libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

KEYCLOAK-7846: Turn off disallowed features

Browse source
This commit is contained in:
ssilvert@win.redhat.com 2018-07-12 12:47:54 -04:00 committed by Stan Silvert
parent c969c4c903
commit 3e158c0321
5 changed files with 79 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java
View file

@ -32,6 +32,9 @@ import javax.json.Json;
import javax.json.JsonObjectBuilder; import javax.json.JsonObjectBuilder;
import javax.json.JsonWriter; import javax.json.JsonWriter;
import org.jboss.logging.Logger; import org.jboss.logging.Logger;
import org.keycloak.common.Profile;
import org.keycloak.events.EventStoreProvider;
import org.keycloak.forms.account.freemarker.model.FeaturesBean;
import org.keycloak.models.ClientModel; import org.keycloak.models.ClientModel;
import org.keycloak.protocol.oidc.utils.RedirectUtils; import org.keycloak.protocol.oidc.utils.RedirectUtils;
import org.keycloak.services.managers.RealmManager; import org.keycloak.services.managers.RealmManager;
@ -109,6 +112,10 @@ public class AccountConsole {
map.put("supportedLocales", supportedLocales(messages)); map.put("supportedLocales", supportedLocales(messages));
map.put("properties", theme.getProperties()); map.put("properties", theme.getProperties());
EventStoreProvider eventStore = session.getProvider(EventStoreProvider.class);
map.put("isEventsEnabled", eventStore != null && realm.isEventsEnabled());
map.put("isAuthorizationEnabled", Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION));
FreeMarkerUtil freeMarkerUtil = new FreeMarkerUtil(); FreeMarkerUtil freeMarkerUtil = new FreeMarkerUtil();
String result = freeMarkerUtil.processTemplate(map, "index.ftl", theme); String result = freeMarkerUtil.processTemplate(map, "index.ftl", theme);
Response.ResponseBuilder builder = Response.status(Response.Status.OK).type(MediaType.TEXT_HTML_UTF_8).language(Locale.ENGLISH).entity(result); Response.ResponseBuilder builder = Response.status(Response.Status.OK).type(MediaType.TEXT_HTML_UTF_8).language(Locale.ENGLISH).entity(result);

24
themes/src/main/resources/theme/keycloak-preview/account/index.ftl
View file

@ -13,9 +13,15 @@
var baseUrl = '${baseUrl}'; var baseUrl = '${baseUrl}';
var realm = '${realm.name}'; var realm = '${realm.name}';
var resourceUrl = '${resourceUrl}'; var resourceUrl = '${resourceUrl}';
var isRegistrationEmailAsUsername = ${realm.registrationEmailAsUsername?c};
var isEditUserNameAllowed = ${realm.editUsernameAllowed?c}; var features = {
var isInternationalizationEnabled = ${realm.internationalizationEnabled?c}; isRegistrationEmailAsUsername : ${realm.registrationEmailAsUsername?c},
isEditUserNameAllowed : ${realm.editUsernameAllowed?c},
isInternationalizationEnabled : ${realm.internationalizationEnabled?c},
isLinkedAccountsEnabled : ${realm.identityFederationEnabled?c},
isEventsEnabled : ${isEventsEnabled?c},
isMyResourcesEnabled : ${(realm.userManagedAccessAllowed && isAuthorizationEnabled)?c}
}
var availableLocales = []; var availableLocales = [];
<#list supportedLocales as locale, label> <#list supportedLocales as locale, label>
@ -190,7 +196,7 @@
<h3><a href="${baseUrl}/#/password">${msg("changePasswordHtmlTitle")}</a></h3> <h3><a href="${baseUrl}/#/password">${msg("changePasswordHtmlTitle")}</a></h3>
<h3><a href="${baseUrl}/#/authenticator">${msg("authenticatorTitle")}</a></h3> <h3><a href="${baseUrl}/#/authenticator">${msg("authenticatorTitle")}</a></h3>
<h3><a href="${baseUrl}/#/device-activity">${msg("deviceActivityHtmlTitle")}</a></h3> <h3><a href="${baseUrl}/#/device-activity">${msg("deviceActivityHtmlTitle")}</a></h3>
<h3><a href="${baseUrl}/#/linked-accounts">${msg("linkedAccountsHtmlTitle")}</a></h3> <h3 id="linkedAccounts"><a href="${baseUrl}/#/linked-accounts">${msg("linkedAccountsHtmlTitle")}</a></h3>
</div> </div>
</div> </div>
</div> </div>
@ -209,7 +215,7 @@
</div> </div>
</div> </div>
</div> </div>
<div class="col-xs-12 col-sm-4 col-md-4 col-lg-3"> <div id="myResources" class="col-xs-12 col-sm-4 col-md-4 col-lg-3">
<div class="card-pf card-pf-view card-pf-view-select card-pf-view-single-select"> <div class="card-pf card-pf-view card-pf-view-select card-pf-view-single-select">
<div class="card-pf-body text-center row"> <div class="card-pf-body text-center row">
<div class="card-pf-top-element col-xs-2 col-sm-12 col-md-12 col-lg-12"> <div class="card-pf-top-element col-xs-2 col-sm-12 col-md-12 col-lg-12">
@ -229,6 +235,14 @@
</div> </div>
<script> <script>
if (!features.isLinkedAccountsEnabled) {
document.getElementById("linkedAccounts").style.display='none';
}
if (!features.isMyResourcesEnabled) {
document.getElementById("myResources").style.display='none';
}
var winHash = window.location.hash; var winHash = window.location.hash;
if ((winHash.indexOf('#/') == 0) && (!winHash.indexOf('#/&state') == 0)) { if ((winHash.indexOf('#/') == 0) && (!winHash.indexOf('#/&state') == 0)) {
document.getElementById("welcomeScreen").style.display='none'; document.getElementById("welcomeScreen").style.display='none';

