From 484d5d6e08c5066cdb412166430c1ef5fef1f299 Mon Sep 17 00:00:00 2001 From: Pedro Igor Date: Wed, 20 Jul 2016 22:11:24 -0300 Subject: [PATCH] [KEYCLOAK-3313] - UI improvements and messages --- .../adapters/config/PolicyEnforcerConfig.java | 23 ++- .../infinispan/CachedPolicyStore.java | 2 +- .../infinispan/entities/CachedPolicy.java | 2 +- .../jpa/entities/PolicyEntity.java | 4 +- .../authorization/admin/PolicyService.java | 22 +++ .../admin/ResourceServerService.java | 18 +-- .../admin/ResourceSetService.java | 28 +++- .../authorization/admin/ScopeService.java | 23 +++ .../KeycloakOIDCClientInstallation.java | 3 +- .../resources/js/authz/authz-controller.js | 152 +++++++++++++----- .../resources/js/authz/authz-services.js | 9 +- ...esource-server-policy-resource-detail.html | 14 +- .../resource-server-policy-scope-detail.html | 14 +- ...source-server-policy-aggregate-detail.html | 14 +- .../resource-server-policy-drools-detail.html | 14 +- .../resource-server-policy-js-detail.html | 14 +- .../resource-server-policy-role-detail.html | 14 +- .../resource-server-policy-time-detail.html | 14 +- .../resource-server-policy-user-detail.html | 14 +- .../authz/resource-server-detail.html | 8 +- .../resource-server-resource-detail.html | 14 +- .../authz/resource-server-scope-detail.html | 14 +- 22 files changed, 270 insertions(+), 164 deletions(-) diff --git a/core/src/main/java/org/keycloak/representations/adapters/config/PolicyEnforcerConfig.java b/core/src/main/java/org/keycloak/representations/adapters/config/PolicyEnforcerConfig.java index 5145ec773d..b2c5757faa 100644 --- a/core/src/main/java/org/keycloak/representations/adapters/config/PolicyEnforcerConfig.java +++ b/core/src/main/java/org/keycloak/representations/adapters/config/PolicyEnforcerConfig.java @@ -18,6 +18,7 @@ package org.keycloak.representations.adapters.config; import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; import java.util.ArrayList; @@ -30,24 +31,30 @@ import java.util.List; public class PolicyEnforcerConfig { @JsonProperty("create-resources") - private Boolean createResources; + @JsonInclude(JsonInclude.Include.NON_NULL) + private Boolean createResources = Boolean.FALSE; @JsonProperty("enforcement-mode") private EnforcementMode enforcementMode = EnforcementMode.ENFORCING; @JsonProperty("user-managed-access") + @JsonInclude(JsonInclude.Include.NON_NULL) private UmaProtocolConfig umaProtocolConfig; @JsonProperty("entitlement") + @JsonInclude(JsonInclude.Include.NON_NULL) private EntitlementProtocolConfig entitlementProtocolConfig; @JsonProperty("paths") + @JsonInclude(JsonInclude.Include.NON_EMPTY) private List paths = new ArrayList<>(); @JsonProperty("online-introspection") - private Boolean onlineIntrospection; + @JsonInclude(JsonInclude.Include.NON_NULL) + private Boolean onlineIntrospection = Boolean.FALSE; @JsonProperty("on-deny-redirect-to") + @JsonInclude(JsonInclude.Include.NON_NULL) private String accessDeniedPath; public Boolean isCreateResources() { @@ -55,10 +62,6 @@ public class PolicyEnforcerConfig { } public List getPaths() { - if (this.paths == null) { - return null; - } - return Collections.unmodifiableList(this.paths); } @@ -82,6 +85,14 @@ public class PolicyEnforcerConfig { return onlineIntrospection; } + public void setCreateResources(Boolean createResources) { + this.createResources = createResources; + } + + public void setOnlineIntrospection(Boolean onlineIntrospection) { + this.onlineIntrospection = onlineIntrospection; + } + public void setPaths(List paths) { this.paths = paths; } diff --git a/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/CachedPolicyStore.java b/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/CachedPolicyStore.java index 10c108d60a..6bdf96fefc 100644 --- a/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/CachedPolicyStore.java +++ b/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/CachedPolicyStore.java @@ -369,7 +369,7 @@ public class CachedPolicyStore implements PolicyStore { if (getId() == null) return false; - if (o == null || getClass() != o.getClass()) return false; + if (!Policy.class.isInstance(o)) return false; Policy that = (Policy) o; diff --git a/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/entities/CachedPolicy.java b/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/entities/CachedPolicy.java index fd2b48820c..99493bf76e 100644 --- a/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/entities/CachedPolicy.java +++ b/model/infinispan/src/main/java/org/keycloak/models/authorization/infinispan/entities/CachedPolicy.java @@ -200,7 +200,7 @@ public class CachedPolicy implements Policy { if (o == null || getClass() != o.getClass()) return false; - AbstractIdentifiableEntity that = (AbstractIdentifiableEntity) o; + Policy that = (Policy) o; if (!getId().equals(that.getId())) return false; diff --git a/model/jpa/src/main/java/org/keycloak/authorization/jpa/entities/PolicyEntity.java b/model/jpa/src/main/java/org/keycloak/authorization/jpa/entities/PolicyEntity.java index a5a6b279da..540dc3131b 100644 --- a/model/jpa/src/main/java/org/keycloak/authorization/jpa/entities/PolicyEntity.java +++ b/model/jpa/src/main/java/org/keycloak/authorization/jpa/entities/PolicyEntity.java @@ -236,9 +236,9 @@ public class PolicyEntity implements Policy { if (this.id == null) return false; - if (o == null || getClass() != o.getClass()) return false; + if (!Policy.class.isInstance(o)) return false; - AbstractIdentifiableEntity that = (AbstractIdentifiableEntity) o; + Policy that = (Policy) o; if (!getId().equals(that.getId())) return false; diff --git a/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java b/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java index 1b54d56a21..d2d623cffd 100644 --- a/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java +++ b/services/src/main/java/org/keycloak/authorization/admin/PolicyService.java @@ -42,6 +42,7 @@ import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; import java.io.IOException; @@ -177,6 +178,27 @@ public class PolicyService { return Response.ok(toRepresentation(model, authorization)).build(); } + @Path("/search") + @GET + @Produces("application/json") + @NoCache + public Response find(@QueryParam("name") String name) { + this.auth.requireView(); + StoreFactory storeFactory = authorization.getStoreFactory(); + + if (name == null) { + return Response.status(Status.BAD_REQUEST).build(); + } + + Policy model = storeFactory.getPolicyStore().findByName(name, this.resourceServer.getId()); + + if (model == null) { + return Response.status(Status.OK).build(); + } + + return Response.ok(toRepresentation(model, authorization)).build(); + } + @GET @Produces("application/json") @NoCache diff --git a/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java b/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java index 7d19e836bf..59ba844511 100644 --- a/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java +++ b/services/src/main/java/org/keycloak/authorization/admin/ResourceServerService.java @@ -448,7 +448,7 @@ public class ResourceServerService { private PolicyRepresentation createDefaultPolicy() { PolicyRepresentation defaultPolicy = new PolicyRepresentation(); - defaultPolicy.setName("Only From Realm Policy"); + defaultPolicy.setName("Default Policy"); defaultPolicy.setDescription("A policy that grants access only for users within this realm"); defaultPolicy.setType("js"); defaultPolicy.setDecisionStrategy(DecisionStrategy.AFFIRMATIVE); @@ -456,21 +456,7 @@ public class ResourceServerService { HashMap defaultPolicyConfig = new HashMap<>(); - defaultPolicyConfig.put("code", "var context = $evaluation.getContext();\n" + - "\n" + - "// using attributes from the evaluation context to obtain the realm\n" + - "var contextAttributes = context.getAttributes();\n" + - "var realmName = contextAttributes.getValue('kc.realm.name').asString(0);\n" + - "\n" + - "// using attributes from the identity to obtain the issuer\n" + - "var identity = context.getIdentity();\n" + - "var identityAttributes = identity.getAttributes();\n" + - "var issuer = identityAttributes.getValue('iss').asString(0);\n" + - "\n" + - "// only users from the realm have access granted \n" + - "if (issuer.endsWith(realmName)) {\n" + - " $evaluation.grant();\n" + - "}"); + defaultPolicyConfig.put("code", "// by default, grants any permission associated with this policy\n$evaluation.grant();\n"); defaultPolicy.setConfig(defaultPolicyConfig); diff --git a/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java b/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java index 9078408a29..8bb4a9b8aa 100644 --- a/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java +++ b/services/src/main/java/org/keycloak/authorization/admin/ResourceSetService.java @@ -39,11 +39,14 @@ import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; import java.util.List; import java.util.stream.Collectors; +import static org.keycloak.authorization.admin.util.Models.toRepresentation; + /** * @author Pedro Igor */ @@ -148,7 +151,28 @@ public class ResourceSetService { return Response.status(Status.NOT_FOUND).build(); } - return Response.ok(Models.toRepresentation(model, this.resourceServer, authorization)).build(); + return Response.ok(toRepresentation(model, this.resourceServer, authorization)).build(); + } + + @Path("/search") + @GET + @Produces("application/json") + @NoCache + public Response find(@QueryParam("name") String name) { + this.auth.requireView(); + StoreFactory storeFactory = authorization.getStoreFactory(); + + if (name == null) { + return Response.status(Status.BAD_REQUEST).build(); + } + + Resource model = storeFactory.getResourceStore().findByName(name, this.resourceServer.getId()); + + if (model == null) { + return Response.status(Status.OK).build(); + } + + return Response.ok(toRepresentation(model, this.resourceServer, authorization)).build(); } @GET @@ -160,7 +184,7 @@ public class ResourceSetService { return Response.ok( storeFactory.getResourceStore().findByResourceServer(this.resourceServer.getId()).stream() - .map(resource -> Models.toRepresentation(resource, this.resourceServer, authorization)) + .map(resource -> toRepresentation(resource, this.resourceServer, authorization)) .collect(Collectors.toList())) .build(); } diff --git a/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java b/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java index 08bbed9485..97b85418f5 100644 --- a/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java +++ b/services/src/main/java/org/keycloak/authorization/admin/ScopeService.java @@ -17,6 +17,7 @@ */ package org.keycloak.authorization.admin; +import org.jboss.resteasy.annotations.cache.NoCache; import org.keycloak.authorization.AuthorizationProvider; import org.keycloak.authorization.model.Policy; import org.keycloak.authorization.model.Resource; @@ -36,6 +37,7 @@ import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; import java.util.Arrays; @@ -134,6 +136,27 @@ public class ScopeService { return Response.ok(toRepresentation(model, this.authorization)).build(); } + @Path("/search") + @GET + @Produces("application/json") + @NoCache + public Response find(@QueryParam("name") String name) { + this.auth.requireView(); + StoreFactory storeFactory = authorization.getStoreFactory(); + + if (name == null) { + return Response.status(Status.BAD_REQUEST).build(); + } + + Scope model = storeFactory.getScopeStore().findByName(name, this.resourceServer.getId()); + + if (model == null) { + return Response.status(Status.OK).build(); + } + + return Response.ok(toRepresentation(model, authorization)).build(); + } + @GET @Produces("application/json") public Response findAll() { diff --git a/services/src/main/java/org/keycloak/protocol/oidc/installation/KeycloakOIDCClientInstallation.java b/services/src/main/java/org/keycloak/protocol/oidc/installation/KeycloakOIDCClientInstallation.java index a7781debf8..6fda3f0394 100755 --- a/services/src/main/java/org/keycloak/protocol/oidc/installation/KeycloakOIDCClientInstallation.java +++ b/services/src/main/java/org/keycloak/protocol/oidc/installation/KeycloakOIDCClientInstallation.java @@ -156,7 +156,8 @@ public class KeycloakOIDCClientInstallation implements ClientInstallationProvide PolicyEnforcerConfig enforcerConfig = new PolicyEnforcerConfig(); enforcerConfig.setEnforcementMode(null); - enforcerConfig.setPaths(null); + enforcerConfig.setCreateResources(null); + enforcerConfig.setOnlineIntrospection(null); rep.setEnforcerConfig(enforcerConfig); diff --git a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js index 216a5a9681..680cb5b837 100644 --- a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js +++ b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js @@ -107,6 +107,8 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r $scope.scopes = data; }); + var $instance = this; + ResourceServer.get({ realm : $route.current.params.realm, client : client.id @@ -131,9 +133,11 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r }, true); $scope.save = function() { - ResourceServerResource.save({realm : realm.realm, client : $scope.client.id}, $scope.resource, function(data) { - $location.url("/realms/" + realm.realm + "/clients/" + $scope.client.id + "/authz/resource-server/resource/" + data._id); - Notifications.success("The resource has been created."); + $instance.checkNameAvailability(function () { + ResourceServerResource.save({realm : realm.realm, client : $scope.client.id}, $scope.resource, function(data) { + $location.url("/realms/" + realm.realm + "/clients/" + $scope.client.id + "/authz/resource-server/resource/" + data._id); + Notifications.success("The resource has been created."); + }); }); } @@ -153,6 +157,10 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r $scope.resource.scopes[i] = $scope.resource.scopes[i].name; } + data = angular.copy($scope.resource); + + $scope.originalResource = data; + $scope.