Change the user to disabled when the account deletion request is performed and avatar is remove from the storage
This commit is contained in:
parent
d112ca72ad
commit
3892edace4
|
@ -9,11 +9,13 @@ import javax.ws.rs.POST;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
||||||
|
import org.gcube.keycloak.avatar.storage.AvatarStorageProvider;
|
||||||
import org.gcube.keycloak.event.OrchestratorEventPublisherProviderFactory;
|
import org.gcube.keycloak.event.OrchestratorEventPublisherProviderFactory;
|
||||||
import org.jboss.logging.Logger;
|
import org.jboss.logging.Logger;
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
import org.keycloak.models.KeycloakSession;
|
import org.keycloak.models.KeycloakSession;
|
||||||
import org.keycloak.models.RealmModel;
|
import org.keycloak.models.RealmModel;
|
||||||
|
import org.keycloak.models.UserModel;
|
||||||
import org.keycloak.services.managers.AppAuthManager;
|
import org.keycloak.services.managers.AppAuthManager;
|
||||||
import org.keycloak.services.managers.AuthenticationManager;
|
import org.keycloak.services.managers.AuthenticationManager;
|
||||||
import org.keycloak.services.resources.RealmsResource;
|
import org.keycloak.services.resources.RealmsResource;
|
||||||
|
@ -47,17 +49,45 @@ public class DeleteAccountResource {
|
||||||
throw new ForbiddenException("State");
|
throw new ForbiddenException("State");
|
||||||
}
|
}
|
||||||
logger.info("Invoked perform delete account");
|
logger.info("Invoked perform delete account");
|
||||||
|
|
||||||
|
logger.debug("Getting realm model from auth session");
|
||||||
RealmModel realm = auth.getSession().getRealm();
|
RealmModel realm = auth.getSession().getRealm();
|
||||||
|
|
||||||
|
logger.debug("Getting user model from auth");
|
||||||
|
UserModel user = auth.getUser();
|
||||||
|
|
||||||
|
try {
|
||||||
|
logger.debug("Beginning the transaction on transaction manager");
|
||||||
|
session.getTransactionManager().begin();
|
||||||
|
|
||||||
|
logger.debug("Setting user as not enabled in realm");
|
||||||
|
user.setEnabled(false);
|
||||||
|
|
||||||
|
logger.debug("Committing the transaction on transaction manager");
|
||||||
|
if (session.getTransactionManager().isActive()) {
|
||||||
|
session.getTransactionManager().commit();
|
||||||
|
}
|
||||||
|
} catch (Exception e) {
|
||||||
|
logger.error("Cannot perform user model modifications", e);
|
||||||
|
}
|
||||||
|
|
||||||
|
AvatarStorageProvider avatarStorageProvider = session.getProvider(AvatarStorageProvider.class);
|
||||||
|
if (avatarStorageProvider != null) {
|
||||||
|
logger.debug("Deleting avatar from storage for the user");
|
||||||
|
avatarStorageProvider.deleteAvatarImage(realm, user);
|
||||||
|
} else {
|
||||||
|
logger.warn("Cannot perform avatar import ince the avatar storage provider is null");
|
||||||
|
}
|
||||||
|
|
||||||
logger.debug("Sending delete account event to the orchestrator");
|
logger.debug("Sending delete account event to the orchestrator");
|
||||||
new OrchestratorEventPublisherProviderFactory().create(session)
|
new OrchestratorEventPublisherProviderFactory().create(session)
|
||||||
.publish(new DeleteAccountEvent(auth.getUser(), realm));
|
.publish(new DeleteAccountEvent(user, realm));
|
||||||
|
|
||||||
logger.debug("Forcing logout from all active sessions");
|
logger.debug("Forcing logout from all active sessions");
|
||||||
session.sessions().removeUserSessions(realm);
|
session.sessions().removeUserSessions(realm);
|
||||||
|
|
||||||
|
URI auccountLoginUri = RealmsResource.accountUrl(session.getContext().getUri().getBaseUriBuilder())
|
||||||
URI auccountLoginUri = session.getContext().getUri().getBaseUriBuilder().path(RealmsResource.class)
|
.build(realm.getName());
|
||||||
.path("{realm}/account").build(realm.getName());
|
|
||||||
|
|
||||||
logger.debugf("Finally redirecting to the account form login: %s", auccountLoginUri);
|
logger.debugf("Finally redirecting to the account form login: %s", auccountLoginUri);
|
||||||
return Response.status(302).location(auccountLoginUri).build();
|
return Response.status(302).location(auccountLoginUri).build();
|
||||||
|
|
Loading…
Reference in New Issue