role mappings
This commit is contained in:
Bill Burke
parent
27fe017b6c
commit
aae3a0ffee
6 changed files with 123 additions and 120 deletions
|
|
@ -58,9 +58,12 @@ module.config([ '$routeProvider', function($routeProvider) {
|
||||||
},
|
},
|
||||||
user : function(UserLoader) {
|
user : function(UserLoader) {
|
||||||
return UserLoader();
|
return UserLoader();
|
||||||
|
},
|
||||||
|
roles : function(RoleListLoader) {
|
||||||
|
return RoleListLoader();
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
controller : 'UserDetailCtrl'
|
controller : 'UserRoleMappingCtrl'
|
||||||
}).when('/realms/:realm/users', {
|
}).when('/realms/:realm/users', {
|
||||||
templateUrl : 'partials/user-list.html',
|
templateUrl : 'partials/user-list.html',
|
||||||
resolve : {
|
resolve : {
|
||||||
|
|
|
||||||
|
|
@ -192,6 +192,71 @@ module.controller('UserListCtrl', function($scope, realm, User) {
|
||||||
};
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
|
Array.prototype.remove = function(from, to) {
|
||||||
|
var rest = this.slice((to || from) + 1 || this.length);
|
||||||
|
this.length = from < 0 ? this.length + from : from;
|
||||||
|
return this.push.apply(this, rest);
|
||||||
|
};
|
||||||
|
|
||||||
|
module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, roles, RealmRoleMapping) {
|
||||||
|
$scope.realm = realm;
|
||||||
|
$scope.user = user;
|
||||||
|
$scope.realmRoles = angular.copy(roles);
|
||||||
|
$scope.selectedRealmRoles = [];
|
||||||
|
$scope.selectedRealmMappings = [];
|
||||||
|
$scope.realmMappings = [];
|
||||||
|
|
||||||
|
$scope.realmMappings = RealmRoleMapping.query({realm : realm.id, userId : user.username}, function(){
|
||||||
|
for (var i = 0; i < $scope.realmMappings.length; i++) {
|
||||||
|
var role = $scope.realmMappings[i];
|
||||||
|
for (var j = 0; j < $scope.realmRoles.length; j++) {
|
||||||
|
var realmRole = $scope.realmRoles[j];
|
||||||
|
if (realmRole.id == role.id) {
|
||||||
|
var idx = $scope.realmRoles.indexOf(realmRole);
|
||||||
|
if (idx != -1) {
|
||||||
|
$scope.realmRoles.splice(idx, 1);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
$scope.addRealmRole = function() {
|
||||||
|
$http.post('/auth-server/rest/saas/admin/realms/' + realm.id + '/users/' + user.username + '/role-mappings/realm',
|
||||||
|
$scope.selectedRealmRoles).success(function() {
|
||||||
|
for (var i = 0; i < $scope.selectedRealmRoles.length; i++) {
|
||||||
|
var role = $scope.selectedRealmRoles[i];
|
||||||
|
var idx = $scope.realmRoles.indexOf($scope.selectedRealmRoles[i]);
|
||||||
|
if (idx != -1) {
|
||||||
|
$scope.realmRoles.splice(idx, 1);
|
||||||
|
$scope.realmMappings.push(role);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$scope.selectRealmRoles = [];
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
$scope.deleteRealmRole = function() {
|
||||||
|
console.log('deleteRealmRole');
|
||||||
|
$http.delete('/auth-server/rest/saas/admin/realms/' + realm.id + '/users/' + user.username + '/role-mappings/realm',
|
||||||
|
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
|
||||||
|
for (var i = 0; i < $scope.selectedRealmMappings.length; i++) {
|
||||||
|
var role = $scope.selectedRealmMappings[i];
|
||||||
|
var idx = $scope.realmMappings.indexOf($scope.selectedRealmMappings[i]);
|
||||||
|
if (idx != -1) {
|
||||||
|
$scope.realmMappings.splice(idx, 1);
|
||||||
|
$scope.realmRoles.push(role);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$scope.selectedRealmMappings = [];
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
module.controller('UserDetailCtrl', function($scope, realm, user, User, $location, Dialog, Notifications) {
|
module.controller('UserDetailCtrl', function($scope, realm, user, User, $location, Dialog, Notifications) {
|
||||||
$scope.realm = realm;
|
