core: bump black from 22.12.0 to 23.1.0 (#4584)
* core: bump black from 22.12.0 to 23.1.0 Bumps [black](https://github.com/psf/black) from 22.12.0 to 23.1.0. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/22.12.0...23.1.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * re-format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
456da49f36
commit
18cfe67719
|
@ -58,7 +58,6 @@ class BlueprintInstanceSerializer(ModelSerializer):
|
||||||
return super().validate(attrs)
|
return super().validate(attrs)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = BlueprintInstance
|
model = BlueprintInstance
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -71,7 +71,6 @@ def migration_blueprint_import(apps: Apps, schema_editor: BaseDatabaseSchemaEdit
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [("authentik_flows", "0001_initial")]
|
dependencies = [("authentik_flows", "0001_initial")]
|
||||||
|
@ -86,7 +85,12 @@ class Migration(migrations.Migration):
|
||||||
"managed",
|
"managed",
|
||||||
models.TextField(
|
models.TextField(
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
|
help_text=(
|
||||||
|
"Objects which are managed by authentik. These objects are created and"
|
||||||
|
" updated automatically. This is flag only indicates that an object can"
|
||||||
|
" be overwritten by migrations. You can still modify the objects via"
|
||||||
|
" the API, but expect changes to be overwritten in a later update."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
unique=True,
|
unique=True,
|
||||||
verbose_name="Managed by authentik",
|
verbose_name="Managed by authentik",
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_blueprints", "0001_initial"),
|
("authentik_blueprints", "0001_initial"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -29,18 +29,15 @@ class ManagedModel(models.Model):
|
||||||
null=True,
|
null=True,
|
||||||
verbose_name=_("Managed by authentik"),
|
verbose_name=_("Managed by authentik"),
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Objects which are managed by authentik. These objects are created and updated "
|
||||||
"Objects which are managed by authentik. These objects are created and updated "
|
"automatically. This is flag only indicates that an object can be overwritten by "
|
||||||
"automatically. This is flag only indicates that an object can be overwritten by "
|
"migrations. You can still modify the objects via the API, but expect changes "
|
||||||
"migrations. You can still modify the objects via the API, but expect changes "
|
"to be overwritten in a later update."
|
||||||
"to be overwritten in a later update."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
unique=True,
|
unique=True,
|
||||||
)
|
)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
abstract = True
|
abstract = True
|
||||||
|
|
||||||
|
|
||||||
|
@ -109,7 +106,6 @@ class BlueprintInstance(SerializerModel, ManagedModel, CreatedUpdatedModel):
|
||||||
return f"Blueprint Instance {self.name}"
|
return f"Blueprint Instance {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Blueprint Instance")
|
verbose_name = _("Blueprint Instance")
|
||||||
verbose_name_plural = _("Blueprint Instances")
|
verbose_name_plural = _("Blueprint Instances")
|
||||||
unique_together = (
|
unique_together = (
|
||||||
|
|
|
@ -24,18 +24,14 @@ class TestBlueprintsV1(TransactionTestCase):
|
||||||
importer = Importer('{"version": 3}')
|
importer = Importer('{"version": 3}')
|
||||||
self.assertFalse(importer.validate()[0])
|
self.assertFalse(importer.validate()[0])
|
||||||
importer = Importer(
|
importer = Importer(
|
||||||
(
|
'{"version": 1,"entries":[{"identifiers":{},"attrs":{},'
|
||||||
'{"version": 1,"entries":[{"identifiers":{},"attrs":{},'
|
'"model": "authentik_core.User"}]}'
|
||||||
'"model": "authentik_core.User"}]}'
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
self.assertFalse(importer.validate()[0])
|
self.assertFalse(importer.validate()[0])
|
||||||
importer = Importer(
|
importer = Importer(
|
||||||
(
|
'{"version": 1, "entries": [{"attrs": {"name": "test"}, '
|
||||||
'{"version": 1, "entries": [{"attrs": {"name": "test"}, '
|
'"identifiers": {}, '
|
||||||
'"identifiers": {}, '
|
'"model": "authentik_core.Group"}]}'
|
||||||
'"model": "authentik_core.Group"}]}'
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
self.assertFalse(importer.validate()[0])
|
self.assertFalse(importer.validate()[0])
|
||||||
|
|
||||||
|
@ -59,11 +55,9 @@ class TestBlueprintsV1(TransactionTestCase):
|
||||||
)
|
)
|
||||||
|
|
||||||
importer = Importer(
|
importer = Importer(
|
||||||
(
|
'{"version": 1, "entries": [{"attrs": {"name": "test999", "attributes": '
|
||||||
'{"version": 1, "entries": [{"attrs": {"name": "test999", "attributes": '
|
'{"key": ["updated_value"]}}, "identifiers": {"attributes": {"other_key": '
|
||||||
'{"key": ["updated_value"]}}, "identifiers": {"attributes": {"other_key": '
|
'["other_value"]}}, "model": "authentik_core.Group"}]}'
|
||||||
'["other_value"]}}, "model": "authentik_core.Group"}]}'
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
self.assertTrue(importer.validate()[0])
|
self.assertTrue(importer.validate()[0])
