diff --git a/core/src/main/java/org/keycloak/representations/idm/AllRoleMappingsRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/AllRoleMappingsRepresentation.java
deleted file mode 100755
index 4377756392..0000000000
--- a/core/src/main/java/org/keycloak/representations/idm/AllRoleMappingsRepresentation.java
+++ /dev/null
@@ -1,57 +0,0 @@
-package org.keycloak.representations.idm;
-
-import java.util.List;
-import java.util.Map;
-
-/**
- * @author Bill Burke
- * @version $Revision: 1 $
- */
-public class AllRoleMappingsRepresentation {
- protected String realmId;
- protected String realmName;
- protected String username;
-
- protected List realmMappings;
- protected Map applicationMappings;
-
- public String getRealmId() {
- return realmId;
- }
-
- public void setRealmId(String realmId) {
- this.realmId = realmId;
- }
-
- public String getRealmName() {
- return realmName;
- }
-
- public void setRealmName(String realmName) {
- this.realmName = realmName;
- }
-
- public String getUsername() {
- return username;
- }
-
- public void setUsername(String username) {
- this.username = username;
- }
-
- public List getRealmMappings() {
- return realmMappings;
- }
-
- public void setRealmMappings(List realmMappings) {
- this.realmMappings = realmMappings;
- }
-
- public Map getApplicationMappings() {
- return applicationMappings;
- }
-
- public void setApplicationMappings(Map applicationMappings) {
- this.applicationMappings = applicationMappings;
- }
-}
diff --git a/core/src/main/java/org/keycloak/representations/idm/ApplicationRoleMappingsRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/ApplicationMappingsRepresentation.java
similarity index 74%
rename from core/src/main/java/org/keycloak/representations/idm/ApplicationRoleMappingsRepresentation.java
rename to core/src/main/java/org/keycloak/representations/idm/ApplicationMappingsRepresentation.java
index 88e8ea32a2..30b94d2905 100755
--- a/core/src/main/java/org/keycloak/representations/idm/ApplicationRoleMappingsRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/ApplicationMappingsRepresentation.java
@@ -6,10 +6,9 @@ import java.util.List;
* @author Bill Burke
* @version $Revision: 1 $
*/
-public class ApplicationRoleMappingsRepresentation {
+public class ApplicationMappingsRepresentation {
protected String applicationId;
protected String application;
- protected String username;
protected List mappings;
@@ -29,14 +28,6 @@ public class ApplicationRoleMappingsRepresentation {
this.application = application;
}
- public String getUsername() {
- return username;
- }
-
- public void setUsername(String username) {
- this.username = username;
- }
-
public List getMappings() {
return mappings;
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java
index 6689e1d08d..ab12aae383 100755
--- a/core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/ApplicationRepresentation.java
@@ -18,7 +18,7 @@ public class ApplicationRepresentation {
protected boolean enabled;
protected List credentials;
protected List roles;
- protected List roleMappings;
+ protected List roleMappings;
protected List scopeMappings;
public String getSelf() {
@@ -82,14 +82,14 @@ public class ApplicationRepresentation {
return this;
}
- public List getRoleMappings() {
+ public List getRoleMappings() {
return roleMappings;
}
- public RoleMappingRepresentation roleMapping(String username) {
- RoleMappingRepresentation mapping = new RoleMappingRepresentation();
+ public UserRoleMappingRepresentation roleMapping(String username) {
+ UserRoleMappingRepresentation mapping = new UserRoleMappingRepresentation();
mapping.setUsername(username);
- if (roleMappings == null) roleMappings = new ArrayList();
+ if (roleMappings == null) roleMappings = new ArrayList();
roleMappings.add(mapping);
return mapping;
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/MappingsRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/MappingsRepresentation.java
