Skip to content

Commit

Permalink
HRMNY-15076 Disabling changes to Service Users
Browse files Browse the repository at this point in the history
  • Loading branch information
@santosh898
santosh898 committed Apr 30, 2024
1 parent 9d0a2bb commit e010081
Show file tree
Hide file tree
Showing 2 changed files with 106 additions and 67 deletions.
122 changes: 78 additions & 44 deletions js/apps/admin-ui/src/user/EditUser.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ export default function EditUser() {
const { id } = useParams<UserParams>();
const { t } = useTranslation("users");
const [user, setUser] = useState<UserRepresentation>();
const [isServiceUser, setIsServiceUser] = useState<boolean>(false);
const [bruteForced, setBruteForced] = useState<BruteForced>();
const [refreshCount, setRefreshCount] = useState(0);
const refresh = () => setRefreshCount((count) => count + 1);
Expand All @@ -62,11 +63,22 @@ export default function EditUser() {
const isBruteForceProtected = currentRealm.bruteForceProtected;
const isLocked = isBruteForceProtected && attackDetection.disabled;

return { user, bruteForced: { isBruteForceProtected, isLocked } };
const serviceUsers = await adminClient.roles.findUsersWithRole({
name: "service",
});

return {
user,
bruteForced: { isBruteForceProtected, isLocked },
isServiceUser: serviceUsers.some(
(serviceUser) => serviceUser.id === user.id
),
};
},
({ user, bruteForced }) => {
({ user, bruteForced, isServiceUser }) => {
setUser(user);
setBruteForced(bruteForced);
setIsServiceUser(isServiceUser);
},
[refreshCount]
);
Expand All @@ -76,17 +88,28 @@ export default function EditUser() {
}

return (
<EditUserForm user={user} bruteForced={bruteForced} refresh={refresh} />
<EditUserForm
user={user}
bruteForced={bruteForced}
refresh={refresh}
isServiceUser={isServiceUser}
/>
);
}

type EditUserFormProps = {
user: UserRepresentation;
bruteForced: BruteForced;
isServiceUser: boolean;
refresh: () => void;
};

const EditUserForm = ({ user, bruteForced, refresh }: EditUserFormProps) => {
const EditUserForm = ({
user,
bruteForced,
isServiceUser,
refresh,
}: EditUserFormProps) => {
const { t } = useTranslation("users");
const { realm } = useRealm();
const { adminClient } = useAdminClient();
Expand Down Expand Up @@ -175,29 +198,31 @@ const EditUserForm = ({ user, bruteForced, refresh }: EditUserFormProps) => {
<>
<ImpersonateConfirm />
<DeleteConfirm />
<ViewHeader
titleKey={user.username!}
className="kc-username-view-header"
divider={false}
dropdownItems={[
<DropdownItem
key="impersonate"
isDisabled={!user.access?.impersonate}
onClick={() => toggleImpersonateDialog()}
>
{t("impersonate")}
</DropdownItem>,
<DropdownItem
key="delete"
isDisabled={!user.access?.manage}
onClick={() => toggleDeleteDialog()}
>
{t("common:delete")}
</DropdownItem>,
]}
onToggle={(value) => save({ ...user, enabled: value })}
isEnabled={user.enabled}
/>
{!isServiceUser && (
<ViewHeader
titleKey={user.username!}
className="kc-username-view-header"
divider={false}
dropdownItems={[
<DropdownItem
key="impersonate"
isDisabled={!user.access?.impersonate}
onClick={() => toggleImpersonateDialog()}
>
{t("impersonate")}
</DropdownItem>,
<DropdownItem
key="delete"
isDisabled={!user.access?.manage}
onClick={() => toggleDeleteDialog()}
>
{t("common:delete")}
</DropdownItem>,
]}
onToggle={(value) => save({ ...user, enabled: value })}
isEnabled={user.enabled}
/>
)}

