role mappings
This commit is contained in:
Bill Burke
parent
27fe017b6c
commit
aae3a0ffee
6 changed files with 123 additions and 120 deletions
|
|
@ -58,9 +58,12 @@ module.config([ '$routeProvider', function($routeProvider) {
|
|||
},
|
||||
user : function(UserLoader) {
|
||||
return UserLoader();
|
||||
},
|
||||
roles : function(RoleListLoader) {
|
||||
return RoleListLoader();
|
||||
}
|
||||
},
|
||||
controller : 'UserDetailCtrl'
|
||||
controller : 'UserRoleMappingCtrl'
|
||||
}).when('/realms/:realm/users', {
|
||||
templateUrl : 'partials/user-list.html',
|
||||
resolve : {
|
||||
|
|
|
|||
|
|
@ -192,6 +192,71 @@ module.controller('UserListCtrl', function($scope, realm, User) {
|
|||
};
|
||||
});
|
||||
|
||||
Array.prototype.remove = function(from, to) {
|
||||
var rest = this.slice((to || from) + 1 || this.length);
|
||||
this.length = from < 0 ? this.length + from : from;
|
||||
return this.push.apply(this, rest);
|
||||
};
|
||||
|
||||
module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, roles, RealmRoleMapping) {
|
||||
$scope.realm = realm;
|
||||
$scope.user = user;
|
||||
$scope.realmRoles = angular.copy(roles);
|
||||
$scope.selectedRealmRoles = [];
|
||||
$scope.selectedRealmMappings = [];
|
||||
$scope.realmMappings = [];
|
||||
|
||||
$scope.realmMappings = RealmRoleMapping.query({realm : realm.id, userId : user.username}, function(){
|
||||
for (var i = 0; i < $scope.realmMappings.length; i++) {
|
||||
var role = $scope.realmMappings[i];
|
||||
for (var j = 0; j < $scope.realmRoles.length; j++) {
|
||||
var realmRole = $scope.realmRoles[j];
|
||||
if (realmRole.id == role.id) {
|
||||
var idx = $scope.realmRoles.indexOf(realmRole);
|
||||
if (idx != -1) {
|
||||
$scope.realmRoles.splice(idx, 1);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
$scope.addRealmRole = function() {
|
||||
$http.post('/auth-server/rest/saas/admin/realms/' + realm.id + '/users/' + user.username + '/role-mappings/realm',
|
||||
$scope.selectedRealmRoles).success(function() {
|
||||
for (var i = 0; i < $scope.selectedRealmRoles.length; i++) {
|
||||
var role = $scope.selectedRealmRoles[i];
|
||||
var idx = $scope.realmRoles.indexOf($scope.selectedRealmRoles[i]);
|
||||
if (idx != -1) {
|
||||
$scope.realmRoles.splice(idx, 1);
|
||||
$scope.realmMappings.push(role);
|
||||
}
|
||||
}
|
||||
$scope.selectRealmRoles = [];
|
||||
});
|
||||
};
|
||||
|
||||
$scope.deleteRealmRole = function() {
|
||||
console.log('deleteRealmRole');
|
||||
$http.delete('/auth-server/rest/saas/admin/realms/' + realm.id + '/users/' + user.username + '/role-mappings/realm',
|
||||
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
|
||||
for (var i = 0; i < $scope.selectedRealmMappings.length; i++) {
|
||||
var role = $scope.selectedRealmMappings[i];
|
||||
var idx = $scope.realmMappings.indexOf($scope.selectedRealmMappings[i]);
|
||||
if (idx != -1) {
|
||||
$scope.realmMappings.splice(idx, 1);
|
||||
$scope.realmRoles.push(role);
|
||||
}
|
||||
}
|
||||
$scope.selectedRealmMappings = [];
|
||||
});
|
||||
};
|
||||
|
||||
|
||||
|
||||
});
|
||||
|
||||
module.controller('UserDetailCtrl', function($scope, realm, user, User, $location, Dialog, Notifications) {
|
||||
$scope.realm = realm;
|
||||
$scope.user = angular.copy(user);
|
||||
|
|
|
|||
|
|
@ -83,10 +83,6 @@ module.factory('Notifications', function($rootScope, $timeout) {
|
|||
return notifications;
|
||||
});
|
||||
|
||||
module.factory('Provider', function($resource) {
|
||||
return $resource('/ejs-identity/api/admin/providers');
|
||||
});
|
||||
|
||||
module.factory('Realm', function($resource) {
|
||||
return $resource('/auth-server/rest/saas/admin/realms/:id', {
|
||||
id : '@id'
|
