diff --git a/common/src/main/java/org/keycloak/common/Profile.java b/common/src/main/java/org/keycloak/common/Profile.java index 19f57c10c0..04d4f0b7bb 100755 --- a/common/src/main/java/org/keycloak/common/Profile.java +++ b/common/src/main/java/org/keycloak/common/Profile.java @@ -34,7 +34,7 @@ public class Profile { public enum Feature { ACCOUNT2, - AUTHORIZATION, + ADMIN_FINE_GRAINED_AUTHZ, DOCKER, IMPERSONATION, OPENSHIFT_INTEGRATION, @@ -54,7 +54,7 @@ public class Profile { } private enum ProfileValue { - PRODUCT(Feature.AUTHORIZATION, Feature.SCRIPTS, Feature.DOCKER, Feature.ACCOUNT2, Feature.TOKEN_EXCHANGE), + PRODUCT(Feature.ADMIN_FINE_GRAINED_AUTHZ, Feature.SCRIPTS, Feature.DOCKER, Feature.ACCOUNT2, Feature.TOKEN_EXCHANGE), PREVIEW(Feature.ACCOUNT2), COMMUNITY(Feature.DOCKER, Feature.ACCOUNT2); diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java index dd7eef72bb..64d3f2151e 100755 --- a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java +++ b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java @@ -547,13 +547,11 @@ public class ModelToRepresentation { rep.setProtocolMappers(mappings); } - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - AuthorizationProvider authorization = session.getProvider(AuthorizationProvider.class); - ResourceServer resourceServer = authorization.getStoreFactory().getResourceServerStore().findById(clientModel.getId()); + AuthorizationProvider authorization = session.getProvider(AuthorizationProvider.class); + ResourceServer resourceServer = authorization.getStoreFactory().getResourceServerStore().findById(clientModel.getId()); - if (resourceServer != null) { - rep.setAuthorizationServicesEnabled(true); - } + if (resourceServer != null) { + rep.setAuthorizationServicesEnabled(true); } return rep; diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java index 7a95bb85c3..8ac3c046eb 100755 --- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java @@ -257,8 +257,6 @@ public class RealmsResource { @Path("{realm}/authz") public Object getAuthorizationService(@PathParam("realm") String name) { - ProfileHelper.requireFeature(Profile.Feature.AUTHORIZATION); - init(name); AuthorizationProvider authorization = this.session.getProvider(AuthorizationProvider.class); AuthorizationService service = new AuthorizationService(authorization); diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java index d1d2221e72..7f15b086f3 100644 --- a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java +++ b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java @@ -109,7 +109,7 @@ public class AccountConsole { EventStoreProvider eventStore = session.getProvider(EventStoreProvider.class); map.put("isEventsEnabled", eventStore != null && realm.isEventsEnabled()); - map.put("isAuthorizationEnabled", Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)); + map.put("isAuthorizationEnabled", true); FreeMarkerUtil freeMarkerUtil = new FreeMarkerUtil(); String result = freeMarkerUtil.processTemplate(map, "index.ftl", theme); diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java b/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java index c27c387c37..8b20d1d1aa 100755 --- a/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java +++ b/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java @@ -172,7 +172,7 @@ public class AccountFormService extends AbstractSecuredLocalService { account.setUser(auth.getUser()); } - account.setFeatures(realm.isIdentityFederationEnabled(), eventStore != null && realm.isEventsEnabled(), true, Profile.isFeatureEnabled(Feature.AUTHORIZATION)); + account.setFeatures(realm.isIdentityFederationEnabled(), eventStore != null && realm.isEventsEnabled(), true, true); } public static UriBuilder accountServiceBaseUrl(UriInfo uriInfo) { diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java index a03eea5d29..47f131354e 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java @@ -606,8 +606,6 @@ public class ClientResource { @Path("/authz") public AuthorizationService authorization() { - ProfileHelper.requireFeature(Profile.Feature.AUTHORIZATION); - AuthorizationService resource = new AuthorizationService(this.session, this.client, this.auth, adminEvent); ResteasyProviderFactory.getInstance().injectProperties(resource); @@ -691,12 +689,10 @@ public class ClientResource { } private void updateAuthorizationSettings(ClientRepresentation rep) { - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { - authorization().enable(false); - } else { - authorization().disable(); - } + if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { + authorization().enable(false); + } else { + authorization().disable(); } } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java index 4b7079c360..bc8474bcbc 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java @@ -177,17 +177,15 @@ public class ClientsResource { adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), clientModel.getId()).representation(rep).success(); - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { - AuthorizationService authorizationService = getAuthorizationService(clientModel); + if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { + AuthorizationService authorizationService = getAuthorizationService(clientModel); - authorizationService.enable(true); + authorizationService.enable(true); - ResourceServerRepresentation authorizationSettings = rep.getAuthorizationSettings(); + ResourceServerRepresentation authorizationSettings = rep.getAuthorizationSettings(); - if (authorizationSettings != null) { - authorizationService.resourceServer().importSettings(authorizationSettings); - } + if (authorizationSettings != null) { + authorizationService.resourceServer().importSettings(authorizationSettings); } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java index fc58e43187..0753f982ae 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java @@ -55,9 +55,6 @@ public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampl protected static final String REALM_NAME = "servlet-authz"; protected static final String RESOURCE_SERVER_ID = "servlet-authz-app"; - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @ArquillianResource