diff --git a/Pipfile.lock b/Pipfile.lock index 82f4523ae..f286f2d9b 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -74,18 +74,18 @@ }, "boto3": { "hashes": [ - "sha256:ba8de10d3ede338d51ae47e428b97dcc1d1b507741aa98697e63e879a147f4aa", - "sha256:e3f10ed6d9ca98415fdec15c85e50a89ec38d6229bce3fafd5e7965b16c4ebc5" + "sha256:197926eaf0065c2c503914a15edc75f4ac259c1e5ae6d17eabd1ba5d8ebd1554", + "sha256:d6991e6fd7d0f63bf94282687700a91f5299b807e544cb3367e9b2faeeaf8c62" ], "index": "pypi", - "version": "==1.16.44" + "version": "==1.16.46" }, "botocore": { "hashes": [ - "sha256:4ff05bc089ba78a5996f06dcfddf8ca51583e30ce779ed95e9952e90c1907420", - "sha256:7725e08c95ae96c4dbd955cb4ae44a0c06d3e41f76a7feb0a941c27a44c63113" + "sha256:85ca6915ad5471e7f6cd1b00610b74601d2970cbf8e9b1bf255697154cf621a3", + "sha256:f7d365c689070368a5a0857aa35a81d7c950556189f23065f42798f810a59cae" ], - "version": "==1.19.44" + "version": "==1.19.46" }, "cachetools": { "hashes": [ @@ -1083,11 +1083,11 @@ "standard" ], "hashes": [ - "sha256:6707fa7f4dbd86fd6982a2d4ecdaad2704e4514d23a1e4278104311288b04691", - "sha256:d19ca083bebd212843e01f689900e5c637a292c63bb336c7f0735a99300a5f38" + "sha256:1079c50a06f6338095b4f203e7861dbff318dde5f22f3a324fc6e94c7654164c", + "sha256:ef1e0bb5f7941c6fe324e06443ddac0331e1632a776175f87891c7bd02694355" ], "index": "pypi", - "version": "==0.13.2" + "version": "==0.13.3" }, "uvloop": { "hashes": [ @@ -1741,38 +1741,38 @@ }, "typed-ast": { "hashes": [ - "sha256:0666aa36131496aed8f7be0410ff974562ab7eeac11ef351def9ea6fa28f6355", - "sha256:0c2c07682d61a629b68433afb159376e24e5b2fd4641d35424e462169c0a7919", - "sha256:0d8110d78a5736e16e26213114a38ca35cb15b6515d535413b090bd50951556d", - "sha256:249862707802d40f7f29f6e1aad8d84b5aa9e44552d2cc17384b209f091276aa", - "sha256:24995c843eb0ad11a4527b026b4dde3da70e1f2d8806c99b7b4a7cf491612652", - "sha256:269151951236b0f9a6f04015a9004084a5ab0d5f19b57de779f908621e7d8b75", - "sha256:3742b32cf1c6ef124d57f95be609c473d7ec4c14d0090e5a5e05a15269fb4d0c", - "sha256:4083861b0aa07990b619bd7ddc365eb7fa4b817e99cf5f8d9cf21a42780f6e01", - "sha256:498b0f36cc7054c1fead3d7fc59d2150f4d5c6c56ba7fb150c013fbc683a8d2d", - "sha256:4e3e5da80ccbebfff202a67bf900d081906c358ccc3d5e3c8aea42fdfdfd51c1", - "sha256:6daac9731f172c2a22ade6ed0c00197ee7cc1221aa84cfdf9c31defeb059a907", - "sha256:715ff2f2df46121071622063fc7543d9b1fd19ebfc4f5c8895af64a77a8c852c", - "sha256:73d785a950fc82dd2a25897d525d003f6378d1cb23ab305578394694202a58c3", - "sha256:7e4c9d7658aaa1fc80018593abdf8598bf91325af6af5cce4ce7c73bc45ea53d", - "sha256:8c8aaad94455178e3187ab22c8b01a3837f8ee50e09cf31f1ba129eb293ec30b", - "sha256:8ce678dbaf790dbdb3eba24056d5364fb45944f33553dd5869b7580cdbb83614", - "sha256:92c325624e304ebf0e025d1224b77dd4e6393f18aab8d829b5b7e04afe9b7a2c", - "sha256:aaee9905aee35ba5905cfb3c62f3e83b3bec7b39413f0a7f19be4e547ea01ebb", - "sha256:b52ccf7cfe4ce2a1064b18594381bccf4179c2ecf7f513134ec2f993dd4ab395", - "sha256:bcd3b13b56ea479b3650b82cabd6b5343a625b0ced5429e4ccad28a8973f301b", - "sha256:c9e348e02e4d2b4a8b2eedb48210430658df6951fa484e59de33ff773fbd4b41", - "sha256:d205b1b46085271b4e15f670058ce182bd1199e56b317bf2ec004b6a44f911f6", - "sha