keycloak-memoizeit
Changes
forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js 90(+88 -2)
forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js 168(+49 -119)
forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html 22(+22 -0)
Details
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
index 74d3a5e..f73d947 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/app.js
@@ -277,9 +277,6 @@ module.config([ '$routeProvider', function($routeProvider) {
},
applications : function(ApplicationListLoader) {
return ApplicationListLoader();
- },
- roles : function(RoleListLoader) {
- return RoleListLoader();
}
},
controller : 'UserRoleMappingCtrl'
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
index 323c067..9f7615d 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
@@ -329,18 +329,22 @@ module.controller('ApplicationDetailCtrl', function($scope, realm, application,
});
-module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, application, roles, applications, ApplicationRealmScopeMapping, ApplicationApplicationScopeMapping, ApplicationRole) {
+module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, application, applications,
+ ApplicationRealmScopeMapping, ApplicationApplicationScopeMapping, ApplicationRole,
+ ApplicationAvailableRealmScopeMapping, ApplicationAvailableApplicationScopeMapping,
+ ApplicationCompositeRealmScopeMapping, ApplicationCompositeApplicationScopeMapping) {
$scope.realm = realm;
$scope.application = application;
- $scope.realmRoles = angular.copy(roles);
$scope.selectedRealmRoles = [];
$scope.selectedRealmMappings = [];
$scope.realmMappings = [];
$scope.applications = applications;
$scope.applicationRoles = [];
+ $scope.applicationComposite = [];
$scope.selectedApplicationRoles = [];
$scope.selectedApplicationMappings = [];
$scope.applicationMappings = [];
+ $scope.dummymodel = [];
@@ -447,6 +451,88 @@ module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm,
}
};
+ $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name});
+
+ $scope.addRealmRole = function() {
+ $http.post(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/realm',
+ $scope.selectedRealmRoles).success(function() {
+ $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.selectedRealmMappings = [];
+ $scope.selectRealmRoles = [];
+ if ($scope.targetApp) {
+ console.log('load available');
+ $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ }
+ });
+ };
+
+ $scope.deleteRealmRole = function() {
+ $http.delete(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/realm',
+ {data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.selectedRealmMappings = [];
+ $scope.selectRealmRoles = [];
+ if ($scope.targetApp) {
+ console.log('load available');
+ $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ }
+ });
+ };
+
+ $scope.addApplicationRole = function() {
+ $http.post(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/applications/' + $scope.targetApp.name,
+ $scope.selectedApplicationRoles).success(function() {
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ });
+ };
+
+ $scope.deleteApplicationRole = function() {
+ $http.delete(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/applications/' + $scope.targetApp.name,
+ {data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ });
+ };
+
+
+ $scope.changeApplication = function() {
+ console.log('changeApplication');
+ if ($scope.targetApp) {
+ console.log('load available');
+ $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ } else {
+ $scope.applicationRoles = null;
+ $scope.applicationMappings = null;
+ $scope.applicationComposite = null;
+ }
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ };
+
+
});
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
index 19aecb8..ee05261 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
@@ -1,117 +1,98 @@
-module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, roles, applications, RealmRoleMapping, ApplicationRoleMapping, ApplicationRole) {
+module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, applications, RealmRoleMapping,
+ ApplicationRoleMapping, AvailableRealmRoleMapping, AvailableApplicationRoleMapping,
+ CompositeRealmRoleMapping, CompositeApplicationRoleMapping) {
$scope.realm = realm;
$scope.user = user;
- $scope.realmRoles = angular.copy(roles);
$scope.selectedRealmRoles = [];
$scope.selectedRealmMappings = [];
$scope.realmMappings = [];
$scope.applications = applications;
$scope.applicationRoles = [];
+ $scope.applicationComposite = [];
$scope.selectedApplicationRoles = [];
$scope.selectedApplicationMappings = [];