8
themes/src/main/resources/theme/keycloak-preview/account/resources/app/content/account-page/account-page.component.ts
View file

@ -18,10 +18,10 @@ import {Component, OnInit, ViewChild} from '@angular/core';
import {Response} from '@angular/http'; import {Response} from '@angular/http';
import {FormGroup} from '@angular/forms'; import {FormGroup} from '@angular/forms';
import {Features} from '../../page/features';
import {AccountServiceClient} from '../../account-service/account.service'; import {AccountServiceClient} from '../../account-service/account.service';
declare const isRegistrationEmailAsUsername: boolean; declare const features: Features;
declare const isEditUserNameAllowed: boolean;
@Component({ @Component({
selector: 'app-account-page', selector: 'app-account-page',
@ -29,8 +29,8 @@ declare const isEditUserNameAllowed: boolean;
styleUrls: ['./account-page.component.css'] styleUrls: ['./account-page.component.css']
}) })
export class AccountPageComponent implements OnInit { export class AccountPageComponent implements OnInit {
private isRegistrationEmailAsUsername: boolean = isRegistrationEmailAsUsername; private isRegistrationEmailAsUsername: boolean = features.isRegistrationEmailAsUsername;
private isEditUserNameAllowed: boolean = isEditUserNameAllowed; private isEditUserNameAllowed: boolean = features.isEditUserNameAllowed;
@ViewChild('formGroup') private formGroup: FormGroup; @ViewChild('formGroup') private formGroup: FormGroup;

5
themes/src/main/resources/theme/keycloak-preview/account/resources/app/top-nav/top-nav.component.ts
View file

@ -18,13 +18,14 @@ import {Component, OnInit, Input} from '@angular/core';
import {TranslateUtil} from '../ngx-translate/translate.util'; import {TranslateUtil} from '../ngx-translate/translate.util';
import {KeycloakService} from '../keycloak-service/keycloak.service'; import {KeycloakService} from '../keycloak-service/keycloak.service';
import {ResponsivenessService} from "../responsiveness-service/responsiveness.service"; import {ResponsivenessService} from "../responsiveness-service/responsiveness.service";
import {Features} from '../page/features';
import {Referrer} from "../page/referrer"; import {Referrer} from "../page/referrer";
declare const resourceUrl: string; declare const resourceUrl: string;
declare const baseUrl: string; declare const baseUrl: string;
declare const referrer: string; declare const referrer: string;
declare const referrer_uri: string; declare const referrer_uri: string;
declare const isInternationalizationEnabled: boolean; declare const features: Features;
declare const availableLocales: Array<Object>; declare const availableLocales: Array<Object>;
@Component({ @Component({
@ -58,7 +59,7 @@ export class TopNavComponent implements OnInit {
} }
private showLocales(): boolean { private showLocales(): boolean {
return isInternationalizationEnabled && (this.availableLocales.length > 1); return features.isInternationalizationEnabled && (this.availableLocales.length > 1);
} }
private changeLocale(newLocale: string) { private changeLocale(newLocale: string) {