$scope.realm = realm;
|
||||||
$scope.user = angular.copy(user);
|
$scope.user = angular.copy(user);
|
||||||
|
|
|
||||||
|
|
@ -83,10 +83,6 @@ module.factory('Notifications', function($rootScope, $timeout) {
|
||||||
return notifications;
|
return notifications;
|
||||||
});
|
});
|
||||||
|
|
||||||
module.factory('Provider', function($resource) {
|
|
||||||
return $resource('/ejs-identity/api/admin/providers');
|
|
||||||
});
|
|
||||||
|
|
||||||
module.factory('Realm', function($resource) {
|
module.factory('Realm', function($resource) {
|
||||||
return $resource('/auth-server/rest/saas/admin/realms/:id', {
|
return $resource('/auth-server/rest/saas/admin/realms/:id', {
|
||||||
id : '@id'
|
id : '@id'
|
||||||
|
|
@ -97,18 +93,6 @@ module.factory('Realm', function($resource) {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
module.factory('RoleMapping', function($resource) {
|
|
||||||
return $resource('/keycloak-server/ui/api/roles/:realm/:role/:userId', {
|
|
||||||
realm : '@realm',
|
|
||||||
role : '@role',
|
|
||||||
userId : '@userId'
|
|
||||||
}, {
|
|
||||||
save : {
|
|
||||||
method : 'PUT'
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
module.factory('User', function($resource) {
|
module.factory('User', function($resource) {
|
||||||
return $resource('/auth-server/rest/saas/admin/realms/:realm/users/:userId', {
|
return $resource('/auth-server/rest/saas/admin/realms/:realm/users/:userId', {
|
||||||
realm : '@realm',
|
realm : '@realm',
|
||||||
|
|
@ -120,6 +104,21 @@ module.factory('User', function($resource) {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
module.factory('RealmRoleMapping', function($resource) {
|
||||||
|
return $resource('/auth-server/rest/saas/admin/realms/:realm/users/:userId/role-mappings/realm', {
|
||||||
|
realm : '@realm',
|
||||||
|
userId : '@userId'
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
module.factory('RealmRoles', function($resource) {
|
||||||
|
return $resource('/auth-server/rest/saas/admin/realms/:realm/roles', {
|
||||||
|
realm : '@realm'
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
module.factory('Role', function($resource) {
|
module.factory('Role', function($resource) {
|
||||||
return $resource('/auth-server/rest/saas/admin/realms/:realm/roles/:roleId', {
|
return $resource('/auth-server/rest/saas/admin/realms/:realm/roles/:roleId', {
|
||||||
realm : '@realm',
|
realm : '@realm',
|
||||||
|
|
|
||||||
|
|
@ -1,50 +0,0 @@
|
||||||
<div id="wrapper" class="container">
|
|
||||||
<div class="row">
|
|
||||||
<aside class="span3" data-ng-include data-src="'partials/' + path[0].slice(0, -1) + '-menu.html'"></aside>
|
|
||||||
|
|
||||||
<div id="actions-bg"></div>
|
|
||||||
|
|
||||||
<div id="container-right" class="span9">
|
|
||||||
<h1>
|
|
||||||
<span class="gray" data-ng-hide="create">{{realm.name}}</span> role mapping
|
|
||||||
</h1>
|
|
||||||
|
|
||||||
<ul class="nav nav-tabs">
|
|
||||||
<li data-ng-class="path[3] == r && 'active'" data-ng-repeat="r in (realm.roles|orderBy:'toString()')"><a
|
|
||||||
href="#/{{path[0]}}/{{realm.id}}/roles/{{r}}">{{r}}</a></li>
|
|
||||||
</ul>
|
|
||||||
|
|
||||||
<div data-ng-show="role">
|
|
||||||
<select style="width: auto;" id="realm" name="realm" data-ng-model="newUser" data-ng-click="addUser(u)">
|
|
||||||
<option data-ng-repeat="u in (allUsers|remove:users:'userId')" value="{{u.userId}}">{{u.userId}}
|
|
||||||
</option>
|
|
||||||
</select>
|
|
||||||
|
|
||||||
<table class="table table-striped table-bordered">
|
|
||||||
<thead>
|
|
||||||
<tr>
|
|
||||||
<th>Username</th>
|
|
||||||
<th>Firstname</th>
|
|
||||||
<th>Lastname</th>
|
|
||||||
<th>Email</th>
|
|
||||||
<th></th>
|
|
||||||
</tr>
|
|
||||||
</thead>
|
|
||||||
<tr data-ng-repeat="user in users">
|
|
||||||
<td>{{user.userId}}</td>
