keycloak-uncached
Changes
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/permission/Permissions.java 12(+12 -0)
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/Policies.java 12(+12 -0)
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/Resources.java 12(+12 -0)
testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/scope/Scopes.java 11(+11 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java 16(+16 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ClientPolicyManagementTest.java 18(+17 -1)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/GroupPolicyManagementTest.java 19(+19 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/JSPolicyManagementTest.java 16(+16 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourceManagementTest.java 11(+10 -1)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourcePermissionManagementTest.java 17(+17 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RolePolicyManagementTest.java 18(+18 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RulePolicyManagementTest.java 12(+12 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopeManagementTest.java 9(+9 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopePermissionManagementTest.java 17(+17 -0)
testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/TimePolicyManagementTest.java 27(+27 -0)
Details
diff --git a/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAPolicyStore.java b/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAPolicyStore.java
index eb350be..1bd41e2 100644
--- a/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAPolicyStore.java
+++ b/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAPolicyStore.java
@@ -24,6 +24,7 @@ import java.util.List;
import java.util.Map;
import javax.persistence.EntityManager;
+import javax.persistence.FlushModeType;
import javax.persistence.NoResultException;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
@@ -34,14 +35,10 @@ import javax.persistence.criteria.Root;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.jpa.entities.PolicyEntity;
-import org.keycloak.authorization.jpa.entities.ResourceServerEntity;
import org.keycloak.authorization.model.Policy;
-import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.store.PolicyStore;
-import org.keycloak.authorization.store.StoreFactory;
import org.keycloak.models.utils.KeycloakModelUtils;
-import org.keycloak.models.utils.RepresentationToModel;
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
/**
@@ -96,8 +93,10 @@ public class JPAPolicyStore implements PolicyStore {
public Policy findByName(String name, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByName", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("name", name);
+
try {
String id = query.getSingleResult();
return provider.getStoreFactory().getPolicyStore().findById(id, resourceServerId);
@@ -167,6 +166,7 @@ public class JPAPolicyStore implements PolicyStore {
public List<Policy> findByResource(final String resourceId, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByResource", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("resourceId", resourceId);
query.setParameter("serverId", resourceServerId);
@@ -182,6 +182,7 @@ public class JPAPolicyStore implements PolicyStore {
public List<Policy> findByResourceType(final String resourceType, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByResourceType", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("type", resourceType);
query.setParameter("serverId", resourceServerId);
@@ -202,6 +203,7 @@ public class JPAPolicyStore implements PolicyStore {
// Use separate subquery to handle DB2 and MSSSQL
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByScope", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("scopeIds", scopeIds);
query.setParameter("serverId", resourceServerId);
@@ -217,6 +219,7 @@ public class JPAPolicyStore implements PolicyStore {
public List<Policy> findByType(String type, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByType", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("type", type);
@@ -233,6 +236,7 @@ public class JPAPolicyStore implements PolicyStore {
TypedQuery<String> query = entityManager.createNamedQuery("findPolicyIdByDependentPolices", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("policyId", policyId);
diff --git a/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAResourceStore.java b/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAResourceStore.java
index 7d1a731..7a505ab 100644
--- a/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAResourceStore.java
+++ b/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAResourceStore.java
@@ -19,13 +19,13 @@ package org.keycloak.authorization.jpa.store;
import org.keycloak.authorization.AuthorizationProvider;
import org.keycloak.authorization.jpa.entities.ResourceEntity;
-import org.keycloak.authorization.jpa.entities.ResourceServerEntity;
import org.keycloak.authorization.model.Resource;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.store.ResourceStore;
import org.keycloak.models.utils.KeycloakModelUtils;
import javax.persistence.EntityManager;
+import javax.persistence.FlushModeType;
import javax.persistence.NoResultException;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
