groupInvalidations.contains(id)) { return getDelegate().getGroupById(id, realm); } else if (managedGroups.containsKey(id)) { return managedGroups.get(id); } GroupAdapter adapter = new GroupAdapter(cached, this, session, realm); managedGroups.put(id, adapter); return adapter; }
@Override public String getParentId() { if (isUpdated()) return updated.getParentId(); return cached.getParentId(); }
@Override public void setName(String name) { getDelegateForUpdate(); updated.setName(name); }
@Override public Set<RoleModel> getClientRoleMappings(ClientModel app) { if (isUpdated()) return updated.getClientRoleMappings(app); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> appMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof ClientModel) { if (((ClientModel) container).getId().equals(app.getId())) { appMappings.add(role); } } } return appMappings; }
@Override public boolean hasRole(RoleModel role) { if (updated != null) return updated.hasRole(role); if (cached.getRoleMappings().contains(role.getId())) return true; Set<RoleModel> mappings = getRoleMappings(); for (RoleModel mapping: mappings) { if (mapping.hasRole(role)) return true; } return false; }
@Override public String getId() { if (isUpdated()) return updated.getId(); return cached.getId(); }
private void roleRemovalInvalidations(String roleId, String roleName, String roleContainerId) { Set<String> newInvalidations = new HashSet<>(); cache.roleRemoval(roleId, roleName, roleContainerId, newInvalidations); invalidations.addAll(newInvalidations); // need to make sure that scope and group mapping clients and groups are invalidated for (String id : newInvalidations) { ClientModel adapter = managedApplications.get(id); if (adapter != null && adapter instanceof ClientAdapter){ ((ClientAdapter)adapter).invalidate(); continue; } GroupAdapter group = managedGroups.get(id); if (group != null) { group.invalidate(); continue; } ClientScopeAdapter clientScope = managedClientScopes.get(id); if (clientScope != null) { clientScope.invalidate(); continue; } RoleAdapter role = managedRoles.get(id); if (role != null) { role.invalidate(); continue; } } }
@Override public void setAttribute(String name, List<String> values) { getDelegateForUpdate(); updated.setAttribute(name, values); }
@Override public String getFirstAttribute(String name) { if (isUpdated()) return updated.getFirstAttribute(name); return cached.getAttributes(modelSupplier).getFirst(name); }