outposts: add repair_permissions command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
45d47f828a
commit
12e2f7b945
|
@ -0,0 +1,15 @@
|
|||
"""Repair missing permissions"""
|
||||
from django.core.management.base import BaseCommand, no_translations
|
||||
from django.apps import apps
|
||||
from django.contrib.auth.management import create_permissions
|
||||
|
||||
|
||||
class Command(BaseCommand): # pragma: no cover
|
||||
"""Repair missing permissions"""
|
||||
|
||||
@no_translations
|
||||
def handle(self, *args, **options):
|
||||
"""Check permissions for all apps"""
|
||||
for app in apps.get_app_configs():
|
||||
self.stdout.write(f"Checking app {app.name} ({app.label})\n")
|
||||
create_permissions(app, verbosity=0)
|
|
@ -371,7 +371,11 @@ class Outpost(ManagedModel):
|
|||
)
|
||||
Event.new(
|
||||
action=EventAction.SYSTEM_EXCEPTION,
|
||||
message=exception_to_string(exc),
|
||||
message=(
|
||||
"While setting the permissions for the service-account, a permission "
|
||||
"was not found: "
|
||||
"Check https://goauthentik.io/docs/troubleshooting/missing_permission"
|
||||
) + exception_to_string(exc),
|
||||
).set_user(user).save()
|
||||
else:
|
||||
app_label, perm = model_or_perm.split(".")
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
title: Missing Permissions system_exception events
|
||||
---
|
||||
|
||||
This error can occur during initial setup, when authentik bootstraps the embedded Outpost, while the database migrations are not finished yet.
|
||||
|
||||
The error should be temporary and not occur after initial installation.
|
||||
|
||||
If it does, you can run the following command to ensure all permissions exist:
|
||||
|
||||
```
|
||||
docker-compose run --rm worker repair_permissions
|
||||
# Or for kubernetes
|
||||
kubectl exec -it authentik-worker-.... -- ak repair_permissions
|
||||
```
|
||||
|
||||
If the error persists after running this command, please open an Issue on [GitHub](https://github.com/goauthentik/authentik/issues/)
|
|
@ -204,6 +204,7 @@ module.exports = {
|
|||
"troubleshooting/emails",
|
||||
"troubleshooting/login",
|
||||
"troubleshooting/image_upload_backup",
|
||||
"troubleshooting/missing_permission",
|
||||
],
|
||||
},
|
||||
],
|
||||
|
|
Reference in New Issue