$watch('resource', function() { if (!angular.equals($scope.resource, data)) { $scope.changed = true; @@ -160,9 +168,11 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r }, true); $scope.save = function() { - ResourceServerResource.update({realm : realm.realm, client : $scope.client.id, rsrid : $scope.resource._id}, $scope.resource, function() { - $route.reload(); - Notifications.success("The resource has been updated."); + $instance.checkNameAvailability(function () { + ResourceServerResource.update({realm : realm.realm, client : $scope.client.id, rsrid : $scope.resource._id}, $scope.resource, function() { + $route.reload(); + Notifications.success("The resource has been updated."); + }); }); } @@ -188,12 +198,30 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r } $scope.reset = function() { - $scope.resource = angular.copy(data); - $scope.changed = false; + $route.reload(); } }); } }); + + $scope.checkNewNameAvailability = function () { + $instance.checkNameAvailability(function () {}); + } + + this.checkNameAvailability = function (onSuccess) { + ResourceServerResource.search({ + realm : $route.current.params.realm, + client : client.id, + rsrid : $route.current.params.rsrid, + name: $scope.resource.name + }, function(data) { + if (data && data._id && data._id != $scope.resource._id) { + Notifications.error("Name already in use by another resource, please choose another one."); + } else { + onSuccess(); + } + }); + } }); module.controller('ResourceServerScopeCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerScope, client) { @@ -216,6 +244,8 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout $scope.realm = realm; $scope.client = client; + var $instance = this; + ResourceServer.get({ realm : $route.current.params.realm, client : client.id @@ -230,7 +260,7 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout var scope = {}; - $scope.resource = angular.copy(scope); + $scope.scope = angular.copy(scope); $scope.$watch('scope', function() { if (!angular.equals($scope.scope, scope)) { @@ -239,9 +269,11 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout }, true); $scope.save = function() { - ResourceServerScope.save({realm : realm.realm, client : $scope.client.id}, $scope.scope, function(data) { - $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/scope/" + data.id); - Notifications.success("The scope has been created."); + $instance.checkNameAvailability(function () { + ResourceServerScope.save({realm : realm.realm, client : $scope.client.id}, $scope.scope, function(data) { + $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/scope/" + data.id); + Notifications.success("The scope has been created."); + }); }); } } else { @@ -259,10 +291,14 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout } }, true); + $scope.originalScope = angular.copy($scope.scope); + $scope.save = function() { - ResourceServerScope.update({realm : realm.realm, client : $scope.client.id, id : $scope.scope.id}, $scope.scope, function() { - $scope.changed = false; - Notifications.success("The scope has been updated."); + $instance.checkNameAvailability(function () { + ResourceServerScope.update({realm : realm.realm, client : $scope.client.id, id : $scope.scope.id}, $scope.scope, function() { + $scope.changed = false; + Notifications.success("The scope has been updated."); + }); }); } @@ -288,12 +324,29 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout } $scope.reset = function() { - $scope.scope = angular.copy(data); - $scope.changed = false; + $route.reload(); } }); } }); + + $scope.checkNewNameAvailability = function () { + $instance.checkNameAvailability(function () {}); + } + + this.checkNameAvailability = function (onSuccess) { + ResourceServerScope.search({ + realm : $route.current.params.realm, + client : client.id, + name: $scope.scope.name + }, function(data) { + if (data && data.id && data.id != $scope.scope.id) { + Notifications.error("Name already in use by another scope, please choose another one."); + } else { + onSuccess(); + } + }); + } }); module.controller('ResourceServerPolicyCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPolicy, PolicyProvider, client) { @@ -845,6 +898,8 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe delegate.onInit(); + var $instance = this; + ResourceServer.get({ realm : $route.current.params.realm, client : client.id @@ -876,17 +931,19 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe }, true); $scope.save = function() { - if (delegate.onCreate) { - delegate.onCreate(); - } - ResourceServerPolicy.save({realm : realm.realm, client : client.id}, $scope.policy, function(data) { - if (delegate.isPermission()) { - $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/permission/" + $scope.policy.type + "/" + data.id); - Notifications.success("The permission has been created."); - } else { - $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/policy/" + $scope.policy.type + "/" + data.id); - Notifications.success("The policy has been created."); + $instance.checkNameAvailability(function () { + if (delegate.onCreate) { + delegate.onCreate(); } + ResourceServerPolicy.save({realm : realm.realm, client : client.id}, $scope.policy, function(data) { + if (delegate.isPermission()) { + $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/permission/" + $scope.policy.type + "/" + data.id); + Notifications.success("The permission has been created."); + } else { + $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/policy/" + $scope.policy.type + "/" + data.id); + Notifications.success("The policy has been created."); + } + }); }); } @@ -903,6 +960,7 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe client : client.id, id : $route.current.params.id, }, function(data) { + $scope.originalPolicy = data; var policy = angular.copy(data); if (delegate.onInitUpdate) { @@ -919,16 +977,18 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe }, true); $scope.save = function() { - if (delegate.onUpdate) { - delegate.onUpdate(); - } - ResourceServerPolicy.update({realm : realm.realm, client : client.id, id : $scope.policy.id}, $scope.policy, function() { - $route.reload(); - if (delegate.isPermission()) { - Notifications.success("The permission has been updated."); - } else { - Notifications.success("The policy has been updated."); + $instance.checkNameAvailability(function () { + if (delegate.onUpdate) { + delegate.onUpdate(); } + ResourceServerPolicy.update({realm : realm.realm, client : client.id, id : $scope.policy.id}, $scope.policy, function() { + $route.reload(); + if (delegate.isPermission()) { + Notifications.success("The permission has been updated."); + } else { + Notifications.success("The policy has been updated."); + } + }); }); } @@ -971,11 +1031,31 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe } } }); + + $scope.checkNewNameAvailability = function () { + $instance.checkNameAvailability(function () {}); + } + + this.checkNameAvailability = function (onSuccess) { + ResourceServerPolicy.search({ + realm: $route.current.params.realm, + client: client.id, + name: $scope.policy.name + }, function(data) { + if (data && data.id && data.id != $scope.policy.id) { + Notifications.error("Name already in use by another policy or permission, please choose another one."); + } else { + onSuccess(); + } + }); + } } return PolicyController; }); + + module.controller('PolicyEvaluateCtrl', function($scope, $http, $route, $location, realm, clients, roles, ResourceServer, client, ResourceServerResource, ResourceServerScope, User, Notifications) { $scope.realm = realm; $scope.client = client; diff --git a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-services.js b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-services.js index e6114309d6..795cf1d735 100644 --- a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-services.js +++ b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-services.js @@ -15,7 +15,8 @@ module.factory('ResourceServerResource', function($resource) { client: '@client', rsrid : '@rsrid' }, { - 'update' : {method : 'PUT'} + 'update' : {method : 'PUT'}, + 'search' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/resource/search', method : 'GET'} }); }); @@ -25,7 +26,8 @@ module.factory('ResourceServerScope', function($resource) { client: '@client', id : '@id' }, { - 'update' : {method : 'PUT'} + 'update' : {method : 'PUT'}, + 'search' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/scope/search', method : 'GET'} }); }); @@ -35,7 +37,8 @@ module.factory('ResourceServerPolicy', function($resource) { client: '@client', id : '@id' }, { - 'update' : {method : 'PUT'} + 'update' : {method : 'PUT'}, + 'search' : {url: authUrl + '/admin/realms/:realm/clients/:client/authz/resource-server/policy/search', method : 'GET'} }); }); diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-resource-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-resource-detail.html index 3d6a7bb09e..a8d45122e0 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-resource-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-resource-detail.html @@ -6,18 +6,18 @@
  • {{:: 'authz-authorization' | translate}}
  • {{:: 'authz-permissions' | translate}}
  • {{:: 'authz-add-resource-permission' | translate}}
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-resource-permission' | translate}}