@@ -34,7 +34,6 @@ import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import java.util.ArrayList;
-import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
@@ -62,6 +61,7 @@ public class JPAResourceStore implements ResourceStore {
entity.setOwner(owner);
this.entityManager.persist(entity);
+ this.entityManager.flush();
return new ResourceAdapter(entity, entityManager, provider.getStoreFactory());
}
@@ -90,6 +90,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByOwner(String ownerId, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByOwner", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("owner", ownerId);
query.setParameter("serverId", resourceServerId);
@@ -108,6 +109,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByUri(String uri, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByUri", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("uri", uri);
query.setParameter("serverId", resourceServerId);
@@ -185,6 +187,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByScope(List<String> scopes, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByScope", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("scopeIds", scopes);
query.setParameter("serverId", resourceServerId);
@@ -203,8 +206,10 @@ public class JPAResourceStore implements ResourceStore {
public Resource findByName(String name, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByName", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("name", name);
+
try {
String id = query.getSingleResult();
return provider.getStoreFactory().getResourceStore().findById(id, resourceServerId);
@@ -217,6 +222,7 @@ public class JPAResourceStore implements ResourceStore {
public List<Resource> findByType(String type, String resourceServerId) {
TypedQuery<String> query = entityManager.createNamedQuery("findResourceIdByType", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("type", type);
query.setParameter("serverId", resourceServerId);
diff --git a/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAScopeStore.java b/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAScopeStore.java
index f8a9350..befde65 100644
--- a/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAScopeStore.java
+++ b/model/jpa/src/main/java/org/keycloak/authorization/jpa/store/JPAScopeStore.java
@@ -23,6 +23,7 @@ import java.util.List;
import java.util.Map;
import javax.persistence.EntityManager;
+import javax.persistence.FlushModeType;
import javax.persistence.NoResultException;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
@@ -32,7 +33,6 @@ import javax.persistence.criteria.Predicate;
import javax.persistence.criteria.Root;
import org.keycloak.authorization.AuthorizationProvider;
-import org.keycloak.authorization.jpa.entities.ResourceServerEntity;
import org.keycloak.authorization.jpa.entities.ScopeEntity;
import org.keycloak.authorization.model.ResourceServer;
import org.keycloak.authorization.model.Scope;
@@ -61,6 +61,7 @@ public class JPAScopeStore implements ScopeStore {
entity.setResourceServer(ResourceServerAdapter.toEntity(entityManager, resourceServer));
this.entityManager.persist(entity);
+ this.entityManager.flush();
return new ScopeAdapter(entity, entityManager, provider.getStoreFactory());
}
@@ -91,8 +92,10 @@ public class JPAScopeStore implements ScopeStore {
try {
TypedQuery<String> query = entityManager.createNamedQuery("findScopeIdByName", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", resourceServerId);
query.setParameter("name", name);
+
String id = query.getSingleResult();
return provider.getStoreFactory().getScopeStore().findById(id, resourceServerId);
} catch (NoResultException nre) {
@@ -104,6 +107,7 @@ public class JPAScopeStore implements ScopeStore {
public List<Scope> findByResourceServer(final String serverId) {
TypedQuery<String> query = entityManager.createNamedQuery("findScopeIdByResourceServer", String.class);
+ query.setFlushMode(FlushModeType.COMMIT);
query.setParameter("serverId", serverId);
List<String> result = query.getResultList();
diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java b/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
index bf2da44..fe27fae 100755
--- a/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
+++ b/server-spi-private/src/main/java/org/keycloak/models/utils/RepresentationToModel.java
@@ -1930,24 +1930,21 @@ public class RepresentationToModel {
resourceServer.setPolicyEnforcementMode(rep.getPolicyEnforcementMode());
resourceServer.setAllowRemoteResourceManagement(rep.isAllowRemoteResourceManagement());
- rep.getScopes().forEach(scope -> {
+ for (ScopeRepresentation scope : rep.getScopes()) {
toModel(scope, resourceServer, authorization);
- });
+ }
KeycloakSession session = authorization.getKeycloakSession();
RealmModel realm = authorization.getRealm();
- rep.getResources().forEach(resourceRepresentation -> {
- ResourceOwnerRepresentation owner = resourceRepresentation.getOwner();
+ for (ResourceRepresentation resource : rep.getResources()) {
+ ResourceOwnerRepresentation owner = resource.getOwner();
if (owner == null) {
owner = new ResourceOwnerRepresentation();
- resourceRepresentation.setOwner(owner);
- }
-
- owner.setId(resourceServer.getClientId());
-
- if (owner.getName() != null) {
