libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Merge pull request #42 from patriot1burke/master

Browse source 
application role mappings
This commit is contained in:
Bill Burke 2013-09-26 16:43:52 -07:00
commit 8559e599e1
5 changed files with 112 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/app.js
View file

@ -59,6 +59,9 @@ module.config([ '$routeProvider', function($routeProvider) {
user : function(UserLoader) {
return UserLoader();
},
applications : function(ApplicationListLoader) {
return ApplicationListLoader();
},
roles : function(RoleListLoader) {
return RoleListLoader();
}

65
examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js
View file

@ -198,13 +198,20 @@ Array.prototype.remove = function(from, to) {
return this.push.apply(this, rest);
};
module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, roles, RealmRoleMapping) {
module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, roles, applications, RealmRoleMapping, ApplicationRoleMapping, ApplicationRole) {
$scope.realm = realm;
$scope.user = user;
$scope.realmRoles = angular.copy(roles);
$scope.selectedRealmRoles = [];
$scope.selectedRealmMappings = [];
$scope.realmMappings = [];
$scope.applications = applications;
$scope.applicationRoles = [];
$scope.selectedApplicationRoles = [];
$scope.selectedApplicationMappings = [];
$scope.applicationMappings = [];
$scope.realmMappings = RealmRoleMapping.query({realm : realm.id, userId : user.username}, function(){
for (var i = 0; i < $scope.realmMappings.length; i++) {
@ -238,7 +245,6 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, ro
};
$scope.deleteRealmRole = function() {
console.log('deleteRealmRole');
$http.delete('/auth-server/rest/saas/admin/realms/' + realm.id + '/users/' + user.username + '/role-mappings/realm',
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
for (var i = 0; i < $scope.selectedRealmMappings.length; i++) {
@ -253,6 +259,59 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, ro
});
};
$scope.addApplicationRole = function() {
$http.post('/auth-server/rest/saas/admin/realms/' + realm.id + '/users/' + user.username + '/role-mappings/applications/' + $scope.application.id,
$scope.selectedApplicationRoles).success(function() {
for (var i = 0; i < $scope.selectedApplicationRoles.length; i++) {
var role = $scope.selectedApplicationRoles[i];
var idx = $scope.applicationRoles.indexOf($scope.selectedApplicationRoles[i]);
if (idx != -1) {
$scope.applicationRoles.splice(idx, 1);
$scope.applicationMappings.push(role);
}
}
$scope.selectedApplicationRoles = [];
});
};
$scope.deleteApplicationRole = function() {
$http.delete('/auth-server/rest/saas/admin/realms/' + realm.id + '/users/' + user.username + '/role-mappings/applications/' + $scope.application.id,
{data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() {
for (var i = 0; i < $scope.selectedApplicationMappings.length; i++) {
var role = $scope.selectedApplicationMappings[i];
var idx = $scope.applicationMappings.indexOf($scope.selectedApplicationMappings[i]);
if (idx != -1) {
$scope.applicationMappings.splice(idx, 1);
$scope.applicationRoles.push(role);
}
}
$scope.selectedApplicationMappings = [];
});
};
$scope.changeApplication = function() {
$scope.applicationRoles = ApplicationRole.query({realm : realm.id, userId : user.username, application : $scope.application.id}, function() {
$scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.id, userId : user.username, application : $scope.application.id}, function(){
for (var i = 0; i < $scope.applicationMappings.length; i++) {
var role = $scope.applicationMappings[i];
for (var j = 0; j < $scope.applicationRoles.length; j++) {
var realmRole = $scope.applicationRoles[j];
if (realmRole.id == role.id) {
var idx = $scope.applicationRoles.indexOf(realmRole);
if (idx != -1) {
$scope.applicationRoles.splice(idx, 1);
break;
}
}
}
}
});
}
);
};
});
@ -372,7 +431,7 @@ module.controller('ApplicationRoleDetailCtrl', function($scope, realm, applicati
var l = headers().location;
var id = l.substring(l.lastIndexOf("/") + 1);
$location.url("/realms/" + realm.id + "/roles/" + id);
$location.url("/realms/" + realm.id + "/applications/" + application.id + "/roles/" + id);
Notifications.success("Created role");
});

10
examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js
View file

@ -111,6 +111,16 @@ module.factory('RealmRoleMapping', function($resource) {
});
});
module.factory('ApplicationRoleMapping', function($resource) {
return $resource('/auth-server/rest/saas/admin/realms/:realm/users/:userId/role-mappings/applications/:application', {
realm : '@realm',
userId : '@userId',
application : "@application"
});
});
module.factory('RealmRoles', function($resource) {
return $resource('/auth-server/rest/saas/admin/realms/:realm/roles', {
realm : '@realm'

43
examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/role-mappings.html
View file

@ -6,13 +6,13 @@
<ul class="rcue-tabs" >
<li><a href="#/create/user/{{realm.id}}">New User</a></li>
<li><a href="#/realms/{{realm.id}}/users">Query Users</a></li>
<li><a href="#/realms/{{realm.id}}/users/{{user.username}}">Attributes</a></li>
<li><a href="#">Credentials</a></li>
<li class="active"><a href="#">Role Mappings</a></li>
<li><a href="#/realms/{{realm.id}}/users/{{user.username}}">{{user.username}} Attributes</a></li>
<li><a href="#">{{user.username}} Credentials</a></li>
<li class="active"><a href="#">{{user.username}} Role Mappings</a></li>
</ul>
</div>
<div id="content">
<h2 class="pull-left">Role Mappings: <span>{{realm.realm}}</span></h2>
<h2 class="pull-left">User Role Mappings for <span>{{user.username}}</span></h2>
<p class="subtitle"></p>
<form name="realmForm" novalidate>
<fieldset>
@ -34,23 +34,30 @@
</div>
</div>
</fieldset>
<fieldset>
<fieldset ng-show="applications.length > 0">
<legend collapsed><span class="text">Application Roles</span> </legend>
<div class="form-group">
<div class="form-group input-select">
<label for="applications">Application: </label>
<div class="input-group">
<div class="select-rcue">
<select id="applications" name="applications" ng-change="changeApplication()" ng-model="application" ng-options="a.name for a in applications">
</select>
</div>
</div>
</div>
<div class="form-group" ng-show="application">
<div class="controls">
<select multiple size=5>
<option value="role1">role1</option>
<option value="role2">role2</option>
<option value="role3">role3</option>
<option value="role4">role4</option>
<select multiple size="5"
ng-multiple="true"
ng-model="selectedApplicationRoles"
ng-options="r.name for r in applicationRoles">
</select>
<button type="submit">---&gt;</button>
<button type="submit">&lt;---</button>
<select multiple size=5>
<option value="role1">role1</option>
<option disabled="disabled" value="role2">role2</option>
<option value="role3">role3</option>
<option value="role4">role4</option>
<button type="submit" ng-click="addApplicationRole()">---&gt;</button>
<button type="submit" ng-click="deleteApplicationRole()">&lt;---</button>
<select multiple size=5
ng-multiple="true"
ng-model="selectedApplicationMappings"
ng-options="r.name for r in applicationMappings">
</select>
</div>
</div>

14
services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
View file

@ -244,6 +244,8 @@ public class UsersResource {
@Produces("application/json")
@NoCache
public List<RoleRepresentation> getApplicationRoleMappings(@PathParam("username") String username, @PathParam("appId") String appId) {
logger.info("getApplicationRoleMappings");
UserModel user = realm.getUser(username);
if (user == null) {
throw new NotFoundException();
@ -258,10 +260,10 @@ public class UsersResource {
ApplicationRoleMappings rep = new ApplicationRoleMappings();
List<RoleModel> mappings = application.getRoleMappings(user);
List<RoleRepresentation> mapRep = new ArrayList<RoleRepresentation>();
RealmManager manager = new RealmManager(session);
for (RoleModel roleModel : mappings) {
mapRep.add(manager.toRepresentation(roleModel));
mapRep.add(RealmManager.toRepresentation(roleModel));
}
logger.info("getApplicationRoleMappings.size() = " + mapRep.size());
return mapRep;
}
@ -269,6 +271,7 @@ public class UsersResource {
@POST
@Consumes("application/json")
public void addApplicationRoleMapping(@PathParam("username") String username, @PathParam("appId") String appId, List<RoleRepresentation> roles) {
logger.info("addApplicationRoleMapping");
UserModel user = realm.getUser(username);
if (user == null) {
throw new NotFoundException();
@ -280,6 +283,13 @@ public class UsersResource {
throw new NotFoundException();
}
for (RoleRepresentation role : roles) {
RoleModel roleModel = application.getRoleById(role.getId());
if (roleModel == null) {
throw new NotFoundException();
}
application.grantRole(user, roleModel);
}
}