flows: improved import (#3807)
* return logs when importing flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * improve error handling, show logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
b85be12567
commit
0efee2a660
|
@ -187,7 +187,10 @@ class Importer:
|
||||||
if "pk" in updated_identifiers:
|
if "pk" in updated_identifiers:
|
||||||
model_instance.pk = updated_identifiers["pk"]
|
model_instance.pk = updated_identifiers["pk"]
|
||||||
serializer_kwargs["instance"] = model_instance
|
serializer_kwargs["instance"] = model_instance
|
||||||
|
try:
|
||||||
full_data = self.__update_pks_for_attrs(entry.get_attrs(self.__import))
|
full_data = self.__update_pks_for_attrs(entry.get_attrs(self.__import))
|
||||||
|
except ValueError as exc:
|
||||||
|
raise EntryInvalidError(exc) from exc
|
||||||
full_data.update(updated_identifiers)
|
full_data.update(updated_identifiers)
|
||||||
serializer_kwargs["data"] = full_data
|
serializer_kwargs["data"] = full_data
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,7 @@ from django.views.debug import SafeExceptionReporterFilter
|
||||||
from geoip2.models import City
|
from geoip2.models import City
|
||||||
from guardian.utils import get_anonymous_user
|
from guardian.utils import get_anonymous_user
|
||||||
|
|
||||||
|
from authentik.blueprints.v1.common import YAMLTag
|
||||||
from authentik.core.models import User
|
from authentik.core.models import User
|
||||||
from authentik.events.geo import GEOIP_READER
|
from authentik.events.geo import GEOIP_READER
|
||||||
from authentik.policies.types import PolicyRequest
|
from authentik.policies.types import PolicyRequest
|
||||||
|
@ -111,6 +112,10 @@ def sanitize_item(value: Any) -> Any:
|
||||||
return GEOIP_READER.city_to_dict(value)
|
return GEOIP_READER.city_to_dict(value)
|
||||||
if isinstance(value, Path):
|
if isinstance(value, Path):
|
||||||
return str(value)
|
return str(value)
|
||||||
|
if isinstance(value, Exception):
|
||||||
|
return str(value)
|
||||||
|
if isinstance(value, YAMLTag):
|
||||||
|
return str(value)
|
||||||
if isinstance(value, type):
|
if isinstance(value, type):
|
||||||
return {
|
return {
|
||||||
"type": value.__name__,
|
"type": value.__name__,
|
||||||
|
|
|
@ -7,7 +7,7 @@ from django.utils.translation import gettext as _
|
||||||
from drf_spectacular.types import OpenApiTypes
|
from drf_spectacular.types import OpenApiTypes
|
||||||
from drf_spectacular.utils import OpenApiResponse, extend_schema
|
from drf_spectacular.utils import OpenApiResponse, extend_schema
|
||||||
from rest_framework.decorators import action
|
from rest_framework.decorators import action
|
||||||
from rest_framework.fields import ReadOnlyField
|
from rest_framework.fields import BooleanField, DictField, ListField, ReadOnlyField
|
||||||
from rest_framework.parsers import MultiPartParser
|
from rest_framework.parsers import MultiPartParser
|
||||||
from rest_framework.request import Request
|
from rest_framework.request import Request
|
||||||
from rest_framework.response import Response
|
from rest_framework.response import Response
|
||||||
|
@ -24,7 +24,9 @@ from authentik.core.api.utils import (
|
||||||
FilePathSerializer,
|
FilePathSerializer,
|
||||||
FileUploadSerializer,
|
FileUploadSerializer,
|
||||||
LinkSerializer,
|
LinkSerializer,
|
||||||
|
PassiveSerializer,
|
||||||
)
|
)
|
||||||
|
from authentik.events.utils import sanitize_dict
|
||||||
from authentik.flows.api.flows_diagram import FlowDiagram, FlowDiagramSerializer
|
from authentik.flows.api.flows_diagram import FlowDiagram, FlowDiagramSerializer
|
||||||
from authentik.flows.exceptions import FlowNonApplicableException
|
from authentik.flows.exceptions import FlowNonApplicableException
|
||||||
from authentik.flows.models import Flow
|
