keycloak-aplcache
Changes
themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html 4(+3 -1)
Details
diff --git a/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java b/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java
index 9f38732..4a115ae 100644
--- a/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java
+++ b/services/src/main/java/org/keycloak/authorization/admin/PolicyEvaluationService.java
@@ -159,6 +159,10 @@ public class PolicyEvaluationService {
List<Scope> scopes = givenScopes.stream().map(scopeName -> scopeStore.findByName(scopeName, this.resourceServer.getId())).collect(Collectors.toList());
List<ResourcePermission> collect = scopes.stream().map(scope -> new ResourcePermission(null, asList(scope), resourceServer)).collect(Collectors.toList());
+ if (scopes.isEmpty()) {
+ scopes = scopeStore.findByResourceServer(resourceServer.getId());
+ }
+
for (Scope scope : scopes) {
collect.addAll(storeFactory.getResourceStore().findByScope(scope.getId()).stream().map(resource12 -> new ResourcePermission(resource12, asList(scope), resourceServer)).collect(Collectors.toList()));
}
diff --git a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
index 9e023ac..27e4dab 100644
--- a/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
+++ b/themes/src/main/resources/theme/base/admin/messages/admin-messages_en.properties
@@ -1017,9 +1017,9 @@ authz-select-a-policy=Select a policy
# Authz Role Policy Detail
authz-add-role-policy=Add Role Policy
authz-no-roles-assigned=No roles assigned.
-authz-policy-role-realm-roles.tooltip=Specifies which *realm* role(s) are allowed by this policy.
+authz-policy-role-realm-roles.tooltip=Specifies the *realm* roles allowed by this policy.
authz-policy-role-clients.tooltip=Selects a client in order to filter the client roles that can be applied to this policy.
-authz-policy-role-client-roles.tooltip=Specifies which *client* role(s) are allowed by this policy.
+authz-policy-role-client-roles.tooltip=Specifies the client roles allowed by this policy.
# Authz User Policy Detail
authz-add-user-policy=Add User Policy
diff --git a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js
index e4d6273..ec37854 100644
--- a/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js
+++ b/themes/src/main/resources/theme/base/admin/resources/js/authz/authz-controller.js
@@ -665,9 +665,25 @@ module.controller('ResourceServerPolicyUserDetailCtrl', function($scope, $route,
},
onInit : function() {
- User.query({realm: $route.current.params.realm}, function(data) {
- $scope.users = data;
- });
+ $scope.usersUiSelect = {
+ minimumInputLength: 1,
+ delay: 500,
+ allowClear: true,
+ query: function (query) {
+ var data = {results: []};
+ if ('' == query.term.trim()) {
+ query.callback(data);
+ return;
+ }
+ User.query({realm: $route.current.params.realm, search: query.term.trim(), max: 20}, function(response) {
+ data.results = response;
+ query.callback(data);
+ });
+ },
+ formatResult: function(object, container, query) {
+ return object.username;
+ }
+ };
$scope.selectedUsers = [];
@@ -676,7 +692,14 @@ module.controller('ResourceServerPolicyUserDetailCtrl', function($scope, $route,
return;
}
- $scope.selectedUser = {};
+ $scope.selectedUser = null;
+
+ for (i = 0; i < $scope.selectedUsers.length; i++) {
+ if ($scope.selectedUsers[i].id == user.id) {
+ return;
+ }
+ }
+
$scope.selectedUsers.push(user);
}
@@ -750,7 +773,14 @@ module.controller('ResourceServerPolicyRoleDetailCtrl', function($scope, $route,
return;
}
- $scope.selectedRole = {};
+ $scope.selectedRole = null;
+
+ for (i = 0; i < $scope.selectedRoles.length; i++) {
+ if ($scope.selectedRoles[i].id == role.id) {
+ return;
+ }
+ }
+
$scope.selectedRoles.push(role);
var clientRoles = [];
@@ -1158,8 +1188,6 @@ module.service("PolicyController", function($http, $route, $location, ResourceSe
return PolicyController;
});
-
-
module.controller('PolicyEvaluateCtrl', function($scope, $http, $route, $location, realm, clients, roles, ResourceServer, client, ResourceServerResource, ResourceServerScope, User, Notifications) {
$scope.realm = realm;
$scope.client = client;
@@ -1381,9 +1409,26 @@ module.controller('PolicyEvaluateCtrl', function($scope, $http, $route, $locatio
$scope.showRpt = false;
}
- User.query({realm: $route.current.params.realm}, function(data) {
