Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Ensure transaction is rolled back upon error#19488

Merged
hmlnarik merged 2 commits intokeycloak:mainfrom
hmlnarik:transaction-not-rolled-back
Apr 3, 2023
Merged

Ensure transaction is rolled back upon error#19488
hmlnarik merged 2 commits intokeycloak:mainfrom
hmlnarik:transaction-not-rolled-back

Conversation

@hmlnarik
Copy link
Contributor

@hmlnarik hmlnarik commented Apr 3, 2023

This change ensures that an exception is thrown from endpoints upon error rather than returning a valid response which would commit an transaction that could have recorded changes to an object. Thrown transaction then sets the code to rollback. To ensure that events are recorded in the case of error, errors are recorded in separate transaction.

This has revealed an issue in the client policy test, which has been fixed by the second commit.

Closes: #17644
Closes: #19487

@hmlnarik hmlnarik requested review from a team and mposolda April 3, 2023 09:19
@hmlnarik hmlnarik requested review from a team as code owners April 3, 2023 09:19
@hmlnarik hmlnarik force-pushed the transaction-not-rolled-back branch from ceba687 to b6b8b97 Compare April 3, 2023 09:24
@mposolda
Copy link
Contributor

mposolda commented Apr 3, 2023

@hmlnarik Thanks for the fix! LGTM as long as tests are OK

@hmlnarik hmlnarik merged commit 85c0b47 into keycloak:main Apr 3, 2023
@vilmosnagy vilmosnagy mentioned this pull request Apr 3, 2023
Closed
@vilmosnagy
Copy link
Contributor

vilmosnagy commented Apr 5, 2023

@hmlnarik @mposolda is this included in the latest nightly docker image? I've tried to migrate my test from my previous MR ( #17646 ) just to be sure, but:

  • it still creates the user, and
  • the error page is still shown
  • no rollback happens

The test I try to run:

@Test
    public void testRegisterShouldFailBeforeUserCreationWhenUserIsInContext() throws Exception {
        try (AutoCloseable c = new RealmAttributeUpdater(testRealmResource())
            .updateWith(r -> {
                Map<String, String> config = new HashMap<>();
                config.put("from", "[email protected]");
                config.put("host", "localhost");
                config.put("port", "3025");
                r.setSmtpServer(config);
                r.setRegistrationAllowed(true);
                r.setVerifyEmail(true);
                r.setResetPasswordAllowed(true);
                r.setRegistrationEmailAsUsername(true);
            })
            .update()) {

            UserRepresentation userWhoPreExistsInRealm = new UserRepresentation();
            userWhoPreExistsInRealm.setEmail("[email protected]");
            ApiUtil.createUserAndResetPasswordWithAdminClient(testRealmResource(), userWhoPreExistsInRealm, "password");

            testRealmAccountPage.navigateTo();
            loginPage.clickRegister();
            registerPage.clickBackToLogin();
            loginPage.assertCurrent(testRealmResource().toRepresentation().getRealm());

            loginPage.resetPassword();
            resetPage.assertCurrent();
            resetPage.changePassword("[email protected]");

            driver.navigate().back();
            driver.navigate().back();
            driver.navigate().back();
            registerPage.assertCurrent();

            registerPage.registerWithEmailAsUsername(
                "Vilmos",
                "Szabó-Nagy",
                "[email protected]",
                "TestPassword123",
                "TestPassword123"
            );

            errorPage.assertCurrent();
            assertEquals("The error page is shown", "Invalid username or password.", errorPage.getError()); // it does not fail here, the error page is shown

            // the user entity should not be created if the registration flow is not executed till the end
            final UserRepresentation userByUsername = ApiUtil.findUserByUsername(testRealmResource(), "[email protected]");
            assertNull(userByUsername); // it fails here
        }
    }

The git commit which I run the test: 82cab306fc5231bec0287677645146bd5ca503b3

And I'm still able to reproduce my error on the latest nightly docker image, this one: https://quay.io/repository/keycloak/keycloak/manifest/sha256:1fa2e183aa62f223724a827d07a5023141ae6eb6d4d1319f39d6fa5228aea206

@vilmosnagy vilmosnagy mentioned this pull request Apr 5, 2023
Closed
@vilmosnagy
Copy link
Contributor

vilmosnagy commented Apr 5, 2023

I've created the #19556 PR to demonstrate the failing test case.

@vilmosnagy vilmosnagy mentioned this pull request Jul 7, 2023
Closed
2 tasks
vilmosnagy added a commit to vilmosnagy/keycloak that referenced this pull request Aug 30, 2023
@vilmosnagy
BUG: Inconsistent users created in the database when there's an error in
b0e3013 
registration

Adding a failing test from keycloak#17644. The keycloak#19488 PR seems not to solve it
mposolda pushed a commit to mposolda/keycloak that referenced this pull request Sep 7, 2023
@vilmosnagy @mposolda
BUG: Inconsistent users created in the database when there's an error in
2271454 
registration

Adding a failing test from keycloak#17644. The keycloak#19488 PR seems not to solve it
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mposolda mposolda mposolda approved these changes

Assignees

No one assigned

Labels

team/cloud-native

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Client gets created even if it does not meet the policy Can create a user without the registration flow finished properly

3 participants

@hmlnarik @mposolda @vilmosnagy