alma/NeahFront3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update api users and groups and users 11

Browse Source
This commit is contained in:
Alma 2025-04-09 21:32:19 +02:00
parent 992d5ec2a0
commit 159ad9cbdf
3 changed files with 194 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

121
app/api/groups/[groupId]/members/route.ts Normal file
View File

@ -0,0 +1,121 @@
import { getServerSession } from "next-auth/next";
import { authOptions } from "@/app/api/auth/[...nextauth]/route";
import { NextResponse } from "next/server";
export async function GET(
req: Request,
{ params }: { params: { groupId: string } }
) {
const session = await getServerSession(authOptions);
if (!session) {
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
}
try {
// Get client credentials token
const tokenResponse = await fetch(
`${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
{
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
body: new URLSearchParams({
grant_type: 'client_credentials',
client_id: process.env.KEYCLOAK_CLIENT_ID!,
client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
}),
}
);
const tokenData = await tokenResponse.json();
if (!tokenResponse.ok) {
console.error("Failed to get token:", tokenData);
return NextResponse.json({ error: "Failed to get token" }, { status: 500 });
}
// Get group members
const membersResponse = await fetch(
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/groups/${params.groupId}/members`,
{
headers: {
'Authorization': `Bearer ${tokenData.access_token}`,
},
}
);
if (!membersResponse.ok) {
const errorData = await membersResponse.json();
console.error("Failed to get group members:", errorData);
return NextResponse.json({ error: "Failed to get group members" }, { status: membersResponse.status });
}
const members = await membersResponse.json();
return NextResponse.json(members);
} catch (error) {
console.error("Error in get group members:", error);
return NextResponse.json({ error: "Internal server error" }, { status: 500 });
}
}
export async function POST(
req: Request,
{ params }: { params: { groupId: string } }
) {
const session = await getServerSession(authOptions);
if (!session) {
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
}
try {
const { userId } = await req.json();
// Get client credentials token
const tokenResponse = await fetch(
`${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`,
{
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
body: new URLSearchParams({
grant_type: 'client_credentials',
client_id: process.env.KEYCLOAK_CLIENT_ID!,
client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
}),
}
);
const tokenData = await tokenResponse.json();
if (!tokenResponse.ok) {
console.error("Failed to get token:", tokenData);
return NextResponse.json({ error: "Failed to get token" }, { status: 500 });
}
// Add user to group
const addResponse = await fetch(
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${userId}/groups/${params.groupId}`,
{
method: 'PUT',
headers: {
'Authorization': `Bearer ${tokenData.access_token}`,
},
}
);
if (!addResponse.ok) {
const errorData = await addResponse.json();
console.error("Failed to add user to group:", errorData);
return NextResponse.json({ error: "Failed to add user to group" }, { status: addResponse.status });
}
return NextResponse.json({ success: true });
} catch (error) {
console.error("Error in add user to group:", error);
return NextResponse.json({ error: "Internal server error" }, { status: 500 });
}
}