private Deployer deployer; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java index 5cf9070647..262825e546 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java @@ -122,9 +122,6 @@ public abstract class AbstractPhotozExampleAdapterTest extends AbstractExampleAd testRealmPage.setAuthRealm(REALM_NAME); } - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @Before public void beforePhotozExampleAdapterTest() throws Exception { DroneUtils.addWebDriver(jsDriver); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java index df1738e483..5cc3410d2a 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java @@ -57,9 +57,6 @@ public class DefaultAuthzConfigAdapterTest extends AbstractExampleAdapterTest { private static final String REALM_NAME = "hello-world-authz"; private static final String RESOURCE_SERVER_ID = "hello-world-authz-service"; - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @ArquillianResource private Deployer deployer; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java index b8963dd835..6707f9ebb3 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java @@ -63,9 +63,6 @@ public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest { protected static final String REALM_NAME = "servlet-policy-enforcer-authz"; protected static final String RESOURCE_SERVER_ID = "servlet-policy-enforcer"; - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @ArquillianResource private Deployer deployer; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java index 11eac1202a..f508050fa6 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java @@ -50,11 +50,6 @@ import org.keycloak.util.JsonSerialization; */ public class AuthzCleanupTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Deployment public static WebArchive deploy() { return RunOnServerDeployment.create(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java index 0cce9897cc..5cbe600c58 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java @@ -809,8 +809,6 @@ public class PermissionsTest extends AbstractKeycloakTest { @Test public void clientAuthorization() { - ProfileAssume.assumePreview(); - ClientRepresentation newClient = new ClientRepresentation(); newClient.setClientId("foo-authz"); adminClient.realms().realm(REALM_NAME).clients().create(newClient); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java index d759263871..2743971f56 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java @@ -128,8 +128,6 @@ public class InstallationTest extends AbstractClientTest { @Test public void testOidcBearerOnlyWithAuthzJson() { - ProfileAssume.assumePreview(); - oidcBearerOnlyClientWithAuthzId = createOidcBearerOnlyClientWithAuthz(OIDC_NAME_BEARER_ONLY_WITH_AUTHZ_NAME); oidcBearerOnlyClientWithAuthz = findClientResource(OIDC_NAME_BEARER_ONLY_WITH_AUTHZ_NAME); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java index 8546c2a15d..622f1f91e4 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java @@ -57,11 +57,6 @@ public abstract class AbstractAuthorizationTest extends AbstractClientTest { return "authz-test"; } - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(createTestRealm().build()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java index 77045a1072..a1ea8d4fb7 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java @@ -52,11 +52,6 @@ import org.keycloak.testsuite.util.UserBuilder; */ public abstract class AbstractPolicyManagementTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(createTestRealm().build()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AuthorizationDisabledInPreviewTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AuthorizationDisabledInPreviewTest.java deleted file mode 100644 index 8bb9bcb81e..0000000000 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AuthorizationDisabledInPreviewTest.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.admin.client.authorization; - -import org.junit.BeforeClass; -import org.junit.Test; -import org.keycloak.testsuite.ProfileAssume; -import org.keycloak.testsuite.admin.client.AbstractClientTest; - -import javax.ws.rs.ServerErrorException; -import javax.ws.rs.core.Response; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.fail; - -/** - * @author Stian Thorgersen - */ -public class AuthorizationDisabledInPreviewTest extends AbstractClientTest { - - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreviewDisabled(); - } - - @Test - public void testAuthzServicesRemoved() { - String id = testRealmResource().clients().findAll().get(0).getId(); - try { - testRealmResource().clients().get(id).authorization().getSettings(); - } catch (ServerErrorException e) { - assertEquals(Response.Status.NOT_IMPLEMENTED.getStatusCode(), e.getResponse().getStatus()); - return; - } - fail("Feature Authorization should be disabled."); - } - -} diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java index 8f276440e6..e3f05c1390 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java @@ -75,7 +75,6 @@ public class ClaimInformationPointProviderTest extends AbstractKeycloakTest { @BeforeClass public static void onBeforeClass() { - ProfileAssume.assumePreview(); httpService = Undertow.builder().addHttpListener(8989, "localhost").setHandler(exchange -> { if (exchange.isInIoThread()) { try { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java index 76e4e0586b..7d87d72b3f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java @@ -40,9 +40,6 @@ import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm; */ public class EnforcerConfigTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @Override public void addTestRealms(List testRealms) { RealmRepresentation realm = loadRealm(getClass().getResourceAsStream("/authorization-test/test-authz-realm.json")); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java index cff948b938..bd8a542797 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java @@ -82,11 +82,6 @@ public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest { protected static final String REALM_NAME = "authz-test"; - @BeforeClass - public static void