    -

    {{policy.name|capitalize}}

    +

    {{originalPolicy.name|capitalize}}

    - +
    {{:: 'authz-permission-name.tooltip' | translate}}
    @@ -83,13 +83,9 @@
    -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html index 969a4cc453..3d1660b27e 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html @@ -6,18 +6,18 @@
  • {{:: 'authz-authorization' | translate}}
  • {{:: 'authz-permissions' | translate}}
  • {{:: 'authz-add-scope-permission' | translate}}
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-scope-permission' | translate}}

    -

    {{policy.name|capitalize}}

    +

    {{originalPolicy.name|capitalize}}

    - +
    {{:: 'authz-permission-name.tooltip' | translate}}
    @@ -96,13 +96,9 @@
    -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-aggregate-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-aggregate-detail.html index 4607adbb3c..7888f21897 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-aggregate-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-aggregate-detail.html @@ -7,11 +7,11 @@
  • {{:: 'authz-policies' | translate}}
  • {{:: 'authz-add-aggregated-policy' | translate}}
  • {{:: 'authz-aggregated' | translate}}
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-aggregated-policy' | translate}}

    -

    {{policy.name|capitalize}}{{originalPolicy.name|capitalize}}

    @@ -19,7 +19,7 @@
    - +
    {{:: 'authz-policy-name.tooltip' | translate}}
    @@ -72,13 +72,9 @@ -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-drools-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-drools-detail.html index 8a268f6b59..a121f17255 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-drools-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-drools-detail.html @@ -7,11 +7,11 @@
  • {{:: 'authz-policies' | translate}}
  • {{:: 'authz-add-drools-policy' | translate}}
  • Drools
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-drools-policy' | translate}}

    -

    {{policy.name|capitalize}}{{originalPolicy.name|capitalize}}

    @@ -19,7 +19,7 @@
    - +
    {{:: 'authz-policy-name.tooltip' | translate}}
    @@ -112,13 +112,9 @@ -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-js-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-js-detail.html index 7966ac2d89..fb2fbc49cb 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-js-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-js-detail.html @@ -10,18 +10,18 @@
  • {{:: 'authz-policies' | translate}}
  • {{:: 'authz-add-js-policy' | translate}}
  • JavaScript
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-js-policy' | translate}}

