From 43f5983613a19e0adb933b5838f767f423fe62da Mon Sep 17 00:00:00 2001 From: Pedro Igor Date: Tue, 25 Sep 2018 12:02:11 -0300 Subject: [PATCH] [KEYCLOAK-8289] - Remove authorization services from product preview profile --- .../java/org/keycloak/common/Profile.java | 4 +- .../models/utils/ModelToRepresentation.java | 10 ++- .../services/resources/RealmsResource.java | 2 - .../resources/account/AccountConsole.java | 2 +- .../resources/account/AccountFormService.java | 2 +- .../resources/admin/ClientResource.java | 12 ++-- .../resources/admin/ClientsResource.java | 14 ++-- .../AbstractBaseServletAuthzAdapterTest.java | 3 - .../AbstractPhotozExampleAdapterTest.java | 3 - .../DefaultAuthzConfigAdapterTest.java | 3 - .../ServletPolicyEnforcerTest.java | 3 - .../testsuite/admin/AuthzCleanupTest.java | 5 -- .../testsuite/admin/PermissionsTest.java | 2 - .../admin/client/InstallationTest.java | 2 - .../AbstractAuthorizationTest.java | 5 -- .../AbstractPolicyManagementTest.java | 5 -- .../AuthorizationDisabledInPreviewTest.java | 53 --------------- .../ClaimInformationPointProviderTest.java | 1 - .../authorization/EnforcerConfigTest.java | 3 - .../PolicyEnforcerClaimsTest.java | 5 -- .../authorization/PolicyEnforcerTest.java | 5 -- .../testsuite/authz/AbstractAuthzTest.java | 5 -- .../crossdc/InvalidationCrossDCTest.java | 2 - .../exportimport/ExportImportUtil.java | 4 +- .../forms/ScriptAuthenticatorTest.java | 5 -- .../migration/AbstractMigrationTest.java | 2 - .../AbstractAuthorizationSettingsTest.java | 5 -- ...entAuthorizationServicesAvailableTest.java | 64 ------------------- .../resources/partials/client-detail.html | 2 +- .../templates/kc-tabs-client-role.html | 2 +- .../resources/templates/kc-tabs-client.html | 4 +- .../resources/templates/kc-tabs-group.html | 2 +- .../templates/kc-tabs-identity-provider.html | 2 +- .../resources/templates/kc-tabs-role.html | 2 +- .../resources/templates/kc-tabs-users.html | 2 +- 35 files changed, 27 insertions(+), 220 deletions(-) delete mode 100644 testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AuthorizationDisabledInPreviewTest.java delete mode 100644 testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/ClientAuthorizationServicesAvailableTest.java diff --git a/common/src/main/java/org/keycloak/common/Profile.java b/common/src/main/java/org/keycloak/common/Profile.java index 19f57c10c03..04d4f0b7bb7 100755 --- a/common/src/main/java/org/keycloak/common/Profile.java +++ b/common/src/main/java/org/keycloak/common/Profile.java @@ -34,7 +34,7 @@ public class Profile { public enum Feature { ACCOUNT2, - AUTHORIZATION, + ADMIN_FINE_GRAINED_AUTHZ, DOCKER, IMPERSONATION, OPENSHIFT_INTEGRATION, @@ -54,7 +54,7 @@ public class Profile { } private enum ProfileValue { - PRODUCT(Feature.AUTHORIZATION, Feature.SCRIPTS, Feature.DOCKER, Feature.ACCOUNT2, Feature.TOKEN_EXCHANGE), + PRODUCT(Feature.ADMIN_FINE_GRAINED_AUTHZ, Feature.SCRIPTS, Feature.DOCKER, Feature.ACCOUNT2, Feature.TOKEN_EXCHANGE), PREVIEW(Feature.ACCOUNT2), COMMUNITY(Feature.DOCKER, Feature.ACCOUNT2); diff --git a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java index dd7eef72bb9..64d3f2151e3 100755 --- a/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java +++ b/server-spi-private/src/main/java/org/keycloak/models/utils/ModelToRepresentation.java @@ -547,13 +547,11 @@ public class ModelToRepresentation { rep.setProtocolMappers(mappings); } - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - AuthorizationProvider authorization = session.getProvider(AuthorizationProvider.class); - ResourceServer resourceServer = authorization.getStoreFactory().getResourceServerStore().findById(clientModel.getId()); + AuthorizationProvider authorization = session.getProvider(AuthorizationProvider.class); + ResourceServer resourceServer = authorization.getStoreFactory().getResourceServerStore().findById(clientModel.getId()); - if (resourceServer != null) { - rep.setAuthorizationServicesEnabled(true); - } + if (resourceServer != null) { + rep.setAuthorizationServicesEnabled(true); } return rep; diff --git a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java index 7a95bb85c35..8ac3c046eb9 100755 --- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java @@ -257,8 +257,6 @@ public class RealmsResource { @Path("{realm}/authz") public Object getAuthorizationService(@PathParam("realm") String name) { - ProfileHelper.requireFeature(Profile.Feature.AUTHORIZATION); - init(name); AuthorizationProvider