onBeforeClass() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(RealmBuilder.create().name(REALM_NAME) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java index 49eeec9087..7896be98f8 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java @@ -86,11 +86,6 @@ public class PolicyEnforcerTest extends AbstractKeycloakTest { protected static final String REALM_NAME = "authz-test"; - @BeforeClass - public static void onBeforeClass() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(RealmBuilder.create().name(REALM_NAME) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java index 77952be1f7..6a5680b6fd 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java @@ -12,11 +12,6 @@ import org.keycloak.testsuite.ProfileAssume; */ public abstract class AbstractAuthzTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - protected AccessToken toAccessToken(String rpt) { AccessToken accessToken; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java index 0571c666eb..33547c12cb 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java @@ -182,8 +182,6 @@ public class InvalidationCrossDCTest extends AbstractAdminCrossDCTest { @Test public void authzResourceInvalidationTest() throws Exception { - ProfileAssume.assumePreview(); - enableDcOnLoadBalancer(DC.FIRST); enableDcOnLoadBalancer(DC.SECOND); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java index f0a58f22d4..5496790db7 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java @@ -384,9 +384,7 @@ public class ExportImportUtil { Assert.assertNotNull(linked); Assert.assertEquals("my-service-user", linked.getUsername()); - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - assertAuthorizationSettings(realmRsc); - } + assertAuthorizationSettings(realmRsc); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java index 958c8a943a..9971da79b1 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java @@ -64,11 +64,6 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest { public static final String EXECUTION_ID = "scriptAuth"; - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Override public void configureTestRealm(RealmRepresentation testRealm) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java index 0ff63e1509..52b42fc432 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java @@ -355,8 +355,6 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest { } private void testResourceWithMultipleUris() { - ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHORIZATION); - ClientsResource clients = migrationRealm.clients(); ClientRepresentation clientRepresentation = clients.findByClientId("authz-servlet").get(0); ResourceRepresentation resource = clients.get(clientRepresentation.getId()).authorization().resources().findByName("Protected Resource").get(0); diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java index de199f7834..b94fa05ead 100644 --- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java +++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java @@ -43,11 +43,6 @@ public abstract class AbstractAuthorizationSettingsTest extends AbstractClientTe protected ClientRepresentation newClient; - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Before public void configureTest() { this.newClient = createResourceServer(); diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/ClientAuthorizationServicesAvailableTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/ClientAuthorizationServicesAvailableTest.java deleted file mode 100644 index c24da58978..0000000000 --- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/ClientAuthorizationServicesAvailableTest.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.console.clients; - -import org.jboss.arquillian.graphene.page.Page; -import org.junit.Test; -import org.keycloak.representations.idm.ClientRepresentation; -import org.keycloak.testsuite.ProfileAssume; -import org.keycloak.testsuite.console.page.clients.settings.ClientSettings; -import org.openqa.selenium.By; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; -import static org.keycloak.testsuite.auth.page.login.Login.OIDC; - -/** - * - * @author Vlastislav Ramik - */ -public class ClientAuthorizationServicesAvailableTest extends AbstractClientTest { - - private ClientRepresentation newClient; - - @Page - private ClientSettings clientSettingsPage; - - @Test - public void authzServicesAvailable() { - ProfileAssume.assumePreview(); - - newClient = createClientRep("oidc-public", OIDC); - createClient(newClient); - assertEquals("oidc-public", clientSettingsPage.form().getClientId()); - - assertTrue(driver.findElement(By.xpath("//*[@for='authorizationServicesEnabled']")).isDisplayed()); - } - - @Test - public void authzServicesUnavailable() throws InterruptedException { - ProfileAssume.assumePreviewDisabled(); - - newClient = createClientRep("oidc-public", OIDC); - createClient(newClient); - assertEquals("oidc-public", clientSettingsPage.form().getClientId()); - - assertFalse(driver.findElement(By.xpath("//*[@for='authorizationServicesEnabled']")).isDisplayed()); - - } -} \ No newline at end of file diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html index 5253641be3..38846719a6 100755 --- a/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html @@ -132,7 +132,7 @@ -
+
{{:: 'authz-authorization-services-enabled.tooltip' | translate}}
diff --git a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html index fd966d5741..c1455834b5 100755 --- a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html +++ b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html @@ -5,7 +5,7 @@
diff --git a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html index 9128dfd2e9..cdf40ec7df 100755 --- a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html +++ b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html @@ -5,7 +5,7 @@
  • {{:: 'details' | translate}}
    • -
  • +
  • {{:: 'authz-permissions' | translate}} {{:: 'manage-permissions-role.tooltip' | translate}}
    • diff --git a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html index 61fe8909c2..e5771a0c00 100755 --- a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html +++ b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html @@ -3,7 +3,7 @@