Re: [keycloak-dev] Hide internal clients and roles
On 6/10/2015 10:15 AM, Stian Thorgersen wrote:
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: keycloak-dev(a)lists.jboss.org
> Sent: Wednesday, 10 June, 2015 4:08:16 PM
> Subject: Re: [keycloak-dev] Hide internal clients and roles
>
> I think security-admin-console and realm-management should be merged in
> non-Master realms. In master realm, rename everything to
> <realm>-security-admin-console. Finally, an internal role or client
> would not be able to be deleted.
>
> I don't think you should hide any roles ever. I don't see why you would
> want to. I do think you should make internal clients and roles unremovable.
Hiding the internal realm roles would enable a "blank slate" page on the realm
roles list. Alternatively, and I actually think this is a better idea, is to make the
admin and create-realm roles roles of the master-security-admin-console realm rather than
realm roles. In that case all we need is "internal" clients and an option to
view/hide them on the clients list.
Do you like the idea of merging security-admin-console and realm-management?
+1 to moving "admin" and "create-realm" to
master-security-admin-console.
The "blank slate" page could be displayed if there is no *non*
internal-clients/roles. There could be a button or link on the Blank
Slate page "View built-in clients" along with "create client". I
don't
know if it is better to have a "hide built-in clients" checkbox on the
client list page, or to just show them by default.
Which one is it btw "an internal role or client would not be
able to be deleted" or "I do think you should make internal clients and roles
unremovable"?
Sorry, I repeated myself without realizing. internal things should not
be deletable or removable, right?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com