KEYCLOAK-264 Remove option to enable/disable acct mngmt
This commit is contained in:
Stian Thorgersen
parent
7a6f67dfdd
commit
c5366f1c81
10 changed files with 10 additions and 42 deletions
|
|
@ -61,10 +61,6 @@
|
||||||
<label for="verifyEmail" class="control-label">Verify email</label>
|
<label for="verifyEmail" class="control-label">Verify email</label>
|
||||||
<input ng-model="realm.verifyEmail" name="verifyEmail" id="verifyEmail" onoffswitch />
|
<input ng-model="realm.verifyEmail" name="verifyEmail" id="verifyEmail" onoffswitch />
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group clearfix block">
|
|
||||||
<label for="accountManagement" class="control-label two-lines">User account management</label>
|
|
||||||
<input ng-model="realm.accountManagement" name="accountManagement" id="accountManagement" onoffswitch />
|
|
||||||
</div>
|
|
||||||
<div class="form-group clearfix block">
|
<div class="form-group clearfix block">
|
||||||
<label for="requireSsl" class="control-label">Require SSL</label>
|
<label for="requireSsl" class="control-label">Require SSL</label>
|
||||||
<input ng-model="realm.requireSsl" name="requireSsl" id="requireSsl" onoffswitch />
|
<input ng-model="realm.requireSsl" name="requireSsl" id="requireSsl" onoffswitch />
|
||||||
|
|
|
||||||
|
|
@ -17,7 +17,6 @@ public class RealmRepresentation {
|
||||||
protected Integer accessCodeLifespan;
|
protected Integer accessCodeLifespan;
|
||||||
protected Integer accessCodeLifespanUserAction;
|
protected Integer accessCodeLifespanUserAction;
|
||||||
protected Boolean enabled;
|
protected Boolean enabled;
|
||||||
protected Boolean accountManagement;
|
|
||||||
protected Boolean sslNotRequired;
|
protected Boolean sslNotRequired;
|
||||||
protected Boolean registrationAllowed;
|
protected Boolean registrationAllowed;
|
||||||
protected Boolean verifyEmail;
|
protected Boolean verifyEmail;
|
||||||
|
|
@ -107,14 +106,6 @@ public class RealmRepresentation {
|
||||||
this.enabled = enabled;
|
this.enabled = enabled;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Boolean getAccountManagement() {
|
|
||||||
return accountManagement;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setAccountManagement(Boolean accountManagement) {
|
|
||||||
this.accountManagement = accountManagement;
|
|
||||||
}
|
|
||||||
|
|
||||||
public Boolean isSslNotRequired() {
|
public Boolean isSslNotRequired() {
|
||||||
return sslNotRequired;
|
return sslNotRequired;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,6 @@
|
||||||
"tokenLifespan": 3000,
|
"tokenLifespan": 3000,
|
||||||
"accessCodeLifespan": 10,
|
"accessCodeLifespan": 10,
|
||||||
"accessCodeLifespanUserAction": 6000,
|
"accessCodeLifespanUserAction": 6000,
|
||||||
"accountManagement": true,
|
|
||||||
"sslNotRequired": true,
|
"sslNotRequired": true,
|
||||||
"registrationAllowed": false,
|
"registrationAllowed": false,
|
||||||
"social": false,
|
"social": false,
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,6 @@
|
||||||
"tokenLifespan": 3000,
|
"tokenLifespan": 3000,
|
||||||
"accessCodeLifespan": 10,
|
"accessCodeLifespan": 10,
|
||||||
"accessCodeLifespanUserAction": 6000,
|
"accessCodeLifespanUserAction": 6000,
|
||||||
"accountManagement": true,
|
|
||||||
"sslNotRequired": true,
|
"sslNotRequired": true,
|
||||||
"registrationAllowed": false,
|
"registrationAllowed": false,
|
||||||
"social": false,
|
"social": false,
|
||||||
|
|
|
||||||
|
|
@ -76,7 +76,6 @@ public class ApplianceBootstrap {
