@Override public void invalidate() { getDelegateForUpdate(); }
@Override public int hashCode() { return getId().hashCode(); }
@Override public boolean hasRole(RoleModel role) { if (updated != null) return updated.hasRole(role); if (cached.getRoleMappings(modelSupplier).contains(role.getId())) return true; Set<RoleModel> mappings = getRoleMappings(); for (RoleModel mapping: mappings) { if (mapping.hasRole(role)) return true; } return RoleUtils.hasRoleFromGroup(getGroups(), role, true); }
@Override public Set<RoleModel> getClientRoleMappings(ClientModel app) { if (updated != null) return updated.getClientRoleMappings(app); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> appMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof ClientModel) { if (((ClientModel) container).getId().equals(app.getId())) { appMappings.add(role); } } } return appMappings; }
@Override public UserModel getUserById(String id, RealmModel realm) { if (!cache.isEnabled()) return getDelegate().getUserById(id, realm); if (isRegisteredForInvalidation(realm, id)) { return getDelegate().getUserById(id, realm); } CachedUser cached = cache.getCachedUser(realm.getId(), id); if (cached == null) { UserModel model = getDelegate().getUserById(id, realm); if (model == null) return null; if (managedUsers.containsKey(id)) return managedUsers.get(id); if (userInvalidations.containsKey(id)) return model; cached = new CachedUser(realm, model); cache.addCachedUser(realm.getId(), cached); } else if (managedUsers.containsKey(id)) { return managedUsers.get(id); } UserAdapter adapter = new UserAdapter(cached, this, session, realm); managedUsers.put(id, adapter); return adapter; }
@Override public boolean isMemberOf(GroupModel group) { if (updated != null) return updated.isMemberOf(group); if (cached.getGroups(modelSupplier).contains(group.getId())) return true; Set<GroupModel> roles = getGroups(); return RoleUtils.isMember(roles, group); }
@Override public void setNotBeforeForUser(RealmModel realm, UserModel user, int notBefore) { if (!isRegisteredForInvalidation(realm, user.getId())) { UserModel foundUser = getUserById(user.getId(), realm); if (foundUser instanceof UserAdapter) { ((UserAdapter) foundUser).invalidate(); } } getDelegate().setNotBeforeForUser(realm, user, notBefore); }
@Override public Set<RoleModel> getClientRoleMappings(ClientModel app) { if (updated != null) return updated.getClientRoleMappings(app); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> appMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof ClientModel) { if (((ClientModel) container).getId().equals(app.getId())) { appMappings.add(role); } } } return appMappings; }
@Override public UserModel getUserByUsername(String username, RealmModel realm) { username = username.toLowerCase(); if (!cache.isEnabled()) return getDelegate().getUserByUsername(username, realm); if (realmInvalidations.contains(realm.getId())) { return getDelegate().getUserByUsername(username, realm); } CachedUser cached = cache.getCachedUserByUsername(realm.getId(), username); if (cached == null) { UserModel model = getDelegate().getUserByUsername(username, realm); if (model == null) return null; if (managedUsers.containsKey(model.getId())) return managedUsers.get(model.getId()); if (userInvalidations.containsKey(model.getId())) return model; cached = new CachedUser(realm, model); cache.addCachedUser(realm.getId(), cached); } else if (userInvalidations.containsKey(cached.getId())) { return getDelegate().getUserById(cached.getId(), realm); } else if (managedUsers.containsKey(cached.getId())) { return managedUsers.get(cached.getId()); } UserAdapter adapter = new UserAdapter(cached, this, session, realm); managedUsers.put(cached.getId(), adapter); return adapter; }
@Override public boolean isMemberOf(GroupModel group) { if (updated != null) return updated.isMemberOf(group); if (cached.getGroups().contains(group.getId())) return true; Set<GroupModel> roles = getGroups(); return KeycloakModelUtils.isMember(roles, group); }
@Override public void addRequiredAction(RequiredAction action) { getDelegateForUpdate(); updated.addRequiredAction(action); }
@Override public Set<RoleModel> getRealmRoleMappings() { if (updated != null) return updated.getRealmRoleMappings(); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> realmMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof RealmModel) { if (((RealmModel) container).getId().equals(realm.getId())) { realmMappings.add(role); } } } return realmMappings; }
@Override public UserModel getUserByEmail(String email, RealmModel realm) { if (email == null) return null; email = email.toLowerCase(); if (!cache.isEnabled()) return getDelegate().getUserByEmail(email, realm); if (realmInvalidations.contains(realm.getId())) { return getDelegate().getUserByEmail(email, realm); } CachedUser cached = cache.getCachedUserByEmail(realm.getId(), email); if (cached == null) { UserModel model = getDelegate().getUserByEmail(email, realm); if (model == null) return null; if (userInvalidations.containsKey(model.getId())) return model; cached = new CachedUser(realm, model); cache.addCachedUser(realm.getId(), cached); } else if (userInvalidations.containsKey(cached.getId())) { return getDelegate().getUserByEmail(email, realm); } else if (managedUsers.containsKey(cached.getId())) { return managedUsers.get(cached.getId()); } UserAdapter adapter = new UserAdapter(cached, this, session, realm); managedUsers.put(cached.getId(), adapter); return adapter; }
@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || !(o instanceof UserModel)) return false; UserModel that = (UserModel) o; return that.getId().equals(getId()); }
@Override public void removeRequiredAction(RequiredAction action) { getDelegateForUpdate(); updated.removeRequiredAction(action); }
@Override public Set<RoleModel> getRealmRoleMappings() { if (updated != null) return updated.getRealmRoleMappings(); Set<RoleModel> roleMappings = getRoleMappings(); Set<RoleModel> realmMappings = new HashSet<RoleModel>(); for (RoleModel role : roleMappings) { RoleContainerModel container = role.getContainer(); if (container instanceof RealmModel) { if (((RealmModel) container).getId().equals(realm.getId())) { realmMappings.add(role); } } } return realmMappings; }
protected UserModel validateCache(RealmModel realm, CachedUser cached) { if (!realm.getId().equals(cached.getRealm())) { return null; } StorageId storageId = cached.getFederationLink() != null ? new StorageId(cached.getFederationLink(), cached.getId()) : new StorageId(cached.getId()); if (!storageId.isLocal()) { ComponentModel component = realm.getComponent(storageId.getProviderId()); CacheableStorageProviderModel model = new CacheableStorageProviderModel(component); // although we do set a timeout, Infinispan has no guarantees when the user will be evicted // its also hard to test stuff if (model.shouldInvalidate(cached)) { registerUserInvalidation(realm, cached); return getDelegate().getUserById(cached.getId(), realm); } } return new UserAdapter(cached, this, session, realm); }
@Override public void setServiceAccountClientLink(String clientInternalId) { getDelegateForUpdate(); updated.setServiceAccountClientLink(clientInternalId); }
@Override public boolean hasRole(RoleModel role) { if (updated != null) return updated.hasRole(role); if (cached.getRoleMappings().contains(role.getId())) return true; Set<RoleModel> mappings = getRoleMappings(); for (RoleModel mapping: mappings) { if (mapping.hasRole(role)) return true; } return false; }