|
|
||||||
<td>{{user.firstName}}</td>
|
|
||||||
<td>{{user.lastName}}</td>
|
|
||||||
<td>{{user.email}}</td>
|
|
||||||
<td>
|
|
||||||
<button data-ng-click="removeUser(user.userId)">
|
|
||||||
<i class="icon-remove"></i>
|
|
||||||
</button>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
</table>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div id="container-right-bg"></div>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
@ -6,7 +6,7 @@
|
||||||
<ul class="rcue-tabs" >
|
<ul class="rcue-tabs" >
|
||||||
<li><a href="#/create/user/{{realm.id}}">New User</a></li>
|
<li><a href="#/create/user/{{realm.id}}">New User</a></li>
|
||||||
<li><a href="#/realms/{{realm.id}}/users">Query Users</a></li>
|
<li><a href="#/realms/{{realm.id}}/users">Query Users</a></li>
|
||||||
<li><a href="#">Attributes</a></li>
|
<li><a href="#/realms/{{realm.id}}/users/{{user.username}}">Attributes</a></li>
|
||||||
<li><a href="#">Credentials</a></li>
|
<li><a href="#">Credentials</a></li>
|
||||||
<li class="active"><a href="#">Role Mappings</a></li>
|
<li class="active"><a href="#">Role Mappings</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
@ -19,19 +19,17 @@
|
||||||
<legend uncollapsed><span class="text">Realm Roles</span> </legend>
|
<legend uncollapsed><span class="text">Realm Roles</span> </legend>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="controls">
|
<div class="controls">
|
||||||
<select multiple size=5>
|
<select multiple size="5"
|
||||||
<option value="role1">role1</option>
|
ng-multiple="true"
|
||||||
<option value="role2">role2</option>
|
ng-model="selectedRealmRoles"
|
||||||
<option value="role3">role3</option>
|
ng-options="r.name for r in realmRoles">
|
||||||
<option value="role4">role4</option>
|
|
||||||
</select>
|
</select>
|
||||||
<button type="submit">---></button>
|
<button type="submit" ng-click="addRealmRole()">---></button>
|
||||||
<button type="submit"><---</button>
|
<button type="submit" ng-click="deleteRealmRole()"><---</button>
|
||||||
<select multiple size=5>
|
<select multiple size=5
|
||||||
<option value="role1">role1</option>
|
ng-multiple="true"
|
||||||
<option disabled="disabled" value="role2">role2</option>
|
ng-model="selectedRealmMappings"
|
||||||
<option value="role3">role3</option>
|
ng-options="r.name for r in realmMappings">
|
||||||
<option value="role4">role4</option>
|
|
||||||
</select>
|
</select>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
@ -57,26 +55,6 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</fieldset>
|
</fieldset>
|
||||||
|
|
||||||
<div class="form-actions" data-ng-show="createRealm">
|
|
||||||
<button type="submit" data-ng-click="save()" class="primary" data-ng-show="changed">Save
|
|
||||||
</button>
|
|
||||||
<button type="submit" data-ng-click="cancel()" data-ng-click="cancel()"
|
|
||||||
data-ng-show="changed">Cancel
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="form-actions" data-ng-show="!createRealm">
|
|
||||||
<button type="submit" data-ng-click="save()" class="primary" data-ng-show="changed">Save
|
|
||||||
changes
|
|
||||||
</button>
|
|
||||||
<button type="submit" data-ng-click="reset()" data-ng-show="changed">Clear changes
|
|
||||||
</button>
|
|
||||||
<button type="submit" data-ng-click="remove()" class="danger" data-ng-hide="changed">
|
|
||||||
Delete
|
|
||||||
</button>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,7 @@
|
||||||
package org.keycloak.services.resources.admin;
|
package org.keycloak.services.resources.admin;
|
||||||
|
|
||||||
import org.jboss.resteasy.annotations.cache.NoCache;
|
import org.jboss.resteasy.annotations.cache.NoCache;
|
||||||
|
import org.jboss.resteasy.logging.Logger;
|
||||||
import org.keycloak.representations.idm.*;
|
import org.keycloak.representations.idm.*;
|
