libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

Merge pull request #241 from stianst/admin-access

Browse source 
Fixes to permissions in admin console
This commit is contained in:
Stian Thorgersen 2014-02-25 15:42:08 +00:00
commit dd75864749
6 changed files with 51 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
admin-ui/src/main/resources/META-INF/resources/admin/js/app.js
View file

@ -672,6 +672,20 @@ module.directive('kcInput', function() {
return d;
});
module.directive('kcDisableForm', function() {
var d = {
scope : true,
replace : false,
link : function(scope, element, attrs) {
var form = element.children('form');
console.debug(form);
var input = element.children('input');
input.attr('disabled', 'true');
}
};
return d;
});
module.directive('kcEnter', function() {
return function(scope, element, attrs) {
element.bind("keydown keypress", function(event) {
@ -779,11 +793,7 @@ module.directive('kcSelect', function ($compile, Notifications) {
module.directive('kcNavigation', function ($compile, Notifications) {
return {
scope: {
kcCurrent: '@',
kcRealm: '=',
kcSocial: '='
},
scope: true,
restrict: 'E',
replace: true,
templateUrl: 'templates/kc-navigation.html',

22
admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js
View file

@ -8,7 +8,7 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location
Auth.user = data;
Auth.loggedIn = true;
Auth.hasAccess = function(realm, role) {
function getAccess(realm, role) {
var realmAccess = Auth.user['realm_access'];
if (realmAccess) {
realmAccess = realmAccess[realm];
@ -18,6 +18,26 @@ module.controller('GlobalCtrl', function($scope, $http, Auth, Current, $location
}
return false;
}
$scope.access = {
admin: data.admin,
get manageRealm() {
return getAccess(Current.realm.realm, 'manage-realm');
},
get manageApplications() {
return getAccess(Current.realm.realm, 'manage-applications');
},
get manageClients() {
return getAccess(Current.realm.realm, 'manage-clients');
},
get manageUsers() {
return getAccess(Current.realm.realm, 'manage-users');
}
}
})
.error(function(data, status) {
Auth.loggedIn = false;

2
admin-ui/src/main/resources/META-INF/resources/admin/partials/menu.html
View file

@ -33,7 +33,7 @@
</li>
</ul>
</li>
<li class="active pull-right" data-ng-show="auth.loggedIn && auth.user.admin">
<li class="active pull-right" data-ng-show="auth.loggedIn && access.admin">
<a class="button primary" href="#/create/realm" data-ng-class="path[0] == 'create' && path[1] == 'realm' && 'active'"
data-ng-show="auth.loggedIn">Add Realm</a>
</li>

4
admin-ui/src/main/resources/META-INF/resources/admin/partials/realm-detail.html
View file

@ -7,7 +7,7 @@
<li><a href="#/realms/{{realm.realm}}">Settings</a></li>
<li class="active">General</li>
</ol>
<div data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')">
<div data-ng-show="access.manageRealm">
<h2 class="pull-left" data-ng-show="createRealm">Add Realm</h2>
<h2 data-ng-hide="createRealm"><span>{{realm.realm}}</span> General Settings</h2>
<p class="subtitle" data-ng-show="createRealm"><span class="required">*</span> Required fields</p>
@ -102,7 +102,7 @@
</div>
</form>
</div>
<div data-ng-hide="auth.hasAccess(realm.realm, 'manage-realm')">
<div data-ng-hide="access.manageRealm">
<h2 ><span>{{realm.realm}}</span></h2>
</div>

8
admin-ui/src/main/resources/META-INF/resources/admin/partials/realm-menu.html
View file

