keycloak-scim/src/clients/service-account/ServiceAccount.tsx

import React, { useState } from "react";
import { Link } from "react-router-dom";
import { Trans, useTranslation } from "react-i18next";
import { AlertVariant, PageSection } from "@patternfly/react-core";
import { InfoCircleIcon } from "@patternfly/react-icons";

import type UserRepresentation from "@keycloak/keycloak-admin-client/lib/defs/userRepresentation";
import type { RoleMappingPayload } from "@keycloak/keycloak-admin-client/lib/defs/roleRepresentation";
import type ClientRepresentation from "@keycloak/keycloak-admin-client/lib/defs/clientRepresentation";
import { useAdminClient, useFetch } from "../../context/auth/AdminClient";
import { useAlerts } from "../../components/alert/Alerts";
import {
  mapRoles,
  RoleMapping,
  Row,
} from "../../components/role-mapping/RoleMapping";
import { KeycloakSpinner } from "../../components/keycloak-spinner/KeycloakSpinner";
import { toUser } from "../../user/routes/User";
import { useRealm } from "../../context/realm-context/RealmContext";
import { useAccess } from "../../context/access/Access";

import "./service-account.css";

type ServiceAccountProps = {
  client: ClientRepresentation;
};

export const ServiceAccount = ({ client }: ServiceAccountProps) => {
  const { t } = useTranslation("clients");
  const adminClient = useAdminClient();
  const { addAlert, addError } = useAlerts();
  const { realm } = useRealm();

  const [hide, setHide] = useState(false);
  const [serviceAccount, setServiceAccount] = useState<UserRepresentation>();

  const { hasAccess } = useAccess();
  const hasManageClients = hasAccess("manage-clients");

  useFetch(
    () =>
      adminClient.clients.getServiceAccountUser({
        id: client.id!,
      }),
    (serviceAccount) => setServiceAccount(serviceAccount),
    []
  );

  const loader = async () => {
    const serviceAccount = await adminClient.clients.getServiceAccountUser({
      id: client.id!,
    });
    const id = serviceAccount.id!;

    const assignedRoles = (
      await adminClient.users.listRealmRoleMappings({ id })
    ).map((role) => ({ role }));
    const effectiveRoles = (
      await adminClient.users.listCompositeRealmRoleMappings({ id })
    ).map((role) => ({ role }));

    const clients = await adminClient.clients.find();
    const clientRoles = (
      await Promise.all(
        clients.map(async (client) => {
          const clientAssignedRoles = (
            await adminClient.users.listClientRoleMappings({
              id,
              clientUniqueId: client.id!,
            })
          ).map((role) => ({ role, client }));
          const clientEffectiveRoles = (
            await adminClient.users.listCompositeClientRoleMappings({
              id,
              clientUniqueId: client.id!,
            })
          ).map((role) => ({ role, client }));
          return mapRoles(clientAssignedRoles, clientEffectiveRoles, hide);
        })
      )
    ).flat();

    return [...mapRoles(assignedRoles, effectiveRoles, hide), ...clientRoles];
  };

