Commit graph

49 commits

Author SHA1 Message Date
Erik Jan de Wit
e8d8de8936
Use feature versions for admin3, account3, and login2 (#33458)
Closes #33405

Signed-off-by: stianst <stianst@gmail.com>
2024-10-03 12:09:36 +02:00
Daniel Fesenmeyer
87da4011f7
Bugfix: "User Profile" attributes not available for Users Attribute search, when admin user does not have view- or manage-realm realm-management role (#31771)
- UIRealmResource: add "info" sub-resource to get realm-related information, which is visible for ALL admins (users having any realm-management role); for now, only provide the information whether any user profile provider is enabled
- UIRealmResourceTest: test the new endpoint, including permissions check
- UserDataTable.tsx: use this resource to get the info whether user profile providers are enabled, instead of using the realm components resource (which requires "view-realm" permissions)
- .../cypress/e2e/users_attribute_search_test.spec.ts: add cypress test to test the attribute search with minimum access rights
- further small changes for reuse of components, test-code etc

Closes #27536

Signed-off-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.com>
2024-09-20 14:06:08 -04:00
Thomas Darimont
d28adcb81b
Avoid NPE if realm configuration contains invalid required action configuration (#32649)
* Avoid NPE if realm configuration contains invalid required action configuration

If users removed implementations or renamed the provider id of a required action, then the realm configuration might contain dangling references to required actions.
If we then try to find the RequiredActionFactory to determine the if the required action is configurable then NPE is thrown. This PR prevents the NPE with a guard clause.

Fixes #32624

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

* Log a warning if required action with missing provider is detected.

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

---------

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-09-04 15:04:58 -04:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms
Search by RealmName is done before loading all realms when filtering

Closes #31956

Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-21 14:58:36 +02:00
Alexander Schwartz
80d235fffb
Handle non-existing client gracefully (#32151)
Closes #32150

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-15 16:08:40 +02:00
Stefan Guilhen
aeb1951aba Replace calls to deprecated RealmModel IDP methods
- use the new provider instead

Closes #31254

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-15 10:55:36 -03:00
vramik
649b35929e Make sure users created through a registration link are managed members
Closes #30743

Signed-off-by: vramik <vramik@redhat.com>
2024-07-25 04:30:13 -03:00
Andreas Blättlinger
f4178bfa26
Remove effective roles filtering to avoid inconsistency (#28099)
* Changed effective roles filtering method

Signed-off-by: Andreas Blaettlinger <bln1imb@bosch.com>

* Adjusted remaining endpoints

Signed-off-by: Andreas Blaettlinger <bln1imb@bosch.com>

---------

Signed-off-by: Andreas Blaettlinger <bln1imb@bosch.com>
2024-07-08 14:56:55 +02:00
Erik Jan de Wit
08ead04c43
added pagination to realm selector (#30219)
* added pagination to realm selector

fixes: #29978
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fix display name for recent and refresh on open

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-06-13 11:29:57 +02:00
Thomas Darimont
ab376d9101 Make required actions configurable (#28400)
- Add tests for crud operations on configurable required actions
- Add support exposing the required action configuration via RequiredActionContext
- Make configSaveError message reusable in other contexts
- Introduced admin-ui specific endpoint for retrieving required actions with config metadata

Fixes #28400

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-05-23 08:38:36 +02:00
Pedro Igor
b019cf6129 Support unmanaged attributes for service accounts and make sure they are only managed through the admin api
Closes #29362

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-21 16:56:18 -03:00
Hynek Mlnarik
65fcd44fe1 Use admin console correctly in KeycloakIdentity
Fixes: #29688

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-05-21 13:35:44 +02:00
Alexander Schwartz
df47dee924 Rework the result for the session search to contain a single result per user sessions
Closes #29203

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-03 13:51:14 +02:00
Pedro Ruivo
3e0a185070 Remove deprecated EnvironmentDependentProviderFactory.isSupported method
Closes #26280

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-19 16:36:49 +02:00
Thomas Darimont
68617180a2 Show indicator for transient user in user sessions list in admin ui (28879)
For transient users a transient label is now shown in the realm sessions and client sessions list in the admin ui.

Fixes #28879

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-04-19 09:48:41 +02:00
Hynek Mlnarik
146204c5cd Ensure correct treatment of auth and transient users
This commit establishes consistency in retrieval of users and responses
between `org.keycloak.admin.ui.rest.UsersResource.getUser(String)` and
`org.keycloak.services.resources.admin.UsersResource.user(String)`

Fixes: #28666

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-04-15 10:17:34 +02:00
Steven Hawkins
35b9d8aa49
task: remove usage of resteasy-core-spi (#27387)
closes: #27242

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-03-21 15:28:34 +01:00
Steve Hawkins
4091baf4c2 fix: accounting for the possibility of null flows from existing realms
closes: #23980

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-03-08 14:25:23 +01:00
Réda Housni Alaoui
a3b3ee4b87
Ability to declare a default "First broker login flow" per Realm
Closes #25823

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-02-28 16:17:51 +01:00
Oliver
bf89d53134
Show display name in realm selector (#27259)
Solves #17735

Signed-off-by: Oliver Cremerius <antikalk@users.noreply.github.com>
2024-02-26 14:04:38 +01:00
mposolda
692aeee17d Enable user profile by default
closes #25151

