keycloak-aplcache
Changes
forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js 90(+88 -2)
Details
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
index 323c067..9f7615d 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/applications.js
@@ -329,18 +329,22 @@ module.controller('ApplicationDetailCtrl', function($scope, realm, application,
});
-module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, application, roles, applications, ApplicationRealmScopeMapping, ApplicationApplicationScopeMapping, ApplicationRole) {
+module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm, application, applications,
+ ApplicationRealmScopeMapping, ApplicationApplicationScopeMapping, ApplicationRole,
+ ApplicationAvailableRealmScopeMapping, ApplicationAvailableApplicationScopeMapping,
+ ApplicationCompositeRealmScopeMapping, ApplicationCompositeApplicationScopeMapping) {
$scope.realm = realm;
$scope.application = application;
- $scope.realmRoles = angular.copy(roles);
$scope.selectedRealmRoles = [];
$scope.selectedRealmMappings = [];
$scope.realmMappings = [];
$scope.applications = applications;
$scope.applicationRoles = [];
+ $scope.applicationComposite = [];
$scope.selectedApplicationRoles = [];
$scope.selectedApplicationMappings = [];
$scope.applicationMappings = [];
+ $scope.dummymodel = [];
@@ -447,6 +451,88 @@ module.controller('ApplicationScopeMappingCtrl', function($scope, $http, realm,
}
};
+ $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name});
+
+ $scope.addRealmRole = function() {
+ $http.post(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/realm',
+ $scope.selectedRealmRoles).success(function() {
+ $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.selectedRealmMappings = [];
+ $scope.selectRealmRoles = [];
+ if ($scope.targetApp) {
+ console.log('load available');
+ $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ }
+ });
+ };
+
+ $scope.deleteRealmRole = function() {
+ $http.delete(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/realm',
+ {data : $scope.selectedRealmMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ $scope.realmMappings = ApplicationRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmRoles = ApplicationAvailableRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.realmComposite = ApplicationCompositeRealmScopeMapping.query({realm : realm.realm, application : application.name});
+ $scope.selectedRealmMappings = [];
+ $scope.selectRealmRoles = [];
+ if ($scope.targetApp) {
+ console.log('load available');
+ $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ }
+ });
+ };
+
+ $scope.addApplicationRole = function() {
+ $http.post(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/applications/' + $scope.targetApp.name,
+ $scope.selectedApplicationRoles).success(function() {
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ });
+ };
+
+ $scope.deleteApplicationRole = function() {
+ $http.delete(authUrl + '/admin/realms/' + realm.realm + '/applications/' + application.name + '/scope-mappings/applications/' + $scope.targetApp.name,
+ {data : $scope.selectedApplicationMappings, headers : {"content-type" : "application/json"}}).success(function() {
+ $scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationRoles = AvailableApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.applicationComposite = CompositeApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ });
+ };
+
+
+ $scope.changeApplication = function() {
+ console.log('changeApplication');
+ if ($scope.targetApp) {
+ console.log('load available');
+ $scope.applicationMappings = ApplicationApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationRoles = ApplicationAvailableApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ $scope.applicationComposite = ApplicationCompositeApplicationScopeMapping.query({realm : realm.realm, application : application.name, targetApp : $scope.targetApp.name});
+ } else {
+ $scope.applicationRoles = null;
+ $scope.applicationMappings = null;
+ $scope.applicationComposite = null;
+ }
+ $scope.selectedApplicationRoles = [];
+ $scope.selectedApplicationMappings = [];
+ };
+
+
});
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
index ac886e1..ee05261 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/controllers/users.js
@@ -88,6 +88,8 @@ module.controller('UserRoleMappingCtrl', function($scope, $http, realm, user, ap
$scope.applicationMappings = ApplicationRoleMapping.query({realm : realm.realm, userId : user.username, application : $scope.application.name});
} else {
$scope.applicationRoles = null;
+ $scope.applicationMappings = null;
+ $scope.applicationComposite = null;
}
$scope.selectedApplicationRoles = [];
$scope.selectedApplicationMappings = [];
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
index eaa77bb..6d33070 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/js/services.js
@@ -282,6 +282,20 @@ module.factory('ApplicationRealmScopeMapping', function($resource) {
});
});
+module.factory('ApplicationAvailableRealmScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/realm/available', {
+ realm : '@realm',
+ application : '@application'
+ });
+});
+
+module.factory('ApplicationCompositeRealmScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/realm/composite', {