|
||||||
self.assertTrue(importer.apply())
|
self.assertTrue(importer.apply())
|
||||||
|
|
|
@ -56,5 +56,4 @@ class MetaApplyBlueprint(BaseMetaModel):
|
||||||
return ApplyBlueprintMetaSerializer
|
return ApplyBlueprintMetaSerializer
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
abstract = True
|
abstract = True
|
||||||
|
|
|
@ -14,7 +14,6 @@ class BaseMetaModel(Model):
|
||||||
raise NotImplementedError
|
raise NotImplementedError
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
abstract = True
|
abstract = True
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -63,7 +63,6 @@ class ApplicationSerializer(ModelSerializer):
|
||||||
return app.get_launch_url(user)
|
return app.get_launch_url(user)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Application
|
model = Application
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -74,7 +74,6 @@ class AuthenticatedSessionSerializer(ModelSerializer):
|
||||||
return GEOIP_READER.city_dict(instance.last_ip)
|
return GEOIP_READER.city_dict(instance.last_ip)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = AuthenticatedSession
|
model = AuthenticatedSession
|
||||||
fields = [
|
fields = [
|
||||||
"uuid",
|
"uuid",
|
||||||
|
|
|
@ -29,7 +29,6 @@ class GroupMemberSerializer(ModelSerializer):
|
||||||
uid = CharField(read_only=True)
|
uid = CharField(read_only=True)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = User
|
model = User
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -56,7 +55,6 @@ class GroupSerializer(ModelSerializer):
|
||||||
num_pk = IntegerField(read_only=True)
|
num_pk = IntegerField(read_only=True)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Group
|
model = Group
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -114,7 +112,6 @@ class GroupFilter(FilterSet):
|
||||||
return queryset
|
return queryset
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Group
|
model = Group
|
||||||
fields = ["name", "is_superuser", "members_by_pk", "attributes", "members_by_username"]
|
fields = ["name", "is_superuser", "members_by_pk", "attributes", "members_by_username"]
|
||||||
|
|
||||||
|
|
|
@ -49,7 +49,6 @@ class PropertyMappingSerializer(ManagedSerializer, ModelSerializer, MetaNameSeri
|
||||||
return expression
|
return expression
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = PropertyMapping
|
model = PropertyMapping
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -31,7 +31,6 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
|
||||||
return obj.component
|
return obj.component
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Provider
|
model = Provider
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -46,7 +46,6 @@ class SourceSerializer(ModelSerializer, MetaNameSerializer):
|
||||||
return obj.component
|
return obj.component
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Source
|
model = Source
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -39,7 +39,6 @@ class TokenSerializer(ManagedSerializer, ModelSerializer):
|
||||||
return attrs
|
return attrs
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Token
|
model = Token
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -84,7 +84,6 @@ class UserGroupSerializer(ModelSerializer):
|
||||||
parent_name = CharField(source="parent.name", read_only=True)
|
parent_name = CharField(source="parent.name", read_only=True)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Group
|
model = Group
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -120,7 +119,6 @@ class UserSerializer(ModelSerializer):
|
||||||
return path
|
return path
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = User
|
model = User
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -172,7 +170,6 @@ class UserSelfSerializer(ModelSerializer):
|
||||||
return user.group_attributes(self._context["request"]).get("settings", {})
|
return user.group_attributes(self._context["request"]).get("settings", {})
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = User
|
model = User
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -402,7 +399,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
|
||||||
)
|
)
|
||||||
response["token"] = token.key
|
response["token"] = token.key
|
||||||
return Response(response)
|
return Response(response)
|
||||||
except (IntegrityError) as exc:
|
except IntegrityError as exc:
|
||||||
return Response(data={"non_field_errors": [str(exc)]}, status=400)
|
return Response(data={"non_field_errors": [str(exc)]}, status=400)
|
||||||
|
|
||||||
@extend_schema(responses={200: SessionUserSerializer(many=False)})
|
@extend_schema(responses={200: SessionUserSerializer(many=False)})
|
||||||
|
|
|
@ -14,7 +14,6 @@ import authentik.core.models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
@ -44,7 +43,10 @@ class Migration(migrations.Migration):
|
||||||
"is_superuser",
|
"is_superuser",
|
||||||
models.BooleanField(
|
models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="Designates that this user has all permissions without explicitly assigning them.",
|
help_text=(
|
||||||
|
"Designates that this user has all permissions without explicitly"
|
||||||
|
" assigning them."