authorization = this.session.getProvider(AuthorizationProvider.class); AuthorizationService service = new AuthorizationService(authorization); diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java index d1d2221e722..7f15b086f3d 100644 --- a/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java +++ b/services/src/main/java/org/keycloak/services/resources/account/AccountConsole.java @@ -109,7 +109,7 @@ public class AccountConsole { EventStoreProvider eventStore = session.getProvider(EventStoreProvider.class); map.put("isEventsEnabled", eventStore != null && realm.isEventsEnabled()); - map.put("isAuthorizationEnabled", Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)); + map.put("isAuthorizationEnabled", true); FreeMarkerUtil freeMarkerUtil = new FreeMarkerUtil(); String result = freeMarkerUtil.processTemplate(map, "index.ftl", theme); diff --git a/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java b/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java index c27c387c37b..8b20d1d1aa7 100755 --- a/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java +++ b/services/src/main/java/org/keycloak/services/resources/account/AccountFormService.java @@ -172,7 +172,7 @@ public class AccountFormService extends AbstractSecuredLocalService { account.setUser(auth.getUser()); } - account.setFeatures(realm.isIdentityFederationEnabled(), eventStore != null && realm.isEventsEnabled(), true, Profile.isFeatureEnabled(Feature.AUTHORIZATION)); + account.setFeatures(realm.isIdentityFederationEnabled(), eventStore != null && realm.isEventsEnabled(), true, true); } public static UriBuilder accountServiceBaseUrl(UriInfo uriInfo) { diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java index a03eea5d291..47f131354eb 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java @@ -606,8 +606,6 @@ public class ClientResource { @Path("/authz") public AuthorizationService authorization() { - ProfileHelper.requireFeature(Profile.Feature.AUTHORIZATION); - AuthorizationService resource = new AuthorizationService(this.session, this.client, this.auth, adminEvent); ResteasyProviderFactory.getInstance().injectProperties(resource); @@ -691,12 +689,10 @@ public class ClientResource { } private void updateAuthorizationSettings(ClientRepresentation rep) { - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { - authorization().enable(false); - } else { - authorization().disable(); - } + if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { + authorization().enable(false); + } else { + authorization().disable(); } } } diff --git a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java index 4b7079c3602..bc8474bcbc8 100755 --- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java +++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java @@ -177,17 +177,15 @@ public class ClientsResource { adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri(), clientModel.getId()).representation(rep).success(); - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { - AuthorizationService authorizationService = getAuthorizationService(clientModel); + if (TRUE.equals(rep.getAuthorizationServicesEnabled())) { + AuthorizationService authorizationService = getAuthorizationService(clientModel); - authorizationService.enable(true); + authorizationService.enable(true); - ResourceServerRepresentation authorizationSettings = rep.getAuthorizationSettings(); + ResourceServerRepresentation authorizationSettings = rep.getAuthorizationSettings(); - if (authorizationSettings != null) { - authorizationService.resourceServer().importSettings(authorizationSettings); - } + if (authorizationSettings != null) { + authorizationService.resourceServer().importSettings(authorizationSettings); } } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java index fc58e43187f..0753f982ae8 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractBaseServletAuthzAdapterTest.java @@ -55,9 +55,6 @@ public abstract class AbstractBaseServletAuthzAdapterTest extends AbstractExampl protected static final String REALM_NAME = "servlet-authz"; protected static final String RESOURCE_SERVER_ID = "servlet-authz-app"; - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @ArquillianResource private Deployer deployer; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java index 5cf90706477..262825e546d 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java @@ -122,9 +122,6 @@ public abstract class AbstractPhotozExampleAdapterTest extends AbstractExampleAd testRealmPage.setAuthRealm(REALM_NAME); } - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @Before public void beforePhotozExampleAdapterTest() throws Exception { DroneUtils.addWebDriver(jsDriver); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java index df1738e483e..5cc3410d2a5 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/DefaultAuthzConfigAdapterTest.java @@ -57,9 +57,6 @@ public class DefaultAuthzConfigAdapterTest extends AbstractExampleAdapterTest { private static final String REALM_NAME = "hello-world-authz"; private static final String RESOURCE_SERVER_ID = "hello-world-authz-service"; - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @ArquillianResource private Deployer deployer; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java index b8963dd8359..6707f9ebb38 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/ServletPolicyEnforcerTest.java @@ -63,9 +63,6 @@ public class ServletPolicyEnforcerTest extends AbstractExampleAdapterTest { protected static final String REALM_NAME = "servlet-policy-enforcer-authz"; protected static final String RESOURCE_SERVER_ID = "servlet-policy-enforcer"; - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @ArquillianResource private Deployer deployer; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java index 11eac1202a2..f508050fa6f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/AuthzCleanupTest.java @@ -50,11 +50,6 @@ import org.keycloak.util.JsonSerialization; */ public class AuthzCleanupTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Deployment public static WebArchive deploy() { return RunOnServerDeployment.create(); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java index 0cce9897ccc..5cbe600c58c 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/PermissionsTest.java @@ -809,8 +809,6 @@ public class PermissionsTest extends AbstractKeycloakTest { @Test public void clientAuthorization() { - ProfileAssume.assumePreview(); - ClientRepresentation newClient = new ClientRepresentation(); newClient.setClientId("foo-authz"); adminClient.realms().realm(REALM_NAME).clients().create(newClient); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java index d7592638718..2743971f569 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/InstallationTest.java @@ -128,8 +128,6 @@ public class InstallationTest extends AbstractClientTest { @Test public void testOidcBearerOnlyWithAuthzJson() { - ProfileAssume.assumePreview(); - oidcBearerOnlyClientWithAuthzId = createOidcBearerOnlyClientWithAuthz(OIDC_NAME_BEARER_ONLY_WITH_AUTHZ_NAME); oidcBearerOnlyClientWithAuthz = findClientResource(OIDC_NAME_BEARER_ONLY_WITH_AUTHZ_NAME); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java index 8546c2a15d6..622f1f91e40 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractAuthorizationTest.java @@ -57,11 +57,6 @@ public abstract class AbstractAuthorizationTest extends AbstractClientTest { return "authz-test"; } - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(createTestRealm().build()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java index 77045a10728..a1ea8d4fb7b 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.java @@ -52,11 +52,6 @@ import org.keycloak.testsuite.util.UserBuilder; */ public abstract class AbstractPolicyManagementTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(createTestRealm().build()); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AuthorizationDisabledInPreviewTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AuthorizationDisabledInPreviewTest.java deleted file mode 100644 index 8bb9bcb81eb..00000000000 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/AuthorizationDisabledInPreviewTest.