$scope.applicationMappings = [];
+ $scope.dummymodel = [];
- $scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username}, function(){
- for (var i = 0; i < $scope.realmMappings.length; i++) {
- var role = $scope.realmMappings[i];
- for (var j = 0; j < $scope.realmRoles.length; j++) {
- var realmRole = $scope.realmRoles[j];
- if (realmRole.id == role.id) {
- var idx = $scope.realmRoles.indexOf(realmRole);
- if (idx != -1) {
- $scope.realmRoles.splice(idx, 1);
- break;
- }
- }
- }
- }
- });
+ $scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username});
+ $scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.username});
+ $scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.addRealmRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/realm',
$scope.selectedRealmRoles).success(function() {
- for (var i = 0; i < $scope.selectedRealmRoles.length; i++) {
- var role = $scope.selectedRealmRoles[i];
- var idx = $scope.realmRoles.indexOf($scope.selectedRealmRoles[i]);
- if (idx != -1) {
- $scope.realmRoles.splice(idx, 1);
- $scope.realmMappings.push(role);
- }
- }
+ $scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username});
+ $scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.username});
+ $scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
+ $scope.selectedRealmMappings = [];
$scope.selectRealmRoles = [];
+ if ($scope.application) {
+ console.log('load available');
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ }
});
};
$scope.deleteRealmRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/realm',
{data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
- for (var i = 0; i < $scope.selectedRealmMappings.length; i++) {
- var role = $scope.selectedRealmMappings[i];
- var idx = $scope.realmMappings.indexOf($scope.selectedRealmMappings[i]);
- if (idx != -1) {
- $scope.realmMappings.splice(idx, 1);
- $scope.realmRoles.push(role);
- }
- }
+ $scope.realmMappings = RealmRoleMapping.query({realm : realm.realm, userId : user.username});
+ $scope.realmRoles = AvailableRealmRoleMapping.query({realm : realm.realm, userId : user.username});
+ $scope.realmComposite = CompositeRealmRoleMapping.query({realm : realm.realm, userId : user.username});
$scope.selectedRealmMappings = [];
+ $scope.selectRealmRoles = [];
+ if ($scope.application) {
+ console.log('load available');
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ }
});
};
$scope.addApplicationRole = function() {
$http.post(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/applications/' + $scope.application.name,
$scope.selectedApplicationRoles).success(function() {
- for (var i = 0; i < $scope.selectedApplicationRoles.length; i++) {
- var role = $scope.selectedApplicationRoles[i];
- var idx = $scope.applicationRoles.indexOf($scope.selectedApplicationRoles[i]);
- if (idx != -1) {
- $scope.applicationRoles.splice(idx, 1);
- $scope.applicationMappings.push(role);
- }
- }
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
$scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
});
};
$scope.deleteApplicationRole = function() {
$http.delete(authUrl + '/admin/realms/' + realm.realm + '/users/' + user.username + '/role-mappings/applications/' + $scope.application.name,
{data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() {
- for (var i = 0; i < $scope.selectedApplicationMappings.length; i++) {
- var role = $scope.selectedApplicationMappings[i];
- var idx = $scope.applicationMappings.indexOf($scope.selectedApplicationMappings[i]);
- if (idx != -1) {
- $scope.applicationMappings.splice(idx, 1);
- $scope.applicationRoles.push(role);
- }
- }
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.selectedApplicationRoles = [];
$scope.selectedApplicationMappings = [];
});
};
$scope.changeApplication = function() {
+ console.log('changeApplication');
if ($scope.application) {
- $scope.applicationRoles = ApplicationRole.query({realm : realm.realm, userId : user.username, application : $scope.application.name}, function() {
- $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name}, function(){
- for (var i = 0; i < $scope.applicationMappings.length; i++) {
- var role = $scope.applicationMappings[i];
- for (var j = 0; j < $scope.applicationRoles.length; j++) {
- var realmRole = $scope.applicationRoles[j];
- if (realmRole.id == role.id) {
- var idx = $scope.applicationRoles.indexOf(realmRole);
- if (idx != -1) {
- $scope.applicationRoles.splice(idx, 1);
- break;
- }
- }
- }
- }
- });
-
- }
- );
+ console.log('load available');
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
} else {
$scope.applicationRoles = null;