186
app/api/users/[userId]/roles/route.ts
View File

@ -1,149 +1,97 @@
import { getServerSession } from "next-auth/next";
import { authOptions } from "@/app/api/auth/[...nextauth]/route";
import { NextResponse } from "next/server"; import { NextResponse } from "next/server";
import { getServerSession } from "next-auth";
import { authOptions } from "@/app/api/auth/[...nextauth]/route";
import { getKeycloakAdminClient } from "@/lib/keycloak";
import { RoleRepresentation } from "@keycloak/keycloak-admin-client/lib/defs/roleRepresentation";
async function getAdminToken() { export async function GET(
request: Request,
{ params }: { params: { userId: string } }
) {
try { try {
const tokenResponse = await fetch( const session = await getServerSession(authOptions);
`${process.env.KEYCLOAK_BASE_URL}/realms/${process.env.KEYCLOAK_REALM}/protocol/openid-connect/token`, if (!session) {
{ return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
body: new URLSearchParams({
grant_type: 'client_credentials',
client_id: process.env.KEYCLOAK_CLIENT_ID!,
client_secret: process.env.KEYCLOAK_CLIENT_SECRET!,
}),
}
);
const data = await tokenResponse.json();
if (!tokenResponse.ok || !data.access_token) {
console.error('Token Error:', data);
return null;
} }
return data.access_token; const { userId } = params;
const kcAdminClient = await getKeycloakAdminClient();
// Get all available roles
const availableRoles = await kcAdminClient.roles.find();
// Get user's current roles
const userRoles = await kcAdminClient.users.listRoleMappings({
id: userId,
});
return NextResponse.json({
availableRoles,
userRoles,
});
} catch (error) { } catch (error) {
console.error('Token Error:', error); console.error("Error fetching roles:", error);
return null; return NextResponse.json(
{ error: "Failed to fetch roles" },
{ status: 500 }
);
} }
} }
export async function PUT( export async function PUT(
req: Request, request: Request,
{ params }: { params: { userId: string } } { params }: { params: { userId: string } }
) { ) {
const session = await getServerSession(authOptions);
if (!session) {
return NextResponse.json({ error: "Non autorisé" }, { status: 401 });
}
try { try {
const { roles } = await req.json(); const session = await getServerSession(authOptions);
const token = await getAdminToken(); if (!session) {
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
if (!token) {
return NextResponse.json({ error: "Erreur d'authentification" }, { status: 401 });
} }
// First, get all available roles from Keycloak const { userId } = params;
const rolesResponse = await fetch( const { roles } = await request.json();
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/roles`, const kcAdminClient = await getKeycloakAdminClient();
{
headers: {
Authorization: `Bearer ${token}`,
},
}
);
if (!rolesResponse.ok) { // Get all available roles
const errorData = await rolesResponse.json(); const availableRoles = await kcAdminClient.roles.find();
console.error("Failed to fetch roles:", errorData);
return NextResponse.json({ error: "Erreur lors de la récupération des rôles" }, { status: rolesResponse.status }); // Get current user roles
} const currentRoles = await kcAdminClient.users.listRoleMappings({
id: userId,
const availableRoles = await rolesResponse.json();
console.log("Available roles:", availableRoles);
// Map role names to role objects
const roleObjects = roles.map((roleName: string) => {
const role = availableRoles.find((r: any) => r.name === roleName);
if (!role) {
throw new Error(`Role ${roleName} not found in Keycloak`);
}
return role;
}); });
// First, get current role mappings // Find roles to add and remove
const currentMappingsResponse = await fetch( const rolesToAdd = roles.filter(
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}/role-mappings/realm`, (role: string) => !currentRoles.clientMappings?.some((r: RoleRepresentation) => r.name === role)
{ );
headers: { const rolesToRemove = currentRoles.clientMappings?.filter(
Authorization: `Bearer ${token}`, (role: RoleRepresentation) => !roles.includes(role.name)
},
}
); );
if (!currentMappingsResponse.ok) { // Add new roles
const errorData = await currentMappingsResponse.json(); for (const roleName of rolesToAdd) {
console.error("Failed to fetch current role mappings:", errorData); const role = availableRoles.find((r: RoleRepresentation) => r.name === roleName);
return NextResponse.json({ error: "Erreur lors de la récupération des rôles actuels" }, { status: currentMappingsResponse.status }); if (role) {
} await kcAdminClient.users.addRealmRoleMappings({
id: userId,
const currentMappings = await currentMappingsResponse.json(); roles: [role],
});
// Remove all current role mappings
if (currentMappings.length > 0) {
const deleteResponse = await fetch(
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}/role-mappings/realm`,
{
method: 'DELETE',
headers: {
Authorization: `Bearer ${token}`,
'Content-Type': 'application/json',
},
body: JSON.stringify(currentMappings),
}
);
if (!deleteResponse.ok) {
const errorData = await deleteResponse.json();
console.error("Failed to remove current roles:", errorData);
return NextResponse.json({ error: "Erreur lors de la suppression des rôles actuels" }, { status: deleteResponse.status });
} }
} }
// Add new role mappings // Remove old roles
if (roleObjects.length > 0) { if (rolesToRemove && rolesToRemove.length > 0) {
const addResponse = await fetch( await kcAdminClient.users.delRealmRoleMappings({
`${process.env.KEYCLOAK_BASE_URL}/admin/realms/${process.env.KEYCLOAK_REALM}/users/${params.userId}/role-mappings/realm`, id: userId,
{ roles: rolesToRemove,
method: 'POST', });
headers: {
Authorization: `Bearer ${token}`,
'Content-Type': 'application/json',
},
body: JSON.stringify(roleObjects),
}
);
if (!addResponse.ok) {
const errorData = await addResponse.json();
console.error("Failed to add new roles:", errorData);
return NextResponse.json({ error: "Erreur lors de l'ajout des nouveaux rôles" }, { status: addResponse.status });
}
} }
return NextResponse.json({ success: true, roles }); return NextResponse.json({ success: true });
} catch (error) { } catch (error) {
console.error("Error in update roles:", error); console.error("Error updating roles:", error);
return NextResponse.json( return NextResponse.json(
{ error: error instanceof Error ? error.message : "Une erreur est survenue" }, { error: "Failed to update roles" },
{ status: 500 } { status: 500 }
); );
} }