from authentik.flows.models import Flow
|
||||||
|
@ -77,6 +79,13 @@ class FlowSerializer(ModelSerializer):
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
class FlowImportResultSerializer(PassiveSerializer):
|
||||||
|
"""Logs of an attempted flow import"""
|
||||||
|
|
||||||
|
logs = ListField(child=DictField(), read_only=True)
|
||||||
|
success = BooleanField(read_only=True)
|
||||||
|
|
||||||
|
|
||||||
class FlowViewSet(UsedByMixin, ModelViewSet):
|
class FlowViewSet(UsedByMixin, ModelViewSet):
|
||||||
"""Flow Viewset"""
|
"""Flow Viewset"""
|
||||||
|
|
||||||
|
@ -130,25 +139,38 @@ class FlowViewSet(UsedByMixin, ModelViewSet):
|
||||||
@extend_schema(
|
@extend_schema(
|
||||||
request={"multipart/form-data": FileUploadSerializer},
|
request={"multipart/form-data": FileUploadSerializer},
|
||||||
responses={
|
responses={
|
||||||
204: OpenApiResponse(description="Successfully imported flow"),
|
204: FlowImportResultSerializer,
|
||||||
400: OpenApiResponse(description="Bad request"),
|
400: FlowImportResultSerializer,
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
@action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,))
|
@action(url_path="import", detail=False, methods=["POST"], parser_classes=(MultiPartParser,))
|
||||||
def import_flow(self, request: Request) -> Response:
|
def import_flow(self, request: Request) -> Response:
|
||||||
"""Import flow from .yaml file"""
|
"""Import flow from .yaml file"""
|
||||||
|
import_response = FlowImportResultSerializer(
|
||||||
|
data={
|
||||||
|
"logs": [],
|
||||||
|
"success": False,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
import_response.is_valid()
|
||||||
file = request.FILES.get("file", None)
|
file = request.FILES.get("file", None)
|
||||||
if not file:
|
if not file:
|
||||||
return HttpResponseBadRequest()
|
return Response(data=import_response.initial_data, status=400)
|
||||||
|
|
||||||
importer = Importer(file.read().decode())
|
importer = Importer(file.read().decode())
|
||||||
valid, _logs = importer.validate()
|
valid, logs = importer.validate()
|
||||||
# TODO: return logs
|
import_response.initial_data["logs"] = [sanitize_dict(log) for log in logs]
|
||||||
|
import_response.initial_data["success"] = valid
|
||||||
|
import_response.is_valid()
|
||||||
if not valid:
|
if not valid:
|
||||||
return HttpResponseBadRequest()
|
return Response(data=import_response.initial_data, status=200)
|
||||||
|
|
||||||
successful = importer.apply()
|
successful = importer.apply()
|
||||||
|
import_response.initial_data["success"] = successful
|
||||||
|
import_response.is_valid()
|
||||||
if not successful:
|
if not successful:
|
||||||
return HttpResponseBadRequest()
|
return Response(data=import_response.initial_data, status=200)
|
||||||
return Response(status=204)
|
return Response(data=import_response.initial_data, status=200)
|
||||||
|
|
||||||
@permission_required(
|
@permission_required(
|
||||||
"authentik_flows.export_flow",
|
"authentik_flows.export_flow",
|
||||||
|
|
32
schema.yml
32
schema.yml
|
@ -7516,9 +7516,9 @@ paths:
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/components/schemas/GenericError'
|
$ref: '#/components/schemas/GenericError'
|
||||||
description: ''
|
description: ''
|
||||||
/flows/instances/import_flow/:
|
/flows/instances/import/:
|
||||||
post:
|
post:
|
||||||
operationId: flows_instances_import_flow_create
|
operationId: flows_instances_import_create
|
||||||
description: Import flow from .yaml file
|
description: Import flow from .yaml file
|
||||||
tags:
|
tags:
|
||||||
- flows
|
- flows
|
||||||
|
@ -7531,9 +7531,17 @@ paths:
|
||||||
- authentik: []
|
- authentik: []
|
||||||
responses:
|
responses:
|
||||||
'204':
|
'204':
|
||||||
description: Successfully imported flow
|
content:
|
||||||
|
application/json:
|
||||||