+ owner.setId(resourceServer.getClientId());
+ resource.setOwner(owner);
+ } else if (owner.getName() != null) {
UserModel user = session.users().getUserByUsername(owner.getName(), realm);
if (user != null) {
@@ -1955,8 +1952,8 @@ public class RepresentationToModel {
}
}
- toModel(resourceRepresentation, resourceServer, authorization);
- });
+ toModel(resource, resourceServer, authorization);
+ }
importPolicies(authorization, resourceServer, rep.getPolicies(), null);
}
@@ -1975,7 +1972,9 @@ public class RepresentationToModel {
PolicyStore policyStore = storeFactory.getPolicyStore();
try {
List<String> policies = (List<String>) JsonSerialization.readValue(applyPolicies, List.class);
- config.put("applyPolicies", JsonSerialization.writeValueAsString(policies.stream().map(policyName -> {
+ Set<String> policyIds = new HashSet<>();
+
+ for (String policyName : policies) {
Policy policy = policyStore.findByName(policyName, resourceServer.getId());
if (policy == null) {
@@ -1989,8 +1988,10 @@ public class RepresentationToModel {
}
}
- return policy.getId();
- }).collect(Collectors.toList())));
+ policyIds.add(policy.getId());
+ }
+
+ config.put("applyPolicies", JsonSerialization.writeValueAsString(policyIds));
} catch (Exception e) {
throw new RuntimeException("Error while importing policy [" + policyRepresentation.getName() + "].", e);
}
@@ -2029,33 +2030,40 @@ public class RepresentationToModel {
if (representation instanceof PolicyRepresentation) {
PolicyRepresentation policy = PolicyRepresentation.class.cast(representation);
- String resourcesConfig = policy.getConfig().get("resources");
- if (resourcesConfig != null) {
- try {
- resources = JsonSerialization.readValue(resourcesConfig, Set.class);
- } catch (IOException e) {
- throw new RuntimeException(e);
+ if (resources == null) {
+ String resourcesConfig = policy.getConfig().get("resources");
+
+ if (resourcesConfig != null) {
+ try {
+ resources = JsonSerialization.readValue(resourcesConfig, Set.class);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
}
}
- String scopesConfig = policy.getConfig().get("scopes");
+ if (scopes == null) {
+ String scopesConfig = policy.getConfig().get("scopes");
- if (scopesConfig != null) {
- try {
- scopes = JsonSerialization.readValue(scopesConfig, Set.class);
- } catch (IOException e) {
- throw new RuntimeException(e);
+ if (scopesConfig != null) {
+ try {
+ scopes = JsonSerialization.readValue(scopesConfig, Set.class);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
}
}
- String policiesConfig = policy.getConfig().get("applyPolicies");
+ if (policies == null) {
+ String policiesConfig = policy.getConfig().get("applyPolicies");
- if (policiesConfig != null) {
- try {
- policies = JsonSerialization.readValue(policiesConfig, Set.class);
- } catch (IOException e) {
- throw new RuntimeException(e);
+ if (policiesConfig != null) {
+ try {
+ policies = JsonSerialization.readValue(policiesConfig, Set.class);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
}
}
diff --git a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/permission/Permissions.java b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/permission/Permissions.java
index fee3da3..de9c13c 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/permission/Permissions.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/permission/Permissions.java
@@ -27,6 +27,7 @@ import org.keycloak.testsuite.console.page.clients.authorization.policy.PolicyTy
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
import org.keycloak.testsuite.util.WaitUtils;
+import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import org.openqa.selenium.support.ui.Select;
@@ -123,4 +124,15 @@ public class Permissions extends Form {
}
}
}
+
+ public void deleteFromList(String name) {
+ for (WebElement row : permissions().rows()) {
+ PolicyRepresentation actual = permissions().toRepresentation(row);
+ if (actual.getName().equalsIgnoreCase(name)) {
+ row.findElements(tagName("td")).get(4).click();
+ driver.findElement(By.xpath(".//button[text()='Delete']")).click();
+ return;
+ }
+ }
+ }
}
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/Policies.java b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/Policies.java
index 7ac4b52..a42e12e 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/Policies.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/policy/Policies.java
@@ -32,6 +32,7 @@ import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
import org.keycloak.testsuite.util.WaitUtils;
+import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
import org.openqa.selenium.support.ui.Select;
@@ -199,4 +200,15 @@ public class Policies extends Form {
}
}
}
+
+ public void deleteFromList(String name) {
+ for (WebElement row : policies().rows()) {
+ PolicyRepresentation actual = policies().toRepresentation(row);
+ if (actual.getName().equalsIgnoreCase(name)) {
+ row.findElements(tagName("td")).get(4).click();
+ driver.findElement(By.xpath(".//button[text()='Delete']")).click();
+ return;
+ }
+ }
+ }
}
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/Resources.java b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/Resources.java