6
components/users/users-table.tsx
View File

@ -551,6 +551,7 @@ export function UsersTable({ userRole = [] }: UsersTableProps) {
variant="ghost" variant="ghost"
className="h-8 w-8 p-0" className="h-8 w-8 p-0"
onClick={(e) => { onClick={(e) => {
e.preventDefault();
e.stopPropagation(); e.stopPropagation();
}} }}
> >
@ -562,6 +563,7 @@ export function UsersTable({ userRole = [] }: UsersTableProps) {
<DropdownMenuLabel>Actions</DropdownMenuLabel> <DropdownMenuLabel>Actions</DropdownMenuLabel>
<DropdownMenuItem <DropdownMenuItem
onClick={(e) => { onClick={(e) => {
e.preventDefault();
e.stopPropagation(); e.stopPropagation();
handleEdit(user.id); handleEdit(user.id);
}} }}
@ -571,6 +573,7 @@ export function UsersTable({ userRole = [] }: UsersTableProps) {
</DropdownMenuItem> </DropdownMenuItem>
<DropdownMenuItem <DropdownMenuItem
onClick={(e) => { onClick={(e) => {
e.preventDefault();
e.stopPropagation(); e.stopPropagation();
handleManageRoles(user.id); handleManageRoles(user.id);
}} }}
@ -580,6 +583,7 @@ export function UsersTable({ userRole = [] }: UsersTableProps) {
</DropdownMenuItem> </DropdownMenuItem>
<DropdownMenuItem <DropdownMenuItem
onClick={(e) => { onClick={(e) => {
e.preventDefault();
e.stopPropagation(); e.stopPropagation();
handleChangePassword(user.id); handleChangePassword(user.id);
}} }}
@ -589,6 +593,7 @@ export function UsersTable({ userRole = [] }: UsersTableProps) {
</DropdownMenuItem> </DropdownMenuItem>
<DropdownMenuItem <DropdownMenuItem
onClick={(e) => { onClick={(e) => {
e.preventDefault();
e.stopPropagation(); e.stopPropagation();
handleToggleUserStatus(user.id, user.enabled); handleToggleUserStatus(user.id, user.enabled);
}} }}
@ -609,6 +614,7 @@ export function UsersTable({ userRole = [] }: UsersTableProps) {
<DropdownMenuItem <DropdownMenuItem
className="text-red-600" className="text-red-600"
onClick={(e) => { onClick={(e) => {
e.preventDefault();
e.stopPropagation(); e.stopPropagation();
handleDelete(user.id); handleDelete(user.id);
}} }}