new file mode 100755
index 0000000000..ba519fa53b
--- /dev/null
+++ b/core/src/main/java/org/keycloak/representations/idm/MappingsRepresentation.java
@@ -0,0 +1,29 @@
+package org.keycloak.representations.idm;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author Bill Burke
+ * @version $Revision: 1 $
+ */
+public class MappingsRepresentation {
+ protected List realmMappings;
+ protected Map applicationMappings;
+
+ public List getRealmMappings() {
+ return realmMappings;
+ }
+
+ public void setRealmMappings(List realmMappings) {
+ this.realmMappings = realmMappings;
+ }
+
+ public Map getApplicationMappings() {
+ return applicationMappings;
+ }
+
+ public void setApplicationMappings(Map applicationMappings) {
+ this.applicationMappings = applicationMappings;
+ }
+}
diff --git a/core/src/main/java/org/keycloak/representations/idm/OAuthClientRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/OAuthClientRepresentation.java
new file mode 100755
index 0000000000..9f1b821a32
--- /dev/null
+++ b/core/src/main/java/org/keycloak/representations/idm/OAuthClientRepresentation.java
@@ -0,0 +1,60 @@
+package org.keycloak.representations.idm;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author Bill Burke
+ * @version $Revision: 1 $
+ */
+public class OAuthClientRepresentation {
+ protected String id;
+ protected String name;
+ protected String baseUrl;
+ protected boolean enabled;
+ protected List scopeMappings;
+
+ public String getId() {
+ return id;
+ }
+
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public boolean isEnabled() {
+ return enabled;
+ }
+
+ public void setEnabled(boolean enabled) {
+ this.enabled = enabled;
+ }
+
+ public List getScopeMappings() {
+ return scopeMappings;
+ }
+
+ public ScopeMappingRepresentation scopeMapping(String username) {
+ ScopeMappingRepresentation mapping = new ScopeMappingRepresentation();
+ mapping.setUsername(username);
+ if (scopeMappings == null) scopeMappings = new ArrayList();
+ scopeMappings.add(mapping);
+ return mapping;
+ }
+
+ public String getBaseUrl() {
+ return baseUrl;
+ }
+
+ public void setBaseUrl(String baseUrl) {
+ this.baseUrl = baseUrl;
+ }
+}
diff --git a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
index 36d8b335c2..14d7d501af 100755
--- a/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/RealmRepresentation.java
@@ -31,7 +31,7 @@ public class RealmRepresentation {
protected Set requiredApplicationCredentials;
protected Set requiredOAuthClientCredentials;
protected List users;
- protected List roleMappings;
+ protected List roleMappings;
protected List scopeMappings;
protected List socialMappings;
protected List applications;
@@ -125,14 +125,14 @@ public class RealmRepresentation {
this.tokenLifespan = tokenLifespan;
}
- public List getRoleMappings() {
+ public List getRoleMappings() {
return roleMappings;
}
- public RoleMappingRepresentation roleMapping(String username) {
- RoleMappingRepresentation mapping = new RoleMappingRepresentation();
+ public UserRoleMappingRepresentation roleMapping(String username) {
+ UserRoleMappingRepresentation mapping = new UserRoleMappingRepresentation();
mapping.setUsername(username);
- if (roleMappings == null) roleMappings = new ArrayList();
+ if (roleMappings == null) roleMappings = new ArrayList();
roleMappings.add(mapping);
return mapping;
}
diff --git a/core/src/main/java/org/keycloak/representations/idm/RealmRoleMappingsRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/RealmRoleMappingsRepresentation.java
deleted file mode 100755
index dcca6f8f4f..0000000000
--- a/core/src/main/java/org/keycloak/representations/idm/RealmRoleMappingsRepresentation.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package org.keycloak.representations.idm;
-
-import java.util.List;
-
-/**
- * @author Bill Burke