index 0290bc1..199be95 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/Resources.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/resource/Resources.java
@@ -23,6 +23,7 @@ import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
import org.keycloak.testsuite.util.WaitUtils;
+import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
@@ -73,6 +74,17 @@ public class Resources extends Form {
}
}
+ public void deleteFromList(String name) {
+ for (WebElement row : resources().rows()) {
+ ResourceRepresentation actual = resources().toRepresentation(row);
+ if (actual.getName().equalsIgnoreCase(name)) {
+ row.findElements(tagName("td")).get(6).click();
+ driver.findElement(By.xpath(".//button[text()='Delete']")).click();
+ return;
+ }
+ }
+ }
+
public Resource name(String name) {
for (WebElement row : resources().rows()) {
ResourceRepresentation actual = resources().toRepresentation(row);
diff --git a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/scope/Scopes.java b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/scope/Scopes.java
index 4e706e7..3974e35 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/scope/Scopes.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/authorization/scope/Scopes.java
@@ -22,6 +22,7 @@ import org.jboss.arquillian.graphene.page.Page;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.testsuite.page.Form;
import org.keycloak.testsuite.util.URLUtils;
+import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.FindBy;
@@ -67,4 +68,14 @@ public class Scopes extends Form {
}
}
}
+
+ public void deleteFromList(String name) {
+ for (WebElement row : scopes().rows()) {
+ ScopeRepresentation actual = scopes().toRepresentation(row);
+ if (actual.getName().equalsIgnoreCase(name)) {
+ row.findElements(tagName("td")).get(3).click();
+ driver.findElement(By.xpath(".//button[text()='Delete']")).click();
+ }
+ }
+ }
}
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java
index f1bba0d..be2a984 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AggregatePolicyManagementTest.java
@@ -122,6 +122,22 @@ public class AggregatePolicyManagementTest extends AbstractAuthorizationSettings
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ AggregatePolicyRepresentation expected = new AggregatePolicyRepresentation();
+
+ expected.setName("Test Delete Aggregate Policy");
+ expected.setDescription("description");
+ expected.addPolicy("Policy C");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private AggregatePolicyRepresentation createPolicy(AggregatePolicyRepresentation expected) {
AggregatePolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ClientPolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ClientPolicyManagementTest.java
index 2c95b83..04e9826 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ClientPolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ClientPolicyManagementTest.java
@@ -76,7 +76,7 @@ public class ClientPolicyManagementTest extends AbstractAuthorizationSettingsTes
}
@Test
- public void testDeletePolicy() throws InterruptedException {
+ public void testDelete() throws InterruptedException {
authorizationPage.navigateTo();
ClientPolicyRepresentation expected = new ClientPolicyRepresentation();
@@ -92,6 +92,22 @@ public class ClientPolicyManagementTest extends AbstractAuthorizationSettingsTes
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ ClientPolicyRepresentation expected = new ClientPolicyRepresentation();
+
+ expected.setName("Test Client Policy");
+ expected.setDescription("description");
+ expected.addClient("client c");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private ClientPolicyRepresentation createPolicy(ClientPolicyRepresentation expected) {
ClientPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/GroupPolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/GroupPolicyManagementTest.java
index e8b05bf..91c86f9 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/GroupPolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/GroupPolicyManagementTest.java
@@ -135,6 +135,25 @@ public class GroupPolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ GroupPolicyRepresentation expected = new GroupPolicyRepresentation();
+
+ expected.setName("Test Delete Group Policy");
+ expected.setDescription("description");
+ expected.setGroupsClaim("groups");
+ expected.addGroupPath("/Group A", true);
+ expected.addGroupPath("/Group A/Group B/Group D");
+ expected.addGroupPath("Group F");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private GroupPolicyRepresentation createPolicy(GroupPolicyRepresentation expected) {
GroupPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/JSPolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/JSPolicyManagementTest.java
index 0b9113c..6da809c 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/JSPolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/JSPolicyManagementTest.java
@@ -74,6 +74,22 @@ public class JSPolicyManagementTest extends AbstractAuthorizationSettingsTest {
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ JSPolicyRepresentation expected = new JSPolicyRepresentation();
+
+ expected.setName("Test JS Policy");
+ expected.setDescription("description");
+ expected.setCode("$evaluation.deny();");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private JSPolicyRepresentation createPolicy(JSPolicyRepresentation expected) {
JSPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourceManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourceManagementTest.java
index 75a479a..3d29c03 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourceManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourceManagementTest.java
@@ -72,7 +72,7 @@ public class ResourceManagementTest extends AbstractAuthorizationSettingsTest {
}
@Test
- public void testDelete() {
+ public void testDeleteFromDetails() {
ResourceRepresentation expected = createResource();
authorizationPage.navigateTo();
authorizationPage.authorizationTabs().resources().delete(expected.getName());
@@ -80,6 +80,15 @@ public class ResourceManagementTest extends AbstractAuthorizationSettingsTest {
assertNull(authorizationPage.authorizationTabs().resources().resources().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() {
+ ResourceRepresentation expected = createResource();
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().resources().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().resources().resources().findByName(expected.getName()));
+ }
+
private ResourceRepresentation createResource() {
ResourceRepresentation expected = new ResourceRepresentation();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourcePermissionManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourcePermissionManagementTest.java
index 4ff011a..f6a967e 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourcePermissionManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ResourcePermissionManagementTest.java
@@ -165,6 +165,23 @@ public class ResourcePermissionManagementTest extends AbstractAuthorizationSetti
assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ ResourcePermissionRepresentation expected = new ResourcePermissionRepresentation();
+
+ expected.setName("Test Delete Resource Permission");
+ expected.setDescription("description");
+ expected.addResource("Resource B");
+ expected.addPolicy("Policy C");
+
+ expected = createPermission(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().permissions().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
+ }
+
private ResourcePermissionRepresentation createPermission(ResourcePermissionRepresentation expected) {
ResourcePermission policy = authorizationPage.authorizationTabs().permissions().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RolePolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RolePolicyManagementTest.java
index 44e4f70..e8794cc 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RolePolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RolePolicyManagementTest.java
@@ -208,6 +208,24 @@ public class RolePolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ RolePolicyRepresentation expected = new RolePolicyRepresentation();
+
+ expected.setName("Test Delete Role Policy");
+ expected.setDescription("description");
+ expected.addRole("Realm Role A");
+ expected.addRole("Realm Role B");
+ expected.addRole("Realm Role C");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private RolePolicyRepresentation createPolicy(RolePolicyRepresentation expected) {
RolePolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RulePolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RulePolicyManagementTest.java
index 09fb47a..a1fbb60 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RulePolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/RulePolicyManagementTest.java
@@ -71,6 +71,18 @@ public class RulePolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ RulePolicyRepresentation expected =createDefaultRepresentation("Delete Rule Policy");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private RulePolicyRepresentation createDefaultRepresentation(String name) {
RulePolicyRepresentation expected = new RulePolicyRepresentation();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopeManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopeManagementTest.java
index 84a5c42..9bd5738 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopeManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopeManagementTest.java
@@ -49,6 +49,15 @@ public class ScopeManagementTest extends AbstractAuthorizationSettingsTest {
assertNull(authorizationPage.authorizationTabs().scopes().scopes().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() {
+ ScopeRepresentation expected = createScope();
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().scopes().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().scopes().scopes().findByName(expected.getName()));
+ }
+
private ScopeRepresentation createScope() {
ScopeRepresentation expected = new ScopeRepresentation();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopePermissionManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopePermissionManagementTest.java
index 3dfd0c8..e755335 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopePermissionManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/ScopePermissionManagementTest.java
@@ -166,6 +166,23 @@ public class ScopePermissionManagementTest extends AbstractAuthorizationSettings
assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ ScopePermissionRepresentation expected = new ScopePermissionRepresentation();
