Merge pull request #4298 from pedroigor/3.2.final-fixes

Some fixes for AuthZ UI
This commit is contained in:
Pedro Igor 2017-07-07 09:06:00 -03:00 committed by GitHub
commit cff8a1ecc6
22 changed files with 444 additions and 142 deletions

View file

@ -24,6 +24,7 @@ import java.util.List;
import java.util.Map;
import javax.persistence.EntityManager;
import javax.persistence.FlushModeType;
import javax.persistence.NoResultException;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
@ -34,14 +35,10 @@ import javax.persistence.criteria.Root;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.jpa.entities.PolicyEntity;
import org.keycloak.authorization.jpa.entities.ResourceServerEntity;
import org.keycloak.authorization.model.Policy;
import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.store.PolicyStore;
import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
/**
@ -96,8 +93,10 @@ public class JPAPolicyStore implements PolicyStore {
public Policy findByName(String name, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByName", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("name", name);
try {
String id = query.getSingleResult();
return provider.getStoreFactory().getPolicyStore().findById(id, resourceServerId);
@ -167,6 +166,7 @@ public class JPAPolicyStore implements PolicyStore {
public List<Policy> findByResource(final String resourceId, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByResource", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("resourceId", resourceId);
query.setParameter("serverId", resourceServerId);
@ -182,6 +182,7 @@ public class JPAPolicyStore implements PolicyStore {
public List<Policy> findByResourceType(final String resourceType, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByResourceType", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("type", resourceType);
query.setParameter("serverId", resourceServerId);
@ -202,6 +203,7 @@ public class JPAPolicyStore implements PolicyStore {
// Use separate subquery to handle DB2 and MSSSQL
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByScope", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("scopeIds", scopeIds);
query.setParameter("serverId", resourceServerId);
@ -217,6 +219,7 @@ public class JPAPolicyStore implements PolicyStore {
public List<Policy> findByType(String type, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByType", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("type", type);
@ -233,6 +236,7 @@ public class JPAPolicyStore implements PolicyStore {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByDependentPolices", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("policyId", policyId);

View file

@ -19,13 +19,13 @@ package org.keycloak.authorization.jpa.store;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.jpa.entities.ResourceEntity;
import org.keycloak.authorization.jpa.entities.ResourceServerEntity;
import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.store.ResourceStore;
import org.keycloak.models.utils.KeycloakModelUtils;
import javax.persistence.EntityManager;
import javax.persistence.FlushModeType;
import javax.persistence.NoResultException;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
@ -34,7 +34,6 @@ import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
@ -62,6 +61,7 @@ public class JPAResourceStore implements ResourceStore {
entity.setOwner(owner);
this.entityManager.persist(entity);
this.entityManager.flush();
return new ResourceAdapter(entity, entityManager, provider.getStoreFactory());
}
@ -90,6 +90,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByOwner(String ownerId, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByOwner", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("owner", ownerId);
query.setParameter("serverId", resourceServerId);
@ -108,6 +109,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByUri(String uri, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByUri", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("uri", uri);
query.setParameter("serverId", resourceServerId);
@ -185,6 +187,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByScope(List<String> scopes, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByScope", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("scopeIds", scopes);
query.setParameter("serverId", resourceServerId);
@ -203,8 +206,10 @@ public class JPAResourceStore implements ResourceStore {
public Resource findByName(String name, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByName", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("name", name);
try {
String id = query.getSingleResult();
return provider.getStoreFactory().getResourceStore().findById(id, resourceServerId);
@ -217,6 +222,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByType(String type, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByType", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("type", type);
query.setParameter("serverId", resourceServerId);

View file

@ -23,6 +23,7 @@ import java.util.List;
import java.util.Map;
import javax.persistence.EntityManager;
import javax.persistence.FlushModeType;
import javax.persistence.NoResultException;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
@ -32,7 +33,6 @@ import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.jpa.entities.ResourceServerEntity;
import org.keycloak.authorization.jpa.entities.ScopeEntity;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.model.Scope;
@ -61,6 +61,7 @@ public class JPAScopeStore implements ScopeStore {
entity.setResourceServer(ResourceServerAdapter.toEntity(entityManager, resourceServer));
this.entityManager.persist(entity);
this.entityManager.flush();
return new ScopeAdapter(entity, entityManager, provider.getStoreFactory());
}
@ -91,8 +92,10 @@ public class JPAScopeStore implements ScopeStore {
try {
TypedQuery<String> query = entityManager.createNamedQuery("findScopeIdByName", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("name", name);
String id = query.getSingleResult();
return provider.getStoreFactory().getScopeStore().findById(id, resourceServerId);
} catch (NoResultException nre) {
@ -104,6 +107,7 @@ public class JPAScopeStore implements ScopeStore {
public List<Scope> findByResourceServer(final String serverId) {
TypedQuery<String> query = entityManager.createNamedQuery("findScopeIdByResourceServer", String.class);
query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", serverId);
List<String> result = query.getResultList();