Signed-off-by: mposolda <mposolda@gmail.com>
2024-01-11 12:48:44 -03:00
Réda Housni Alaoui
5287500703 @NoCache is not considered anymore
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2024-01-02 09:06:55 -03:00
Garth
9be7f0e474
added permission checking to ui-ext realm resource so realm names are not leaked to users without the appropriate permissions. #25679 (#25683)
Closes: #25392
Closes: #25679

Signed-off-by: Garth <244253+xgp@users.noreply.github.com>
2024-01-02 11:46:43 +01:00
rmartinc
d841971ff4 Updating the UP configuration needs to trigger an admin event
Close #23896

Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-12-18 19:24:30 +01:00
mposolda
c81b533cf6 Update UserProfileProvider.setConfiguration. Tuning of UserProfileProvider.getConfiguration
closes #25416

Signed-off-by: mposolda <mposolda@gmail.com>
2023-12-14 14:43:28 +01:00
Pedro Igor
fa79b686b6 Refactoring user profile interfaces and consolidating user representation for both admin and account context
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-12-13 08:27:55 +01:00
Pedro Igor
c7f63d5843 Add options to change behavior on how unmanaged attributes are managed
Closes #24934

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-11-30 06:58:21 -03:00
Sebastian Schuster
030f42ec83
More efficient listing of assigned and available client role mappings
Closes #23404

Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
2023-11-22 14:10:11 +01:00
Réda Housni Alaoui
3f014c7299
Cannot display 'Authentication Flows' screen when a realm contains more than ~4000 clients (#21058)
closes #21010 

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2023-11-13 19:13:01 +01:00
Alice
69497382d8
Group scalability upgrades (#22700)
closes #22372 


Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-10-26 16:50:45 +02:00
Erik Jan de Wit
339619816a
lazy populate the treeview for groups (#21520)
* added lazy parameter

fixes: #19954

* changed to only have the parameter

* fixed merge errors

* removed the `lazy` and now add subgroups on select

* lint

* fixed prettier

* fixed nullpointer

* fixed member tab
2023-08-04 20:19:34 +00:00
Erik Jan de Wit
e24d51edca
only use the names of the realms (#21576)
* only use the names of the realms

fixes: #21555

* fixed merge error

* fixed test

* removed braces from arrow function
2023-07-18 09:52:06 +02:00
Daniele Martinoli
817f129484
fix: closes #21095 (#21289)
* fix: closes #21095

* Added overloaded version of GroupUtils.toGroupHierarchy with additional full parameter.
2023-07-10 12:13:26 +02:00
Erik Jan de Wit
c0ac409974
fixed pagination on the sessions tab (#20865)
* fixed pagination on the sessions tab

fixes: #20835

* changed to use steam
2023-06-14 08:25:27 +00:00
Daniele Martinoli
4eb05490f5
added per-instance filtering logic to search groups API (#20714) 2023-06-02 06:31:20 +00:00
Erik Jan de Wit
3862f82c2d
added fine-grained auth on EffectiveRoleMappingResource (#20417) 2023-05-31 10:09:18 -04:00
Erik Jan de Wit
d76c295c09
Only show default role effective roles (#20285)
fixes: #19982
2023-05-30 14:17:10 -04:00
Erik Jan de Wit
b958d8b205
added PostBrokerLoginFlow to idp used by query (#20208)
fixes: #19942
2023-05-25 14:23:26 -04:00
Erik Jan de Wit
81580908c3
don't add access when fine grained access is off (#19991)
fixes: #19990
2023-05-02 10:50:18 +02:00
Peter Zaoral
c2d1cade8d Quarkus3 branch sync no. 7
27.2.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Peter Zaoral
50c84d5805 Quarkus3 branch sync no. 2
20.1.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
---
3.3.2023:
Resolved conflicts:
keycloak/rest/admin-ui-ext/src/main/java/org/keycloak/admin/ui/rest/BruteForceUsersResource.java - Modified

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Erik Jan de Wit
1f51ddb86e
Use Admin API extension to group sessions (#19837)
Fixes #19673
2023-04-26 08:17:58 +00:00
Stan Silvert
c595e3430e
Add access to full group tree. Fix access for members tab. Add missing (#19423)
props to Access object.
Fixes #17589
2023-03-31 15:11:13 -04:00
Erik Jan de Wit
0a85c532ee
don't include service accounts in search results (#17189)
fixes: #8849
2023-03-01 19:20:52 +01:00
Erik Jan de Wit
9c431f3b90
introduced combined sessions table needed (offline and regular) (#17023) 2023-02-20 08:59:38 +01:00
Erik Jan de Wit
d0828148a2
removed invalid search (#16913)
fixes: https://github.com/keycloak/keycloak-ui/issues/4320
2023-02-20 08:59:26 +01:00
Erik Jan de Wit
6736f31952
fixed fine grain permissions (#16668)
fixes: #3700
2023-01-28 10:13:53 -05:00
Erik Jan de Wit
5f8ee1c49d
add fine grain access to subgroups (#16672)
fixes: https://github.com/keycloak/keycloak-ui/issues/4195
2023-01-27 14:20:26 -05:00
Stian Thorgersen
8d05895adb
Move Admin REST extension to main repository (#16530)
Closes #16529
2023-01-19 13:06:21 +01:00