+
+ expected.setName("Test Delete Scope Permission");
+ expected.setDescription("description");
+ expected.addScope("Scope C");
+ expected.addPolicy("Policy C");
+
+ expected = createPermission(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().permissions().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().permissions().permissions().findByName(expected.getName()));
+ }
+
private ScopePermissionRepresentation createPermission(ScopePermissionRepresentation expected) {
ScopePermission policy = authorizationPage.authorizationTabs().permissions().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/TimePolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/TimePolicyManagementTest.java
index 6242c77..ed0165d 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/TimePolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/TimePolicyManagementTest.java
@@ -109,6 +109,33 @@ public class TimePolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ TimePolicyRepresentation expected = new TimePolicyRepresentation();
+
+ expected.setName("Test Time Policy");
+ expected.setDescription("description");
+ expected.setNotBefore("2017-01-01 00:00:00");
+ expected.setNotBefore("2018-01-01 00:00:00");
+ expected.setDayMonth("1");
+ expected.setDayMonthEnd("2");
+ expected.setMonth("3");
+ expected.setMonthEnd("4");
+ expected.setYear("5");
+ expected.setYearEnd("6");
+ expected.setHour("7");
+ expected.setHourEnd("8");
+ expected.setMinute("9");
+ expected.setMinuteEnd("10");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private TimePolicyRepresentation createPolicy(TimePolicyRepresentation expected) {
TimePolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/UserPolicyManagementTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/UserPolicyManagementTest.java
index ed19bc5..7e8c483 100644
--- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/UserPolicyManagementTest.java
+++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/UserPolicyManagementTest.java
@@ -76,7 +76,7 @@ public class UserPolicyManagementTest extends AbstractAuthorizationSettingsTest
}
@Test
- public void testDeletePolicy() throws InterruptedException {
+ public void testDelete() throws InterruptedException {
authorizationPage.navigateTo();
UserPolicyRepresentation expected = new UserPolicyRepresentation();
@@ -92,6 +92,22 @@ public class UserPolicyManagementTest extends AbstractAuthorizationSettingsTest
assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
}
+ @Test
+ public void testDeleteFromList() throws InterruptedException {
+ authorizationPage.navigateTo();
+ UserPolicyRepresentation expected = new UserPolicyRepresentation();
+
+ expected.setName("Test User Policy");
+ expected.setDescription("description");
+ expected.addUser("user c");
+
+ expected = createPolicy(expected);
+ authorizationPage.navigateTo();
+ authorizationPage.authorizationTabs().policies().deleteFromList(expected.getName());
+ authorizationPage.navigateTo();
+ assertNull(authorizationPage.authorizationTabs().policies().policies().findByName(expected.getName()));
+ }
+
private UserPolicyRepresentation createPolicy(UserPolicyRepresentation expected) {
UserPolicy policy = authorizationPage.authorizationTabs().policies().create(expected);
assertAlertSuccess();
diff --git a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js
index 134b12a..36ecfaf 100644
--- a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js
+++ b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js
@@ -79,7 +79,72 @@ module.controller('ResourceServerDetailCtrl', function($scope, $http, $route, $l
});
});
-module.controller('ResourceServerResourceCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerResource, client) {
+var Resources = {
+ delete: function(ResourceServerResource, realm, client, $scope, AuthzDialog, $location, Notifications, $route) {
+ ResourceServerResource.permissions({
+ realm : realm,
+ client : client.id,
+ rsrid : $scope.resource._id
+ }, function (permissions) {
+ var msg = "";
+
+ if (permissions.length > 0 && !$scope.deleteConsent) {
+ msg = "<p>This resource is referenced in some permissions:</p>";
+ msg += "<ul>";
+ for (i = 0; i < permissions.length; i++) {
+ msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
+ }
+ msg += "</ul>";
+ msg += "<p>If you remove this resource, the permissions above will be affected and will not be associated with this resource anymore.</p>";
+ }
+
+ AuthzDialog.confirmDeleteWithMsg($scope.resource.name, "Resource", msg, function() {
+ ResourceServerResource.delete({realm : realm, client : $scope.client.id, rsrid : $scope.resource._id}, null, function() {
+ $location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/resource");
+ $route.reload();
+ Notifications.success("The resource has been deleted.");
+ });
+ });
+ });
+ }
+}
+
+var Policies = {
+ delete: function(service, realm, client, $scope, AuthzDialog, $location, Notifications, $route, isPermission) {
+ var msg = "";
+
+ service.dependentPolicies({
+ realm : realm,
+ client : client.id,
+ id : $scope.policy.id
+ }, function (dependentPolicies) {
+ if (dependentPolicies.length > 0 && !$scope.deleteConsent) {
+ msg = "<p>This policy is being used by other policies:</p>";
+ msg += "<ul>";