View file

@ -1930,24 +1930,21 @@ public class RepresentationToModel {
resourceServer.setPolicyEnforcementMode(rep.getPolicyEnforcementMode());
resourceServer.setAllowRemoteResourceManagement(rep.isAllowRemoteResourceManagement());
rep.getScopes().forEach(scope -> {
for (ScopeRepresentation scope : rep.getScopes()) {
toModel(scope, resourceServer, authorization);
});
}
KeycloakSession session = authorization.getKeycloakSession();
RealmModel realm = authorization.getRealm();
rep.getResources().forEach(resourceRepresentation -> {
ResourceOwnerRepresentation owner = resourceRepresentation.getOwner();
for (ResourceRepresentation resource : rep.getResources()) {
ResourceOwnerRepresentation owner = resource.getOwner();
if (owner == null) {
owner = new ResourceOwnerRepresentation();
resourceRepresentation.setOwner(owner);
}
owner.setId(resourceServer.getClientId());
if (owner.getName() != null) {
resource.setOwner(owner);
} else if (owner.getName() != null) {
UserModel user = session.users().getUserByUsername(owner.getName(), realm);
if (user != null) {
@ -1955,8 +1952,8 @@ public class RepresentationToModel {
}
}
toModel(resourceRepresentation, resourceServer, authorization);
});
toModel(resource, resourceServer, authorization);
}
importPolicies(authorization, resourceServer, rep.getPolicies(), null);
}
@ -1975,7 +1972,9 @@ public class RepresentationToModel {
PolicyStore policyStore = storeFactory.getPolicyStore();
try {
List<String> policies = (List<String>) JsonSerialization.readValue(applyPolicies, List.class);
config.put("applyPolicies", JsonSerialization.writeValueAsString(policies.stream().map(policyName -> {
Set<String> policyIds = new HashSet<>();
for (String policyName : policies) {
Policy policy = policyStore.findByName(policyName, resourceServer.getId());
if (policy == null) {
@ -1989,8 +1988,10 @@ public class RepresentationToModel {
}
}
return policy.getId();
}).collect(Collectors.toList())));
policyIds.add(policy.getId());
}
config.put("applyPolicies", JsonSerialization.writeValueAsString(policyIds));
} catch (Exception e) {
throw new RuntimeException("Error while importing policy [" + policyRepresentation.getName() + "].", e);
}
@ -2029,6 +2030,8 @@ public class RepresentationToModel {
if (representation instanceof PolicyRepresentation) {
PolicyRepresentation policy = PolicyRepresentation.class.cast(representation);
if (resources == null) {
String resourcesConfig = policy.getConfig().get("resources");
if (resourcesConfig != null) {
@ -2038,7 +2041,9 @@ public class RepresentationToModel {
throw new RuntimeException(e);
}
}
}
if (scopes == null) {
String scopesConfig = policy.getConfig().get("scopes");
if (scopesConfig != null) {
@ -2048,7 +2053,9 @@ public class RepresentationToModel {
throw new RuntimeException(e);
}
}
}
if (policies == null) {
String policiesConfig = policy.getConfig().get("applyPolicies");
if (policiesConfig != null) {
@ -2058,6 +2065,7 @@ public class RepresentationToModel {
throw new RuntimeException(e);
}
}
}
model.setConfig(policy.getConfig());
}

View file

@ -27,6 +27,7 @@ import org.keycloak.testsuite.console.page.clients.authorization.policy.PolicyTy
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import org.openqa.selenium.support.ui.Select;
@ -123,4 +124,15 @@ public class Permissions extends Form {
}
}
}
public void deleteFromList(String name) {
for (WebElement row : permissions().rows()) {
PolicyRepresentation actual = permissions().toRepresentation(row);
if (actual.getName().equalsIgnoreCase(name)) {
row.findElements(tagName("td")).get(4).click();
driver.findElement(By.xpath(".//button[text()='Delete']")).click();
return;
}
}
}
}