|
||||||
|
|
||||||
adminConsole.grantRole(adminUser, adminRole);
|
adminConsole.grantRole(adminUser, adminRole);
|
||||||
|
|
||||||
manager.enableAccountManagement(realm);
|
|
||||||
ApplicationModel accountApp = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
|
ApplicationModel accountApp = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
|
||||||
for (String r : accountApp.getDefaultRoles()) {
|
for (String r : accountApp.getDefaultRoles()) {
|
||||||
accountApp.grantRole(adminUser, accountApp.getRole(r));
|
accountApp.grantRole(adminUser, accountApp.getRole(r));
|
||||||
|
|
|
||||||
|
|
@ -78,6 +78,9 @@ public class RealmManager {
|
||||||
realm.setName(name);
|
realm.setName(name);
|
||||||
realm.addRole(Constants.APPLICATION_ROLE);
|
realm.addRole(Constants.APPLICATION_ROLE);
|
||||||
realm.addRole(Constants.IDENTITY_REQUESTER_ROLE);
|
realm.addRole(Constants.IDENTITY_REQUESTER_ROLE);
|
||||||
|
|
||||||
|
setupAccountManagement(realm);
|
||||||
|
|
||||||
return realm;
|
return realm;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -125,12 +128,6 @@ public class RealmManager {
|
||||||
realm.updateDefaultRoles(rep.getDefaultRoles().toArray(new String[rep.getDefaultRoles().size()]));
|
realm.updateDefaultRoles(rep.getDefaultRoles().toArray(new String[rep.getDefaultRoles().size()]));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rep.getAccountManagement() != null && rep.getAccountManagement()) {
|
|
||||||
enableAccountManagement(realm);
|
|
||||||
} else {
|
|
||||||
disableAccountManagement(realm);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (rep.getSmtpServer() != null) {
|
if (rep.getSmtpServer() != null) {
|
||||||
realm.setSmtpConfig(new HashMap(rep.getSmtpServer()));
|
realm.setSmtpConfig(new HashMap(rep.getSmtpServer()));
|
||||||
}
|
}
|
||||||
|
|
@ -144,10 +141,12 @@ public class RealmManager {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public void enableAccountManagement(RealmModel realm) {
|
private void setupAccountManagement(RealmModel realm) {
|
||||||
ApplicationModel application = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
|
ApplicationModel application = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
|
||||||
if (application == null) {
|
if (application == null) {
|
||||||
application = realm.addApplication(Constants.ACCOUNT_APPLICATION);
|
application = realm.addApplication(Constants.ACCOUNT_APPLICATION);
|
||||||
|
application.setEnabled(true);
|
||||||
|
|
||||||
application.addDefaultRole(Constants.ACCOUNT_PROFILE_ROLE);
|
application.addDefaultRole(Constants.ACCOUNT_PROFILE_ROLE);
|
||||||
application.addDefaultRole(Constants.ACCOUNT_MANAGE_ROLE);
|
application.addDefaultRole(Constants.ACCOUNT_MANAGE_ROLE);
|
||||||
|
|
||||||
|
|
@ -160,14 +159,6 @@ public class RealmManager {
|
||||||
RoleModel applicationRole = realm.getRole(Constants.APPLICATION_ROLE);
|
RoleModel applicationRole = realm.getRole(Constants.APPLICATION_ROLE);
|
||||||
realm.grantRole(application.getApplicationUser(), applicationRole);
|
realm.grantRole(application.getApplicationUser(), applicationRole);
|
||||||
}
|
}
|
||||||
application.setEnabled(true);
|
|
||||||
}
|
|
||||||
|
|
||||||
public void disableAccountManagement(RealmModel realm) {
|
|
||||||
ApplicationModel application = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
|
|
||||||
if (application != null) {
|
|
||||||
application.setEnabled(false); // TODO Should we delete the application instead?