+ $scope.applicationMappings = null;
+ $scope.applicationComposite = null;
}
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
};
@@ -329,54 +310,3 @@ module.controller('UserCredentialsCtrl', function($scope, realm, user, User, Use
$scope.userChange = false;
};
});
-
-module.controller('RoleMappingCtrl', function($scope, realm, User, users, role, RoleMapping, Notifications) {
- $scope.realm = realm;
- $scope.realmId = realm.realm || realm.realm;
- $scope.allUsers = User.query({ realm : $scope.realmId });
- $scope.users = users;
- $scope.role = role;
-
- $scope.addUser = function() {
- var user = $scope.newUser;
- $scope.newUser = null;
-
- for ( var i = 0; i < $scope.allUsers.length; i++) {
- if ($scope.allUsers[i].userId == user) {
- user = $scope.allUsers[i];
- RoleMapping.save({
- realm : $scope.realmId,
- role : role
- }, user, function() {
- $scope.users = RoleMapping.query({
- realm : $scope.realmId,
- role : role
- });
- Notifications.success("The role mapping has been added for the user.");
- });
- }
- }
- }
-
- $scope.removeUser = function(userId) {
- for (var i = 0; i < $scope.users.length; i++) {
- var user = $scope.users[i];
- if ($scope.users[i].userId == userId) {
- RoleMapping.delete({
- realm : $scope.realmId,
- role : role
- }, user, function() {
- $scope.users = RoleMapping.query({
- realm : $scope.realmId,
- role : role
- });
-
- Notifications.success("The role mapping has been removed for the user.");
- });
- }
- }
- }
-});
-
-
-
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
index f8515a2..6d33070 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
@@ -236,6 +236,21 @@ module.factory('RealmRoleMapping', function($resource) {
});
});
+module.factory('CompositeRealmRoleMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/realm/composite', {
+ realm : '@realm',
+ userId : '@userId'
+ });
+});
+
+module.factory('AvailableRealmRoleMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/realm/available', {
+ realm : '@realm',
+ userId : '@userId'
+ });
+});
+
+
module.factory('ApplicationRoleMapping', function($resource) {
return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/applications/:application', {
realm : '@realm',
@@ -244,6 +259,22 @@ module.factory('ApplicationRoleMapping', function($resource) {
});
});
+module.factory('AvailableApplicationRoleMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/applications/:application/available', {
+ realm : '@realm',
+ userId : '@userId',
+ application : "@application"
+ });
+});
+
+module.factory('CompositeApplicationRoleMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/users/:userId/role-mappings/applications/:application/composite', {
+ realm : '@realm',
+ userId : '@userId',
+ application : "@application"
+ });
+});
+
module.factory('ApplicationRealmScopeMapping', function($resource) {
return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/realm', {
realm : '@realm',
@@ -251,6 +282,20 @@ module.factory('ApplicationRealmScopeMapping', function($resource) {
});
});
+module.factory('ApplicationAvailableRealmScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/realm/available', {
+ realm : '@realm',
+ application : '@application'
+ });
+});
+
+module.factory('ApplicationCompositeRealmScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/realm/composite', {
+ realm : '@realm',
+ application : '@application'
+ });
+});
+
module.factory('ApplicationApplicationScopeMapping', function($resource) {
return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp', {
realm : '@realm',
@@ -259,6 +304,22 @@ module.factory('ApplicationApplicationScopeMapping', function($resource) {
});
});
+module.factory('ApplicationAvailableApplicationScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp/available', {
+ realm : '@realm',
+ application : '@application',
+ targetApp : '@targetApp'
+ });
+});
+
+module.factory('ApplicationCompositeApplicationScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp/composite', {
+ realm : '@realm',
+ application : '@application',
+ targetApp : '@targetApp'
+ });
+});
+
module.factory('RealmRoles', function($resource) {
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html
index d8f3f5f..de2e30d 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html
@@ -49,6 +49,17 @@
ng-model="selectedRealmMappings"
ng-options="r.name for r in realmMappings">
</select>
+ <div class="middle-buttons">
+ -
+ </div>
+ </div>
+ <div class="select-title">
+ <label class="control-label" for="realm-composite">Composite Scope Mappings</label>