View file

@ -32,6 +32,7 @@ import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import org.openqa.selenium.support.ui.Select;
@ -199,4 +200,15 @@ public class Policies extends Form {
}
}
}
public void deleteFromList(String name) {
for (WebElement row : policies().rows()) {
PolicyRepresentation actual = policies().toRepresentation(row);
if (actual.getName().equalsIgnoreCase(name)) {
row.findElements(tagName("td")).get(4).click();
driver.findElement(By.xpath(".//button[text()='Delete']")).click();
return;
}
}
}
}

View file

@ -23,6 +23,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
@ -73,6 +74,17 @@ public class Resources extends Form {
}
}
public void deleteFromList(String name) {
for (WebElement row : resources().rows()) {
ResourceRepresentation actual = resources().toRepresentation(row);
if (actual.getName().equalsIgnoreCase(name)) {
row.findElements(tagName("td")).get(6).click();
driver.findElement(By.xpath(".//button[text()='Delete']")).click();
return;
}
}
}
public Resource name(String name) {
for (WebElement row : resources().rows()) {
ResourceRepresentation actual = resources().toRepresentation(row);

View file

@ -22,6 +22,7 @@ import org.jboss.arquillian.graphene.page.Page;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
@ -67,4 +68,14 @@ public class Scopes extends Form {
}
}
}
public void deleteFromList(String name) {
for (WebElement row : scopes().rows()) {
ScopeRepresentation actual = scopes().toRepresentation(row);
if (actual.getName().equalsIgnoreCase(name)) {
row.findElements(tagName("td")).get(3).click();
driver.findElement(By.xpath(".//button[text()='Delete']")).click();
}
}
}
}

View file

@ -122,6 +122,22 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
AggregatePolicyRepresentation expected = new AggregatePolicyRepresentation();
expected.setName("Test Delete Aggregate Policy");
expected.setDescription("description");
expected.addPolicy("Policy C");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private AggregatePolicyRepresentation createPolicy(AggregatePolicyRepresentation expected) {
AggregatePolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();

View file

@ -76,7 +76,7 @@ public class ClientPolicyManagementTest extends AbstractAuthorizationSettingsTes
}
@Test
public void testDeletePolicy() throws InterruptedException {
public void testDelete() throws InterruptedException {
authorizationPage.navigateTo();
ClientPolicyRepresentation expected = new ClientPolicyRepresentation();
@ -92,6 +92,22 @@ public class ClientPolicyManagementTest extends AbstractAuthorizationSettingsTes
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
ClientPolicyRepresentation expected = new ClientPolicyRepresentation();
expected.setName("Test Client Policy");
expected.setDescription("description");
expected.addClient("client c");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private ClientPolicyRepresentation createPolicy(ClientPolicyRepresentation expected) {
ClientPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();

View file

@ -135,6 +135,25 @@ public class GroupPolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
GroupPolicyRepresentation expected = new GroupPolicyRepresentation();
expected.setName("Test Delete Group Policy");
expected.setDescription("description");
expected.setGroupsClaim("groups");
expected.addGroupPath("/Group A", true);
expected.addGroupPath("/Group A/Group B/Group D");
expected.addGroupPath("Group F");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private GroupPolicyRepresentation createPolicy(GroupPolicyRepresentation expected) {
GroupPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();

View file

@ -74,6 +74,22 @@ public class JSPolicyManagementTest extends AbstractAuthorizationSettingsTest {
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
JSPolicyRepresentation expected = new JSPolicyRepresentation();
expected.setName("Test JS Policy");
expected.setDescription("description");
expected.setCode("$evaluation.deny();");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private JSPolicyRepresentation createPolicy(JSPolicyRepresentation expected) {
JSPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();

View file

@ -72,7 +72,7 @@ public class ResourceManagementTest extends AbstractAuthorizationSettingsTest {
}
@Test
public void testDelete() {
public void testDeleteFromDetails() {
ResourceRepresentation expected = createResource();
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().resources().delete(expected.getName());
@ -80,6 +80,15 @@ public class ResourceManagementTest extends AbstractAuthorizationSettingsTest {
assertNull(authorizationPage.authorizationTabs().resources().resources().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() {
ResourceRepresentation expected = createResource();
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().resources().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().resources().resources().findByName(expected.getName()));
}
private ResourceRepresentation createResource() {
ResourceRepresentation expected = new ResourceRepresentation();