||||||
import org.keycloak.services.managers.RealmManager;
|
import org.keycloak.services.managers.RealmManager;
|
||||||
import org.keycloak.services.models.*;
|
import org.keycloak.services.models.*;
|
||||||
|
|
@ -8,6 +9,7 @@ import org.keycloak.services.models.*;
|
||||||
import javax.ws.rs.*;
|
import javax.ws.rs.*;
|
||||||
import javax.ws.rs.container.ResourceContext;
|
import javax.ws.rs.container.ResourceContext;
|
||||||
import javax.ws.rs.core.Context;
|
import javax.ws.rs.core.Context;
|
||||||
|
import javax.ws.rs.core.HttpHeaders;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
import javax.ws.rs.core.UriInfo;
|
import javax.ws.rs.core.UriInfo;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
|
@ -20,6 +22,7 @@ import java.util.Map;
|
||||||
* @version $Revision: 1 $
|
* @version $Revision: 1 $
|
||||||
*/
|
*/
|
||||||
public class UsersResource {
|
public class UsersResource {
|
||||||
|
protected static final Logger logger = Logger.getLogger(UsersResource.class);
|
||||||
|
|
||||||
protected RealmModel realm;
|
protected RealmModel realm;
|
||||||
|
|
||||||
|
|
@ -123,6 +126,8 @@ public class UsersResource {
|
||||||
|
|
||||||
@Path("{username}/role-mappings")
|
@Path("{username}/role-mappings")
|
||||||
@GET
|
@GET
|
||||||
|
@Produces("application/json")
|
||||||
|
@NoCache
|
||||||
public AllRoleMappingsRepresentation getRoleMappings(@PathParam("username") String username) {
|
public AllRoleMappingsRepresentation getRoleMappings(@PathParam("username") String username) {
|
||||||
UserModel user = realm.getUser(username);
|
UserModel user = realm.getUser(username);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
|
|
@ -168,7 +173,9 @@ public class UsersResource {
|
||||||
|
|
||||||
@Path("{username}/role-mappings/realm")
|
@Path("{username}/role-mappings/realm")
|
||||||
@GET
|
@GET
|
||||||
public RealmRoleMappingsRepresentation getRealmRoleMappings(@PathParam("username") String username) {
|
@Produces("application/json")
|
||||||
|
@NoCache
|
||||||
|
public List<RoleRepresentation> getRealmRoleMappings(@PathParam("username") String username) {
|
||||||
UserModel user = realm.getUser(username);
|
UserModel user = realm.getUser(username);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
|
|
@ -176,20 +183,19 @@ public class UsersResource {
|
||||||
|
|
||||||
RealmRoleMappingsRepresentation rep = new RealmRoleMappingsRepresentation();
|
RealmRoleMappingsRepresentation rep = new RealmRoleMappingsRepresentation();
|
||||||
List<RoleModel> realmMappings = realm.getRoleMappings(user);
|
List<RoleModel> realmMappings = realm.getRoleMappings(user);
|
||||||
if (realmMappings.size() > 0) {
|
List<RoleRepresentation> realmMappingsRep = new ArrayList<RoleRepresentation>();
|
||||||
RealmManager manager = new RealmManager(session);
|
RealmManager manager = new RealmManager(session);
|
||||||
List<RoleRepresentation> realmRep = new ArrayList<RoleRepresentation>();
|
|
||||||
for (RoleModel roleModel : realmMappings) {
|
for (RoleModel roleModel : realmMappings) {
|
||||||
realmRep.add(manager.toRepresentation(roleModel));
|
realmMappingsRep.add(manager.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
rep.setMappings(realmRep);
|
return realmMappingsRep;
|
||||||
}
|
|
||||||
return rep;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Path("{username}/role-mappings/realm")
|
@Path("{username}/role-mappings/realm")
|
||||||
@POST
|
@POST
|
||||||
|
@Consumes("application/json")
|
||||||
public void addRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
|
public void addRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
|
||||||
|
logger.info("** addRealmRoleMappings: " + roles);
|
||||||
UserModel user = realm.getUser(username);
|
UserModel user = realm.getUser(username);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