|
||||||
|
),
|
||||||
verbose_name="superuser status",
|
verbose_name="superuser status",
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
@ -52,7 +54,9 @@ class Migration(migrations.Migration):
|
||||||
"username",
|
"username",
|
||||||
models.CharField(
|
models.CharField(
|
||||||
error_messages={"unique": "A user with that username already exists."},
|
error_messages={"unique": "A user with that username already exists."},
|
||||||
help_text="Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.",
|
help_text=(
|
||||||
|
"Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only."
|
||||||
|
),
|
||||||
max_length=150,
|
max_length=150,
|
||||||
unique=True,
|
unique=True,
|
||||||
validators=[django.contrib.auth.validators.UnicodeUsernameValidator()],
|
validators=[django.contrib.auth.validators.UnicodeUsernameValidator()],
|
||||||
|
@ -83,7 +87,10 @@ class Migration(migrations.Migration):
|
||||||
"is_active",
|
"is_active",
|
||||||
models.BooleanField(
|
models.BooleanField(
|
||||||
default=True,
|
default=True,
|
||||||
help_text="Designates whether this user should be treated as active. Unselect this instead of deleting accounts.",
|
help_text=(
|
||||||
|
"Designates whether this user should be treated as active. Unselect"
|
||||||
|
" this instead of deleting accounts."
|
||||||
|
),
|
||||||
verbose_name="active",
|
verbose_name="active",
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
|
|
@ -51,7 +51,6 @@ def create_default_admin_group(apps: Apps, schema_editor: BaseDatabaseSchemaEdit
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_core", "0002_auto_20200523_1133"),
|
("authentik_core", "0002_auto_20200523_1133"),
|
||||||
("authentik_core", "0003_default_user"),
|
("authentik_core", "0003_default_user"),
|
||||||
|
@ -172,7 +171,10 @@ class Migration(migrations.Migration):
|
||||||
name="groups",
|
name="groups",
|
||||||
field=models.ManyToManyField(
|
field=models.ManyToManyField(
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text="The groups this user belongs to. A user will get all permissions granted to each of their groups.",
|
help_text=(
|
||||||
|
"The groups this user belongs to. A user will get all permissions granted to"
|
||||||
|
" each of their groups."
