flows: improved import (#3807)

* return logs when importing flow Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * improve error handling, show logs Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-18 22:01:42 +02:00 · 2022-10-18 22:01:42 +02:00 · 0efee2a660
parent b85be12567
commit 0efee2a660
7 changed files with 153 additions and 25 deletions
--- a/authentik/blueprints/v1/importer.py
+++ b/authentik/blueprints/v1/importer.py
@ -187,7 +187,10 @@ class Importer:
            if "pk" in updated_identifiers:
                model_instance.pk = updated_identifiers["pk"]
            serializer_kwargs["instance"] = model_instance
-        full_data = self.__update_pks_for_attrs(entry.get_attrs(self.__import))
+        try:
            full_data = self.__update_pks_for_attrs(entry.get_attrs(self.__import))
        except ValueError as exc:
            raise EntryInvalidError(exc) from exc
        full_data.update(updated_identifiers)
        serializer_kwargs["data"] = full_data
--- a/authentik/events/utils.py
+++ b/authentik/events/utils.py
@ -14,6 +14,7 @@ from django.views.debug import SafeExceptionReporterFilter
 from geoip2.models import City
 from guardian.utils import get_anonymous_user
 from authentik.blueprints.v1.common import YAMLTag
 from authentik.core.models import User
 from authentik.events.geo import GEOIP_READER
 from authentik.policies.types import PolicyRequest
@ -111,6 +112,10 @@ def sanitize_item(value: Any) -> Any:
        return GEOIP_READER.city_to_dict(value)
    if isinstance(value, Path):
        return str(value)
    if isinstance(value, Exception):
        return str(value)
    if isinstance(value, YAMLTag):
        return str(value)
    if isinstance(value, type):
        return {
            "type": value.__name__,
--- a/authentik/flows/api/flows.py
+++ b/authentik/flows/api/flows.py
@ -7,7 +7,7 @@ from django.utils.translation import gettext as _
 from drf_spectacular.types import OpenApiTypes
 from drf_spectacular.utils import OpenApiResponse, extend_schema
 from rest_framework.decorators import action
-from rest_framework.fields import ReadOnlyField
+from rest_framework.fields import BooleanField, DictField, ListField, ReadOnlyField
 from rest_framework.parsers import MultiPartParser
 from rest_framework.request import Request
 from rest_framework.response import Response
@ -24,7 +24,9 @@ from authentik.core.api.utils import (
    FilePathSerializer,
    FileUploadSerializer,
    LinkSerializer,
    PassiveSerializer,
 )
 from authentik.events.utils import sanitize_dict
 from authentik.flows.api.flows_diagram import FlowDiagram, FlowDiagramSerializer
 from authentik.flows.exceptions import FlowNonApplicableException
 from authentik.flows.models import Flow
@ -77,6 +79,13 @@ class FlowSerializer(ModelSerializer):
        }
 class FlowImportResultSerializer(PassiveSerializer):
    """Logs of an attempted flow import"""
    logs = ListField(child=DictField(), read_only=True)
    success = BooleanField(read_only=True)
 class FlowViewSet(UsedByMixin, ModelViewSet):
    """Flow Viewset"""
@ -130,25 +139,38 @@ class FlowViewSet(UsedByMixin, ModelViewSet):
    @extend_schema(
        request={"multipart/form-data": FileUploadSerializer},
        responses={
-            204: OpenApiResponse(description="Successfully imported flow"),
+            204: FlowImportResultSerializer,
-            400: OpenApiResponse(description="Bad request"),
+            400: FlowImportResultSerializer,
        },
    )
-    @action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,))
+    @action(url_path="import", detail=False, methods=["POST"], parser_classes=(MultiPartParser,))
    def import_flow(self, request: Request) -> Response:
        """Import flow from .yaml file"""
        import_response = FlowImportResultSerializer(
            data={
                "logs": [],
                "success": False,
            }
        )
        import_response.is_valid()
        file = request.FILES.get("file", None)
        if not file:
-            return HttpResponseBadRequest()
+            return Response(data=import_response.initial_data, status=400)
        importer = Importer(file.read().decode())
-        valid, _logs = importer.validate()
+        valid, logs = importer.validate()
-        # TODO: return logs
+        import_response.initial_data["logs"] = [sanitize_dict(log) for log in logs]
        import_response.initial_data["success"] = valid
        import_response.is_valid()
        if not valid:
-            return HttpResponseBadRequest()
+            return Response(data=import_response.initial_data, status=200)
        successful = importer.apply()
        import_response.initial_data["success"] = successful
        import_response.is_valid()
        if not successful:
-            return HttpResponseBadRequest()
+            return Response(data=import_response.initial_data, status=200)
-        return Response(status=204)
+        return Response(data=import_response.initial_data, status=200)
    @permission_required(
        "authentik_flows.export_flow",
--- a/schema.yml
+++ b/schema.yml
@ -7516,9 +7516,9 @@ paths:
              schema:
                $ref: '#/components/schemas/GenericError'
          description: ''
-  /flows/instances/import_flow/:
+  /flows/instances/import/:
    post:
-      operationId: flows_instances_import_flow_create
+      operationId: flows_instances_import_create
      description: Import flow from .yaml file
      tags:
      - flows
@ -7531,9 +7531,17 @@ paths:
      - authentik: []
      responses:
        '204':
-          description: Successfully imported flow
+          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowImportResult'
          description: ''
        '400':
-          description: Bad request
+          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FlowImportResult'
          description: ''
        '403':
          content:
            application/json:
@ -27610,6 +27618,22 @@ components:
      - pending_user_avatar
      - request_id
      - type
    FlowImportResult:
      type: object
      description: Logs of an attempted flow import
      properties:
        logs:
          type: array
          items:
            type: object
            additionalProperties: {}
          readOnly: true
