/*
* Copyright 2016 Red Hat Inc. and/or its affiliates and other contributors
* as indicated by the @author tags. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/
package org.keycloak.testsuite.admin.client;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.RolesResource;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.util.AdminEventPaths;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
/**
*
* @author Stan Silvert ssilvert@redhat.com (C) 2016 Red Hat Inc.
*/
public class ClientRolesTest extends AbstractClientTest {
private ClientResource clientRsc;
private String clientDbId;
private RolesResource rolesRsc;
@Before
public void init() {
clientDbId = createOidcClient("roleClient");
clientRsc = findClientResource("roleClient");
rolesRsc = clientRsc.roles();
}
@After
public void tearDown() {
clientRsc.remove();
}
private RoleRepresentation makeRole(String name) {
RoleRepresentation role = new RoleRepresentation();
role.setName(name);
return role;
}
private boolean hasRole(RolesResource rolesRsc, String name) {
for (RoleRepresentation role : rolesRsc.list()) {
if (role.getName().equals(name)) return true;
}
return false;
}
@Test
public void testAddRole() {
RoleRepresentation role1 = makeRole("role1");
rolesRsc.create(role1);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientRoleResourcePath(clientDbId, "role1"), role1, ResourceType.CLIENT_ROLE);
assertTrue(hasRole(rolesRsc, "role1"));
}
@Test
public void testRemoveRole() {
RoleRepresentation role2 = makeRole("role2");
rolesRsc.create(role2);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientRoleResourcePath(clientDbId, "role2"), role2, ResourceType.CLIENT_ROLE);
rolesRsc.deleteRole("role2");
assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.clientRoleResourcePath(clientDbId, "role2"), ResourceType.CLIENT_ROLE);
assertFalse(hasRole(rolesRsc, "role2"));
}
@Test
public void testComposites() {
RoleRepresentation roleA = makeRole("role-a");
rolesRsc.create(roleA);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientRoleResourcePath(clientDbId, "role-a"), roleA, ResourceType.CLIENT_ROLE);
assertFalse(rolesRsc.get("role-a").toRepresentation().isComposite());
assertEquals(0, rolesRsc.get("role-a").getRoleComposites().size());
RoleRepresentation roleB = makeRole("role-b");
rolesRsc.create(roleB);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientRoleResourcePath(clientDbId, "role-b"), roleB, ResourceType.CLIENT_ROLE);
RoleRepresentation roleC = makeRole("role-c");
testRealmResource().roles().create(roleC);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.roleResourcePath("role-c"), roleC, ResourceType.REALM_ROLE);
List<RoleRepresentation> l = new LinkedList<>();
l.add(rolesRsc.get("role-b").toRepresentation());
l.add(testRealmResource().roles().get("role-c").toRepresentation());
rolesRsc.get("role-a").addComposites(l);
assertAdminEvents.assertEvent(getRealmId(), OperationType.CREATE, AdminEventPaths.clientRoleResourceCompositesPath(clientDbId, "role-a"), l, ResourceType.CLIENT_ROLE);
Set<RoleRepresentation> composites = rolesRsc.get("role-a").getRoleComposites();
assertTrue(rolesRsc.get("role-a").toRepresentation().isComposite());
Assert.assertNames(composites, "role-b", "role-c");
Set<RoleRepresentation> realmComposites = rolesRsc.get("role-a").getRealmRoleComposites();
Assert.assertNames(realmComposites, "role-c");
Set<RoleRepresentation> clientComposites = rolesRsc.get("role-a").getClientRoleComposites(clientRsc.toRepresentation().getId());
Assert.assertNames(clientComposites, "role-b");
rolesRsc.get("role-a").deleteComposites(l);
assertAdminEvents.assertEvent(getRealmId(), OperationType.DELETE, AdminEventPaths.clientRoleResourceCompositesPath(clientDbId, "role-a"), l, ResourceType.CLIENT_ROLE);
assertFalse(rolesRsc.get("role-a").toRepresentation().isComposite());
assertEquals(0, rolesRsc.get("role-a").getRoleComposites().size());
}
}