    -

    {{policy.name|capitalize}}

    +

    {{originalPolicy.name|capitalize}}

    - +
    {{:: 'authz-policy-name.tooltip' | translate}}
    @@ -55,13 +55,9 @@
    -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html index 8a178707da..9b0c199d23 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html @@ -25,11 +25,11 @@
  • {{:: 'authz-policies' | translate}}
  • {{:: 'authz-add-role-policy' | translate}}
  • {{:: 'roles' | translate}}
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-role-policy' | translate}}

    -

    {{policy.name|capitalize}}{{originalPolicy.name|capitalize}}

    @@ -37,7 +37,7 @@
    - +
    {{:: 'authz-policy-name.tooltip' | translate}}
    @@ -99,13 +99,9 @@ -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-time-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-time-detail.html index 10468d544e..fc4af74f25 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-time-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-time-detail.html @@ -10,19 +10,19 @@
  • {{:: 'authz-policies' | translate}}
  • {{:: 'authz-add-time-policy' | translate}}
  • {{:: 'time' | translate}}
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-time-policy' | translate}}

    -

    {{policy.name|capitalize}}

    +

    {{originalPolicy.name|capitalize}}

    - +
    {{:: 'authz-policy-name.tooltip' | translate}}
    @@ -65,13 +65,9 @@
    -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html index 977a2ac5fe..6b56f376b8 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html @@ -7,11 +7,11 @@
  • {{:: 'authz-policies' | translate}}
  • {{:: 'authz-add-user-policy' | translate}}
  • {{:: 'user' | translate}}
    • -
  • {{policy.name}}
    • +
  • {{originalPolicy.name}}

    • {{:: 'authz-add-user-policy' | translate}}

    -

    {{policy.name|capitalize}}{{originalPolicy.name|capitalize}}

    @@ -19,7 +19,7 @@
    - +
    {{:: 'authz-policy-name.tooltip' | translate}}
    @@ -80,13 +80,9 @@ -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-detail.html index f7d148288c..1110043a18 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-detail.html @@ -43,13 +43,9 @@
    {{:: 'authz-remote-resource-management.tooltip' | translate}}
    -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-resource-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-resource-detail.html index be105f811a..f61c6e9df8 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-resource-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-resource-detail.html @@ -6,11 +6,11 @@
  • {{:: 'authz-authorization' | translate}}
  • {{:: 'authz-resource' | translate}}
  • {{:: 'authz-add-resource' | translate}}
    • -
  • {{resource.name}}
    • +
  • {{originalResource.name}}

    • {{:: 'authz-add-resource' | translate}}

    -

    {{resource.name|capitalize}}{{originalResource.name|capitalize}}

    @@ -18,7 +18,7 @@
    - +
    {{:: 'authz-resource-name.tooltip' | translate}}
    @@ -63,13 +63,9 @@
    -
    -
    +
    +
    - -
    -
    -
    diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-scope-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-scope-detail.html index 2af5bf3de1..fac9c9c7e1 100644 --- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-scope-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/resource-server-scope-detail.html @@ -6,11 +6,11 @@
  • {{:: 'authz-authorization' | translate}}
  • {{:: 'authz-scope' | translate}}
  • {{:: 'authz-add-scope' | translate}}
    • -
  • {{scope.name}}
    • +
  • {{originalScope.name}}

    • {{:: 'authz-add-scope' | translate}}

    -

    {{scope.name|capitalize}}{{originalScope.name|capitalize}}

    @@ -18,7 +18,7 @@
    - +
    {{:: 'authz-scope-name.tooltip' | translate}}
    @@ -31,13 +31,9 @@
    -
    -
    +
    +
    - -
    -
    -