53
themes/src/main/resources/theme/keycloak-preview/account/resources/app/vertical-nav/vertical-nav.component.ts
View file

@ -2,11 +2,12 @@ import {Component, OnInit, ViewEncapsulation, ViewChild} from '@angular/core';
import {NavigationItemConfig, VerticalNavigationComponent} from 'patternfly-ng/navigation'; import {NavigationItemConfig, VerticalNavigationComponent} from 'patternfly-ng/navigation';
import {TranslateUtil} from '../ngx-translate/translate.util'; import {TranslateUtil} from '../ngx-translate/translate.util';
import {KeycloakService} from '../keycloak-service/keycloak.service'; import {KeycloakService} from '../keycloak-service/keycloak.service';
import {Features} from '../page/features';
import {Referrer} from "../page/referrer"; import {Referrer} from "../page/referrer";
declare const baseUrl: string; declare const baseUrl: string;
declare const resourceUrl: string; declare const resourceUrl: string;
declare const isInternationalizationEnabled: boolean; declare const features: Features;
declare const availableLocales: Array<Object>; declare const availableLocales: Array<Object>;
@Component({ @Component({
@ -41,7 +42,28 @@ export class VerticalNavComponent implements OnInit {
{ {
title: this.translateUtil.translate('accountSecurityTitle'), title: this.translateUtil.translate('accountSecurityTitle'),
iconStyleClass: 'fa fa-shield', iconStyleClass: 'fa fa-shield',
children: [ children: this.makeSecurityChildren(),
},
{
title: this.translateUtil.translate('applicationsHtmlTitle'),
iconStyleClass: 'fa fa-th',
url: 'applications',
}
];
if (features.isMyResourcesEnabled) {
this.navigationItems.push(
{
title: this.translateUtil.translate('myResources'),
iconStyleClass: 'fa fa-file-o',
url: 'my-resources',
}
);
}
}
private makeSecurityChildren(): Array<NavigationItemConfig> {
const children: Array<NavigationItemConfig> = [
{ {
title: this.translateUtil.translate('changePasswordHtmlTitle'), title: this.translateUtil.translate('changePasswordHtmlTitle'),
iconStyleClass: 'fa fa-shield', iconStyleClass: 'fa fa-shield',
@ -56,25 +78,18 @@ export class VerticalNavComponent implements OnInit {
title: this.translateUtil.translate('device-activity'), title: this.translateUtil.translate('device-activity'),
iconStyleClass: 'fa fa-shield', iconStyleClass: 'fa fa-shield',
url: 'device-activity', url: 'device-activity',
}, }
{ ];
if (features.isLinkedAccountsEnabled) {
children.push({
title: this.translateUtil.translate('linkedAccountsHtmlTitle'), title: this.translateUtil.translate('linkedAccountsHtmlTitle'),
iconStyleClass: 'fa fa-shield', iconStyleClass: 'fa fa-shield',
url: 'linked-accounts', url: 'linked-accounts',
}, });
], };
},
{ return children;
title: this.translateUtil.translate('applicationsHtmlTitle'),
iconStyleClass: 'fa fa-th',
url: 'applications',
},
{
title: this.translateUtil.translate('myResources'),
iconStyleClass: 'fa fa-file-o',
url: 'my-resources',
}
];
} }
private logout() { private logout() {
@ -82,7 +97,7 @@ export class VerticalNavComponent implements OnInit {
} }
private isShowLocales(): boolean { private isShowLocales(): boolean {
return isInternationalizationEnabled && (this.availableLocales.length > 1); return features.isInternationalizationEnabled && (this.availableLocales.length > 1);
} }
private changeLocale(newLocale: string) { private changeLocale(newLocale: string) {