|
||||||
|
),
|
||||||
related_name="user_set",
|
related_name="user_set",
|
||||||
related_query_name="user",
|
related_query_name="user",
|
||||||
to="auth.Group",
|
to="auth.Group",
|
||||||
|
|
|
@ -17,7 +17,6 @@ def set_default_token_key(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_core", "0012_auto_20201003_1737"),
|
("authentik_core", "0012_auto_20201003_1737"),
|
||||||
("authentik_core", "0013_auto_20201003_2132"),
|
("authentik_core", "0013_auto_20201003_2132"),
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0016_auto_20201202_2234"),
|
("authentik_core", "0016_auto_20201202_2234"),
|
||||||
]
|
]
|
||||||
|
@ -15,7 +14,12 @@ class Migration(migrations.Migration):
|
||||||
name="managed",
|
name="managed",
|
||||||
field=models.TextField(
|
field=models.TextField(
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
|
help_text=(
|
||||||
|
"Objects which are managed by authentik. These objects are created and updated"
|
||||||
|
" automatically. This is flag only indicates that an object can be overwritten"
|
||||||
|
" by migrations. You can still modify the objects via the API, but expect"
|
||||||
|
" changes to be overwritten in a later update."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
verbose_name="Managed by authentik",
|
verbose_name="Managed by authentik",
|
||||||
unique=True,
|
unique=True,
|
||||||
|
@ -26,7 +30,12 @@ class Migration(migrations.Migration):
|
||||||
name="managed",
|
name="managed",
|
||||||
field=models.TextField(
|
field=models.TextField(
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
|
help_text=(
|
||||||
|
"Objects which are managed by authentik. These objects are created and updated"
|
||||||
|
" automatically. This is flag only indicates that an object can be overwritten"
|
||||||
|
" by migrations. You can still modify the objects via the API, but expect"
|
||||||
|
" changes to be overwritten in a later update."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
verbose_name="Managed by authentik",
|
verbose_name="Managed by authentik",
|
||||||
unique=True,
|
unique=True,
|
||||||
|
|
|
@ -63,7 +63,6 @@ def create_default_user_token(apps: Apps, schema_editor: BaseDatabaseSchemaEdito
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_core", "0018_auto_20210330_1345"),
|
("authentik_core", "0018_auto_20210330_1345"),
|
||||||
("authentik_core", "0019_source_managed"),
|
("authentik_core", "0019_source_managed"),
|
||||||
|
@ -96,7 +95,12 @@ class Migration(migrations.Migration):
|
||||||
name="managed",
|
name="managed",
|
||||||
field=models.TextField(
|
field=models.TextField(
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
|
help_text=(
|
||||||
|
"Objects which are managed by authentik. These objects are created and updated"
|
||||||
|
" automatically. This is flag only indicates that an object can be overwritten"
|
||||||
|
" by migrations. You can still modify the objects via the API, but expect"
|
||||||
|
" changes to be overwritten in a later update."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
unique=True,
|
unique=True,
|
||||||
verbose_name="Managed by authentik",
|
verbose_name="Managed by authentik",
|
||||||
|
@ -110,23 +114,38 @@ class Migration(migrations.Migration):
|
||||||
("identifier", "Use the source-specific identifier"),
|
("identifier", "Use the source-specific identifier"),
|
||||||
(
|
(
|
||||||
"email_link",
|
"email_link",
|
||||||
"Link to a user with identical email address. Can have security implications when a source doesn't validate email addresses.",
|
(
|
||||||
|
"Link to a user with identical email address. Can have security"
|
||||||
|
" implications when a source doesn't validate email addresses."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
(
|
(
|
||||||
"email_deny",
|
"email_deny",
|
||||||
"Use the user's email address, but deny enrollment when the email address already exists.",
|
(
|
||||||
|
"Use the user's email address, but deny enrollment when the email"
|
||||||
|
" address already exists."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
(
|
(
|
||||||
"username_link",
|
"username_link",
|
||||||
"Link to a user with identical username. Can have security implications when a username is used with another source.",
|
(
|
||||||
|
"Link to a user with identical username. Can have security implications"
|
||||||
|
" when a username is used with another source."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
(
|
(
|
||||||
"username_deny",
|
"username_deny",
|
||||||
"Use the user's username, but deny enrollment when the username already exists.",
|
(
|
||||||
|
"Use the user's username, but deny enrollment when the username already"
|
||||||
|
" exists."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
],
|
],
|
||||||
default="identifier",
|
default="identifier",
|
||||||
help_text="How the source determines if an existing user should be authenticated or a new user enrolled.",
|
help_text=(
|
||||||
|
"How the source determines if an existing user should be authenticated or a new"
|
||||||
|
" user enrolled."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0018_auto_20210330_1345_squashed_0028_alter_token_intent"),
|
("authentik_core", "0018_auto_20210330_1345_squashed_0028_alter_token_intent"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0019_application_group"),
|
("authentik_core", "0019_application_group"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0020_application_open_in_new_tab"),
|
("authentik_core", "0020_application_open_in_new_tab"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -5,7 +5,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0021_source_user_path_user_path"),
|
("authentik_core", "0021_source_user_path_user_path"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0022_alter_group_parent"),
|