+ realm : '@realm',
+ application : '@application'
+ });
+});
+
module.factory('ApplicationApplicationScopeMapping', function($resource) {
return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp', {
realm : '@realm',
@@ -290,6 +304,22 @@ module.factory('ApplicationApplicationScopeMapping', function($resource) {
});
});
+module.factory('ApplicationAvailableApplicationScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp/available', {
+ realm : '@realm',
+ application : '@application',
+ targetApp : '@targetApp'
+ });
+});
+
+module.factory('ApplicationCompositeApplicationScopeMapping', function($resource) {
+ return $resource(authUrl + '/admin/realms/:realm/applications/:application/scope-mappings/applications/:targetApp/composite', {
+ realm : '@realm',
+ application : '@application',
+ targetApp : '@targetApp'
+ });
+});
+
module.factory('RealmRoles', function($resource) {
diff --git a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html
index d8f3f5f..de2e30d 100755
--- a/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html
+++ b/forms/common-themes/src/main/resources/theme/admin/base/resources/partials/application-scope-mappings.html
@@ -49,6 +49,17 @@
ng-model="selectedRealmMappings"
ng-options="r.name for r in realmMappings">
</select>
+ <div class="middle-buttons">
+ -
+ </div>
+ </div>
+ <div class="select-title">
+ <label class="control-label" for="realm-composite">Composite Scope Mappings</label>
+ <select id="realm-composite" class="form-control" multiple size=5
+ ng-disabled="true"
+ ng-model="dummymodel"
+ ng-options="r.name for r in realmComposite">
+ </select>
</div>
</div>
</div>
@@ -94,6 +105,17 @@
ng-options="r.name for r in applicationMappings">
</select>
</div>
+ <div class="middle-buttons">
+ -
+ </div>
+ <div class="select-title">
+ <label class="control-label" for="app-composite">Composite Role Mappings</label>
+ <select id="app-composite" class="form-control" multiple size=5
+ ng-disabled="true"
+ ng-model="dummymodel"
+ ng-options="r.name for r in applicationComposite">
+ </select>
+ </div>
</div>
</div>
</fieldset>
diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
index 549f154..38d6276 100755
--- a/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ScopeMappedResource.java
@@ -52,7 +52,6 @@ public class ScopeMappedResource {
MappingsRepresentation all = new MappingsRepresentation();
Set<RoleModel> realmMappings = realm.getRealmScopeMappings(client);
- RealmManager manager = new RealmManager(session);
if (realmMappings.size() > 0) {
List<RoleRepresentation> realmRep = new ArrayList<RoleRepresentation>();
for (RoleModel roleModel : realmMappings) {
@@ -92,13 +91,51 @@ public class ScopeMappedResource {
Set<RoleModel> realmMappings = realm.getRealmScopeMappings(client);
List<RoleRepresentation> realmMappingsRep = new ArrayList<RoleRepresentation>();
- RealmManager manager = new RealmManager(session);
for (RoleModel roleModel : realmMappings) {
realmMappingsRep.add(ModelToRepresentation.toRepresentation(roleModel));
}
return realmMappingsRep;
}
+ @Path("realm/available")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getAvailableRealmScopeMappings() {
+ auth.requireView();
+
+ Set<RoleModel> roles = realm.getRoles();
+ return getAvailable(roles);
+ }
+
+ private List<RoleRepresentation> getAvailable(Set<RoleModel> roles) {
+ List<RoleRepresentation> available = new ArrayList<RoleRepresentation>();
+ for (RoleModel roleModel : roles) {
+ if (realm.hasScope(client, roleModel)) continue;
+ available.add(ModelToRepresentation.toRepresentation(roleModel));
+ }
+ return available;
+ }
+
+ @Path("realm/composite")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getCompositeRealmScopeMappings() {
+ auth.requireView();
+
+ Set<RoleModel> roles = realm.getRoles();
+ return getComposite(roles);
+ }
+
+ private List<RoleRepresentation> getComposite(Set<RoleModel> roles) {
+ List<RoleRepresentation> composite = new ArrayList<RoleRepresentation>();
+ for (RoleModel roleModel : roles) {
+ if (realm.hasScope(client, roleModel)) composite.add(ModelToRepresentation.toRepresentation(roleModel));
+ }
+ return composite;
+ }
+
@Path("realm")
@POST
@Consumes("application/json")
@@ -160,6 +197,40 @@ public class ScopeMappedResource {
return mapRep;
}
+ @Path("applications/{app}/available")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getAvailableApplicationScopeMappings(@PathParam("app") String appName) {
+ auth.requireView();
+
+ ApplicationModel app = realm.getApplicationByName(appName);
+
+ if (app == null) {
+ throw new NotFoundException("Role not found");
+ }
+
+ Set<RoleModel> roles = app.getRoles();
+ return getAvailable(roles);
+ }
+
+ @Path("applications/{app}/composite")
+ @GET
+ @Produces("application/json")
+ @NoCache
+ public List<RoleRepresentation> getCompositeApplicationScopeMappings(@PathParam("app") String appName) {
+ auth.requireView();
+
+ ApplicationModel app = realm.getApplicationByName(appName);
+
+ if (app == null) {
+ throw new NotFoundException("Role not found");
+ }
+
+ Set<RoleModel> roles = app.getRoles();
+ return getComposite(roles);
+ }
+
@Path("applications/{app}")
@POST
@Consumes("application/json")