<PageSection variant="light" className="pf-u-p-0">
<UserProfileProvider>
Expand All @@ -213,25 +238,34 @@ const EditUserForm = ({ user, bruteForced, refresh }: EditUserFormProps) => {
{...settingsTab}
>
<PageSection variant="light">
<UserForm save={save} user={user} bruteForce={bruteForced} />
<UserForm
save={save}
user={user}
bruteForce={bruteForced}
isServiceUser={isServiceUser}
/>
</PageSection>
</Tab>
<Tab
data-testid="credentials"
isHidden={!user.access?.view}
title={<TabTitleText>{t("common:credentials")}</TabTitleText>}
{...credentialsTab}
>
<UserCredentials user={user} />
</Tab>
<Tab
data-testid="role-mapping-tab"
isHidden={!user.access?.mapRoles}
title={<TabTitleText>{t("roleMapping")}</TabTitleText>}
{...roleMappingTab}
>
<UserRoleMapping id={user.id!} name={user.username!} />
</Tab>
{!isServiceUser && (
<Tab
data-testid="credentials"
isHidden={!user.access?.view}
title={<TabTitleText>{t("common:credentials")}</TabTitleText>}
{...credentialsTab}
>
<UserCredentials user={user} />
</Tab>
)}
{!isServiceUser && (
<Tab
data-testid="role-mapping-tab"
isHidden={!user.access?.mapRoles}
title={<TabTitleText>{t("roleMapping")}</TabTitleText>}
{...roleMappingTab}
>
<UserRoleMapping id={user.id!} name={user.username!} />
</Tab>
)}
</RoutableTabs>
</FormProvider>
</UserProfileProvider>
Expand Down
51 changes: 28 additions & 23 deletions js/apps/admin-ui/src/user/UserForm.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ export type UserFormProps = {
bruteForce?: BruteForced;
save: (user: UserFormSaveResponse) => void;
onGroupsUpdate?: (groups: GroupRepresentation[]) => void;
isServiceUser?: boolean;
};

export const UserForm = ({
Expand All @@ -51,6 +52,7 @@ export const UserForm = ({
isLocked: false,
},
save,
isServiceUser = false,
}: UserFormProps) => {
const { t } = useTranslation("users");
const { realm: realmName } = useRealm();
Expand Down Expand Up @@ -104,6 +106,7 @@ export const UserForm = ({
role="query-users"
fineGrainedAccess={user?.access?.manage}
className="pf-u-mt-lg"
isReadOnly={isServiceUser}
>
{user?.id && (
<>
Expand Down Expand Up @@ -259,29 +262,31 @@ export const UserForm = ({
/>
</FormGroup>
)}
<ActionGroup>
<Button
data-testid={!user?.id ? "create-user" : "save-user"}
isDisabled={
!user?.id &&
!watchUsernameInput &&
!realm?.registrationEmailAsUsername
}
variant="primary"
type="submit"
>
{user?.id ? t("common:save") : t("common:create")}
</Button>
<Button
data-testid="cancel-create-user"
onClick={() =>
user?.id ? reset(user) : navigate(`/${realmName}/users`)
}
variant="link"
>
{user?.id ? t("common:revert") : t("common:cancel")}
</Button>
</ActionGroup>
{!isServiceUser && (
<ActionGroup>
<Button
data-testid={!user?.id ? "create-user" : "save-user"}
isDisabled={
!user?.id &&
!watchUsernameInput &&
!realm?.registrationEmailAsUsername
}
variant="primary"
type="submit"
>
{user?.id ? t("common:save") : t("common:create")}
</Button>
<Button
data-testid="cancel-create-user"
onClick={() =>
user?.id ? reset(user) : navigate(`/${realmName}/users`)
}
variant="link"
>
{user?.id ? t("common:revert") : t("common:cancel")}
</Button>
</ActionGroup>
)}
</FormAccess>
);
};

0 comments on commit e010081

Please sign in to comment.