  const assignRoles = async (rows: Row[]) => {
    try {
      const realmRoles = rows
        .filter((row) => row.client === undefined)
        .map((row) => row.role as RoleMappingPayload)
        .flat();
      await adminClient.users.addRealmRoleMappings({
        id: serviceAccount?.id!,
        roles: realmRoles,
      });
      await Promise.all(
        rows
          .filter((row) => row.client !== undefined)
          .map((row) =>
            adminClient.users.addClientRoleMappings({
              id: serviceAccount?.id!,
              clientUniqueId: row.client!.id!,
              roles: [row.role as RoleMappingPayload],
            })
          )
      );
      addAlert(t("roleMappingUpdatedSuccess"), AlertVariant.success);
    } catch (error) {
      addError("clients:roleMappingUpdatedError", error);
    }
  };
  return serviceAccount ? (
    <>
      <PageSection className="pf-u-pb-0">
        <InfoCircleIcon className="pf-c-alert__icon keycloak--service-account--info-text" />
        <span className="pf-u-pl-sm">
          <Trans i18nKey="clients-help:manageServiceAccountUser">
            {""}
            <Link
              to={toUser({ realm, id: serviceAccount.id!, tab: "settings" })}
            >
              {{ link: serviceAccount.username }}
            </Link>
          </Trans>
        </span>
      </PageSection>
      <RoleMapping
        name={client.clientId!}
        id={serviceAccount.id!}
        type="users"
        isManager={hasManageClients || client.access?.configure}
        loader={loader}
        save={assignRoles}
        onHideRolesToggle={() => setHide(!hide)}
      />
    </>
  ) : (
    <KeycloakSpinner />
  );
};
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`import React, { useState } from "react";`
Added service account user link (#2322) 2022-03-28 20:56:18 +00:00			`import { Link } from "react-router-dom";`
			`import { Trans, useTranslation } from "react-i18next";`
			`import { AlertVariant, PageSection } from "@patternfly/react-core";`
			`import { InfoCircleIcon } from "@patternfly/react-icons";`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00
Use pre-release version of Admin Client (#1063) 2021-08-26 08:39:35 +00:00			`import type UserRepresentation from "@keycloak/keycloak-admin-client/lib/defs/userRepresentation";`
			`import type { RoleMappingPayload } from "@keycloak/keycloak-admin-client/lib/defs/roleRepresentation";`
			`import type ClientRepresentation from "@keycloak/keycloak-admin-client/lib/defs/clientRepresentation";`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`import { useAdminClient, useFetch } from "../../context/auth/AdminClient";`
Created add service account roles assign screen (#465) * service account dialog * create test * fixed types * fixed realm roles selection * disable when no rows are selected Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> 2021-04-01 14:14:19 +00:00			`import { useAlerts } from "../../components/alert/Alerts";`
Add scope tab to client scope detail page (#514) * initial version of the scope tab * fixed assign * moved form logic added test * added unassign * fixed merge error * fixed labels 2021-04-20 12:10:00 +00:00			`import {`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`mapRoles,`
Add scope tab to client scope detail page (#514) * initial version of the scope tab * fixed assign * moved form logic added test * added unassign * fixed merge error * fixed labels 2021-04-20 12:10:00 +00:00			`RoleMapping,`
			`Row,`
			`} from "../../components/role-mapping/RoleMapping";`
Added service account user link (#2322) 2022-03-28 20:56:18 +00:00			`import { KeycloakSpinner } from "../../components/keycloak-spinner/KeycloakSpinner";`
			`import { toUser } from "../../user/routes/User";`
			`import { useRealm } from "../../context/realm-context/RealmContext";`
Fix role-based authorization in Clients section. (#2632) 2022-05-17 07:52:19 +00:00			`import { useAccess } from "../../context/access/Access";`
Added service account user link (#2322) 2022-03-28 20:56:18 +00:00
			`import "./service-account.css";`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00
			`type ServiceAccountProps = {`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`client: ClientRepresentation;`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`};`

inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`export const ServiceAccount = ({ client }: ServiceAccountProps) => {`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`const { t } = useTranslation("clients");`
			`const adminClient = useAdminClient();`
Introduce a standard way to create handle errors (#918) 2021-07-28 12:01:42 +00:00			`const { addAlert, addError } = useAlerts();`
Added service account user link (#2322) 2022-03-28 20:56:18 +00:00			`const { realm } = useRealm();`
Created add service account roles assign screen (#465) * service account dialog * create test * fixed types * fixed realm roles selection * disable when no rows are selected Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> 2021-04-01 14:14:19 +00:00
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`const [hide, setHide] = useState(false);`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`const [serviceAccount, setServiceAccount] = useState<UserRepresentation>();`

Fix role-based authorization in Clients section. (#2632) 2022-05-17 07:52:19 +00:00			`const { hasAccess } = useAccess();`
Fine grained clients (#2702) 2022-05-30 09:23:24 +00:00			`const hasManageClients = hasAccess("manage-clients");`
Fix role-based authorization in Clients section. (#2632) 2022-05-17 07:52:19 +00:00
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`useFetch(`
			`() =>`
			`adminClient.clients.getServiceAccountUser({`
			`id: client.id!,`
			`}),`
			`(serviceAccount) => setServiceAccount(serviceAccount),`
			`[]`
			`);`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00
			`const loader = async () => {`
			`const serviceAccount = await adminClient.clients.getServiceAccountUser({`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`id: client.id!,`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`});`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`const id = serviceAccount.id!;`