+ <select id="realm-composite" class="form-control" multiple size=5
+ ng-disabled="true"
+ ng-model="dummymodel"
+ ng-options="r.name for r in realmComposite">
+ </select>
</div>
</div>
</div>
@@ -94,6 +105,17 @@
ng-options="r.name for r in applicationMappings">
</select>
</div>
+ <div class="middle-buttons">
+ -
+ </div>
+ <div class="select-title">
+ <label class="control-label" for="app-composite">Composite Role Mappings</label>
+ <select id="app-composite" class="form-control" multiple size=5
+ ng-disabled="true"
+ ng-model="dummymodel"
+ ng-options="r.name for r in applicationComposite">
+ </select>
+ </div>
</div>
</div>
</fieldset>
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/role-mappings.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/role-mappings.html
index 09dd60d..18dab11 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/role-mappings.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/role-mappings.html
@@ -45,6 +45,17 @@
ng-options="r.name for r in realmMappings">
</select>
</div>
+ <div class="middle-buttons">
+ -
+ </div>
+ <div class="select-title">
+ <label class="control-label" for="realm-composite">Composite Role Mappings</label>
+ <select id="realm-composite" class="form-control" multiple size=5
+ ng-disabled="true"
+ ng-model="dummymodel"
+ ng-options="r.name for r in realmComposite">
+ </select>
+ </div>
</div>
</div>
</fieldset>
@@ -89,6 +100,17 @@
ng-options="r.name for r in applicationMappings">
</select>
</div>
+ <div class="middle-buttons">
+ -
+ </div>
+ <div class="select-title">
+ <label class="control-label" for="app-composite">Composite Role Mappings</label>
+ <select id="app-composite" class="form-control" multiple size=5
+ ng-disabled="true"
+ ng-model="dummymodel"
+ ng-options="r.name for r in applicationComposite">
+ </select>
+ </div>
</div>
</div>
</fieldset>
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
index 549f154..38d6276 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
@@ -52,7 +52,6 @@ public class ScopeMappedResource {
MappingsRepresentation all = new MappingsRepresentation();
Set<RoleModel> realmMappings = realm.getRealmScopeMappings(client);
- RealmManager manager = new RealmManager(session);
if (realmMappings.size() > 0) {
List<RoleRepresentation> realmRep = new ArrayList<RoleRepresentation>();
for (RoleModel roleModel : realmMappings) {
@@ -92,13 +91,51 @@ public class ScopeMappedResource {
Set<RoleModel> realmMappings = realm.getRealmScopeMappings(client);
List<RoleRepresentation> realmMappingsRep = new ArrayList<RoleRepresentation>();
- RealmManager manager = new RealmManager(session);
for (RoleModel roleModel : realmMappings) {
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
}
return realmMappingsRep;
}
+ @Path("realm/available")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getAvailableRealmScopeMappings() {
+ auth.requireView();
+
+ Set<RoleModel> roles = realm.getRoles();
+ return getAvailable(roles);
+ }
+
+ private List<RoleRepresentation> getAvailable(Set<RoleModel> roles) {
+ List<RoleRepresentation> available = new ArrayList<RoleRepresentation>();
+ for (RoleModel roleModel : roles) {
+ if (realm.hasScope(client, roleModel)) continue;
+ available.add(ModelToRepresentation.toRepresentation(roleModel));
+ }
+ return available;
+ }
+
+ @Path("realm/composite")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getCompositeRealmScopeMappings() {
+ auth.requireView();
+
+ Set<RoleModel> roles = realm.getRoles();
+ return getComposite(roles);
+ }
+
+ private List<RoleRepresentation> getComposite(Set<RoleModel> roles) {
+ List<RoleRepresentation> composite = new ArrayList<RoleRepresentation>();
+ for (RoleModel roleModel : roles) {
+ if (realm.hasScope(client, roleModel)) composite.add(ModelToRepresentation.toRepresentation(roleModel));
+ }
+ return composite;
+ }
+
@Path("realm")
@POST
@Consumes("application/json")
@@ -160,6 +197,40 @@ public class ScopeMappedResource {
return mapRep;
}
+ @Path("applications/{app}/available")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getAvailableApplicationScopeMappings(@PathParam("app") String appName) {
+ auth.requireView();
+
+ ApplicationModel app = realm.getApplicationByName(appName);
+
+ if (app == null) {
+ throw new NotFoundException("Role not found");
+ }
+
+ Set<RoleModel> roles = app.getRoles();
+ return getAvailable(roles);
+ }
+
+ @Path("applications/{app}/composite")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getCompositeApplicationScopeMappings(@PathParam("app") String appName) {
+ auth.requireView();
+
+ ApplicationModel app = realm.getApplicationByName(appName);
