libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #248 from stianst/master

Browse source 
Fixed permissions not updated when realm is imported
This commit is contained in:
Stian Thorgersen 2014-02-27 10:23:51 +00:00
commit d5e0e73369
2 changed files with 43 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js
View file

@ -8,10 +8,14 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location
Auth.user = data; Auth.user = data;
Auth.loggedIn = true; Auth.loggedIn = true;
function getAccess(realm, role) { function getAccess(role) {
if (!Current.realm) {
return false;
}
var realmAccess = Auth.user['realm_access']; var realmAccess = Auth.user['realm_access'];
if (realmAccess) { if (realmAccess) {
realmAccess = realmAccess[realm]; realmAccess = realmAccess[Current.realm.realm];
if (realmAccess) { if (realmAccess) {
return realmAccess.indexOf(role) >= 0; return realmAccess.indexOf(role) >= 0;
} }
@ -23,35 +27,35 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location
admin: data.admin, admin: data.admin,
get viewRealm() { get viewRealm() {
return getAccess(Current.realm.realm, 'view-realm') || this.viewRealm; return getAccess('view-realm') || this.manageRealm;
}, },
get viewApplications() { get viewApplications() {
return getAccess(Current.realm.realm, 'view-applications') || this.manageApplications; return getAccess('view-applications') || this.manageApplications;
}, },
get viewClients() { get viewClients() {
return getAccess(Current.realm.realm, 'view-clients') || this.manageClients; return getAccess('view-clients') || this.manageClients;
}, },
get viewUsers() { get viewUsers() {
return getAccess(Current.realm.realm, 'view-users') || this.manageClients; return getAccess('view-users') || this.manageClients;
}, },
get manageRealm() { get manageRealm() {
return getAccess(Current.realm.realm, 'manage-realm'); return getAccess('manage-realm');
}, },
get manageApplications() { get manageApplications() {
return getAccess(Current.realm.realm, 'manage-applications'); return getAccess('manage-applications');
}, },
get manageClients() { get manageClients() {
return getAccess(Current.realm.realm, 'manage-clients'); return getAccess('manage-clients');
}, },
get manageUsers() { get manageUsers() {
return getAccess(Current.realm.realm, 'manage-users'); return getAccess('manage-users');
} }
} }
}) })
@ -147,9 +151,23 @@ module.controller('RealmCreateCtrl', function($scope, Current, Realm, $upload, $
//formDataAppender: function(formData, key, val){} //formDataAppender: function(formData, key, val){}
}).progress(function(evt) { }).progress(function(evt) {
console.log('percent: ' + parseInt(100.0 * evt.loaded / evt.total)); console.log('percent: ' + parseInt(100.0 * evt.loaded / evt.total));
}).success(function(data, status, headers, config) { }).success(function(data, status, headers) {
Notifications.success("The realm has been uploaded."); Realm.query(function(data) {
$location.url("/realms"); Current.realms = data;
$http.get('/auth/rest/admin/whoami').success(function(user) {
Auth.user = user;
Notifications.success("The realm has been uploaded.");
var location = headers('Location');
if (location) {
$location.url("/realms/" + location.substring(location.lastIndexOf('/') + 1));
} else {
$location.url("/realms");
}
});
});
}) })
.error(function() { .error(function() {
Notifications.error("The realm can not be uploaded. Please verify the file."); Notifications.error("The realm can not be uploaded. Please verify the file.");
@ -170,18 +188,12 @@ module.controller('RealmCreateCtrl', function($scope, Current, Realm, $upload, $
var ssl = window.location.protocol == 'https:'; var ssl = window.location.protocol == 'https:';
realmCopy.sslNotRequired = !ssl; realmCopy.sslNotRequired = !ssl;
console.log('creating new realm **'); console.log('creating new realm **');
Realm.create(realmCopy, function(data, headers) { Realm.create(realmCopy, function() {
var data = Realm.query(function() { Realm.query(function(data) {
Current.realms = data; Current.realms = data;
for (var i = 0; i < Current.realms.length; i++) {
if (Current.realms[i].realm == realmCopy.realm) {
Current.realm = Current.realms[i];
}
}
$http.get('/auth/rest/admin/whoami').success(function(data, status) { $http.get('/auth/rest/admin/whoami').success(function(user) {
Auth.user = data; Auth.user = user;
console.log("reloaded auth");
$location.url("/realms/" + realmCopy.realm); $location.url("/realms/" + realmCopy.realm);
Notifications.success("The realm has been created."); Notifications.success("The realm has been created.");

10
services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
View file

@ -105,7 +105,7 @@ public class RealmsAdminResource {
@POST @POST
@Consumes(MediaType.MULTIPART_FORM_DATA) @Consumes(MediaType.MULTIPART_FORM_DATA)
public Response uploadRealm(MultipartFormDataInput input) throws IOException { public Response uploadRealm(@Context final UriInfo uriInfo, MultipartFormDataInput input) throws IOException {
if (!auth.hasRealmRole(AdminRoles.ADMIN)) { if (!auth.hasRealmRole(AdminRoles.ADMIN)) {
throw new ForbiddenException(); throw new ForbiddenException();
} }
@ -117,8 +117,14 @@ public class RealmsAdminResource {
for (InputPart inputPart : inputParts) { for (InputPart inputPart : inputParts) {
inputPart.setMediaType(MediaType.APPLICATION_JSON_TYPE); inputPart.setMediaType(MediaType.APPLICATION_JSON_TYPE);
RealmRepresentation rep = inputPart.getBody(new GenericType<RealmRepresentation>(){}); RealmRepresentation rep = inputPart.getBody(new GenericType<RealmRepresentation>(){});
realmManager.importRealm(rep); RealmModel realm = realmManager.importRealm(rep);
if (inputParts.size() == 1) {
URI location = realmUrl(uriInfo).build(realm.getName());
return Response.created(location).build();
}
} }
return Response.noContent().build(); return Response.noContent().build();
} }