more style fixes 2021-06-15 11:12:32 +00:00			`const assignedRoles = (`
			`await adminClient.users.listRealmRoleMappings({ id })`
			`).map((role) => ({ role }));`
			`const effectiveRoles = (`
			`await adminClient.users.listCompositeRealmRoleMappings({ id })`
			`).map((role) => ({ role }));`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00
			`const clients = await adminClient.clients.find();`
			`const clientRoles = (`
			`await Promise.all(`
			`clients.map(async (client) => {`
more style fixes 2021-06-15 11:12:32 +00:00			`const clientAssignedRoles = (`
			`await adminClient.users.listClientRoleMappings({`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`id,`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`clientUniqueId: client.id!,`
more style fixes 2021-06-15 11:12:32 +00:00			`})`
			`).map((role) => ({ role, client }));`
			`const clientEffectiveRoles = (`
			`await adminClient.users.listCompositeClientRoleMappings({`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`id,`
			`clientUniqueId: client.id!,`
more style fixes 2021-06-15 11:12:32 +00:00			`})`
			`).map((role) => ({ role, client }));`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`return mapRoles(clientAssignedRoles, clientEffectiveRoles, hide);`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`})`
			`)`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`).flat();`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`return [...mapRoles(assignedRoles, effectiveRoles, hide), ...clientRoles];`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`};`

Created add service account roles assign screen (#465) * service account dialog * create test * fixed types * fixed realm roles selection * disable when no rows are selected Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> 2021-04-01 14:14:19 +00:00			`const assignRoles = async (rows: Row[]) => {`
			`try {`
			`const realmRoles = rows`
			`.filter((row) => row.client === undefined)`
			`.map((row) => row.role as RoleMappingPayload)`
			`.flat();`
initial version of dedicated client scope (#2000) 2022-02-21 12:14:20 +00:00			`await adminClient.users.addRealmRoleMappings({`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`id: serviceAccount?.id!,`
Created add service account roles assign screen (#465) * service account dialog * create test * fixed types * fixed realm roles selection * disable when no rows are selected Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> 2021-04-01 14:14:19 +00:00			`roles: realmRoles,`
			`});`
			`await Promise.all(`
			`rows`
			`.filter((row) => row.client !== undefined)`
			`.map((row) =>`
			`adminClient.users.addClientRoleMappings({`
inherited roles disabled instead of non selectable 2021-06-15 06:14:38 +00:00			`id: serviceAccount?.id!,`
Created add service account roles assign screen (#465) * service account dialog * create test * fixed types * fixed realm roles selection * disable when no rows are selected Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> 2021-04-01 14:14:19 +00:00			`clientUniqueId: row.client!.id!,`
			`roles: [row.role as RoleMappingPayload],`
			`})`
			`)`
			`);`
			`addAlert(t("roleMappingUpdatedSuccess"), AlertVariant.success);`
			`} catch (error) {`
Introduce a standard way to create handle errors (#918) 2021-07-28 12:01:42 +00:00			`addError("clients:roleMappingUpdatedError", error);`
Created add service account roles assign screen (#465) * service account dialog * create test * fixed types * fixed realm roles selection * disable when no rows are selected Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> Co-authored-by: Eugenia <32821331+jenny-s51@users.noreply.github.com> 2021-04-01 14:14:19 +00:00			`}`
			`};`
Remove useless React fragments (#1062) 2021-08-26 12:15:28 +00:00			`return serviceAccount ? (`
Added service account user link (#2322) 2022-03-28 20:56:18 +00:00			`<>`
			`<PageSection className="pf-u-pb-0">`
			`<InfoCircleIcon className="pf-c-alert__icon keycloak--service-account--info-text" />`
			`<span className="pf-u-pl-sm">`
			`<Trans i18nKey="clients-help:manageServiceAccountUser">`
			`{""}`
			`<Link`
			`to={toUser({ realm, id: serviceAccount.id!, tab: "settings" })}`
			`>`
			`{{ link: serviceAccount.username }}`
			`</Link>`
			`</Trans>`
			`</span>`
			`</PageSection>`
			`<RoleMapping`
			`name={client.clientId!}`
			`id={serviceAccount.id!}`
			`type="users"`
Fine grained clients (#2702) 2022-05-30 09:23:24 +00:00			`isManager={hasManageClients \|\| client.access?.configure}`
Added service account user link (#2322) 2022-03-28 20:56:18 +00:00			`loader={loader}`
			`save={assignRoles}`
			`onHideRolesToggle={() => setHide(!hide)}`
			`/>`
			`</>`
			`) : (`
			`<KeycloakSpinner />`
			`);`
Initial version of the Service Account tab (#238) * service account tab initial version * added hide inherited function * move empty formatter to util * added the 'assign role' button * only show service account tab when client is saved * changed to toobar items to align checkbox * added missing assignRole and renamed tab 2020-12-07 18:37:36 +00:00			`};`