Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Avoid touching the database layer if no changes are necessary for a user #43683

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
+55 −10
Open

Avoid touching the database layer if no changes are necessary for a user #43683

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b6d5cf4
Avoid touching the database layer if no changes are necessary for a user
ahus1 Oct 23, 2025
261b7f5
Fixing test
ahus1 Oct 24, 2025
f7548dd
Review
ahus1 Oct 24, 2025
d1e07d3
Fixing readonly
ahus1 Oct 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 46 additions & 9 deletions model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserAdapter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,9 @@ public boolean isEnabled() {

@Override
public void setEnabled(boolean enabled) {
if (updated == null && cached.isEnabled() == enabled) {
return;
}
getDelegateForUpdate();
updated.setEnabled(enabled);
}
Expand Down Expand Up @@ -214,10 +217,11 @@ public void setAttribute(String name, List<String> values) {

@Override
public void removeAttribute(String name) {
if (getFirstAttribute(name) != null) {
getDelegateForUpdate();
updated.removeAttribute(name);
if (updated == null && getFirstAttribute(name) == null) {
return;
}
getDelegateForUpdate();
updated.removeAttribute(name);
}

@Override
Expand Down Expand Up @@ -247,30 +251,42 @@ public Stream<String> getRequiredActionsStream() {

@Override
public void addRequiredAction(RequiredAction action) {
if (action == null || updated == null && getCachedRequiredActions().contains(action.name())) {
return;
}
getDelegateForUpdate();
updated.addRequiredAction(action);
}

@Override
public void removeRequiredAction(RequiredAction action) {
if (getRequiredActionsStream().anyMatch(s -> Objects.equals(s, action.name()))) {
getDelegateForUpdate();
updated.removeRequiredAction(action);
if (action == null || updated == null && !getCachedRequiredActions().contains(action.name())) {
return;
}
getDelegateForUpdate();
updated.removeRequiredAction(action);
}

@Override
public void addRequiredAction(String action) {
if (updated == null && getCachedRequiredActions().contains(action)) {
return;
}
getDelegateForUpdate();
updated.addRequiredAction(action);
}

@Override
public void removeRequiredAction(String action) {
if (getRequiredActionsStream().anyMatch(s -> Objects.equals(s, action))) {
getDelegateForUpdate();
updated.removeRequiredAction(action);
if (updated == null && !getCachedRequiredActions().contains(action)) {
return;
}
getDelegateForUpdate();
updated.removeRequiredAction(action);
}

private Set<String> getCachedRequiredActions() {
return cached.getRequiredActions(keycloakSession, modelSupplier);
}

@Override
Expand All @@ -281,6 +297,9 @@ public boolean isEmailVerified() {

@Override
public void setEmailVerified(boolean verified) {
if (updated == null && cached.isEmailVerified() == verified) {
return;
}
getDelegateForUpdate();
updated.setEmailVerified(verified);
}
Expand All @@ -293,6 +312,9 @@ public String getFederationLink() {

@Override
public void setFederationLink(String link) {
if (updated == null && Objects.equals(cached.getFederationLink(), link)) {
return;
}
getDelegateForUpdate();
updated.setFederationLink(link);
}
Expand All @@ -305,6 +327,9 @@ public String getServiceAccountClientLink() {

@Override
public void setServiceAccountClientLink(String clientInternalId) {
if (updated == null && Objects.equals(cached.getServiceAccountClientLink(), clientInternalId)) {
return;
}
getDelegateForUpdate();
updated.setServiceAccountClientLink(clientInternalId);
}
Expand Down Expand Up @@ -388,6 +413,9 @@ public boolean hasRole(RoleModel role) {

@Override
public void grantRole(RoleModel role) {
if (updated == null && cached.getRoleMappings(keycloakSession, modelSupplier).contains(role.getId())) {
return;
}
getDelegateForUpdate();
updated.grantRole(role);
}
Expand All @@ -411,6 +439,9 @@ public Stream<RoleModel> getRoleMappingsStream() {

@Override
public void deleteRoleMapping(RoleModel role) {
if (updated == null && !cached.getRoleMappings(keycloakSession, modelSupplier).contains(role.getId())) {
return;
}
getDelegateForUpdate();
updated.deleteRoleMapping(role);
}
Expand Down Expand Up @@ -454,13 +485,19 @@ public long getGroupsCountByNameContaining(String search) {

@Override
public void joinGroup(GroupModel group) {
if (group.getType() == Type.REALM && cached.getGroups(keycloakSession, modelSupplier).contains(group.getId())) {
return;
}
getDelegateForUpdate();
updated.joinGroup(group);

}

@Override
public void leaveGroup(GroupModel group) {
if (group.getType() == Type.REALM && updated == null && !cached.getGroups(keycloakSession, modelSupplier).contains(group.getId())) {
return;
}
getDelegateForUpdate();
updated.leaveGroup(group);
}
Expand Down
8 changes: 7 additions & 1 deletion model/infinispan/src/main/java/org/keycloak/models/cache/infinispan/UserCacheSession.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -376,7 +376,13 @@ protected UserModel validateCache(RealmModel realm, CachedUser cached, Supplier<
}
}

return new UserAdapter(cached, this, session, realm);
UserAdapter userAdapter = new UserAdapter(cached, this, session, realm);

if (isReadOnlyOrganizationMember(session, userAdapter)) {
return new ReadOnlyUserModelDelegate(userAdapter, false);
}

return userAdapter;
}

protected UserModel cacheUser(RealmModel realm, UserModel delegate, Long revision) {
Expand Down
1 change: 1 addition & 0 deletions ...tests/base/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPAdminRestApiTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -259,6 +259,7 @@ public void testErrorResponseWhenLdapIsFailing() {
UserResource userResource = testRealm().users().get(newUserId1);

try {
user1.setFirstName(user1.getFirstName() + " updated");
userResource.update(user1);
Assert.fail("Not expected to successfully update user");
} catch (WebApplicationException expected) {
Expand Down
1 change: 1 addition & 0 deletions ...se/src/test/java/org/keycloak/testsuite/federation/ldap/LDAPProvidersIntegrationTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1658,6 +1658,7 @@ public void updateLDAPUsernameTest() {
RealmModel testRealm = ctx.getRealm();

UserModel importedUser = UserStoragePrivateUtil.userLocalStorage(session).getUserByUsername(testRealm, "beckybecks");
Assert.assertNotNull(importedUser);

// Update user 'beckybecks' in LDAP
LDAPObject becky = ctx.getLdapProvider().loadLDAPUserByUsername(testRealm, importedUser.getUsername());
Expand Down
Loading