|
schema:
|
||||||
|
$ref: '#/components/schemas/FlowImportResult'
|
||||||
|
description: ''
|
||||||
'400':
|
'400':
|
||||||
description: Bad request
|
content:
|
||||||
|
application/json:
|
||||||
|
schema:
|
||||||
|
$ref: '#/components/schemas/FlowImportResult'
|
||||||
|
description: ''
|
||||||
'403':
|
'403':
|
||||||
content:
|
content:
|
||||||
application/json:
|
application/json:
|
||||||
|
@ -27610,6 +27618,22 @@ components:
|
||||||
- pending_user_avatar
|
- pending_user_avatar
|
||||||
- request_id
|
- request_id
|
||||||
- type
|
- type
|
||||||
|
FlowImportResult:
|
||||||
|
type: object
|
||||||
|
description: Logs of an attempted flow import
|
||||||
|
properties:
|
||||||
|
logs:
|
||||||
|
type: array
|
||||||
|
items:
|
||||||
|
type: object
|
||||||
|
additionalProperties: {}
|
||||||
|
readOnly: true
|
||||||
|
success:
|
||||||
|
type: boolean
|
||||||
|
readOnly: true
|
||||||
|
required:
|
||||||
|
- logs
|
||||||
|
- success
|
||||||
FlowInspection:
|
FlowInspection:
|
||||||
type: object
|
type: object
|
||||||
description: Serializer for inspect endpoint
|
description: Serializer for inspect endpoint
|
||||||
|
|
|
@ -3,30 +3,103 @@ import { SentryIgnoredError } from "@goauthentik/common/errors";
|
||||||
import { Form } from "@goauthentik/elements/forms/Form";
|
import { Form } from "@goauthentik/elements/forms/Form";
|
||||||
import "@goauthentik/elements/forms/HorizontalFormElement";
|
import "@goauthentik/elements/forms/HorizontalFormElement";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
import { t } from "@lingui/macro";
|
import { t } from "@lingui/macro";
|
||||||
|
|
||||||
import { TemplateResult, html } from "lit";
|
|
||||||
import { customElement } from "lit/decorators.js";
|
|
||||||
|
|
||||||
import { Flow, FlowsApi } from "@goauthentik/api";
|
|
||||||
|
import { CSSResult, TemplateResult, html } from "lit";
|
||||||
|
import { customElement, state } from "lit/decorators.js";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
import { Flow, FlowImportResult, FlowsApi } from "@goauthentik/api";
|
||||||
|
import { PFColor } from "@goauthentik/elements/Label";
|
||||||
|
|
||||||
|
|
||||||
@customElement("ak-flow-import-form")
|
@customElement("ak-flow-import-form")
|
||||||
export class FlowImportForm extends Form<Flow> {
|
export class FlowImportForm extends Form<Flow> {
|
||||||
|
@state()
|
||||||
|
result?: FlowImportResult;
|
||||||
|
|
||||||
getSuccessMessage(): string {
|
getSuccessMessage(): string {
|
||||||
return t`Successfully imported flow.`;
|
return t`Successfully imported flow.`;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static get styles(): CSSResult[] {
|
||||||
|
return super.styles.concat(PFDescriptionList);
|
||||||
|
}
|
||||||
|
|
||||||
// eslint-disable-next-line
|
// eslint-disable-next-line
|
||||||
send = (data: Flow): Promise<void> => {
|
send = (data: Flow): Promise<FlowImportResult> => {
|
||||||
const file = this.getFormFiles()["flow"];
|
const file = this.getFormFiles()["flow"];
|
||||||
if (!file) {
|
if (!file) {
|
||||||
throw new SentryIgnoredError("No form data");
|
throw new SentryIgnoredError("No form data");
|
||||||
}
|
}
|
||||||
return new FlowsApi(DEFAULT_CONFIG).flowsInstancesImportFlowCreate({
|
return new FlowsApi(DEFAULT_CONFIG)
|
||||||
|
.flowsInstancesImportCreate({
|
||||||
file: file,
|
file: file,
|
||||||
|
})
|
||||||
|
.then((result) => {
|
||||||
|
if (!result.success) {
|
||||||
|
this.result = result;
|
||||||
|
throw new SentryIgnoredError("Failed to import flow");
|
||||||
|
}
|
||||||
|
return result;
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
renderResult(): TemplateResult {
|
||||||
|
return html`
|
||||||
|
<ak-form-element-horizontal label=${t`Successful`}>
|
||||||
|
<div class="pf-c-form__group-label">