||||
|
|
@ -97,18 +93,6 @@ module.factory('Realm', function($resource) {
|
|||
});
|
||||
});
|
||||
|
||||
module.factory('RoleMapping', function($resource) {
|
||||
return $resource('/keycloak-server/ui/api/roles/:realm/:role/:userId', {
|
||||
realm : '@realm',
|
||||
role : '@role',
|
||||
userId : '@userId'
|
||||
}, {
|
||||
save : {
|
||||
method : 'PUT'
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('User', function($resource) {
|
||||
return $resource('/auth-server/rest/saas/admin/realms/:realm/users/:userId', {
|
||||
realm : '@realm',
|
||||
|
|
@ -120,6 +104,21 @@ module.factory('User', function($resource) {
|
|||
});
|
||||
});
|
||||
|
||||
module.factory('RealmRoleMapping', function($resource) {
|
||||
return $resource('/auth-server/rest/saas/admin/realms/:realm/users/:userId/role-mappings/realm', {
|
||||
realm : '@realm',
|
||||
userId : '@userId'
|
||||
});
|
||||
});
|
||||
|
||||
module.factory('RealmRoles', function($resource) {
|
||||
return $resource('/auth-server/rest/saas/admin/realms/:realm/roles', {
|
||||
realm : '@realm'
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
|
||||
module.factory('Role', function($resource) {
|
||||
return $resource('/auth-server/rest/saas/admin/realms/:realm/roles/:roleId', {
|
||||
realm : '@realm',
|
||||
|
|
|
|||
|
|
@ -1,50 +0,0 @@
|
|||
<div id="wrapper" class="container">
|
||||
<div class="row">
|
||||
<aside class="span3" data-ng-include data-src="'partials/' + path[0].slice(0, -1) + '-menu.html'"></aside>
|
||||
|
||||
<div id="actions-bg"></div>
|
||||
|
||||
<div id="container-right" class="span9">
|
||||
<h1>
|
||||
<span class="gray" data-ng-hide="create">{{realm.name}}</span> role mapping
|
||||
</h1>
|
||||
|
||||
<ul class="nav nav-tabs">
|
||||
<li data-ng-class="path[3] == r && 'active'" data-ng-repeat="r in (realm.roles|orderBy:'toString()')"><a
|
||||
href="#/{{path[0]}}/{{realm.id}}/roles/{{r}}">{{r}}</a></li>
|
||||
</ul>
|
||||
|
||||
<div data-ng-show="role">
|
||||
<select style="width: auto;" id="realm" name="realm" data-ng-model="newUser" data-ng-click="addUser(u)">
|
||||
<option data-ng-repeat="u in (allUsers|remove:users:'userId')" value="{{u.userId}}">{{u.userId}}
|
||||
</option>
|
||||
</select>
|
||||
|
||||
<table class="table table-striped table-bordered">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Username</th>
|
||||
<th>Firstname</th>
|
||||
<th>Lastname</th>
|
||||
<th>Email</th>
|
||||
<th></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tr data-ng-repeat="user in users">
|
||||
<td>{{user.userId}}</td>
|
||||
<td>{{user.firstName}}</td>
|
||||
<td>{{user.lastName}}</td>
|
||||
<td>{{user.email}}</td>
|
||||
<td>
|
||||
<button data-ng-click="removeUser(user.userId)">
|
||||
<i class="icon-remove"></i>
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div id="container-right-bg"></div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -6,7 +6,7 @@
|
|||
<ul class="rcue-tabs" >
|
||||
<li><a href="#/create/user/{{realm.id}}">New User</a></li>
|
||||
<li><a href="#/realms/{{realm.id}}/users">Query Users</a></li>
|
||||
<li><a href="#">Attributes</a></li>
|
||||
<li><a href="#/realms/{{realm.id}}/users/{{user.username}}">Attributes</a></li>
|
||||
<li><a href="#">Credentials</a></li>
|
||||
<li class="active"><a href="#">Role Mappings</a></li>
|
||||
</ul>
|
||||
|
|
@ -19,19 +19,17 @@
|
|||
<legend uncollapsed><span class="text">Realm Roles</span> </legend>
|
||||
<div class="form-group">
|
||||
<div class="controls">
|
||||
<select multiple size=5>
|
||||
<option value="role1">role1</option>
|
||||
<option value="role2">role2</option>
|
||||
<option value="role3">role3</option>
|
||||
<option value="role4">role4</option>
