Merge pull request #3260 from stianst/KEYCLOAK-2756

KEYCLOAK-2756
2016-09-26 13:22:12 +02:00 · 2016-09-26 13:22:12 +02:00 · e8fe9bce11
commit e8fe9bce11
parent 3b455d1735 033d1f564a
6 changed files with 32 additions and 9 deletions
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
@ -21,6 +21,7 @@ import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.HttpResponse;
 import org.jboss.resteasy.spi.NotFoundException;
+import org.keycloak.Config;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.common.Version;
 import org.keycloak.theme.BrowserSecurityHeaderSetup;
@ -290,6 +291,7 @@ public class AdminConsole {

            map.put("authUrl", authUrl);
            map.put("resourceUrl", Urls.themeRoot(baseUri) + "/admin/" + theme.getName());
+            map.put("masterRealm", Config.getAdminRealm());
            map.put("resourceVersion", Version.RESOURCES_VERSION);
            map.put("properties", theme.getProperties());

--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@ -20,6 +20,7 @@ import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.BadRequestException;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
+import org.keycloak.Config;
 import org.keycloak.KeyPairVerifier;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.common.VerificationException;
@ -281,6 +282,11 @@ public class RealmAdminResource {
        auth.requireManage();

        logger.debug("updating realm: " + realm.getName());
+
+        if (Config.getAdminRealm().equals(realm.getName()) && (rep.getRealm() != null && !rep.getRealm().equals(Config.getAdminRealm()))) {
+            return ErrorResponse.error("Can't rename master realm", Status.BAD_REQUEST);
+        }
+
        try {
            if (!Constants.GENERATE.equals(rep.getPublicKey()) && (rep.getPrivateKey() != null && rep.getPublicKey() != null)) {
                try {
--- a/themes/src/main/resources/theme/base/admin/index.ftl
+++ b/themes/src/main/resources/theme/base/admin/index.ftl
@ -18,6 +18,7 @@
    <script type="text/javascript">
        var authUrl = '${authUrl}';
        var resourceUrl = '${resourceUrl}';
+        var masterRealm = '${masterRealm}';
    </script>

    <script src="${resourceUrl}/lib/jquery/jquery-1.10.2.js" type="text/javascript"></script>
--- a/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
+++ b/themes/src/main/resources/theme/base/admin/resources/js/controllers/realm.js
@ -217,10 +217,11 @@ module.controller('ObjectModalCtrl', function($scope, object) {
    $scope.object = object;
 });

-module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, serverInfo, $http, $location, Dialog, Notifications, Auth) {
+module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, serverInfo, $http, $location, $window, Dialog, Notifications, Auth) {
    $scope.createRealm = !realm.realm;
    $scope.serverInfo = serverInfo;
    $scope.realmName = realm.realm;
+    $scope.disableRename = realm.realm == masterRealm;

    if (Current.realm == null || Current.realm.realm != realm.realm) {
        for (var i = 0; i < Current.realms.length; i++) {
@ -257,6 +258,7 @@ module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, ser
        realmCopy.realm = $scope.realmName;
        $scope.changed = false;
        var nameChanged = !angular.equals($scope.realmName, oldCopy.realm);
+        var oldName = oldCopy.realm;
        Realm.update({ id : oldCopy.realm}, realmCopy, function () {
            var data = Realm.query(function () {
                Current.realms = data;
@ -269,14 +271,26 @@ module.controller('RealmDetailCtrl', function($scope, Current, Realm, realm, ser
            });

            if (nameChanged) {
-                Auth.refreshPermissions(function() {
-                    Auth.refreshPermissions(function() {
-                        Notifications.success("Your changes have been saved to the realm.");
-                        $scope.$apply(function() {
-                            $location.url("/realms/" + realmCopy.realm);
+                console.debug(Auth);
+                console.debug(Auth.authz.tokenParsed.iss);
+
+                if (Auth.authz.tokenParsed.iss.endsWith(masterRealm)) {
+                    Auth.refreshPermissions(function () {
+                        Auth.refreshPermissions(function () {
+                            Notifications.success("Your changes have been saved to the realm.");
+                            $scope.$apply(function () {
+                                $location.url("/realms/" + realmCopy.realm);
+                            });
                        });
                    });
-                });
+                } else {
+                    delete Auth.authz.token;
+                    delete Auth.authz.refreshToken;
+
+                    var newLocation = $window.location.href.replace('/' + oldName + '/', '/' + realmCopy.realm + '/')
+                        .replace('/realms/' + oldName, '/realms/' + realmCopy.realm);
+                    window.location.replace(newLocation);
+                }
            } else {
                $location.url("/realms/" + realmCopy.realm);
                Notifications.success("Your changes have been saved to the realm.");
--- a/themes/src/main/resources/theme/base/admin/resources/partials/menu.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/menu.html
@ -16,7 +16,7 @@
                {{auth.user.displayName|capitalize}} <b class="caret"></b>
            </a>
            <ul class="dropdown-menu">
-                <li><a href="{{authUrl}}/realms/{{auth.user.realm}}/account?referrer=security-admin-console">{{:: 'manage-account' | translate}}</a></li>
+                <li><a data-ng-click="auth.authz.accountManagement()" href="">{{:: 'manage-account' | translate}}</a></li>
                <li><a href="#/server-info">{{:: 'server-info' | translate}}</a></li>
                <li class="divider"></li>
                <li><a href="" ng-click="auth.authz.logout()">{{:: 'sign-out' | translate}}</a></li>
--- a/themes/src/main/resources/theme/base/admin/resources/partials/realm-detail.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/realm-detail.html
@ -5,7 +5,7 @@
            <div class="form-group">
                <label class="col-md-2 control-label" for="name"><span class="required">*</span> {{:: 'name' | translate}}</label>
                <div class="col-md-6">
-                    <input class="form-control" type="text" id="name" name="name" data-ng-model="realmName" autofocus required>
+                    <input class="form-control" data-ng-disabled="disableRename" type="text" id="name" name="name" data-ng-model="realmName" autofocus required>
                </div>
            </div>