@keycloakify/keycloak-admin-ui
Version:
Repackaged Keycloak Admin UI
109 lines • 8.27 kB
JavaScript
import { jsx as _jsx, jsxs as _jsxs, Fragment as _Fragment } from "react/jsx-runtime";
import { HelpItem, SelectControl, TextControl, useAlerts, useFetch, } from "../../ui-shared";
import { ActionGroup, Button, ExpandableSection, FormGroup, PageSection, Panel, PanelHeader, PanelMainBody, Switch, Title, } from "@patternfly/react-core";
import { useState } from "react";
import { FormProvider, useForm, useWatch } from "react-hook-form";
import { useTranslation } from "react-i18next";
import { ForbiddenSection } from "../../ForbiddenSection";
import { useAdminClient } from "../../admin-client";
import { ClientSelect } from "../../components/client/ClientSelect";
import { FormAccess } from "../../components/form/FormAccess";
import { keyValueToArray, } from "../../components/key-value-form/key-value-convert";
import { UserSelect } from "../../components/users/UserSelect";
import { useAccess } from "../../context/access/Access";
import { useRealm } from "../../context/realm-context/RealmContext";
import { defaultContextAttributes } from "../../clients/utils";
import { KeyBasedAttributeInput } from "../../clients/authorization/KeyBasedAttributeInput";
import { Results } from "../../clients/authorization/evaluate/Results";
export const AuthorizationEvaluate = (props) => {
const { hasAccess } = useAccess();
if (!hasAccess("view-users")) {
return _jsx(ForbiddenSection, { permissionNeeded: "view-users" });
}
return _jsx(AuthorizationEvaluateContent, { ...props });
};
const AuthorizationEvaluateContent = ({ client }) => {
const { adminClient } = useAdminClient();
const form = useForm({ mode: "onChange" });
const { control, reset, trigger, formState: { isValid }, } = form;
const { t } = useTranslation();
const { addError } = useAlerts();
const realm = useRealm();
const [isExpanded, setIsExpanded] = useState(false);
const [applyToResourceType, setApplyToResourceType] = useState(false);
const [resources, setResources] = useState([]);
const [scopes, setScopes] = useState([]);
const [evaluateResult, setEvaluateResult] = useState();
const [clientRoles, setClientRoles] = useState([]);
useFetch(() => adminClient.roles.find(), (roles) => {
setClientRoles(roles);
}, []);
useFetch(() => Promise.all([
adminClient.clients.listResources({
id: client.id,
}),
adminClient.clients.listAllScopes({
id: client.id,
}),
]), ([resources, scopes]) => {
setResources(resources);
setScopes(scopes);
}, []);
const evaluate = async () => {
var _a;
if (!(await trigger())) {
return;
}
const formValues = form.getValues();
const keys = keyValueToArray(formValues.resources);
const resEval = {
roleIds: (_a = formValues.roleIds) !== null && _a !== void 0 ? _a : [],
clientId: formValues.client.id,
userId: formValues.user[0],
resources: resources
.filter((resource) => Object.keys(keys).includes(resource.name))
.map((r) => {
var _a;
return ({
...r,
scopes: (_a = r.scopes) === null || _a === void 0 ? void 0 : _a.filter((s) => Object.values(keys)
.flatMap((v) => v)
.includes(s.name)),
});
}),
entitlements: false,
context: {
attributes: Object.fromEntries(formValues.context.attributes
.filter((item) => item.key || item.value !== "")
.map(({ key, value }) => [key, value])),
},
};
try {
const evaluation = await adminClient.clients.evaluateResource({ id: client.id, realm: realm.realm }, resEval);
setEvaluateResult(evaluation);
}
catch (error) {
addError("evaluateError", error);
}
};
const user = useWatch({ control, name: "user", defaultValue: [] });
