libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

Miscellaneous fixes to coarse-grained authorization (#2766)

Browse source
This commit is contained in:
Stan Silvert 2022-06-13 05:07:53 -04:00 committed by GitHub
parent bbc3e0da22
commit f558052957
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/realm-roles/RealmRolesSection.tsx
View file

@ -4,10 +4,14 @@ import { ViewHeader } from "../components/view-header/ViewHeader";
import { useAdminClient } from "../context/auth/AdminClient"; import { useAdminClient } from "../context/auth/AdminClient";
import { RolesList } from "./RolesList"; import { RolesList } from "./RolesList";
import helpUrls from "../help-urls"; import helpUrls from "../help-urls";
import { useAccess } from "../context/access/Access";
export default function RealmRolesSection() { export default function RealmRolesSection() {
const adminClient = useAdminClient(); const adminClient = useAdminClient();
const { hasAccess } = useAccess();
const isManager = hasAccess("manage-realm");
const loader = (first?: number, max?: number, search?: string) => { const loader = (first?: number, max?: number, search?: string) => {
const params: { [name: string]: string | number } = { const params: { [name: string]: string | number } = {
first: first!, first: first!,
@ -31,7 +35,7 @@ export default function RealmRolesSection() {
helpUrl={helpUrls.realmRolesUrl} helpUrl={helpUrls.realmRolesUrl}
/> />
<PageSection variant="light" padding={{ default: "noPadding" }}> <PageSection variant="light" padding={{ default: "noPadding" }}>
<RolesList loader={loader} /> <RolesList loader={loader} isReadOnly={!isManager} />
</PageSection> </PageSection>
</> </>
); );

4
src/realm-roles/RolesList.tsx
View file

@ -25,7 +25,7 @@ type RolesListProps = {
paginated?: boolean; paginated?: boolean;
parentRoleId?: string; parentRoleId?: string;
messageBundle?: string; messageBundle?: string;
isReadOnly?: boolean; isReadOnly: boolean;
loader?: ( loader?: (
first?: number, first?: number,
max?: number, max?: number,
@ -52,7 +52,7 @@ export const RolesList = ({
paginated = true, paginated = true,
parentRoleId, parentRoleId,
messageBundle = "roles", messageBundle = "roles",
isReadOnly = false, isReadOnly,
}: RolesListProps) => { }: RolesListProps) => {
const { t } = useTranslation(messageBundle); const { t } = useTranslation(messageBundle);
const history = useHistory(); const history = useHistory();

6
src/user/UsersSection.tsx
View file

@ -50,6 +50,7 @@ import {
routableTab, routableTab,
RoutableTabs, RoutableTabs,
} from "../components/routable-tabs/RoutableTabs"; } from "../components/routable-tabs/RoutableTabs";
import { useAccess } from "../context/access/Access";
import "./user-section.css"; import "./user-section.css";
@ -72,6 +73,9 @@ export default function UsersSection() {
const [key, setKey] = useState(0); const [key, setKey] = useState(0);
const refresh = () => setKey(key + 1); const refresh = () => setKey(key + 1);
const { hasAccess } = useAccess();
const isManager = hasAccess("manage-users");
useFetch( useFetch(
async () => { async () => {
const testParams = { const testParams = {
@ -376,7 +380,7 @@ export default function UsersSection() {
/> />
) )
} }
toolbarItem={toolbar} toolbarItem={isManager ? toolbar : undefined}
actionResolver={(rowData: IRowData) => { actionResolver={(rowData: IRowData) => {
const user: UserRepresentation = rowData.data; const user: UserRepresentation = rowData.data;
if (!user.access?.manage) return []; if (!user.access?.manage) return [];