256:d43943ef777f9a1c42bf4e552ba23ac77a6351de620aa9acf64ad54933ad4d34", - "sha256:d5d33e9e7af3b34a40dc05f498939f0ebf187f07c385fd58d591c533ad8562fe", - "sha256:d648b8e3bf2fe648745c8ffcee3db3ff903d0817a01a12dd6a6ea7a8f4889072", - "sha256:f208eb7aff048f6bea9586e61af041ddf7f9ade7caed625742af423f6bae3298", - "sha256:fac11badff8313e23717f3dada86a15389d0708275bddf766cca67a84ead3e91", - "sha256:fc0fea399acb12edbf8a628ba8d2312f583bdbdb3335635db062fa98cf71fca4", - "sha256:fcf135e17cc74dbfbc05894ebca928ffeb23d9790b3167a674921db19082401f", - "sha256:fe460b922ec15dd205595c9b5b99e2f056fd98ae8f9f56b888e7a17dc2b757e7" + "sha256:07d49388d5bf7e863f7fa2f124b1b1d89d8aa0e2f7812faff0a5658c01c59aa1", + "sha256:14bf1522cdee369e8f5581238edac09150c765ec1cb33615855889cf33dcb92d", + "sha256:240296b27397e4e37874abb1df2a608a92df85cf3e2a04d0d4d61055c8305ba6", + "sha256:36d829b31ab67d6fcb30e185ec996e1f72b892255a745d3a82138c97d21ed1cd", + "sha256:37f48d46d733d57cc70fd5f30572d11ab8ed92da6e6b28e024e4a3edfb456e37", + "sha256:4c790331247081ea7c632a76d5b2a265e6d325ecd3179d06e9cf8d46d90dd151", + "sha256:5dcfc2e264bd8a1db8b11a892bd1647154ce03eeba94b461effe68790d8b8e07", + "sha256:7147e2a76c75f0f64c4319886e7639e490fee87c9d25cb1d4faef1d8cf83a440", + "sha256:7703620125e4fb79b64aa52427ec192822e9f45d37d4b6625ab37ef403e1df70", + "sha256:8368f83e93c7156ccd40e49a783a6a6850ca25b556c0fa0240ed0f659d2fe496", + "sha256:84aa6223d71012c68d577c83f4e7db50d11d6b1399a9c779046d75e24bed74ea", + "sha256:85f95aa97a35bdb2f2f7d10ec5bbdac0aeb9dafdaf88e17492da0504de2e6400", + "sha256:8db0e856712f79c45956da0c9a40ca4246abc3485ae0d7ecc86a20f5e4c09abc", + "sha256:9044ef2df88d7f33692ae3f18d3be63dec69c4fb1b5a4a9ac950f9b4ba571606", + "sha256:963c80b583b0661918718b095e02303d8078950b26cc00b5e5ea9ababe0de1fc", + "sha256:987f15737aba2ab5f3928c617ccf1ce412e2e321c77ab16ca5a293e7bbffd581", + "sha256:9ec45db0c766f196ae629e509f059ff05fc3148f9ffd28f3cfe75d4afb485412", + "sha256:9fc0b3cb5d1720e7141d103cf4819aea239f7d136acf9ee4a69b047b7986175a", + "sha256:a2c927c49f2029291fbabd673d51a2180038f8cd5a5b2f290f78c4516be48be2", + "sha256:a38878a223bdd37c9709d07cd357bb79f4c760b29210e14ad0fb395294583787", + "sha256:b4fcdcfa302538f70929eb7b392f536a237cbe2ed9cba88e3bf5027b39f5f77f", + "sha256:c0c74e5579af4b977c8b932f40a5464764b2f86681327410aa028a22d2f54937", + "sha256:c1c876fd795b36126f773db9cbb393f19808edd2637e00fd6caba0e25f2c7b64", + "sha256:c9aadc4924d4b5799112837b226160428524a9a45f830e0d0f184b19e4090487", + "sha256:cc7b98bf58167b7f2db91a4327da24fb93368838eb84a44c472283778fc2446b", + "sha256:cf54cfa843f297991b7388c281cb3855d911137223c6b6d2dd82a47ae5125a41", + "sha256:d003156bb6a59cda9050e983441b7fa2487f7800d76bdc065566b7d728b4581a", + "sha256:d175297e9533d8d37437abc14e8a83cbc68af93cc9c1c59c2c292ec59a0697a3", + "sha256:d746a437cdbca200622385305aedd9aef68e8a645e385cc483bdc5e488f07166", + "sha256:e683e409e5c45d5c9082dc1daf13f6374300806240719f95dc783d1fc942af10" ], - "version": "==1.4.1" + "version": "==1.4.2" }, "typing-extensions": { "hashes": [ diff --git a/SECURITY.md b/SECURITY.md index baa74fc1c..ba8649880 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,9 +6,9 @@ As authentik is currently in