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.keycloak.testsuite.admin.client.authorization; - -import org.junit.BeforeClass; -import org.junit.Test; -import org.keycloak.testsuite.ProfileAssume; -import org.keycloak.testsuite.admin.client.AbstractClientTest; - -import javax.ws.rs.ServerErrorException; -import javax.ws.rs.core.Response; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.fail; - -/** - * @author Stian Thorgersen - */ -public class AuthorizationDisabledInPreviewTest extends AbstractClientTest { - - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreviewDisabled(); - } - - @Test - public void testAuthzServicesRemoved() { - String id = testRealmResource().clients().findAll().get(0).getId(); - try { - testRealmResource().clients().get(id).authorization().getSettings(); - } catch (ServerErrorException e) { - assertEquals(Response.Status.NOT_IMPLEMENTED.getStatusCode(), e.getResponse().getStatus()); - return; - } - fail("Feature Authorization should be disabled."); - } - -} diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java index 8f276440e6e..e3f05c13905 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/ClaimInformationPointProviderTest.java @@ -75,7 +75,6 @@ public class ClaimInformationPointProviderTest extends AbstractKeycloakTest { @BeforeClass public static void onBeforeClass() { - ProfileAssume.assumePreview(); httpService = Undertow.builder().addHttpListener(8989, "localhost").setHandler(exchange -> { if (exchange.isInIoThread()) { try { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java index 76e4e0586b9..7d87d72b3f7 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/EnforcerConfigTest.java @@ -40,9 +40,6 @@ import static org.keycloak.testsuite.utils.io.IOUtil.loadRealm; */ public class EnforcerConfigTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { ProfileAssume.assumePreview(); } - @Override public void addTestRealms(List testRealms) { RealmRepresentation realm = loadRealm(getClass().getResourceAsStream("/authorization-test/test-authz-realm.json")); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java index cff948b9380..bd8a5427970 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerClaimsTest.java @@ -82,11 +82,6 @@ public class PolicyEnforcerClaimsTest extends AbstractKeycloakTest { protected static final String REALM_NAME = "authz-test"; - @BeforeClass - public static void onBeforeClass() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(RealmBuilder.create().name(REALM_NAME) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java index 49eeec9087c..7896be98f8c 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/client/authorization/PolicyEnforcerTest.java @@ -86,11 +86,6 @@ public class PolicyEnforcerTest extends AbstractKeycloakTest { protected static final String REALM_NAME = "authz-test"; - @BeforeClass - public static void onBeforeClass() { - ProfileAssume.assumePreview(); - } - @Override public void addTestRealms(List testRealms) { testRealms.add(RealmBuilder.create().name(REALM_NAME) diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java index 77952be1f7a..6a5680b6fd8 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/AbstractAuthzTest.java @@ -12,11 +12,6 @@ import org.keycloak.testsuite.ProfileAssume; */ public abstract class AbstractAuthzTest extends AbstractKeycloakTest { - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - protected AccessToken toAccessToken(String rpt) { AccessToken accessToken; diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java index 0571c666eb3..33547c12cb0 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/crossdc/InvalidationCrossDCTest.java @@ -182,8 +182,6 @@ public class InvalidationCrossDCTest extends AbstractAdminCrossDCTest { @Test public void authzResourceInvalidationTest() throws Exception { - ProfileAssume.assumePreview(); - enableDcOnLoadBalancer(DC.FIRST); enableDcOnLoadBalancer(DC.SECOND); diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java index f0a58f22d49..5496790db78 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/exportimport/ExportImportUtil.java @@ -384,9 +384,7 @@ public class ExportImportUtil { Assert.assertNotNull(linked); Assert.assertEquals("my-service-user", linked.getUsername()); - if (Profile.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) { - assertAuthorizationSettings(realmRsc); - } + assertAuthorizationSettings(realmRsc); } diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java index 958c8a943a8..9971da79b15 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/ScriptAuthenticatorTest.java @@ -64,11 +64,6 @@ public class ScriptAuthenticatorTest extends AbstractFlowTest { public static final String EXECUTION_ID = "scriptAuth"; - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Override public void configureTestRealm(RealmRepresentation testRealm) { diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java index 0ff63e15098..52b42fc432f 100644 --- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java +++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/migration/AbstractMigrationTest.java @@ -355,8 +355,6 @@ public abstract class AbstractMigrationTest extends AbstractKeycloakTest { } private void testResourceWithMultipleUris() { - ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHORIZATION); - ClientsResource clients = migrationRealm.clients(); ClientRepresentation clientRepresentation = clients.findByClientId("authz-servlet").get(0); ResourceRepresentation resource = clients.get(clientRepresentation.getId()).authorization().resources().findByName("Protected Resource").get(0); diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java index de199f78340..b94fa05ead0 100644 --- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java +++ b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/authorization/AbstractAuthorizationSettingsTest.java @@ -43,11 +43,6 @@ public abstract class AbstractAuthorizationSettingsTest extends AbstractClientTe protected ClientRepresentation newClient; - @BeforeClass - public static void enabled() { - ProfileAssume.assumePreview(); - } - @Before public void configureTest() { this.newClient = createResourceServer(); diff --git a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/ClientAuthorizationServicesAvailableTest.java b/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/ClientAuthorizationServicesAvailableTest.java deleted file mode 100644 index c24da58978e..00000000000 --- a/testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/ClientAuthorizationServicesAvailableTest.java +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright 2016 Red Hat, Inc. and/or its affiliates - * and other contributors as indicated by the @author tags. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.keycloak.testsuite.console.clients; - -import org.jboss.arquillian.graphene.page.Page; -import org.junit.Test; -import org.keycloak.representations.idm.ClientRepresentation; -import org.keycloak.testsuite.ProfileAssume; -import org.keycloak.testsuite.console.page.clients.settings.ClientSettings; -import org.openqa.selenium.By; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; -import static org.keycloak.testsuite.auth.page.login.Login.OIDC; - -/** - * - * @author Vlastislav Ramik - */ -public class ClientAuthorizationServicesAvailableTest extends AbstractClientTest { - - private ClientRepresentation newClient; - - @Page - private ClientSettings clientSettingsPage; - - @Test - public void authzServicesAvailable() { - ProfileAssume.assumePreview(); - - newClient = createClientRep("oidc-public", OIDC); - createClient(newClient); - assertEquals("oidc-public", clientSettingsPage.form().getClientId()); - - assertTrue(driver.findElement(By.xpath("//*[@for='authorizationServicesEnabled']")).isDisplayed()); - } - - @Test - public void authzServicesUnavailable() throws InterruptedException { - ProfileAssume.assumePreviewDisabled(); - - newClient = createClientRep("oidc-public", OIDC); - createClient(newClient); - assertEquals("oidc-public", clientSettingsPage.form().getClientId()); - - assertFalse(driver.findElement(By.xpath("//*[@for='authorizationServicesEnabled']")).isDisplayed()); - - } -} \ No newline at end of file diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html b/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html index 5253641be32..38846719a6c 100755 --- a/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html +++ b/themes/src/main/resources/theme/base/admin/resources/partials/client-detail.html @@ -132,7 +132,7 @@ -
+
{{:: 'authz-authorization-services-enabled.tooltip' | translate}}
diff --git a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html index fd966d5741a..c1455834b5d 100755 --- a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html +++ b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-client-role.html @@ -5,7 +5,7 @@
diff --git a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html index 9128dfd2e9b..cdf40ec7dfd 100755 --- a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html +++ b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-role.html @@ -5,7 +5,7 @@
  • {{:: 'details' | translate}}
    • -
  • +
  • {{:: 'authz-permissions' | translate}} {{:: 'manage-permissions-role.tooltip' | translate}}
    • diff --git a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html index 61fe8909c2a..e5771a0c008 100755 --- a/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html +++ b/themes/src/main/resources/theme/base/admin/resources/templates/kc-tabs-users.html @@ -3,7 +3,7 @@