[KEYCLOAK-4650] - Adding scope filter and fixing cancel buttons

This commit is contained in:
Pedro Igor 2017-03-29 12:59:23 -03:00
parent 33a0dc880f
commit 838a045239
4 changed files with 45 additions and 14 deletions

View file

@ -21,6 +21,7 @@ import static org.keycloak.models.utils.ModelToRepresentation.toRepresentation;
import static org.keycloak.models.utils.RepresentationToModel.toModel;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
@ -48,9 +49,9 @@ import org.keycloak.authorization.policy.provider.PolicyProviderAdminService;
import org.keycloak.authorization.policy.provider.PolicyProviderFactory;
import org.keycloak.authorization.store.PolicyStore;
import org.keycloak.authorization.store.ResourceStore;
import org.keycloak.authorization.store.ScopeStore;
import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.models.Constants;
import org.keycloak.models.utils.ModelToRepresentation;
import org.keycloak.representations.idm.authorization.PolicyProviderRepresentation;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
@ -299,6 +300,7 @@ public class PolicyService {
@QueryParam("name") String name,
@QueryParam("type") String type,
@QueryParam("resource") String resource,
@QueryParam("scope") String scope,
@QueryParam("permission") Boolean permission,
@QueryParam("first") Integer firstResult,
@QueryParam("max") Integer maxResult) {
@ -319,27 +321,40 @@ public class PolicyService {
}
StoreFactory storeFactory = authorization.getStoreFactory();
PolicyStore policyStore = storeFactory.getPolicyStore();
if (resource != null && !"".equals(resource.trim())) {
if (resource != null || scope != null) {
List<Policy> policies = new ArrayList<>();
if (resource != null && !"".equals(resource.trim())) {
HashMap<String, String[]> resourceSearch = new HashMap<>();
resourceSearch.put("name", new String[]{resource});
ResourceStore resourceStore = storeFactory.getResourceStore();
resourceStore.findByResourceServer(resourceSearch, resourceServer.getId(), -1, -1).forEach(resource1 -> {
policyStore.findByResource(resource1.getId(), resourceServer.getId()).forEach(policyRepresentation -> {
Policy associated = policyStore.findById(policyRepresentation.getId(), resourceServer.getId());
policies.add(associated);
findAssociatedPolicies(associated, policies);
storeFactory.getResourceStore().findByResourceServer(resourceSearch, resourceServer.getId(), -1, 1).forEach(resource1 -> {
policies.addAll(policyStore.findByResource(resource1.getId(), resourceServer.getId()));
if (resource1.getType() != null) {
policies.addAll(policyStore.findByResourceType(resource1.getType(), resourceServer.getId()));
}
});
}
if (scope != null && !"".equals(scope.trim())) {
HashMap<String, String[]> scopeSearch = new HashMap<>();
scopeSearch.put("name", new String[]{scope});
storeFactory.getScopeStore().findByResourceServer(scopeSearch, resourceServer.getId(), -1, 1).forEach(scope1 -> {
policies.addAll(policyStore.findByScopeIds(Arrays.asList(scope1.getId()), resourceServer.getId()));
});
}
if (policies.isEmpty()) {
return Response.ok(Collections.emptyList()).build();
}
new ArrayList<>(policies).forEach(policy -> findAssociatedPolicies(policy, policies));
search.put("id", policies.stream().map(Policy::getId).toArray(String[]::new));
}

View file

@ -245,7 +245,7 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r
});
}
$scope.cancel = function() {
$scope.reset = function() {
$location.url("/realms/" + realm.realm + "/clients/" + $scope.client.id + "/authz/resource-server/resource/");
}
} else {
@ -465,6 +465,10 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout
});
});
}
$scope.reset = function() {
$location.url("/realms/" + realm.realm + "/clients/" + $scope.client.id + "/authz/resource-server/scope/");
}
} else {
ResourceServerScope.get({
realm : $route.current.params.realm,
@ -1807,7 +1811,7 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe
});
}
$scope.cancel = function() {
$scope.reset = function() {
if (delegate.isPermission()) {
$location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/permission/");
} else {

View file

@ -28,6 +28,12 @@
<i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
</div>
</div>
<div class="input-group">
<input type="text" placeholder="{{:: 'authz-scope' | translate}}" data-ng-model="query.scope" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
<div class="input-group-addon">
<i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
</div>
</div>
<div class="input-group">
<select class="form-control search" data-ng-model="query.type"
ng-options="p.type as p.name group by p.group for p in policyProviders track by p.type" data-ng-change="firstPage()">

View file

@ -28,6 +28,12 @@
<i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
</div>
</div>
<div class="input-group">
<input type="text" placeholder="{{:: 'authz-scope' | translate}}" data-ng-model="query.scope" class="form-control search" onkeydown="if (event.keyCode == 13) document.getElementById('policySearch').click()">
<div class="input-group-addon">
<i class="fa fa-search" type="submit" data-ng-click="firstPage()"></i>
</div>
</div>
<div class="input-group">
<select class="form-control search" data-ng-model="query.type"
ng-options="p.type as p.name for p in policyProviders track by p.type" data-ng-change="firstPage()">