("authentik_core", "0022_alter_group_parent"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0023_source_authentik_c_slug_ccb2e5_idx_and_more"),
|
("authentik_core", "0023_source_authentik_c_slug_ccb2e5_idx_and_more"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -129,7 +129,6 @@ class Group(SerializerModel):
|
||||||
return f"Group {self.name}"
|
return f"Group {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
unique_together = (
|
unique_together = (
|
||||||
(
|
(
|
||||||
"name",
|
"name",
|
||||||
|
@ -255,7 +254,6 @@ class User(SerializerModel, GuardianUserMixin, AbstractUser):
|
||||||
}
|
}
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
permissions = (
|
permissions = (
|
||||||
("reset_user_password", "Reset Password"),
|
("reset_user_password", "Reset Password"),
|
||||||
("impersonate", "Can impersonate other users"),
|
("impersonate", "Can impersonate other users"),
|
||||||
|
@ -382,7 +380,6 @@ class Application(SerializerModel, PolicyBindingModel):
|
||||||
return str(self.name)
|
return str(self.name)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Application")
|
verbose_name = _("Application")
|
||||||
verbose_name_plural = _("Applications")
|
verbose_name_plural = _("Applications")
|
||||||
|
|
||||||
|
@ -392,19 +389,15 @@ class SourceUserMatchingModes(models.TextChoices):
|
||||||
|
|
||||||
IDENTIFIER = "identifier", _("Use the source-specific identifier")
|
IDENTIFIER = "identifier", _("Use the source-specific identifier")
|
||||||
EMAIL_LINK = "email_link", _(
|
EMAIL_LINK = "email_link", _(
|
||||||
(
|
"Link to a user with identical email address. Can have security implications "
|
||||||
"Link to a user with identical email address. Can have security implications "
|
"when a source doesn't validate email addresses."
|
||||||
"when a source doesn't validate email addresses."
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
EMAIL_DENY = "email_deny", _(
|
EMAIL_DENY = "email_deny", _(
|
||||||
"Use the user's email address, but deny enrollment when the email address already exists."
|
"Use the user's email address, but deny enrollment when the email address already exists."
|
||||||
)
|
)
|
||||||
USERNAME_LINK = "username_link", _(
|
USERNAME_LINK = "username_link", _(
|
||||||
(
|
"Link to a user with identical username. Can have security implications "
|
||||||
"Link to a user with identical username. Can have security implications "
|
"when a username is used with another source."
|
||||||
"when a username is used with another source."
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
USERNAME_DENY = "username_deny", _(
|
USERNAME_DENY = "username_deny", _(
|
||||||
"Use the user's username, but deny enrollment when the username already exists."
|
"Use the user's username, but deny enrollment when the username already exists."
|
||||||
|
@ -451,10 +444,8 @@ class Source(ManagedModel, SerializerModel, PolicyBindingModel):
|
||||||
choices=SourceUserMatchingModes.choices,
|
choices=SourceUserMatchingModes.choices,
|
||||||
default=SourceUserMatchingModes.IDENTIFIER,
|
default=SourceUserMatchingModes.IDENTIFIER,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"How the source determines if an existing user should be authenticated or "
|
||||||
"How the source determines if an existing user should be authenticated or "
|
"a new user enrolled."
|
||||||
"a new user enrolled."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -500,7 +491,6 @@ class Source(ManagedModel, SerializerModel, PolicyBindingModel):
|
||||||
return str(self.name)
|
return str(self.name)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
indexes = [
|
indexes = [
|
||||||
models.Index(
|
models.Index(
|
||||||
fields=[
|
fields=[
|
||||||
|
@ -529,7 +519,6 @@ class UserSourceConnection(SerializerModel, CreatedUpdatedModel):
|
||||||
raise NotImplementedError
|
raise NotImplementedError
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
unique_together = (("user", "source"),)
|
unique_together = (("user", "source"),)
|
||||||
|
|
||||||
|
|
||||||
|
@ -562,7 +551,6 @@ class ExpiringModel(models.Model):
|
||||||
return now() > self.expires
|
return now() > self.expires
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
abstract = True
|
abstract = True
|
||||||
|
|
||||||
|
|
||||||
|
@ -628,7 +616,6 @@ class Token(SerializerModel, ManagedModel, ExpiringModel):
|
||||||
return description
|
return description
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Token")
|
verbose_name = _("Token")
|
||||||
verbose_name_plural = _("Tokens")
|
verbose_name_plural = _("Tokens")
|
||||||
indexes = [
|
indexes = [
|
||||||
|
@ -671,7 +658,6 @@ class PropertyMapping(SerializerModel, ManagedModel):
|
||||||
return f"Property Mapping {self.name}"
|
return f"Property Mapping {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Property Mapping")
|
verbose_name = _("Property Mapping")
|
||||||
verbose_name_plural = _("Property Mappings")
|
verbose_name_plural = _("Property Mappings")
|
||||||
|
|
||||||
|
@ -708,6 +694,5 @@ class AuthenticatedSession(ExpiringModel):
|
||||||
)
|
)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Authenticated Session")
|
verbose_name = _("Authenticated Session")
|
||||||
verbose_name_plural = _("Authenticated Sessions")
|
verbose_name_plural = _("Authenticated Sessions")
|
||||||
|
|
|
@ -190,11 +190,8 @@ class SourceFlowManager:
|
||||||
# Default case, assume deny
|
# Default case, assume deny
|
||||||
error = Exception(
|
error = Exception(
|
||||||
_(
|
_(
|
||||||
(
|
"Request to authenticate with %(source)s has been denied. Please authenticate "
|
||||||
"Request to authenticate with %(source)s has been denied. Please authenticate "
|
"with the source you've previously signed up with." % {"source": self.source.name}
|
||||||
"with the source you've previously signed up with."
