forked from keycloak/keycloak
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bugfix: "User Profile" attributes not available for Users Attribute s…
…earch, when admin user does not have view- or manage-realm realm-management role - UIRealmResource: add "info" sub-resource to get realm-related information, which is visible for ALL admins (users having any realm-management role); for now, only provide the information whether any user profile provider is enabled - UIRealmResourceTest: test the new endpoint, including permissions check - UserDataTable.tsx: use this resource to get the info whether user profile providers are enabled, instead of using the realm components resource (which requires "view-realm" permissions) - .../cypress/e2e/users_attribute_search_test.spec.ts: add cypress test to test the attribute search with minimum access rights - further small changes for reuse of components, test-code etc Closes keycloak#27536 Signed-off-by: Daniel Fesenmeyer <[email protected]>
- Loading branch information
1 parent
e090b0d
commit edafe8f
Showing
18 changed files
with
536 additions
and
85 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
100 changes: 100 additions & 0 deletions
100
js/apps/admin-ui/cypress/e2e/users_attribute_search_test.spec.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
import SidebarPage from "../support/pages/admin-ui/SidebarPage"; | ||
import LoginPage from "../support/pages/LoginPage"; | ||
import { keycloakBefore } from "../support/util/keycloak_hooks"; | ||
import adminClient from "../support/util/AdminClient"; | ||
import { | ||
DefaultUserAttribute, | ||
UserFilterType, | ||
} from "../support/pages/admin-ui/manage/users/UsersListingPage"; | ||
import UsersPage from "../support/pages/admin-ui/manage/users/UsersPage"; | ||
|
||
describe("Query by user attributes", () => { | ||
const loginPage = new LoginPage(); | ||
const sidebarPage = new SidebarPage(); | ||
const usersPage = new UsersPage(); | ||
const listingPage = usersPage.listing(); | ||
|
||
const emailSuffix = "@example.org"; | ||
|
||
const user1Username = "user-attrs-1"; | ||
const user1FirstName = "John"; | ||
const user1LastName = "Doe"; | ||
const user1Pwd = "pwd"; | ||
const user2Username = "user-attrs-2"; | ||
const user2FirstName = "Jane"; | ||
const user2LastName = user1LastName; | ||
|
||
before(async () => { | ||
await cleanupTestData(); | ||
const user1 = await adminClient.createUser({ | ||
username: user1Username, | ||
credentials: [ | ||
{ | ||
type: "password", | ||
value: user1Pwd, | ||
}, | ||
], | ||
email: user1Username + emailSuffix, | ||
firstName: user1FirstName, | ||
lastName: user1LastName, | ||
enabled: true, | ||
}); | ||
const user1Id = user1.id!; | ||
await adminClient.addClientRoleToUser(user1Id, "master-realm", [ | ||
"view-users", | ||
]); | ||
|
||
await adminClient.createUser({ | ||
username: user2Username, | ||
email: user2Username + emailSuffix, | ||
firstName: user2FirstName, | ||
lastName: user2LastName, | ||
enabled: true, | ||
}); | ||
}); | ||
|
||
beforeEach(() => { | ||
loginPage.logIn(user1Username, user1Pwd); | ||
keycloakBefore(); | ||
sidebarPage.goToUsers(); | ||
}); | ||
|
||
after(async () => { | ||
await cleanupTestData(); | ||
}); | ||
|
||
async function cleanupTestData() { | ||
await adminClient.deleteUser(user1Username, true); | ||
await adminClient.deleteUser(user2Username, true); | ||
} | ||
|
||
it("Query with one attribute condition", () => { | ||
listingPage | ||
.selectUserSearchFilter(UserFilterType.AttributeSearch) | ||
.openUserAttributesSearchForm() | ||
.addUserAttributeSearchCriteria( | ||
DefaultUserAttribute.lastName, | ||
user1LastName, | ||
) | ||
.triggerAttributesSearch() | ||
.itemExist(user1Username, true) | ||
.itemExist(user2Username, true); | ||
}); | ||
|
||
it("Query with two attribute conditions", () => { | ||
listingPage | ||
.selectUserSearchFilter(UserFilterType.AttributeSearch) | ||
.openUserAttributesSearchForm() | ||
.addUserAttributeSearchCriteria( | ||
DefaultUserAttribute.lastName, | ||
user1LastName, | ||
) | ||
.addUserAttributeSearchCriteria( | ||
DefaultUserAttribute.firstName, | ||
user1FirstName, | ||
) | ||
.triggerAttributesSearch() | ||
.itemExist(user1Username, true) | ||
.itemExist(user2Username, false); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.