Add option in admin group search by name to reproduce previous behavoir

Jean-Baptiste PIN · Jean-Baptiste PIN · commit 2142a07cdf5b · 2022-04-29T18:00:40.000+02:00
diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java
@@ -152,8 +152,12 @@ public static GroupRepresentation toRepresentation(GroupModel group, boolean ful
     }
 
     public static Stream<GroupRepresentation> searchForGroupByName(RealmModel realm, boolean full, String search, Integer first, Integer max) {
+        return searchForGroupByName(realm, full, search, first, max, false);
+    }
+
+    public static Stream<GroupRepresentation> searchForGroupByName(RealmModel realm, boolean full, String search, Integer first, Integer max, boolean filterSubGroup) {
         return realm.searchForGroupByNameStream(search, first, max)
-                .map(g -> toGroupHierarchy(g, full, search));
+                .map(g -> toGroupHierarchy(g, full, filterSubGroup ? search : null));
     }
 
     public static Stream<GroupRepresentation> searchForGroupByName(UserModel user, boolean full, String search, Integer first, Integer max) {
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/GroupsResource.java
@@ -77,11 +77,12 @@ public GroupsResource(RealmModel realm, KeycloakSession session, AdminPermission
     public Stream<GroupRepresentation> getGroups(@QueryParam("search") String search,
                                                  @QueryParam("first") Integer firstResult,
                                                  @QueryParam("max") Integer maxResults,
-                                                 @QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation) {
+                                                 @QueryParam("briefRepresentation") @DefaultValue("true") boolean briefRepresentation,
+                                                 @QueryParam("filterSubGroup") @DefaultValue("true") boolean filterSubGroup) {
         auth.groups().requireList();
 
         if (Objects.nonNull(search)) {
-            return ModelToRepresentation.searchForGroupByName(realm, !briefRepresentation, search.trim(), firstResult, maxResults);
+            return ModelToRepresentation.searchForGroupByName(realm, !briefRepresentation, search.trim(), firstResult, maxResults, filterSubGroup);
         } else if(Objects.nonNull(firstResult) && Objects.nonNull(maxResults)) {
             return ModelToRepresentation.toGroupHierarchy(realm, !briefRepresentation, firstResult, maxResults);
         } else {
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/group/GroupTest.java
@@ -971,6 +971,73 @@ public void searchForGroupsShouldOnlyReturnMatchingElementsOrIntermediatePaths()
         }
     }
 
+    /**
+     * Provide an option to include subgroup in group search admin API
+     * @link https://github.com/keycloak/keycloak/issues/9435
+     */
+    @Test
+    public void searchForGroupsFilterSubGroup() {
+
+        /*
+         * /g1/g1.1-gugu
+         * /g1/g1.2-test1234
+         * /g2-test1234
+         * /g3/g3.1-test1234/g3.1.1
+         */
+        String needle = "test1234";
+        GroupRepresentation g1 = GroupBuilder.create().name("g1").build();
+        GroupRepresentation g1_1 = GroupBuilder.create().name("g1.1-bubu").build();
+        GroupRepresentation g1_2 = GroupBuilder.create().name("g1.2-" + needle).build();
+        GroupRepresentation g2 = GroupBuilder.create().name("g2-" + needle).build();
+        GroupRepresentation g3 = GroupBuilder.create().name("g3").build();
+        GroupRepresentation g3_1 = GroupBuilder.create().name("g3.1-" + needle).build();
+        GroupRepresentation g3_1_1 = GroupBuilder.create().name("g3.1.1").build();
+
+        String realmName = AuthRealm.TEST;
+        RealmResource realm = adminClient.realms().realm(realmName);
+
+        createGroup(realm, g1);
+        createGroup(realm, g2);
+        createGroup(realm, g3);
+        addSubGroup(realm, g1, g1_1);
+        addSubGroup(realm, g1, g1_2);
+        addSubGroup(realm, g3, g3_1);
+        addSubGroup(realm, g3_1, g3_1_1);
+
+        try {
+            // we search for "test1234" and expect only /g1/g1.2-test1234, /g2-test1234 and /g3/g3.1-test1234 as a result
+            List<GroupRepresentation> result = realm.groups().groups(needle, 0, 100, true, true);
+
+            assertEquals(3, result.size());
+            assertEquals("g1", result.get(0).getName());
+            assertEquals(1, result.get(0).getSubGroups().size());
+            assertEquals("g1.2-" + needle, result.get(0).getSubGroups().get(0).getName());
+            assertEquals("g2-" + needle, result.get(1).getName());
+            assertEquals("g3", result.get(2).getName());
+            assertEquals(1, result.get(2).getSubGroups().size());
+            assertEquals("g3.1-" + needle, result.get(2).getSubGroups().get(0).getName());
+
+            // we search for "test1234" and expect all groups
+            result = realm.groups().groups(needle, 0, 100, true, false);
+            assertEquals(3, result.size());
+            assertEquals(2, result.get(0).getSubGroups().size());
+            assertEquals(1, result.get(2).getSubGroups().get(0).getSubGroups().size());
+            
+        } finally {
+            if (g1.getId() != null) {
+                realm.groups().group(g1.getId()).remove();
+            }
+
+            if (g2.getId() != null) {
+                realm.groups().group(g2.getId()).remove();
+            }
+
+            if (g3.getId() != null) {
+                realm.groups().group(g3.getId()).remove();
+            }
+        }
+    }
+
     /**
      * Verifies that the role assigned to a user's group is correctly handled by Keycloak Admin endpoint.
      * @link https://issues.jboss.org/browse/KEYCLOAK-2964

Original file line number	Diff line number	Diff line change
`@@ -152,8 +152,12 @@ public static GroupRepresentation toRepresentation(GroupModel group, boolean ful`
`152`	`152`	`}`
`153`	`153`
`154`	`154`	`public static Stream<GroupRepresentation> searchForGroupByName(RealmModel realm, boolean full, String search, Integer first, Integer max) {`
	`155`	`+ return searchForGroupByName(realm, full, search, first, max, false);`
	`156`	`+ }`
	`157`	`+`
	`158`	`+ public static Stream<GroupRepresentation> searchForGroupByName(RealmModel realm, boolean full, String search, Integer first, Integer max, boolean filterSubGroup) {`
`155`	`159`	`return realm.searchForGroupByNameStream(search, first, max)`
`156`		`- .map(g -> toGroupHierarchy(g, full, search));`
	`160`	`+ .map(g -> toGroupHierarchy(g, full, filterSubGroup ? search : null));`
`157`	`161`	`}`
`158`	`162`
`159`	`163`	`public static Stream<GroupRepresentation> searchForGroupByName(UserModel user, boolean full, String search, Integer first, Integer max) {`