a pre-stable, only the latest "stable" version is s | Version | Supported | | -------- | ------------------ | -| 0.11.x | :white_check_mark: | | 0.12.x | :white_check_mark: | | 0.13.x | :white_check_mark: | +| 0.14.x | :white_check_mark: | ## Reporting a Vulnerability diff --git a/authentik/admin/views/applications.py b/authentik/admin/views/applications.py index 01fe243de..1f294af8f 100644 --- a/authentik/admin/views/applications.py +++ b/authentik/admin/views/applications.py @@ -29,7 +29,7 @@ class ApplicationCreateView( permission_required = "authentik_core.add_application" template_name = "generic/create.html" - success_url = reverse_lazy("authentik_admin:applications") + success_url = reverse_lazy("authentik_core:shell") success_message = _("Successfully created Application") @@ -47,7 +47,7 @@ class ApplicationUpdateView( permission_required = "authentik_core.change_application" template_name = "generic/update.html" - success_url = reverse_lazy("authentik_admin:applications") + success_url = reverse_lazy("authentik_core:shell") success_message = _("Successfully updated Application") @@ -60,5 +60,5 @@ class ApplicationDeleteView( permission_required = "authentik_core.delete_application" template_name = "generic/delete.html" - success_url = reverse_lazy("authentik_admin:applications") + success_url = reverse_lazy("authentik_core:shell") success_message = _("Successfully deleted Application") diff --git a/authentik/events/utils.py b/authentik/events/utils.py index 599b04ce9..080acf3c1 100644 --- a/authentik/events/utils.py +++ b/authentik/events/utils.py @@ -11,6 +11,7 @@ from django.views.debug import SafeExceptionReporterFilter from guardian.utils import get_anonymous_user from authentik.core.models import User +from authentik.policies.types import PolicyRequest # Special keys which are *not* cleaned, even when the default filter # is matched @@ -74,6 +75,11 @@ def sanitize_dict(source: Dict[Any, Any]) -> Dict[Any, Any]: final_dict = {} for key, value in source.items(): if is_dataclass(value): + # Because asdict calls `copy.deepcopy(obj)` on everything thats not tuple/dict, + # and deepcopy doesn't work with HttpRequests (neither django nor rest_framework). + # Currently, the only dataclass that actually holds an http request is a PolicyRequest + if isinstance(value, PolicyRequest): + value.http_request = None value = asdict(value) if isinstance(value, dict): final_dict[key] = sanitize_dict(value) diff --git a/authentik/policies/engine.py b/authentik/policies/engine.py index d15852a84..95deb52ef 100644 --- a/authentik/policies/engine.py +++ b/authentik/policies/engine.py @@ -56,6 +56,7 @@ class PolicyEngine: raise ValueError(f"{pbm} is not instance of PolicyBindingModel") self.__pbm = pbm self.request = PolicyRequest(user) + self.request.obj = pbm if request: self.request.http_request = request self.