const roles = useWatch({ control, name: "roleIds", defaultValue: [] });
if (evaluateResult) {
return (_jsx(Results, { evaluateResult: evaluateResult, refresh: evaluate, back: () => setEvaluateResult(undefined) }));
}
return (_jsx(PageSection, { children: _jsxs(FormProvider, { ...form, children: [_jsxs(Panel, { children: [_jsx(PanelHeader, { children: _jsx(Title, { headingLevel: "h2", children: t("identityInformation") }) }), _jsx(PanelMainBody, { children: _jsxs(FormAccess, { isHorizontal: true, role: "view-clients", children: [_jsx(ClientSelect, { name: "client", label: "client", helpText: "clientHelp", defaultValue: client.clientId }), _jsx(UserSelect, { name: "user", label: "users", helpText: t("selectUser"), defaultValue: [], variant: "typeahead", isRequired: (roles === null || roles === void 0 ? void 0 : roles.length) === 0 }), _jsx(SelectControl, { name: "roleIds", label: t("roles"), labelIcon: t("rolesHelp"), variant: "typeaheadMulti", placeholderText: t("selectARole"), controller: {
defaultValue: [],
rules: {
required: {
value: user.length === 0,
message: t("required"),
},
},
}, options: clientRoles.map((role) => role.name) })] }) })] }), _jsxs(Panel, { children: [_jsx(PanelHeader, { children: _jsx(Title, { headingLevel: "h2", children: t("permissions") }) }), _jsx(PanelMainBody, { children: _jsxs(FormAccess, { isHorizontal: true, role: "view-clients", children: [_jsx(FormGroup, { label: t("applyToResourceType"), fieldId: "applyToResourceType", labelIcon: _jsx(HelpItem, { helpText: t("applyToResourceTypeHelp"), fieldLabelId: "applyToResourceType" }), children: _jsx(Switch, { id: "applyToResource-switch", label: t("on"), labelOff: t("off"), isChecked: applyToResourceType, onChange: (_event, val) => setApplyToResourceType(val), "aria-label": t("applyToResourceType") }) }), !applyToResourceType ? (_jsx(FormGroup, { label: t("resourcesAndScopes"), id: "resourcesAndScopes", labelIcon: _jsx(HelpItem, { helpText: t("contextualAttributesHelp"), fieldLabelId: `resourcesAndScopes` }), fieldId: "resourcesAndScopes", children: _jsx(KeyBasedAttributeInput, { selectableValues: resources.map((item) => ({
name: item.name,
key: item._id,
})), resources: resources, name: "resources" }) })) : (_jsxs(_Fragment, { children: [_jsx(TextControl, { name: "alias", label: t("resourceType"), labelIcon: t("resourceTypeHelp"), rules: { required: t("required") } }), _jsx(SelectControl, { name: "authScopes", label: t("authScopes"), labelIcon: t("scopesSelect"), controller: {
defaultValue: [],
}, variant: "typeaheadMulti", options: scopes.map((s) => s.name) })] })), _jsx(ExpandableSection, { toggleText: t("contextualInfo"), onToggle: () => setIsExpanded(!isExpanded), isExpanded: isExpanded, children: _jsx(FormGroup, { label: t("contextualAttributes"), id: "contextualAttributes", labelIcon: _jsx(HelpItem, { helpText: t("contextualAttributesHelp"), fieldLabelId: `contextualAttributes` }), fieldId: "contextualAttributes", children: _jsx(KeyBasedAttributeInput, { selectableValues: defaultContextAttributes, name: "context.attributes" }) }) })] }) })] }), _jsxs(ActionGroup, { children: [_jsx(Button, { "data-testid": "authorization-eval", id: "authorization-eval", className: "pf-v5-u-mr-md", isDisabled: !isValid, onClick: () => evaluate(), children: t("evaluate") }), _jsx(Button, { "data-testid": "authorization-revert", id: "authorization-revert", className: "pf-v5-u-mr-md", variant: "link", onClick: () => reset(), children: t("revert") })] })] }) }));
};
//# sourceMappingURL=AuthorizationEvaluate.js.map