+ for (i = 0; i < dependentPolicies.length; i++) {
+ msg+= "<li><strong>" + dependentPolicies[i].name + "</strong></li>";
+ }
+ msg += "</ul>";
+ msg += "<p>If you remove this policy, the policies above will be affected and will not be associated with this policy anymore.</p>";
+ }
+
+ AuthzDialog.confirmDeleteWithMsg($scope.policy.name, isPermission ? "Permission" : "Policy", msg, function() {
+ service.delete({realm : realm, client : $scope.client.id, id : $scope.policy.id}, null, function() {
+ if (isPermission) {
+ $location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/permission");
+ Notifications.success("The permission has been deleted.");
+ } else {
+ $location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/policy");
+ Notifications.success("The policy has been deleted.");
+ }
+ $route.reload();
+ });
+ });
+ });
+ }
+}
+
+module.controller('ResourceServerResourceCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerResource, client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
@@ -171,6 +236,11 @@ module.controller('ResourceServerResourceCtrl', function($scope, $http, $route,
}
}
};
+
+ $scope.delete = function(resource) {
+ $scope.resource = resource;
+ Resources.delete(ResourceServerResource, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
+ };
});
module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $route, $location, realm, ResourceServer, client, ResourceServerResource, ResourceServerScope, AuthzDialog, Notifications) {
@@ -282,30 +352,7 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r
}
$scope.remove = function() {
- ResourceServerResource.permissions({
- realm : $route.current.params.realm,
- client : client.id,
- rsrid : $scope.resource._id
- }, function (permissions) {
- var msg = "";
-
- if (permissions.length > 0 && !$scope.deleteConsent) {
- msg = "<p>This resource is referenced in some policies:</p>";
- msg += "<ul>";
- for (i = 0; i < permissions.length; i++) {
- msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
- }
- msg += "</ul>";
- msg += "<p>If you remove this resource, the policies above will be affected and will not be associated with this resource anymore.</p>";
- }
-
- AuthzDialog.confirmDeleteWithMsg($scope.resource.name, "Resource", msg, function() {
- ResourceServerResource.delete({realm : realm.realm, client : $scope.client.id, rsrid : $scope.resource._id}, null, function() {
- $location.url("/realms/" + realm.realm + "/clients/" + $scope.client.id + "/authz/resource-server/resource");
- Notifications.success("The resource has been deleted.");
- });
- });
- });
+ Resources.delete(ResourceServerResource, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
}
$scope.reset = function() {
@@ -338,7 +385,37 @@ module.controller('ResourceServerResourceDetailCtrl', function($scope, $http, $r
}
});
-module.controller('ResourceServerScopeCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerScope, client) {
+var Scopes = {
+ delete: function(ResourceServerScope, realm, client, $scope, AuthzDialog, $location, Notifications, $route) {
+ ResourceServerScope.permissions({
+ realm : realm,
+ client : client.id,
+ id : $scope.scope.id
+ }, function (permissions) {
+ var msg = "";
+
+ if (permissions.length > 0 && !$scope.deleteConsent) {
+ msg = "<p>This scope is referenced in some permissions:</p>";
+ msg += "<ul>";
+ for (i = 0; i < permissions.length; i++) {
+ msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
+ }
+ msg += "</ul>";
+ msg += "<p>If you remove this scope, the permissions above will be affected and will not be associated with this scope anymore.</p>";
+ }
+
+ AuthzDialog.confirmDeleteWithMsg($scope.scope.name, "Scope", msg, function() {
+ ResourceServerScope.delete({realm : realm, client : $scope.client.id, id : $scope.scope.id}, null, function() {
+ $location.url("/realms/" + realm + "/clients/" + $scope.client.id + "/authz/resource-server/scope");
+ $route.reload();
+ Notifications.success("The scope has been deleted.");
+ });
+ });
+ });
+ }
+}
+
+module.controller('ResourceServerScopeCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerScope,client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
@@ -430,6 +507,11 @@ module.controller('ResourceServerScopeCtrl', function($scope, $http, $route, $lo
}
}
};
+
+ $scope.delete = function(scope) {
+ $scope.scope = scope;
+ Scopes.delete(ResourceServerScope, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
+ };
});
module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $route, $location, realm, ResourceServer, client, ResourceServerScope, AuthzDialog, Notifications) {
@@ -499,30 +581,7 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout
}
$scope.remove = function() {
- ResourceServerScope.permissions({
- realm : $route.current.params.realm,
- client : client.id,
- id : $scope.scope.id
- }, function (permissions) {
- var msg = "";
-
- if (permissions.length > 0 && !$scope.deleteConsent) {
- msg = "<p>This scope is referenced in some policies:</p>";
- msg += "<ul>";
- for (i = 0; i < permissions.length; i++) {
- msg+= "<li><strong>" + permissions[i].name + "</strong></li>";
- }
- msg += "</ul>";
- msg += "<p>If you remove this scope, the policies above will be affected and will not be associated with this scope anymore.</p>";
