2020-11-23 10:49:09 +00:00
|
|
|
"""core Configs API"""
|
2021-06-06 10:44:43 +00:00
|
|
|
from os import environ, path
|
2021-05-20 15:00:47 +00:00
|
|
|
|
|
|
|
|
from django.conf import settings
|
|
|
|
|
from django.db import models
|
2021-05-15 21:57:28 +00:00
|
|
|
from drf_spectacular.utils import extend_schema
|
2021-06-06 10:44:43 +00:00
|
|
|
from kubernetes.config.incluster_config import SERVICE_HOST_ENV_NAME
|
2021-05-20 15:00:47 +00:00
|
|
|
from rest_framework.fields import BooleanField, CharField, ChoiceField, ListField
|
2020-11-23 10:49:09 +00:00
|
|
|
from rest_framework.permissions import AllowAny
|
|
|
|
|
from rest_framework.request import Request
|
|
|
|
|
from rest_framework.response import Response
|
2021-05-16 15:44:19 +00:00
|
|
|
from rest_framework.views import APIView
|
2020-11-23 10:49:09 +00:00
|
|
|
|
2021-03-30 13:50:00 +00:00
|
|
|
from authentik.core.api.utils import PassiveSerializer
|
2021-05-29 23:01:58 +00:00
|
|
|
from authentik.events.geo import GEOIP_READER
|
2020-12-05 21:08:42 +00:00
|
|
|
from authentik.lib.config import CONFIG
|
2020-11-23 10:49:09 +00:00
|
|
|
|
|
|
|
|
|
2021-05-20 15:00:47 +00:00
|
|
|
class Capabilities(models.TextChoices):
|
|
|
|
|
"""Define capabilities which influence which APIs can/should be used"""
|
|
|
|
|
|
|
|
|
|
CAN_SAVE_MEDIA = "can_save_media"
|
2021-05-29 23:01:58 +00:00
|
|
|
CAN_GEO_IP = "can_geo_ip"
|
2021-06-06 10:44:43 +00:00
|
|
|
CAN_BACKUP = "can_backup"
|
2021-05-20 15:00:47 +00:00
|
|
|
|
|
|
|
|
|
2021-03-30 13:50:00 +00:00
|
|
|
class ConfigSerializer(PassiveSerializer):
|
2020-12-05 21:08:42 +00:00
|
|
|
"""Serialize authentik Config into DRF Object"""
|
2020-11-23 10:49:09 +00:00
|
|
|
|
2021-03-03 18:52:56 +00:00
|
|
|
error_reporting_enabled = BooleanField(read_only=True)
|
|
|
|
|
error_reporting_environment = CharField(read_only=True)
|
|
|
|
|
error_reporting_send_pii = BooleanField(read_only=True)
|
2020-11-29 17:10:12 +00:00
|
|
|
|
2021-05-20 15:00:47 +00:00
|
|
|
capabilities = ListField(child=ChoiceField(choices=Capabilities.choices))
|
|
|
|
|
|
2020-11-23 10:49:09 +00:00
|
|
|
|
2021-05-16 15:44:19 +00:00
|
|
|
class ConfigView(APIView):
|
2020-11-23 10:49:09 +00:00
|
|
|
"""Read-only view set that returns the current session's Configs"""
|
|
|
|
|
|
|
|
|
|
permission_classes = [AllowAny]
|
|
|
|
|
|
2021-05-20 15:00:47 +00:00
|
|
|
def get_capabilities(self) -> list[Capabilities]:
|
|
|
|
|
"""Get all capabilities this server instance supports"""
|
|
|
|
|
caps = []
|
|
|
|
|
deb_test = settings.DEBUG or settings.TEST
|
|
|
|
|
if path.ismount(settings.MEDIA_ROOT) or deb_test:
|
|
|
|
|
caps.append(Capabilities.CAN_SAVE_MEDIA)
|
2021-06-05 22:38:14 +00:00
|
|
|
if GEOIP_READER.enabled:
|
2021-05-29 23:01:58 +00:00
|
|
|
caps.append(Capabilities.CAN_GEO_IP)
|
2021-06-06 10:44:43 +00:00
|
|
|
if SERVICE_HOST_ENV_NAME in environ:
|
|
|
|
|
# Running in k8s, only s3 backup is supported
|
2021-07-15 07:58:07 +00:00
|
|
|
if CONFIG.y_bool("postgresql.s3_backup"):
|
2021-06-06 10:44:43 +00:00
|
|
|
caps.append(Capabilities.CAN_BACKUP)
|
|
|
|
|
else:
|
|
|
|
|
# Running in compose, backup is always supported
|
|
|
|
|
caps.append(Capabilities.CAN_BACKUP)
|
2021-05-20 15:00:47 +00:00
|
|
|
return caps
|
|
|
|
|
|
2021-05-15 21:57:28 +00:00
|
|
|
@extend_schema(responses={200: ConfigSerializer(many=False)})
|
2021-05-16 15:44:19 +00:00
|
|
|
def get(self, request: Request) -> Response:
|
2020-11-23 10:49:09 +00:00
|
|
|
"""Retrive public configuration options"""
|
|
|
|
|
config = ConfigSerializer(
|
|
|
|
|
{
|
2020-11-29 17:10:12 +00:00
|
|
|
"error_reporting_enabled": CONFIG.y("error_reporting.enabled"),
|
|
|
|
|
"error_reporting_environment": CONFIG.y("error_reporting.environment"),
|
|
|
|
|
"error_reporting_send_pii": CONFIG.y("error_reporting.send_pii"),
|
2021-05-20 15:00:47 +00:00
|
|
|
"capabilities": self.get_capabilities(),
|
2020-11-23 10:49:09 +00:00
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
return Response(config.data)
|