View file

@ -165,6 +165,23 @@ public class ResourcePermissionManagementTest extends AbstractAuthorizationSetti
assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
ResourcePermissionRepresentation expected = new ResourcePermissionRepresentation();
expected.setName("Test Delete Resource Permission");
expected.setDescription("description");
expected.addResource("Resource B");
expected.addPolicy("Policy C");
expected = createPermission(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().permissions().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
}
private ResourcePermissionRepresentation createPermission(ResourcePermissionRepresentation expected) {
ResourcePermission policy = authorizationPage.authorizationTabs().permissions().create(expected);
assertAlertSuccess();

View file

@ -208,6 +208,24 @@ public class RolePolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
RolePolicyRepresentation expected = new RolePolicyRepresentation();
expected.setName("Test Delete Role Policy");
expected.setDescription("description");
expected.addRole("Realm Role A");
expected.addRole("Realm Role B");
expected.addRole("Realm Role C");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private RolePolicyRepresentation createPolicy(RolePolicyRepresentation expected) {
RolePolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();

View file

@ -71,6 +71,18 @@ public class RulePolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
RulePolicyRepresentation expected =createDefaultRepresentation("Delete Rule Policy");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private RulePolicyRepresentation createDefaultRepresentation(String name) {
RulePolicyRepresentation expected = new RulePolicyRepresentation();

View file

@ -49,6 +49,15 @@ public class ScopeManagementTest extends AbstractAuthorizationSettingsTest {
assertNull(authorizationPage.authorizationTabs().scopes().scopes().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() {
ScopeRepresentation expected = createScope();
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().scopes().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().scopes().scopes().findByName(expected.getName()));
}
private ScopeRepresentation createScope() {
ScopeRepresentation expected = new ScopeRepresentation();

View file

@ -166,6 +166,23 @@ public class ScopePermissionManagementTest extends AbstractAuthorizationSettings
assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
ScopePermissionRepresentation expected = new ScopePermissionRepresentation();
expected.setName("Test Delete Scope Permission");
expected.setDescription("description");
expected.addScope("Scope C");
expected.addPolicy("Policy C");
expected = createPermission(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().permissions().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
}
private ScopePermissionRepresentation createPermission(ScopePermissionRepresentation expected) {
ScopePermission policy = authorizationPage.authorizationTabs().permissions().create(expected);
assertAlertSuccess();

View file

@ -109,6 +109,33 @@ public class TimePolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
TimePolicyRepresentation expected = new TimePolicyRepresentation();
expected.setName("Test Time Policy");
expected.setDescription("description");
expected.setNotBefore("2017-01-01 00:00:00");
expected.setNotBefore("2018-01-01 00:00:00");
expected.setDayMonth("1");
expected.setDayMonthEnd("2");
expected.setMonth("3");
expected.setMonthEnd("4");
expected.setYear("5");
expected.setYearEnd("6");
expected.setHour("7");
expected.setHourEnd("8");
expected.setMinute("9");
expected.setMinuteEnd("10");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private TimePolicyRepresentation createPolicy(TimePolicyRepresentation expected) {
TimePolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();

View file

@ -76,7 +76,7 @@ public class UserPolicyManagementTest extends AbstractAuthorizationSettingsTest
}
@Test
public void testDeletePolicy() throws InterruptedException {
public void testDelete() throws InterruptedException {
authorizationPage.navigateTo();
UserPolicyRepresentation expected = new UserPolicyRepresentation();
@ -92,6 +92,22 @@ public class UserPolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
@Test
public void testDeleteFromList() throws InterruptedException {
authorizationPage.navigateTo();
UserPolicyRepresentation expected = new UserPolicyRepresentation();
expected.setName("Test User Policy");
expected.setDescription("description");
expected.addUser("user c");
expected = createPolicy(expected);
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
authorizationPage.navigateTo();
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
private UserPolicyRepresentation createPolicy(UserPolicyRepresentation expected) {
UserPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();