|
||||
<select multiple size="5"
|
||||
ng-multiple="true"
|
||||
ng-model="selectedRealmRoles"
|
||||
ng-options="r.name for r in realmRoles">
|
||||
</select>
|
||||
<button type="submit">---></button>
|
||||
<button type="submit"><---</button>
|
||||
<select multiple size=5>
|
||||
<option value="role1">role1</option>
|
||||
<option disabled="disabled" value="role2">role2</option>
|
||||
<option value="role3">role3</option>
|
||||
<option value="role4">role4</option>
|
||||
<button type="submit" ng-click="addRealmRole()">---></button>
|
||||
<button type="submit" ng-click="deleteRealmRole()"><---</button>
|
||||
<select multiple size=5
|
||||
ng-multiple="true"
|
||||
ng-model="selectedRealmMappings"
|
||||
ng-options="r.name for r in realmMappings">
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -57,26 +55,6 @@
|
|||
</div>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
||||
<div class="form-actions" data-ng-show="createRealm">
|
||||
<button type="submit" data-ng-click="save()" class="primary" data-ng-show="changed">Save
|
||||
</button>
|
||||
<button type="submit" data-ng-click="cancel()" data-ng-click="cancel()"
|
||||
data-ng-show="changed">Cancel
|
||||
</button>
|
||||
</div>
|
||||
|
||||
<div class="form-actions" data-ng-show="!createRealm">
|
||||
<button type="submit" data-ng-click="save()" class="primary" data-ng-show="changed">Save
|
||||
changes
|
||||
</button>
|
||||
<button type="submit" data-ng-click="reset()" data-ng-show="changed">Clear changes
|
||||
</button>
|
||||
<button type="submit" data-ng-click="remove()" class="danger" data-ng-hide="changed">
|
||||
Delete
|
||||
</button>
|
||||
</div>
|
||||
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package org.keycloak.services.resources.admin;
|
||||
|
||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||
import org.jboss.resteasy.logging.Logger;
|
||||
import org.keycloak.representations.idm.*;
|
||||
import org.keycloak.services.managers.RealmManager;
|
||||
import org.keycloak.services.models.*;
|
||||
|
|
@ -8,6 +9,7 @@ import org.keycloak.services.models.*;
|
|||
import javax.ws.rs.*;
|
||||
import javax.ws.rs.container.ResourceContext;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
import java.util.ArrayList;
|
||||
|
|
@ -20,6 +22,7 @@ import java.util.Map;
|
|||
* @version $Revision: 1 $
|
||||
*/
|
||||
public class UsersResource {
|
||||
protected static final Logger logger = Logger.getLogger(UsersResource.class);
|
||||
|
||||
protected RealmModel realm;
|
||||
|
||||
|
|
@ -123,6 +126,8 @@ public class UsersResource {
|
|||
|
||||
@Path("{username}/role-mappings")
|
||||
@GET
|
||||
@Produces("application/json")
|
||||
@NoCache
|
||||
public AllRoleMappingsRepresentation getRoleMappings(@PathParam("username") String username) {
|
||||
UserModel user = realm.getUser(username);
|
||||
if (user == null) {
|
||||
|
|
@ -168,7 +173,9 @@ public class UsersResource {
|
|||
|
||||
@Path("{username}/role-mappings/realm")
|
||||
@GET
|
||||
public RealmRoleMappingsRepresentation getRealmRoleMappings(@PathParam("username") String username) {
|
||||
@Produces("application/json")
|
||||
@NoCache
|
||||
public List<RoleRepresentation> getRealmRoleMappings(@PathParam("username") String username) {
|
||||
UserModel user = realm.getUser(username);
|
||||
if (user == null) {
|
||||
throw new NotFoundException();
|
||||
|
|
@ -176,20 +183,19 @@ public class UsersResource {
|
|||
|
||||
RealmRoleMappingsRepresentation rep = new RealmRoleMappingsRepresentation();
|
||||
List<RoleModel> realmMappings = realm.getRoleMappings(user);
|
||||
if (realmMappings.size() > 0) {
|
||||
RealmManager manager = new RealmManager(session);
|
||||