|
||||||
|
<div class="c-form__horizontal-group">
|
||||||
|
<span class="pf-c-form__label-text">
|
||||||
|
<ak-label color=${this.result?.success ? PFColor.Green : PFColor.Red}>
|
||||||
|
${this.result?.success ? t`Yes` : t`No`}
|
||||||
|
</ak-label>
|
||||||
|
</span>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
<ak-form-element-horizontal label=${t`Log messages`}>
|
||||||
|
<div class="pf-c-form__group-label">
|
||||||
|
<div class="c-form__horizontal-group">
|
||||||
|
<dl class="pf-c-description-list pf-m-horizontal">
|
||||||
|
${(this.result?.logs || []).length > 0
|
||||||
|
? this.result?.logs?.map((m) => {
|
||||||
|
return html`<div class="pf-c-description-list__group">
|
||||||
|
<dt class="pf-c-description-list__term">
|
||||||
|
<span class="pf-c-description-list__text"
|
||||||
|
>${m.log_level}</span
|
||||||
|
>
|
||||||
|
</dt>
|
||||||
|
<dd class="pf-c-description-list__description">
|
||||||
|
<div class="pf-c-description-list__text">
|
||||||
|
${m.event}
|
||||||
|
</div>
|
||||||
|
</dd>
|
||||||
|
</div>`;
|
||||||
|
})
|
||||||
|
: html`<div class="pf-c-description-list__group">
|
||||||
|
<dt class="pf-c-description-list__term">
|
||||||
|
<span class="pf-c-description-list__text"
|
||||||
|
>${t`No log messages.`}</span
|
||||||
|
>
|
||||||
|
</dt>
|
||||||
|
</div>`}
|
||||||
|
</dl>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
`;
|
||||||
|
}
|
||||||
|
|
||||||
renderForm(): TemplateResult {
|
renderForm(): TemplateResult {
|
||||||
return html`<form class="pf-c-form pf-m-horizontal">
|
return html`<form class="pf-c-form pf-m-horizontal">
|
||||||
<ak-form-element-horizontal label=${t`Flow`} name="flow">
|
<ak-form-element-horizontal label=${t`Flow`} name="flow">
|
||||||
|
@ -35,6 +108,7 @@ export class FlowImportForm extends Form<Flow> {
|
||||||
${t`.yaml files, which can be found on goauthentik.io and can be exported by authentik.`}
|
${t`.yaml files, which can be found on goauthentik.io and can be exported by authentik.`}
|
||||||
</p>
|
</p>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
|
${this.result ? this.renderResult() : html``}
|
||||||
</form>`;
|
</form>`;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@ import YAML from "yaml";
|
||||||
import { t } from "@lingui/macro";
|
import { t } from "@lingui/macro";
|
||||||
|
|
||||||
import { CSSResult, TemplateResult, html } from "lit";
|
import { CSSResult, TemplateResult, html } from "lit";
|
||||||
import { customElement, property } from "lit/decorators.js";
|
import { customElement, property, state } from "lit/decorators.js";
|
||||||
import { until } from "lit/directives/until.js";
|
import { until } from "lit/directives/until.js";
|
||||||
|
|
||||||
import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
|
import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
|
||||||
|
@ -28,7 +28,7 @@ export class PolicyTestForm extends Form<PolicyTestRequest> {
|
||||||
@property({ attribute: false })
|
@property({ attribute: false })
|
||||||
policy?: Policy;
|
policy?: Policy;
|
||||||
|
|
||||||
@property({ attribute: false })
|
@state()
|
||||||
result?: PolicyTestResult;
|
result?: PolicyTestResult;
|
||||||
|
|
||||||
@property({ attribute: false })
|
@property({ attribute: false })
|
||||||
|
|
|
@ -22,7 +22,7 @@ export class LoadingOverlay extends AKElement {
|
||||||
justify-content: center;
|
justify-content: center;
|
||||||
align-items: center;
|
align-items: center;
|
||||||
position: absolute;
|
position: absolute;
|
||||||
background-color: var(--pf-global--BackgroundColor--dark-transparent-100);
|
background-color: var(--pf-global--BackgroundColor--dark-transparent-200);
|
||||||
z-index: 1;
|
z-index: 1;
|
||||||
}
|
}
|
||||||
:host([topMost]) {
|
:host([topMost]) {
|
||||||
|
|
Reference in a new issue