|
|
||||||
)
|
|
||||||
% {"source": self.source.name}
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
return self.error_handler(error)
|
return self.error_handler(error)
|
||||||
|
|
|
@ -80,7 +80,7 @@ class TestTokenAPI(APITestCase):
|
||||||
identifier="test", expiring=False, user=self.user
|
identifier="test", expiring=False, user=self.user
|
||||||
)
|
)
|
||||||
Token.objects.create(identifier="test-2", expiring=False, user=get_anonymous_user())
|
Token.objects.create(identifier="test-2", expiring=False, user=get_anonymous_user())
|
||||||
response = self.client.get(reverse(("authentik_api:token-list")))
|
response = self.client.get(reverse("authentik_api:token-list"))
|
||||||
body = loads(response.content)
|
body = loads(response.content)
|
||||||
self.assertEqual(len(body["results"]), 1)
|
self.assertEqual(len(body["results"]), 1)
|
||||||
self.assertEqual(body["results"][0]["identifier"], token_should.identifier)
|
self.assertEqual(body["results"][0]["identifier"], token_should.identifier)
|
||||||
|
@ -94,7 +94,7 @@ class TestTokenAPI(APITestCase):
|
||||||
token_should_not: Token = Token.objects.create(
|
token_should_not: Token = Token.objects.create(
|
||||||
identifier="test-2", expiring=False, user=get_anonymous_user()
|
identifier="test-2", expiring=False, user=get_anonymous_user()
|
||||||
)
|
)
|
||||||
response = self.client.get(reverse(("authentik_api:token-list")))
|
response = self.client.get(reverse("authentik_api:token-list"))
|
||||||
body = loads(response.content)
|
body = loads(response.content)
|
||||||
self.assertEqual(len(body["results"]), 2)
|
self.assertEqual(len(body["results"]), 2)
|
||||||
self.assertEqual(body["results"][0]["identifier"], token_should.identifier)
|
self.assertEqual(body["results"][0]["identifier"], token_should.identifier)
|
||||||
|
|
|
@ -143,7 +143,6 @@ class CertificateKeyPairSerializer(ModelSerializer):
|
||||||
return value
|
return value
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = CertificateKeyPair
|
model = CertificateKeyPair
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -6,7 +6,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = []
|
dependencies = []
|
||||||
|
@ -36,7 +35,10 @@ class Migration(migrations.Migration):
|
||||||
models.TextField(
|
models.TextField(
|
||||||
blank=True,
|
blank=True,
|
||||||
default="",
|
default="",
|
||||||
help_text="Optional Private Key. If this is set, you can use this keypair for encryption.",
|
help_text=(
|
||||||
|
"Optional Private Key. If this is set, you can use this keypair for"
|
||||||
|
" encryption."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
],
|
],
|
||||||
|
|
|
@ -6,7 +6,6 @@ from authentik.lib.generators import generate_id
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_crypto", "0001_initial"),
|
("authentik_crypto", "0001_initial"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_crypto", "0002_create_self_signed_kp"),
|
("authentik_crypto", "0002_create_self_signed_kp"),
|
||||||
]
|
]
|
||||||
|
@ -15,7 +14,12 @@ class Migration(migrations.Migration):
|
||||||
name="managed",
|
name="managed",
|
||||||
field=models.TextField(
|
field=models.TextField(
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
|
help_text=(
|
||||||
|
"Objects which are managed by authentik. These objects are created and updated"
|
||||||
|
" automatically. This is flag only indicates that an object can be overwritten"
|
||||||
|
" by migrations. You can still modify the objects via the API, but expect"
|
||||||
|
" changes to be overwritten in a later update."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
unique=True,
|
unique=True,
|
||||||
verbose_name="Managed by authentik",
|
verbose_name="Managed by authentik",
|
||||||
|
|
|
@ -98,6 +98,5 @@ class CertificateKeyPair(SerializerModel, ManagedModel, CreatedUpdatedModel):
|
||||||
return f"Certificate-Key Pair {self.name}"