@ -1,9 +1,9 @@
<ul data-ng-hide="createRealm">
<li data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')" data-ng-class="((!path[2] || path[1] == 'role' || path[2] == 'roles' || path[2] == 'token-settings' ||
<li data-ng-show="access.manageRealm" data-ng-class="((!path[2] || path[1] == 'role' || path[2] == 'roles' || path[2] == 'token-settings' ||
path[2] == 'social-settings' || path[2] == 'required-credentials' || path[2] == 'default-roles' || path[2] == 'registration-settings' ||
path[2] == 'keys-settings' || path[2] == 'smtp-settings') && path[3] != 'applications') && 'active'"><a href="#/realms/{{realm.realm}}">Settings</a></li>
<li data-ng-show="auth.hasAccess(realm.realm, 'manage-users')" data-ng-class="(path[2] == 'users' || path[1] == 'user') && 'active'"><a href="#/realms/{{realm.realm}}/users">Users</a>
<li data-ng-show="access.manageUsers" data-ng-class="(path[2] == 'users' || path[1] == 'user') && 'active'"><a href="#/realms/{{realm.realm}}/users">Users</a>
</li>
<li data-ng-show="auth.hasAccess(realm.realm, 'manage-applications')" data-ng-class="(path[2] == 'applications' || path[1] == 'application' || path[3] == 'applications') && 'active'"><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
<li data-ng-show="auth.hasAccess(realm.realm, 'manage-clients')" data-ng-class="(path[2] == 'oauth-clients' || path[1] == 'oauth-client') && 'active'"><a href="#/realms/{{realm.realm}}/oauth-clients">OAuth Clients</a></li>
<li data-ng-show="access.manageApplications" data-ng-class="(path[2] == 'applications' || path[1] == 'application' || path[3] == 'applications') && 'active'"><a href="#/realms/{{realm.realm}}/applications">Applications</a></li>
<li data-ng-show="access.manageClients" data-ng-class="(path[2] == 'oauth-clients' || path[1] == 'oauth-client') && 'active'"><a href="#/realms/{{realm.realm}}/oauth-clients">OAuth Clients</a></li>
</ul>

16
admin-ui/src/main/resources/META-INF/resources/admin/templates/kc-navigation.html
View file

@ -1,10 +1,10 @@
<ul class="nav nav-tabs nav-tabs-pf">
<li ng-class="{active: kcCurrent == 'general'}"><a href="#/realms/{{kcRealm}}">General</a></li>
<li ng-class="{active: kcCurrent == 'social'}" data-ng-show="kcSocial && auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{kcRealm}}/social-settings">Social</a></li>
<li ng-class="{active: kcCurrent == 'roles'}" data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{kcRealm}}/roles">Roles</a></li>
<li ng-class="{active: kcCurrent == 'defRoles'}" data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{kcRealm}}/default-roles">Default Roles</a></li>
<li ng-class="{active: kcCurrent == 'credentials'}" data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{kcRealm}}/required-credentials">Credentials</a></li>
<li ng-class="{active: kcCurrent == 'token'}" data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{kcRealm}}/token-settings">Token</a></li>
<li ng-class="{active: kcCurrent == 'keys'}" data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{kcRealm}}/keys-settings">Keys</a></li>
<li ng-class="{active: kcCurrent == 'email'}" data-ng-show="auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{kcRealm}}/smtp-settings">Email</a></li>
<li ng-class="{active: !path[2]}"><a href="#/realms/{{realm.realm}}">General</a></li>
<li ng-class="{active: path[2] == 'social'}" data-ng-show="kcSocial && auth.hasAccess(realm.realm, 'manage-realm')"><a href="#/realms/{{realm.realm}}/social-settings">Social</a></li>
<li ng-class="{active: path[2] == 'roles'}" data-ng-show="access.manageRealm"><a href="#/realms/{{realm.realm}}/roles">Roles</a></li>
<li ng-class="{active: path[2] == 'default-roles'}" data-ng-show="access.manageRealm"><a href="#/realms/{{realm.realm}}/default-roles">Default Roles</a></li>
<li ng-class="{active: path[2] == 'required-credentials'}" data-ng-show="access.manageRealm"><a href="#/realms/{{realm.realm}}/required-credentials">Credentials</a></li>
<li ng-class="{active: path[2] == 'token-settings'}" data-ng-show="access.manageRealm"><a href="#/realms/{{realm.realm}}/token-settings">Token</a></li>
<li ng-class="{active: path[2] == 'keys-settings'}" data-ng-show="access.manageRealm"><a href="#/realms/{{realm.realm}}/keys-settings">Keys</a></li>
<li ng-class="{active: path[2] == 'smtp-settings'}" data-ng-show="access.manageRealm"><a href="#/realms/{{realm.realm}}/smtp-settings">Email</a></li>
</ul>