- * @version $Revision: 1 $
- */
-public class RealmRoleMappingsRepresentation {
- protected String realmId;
- protected String realm;
- protected String username;
-
- protected List mappings;
-
- public String getRealmId() {
- return realmId;
- }
-
- public void setRealmId(String realmId) {
- this.realmId = realmId;
- }
-
- public String getRealm() {
- return realm;
- }
-
- public void setRealm(String realm) {
- this.realm = realm;
- }
-
- public String getUsername() {
- return username;
- }
-
- public void setUsername(String username) {
- this.username = username;
- }
-
- public List getMappings() {
- return mappings;
- }
-
- public void setMappings(List mappings) {
- this.mappings = mappings;
- }
-}
diff --git a/core/src/main/java/org/keycloak/representations/idm/RoleMappingRepresentation.java b/core/src/main/java/org/keycloak/representations/idm/UserRoleMappingRepresentation.java
similarity index 88%
rename from core/src/main/java/org/keycloak/representations/idm/RoleMappingRepresentation.java
rename to core/src/main/java/org/keycloak/representations/idm/UserRoleMappingRepresentation.java
index dea66d0fa8..a1a1e1c21e 100755
--- a/core/src/main/java/org/keycloak/representations/idm/RoleMappingRepresentation.java
+++ b/core/src/main/java/org/keycloak/representations/idm/UserRoleMappingRepresentation.java
@@ -7,7 +7,7 @@ import java.util.Set;
* @author Bill Burke
* @version $Revision: 1 $
*/
-public class RoleMappingRepresentation {
+public class UserRoleMappingRepresentation {
protected String self; // link
protected String username;
protected Set roles;
@@ -36,7 +36,7 @@ public class RoleMappingRepresentation {
this.roles = roles;
}
- public RoleMappingRepresentation role(String role) {
+ public UserRoleMappingRepresentation role(String role) {
if (this.roles == null) this.roles = new HashSet();
this.roles.add(role);
return this;
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/app.js b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/app.js
index cd96e4837a..675cc48350 100755
--- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/app.js
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/app.js
@@ -181,6 +181,23 @@ module.config([ '$routeProvider', function($routeProvider) {
}
},
controller : 'ApplicationRoleListCtrl'
+ }).when('/realms/:realm/applications/:application/scope-mappings', {
+ templateUrl : 'partials/application-scope-mappings.html',
+ resolve : {
+ realm : function(RealmLoader) {
+ return RealmLoader();
+ },
+ application : function(ApplicationLoader) {
+ return ApplicationLoader();
+ },
+ applications : function(ApplicationListLoader) {
+ return ApplicationListLoader();
+ },
+ roles : function(RoleListLoader) {
+ return RoleListLoader();
+ }
+ },
+ controller : 'ApplicationScopeMappingCtrl'
})
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js
index 9bb6e9b87a..ced7268ec4 100755
--- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/controllers.js
@@ -2,9 +2,6 @@
var module = angular.module('keycloak.controllers', [ 'keycloak.services' ]);
-var realmslist = {};
-
-
module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location, Notifications) {
$scope.addMessage = function() {
Notifications.success("test");
@@ -463,6 +460,74 @@ module.controller('RoleListCtrl', function($scope, $location, realm, roles) {
});
});
+module.controller('RoleDetailCtrl', function($scope, realm, role, Role, $location, Dialog, Notifications) {
+ $scope.realm = realm;
+ $scope.role = angular.copy(role);
+ $scope.create = !role.name;
+
+ $scope.changed = $scope.create;
+
+ $scope.$watch(function() {
+ return $location.path();
+ }, function() {
+ $scope.path = $location.path().substring(1).split("/");
+ });
+
+ $scope.$watch('role', function() {
+ if (!angular.equals($scope.role, role)) {
+ $scope.changed = true;
+ }
+ }, true);
+
+ $scope.save = function() {
+ if ($scope.create) {
+ Role.save({
+ realm: realm.id
+ }, $scope.role, function (data, headers) {
+ $scope.changed = false;
+ role = angular.copy($scope.role);
+
+ var l = headers().location;
+ var id = l.substring(l.lastIndexOf("/") + 1);
+ $location.url("/realms/" + realm.id + "/roles/" + id);
+ Notifications.success("Created role");
+
+ });
+ } else {
+ Role.update({
+ realm : realm.id,
+ roleId : role.id
+ }, $scope.role, function() {
+ $scope.changed = false;
+ role = angular.copy($scope.role);
+ Notifications.success("Saved changes to role");
+ });
+ }
+ };
+
+ $scope.reset = function() {
+ $scope.role = angular.copy(role);
+ $scope.changed = false;
+ $scope.roleForm.showErrors = false;
+ };
+
+ $scope.cancel = function() {
+ $location.url("/realms/" + realm.id + "/roles");
+ };
+
+ $scope.remove = function() {
+ Dialog.confirmDelete($scope.role.name, 'role', function() {
+ $scope.role.$remove({
+ realm : realm.id,
+ role : $scope.role.name
+ }, function() {
+ $location.url("/realms/" + realm.id + "/roles");
+ Notifications.success("Deleted role");
+ });
+ });
+ };
+});
+
module.controller('ApplicationRoleListCtrl', function($scope, $location, realm, application, roles) {
$scope.realm = realm;
$scope.roles = roles;
@@ -775,3 +840,121 @@ module.controller('RoleMappingCtrl', function($scope, realm, User, users, role,
}
}
});
+
+module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, application, roles, applications, ApplicationRealmScopeMapping, ApplicationApplicationScopeMapping, ApplicationRole) {
+ $scope.realm = realm;
+ $scope.application = application;
+ $scope.realmRoles = angular.copy(roles);
+ $scope.selectedRealmRoles = [];
+ $scope.selectedRealmMappings = [];
+ $scope.realmMappings = [];
+ $scope.applications = applications;
+ $scope.applicationRoles = [];
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ $scope.applicationMappings = [];
+
+
+
+ $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.id, application : application.id}, function(){
+ for (var i = 0; i < $scope.realmMappings.length; i++) {
+ var role = $scope.realmMappings[i];
+ for (var j = 0; j < $scope.realmRoles.length; j++) {
+ var realmRole = $scope.realmRoles[j];
+ if (realmRole.id == role.id) {
+ var idx = $scope.realmRoles.indexOf(realmRole);
+ if (idx != -1) {
+ $scope.realmRoles.splice(idx, 1);
+ break;
+ }
+ }
+ }
+ }
+ });
+
+ $scope.addRealmRole = function() {
+ $http.post('/auth-server/rest/saas/admin/realms/' + realm.id + '/applications/' + application.id + '/scope-mappings/realm',
+ $scope.selectedRealmRoles).success(function() {
+ for (var i = 0; i < $scope.selectedRealmRoles.length; i++) {
+ var role = $scope.selectedRealmRoles[i];
+ var idx = $scope.realmRoles.indexOf($scope.selectedRealmRoles[i]);
+ if (idx != -1) {
+ $scope.realmRoles.splice(idx, 1);
+ $scope.realmMappings.push(role);
+ }
+ }
+ $scope.selectRealmRoles = [];
+ });
+ };
+
+ $scope.deleteRealmRole = function() {
+ $http.delete('/auth-server/rest/saas/admin/realms/' + realm.id + '/applications/' + application.id + '/scope-mappings/realm',
+ {data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ for (var i = 0; i < $scope.selectedRealmMappings.length; i++) {
+ var role = $scope.selectedRealmMappings[i];
+ var idx = $scope.realmMappings.indexOf($scope.selectedRealmMappings[i]);
+ if (idx != -1) {
+ $scope.realmMappings.splice(idx, 1);
+ $scope.realmRoles.push(role);
+ }
+ }
+ $scope.selectedRealmMappings = [];
+ });
+ };
+
+ $scope.addApplicationRole = function() {
+ $http.post('/auth-server/rest/saas/admin/realms/' + realm.id + '/applications/' + application.id + '/scope-mappings/applications/' + $scope.targetApp.id,
+ $scope.selectedApplicationRoles).success(function() {
+ for (var i = 0; i < $scope.selectedApplicationRoles.length; i++) {
+ var role = $scope.selectedApplicationRoles[i];
+ var idx = $scope.applicationRoles.indexOf($scope.selectedApplicationRoles[i]);