List<RoleRepresentation> realmRep = new ArrayList<RoleRepresentation>();
|
||||
for (RoleModel roleModel : realmMappings) {
|
||||
realmRep.add(manager.toRepresentation(roleModel));
|
||||
}
|
||||
rep.setMappings(realmRep);
|
||||
List<RoleRepresentation> realmMappingsRep = new ArrayList<RoleRepresentation>();
|
||||
RealmManager manager = new RealmManager(session);
|
||||
for (RoleModel roleModel : realmMappings) {
|
||||
realmMappingsRep.add(manager.toRepresentation(roleModel));
|
||||
}
|
||||
return rep;
|
||||
return realmMappingsRep;
|
||||
}
|
||||
|
||||
@Path("{username}/role-mappings/realm")
|
||||
@POST
|
||||
@Consumes("application/json")
|
||||
public void addRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
|
||||
logger.info("** addRealmRoleMappings: " + roles);
|
||||
UserModel user = realm.getUser(username);
|
||||
if (user == null) {
|
||||
throw new NotFoundException();
|
||||
|
|
@ -208,7 +214,9 @@ public class UsersResource {
|
|||
|
||||
@Path("{username}/role-mappings/realm")
|
||||
@DELETE
|
||||
public void deleteRoleMapping(@PathParam("username") String username, List<RoleRepresentation> roles) {
|
||||
@Consumes("application/json")
|
||||
public void deleteRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
|
||||
logger.info("deleteRealmRoleMappings");
|
||||
UserModel user = realm.getUser(username);
|
||||
if (user == null) {
|
||||
throw new NotFoundException();
|
||||
|
|
@ -229,12 +237,13 @@ public class UsersResource {
|
|||
realm.deleteRoleMapping(user, roleModel);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Path("{username}/role-mappings/applications/{appId}")
|
||||
@GET
|
||||
public ApplicationRoleMappings getApplicationRoleMappings(@PathParam("username") String username, @PathParam("appId") String appId) {
|
||||
@Produces("application/json")
|
||||
@NoCache
|
||||
public List<RoleRepresentation> getApplicationRoleMappings(@PathParam("username") String username, @PathParam("appId") String appId) {
|
||||
UserModel user = realm.getUser(username);
|
||||
if (user == null) {
|
||||
throw new NotFoundException();
|
||||
|
|
@ -248,19 +257,17 @@ public class UsersResource {
|
|||
|
||||
ApplicationRoleMappings rep = new ApplicationRoleMappings();
|
||||
List<RoleModel> mappings = application.getRoleMappings(user);
|
||||
if (mappings.size() > 0) {
|
||||
RealmManager manager = new RealmManager(session);
|
||||
List<RoleRepresentation> mapRep = new ArrayList<RoleRepresentation>();
|
||||
for (RoleModel roleModel : mappings) {
|
||||
mapRep.add(manager.toRepresentation(roleModel));
|
||||
}
|
||||
rep.setMappings(mapRep);
|
||||
List<RoleRepresentation> mapRep = new ArrayList<RoleRepresentation>();
|
||||
RealmManager manager = new RealmManager(session);
|
||||
for (RoleModel roleModel : mappings) {
|
||||
mapRep.add(manager.toRepresentation(roleModel));
|
||||
}
|
||||
return rep;
|
||||
return mapRep;
|
||||
}
|
||||
|
||||
@Path("{username}/role-mappings/applications/{appId}")
|
||||
@POST
|
||||
@Consumes("application/json")
|
||||
public void addApplicationRoleMapping(@PathParam("username") String username, @PathParam("appId") String appId, List<RoleRepresentation> roles) {
|
||||
UserModel user = realm.getUser(username);
|
||||
if (user == null) {
|
||||
|
|
@ -278,6 +285,7 @@ public class UsersResource {
|
|||
|
||||
@Path("{username}/role-mappings/applications/{appId}")
|
||||
@DELETE
|
||||
@Consumes("application/json")
|
||||
public void deleteApplicationRoleMapping(@PathParam("username") String username, @PathParam("appId") String appId, List<RoleRepresentation> roles) {
|
||||
UserModel user = realm.getUser(username);
|
||||
if (user == null) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue