From 7ba8e09aef74033bb2f9d35a211f533d549ca033 Mon Sep 17 00:00:00 2001 From: Bill Burke Date: Wed, 14 May 2014 14:50:11 -0400 Subject: [PATCH] improved scope screen --- .../resources/js/controllers/applications.js | 90 ++++++++++++++++++- .../base/resources/js/controllers/users.js | 2 + .../theme/admin/base/resources/js/services.js | 30 +++++++ .../partials/application-scope-mappings.html | 22 +++++ .../resources/admin/ScopeMappedResource.java | 75 +++++++++++++++- 5 files changed, 215 insertions(+), 4 deletions(-) diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js index 323c06788d..9f7615d9c1 100755 --- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js +++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js @@ -329,18 +329,22 @@ module.controller('ApplicationDetailCtrl', function($scope, realm, application, }); -module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, application, roles, applications, ApplicationRealmScopeMapping, ApplicationApplicationScopeMapping, ApplicationRole) { +module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, application, applications, + ApplicationRealmScopeMapping, ApplicationApplicationScopeMapping, ApplicationRole, + ApplicationAvailableRealmScopeMapping, ApplicationAvailableApplicationScopeMapping, + ApplicationCompositeRealmScopeMapping, ApplicationCompositeApplicationScopeMapping) { $scope.realm = realm; $scope.application = application; - $scope.realmRoles = angular.copy(roles); $scope.selectedRealmRoles = []; $scope.selectedRealmMappings = []; $scope.realmMappings = []; $scope.applications = applications; $scope.applicationRoles = []; + $scope.applicationComposite = []; $scope.selectedApplicationRoles = []; $scope.selectedApplicationMappings = []; $scope.applicationMappings = []; + $scope.dummymodel = []; @@ -447,6 +451,88 @@ module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, } }; + $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name}); + + $scope.addRealmRole = function() { + $http.post(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/realm', + $scope.selectedRealmRoles).success(function() { + $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.selectedRealmMappings = []; + $scope.selectRealmRoles = []; + if ($scope.targetApp) { + console.log('load available'); + $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.selectedApplicationRoles = []; + $scope.selectedApplicationMappings = []; + } + }); + }; + + $scope.deleteRealmRole = function() { + $http.delete(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/realm', + {data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() { + $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name}); + $scope.selectedRealmMappings = []; + $scope.selectRealmRoles = []; + if ($scope.targetApp) { + console.log('load available'); + $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.selectedApplicationRoles = []; + $scope.selectedApplicationMappings = []; + } + }); + }; + + $scope.addApplicationRole = function() { + $http.post(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/applications/' + $scope.targetApp.name, + $scope.selectedApplicationRoles).success(function() { + $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}); + $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}); + $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}); + $scope.selectedApplicationRoles = []; + $scope.selectedApplicationMappings = []; + }); + }; + + $scope.deleteApplicationRole = function() { + $http.delete(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/applications/' + $scope.targetApp.name, + {data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() { + $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}); + $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}); + $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}); + $scope.selectedApplicationRoles = []; + $scope.selectedApplicationMappings = []; + }); + }; + + + $scope.changeApplication = function() { + console.log('changeApplication'); + if ($scope.targetApp) { + console.log('load available'); + $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name}); + } else { + $scope.applicationRoles = null; + $scope.applicationMappings = null; + $scope.applicationComposite = null; + } + $scope.selectedApplicationRoles = []; + $scope.selectedApplicationMappings = []; + }; + + }); diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js index ac886e1192..ee05261fe5 100755 --- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js +++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js @@ -88,6 +88,8 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, ap $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}); } else { $scope.applicationRoles = null; + $scope.applicationMappings = null; + $scope.applicationComposite = null; } $scope.selectedApplicationRoles = []; $scope.selectedApplicationMappings = []; diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js index eaa77bb295..6d33070147 100755 --- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js +++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js @@ -282,6 +282,20 @@ module.factory('ApplicationRealmScopeMapping', function($resource) { }); }); +module.factory('ApplicationAvailableRealmScopeMapping', function($resource) { + return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/realm/available', { + realm : '@realm', + application : '@application' + }); +}); + +module.factory('ApplicationCompositeRealmScopeMapping', function($resource) { + return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/realm/composite', { + realm : '@realm', + application : '@application' + }); +}); + module.factory('ApplicationApplicationScopeMapping', function($resource) { return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp', { realm : '@realm', @@ -290,6 +304,22 @@ module.factory('ApplicationApplicationScopeMapping', function($resource) { }); }); +module.factory('ApplicationAvailableApplicationScopeMapping', function($resource) { + return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp/available', { + realm : '@realm', + application : '@application', + targetApp : '@targetApp' + }); +}); + +module.factory('ApplicationCompositeApplicationScopeMapping', function($resource) { + return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp/composite', { + realm : '@realm', + application : '@application', + targetApp : '@targetApp' + }); +}); + module.factory('RealmRoles', function($resource) { diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html index d8f3f5f554..de2e30d2db 100755 --- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html +++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html @@ -49,6 +49,17 @@ ng-model="selectedRealmMappings" ng-options="r.name for r in realmMappings"> +
+ - +
+ +
+ +
@@ -94,6 +105,17 @@ ng-options="r.name for r in applicationMappings"> +
+ - +
+
+ + +
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java index 549f1546ad..38d627635b 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java @@ -52,7 +52,6 @@ public class ScopeMappedResource { MappingsRepresentation all = new MappingsRepresentation(); Set realmMappings = realm.getRealmScopeMappings(client); - RealmManager manager = new RealmManager(session); if (realmMappings.size() > 0) { List realmRep = new ArrayList(); for (RoleModel roleModel : realmMappings) { @@ -92,13 +91,51 @@ public class ScopeMappedResource { Set realmMappings = realm.getRealmScopeMappings(client); List realmMappingsRep = new ArrayList(); - RealmManager manager = new RealmManager(session); for (RoleModel roleModel : realmMappings) { realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel)); } return realmMappingsRep; } + @Path("realm/available") + @GET + @Produces("application/json") + @NoCache + public List getAvailableRealmScopeMappings() { + auth.requireView(); + + Set roles = realm.getRoles(); + return getAvailable(roles); + } + + private List getAvailable(Set roles) { + List available = new ArrayList(); + for (RoleModel roleModel : roles) { + if (realm.hasScope(client, roleModel)) continue; + available.add(ModelToRepresentation.toRepresentation(roleModel)); + } + return available; + } + + @Path("realm/composite") + @GET + @Produces("application/json") + @NoCache + public List getCompositeRealmScopeMappings() { + auth.requireView(); + + Set roles = realm.getRoles(); + return getComposite(roles); + } + + private List getComposite(Set roles) { + List composite = new ArrayList(); + for (RoleModel roleModel : roles) { + if (realm.hasScope(client, roleModel)) composite.add(ModelToRepresentation.toRepresentation(roleModel)); + } + return composite; + } + @Path("realm") @POST @Consumes("application/json") @@ -160,6 +197,40 @@ public class ScopeMappedResource { return mapRep; } + @Path("applications/{app}/available") + @GET + @Produces("application/json") + @NoCache + public List getAvailableApplicationScopeMappings(@PathParam("app") String appName) { + auth.requireView(); + + ApplicationModel app = realm.getApplicationByName(appName); + + if (app == null) { + throw new NotFoundException("Role not found"); + } + + Set roles = app.getRoles(); + return getAvailable(roles); + } + + @Path("applications/{app}/composite") + @GET + @Produces("application/json") + @NoCache + public List getCompositeApplicationScopeMappings(@PathParam("app") String appName) { + auth.requireView(); + + ApplicationModel app = realm.getApplicationByName(appName); + + if (app == null) { + throw new NotFoundException("Role not found"); + } + + Set roles = app.getRoles(); + return getComposite(roles); + } + @Path("applications/{app}") @POST @Consumes("application/json")