Skip to content

Do not query organizations if manage-realm is not granted #42072

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ahus1 merged 1 commit into from
Aug 26, 2025
Merged

Do not query organizations if manage-realm is not granted #42072

ahus1 merged 1 commit into from
Aug 26, 2025

Conversation

@pedroigor
Copy link
Contributor

@pedroigor pedroigor commented Aug 22, 2025
edited
Loading

Closes #41418

  • Currently, the Organization API relies on the manage-realm role to enforce admin access.
  • The useIsFeatureEnabled hook is updated to also check permissions when checking if a feature is enabled. That should make the UI also a bit better because the Organizations settings in the Realm Settings tab is not even shown if the admin user does not have the required role.

@pedroigor pedroigor requested review from a team as code owners August 22, 2025 10:58
@pedroigor pedroigor mentioned this pull request Aug 22, 2025
Closed
2 tasks
@pedroigor
Make it possible to check for permissions when deciding if a feature …
5432087 
…is enabled or not

Do not query organizations if manage-realm is not granted

Closes keycloak#41418

Signed-off-by: Pedro Igor <[email protected]>
martin-kanis
martin-kanis approved these changes Aug 26, 2025
View reviewed changes
Copy link
Contributor

@martin-kanis martin-kanis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @pedroigor. I tested the PR in the admin console and it fixes the problem described in the issue.
I let you decide whether you want another review from someone with deeper UI knowledge.

@ahus1 ahus1 enabled auto-merge (squash) August 26, 2025 19:30
@ahus1 ahus1 merged commit 600f03d into keycloak:main Aug 26, 2025
55 checks passed
@stianst stianst mentioned this pull request Sep 24, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ahus1 ahus1 ahus1 approved these changes

+1 more reviewer

@martin-kanis martin-kanis martin-kanis approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

team/ui

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Access to user details for restricted admin fails after enabling organizationin realm

3 participants

@pedroigor @martin-kanis @ahus1