__cached_policies = [] diff --git a/authentik/policies/process.py b/authentik/policies/process.py index c26b63c5d..910fff004 100644 --- a/authentik/policies/process.py +++ b/authentik/policies/process.py @@ -93,4 +93,8 @@ class PolicyProcess(Process): span: Span span.set_data("policy", self.binding.policy) span.set_data("request", self.request) - self.connection.send(self.execute()) + try: + self.connection.send(self.execute()) + except Exception as exc: # pylint: disable=broad-except + LOGGER.warning(exc) + self.connection.send(PolicyResult(False, str(exc))) diff --git a/authentik/providers/saml/forms.py b/authentik/providers/saml/forms.py index 437d0898b..9518f6494 100644 --- a/authentik/providers/saml/forms.py +++ b/authentik/providers/saml/forms.py @@ -36,17 +36,17 @@ class SAMLProviderForm(forms.ModelForm): "name", "authorization_flow", "acs_url", - "audience", "issuer", "sp_binding", + "audience", + "signing_kp", + "verification_kp", + "property_mappings", "assertion_valid_not_before", "assertion_valid_not_on_or_after", "session_valid_not_on_or_after", "digest_algorithm", "signature_algorithm", - "signing_kp", - "verification_kp", - "property_mappings", ] widgets = { "name": forms.TextInput(), @@ -94,6 +94,9 @@ class SAMLProviderImportForm(forms.Form): """Create a SAML Provider from SP Metadata.""" provider_name = forms.CharField() + authorization_flow = forms.ModelChoiceField( + queryset=Flow.objects.filter(designation=FlowDesignation.AUTHORIZATION) + ) metadata = forms.FileField( validators=[FileExtensionValidator(allowed_extensions=["xml"])] ) diff --git a/authentik/providers/saml/migrations/0010_auto_20201230_2112.py b/authentik/providers/saml/migrations/0010_auto_20201230_2112.py new file mode 100644 index 000000000..353bb0798 --- /dev/null +++ b/authentik/providers/saml/migrations/0010_auto_20201230_2112.py @@ -0,0 +1,22 @@ +# Generated by Django 3.1.4 on 2020-12-30 21:12 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("authentik_providers_saml", "0009_auto_20201112_2016"), + ] + + operations = [ + migrations.AlterField( + model_name="samlprovider", + name="audience", + field=models.TextField( + blank=True, + default="", + help_text="Value of the audience restriction field of the asseration. When left empty, no audience restriction will be added.", + ), + ), + ] diff --git a/authentik/providers/saml/models.py b/authentik/providers/saml/models.py index 5fe37d055..fedf183de 100644 --- a/authentik/providers/saml/models.py +++ b/authentik/providers/saml/models.py @@ -42,7 +42,13 @@ class SAMLProvider(Provider): acs_url = models.URLField(verbose_name=_("ACS URL")) audience = models.TextField( default="", - help_text=_("Value of the audience restriction field of the asseration."), + blank=True, + help_text=_( + ( + "Value of the audience restriction field of the asseration. When left empty, " + "no audience restriction will be added." + ) + ), ) issuer = models.TextField( help_text=_("Also known as EntityID"), default="authentik" diff --git a/authentik/providers/saml/processors/assertion.py b/authentik/providers/saml/processors/assertion.py index 6cba0b283..0540f18d1 100644 --- a/authentik/providers/saml/processors/assertion.py +++ b/authentik/providers/saml/processors/assertion.py @@ -127,11 +127,14 @@ class AssertionProcessor: conditions = Element(f"{{{NS_SAML_ASSERTION}}}Conditions") conditions.attrib["NotBefore"] = self._valid_not_before conditions.attrib["NotOnOrAfter"] = self._valid_not_on_or_after - audience_restriction = SubElement( - conditions, f"{{{NS_SAML_ASSERTION}}}AudienceRestriction" - ) - audience = SubElement(audience_restriction, f"{{{NS_SAML_ASSERTION}}}Audience") - audience.text = self.provider.audience + if self.provider.audience != "": + audience_restriction = SubElement( + conditions, f"{{{NS_SAML_ASSERTION}}}AudienceRestriction" + ) + audience = SubElement( + audience_restriction, f"{{{NS_SAML_ASSERTION}}}Audience" + ) + audience.text = self.provider.audience return conditions def get_name_id(self) -> Element: diff --git a/authentik/providers/saml/processors/metadata_parser.py b/authentik/providers/saml/processors/metadata_parser.py index b4721233d..9e32ccf8c 100644 --- a/authentik/providers/saml/processors/metadata_parser.py +++ b/authentik/providers/saml/processors/metadata_parser.py @@ -5,6 +5,7 @@ from typing import Optional import xmlsec from cryptography.hazmat.backends import default_backend from cryptography.x509 import load_pem_x509_certificate +from defusedxml.lxml import fromstring from lxml import etree # nosec from structlog import get_logger @@ -23,6 +24,8 @@ LOGGER = get_logger() def format_pem_certificate(unformatted_cert: str) -> str: """Format single, inline certificate into PEM Format""" + # Ensure that all linebreaks are gone + unformatted_cert = unformatted_cert.replace("\n", "") chunks, chunk_size = len(unformatted_cert), 64 lines = [PEM_HEADER] for i in range(0, chunks, chunk_size): @@ -52,10 +55,14 @@ class ServiceProviderMetadata: provider.issuer = self.entity_id provider.sp_binding = self.acs_binding provider.acs_url = self.acs_location - if self.signing_keypair: + if self.signing_keypair and self.auth_n_request_signed: self.signing_keypair.name = f"Provider {name} - SAML Signing Certificate" self.signing_keypair.save() - provider.signing_kp = self.signing_keypair + provider.verification_kp = self.signing_keypair + if self.assertion_signed: + provider.signing_kp = CertificateKeyPair.objects.exclude( + key_data__iexact="" + ).first() return provider @@ -104,7 +111,7 @@ class ServiceProviderMetadataParser: def parse(self, raw_xml: str) -> ServiceProviderMetadata: """Parse raw XML to ServiceProviderMetadata""" - root = etree.fromstring(raw_xml) # nosec + root = fromstring(raw_xml.encode()) entity_id = root.attrib["entityID"] sp_sso_descriptors = root.findall(f"{{{NS_SAML_METADATA}}}SPSSODescriptor") diff --git a/authentik/providers/saml/tests/test_metadata.py b/authentik/providers/saml/tests/test_metadata.py index 29e403e50..bb50901cb 100644 --- a/authentik/providers/saml/tests/test_metadata.py +++ b/authentik/providers/saml/tests/test_metadata.py @@ -84,7 +84,9 @@ class TestServiceProviderMetadataParser(TestCase): provider.issuer, "http://localhost:8080/apps/user_saml/saml/metadata" ) self.assertEqual(provider.sp_binding, SAMLBindings.POST) - self.assertEqual(provider.signing_kp.certificate_data, CERT) + self.assertEqual(provider.verification_kp.certificate_data, CERT) + self.assertIsNotNone(provider.signing_kp) + self.assertEqual(provider.audience, "") def test_with_signing_cert_invalid_signature(self): """Test Metadata with signing cert (invalid