View file

@ -79,7 +79,72 @@ module.controller('ResourceServerDetailCtrl', function($scope, $http, $route, $l
});
});
module.controller('ResourceServerResourceCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerResource, client) {
var Resources = {
delete: function(ResourceServerResource, realm, client, $scope, AuthzDialog, $location, Notifications, $route) {
ResourceServerResource.permissions({
realm : realm,
client : client.id,
rsrid : $scope.resource._id
}, function (permissions) {
var msg = "";
if (permissions.length > 0 && !$scope.deleteConsent) {
msg = "<p>This resource is referenced in some permissions:</p>";
msg += "<ul>";
for (i = 0; i < permissions.length; i++) {
msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
}
msg += "</ul>";
msg += "<p>If you remove this resource, the permissions above will be affected and will not be associated with this resource anymore.</p>";
}
AuthzDialog.confirmDeleteWithMsg($scope.resource.name, "Resource", msg, function() {
ResourceServerResource.delete({realm : realm, client : $scope.client.id, rsrid : $scope.resource._id}, null, function() {
$location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/resource");
$route.reload();
Notifications.success("The resource has been deleted.");
});
});
});
}
}
var Policies = {
delete: function(service, realm, client, $scope, AuthzDialog, $location, Notifications, $route, isPermission) {
var msg = "";
service.dependentPolicies({
realm : realm,
client : client.id,
id : $scope.policy.id
}, function (dependentPolicies) {
if (dependentPolicies.length > 0 && !$scope.deleteConsent) {
msg = "<p>This policy is being used by other policies:</p>";
msg += "<ul>";
for (i = 0; i < dependentPolicies.length; i++) {
msg+= "<li><strong>" + dependentPolicies[i].name + "</strong></li>";
}
msg += "</ul>";
msg += "<p>If you remove this policy, the policies above will be affected and will not be associated with this policy anymore.</p>";
}
AuthzDialog.confirmDeleteWithMsg($scope.policy.name, isPermission ? "Permission" : "Policy", msg, function() {
service.delete({realm : realm, client : $scope.client.id, id : $scope.policy.id}, null, function() {
if (isPermission) {
$location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/permission");
Notifications.success("The permission has been deleted.");
} else {
$location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/policy");
Notifications.success("The policy has been deleted.");
}
$route.reload();
});
});
});
}
}
module.controller('ResourceServerResourceCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerResource, client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
@ -171,6 +236,11 @@ module.controller('ResourceServerResourceCtrl', function($scope, $http, $route,
}
}
};
$scope.delete = function(resource) {
$scope.resource = resource;
Resources.delete(ResourceServerResource, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
};
});
module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $route, $location, realm, ResourceServer, client, ResourceServerResource, ResourceServerScope, AuthzDialog, Notifications) {
@ -282,30 +352,7 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r
}
$scope.remove = function() {
ResourceServerResource.permissions({
realm : $route.current.params.realm,
client : client.id,
rsrid : $scope.resource._id
}, function (permissions) {
var msg = "";
if (permissions.length > 0 && !$scope.deleteConsent) {
msg = "<p>This resource is referenced in some policies:</p>";
msg += "<ul>";
for (i = 0; i < permissions.length; i++) {
msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
}
msg += "</ul>";
msg += "<p>If you remove this resource, the policies above will be affected and will not be associated with this resource anymore.</p>";
}
AuthzDialog.confirmDeleteWithMsg($scope.resource.name, "Resource", msg, function() {
ResourceServerResource.delete({realm : realm.realm, client : $scope.client.id, rsrid : $scope.resource._id}, null, function() {
$location.url("/realms/" + realm.realm + "/clients/" + $scope.client.id + "/authz/resource-server/resource");
Notifications.success("The resource has been deleted.");
});
});
});
Resources.delete(ResourceServerResource, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
}
$scope.reset = function() {
@ -338,7 +385,37 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r
}
});
module.controller('ResourceServerScopeCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerScope, client) {
var Scopes = {
delete: function(ResourceServerScope, realm, client, $scope, AuthzDialog, $location, Notifications, $route) {
ResourceServerScope.permissions({
realm : realm,
client : client.id,
id : $scope.scope.id
}, function (permissions) {
var msg = "";
if (permissions.length > 0 && !$scope.deleteConsent) {
msg = "<p>This scope is referenced in some permissions:</p>";
msg += "<ul>";
for (i = 0; i < permissions.length; i++) {
msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
}
msg += "</ul>";
msg += "<p>If you remove this scope, the permissions above will be affected and will not be associated with this scope anymore.</p>";
}
AuthzDialog.confirmDeleteWithMsg($scope.scope.name, "Scope", msg, function() {
ResourceServerScope.delete({realm : realm, client : $scope.client.id, id : $scope.scope.id}, null, function() {
$location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/scope");