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public RealmModel importRealm(RealmRepresentation rep, UserModel realmCreator) {
|
public RealmModel importRealm(RealmRepresentation rep, UserModel realmCreator) {
|
||||||
|
|
@ -180,7 +171,6 @@ public class RealmManager {
|
||||||
return realm;
|
return realm;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public void importRealm(RealmRepresentation rep, RealmModel newRealm) {
|
public void importRealm(RealmRepresentation rep, RealmModel newRealm) {
|
||||||
newRealm.setName(rep.getRealm());
|
newRealm.setName(rep.getRealm());
|
||||||
if (rep.isEnabled() != null) newRealm.setEnabled(rep.isEnabled());
|
if (rep.isEnabled() != null) newRealm.setEnabled(rep.isEnabled());
|
||||||
|
|
@ -270,10 +260,6 @@ public class RealmManager {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rep.getAccountManagement() != null && rep.getAccountManagement()) {
|
|
||||||
enableAccountManagement(newRealm);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Now that all possible users and applications are created (users, apps, and oauth clients), do role mappings and scope mappings
|
// Now that all possible users and applications are created (users, apps, and oauth clients), do role mappings and scope mappings
|
||||||
|
|
||||||
Map<String, ApplicationModel> appMap = newRealm.getApplicationNameMap();
|
Map<String, ApplicationModel> appMap = newRealm.getApplicationNameMap();
|
||||||
|
|
@ -492,7 +478,6 @@ public class RealmManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
ApplicationModel accountManagementApplication = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
|
ApplicationModel accountManagementApplication = realm.getApplicationNameMap().get(Constants.ACCOUNT_APPLICATION);
|
||||||
rep.setAccountManagement(accountManagementApplication != null && accountManagementApplication.isEnabled());
|
|
||||||
|
|
||||||
List<String> defaultRoles = realm.getDefaultRoles();
|
List<String> defaultRoles = realm.getDefaultRoles();
|
||||||
if (!defaultRoles.isEmpty()) {
|
if (!defaultRoles.isEmpty()) {
|
||||||
|
|
|
||||||
|
|
@ -438,8 +438,8 @@ public class AdapterTest extends AbstractKeycloakTest {
|
||||||
RealmModel otherRealm = adapter.createRealm("other");
|
RealmModel otherRealm = adapter.createRealm("other");
|
||||||
otherRealm.addUser("bburke");
|
otherRealm.addUser("bburke");
|
||||||
|
|
||||||
Assert.assertEquals(1, otherRealm.getUsers().size());
|
Assert.assertEquals(2, otherRealm.getUsers().size());
|
||||||
Assert.assertEquals(1, otherRealm.searchForUser("u").size());
|
Assert.assertEquals(1, otherRealm.searchForUser("bu").size());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -68,7 +68,7 @@ public class ApplicationModelTest extends AbstractKeycloakServerTest {
|
||||||
public void persist() {
|
public void persist() {
|
||||||
RealmModel persisted = manager.getRealm(realm.getId());
|
RealmModel persisted = manager.getRealm(realm.getId());
|
||||||
|
|
||||||
assertEquals(application, persisted.getApplications().get(0));
|
assertEquals(application, persisted.getApplicationNameMap().get("app-name"));
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ public class ImportTest extends AbstractKeycloakTest {
|
||||||
Assert.assertEquals(0, realm.getSocialLinks(user).size());
|
Assert.assertEquals(0, realm.getSocialLinks(user).size());
|
||||||
|
|
||||||
List<ApplicationModel> resources = realm.getApplications();
|
List<ApplicationModel> resources = realm.getApplications();
|
||||||
Assert.assertEquals(2, resources.size());
|
Assert.assertEquals(3, resources.size());
|
||||||
|
|
||||||
// Test scope relationship
|
// Test scope relationship
|
||||||
ApplicationModel application = realm.getApplicationNameMap().get("Application");
|
ApplicationModel application = realm.getApplicationNameMap().get("Application");
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,6 @@
|
||||||
"accessCodeLifespanUserAction": 600,
|
"accessCodeLifespanUserAction": 600,
|
||||||
"sslNotRequired": true,
|
"sslNotRequired": true,
|
||||||
"registrationAllowed": true,
|
"registrationAllowed": true,
|
||||||
"accountManagement": true,
|
|
||||||
"resetPasswordAllowed": true,
|
"resetPasswordAllowed": true,
|
||||||
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
|
"privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
|
||||||
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
"publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue