UNPKG

@keycloakify/keycloak-admin-ui

Version:
109 lines 8.27 kB
import { jsx as _jsx, jsxs as _jsxs, Fragment as _Fragment } from "react/jsx-runtime"; import { HelpItem, SelectControl, TextControl, useAlerts, useFetch, } from "../../ui-shared"; import { ActionGroup, Button, ExpandableSection, FormGroup, PageSection, Panel, PanelHeader, PanelMainBody, Switch, Title, } from "@patternfly/react-core"; import { useState } from "react"; import { FormProvider, useForm, useWatch } from "react-hook-form"; import { useTranslation } from "react-i18next"; import { ForbiddenSection } from "../../ForbiddenSection"; import { useAdminClient } from "../../admin-client"; import { ClientSelect } from "../../components/client/ClientSelect"; import { FormAccess } from "../../components/form/FormAccess"; import { keyValueToArray, } from "../../components/key-value-form/key-value-convert"; import { UserSelect } from "../../components/users/UserSelect"; import { useAccess } from "../../context/access/Access"; import { useRealm } from "../../context/realm-context/RealmContext"; import { defaultContextAttributes } from "../../clients/utils"; import { KeyBasedAttributeInput } from "../../clients/authorization/KeyBasedAttributeInput"; import { Results } from "../../clients/authorization/evaluate/Results"; export const AuthorizationEvaluate = (props) => { const { hasAccess } = useAccess(); if (!hasAccess("view-users")) { return _jsx(ForbiddenSection, { permissionNeeded: "view-users" }); } return _jsx(AuthorizationEvaluateContent, { ...props }); }; const AuthorizationEvaluateContent = ({ client }) => { const { adminClient } = useAdminClient(); const form = useForm({ mode: "onChange" }); const { control, reset, trigger, formState: { isValid }, } = form; const { t } = useTranslation(); const { addError } = useAlerts(); const realm = useRealm(); const [isExpanded, setIsExpanded] = useState(false); const [applyToResourceType, setApplyToResourceType] = useState(false); const [resources, setResources] = useState([]); const [scopes, setScopes] = useState([]); const [evaluateResult, setEvaluateResult] = useState(); const [clientRoles, setClientRoles] = useState([]); useFetch(() => adminClient.roles.find(), (roles) => { setClientRoles(roles); }, []); useFetch(() => Promise.all([ adminClient.clients.listResources({ id: client.id, }), adminClient.clients.listAllScopes({ id: client.id, }), ]), ([resources, scopes]) => { setResources(resources); setScopes(scopes); }, []); const evaluate = async () => { var _a; if (!(await trigger())) { return; } const formValues = form.getValues(); const keys = keyValueToArray(formValues.resources); const resEval = { roleIds: (_a = formValues.roleIds) !== null && _a !== void 0 ? _a : [], clientId: formValues.client.id, userId: formValues.user[0], resources: resources .filter((resource) => Object.keys(keys).includes(resource.name)) .map((r) => { var _a; return ({ ...r, scopes: (_a = r.scopes) === null || _a === void 0 ? void 0 : _a.filter((s) => Object.values(keys) .flatMap((v) => v) .includes(s.name)), }); }), entitlements: false, context: { attributes: Object.fromEntries(formValues.context.attributes .filter((item) => item.key || item.value !== "") .map(({ key, value }) => [key, value])), }, }; try { const evaluation = await adminClient.clients.evaluateResource({ id: client.id, realm: realm.realm }, resEval); setEvaluateResult(evaluation); } catch (error) { addError("evaluateError", error); } }; const user = useWatch({ control, name: "user", defaultValue: [] }); const roles = useWatch({ control, name: "roleIds", defaultValue: [] }); if (evaluateResult) { return (_jsx(Results, { evaluateResult: evaluateResult, refresh: evaluate, back: () => setEvaluateResult(undefined) })); } return (_jsx(PageSection, { children: _jsxs(FormProvider, { ...form, children: [_jsxs(Panel, { children: [_jsx(PanelHeader, { children: _jsx(Title, { headingLevel: "h2", children: t("identityInformation") }) }), _jsx(PanelMainBody, { children: _jsxs(FormAccess, { isHorizontal: true, role: "view-clients", children: [_jsx(ClientSelect, { name: "client", label: "client", helpText: "clientHelp", defaultValue: client.clientId }), _jsx(UserSelect, { name: "user", label: "users", helpText: t("selectUser"), defaultValue: [], variant: "typeahead", isRequired: (roles === null || roles === void 0 ? void 0 : roles.length) === 0 }), _jsx(SelectControl, { name: "roleIds", label: t("roles"), labelIcon: t("rolesHelp"), variant: "typeaheadMulti", placeholderText: t("selectARole"), controller: { defaultValue: [], rules: { required: { value: user.length === 0, message: t("required"), }, }, }, options: clientRoles.map((role) => role.name) })] }) })] }), _jsxs(Panel, { children: [_jsx(PanelHeader, { children: _jsx(Title, { headingLevel: "h2", children: t("permissions") }) }), _jsx(PanelMainBody, { children: _jsxs(FormAccess, { isHorizontal: true, role: "view-clients", children: [_jsx(FormGroup, { label: t("applyToResourceType"), fieldId: "applyToResourceType", labelIcon: _jsx(HelpItem, { helpText: t("applyToResourceTypeHelp"), fieldLabelId: "applyToResourceType" }), children: _jsx(Switch, { id: "applyToResource-switch", label: t("on"), labelOff: t("off"), isChecked: applyToResourceType, onChange: (_event, val) => setApplyToResourceType(val), "aria-label": t("applyToResourceType") }) }), !applyToResourceType ? (_jsx(FormGroup, { label: t("resourcesAndScopes"), id: "resourcesAndScopes", labelIcon: _jsx(HelpItem, { helpText: t("contextualAttributesHelp"), fieldLabelId: `resourcesAndScopes` }), fieldId: "resourcesAndScopes", children: _jsx(KeyBasedAttributeInput, { selectableValues: resources.map((item) => ({ name: item.name, key: item._id, })), resources: resources, name: "resources" }) })) : (_jsxs(_Fragment, { children: [_jsx(TextControl, { name: "alias", label: t("resourceType"), labelIcon: t("resourceTypeHelp"), rules: { required: t("required") } }), _jsx(SelectControl, { name: "authScopes", label: t("authScopes"), labelIcon: t("scopesSelect"), controller: { defaultValue: [], }, variant: "typeaheadMulti", options: scopes.map((s) => s.name) })] })), _jsx(ExpandableSection, { toggleText: t("contextualInfo"), onToggle: () => setIsExpanded(!isExpanded), isExpanded: isExpanded, children: _jsx(FormGroup, { label: t("contextualAttributes"), id: "contextualAttributes", labelIcon: _jsx(HelpItem, { helpText: t("contextualAttributesHelp"), fieldLabelId: `contextualAttributes` }), fieldId: "contextualAttributes", children: _jsx(KeyBasedAttributeInput, { selectableValues: defaultContextAttributes, name: "context.attributes" }) }) })] }) })] }), _jsxs(ActionGroup, { children: [_jsx(Button, { "data-testid": "authorization-eval", id: "authorization-eval", className: "pf-v5-u-mr-md", isDisabled: !isValid, onClick: () => evaluate(), children: t("evaluate") }), _jsx(Button, { "data-testid": "authorization-revert", id: "authorization-revert", className: "pf-v5-u-mr-md", variant: "link", onClick: () => reset(), children: t("revert") })] })] }) })); }; //# sourceMappingURL=AuthorizationEvaluate.js.map