signature)""" diff --git a/authentik/providers/saml/views.py b/authentik/providers/saml/views.py index 1749e8d00..57cf0d9a8 100644 --- a/authentik/providers/saml/views.py +++ b/authentik/providers/saml/views.py @@ -270,8 +270,14 @@ class MetadataImportView(LoginRequiredMixin, FormView): form.cleaned_data["metadata"].read().decode() ) provider = metadata.to_provider(form.cleaned_data["provider_name"]) + provider.authorization_flow = form.cleaned_data["authorization_flow"] provider.save() messages.success(self.request, _("Successfully created Provider")) - except ValueError: - messages.error(self.request, _("Failed to import Metadata.")) + except ValueError as exc: + LOGGER.warning(exc) + messages.error( + self.request, + _("Failed to import Metadata: %(message)s" % {"message": str(exc)}), + ) + return super().form_invalid(form) return super().form_valid(form) diff --git a/swagger.yaml b/swagger.yaml index a577d2f9a..adbc2e5a2 100755 --- a/swagger.yaml +++ b/swagger.yaml @@ -8004,9 +8004,9 @@ definitions: minLength: 1 audience: title: Audience - description: Value of the audience restriction field of the asseration. + description: Value of the audience restriction field of the asseration. When + left empty, no audience restriction will be added. type: string - minLength: 1 issuer: title: Issuer description: Also known as EntityID diff --git a/web/package-lock.json b/web/package-lock.json index fa5f898f8..92ecdc4a5 100644 --- a/web/package-lock.json +++ b/web/package-lock.json @@ -968,9 +968,9 @@ "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" }, "construct-style-sheets-polyfill": { - "version": "2.4.3", - "resolved": "https://registry.npmjs.org/construct-style-sheets-polyfill/-/construct-style-sheets-polyfill-2.4.3.tgz", - "integrity": "sha512-ECo96zFPsdghrMJmJ0vomcHsqLOIYpudobcNCIPeMubyFzBcLCfljuY0oFA3DD7btiFqB0sZ+0szbsiE8I24VA==" + "version": "2.4.6", + "resolved": "https://registry.npmjs.org/construct-style-sheets-polyfill/-/construct-style-sheets-polyfill-2.4.6.tgz", + "integrity": "sha512-lU0to7dFDjKslMF+M5NUa4s0RQMBRVyZMXvD/vp7vmjdEPgziTkHSfZHQxfoIvVWajWRJUVJMLfrMwcx8fTh4A==" }, "copy-descriptor": { "version": "0.1.1", diff --git a/web/package.json b/web/package.json index 1923b1899..1307799e9 100644 --- a/web/package.json +++ b/web/package.json @@ -15,7 +15,7 @@ "@types/codemirror": "0.0.103", "chart.js": "^2.9.4", "codemirror": "^5.59.0", - "construct-style-sheets-polyfill": "^2.4.3", + "construct-style-sheets-polyfill": "^2.4.6", "flowchart.js": "^1.15.0", "lit-element": "^2.4.0", "lit-html": "^1.3.0", diff --git a/web/src/api/Events.ts b/web/src/api/Events.ts index b0b08fd65..78fcb63e0 100644 --- a/web/src/api/Events.ts +++ b/web/src/api/Events.ts @@ -8,7 +8,7 @@ export interface EventUser { } export interface EventContext { - [key: string]: EventContext | string | number; + [key: string]: EventContext | string | number | string[]; } export class Event { diff --git a/web/src/authentik.css b/web/src/authentik.css index e40f50458..b8a21648d 100644 --- a/web/src/authentik.css +++ b/web/src/authentik.css @@ -137,6 +137,9 @@ select[multiple] { --pf-c-table--cell--Color: var(--ak-dark-foreground); } .pf-c-table__text { + color: var(--ak-dark-foreground); + } + .pf-c-table__sort:not(.pf-m-selected) .pf-c-table__button .pf-c-table__text { color: var(--ak-dark-foreground) !important; } .pf-c-table__sort-indicator i { diff --git a/web/src/interfaces/AdminInterface.ts b/web/src/interfaces/AdminInterface.ts index f4d7cedf3..3b88acc44 100644 --- a/web/src/interfaces/AdminInterface.ts +++ b/web/src/interfaces/AdminInterface.ts @@ -15,10 +15,10 @@ export const SIDEBAR_ITEMS: SidebarItem[] = [ }), new SidebarItem("Administration").children( new SidebarItem("Applications", "/applications").activeWhen( - `^/applications/(?${SLUG_REGEX})/$` + `^/applications/(?${SLUG_REGEX})$` ), new SidebarItem("Sources", "/administration/sources/").activeWhen( - `^/sources/(?${SLUG_REGEX})/$`, + `^/sources/(?${SLUG_REGEX})$`, ), new SidebarItem("Providers", "/administration/providers/"), new SidebarItem("Outposts", "/administration/outposts/"), diff --git a/web/src/interfaces/Interface.ts b/web/src/interfaces/Interface.ts index 80ffd5189..aac203f8b 100644 --- a/web/src/interfaces/Interface.ts +++ b/web/src/interfaces/Interface.ts @@ -8,7 +8,7 @@ import "../elements/sidebar/SidebarHamburger"; export abstract class Interface extends LitElement { @property({type: Boolean}) - sidebarOpen?: boolean; + sidebarOpen = true; abstract get sidebar(): SidebarItem[]; diff --git a/web/src/pages/applications/ApplicationListPage.ts b/web/src/pages/applications/ApplicationListPage.ts index e1fd22e69..3d0927bb3 100644 --- a/web/src/pages/applications/ApplicationListPage.ts +++ b/web/src/pages/applications/ApplicationListPage.ts @@ -51,7 +51,7 @@ export class ApplicationListPage extends TablePage { ${item.meta_icon ? html`${gettext(` : html``}`, - html` + html`
${item.name}
diff --git a/web/src/pages/events/EventInfo.ts b/web/src/pages/events/EventInfo.ts index 78d555028..ba093252f 100644 --- a/web/src/pages/events/EventInfo.ts +++ b/web/src/pages/events/EventInfo.ts @@ -94,6 +94,29 @@ export class EventInfo extends LitElement { ${this.event.context.expression} `; + case "policy_execution": + return html`
+
+

${gettext("Request")}

+
    +
  • ${gettext("Object")}: ${(this.event.context.request as EventContext).obj as string}
    • +
  • ${gettext("Context")}: ${JSON.stringify((this.event.context.request as EventContext).context)}
    • +
+
+
+

${gettext("Result")}

+
    +
  • ${gettext("Passing")}: ${(this.event.context.result as EventContext).passing}
    • +
  • ${gettext("Messages")}: +
      + ${((this.event.context.result as EventContext).messages as string[]).map(msg => { + return html`
    • ${msg}
      • `; + })} +
    +
    • +
+
+
`; case "configuration_error": return html`

${this.event.context.message}

`; case "update_available": diff --git a/web/src/pages/generic/SiteShell.ts b/web/src/pages/generic/SiteShell.ts index 8c42d3a6e..cdf59c605 100644 --- a/web/src/pages/generic/SiteShell.ts +++ b/web/src/pages/generic/SiteShell.ts @@ -30,6 +30,12 @@ export class SiteShell extends LitElement { ::slotted(*) { height: 100%; } + .pf-l-bullseye { + position: absolute; + top: 0; + left: 0; + width: 100%; + } `, BackdropStyle, BullseyeStyle,