- $scope.users = data;
- });
+ $scope.usersUiSelect = {
+ minimumInputLength: 1,
+ delay: 500,
+ allowClear: true,
+ query: function (query) {
+ var data = {results: []};
+ if ('' == query.term.trim()) {
+ query.callback(data);
+ return;
+ }
+ User.query({realm: $route.current.params.realm, search: query.term.trim(), max: 20}, function(response) {
+ data.results = response;
+ query.callback(data);
+ });
+ },
+ formatResult: function(object, container, query) {
+ object.text = object.username;
+ return object.username;
+ }
+ };
ResourceServerResource.query({realm : realm.realm, client : client.id}, function (data) {
$scope.resources = data;
@@ -1395,4 +1440,15 @@ module.controller('PolicyEvaluateCtrl', function($scope, $http, $route, $locatio
}, function(data) {
$scope.server = data;
});
+
+ $scope.selectUser = function(user) {
+ if (!user || !user.id) {
+ $scope.selectedUser = null;
+ $scope.authzRequest.userId = '';
+ return;
+ }
+
+ $scope.authzRequest.userId = user.id;
+ }
+
});
\ No newline at end of file
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html
index 8904bb3..f9c2aca 100644
--- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-role-detail.html
@@ -53,7 +53,8 @@
<div class="col-md-4">
<select ui-select2="{ minimumInputLength: 1}" id="roles" data-ng-model="selectedRole" data-ng-change="selectRole(selectedRole);" data-placeholder="{{:: 'select-a-role' | translate}}..."
- ng-options="role as role.name for role in roles" data-ng-required="selectedUsers.length == 0 && selectedRoles.length == 0">
+ ng-options="role as role.name for role in roles" data-ng-required="selectedRoles.length == 0">
+ <option></option>
</select>
</div>
@@ -104,6 +105,7 @@
<div class="col-md-4">
<select ui-select2="{ minimumInputLength: 1}" id="clientRoles" data-ng-model="selectedRole" data-ng-change="selectRole(selectedRole);" data-placeholder="{{:: 'select-a-role' | translate}}..."
ng-options="role as role.name for role in clientRoles" data-ng-required="selectedRoles.length == 0" data-ng-disabled="!selectedClient">
+ <option></option>
</select>
</div>
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html
index 6b56f37..de85b71 100644
--- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/provider/resource-server-policy-user-detail.html
@@ -34,9 +34,8 @@
<label class="col-md-2 control-label" for="users">{{:: 'users' | translate}} <span class="required">*</span></label>
<div class="col-md-6">
- <select ui-select2="{ minimumInputLength: 1}" id="users" data-ng-model="selectedUser" data-ng-change="selectUser(selectedUser);" data-placeholder="Select an user..."
- ng-options="user as user.username for user in users" data-ng-required="selectedRoles.length == 0">
- </select>
+ <input type="hidden" ui-select2="usersUiSelect" id="users" data-ng-model="selectedUser" data-ng-change="selectUser(selectedUser);" data-placeholder="Select an user..." data-ng-required="selectedUsers.length == 0"">
+ </input>
</div>
<kc-tooltip>{{:: 'authz-policy-user-users.tooltip' | translate}}</kc-tooltip>
</div>
diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/resource-server-policy-evaluate.html b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/resource-server-policy-evaluate.html
index d875e86..d884150 100644
--- a/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/resource-server-policy-evaluate.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/authz/policy/resource-server-policy-evaluate.html
@@ -59,12 +59,9 @@
data-ng-show="!authzRequest.roleIds || authzRequest.roleIds.length == 0">*</span></label>
<div class="col-md-6">
- <select ui-select2="{ minimumInputLength: 1, allowClear:true}" id="users"
- data-ng-model="authzRequest.userId" data-placeholder="{{:: 'authz-select-user' | translate}}..."
- ng-options="user.id as user.username for user in users track by user.id"
- data-ng-required="!authzRequest.roleIds || authzRequest.roleIds.length == 0">
- <option value=""></option>
- </select>
+ <input type="hidden" ui-select2="usersUiSelect" id="users" data-ng-model="selectedUser" data-ng-change="selectUser(selectedUser);" data-placeholder="{{:: 'authz-select-user' | translate}}..."
+ data-ng-required="!authzRequest.roleIds || authzRequest.roleIds.length == 0">
+ </input>
</div>
<kc-tooltip>{{:: 'authz-evaluation-user.tooltip' | translate}}</kc-tooltip>