- }
-
- AuthzDialog.confirmDeleteWithMsg($scope.scope.name, "Scope", msg, function() {
- ResourceServerScope.delete({realm : realm.realm, client : $scope.client.id, id : $scope.scope.id}, null, function() {
- $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/scope");
- Notifications.success("The scope has been deleted.");
- });
- });
- });
+ Scopes.delete(ResourceServerScope, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route);
}
$scope.reset = function() {
@@ -554,7 +613,7 @@ module.controller('ResourceServerScopeDetailCtrl', function($scope, $http, $rout
}
});
-module.controller('ResourceServerPolicyCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPolicy, PolicyProvider, client) {
+module.controller('ResourceServerPolicyCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPolicy, PolicyProvider, client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
$scope.policyProviders = [];
@@ -650,9 +709,14 @@ module.controller('ResourceServerPolicyCtrl', function($scope, $http, $route, $l
}
}
};
+
+ $scope.delete = function(policy) {
+ $scope.policy = policy;
+ Policies.delete(ResourceServerPolicy, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route, false);
+ };
});
-module.controller('ResourceServerPermissionCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPermission, PolicyProvider, client) {
+module.controller('ResourceServerPermissionCtrl', function($scope, $http, $route, $location, realm, ResourceServer, ResourceServerPermission, PolicyProvider, client, AuthzDialog, Notifications) {
$scope.realm = realm;
$scope.client = client;
$scope.policyProviders = [];
@@ -747,6 +811,11 @@ module.controller('ResourceServerPermissionCtrl', function($scope, $http, $route
}
}
};
+
+ $scope.delete = function(policy) {
+ $scope.policy = policy;
+ Policies.delete(ResourceServerPermission, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route, true);
+ };
});
module.controller('ResourceServerPolicyDroolsDetailCtrl', function($scope, $http, $route, realm, client, PolicyController) {
@@ -1137,27 +1206,28 @@ module.controller('ResourceServerPolicyScopeDetailCtrl', function($scope, $route
rsrid: resource[0]._id
}, function (scopes) {
$scope.resourceScopes = scopes;
- ResourceServerPolicy.scopes({
- realm : $route.current.params.realm,
- client : client.id,
- id : policy.id
- }, function(scopes) {
- $scope.selectedScopes = [];
- for (i = 0; i < scopes.length; i++) {
- scopes[i].text = scopes[i].name;
- $scope.selectedScopes.push(scopes[i].id);
- }
- var copy = angular.copy($scope.selectedScopes);
- $scope.$watch('selectedScopes', function() {
- if (!angular.equals($scope.selectedScopes, copy)) {
- $scope.changed = true;
- }
- }, true);
- });
});
});
});
}
+
+ ResourceServerPolicy.scopes({
+ realm : $route.current.params.realm,
+ client : client.id,
+ id : policy.id
+ }, function(scopes) {
+ $scope.selectedScopes = [];
+ for (i = 0; i < scopes.length; i++) {
+ scopes[i].text = scopes[i].name;
+ $scope.selectedScopes.push(scopes[i].id);
+ }
+ var copy = angular.copy($scope.selectedScopes);
+ $scope.$watch('selectedScopes', function() {
+ if (!angular.equals($scope.selectedScopes, copy)) {
+ $scope.changed = true;
+ }
+ }, true);
+ });
} else {
$scope.selectedResource = null;
var copy = angular.copy($scope.selectedResource);
@@ -2098,35 +2168,7 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe
});
$scope.remove = function() {
- var msg = "";
-
- service.dependentPolicies({
- realm : $route.current.params.realm,
- client : client.id,
- id : $scope.policy.id
- }, function (dependentPolicies) {
- if (dependentPolicies.length > 0 && !$scope.deleteConsent) {
- msg = "<p>This policy is being used by other policies:</p>";
- msg += "<ul>";
- for (i = 0; i < dependentPolicies.length; i++) {
- msg+= "<li><strong>" + dependentPolicies[i].name + "</strong></li>";
- }
- msg += "</ul>";
- msg += "<p>If you remove this policy, the policies above will be affected and will not be associated with this policy anymore.</p>";
- }
-
- AuthzDialog.confirmDeleteWithMsg($scope.policy.name, "Policy", msg, function() {
- service.delete({realm : $scope.realm.realm, client : $scope.client.id, id : $scope.policy.id}, null, function() {
- if (delegate.isPermission()) {
- $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/permission");
- Notifications.success("The permission has been deleted.");
- } else {
- $location.url("/realms/" + realm.realm + "/clients/" + client.id + "/authz/resource-server/policy");
- Notifications.success("The policy has been deleted.");
- }
- });
- });
- });
+ Policies.delete(ResourceServerPolicy, $route.current.params.realm, client, $scope, AuthzDialog, $location, Notifications, $route, delegate.isPermission());
}
}
});
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html
index 79cec9a..df4377f 100644
--- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/permission/provider/resource-server-policy-scope-detail.html
@@ -38,7 +38,6 @@
</div>
<div class="form-group clearfix" data-ng-show="selectedResource">
<label class="col-md-2 control-label" for="resourceScopes">{{:: 'authz-scopes' | translate}} <span class="required">*</span></label>
-
<div class="col-md-6">
<select ui-select2 id="resourceScopes"
data-ng-model="selectedScopes"