+
+ if (app == null) {
+ throw new NotFoundException("Role not found");
+ }
+
+ Set<RoleModel> roles = app.getRoles();
+ return getComposite(roles);
+ }
+
@Path("applications/{app}")
@POST
@Consumes("application/json")
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
index 56f5e3b..1002fc2 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@@ -325,13 +325,50 @@ public class UsersResource {
Set<RoleModel> realmMappings = realm.getRealmRoleMappings(user);
List<RoleRepresentation> realmMappingsRep = new ArrayList<RoleRepresentation>();
- RealmManager manager = new RealmManager(session);
for (RoleModel roleModel : realmMappings) {
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
}
return realmMappingsRep;
}
+ @Path("{username}/role-mappings/realm/composite")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getCompositeRealmRoleMappings(@PathParam("username") String username) {
+ auth.requireView();
+
+ UserModel user = realm.getUser(username);
+ if (user == null) {
+ throw new NotFoundException("User not found");
+ }
+
+ Set<RoleModel> roles = realm.getRoles();
+ List<RoleRepresentation> realmMappingsRep = new ArrayList<RoleRepresentation>();
+ for (RoleModel roleModel : roles) {
+ if (realm.hasRole(user, roleModel)) {
+ realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
+ }
+ }
+ return realmMappingsRep;
+ }
+
+ @Path("{username}/role-mappings/realm/available")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getAvailableRealmRoleMappings(@PathParam("username") String username) {
+ auth.requireView();
+
+ UserModel user = realm.getUser(username);
+ if (user == null) {
+ throw new NotFoundException("User not found");
+ }
+
+ Set<RoleModel> available = realm.getRoles();
+ return getAvailableRoles(user, available);
+ }
+
@Path("{username}/role-mappings/realm")
@POST
@Consumes("application/json")
@@ -413,6 +450,72 @@ public class UsersResource {
return mapRep;
}
+ @Path("{username}/role-mappings/applications/{app}/composite")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getCompositeApplicationRoleMappings(@PathParam("username") String username, @PathParam("app") String appName) {
+ auth.requireView();
+
+ logger.debug("getCompositeApplicationRoleMappings");
+
+ UserModel user = realm.getUser(username);
+ if (user == null) {
+ throw new NotFoundException("User not found");
+ }
+
+ ApplicationModel application = realm.getApplicationByName(appName);
+
+ if (application == null) {
+ throw new NotFoundException("Application not found");
+ }
+
+ Set<RoleModel> roles = application.getRoles();
+ List<RoleRepresentation> mapRep = new ArrayList<RoleRepresentation>();
+ for (RoleModel roleModel : roles) {
+ if (realm.hasRole(user, roleModel)) mapRep.add(ModelToRepresentation.toRepresentation(roleModel));
+ }
+ logger.debugv("getCompositeApplicationRoleMappings.size() = {0}", mapRep.size());
+ return mapRep;
+ }
+
+ @Path("{username}/role-mappings/applications/{app}/available")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getAvailableApplicationRoleMappings(@PathParam("username") String username, @PathParam("app") String appName) {
+ auth.requireView();
+
+ logger.debug("getApplicationRoleMappings");
+
+ UserModel user = realm.getUser(username);
+ if (user == null) {
+ throw new NotFoundException("User not found");
+ }
+
+ ApplicationModel application = realm.getApplicationByName(appName);
+
+ if (application == null) {
+ throw new NotFoundException("Application not found");
+ }
+ Set<RoleModel> available = application.getRoles();
+ return getAvailableRoles(user, available);
+ }
+
+ protected List<RoleRepresentation> getAvailableRoles(UserModel user, Set<RoleModel> available) {
+ Set<RoleModel> roles = new HashSet<RoleModel>();
+ for (RoleModel roleModel : available) {
+ if (realm.hasRole(user, roleModel)) continue;
+ roles.add(roleModel);
+ }
+
+ List<RoleRepresentation> mappings = new ArrayList<RoleRepresentation>();
+ for (RoleModel roleModel : roles) {
+ mappings.add(ModelToRepresentation.toRepresentation(roleModel));
+ }
+ return mappings;
+ }
+
@Path("{username}/role-mappings/applications/{app}")
@POST
@Consumes("application/json")
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
index 167ca7e..8290d3f 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/account/AccountTest.java
@@ -161,6 +161,13 @@ public class AccountTest {
});
}
+ /*
+ @Test
+ public void forever() throws Exception{
+ while (true) Thread.sleep(5000);
+ }
+ */
+
@Test
public void returnToAppFromQueryParam() {
driver.navigate().to(AccountUpdateProfilePage.PATH + "?referrer=test-app");