        success:
          type: boolean
          readOnly: true
      required:
      - logs
      - success
    FlowInspection:
      type: object
      description: Serializer for inspect endpoint
--- a/web/src/admin/flows/FlowImportForm.ts
+++ b/web/src/admin/flows/FlowImportForm.ts
@ -3,30 +3,103 @@ import { SentryIgnoredError } from "@goauthentik/common/errors";
 import { Form } from "@goauthentik/elements/forms/Form";
 import "@goauthentik/elements/forms/HorizontalFormElement";
 import { t } from "@lingui/macro";
 import { TemplateResult, html } from "lit";
 import { customElement } from "lit/decorators.js";
-import { Flow, FlowsApi } from "@goauthentik/api";
+
 import { CSSResult, TemplateResult, html } from "lit";
 import { customElement, state } from "lit/decorators.js";
 import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
 import { Flow, FlowImportResult, FlowsApi } from "@goauthentik/api";
 import { PFColor } from "@goauthentik/elements/Label";
@customElement("ak-flow-import-form")
 export class FlowImportForm extends Form<Flow> {
    @state()
    result?: FlowImportResult;
    getSuccessMessage(): string {
        return t`Successfully imported flow.`;
    }
    static get styles(): CSSResult[] {
        return super.styles.concat(PFDescriptionList);
    }
    // eslint-disable-next-line
-    send = (data: Flow): Promise<void> => {
+    send = (data: Flow): Promise<FlowImportResult> => {
        const file = this.getFormFiles()["flow"];
        if (!file) {
            throw new SentryIgnoredError("No form data");
        }
-        return new FlowsApi(DEFAULT_CONFIG).flowsInstancesImportFlowCreate({
+        return new FlowsApi(DEFAULT_CONFIG)
-            file: file,
+            .flowsInstancesImportCreate({
-        });
+                file: file,
            })
            .then((result) => {
                if (!result.success) {
                    this.result = result;
                    throw new SentryIgnoredError("Failed to import flow");
                }
                return result;
            });
    };
    renderResult(): TemplateResult {
        return html`
            <ak-form-element-horizontal label=${t`Successful`}>
                <div class="pf-c-form__group-label">
                    <div class="c-form__horizontal-group">
                        <span class="pf-c-form__label-text">
                            <ak-label color=${this.result?.success ? PFColor.Green : PFColor.Red}>
                                ${this.result?.success ? t`Yes` : t`No`}
                            </ak-label>
                        </span>
                    </div>
                </div>
            </ak-form-element-horizontal>
            <ak-form-element-horizontal label=${t`Log messages`}>
                <div class="pf-c-form__group-label">
                    <div class="c-form__horizontal-group">
                        <dl class="pf-c-description-list pf-m-horizontal">
                            ${(this.result?.logs || []).length > 0
                                ? this.result?.logs?.map((m) => {
                                      return html`<div class="pf-c-description-list__group">
                                          <dt class="pf-c-description-list__term">
                                              <span class="pf-c-description-list__text"
                                                  >${m.log_level}</span
                                              >
                                          </dt>
                                          <dd class="pf-c-description-list__description">
                                              <div class="pf-c-description-list__text">
                                                  ${m.event}
                                              </div>
                                          </dd>
                                      </div>`;
                                  })
                                : html`<div class="pf-c-description-list__group">
                                      <dt class="pf-c-description-list__term">
                                          <span class="pf-c-description-list__text"
                                              >${t`No log messages.`}</span
                                          >
                                      </dt>
                                  </div>`}
                        </dl>
                    </div>
                </div>
            </ak-form-element-horizontal>
        `;
    }
    renderForm(): TemplateResult {
        return html`<form class="pf-c-form pf-m-horizontal">
            <ak-form-element-horizontal label=${t`Flow`} name="flow">
@ -35,6 +108,7 @@ export class FlowImportForm extends Form<Flow> {
                    ${t`.yaml files, which can be found on goauthentik.io and can be exported by authentik.`}
                </p>
            </ak-form-element-horizontal>
            ${this.result ? this.renderResult() : html``}
        </form>`;
    }
 }
--- a/web/src/admin/policies/PolicyTestForm.ts
+++ b/web/src/admin/policies/PolicyTestForm.ts
@ -10,7 +10,7 @@ import YAML from "yaml";
 import { t } from "@lingui/macro";
 import { CSSResult, TemplateResult, html } from "lit";
-import { customElement, property } from "lit/decorators.js";
+import { customElement, property, state } from "lit/decorators.js";
 import { until } from "lit/directives/until.js";
 import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
@ -28,7 +28,7 @@ export class PolicyTestForm extends Form<PolicyTestRequest> {
    @property({ attribute: false })
    policy?: Policy;
-    @property({ attribute: false })
+    @state()
    result?: PolicyTestResult;
    @property({ attribute: false })
--- a/web/src/elements/LoadingOverlay.ts
+++ b/web/src/elements/LoadingOverlay.ts
@ -22,7 +22,7 @@ export class LoadingOverlay extends AKElement {
                    justify-content: center;
                    align-items: center;
                    position: absolute;
-                    background-color: var(--pf-global--BackgroundColor--dark-transparent-100);
+                    background-color: var(--pf-global--BackgroundColor--dark-transparent-200);
                    z-index: 1;
                }
                :host([topMost]) {