$route.reload();
Notifications.success("The scope has been deleted.");
});
});
});
}
}
module.controller('ResourceServerScopeCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerScope,client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
@ -430,6 +507,11 @@ module.controller('ResourceServerScopeCtrl', function($scope, $http, $route, $lo
}
}
};
$scope.delete = function(scope) {
$scope.scope = scope;
Scopes.delete(ResourceServerScope, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
};
});
module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $route, $location, realm, ResourceServer, client, ResourceServerScope, AuthzDialog, Notifications) {
@ -499,30 +581,7 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout
}
$scope.remove = function() {
ResourceServerScope.permissions({
realm : $route.current.params.realm,
client : client.id,
id : $scope.scope.id
}, function (permissions) {
var msg = "";
if (permissions.length > 0 && !$scope.deleteConsent) {
msg = "<p>This scope is referenced in some policies:</p>";
msg += "<ul>";
for (i = 0; i < permissions.length; i++) {
msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
}
msg += "</ul>";
msg += "<p>If you remove this scope, the policies above will be affected and will not be associated with this scope anymore.</p>";
}
AuthzDialog.confirmDeleteWithMsg($scope.scope.name, "Scope", msg, function() {
ResourceServerScope.delete({realm : realm.realm, client : $scope.client.id, id : $scope.scope.id}, null, function() {
$location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/scope");
Notifications.success("The scope has been deleted.");
});
});
});
Scopes.delete(ResourceServerScope, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
}
$scope.reset = function() {
@ -554,7 +613,7 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout
}
});
module.controller('ResourceServerPolicyCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPolicy, PolicyProvider, client) {
module.controller('ResourceServerPolicyCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPolicy, PolicyProvider, client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
$scope.policyProviders = [];
@ -650,9 +709,14 @@ module.controller('ResourceServerPolicyCtrl', function($scope, $http, $route, $l
}
}
};
$scope.delete = function(policy) {
$scope.policy = policy;
Policies.delete(ResourceServerPolicy, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route, false);
};
});
module.controller('ResourceServerPermissionCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPermission, PolicyProvider, client) {
module.controller('ResourceServerPermissionCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPermission, PolicyProvider, client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
$scope.policyProviders = [];
@ -747,6 +811,11 @@ module.controller('ResourceServerPermissionCtrl', function($scope, $http, $route
}
}
};
$scope.delete = function(policy) {
$scope.policy = policy;
Policies.delete(ResourceServerPermission, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route, true);
};
});
module.controller('ResourceServerPolicyDroolsDetailCtrl', function($scope, $http, $route, realm, client, PolicyController) {
@ -1137,6 +1206,11 @@ module.controller('ResourceServerPolicyScopeDetailCtrl', function($scope, $route
rsrid: resource[0]._id
}, function (scopes) {
$scope.resourceScopes = scopes;
});
});
});
}
ResourceServerPolicy.scopes({
realm : $route.current.params.realm,
client : client.id,
@ -1154,10 +1228,6 @@ module.controller('ResourceServerPolicyScopeDetailCtrl', function($scope, $route
}
}, true);
});
});
});
});
}
} else {
$scope.selectedResource = null;
var copy = angular.copy($scope.selectedResource);
@ -2098,35 +2168,7 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe
});
$scope.remove = function() {
var msg = "";
service.dependentPolicies({
realm : $route.current.params.realm,
client : client.id,
id : $scope.policy.id
}, function (dependentPolicies) {
if (dependentPolicies.length > 0 && !$scope.deleteConsent) {
msg = "<p>This policy is being used by other policies:</p>";
msg += "<ul>";
for (i = 0; i < dependentPolicies.length; i++) {
msg+= "<li><strong>" + dependentPolicies[i].name + "</strong></li>";
}
msg += "</ul>";
msg += "<p>If you remove this policy, the policies above will be affected and will not be associated with this policy anymore.</p>";
}
AuthzDialog.confirmDeleteWithMsg($scope.policy.name, "Policy", msg, function() {
service.delete({realm : $scope.realm.realm, client : $scope.client.id, id : $scope.policy.id}, null, function() {
if (delegate.isPermission()) {
$location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/permission");
Notifications.success("The permission has been deleted.");
} else {
$location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/policy");
Notifications.success("The policy has been deleted.");
}
});
});
});
Policies.delete(ResourceServerPolicy, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route, delegate.isPermission());
}
}
});

View file

@ -38,7 +38,6 @@
</div>
<div class="form-group clearfix" data-ng-show="selectedResource">
<label class="col-md-2 control-label" for="resourceScopes">{{:: 'authz-scopes' | translate}} <span class="required">*</span></label>
<div class="col-md-6">
<select ui-select2 id="resourceScopes"
data-ng-model="selectedScopes"