libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

role mapping working

Browse source
This commit is contained in:
mfrances 2021-06-02 17:20:38 -04:00
parent b9c38e811e
commit 7edc76a079
3 changed files with 106 additions and 92 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

109
src/components/role-mapping/AddRoleMappingModal.tsx
View file

@ -23,12 +23,12 @@ import { FilterIcon } from "@patternfly/react-icons";
import { Row, ServiceRole } from "./RoleMapping";
import type RoleRepresentation from "keycloak-admin/lib/defs/roleRepresentation";
export type MappingType = "service-account" | "client-scope";
export type MappingType = "service-account" | "client-scope" | "user-fed";
type AddRoleMappingModalProps = {
id: string;
type: MappingType;
name: string;
name?: string;
isRadio?: boolean;
onAssign: (rows: Row[]) => void;
onClose: () => void;
@ -69,32 +69,29 @@ export const AddRoleMappingModal = ({
await Promise.all(
clients.map(async (client) => {
let roles: RoleRepresentation[] = [];
if (type === "service-account") {
roles = await adminClient.users.listAvailableClientRoleMappings({
id: id,
clientUniqueId: client.id!,
});
} else if (type === "client-scope") {
roles = await adminClient.clientScopes.listAvailableClientScopeMappings(
{
id,
client: client.id!,
}
);
switch (type) {
case "service-account":
roles = await adminClient.users.listAvailableClientRoleMappings(
{
id: id,
clientUniqueId: client.id!,
}
);
break;
case "client-scope":
roles = await adminClient.clientScopes.listAvailableClientScopeMappings(
{
id,
client: client.id!,
}
);
break;
case "user-fed":
roles = await adminClient.roles.find();
break;
}
// MF 052021 TODOs:
// change if/elses to switches
// add a type for user-federation that pulls in all roles
// make id optional
// adminClient.roles.find
// roles = await adminClient.clients.listRoles(
// {
//
// id: client.id!
// }
return {
roles,
client,
@ -133,15 +130,25 @@ export const AddRoleMappingModal = ({
}
let availableRoles: RoleRepresentation[] = [];
if (type === "service-account") {
availableRoles = await adminClient.users.listAvailableRealmRoleMappings({
id,
});
} else if (type === "client-scope") {
availableRoles = await adminClient.clientScopes.listAvailableRealmScopeMappings(
{ id }
);
switch (type) {
case "service-account":
availableRoles = await adminClient.users.listAvailableRealmRoleMappings(
{
id,
}
);
break;
case "client-scope":
availableRoles = await adminClient.clientScopes.listAvailableRealmScopeMappings(
{ id }
);
break;
case "user-fed":
availableRoles = await adminClient.roles.find();
break;
}
const realmRoles = availableRoles.map((role) => {
return {
role,
@ -158,18 +165,28 @@ export const AddRoleMappingModal = ({
await Promise.all(
allClients.map(async (client) => {
let clientAvailableRoles: RoleRepresentation[] = [];
if (type === "service-account") {
clientAvailableRoles = await adminClient.users.listAvailableClientRoleMappings(
{
id,
clientUniqueId: client.id!,
}
);
} else if (type === "client-scope") {
clientAvailableRoles = await adminClient.clientScopes.listAvailableClientScopeMappings(
{ id, client: client.id! }
);
switch (type) {
case "service-account":
clientAvailableRoles = await adminClient.users.listAvailableClientRoleMappings(
{
id,
clientUniqueId: client.id!,
}
);
break;
case "client-scope":
clientAvailableRoles = await adminClient.clientScopes.listAvailableClientScopeMappings(
{ id, client: client.id! }
);
break;
case "user-fed":
clientAvailableRoles = await adminClient.clients.listRoles({
id: client.id!,
});
break;
}
return clientAvailableRoles.map((role) => {
return {
role,

80
src/components/role-mapping/RoleMapping.tsx
View file

@ -19,7 +19,6 @@ import "./role-mapping.css";
import { useConfirmDialog } from "../confirm-dialog/ConfirmDialog";
import { useAdminClient } from "../../context/auth/AdminClient";
import { useAlerts } from "../alert/Alerts";
import _ from "lodash";
export type CompositeRole = RoleRepresentation & {
parent: RoleRepresentation;
@ -85,46 +84,49 @@ export const RoleMapping = ({
continueButtonVariant: ButtonVariant.danger,
onConfirm: async () => {
try {
if (type === "service-account") {
await Promise.all(
selected.map((row) => {
const role = { id: row.role.id!, name: row.role.name! };
if (row.client) {
return adminClient.users.delClientRoleMappings({
id,
clientUniqueId: row.client!.id!,
roles: [role],
});
} else {
return adminClient.users.delRealmRoleMappings({
id,
roles: [role],
});
}
})
);
} else if (type === "client-scope") {
await Promise.all(
selected.map((row) => {
const role = { id: row.role.id!, name: row.role.name! };
if (row.client) {
return adminClient.clientScopes.delClientScopeMappings(
{
switch (type) {
case "service-account":
await Promise.all(
selected.map((row) => {
const role = { id: row.role.id!, name: row.role.name! };
if (row.client) {
return adminClient.users.delClientRoleMappings({
id,
client: row.client!.id!,
},
[role]
);
} else {
return adminClient.clientScopes.delRealmScopeMappings(
{
clientUniqueId: row.client!.id!,
roles: [role],
});
} else {
return adminClient.users.delRealmRoleMappings({
id,
},
[role]
);
}
})
);
roles: [role],
});
}
})
);
break;
case "client-scope":
await Promise.all(
selected.map((row) => {
const role = { id: row.role.id!, name: row.role.name! };
if (row.client) {
return adminClient.clientScopes.delClientScopeMappings(
{
id,
client: row.client!.id!,
},
[role]
);
} else {
return adminClient.clientScopes.delRealmScopeMappings(
{
id,
},
[role]
);
}
})
);
break;
}
addAlert(t("clientScopeRemoveSuccess"), AlertVariant.success);
refresh();

9
src/user-federation/ldap/mappers/LdapMapperHardcodedLdapRole.tsx
View file

@ -43,14 +43,9 @@ export const LdapMapperHardcodedLdapRole = ({
return (
<>
{showAssign && (
// MF 042921 hardcoded for now, to see modal displayed
<AddRoleMappingModal
id="1a85c63a-99bd-4d16-9924-b38b8f7cceaf" // this is the ID for client-scopes > marks-client-scope
type="client-scope"
name="name"
// id={id}
// type={type}
// name={name}
id=""
type="user-fed"
onAssign={selectRoles}
isRadio={true}
onClose={() => setShowAssign(false)}