|
|
@ -208,7 +214,9 @@ public class UsersResource {
|
||||||
|
|
||||||
@Path("{username}/role-mappings/realm")
|
@Path("{username}/role-mappings/realm")
|
||||||
@DELETE
|
@DELETE
|
||||||
public void deleteRoleMapping(@PathParam("username") String username, List<RoleRepresentation> roles) {
|
@Consumes("application/json")
|
||||||
|
public void deleteRealmRoleMappings(@PathParam("username") String username, List<RoleRepresentation> roles) {
|
||||||
|
logger.info("deleteRealmRoleMappings");
|
||||||
UserModel user = realm.getUser(username);
|
UserModel user = realm.getUser(username);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
|
|
@ -229,12 +237,13 @@ public class UsersResource {
|
||||||
realm.deleteRoleMapping(user, roleModel);
|
realm.deleteRoleMapping(user, roleModel);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Path("{username}/role-mappings/applications/{appId}")
|
@Path("{username}/role-mappings/applications/{appId}")
|
||||||
@GET
|
@GET
|
||||||
public ApplicationRoleMappings getApplicationRoleMappings(@PathParam("username") String username, @PathParam("appId") String appId) {
|
@Produces("application/json")
|
||||||
|
@NoCache
|
||||||
|
public List<RoleRepresentation> getApplicationRoleMappings(@PathParam("username") String username, @PathParam("appId") String appId) {
|
||||||
UserModel user = realm.getUser(username);
|
UserModel user = realm.getUser(username);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
|
|
@ -248,19 +257,17 @@ public class UsersResource {
|
||||||
|
|
||||||
ApplicationRoleMappings rep = new ApplicationRoleMappings();
|
ApplicationRoleMappings rep = new ApplicationRoleMappings();
|
||||||
List<RoleModel> mappings = application.getRoleMappings(user);
|
List<RoleModel> mappings = application.getRoleMappings(user);
|
||||||
if (mappings.size() > 0) {
|
|
||||||
RealmManager manager = new RealmManager(session);
|
|
||||||
List<RoleRepresentation> mapRep = new ArrayList<RoleRepresentation>();
|
List<RoleRepresentation> mapRep = new ArrayList<RoleRepresentation>();
|
||||||
|
RealmManager manager = new RealmManager(session);
|
||||||
for (RoleModel roleModel : mappings) {
|
for (RoleModel roleModel : mappings) {
|
||||||
mapRep.add(manager.toRepresentation(roleModel));
|
mapRep.add(manager.toRepresentation(roleModel));
|
||||||
}
|
}
|
||||||
rep.setMappings(mapRep);
|
return mapRep;
|
||||||
}
|
|
||||||
return rep;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Path("{username}/role-mappings/applications/{appId}")
|
@Path("{username}/role-mappings/applications/{appId}")
|
||||||
@POST
|
@POST
|
||||||
|
@Consumes("application/json")
|
||||||
public void addApplicationRoleMapping(@PathParam("username") String username, @PathParam("appId") String appId, List<RoleRepresentation> roles) {
|
public void addApplicationRoleMapping(@PathParam("username") String username, @PathParam("appId") String appId, List<RoleRepresentation> roles) {
|
||||||
UserModel user = realm.getUser(username);
|
UserModel user = realm.getUser(username);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
|
|
@ -278,6 +285,7 @@ public class UsersResource {
|
||||||
|
|
||||||
@Path("{username}/role-mappings/applications/{appId}")
|
@Path("{username}/role-mappings/applications/{appId}")
|
||||||
@DELETE
|
@DELETE
|
||||||
|
@Consumes("application/json")
|
||||||
public void deleteApplicationRoleMapping(@PathParam("username") String username, @PathParam("appId") String appId, List<RoleRepresentation> roles) {
|
public void deleteApplicationRoleMapping(@PathParam("username") String username, @PathParam("appId") String appId, List<RoleRepresentation> roles) {
|
||||||
UserModel user = realm.getUser(username);
|
UserModel user = realm.getUser(username);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue