GroupAdapter.java

/*
 * Copyright 2016 Red Hat, Inc. and/or its affiliates
 * and other contributors as indicated by the @author tags.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.keycloak.models.cache.infinispan;

import org.keycloak.models.ClientModel;
import org.keycloak.models.GroupModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.cache.infinispan.entities.CachedGroup;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.RoleUtils;

import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.function.Supplier;
import java.util.stream.Stream;

/**
 * @author <a href="mailto:bill@burkecentral.com">Bill Burke</a>
 * @version $Revision: 1 $
 */
public class GroupAdapter implements GroupModel {

    protected final CachedGroup cached;
    protected final RealmCacheSession cacheSession;
    protected final KeycloakSession keycloakSession;
    protected final RealmModel realm;
    private final Supplier<GroupModel> modelSupplier;
    protected volatile GroupModel updated;

    public GroupAdapter(CachedGroup cached, RealmCacheSession cacheSession, KeycloakSession keycloakSession, RealmModel realm) {
        this.cached = cached;
        this.cacheSession = cacheSession;
        this.keycloakSession = keycloakSession;
        this.realm = realm;
        modelSupplier = this::getGroupModel;
    }

    protected void getDelegateForUpdate() {
        if (updated == null) {
            cacheSession.registerGroupInvalidation(cached.getId());
            updated = modelSupplier.get();
            if (updated == null) throw new IllegalStateException("Not found in database");
        }
    }

    protected volatile boolean invalidated;
    public void invalidate() {
        invalidated = true;
    }

    protected boolean isUpdated() {
        if (updated != null) return true;
        if (!invalidated) return false;
        updated = cacheSession.getGroupDelegate().getGroupById(realm, cached.getId());
        if (updated == null) throw new IllegalStateException("Not found in database");
        return true;
    }


    @Override
    public boolean equals(Object o) {
        if (this == o) return true;
        if (!(o instanceof GroupModel)) return false;

        GroupModel that = (GroupModel) o;

        if (!cached.getId().equals(that.getId())) return false;

        return true;
    }

    @Override
    public int hashCode() {
        return cached.getId().hashCode();
    }

    @Override
    public String getId() {
        if (isUpdated()) return updated.getId();
        return cached.getId();
    }

    @Override
    public String getName() {
        if (isUpdated()) return updated.getName();
        return cached.getName();
    }

    @Override
    public void setName(String name) {
        getDelegateForUpdate();
        updated.setName(name);

    }

    @Override
    public void setSingleAttribute(String name, String value) {
        getDelegateForUpdate();
        updated.setSingleAttribute(name, value);
    }

    @Override
    public void setAttribute(String name, List<String> values) {
        getDelegateForUpdate();
        updated.setAttribute(name, values);
    }

    @Override
    public void removeAttribute(String name) {
        getDelegateForUpdate();
        updated.removeAttribute(name);

    }

    @Override
    public String getFirstAttribute(String name) {
        if (isUpdated()) return updated.getFirstAttribute(name);
        return cached.getAttributes(modelSupplier).getFirst(name);
    }

    @Override
    public Stream<String> getAttributeStream(String name) {
        if (isUpdated()) return updated.getAttributeStream(name);
        List<String> values = cached.getAttributes(modelSupplier).get(name);
        if (values == null) return Stream.empty();
        return values.stream();
    }

    @Override
    public Map<String, List<String>> getAttributes() {
        if (isUpdated()) return updated.getAttributes();
        return cached.getAttributes(modelSupplier);
    }

    @Override
    public Stream<RoleModel> getRealmRoleMappingsStream() {
        if (isUpdated()) return updated.getRealmRoleMappingsStream();
        return getRoleMappingsStream().filter(r -> RoleUtils.isRealmRole(r, realm));
    }

    @Override
    public Stream<RoleModel> getClientRoleMappingsStream(ClientModel app) {
        if (isUpdated()) return updated.getClientRoleMappingsStream(app);
        return getRoleMappingsStream().filter(r -> RoleUtils.isClientRole(r, app));
    }

    @Override
    public boolean hasDirectRole(RoleModel role) {
        if (isUpdated()) return updated.hasDirectRole(role);

        return cached.getRoleMappings(modelSupplier).contains(role.getId());
    }

    @Override
    public boolean hasRole(RoleModel role) {
        if (isUpdated()) return updated.hasRole(role);
        if (cached.getRoleMappings(modelSupplier).contains(role.getId())) return true;
        if (getRoleMappingsStream().anyMatch(r -> r.hasRole(role))) return true;
        GroupModel parent = getParent();
        return parent != null && parent.hasRole(role);
    }

    @Override
    public void grantRole(RoleModel role) {
        getDelegateForUpdate();
        updated.grantRole(role);
    }

    @Override
    public Stream<RoleModel> getRoleMappingsStream() {
        if (isUpdated()) return updated.getRoleMappingsStream();
        Set<RoleModel> roles = new HashSet<>();
        for (String id : cached.getRoleMappings(modelSupplier)) {
            RoleModel roleById = keycloakSession.roles().getRoleById(realm, id);
            if (roleById == null) {
                // chance that role was removed, so just delegate to persistence and get user invalidated
                getDelegateForUpdate();
                return updated.getRoleMappingsStream();
            }
            roles.add(roleById);

        }
        return roles.stream();
    }

    @Override
    public void deleteRoleMapping(RoleModel role) {
        getDelegateForUpdate();
        updated.deleteRoleMapping(role);
    }

    @Override
    public GroupModel getParent() {
        if (isUpdated()) return updated.getParent();
        if (cached.getParentId() == null) return null;
        return keycloakSession.groups().getGroupById(realm, cached.getParentId());
    }

    @Override
    public String getParentId() {
        if (isUpdated()) return updated.getParentId();
        return cached.getParentId();
    }

    @Override
    public Stream<GroupModel> getSubGroupsStream() {
        if (isUpdated()) return updated.getSubGroupsStream();
        Set<GroupModel> subGroups = new HashSet<>();
        for (String id : cached.getSubGroups(modelSupplier)) {
            GroupModel subGroup = keycloakSession.groups().getGroupById(realm, id);
            if (subGroup == null) {
                // chance that role was removed, so just delegate to persistence and get user invalidated
                getDelegateForUpdate();
                return updated.getSubGroupsStream();

            }
            subGroups.add(subGroup);
        }
        return subGroups.stream().sorted(GroupModel.COMPARE_BY_NAME);
    }

    @Override
    public Stream<GroupModel> getSubGroupsStream(String search, Integer firstResult, Integer maxResults) {
        if (isUpdated()) return updated.getSubGroupsStream(search, firstResult, maxResults);
        return modelSupplier.get().getSubGroupsStream(search, firstResult, maxResults);
    }

    @Override
    public Stream<GroupModel> getSubGroupsStream(Integer firstResult, Integer maxResults) {
        if (isUpdated()) return updated.getSubGroupsStream(firstResult, maxResults);
        return modelSupplier.get().getSubGroupsStream(firstResult, maxResults);
    }

    @Override
    public Stream<GroupModel> getSubGroupsStream(String search, Boolean exact, Integer firstResult, Integer maxResults) {
        if (isUpdated()) return updated.getSubGroupsStream(search, exact, firstResult, maxResults);
        return modelSupplier.get().getSubGroupsStream(search, exact, firstResult, maxResults);
    }

    @Override
    public Long getSubGroupsCount() {
        if (isUpdated()) return updated.getSubGroupsCount();
        return cached.getSubGroupsCount(modelSupplier);
    }

    @Override
    public void setParent(GroupModel group) {
        getDelegateForUpdate();
        updated.setParent(group);

    }

    @Override
    public void addChild(GroupModel subGroup) {
        getDelegateForUpdate();
        updated.addChild(subGroup);

    }

    @Override
    public void removeChild(GroupModel subGroup) {
        getDelegateForUpdate();
        updated.removeChild(subGroup);
    }

    private GroupModel getGroupModel() {
        return cacheSession.getGroupDelegate().getGroupById(realm, cached.getId());
    }

    @Override
    public boolean escapeSlashesInGroupPath() {
        return KeycloakModelUtils.escapeSlashesInGroupPath(keycloakSession);
    }

    @Override
    public Type getType() {
        if (isUpdated()) return updated.getType();
        return cached.getType();
    }
}