+ if (idx != -1) {
+ $scope.applicationRoles.splice(idx, 1);
+ $scope.applicationMappings.push(role);
+ }
+ }
+ $scope.selectedApplicationRoles = [];
+ });
+ };
+
+ $scope.deleteApplicationRole = function() {
+ $http.delete('/auth-server/rest/saas/admin/realms/' + realm.id + '/applications/' + application.id + '/scope-mappings/applications/' + $scope.targetApp.id,
+ {data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ for (var i = 0; i < $scope.selectedApplicationMappings.length; i++) {
+ var role = $scope.selectedApplicationMappings[i];
+ var idx = $scope.applicationMappings.indexOf($scope.selectedApplicationMappings[i]);
+ if (idx != -1) {
+ $scope.applicationMappings.splice(idx, 1);
+ $scope.applicationRoles.push(role);
+ }
+ }
+ $scope.selectedApplicationMappings = [];
+ });
+ };
+
+
+ $scope.changeApplication = function() {
+ $scope.applicationRoles = ApplicationRole.query({realm : realm.id, application : $scope.targetApp.id}, function() {
+ $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.id, application : application.id, targetApp : $scope.targetApp.id}, function(){
+ for (var i = 0; i < $scope.applicationMappings.length; i++) {
+ var role = $scope.applicationMappings[i];
+ for (var j = 0; j < $scope.applicationRoles.length; j++) {
+ var realmRole = $scope.applicationRoles[j];
+ if (realmRole.id == role.id) {
+ var idx = $scope.applicationRoles.indexOf(realmRole);
+ if (idx != -1) {
+ $scope.applicationRoles.splice(idx, 1);
+ break;
+ }
+ }
+ }
+ }
+ });
+
+ }
+ );
+ };
+
+
+
+});
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js
index 46146350e5..b5d900f6c0 100755
--- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/js/services.js
@@ -111,8 +111,6 @@ module.factory('RealmRoleMapping', function($resource) {
});
});
-
-
module.factory('ApplicationRoleMapping', function($resource) {
return $resource('/auth-server/rest/saas/admin/realms/:realm/users/:userId/role-mappings/applications/:application', {
realm : '@realm',
@@ -121,6 +119,21 @@ module.factory('ApplicationRoleMapping', function($resource) {
});
});
+module.factory('ApplicationRealmScopeMapping', function($resource) {
+ return $resource('/auth-server/rest/saas/admin/realms/:realm/applications/:application/scope-mappings/realm', {
+ realm : '@realm',
+ application : '@application'
+ });
+});
+
+module.factory('ApplicationApplicationScopeMapping', function($resource) {
+ return $resource('/auth-server/rest/saas/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp', {
+ realm : '@realm',
+ application : '@application',
+ targetApp : '@targetApp'
+ });
+});
+
module.factory('RealmRoles', function($resource) {
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-credentials.html b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-credentials.html
index 6be1cb008d..506cc43be6 100755
--- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-credentials.html
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-credentials.html
@@ -10,7 +10,7 @@
Credentials
Installation
Roles
- Scope
+ Scope
Sessions
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-detail.html b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-detail.html
index a1035f3329..bc23ca3bf5 100755
--- a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-detail.html
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-detail.html
@@ -10,7 +10,7 @@
Credentials
Installation
Roles
- Scope
+ Scope
Sessions
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-scope-mappings.html b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-scope-mappings.html
new file mode 100755
index 0000000000..f8638cfc5a
--- /dev/null
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/admin/partials/application-scope-mappings.html
@@ -0,0 +1,73 @@
+
+
+
+
+
+
+
Application Scope Mappings for {{application.name}}
+
+
+
+
+
+
+