|
return f"Certificate-Key Pair {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Certificate-Key Pair")
|
verbose_name = _("Certificate-Key Pair")
|
||||||
verbose_name_plural = _("Certificate-Key Pairs")
|
verbose_name_plural = _("Certificate-Key Pairs")
|
||||||
|
|
|
@ -25,7 +25,6 @@ class EventSerializer(ModelSerializer):
|
||||||
"""Event Serializer"""
|
"""Event Serializer"""
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Event
|
model = Event
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -10,7 +10,6 @@ class NotificationWebhookMappingSerializer(ModelSerializer):
|
||||||
"""NotificationWebhookMapping Serializer"""
|
"""NotificationWebhookMapping Serializer"""
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = NotificationWebhookMapping
|
model = NotificationWebhookMapping
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -13,7 +13,6 @@ class NotificationRuleSerializer(ModelSerializer):
|
||||||
group_obj = GroupSerializer(read_only=True, source="group")
|
group_obj = GroupSerializer(read_only=True, source="group")
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = NotificationRule
|
model = NotificationRule
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -43,7 +43,6 @@ class NotificationTransportSerializer(ModelSerializer):
|
||||||
return attrs
|
return attrs
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = NotificationTransport
|
model = NotificationTransport
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -25,7 +25,6 @@ class NotificationSerializer(ModelSerializer):
|
||||||
event = EventSerializer(required=False)
|
event = EventSerializer(required=False)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Notification
|
model = Notification
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -100,7 +100,6 @@ def update_expires(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_events", "0001_initial"),
|
("authentik_events", "0001_initial"),
|
||||||
("authentik_events", "0002_auto_20200918_2116"),
|
("authentik_events", "0002_auto_20200918_2116"),
|
||||||
|
@ -245,14 +244,19 @@ class Migration(migrations.Migration):
|
||||||
models.TextField(
|
models.TextField(
|
||||||
choices=[("notice", "Notice"), ("warning", "Warning"), ("alert", "Alert")],
|
choices=[("notice", "Notice"), ("warning", "Warning"), ("alert", "Alert")],
|
||||||
default="notice",
|
default="notice",
|
||||||
help_text="Controls which severity level the created notifications will have.",
|
help_text=(
|
||||||
|
"Controls which severity level the created notifications will have."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
(
|
(
|
||||||
"group",
|
"group",
|
||||||
models.ForeignKey(
|
models.ForeignKey(
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text="Define which group of users this notification should be sent and shown to. If left empty, Notification won't ben sent.",
|
help_text=(
|
||||||
|
"Define which group of users this notification should be sent and shown"
|
||||||
|
" to. If left empty, Notification won't ben sent."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
on_delete=django.db.models.deletion.SET_NULL,
|
on_delete=django.db.models.deletion.SET_NULL,
|
||||||
to="authentik_core.group",
|
to="authentik_core.group",
|
||||||
|
@ -261,7 +265,10 @@ class Migration(migrations.Migration):
|
||||||
(
|
(
|
||||||
"transports",
|
"transports",
|
||||||
models.ManyToManyField(
|
models.ManyToManyField(
|
||||||
help_text="Select which transports should be used to notify the user. If none are selected, the notification will only be shown in the authentik UI.",
|
help_text=(
|
||||||
|
"Select which transports should be used to notify the user. If none are"
|
||||||
|
" selected, the notification will only be shown in the authentik UI."
|
||||||
|
),
|
||||||
to="authentik_events.NotificationTransport",
|
to="authentik_events.NotificationTransport",
|
||||||
blank=True,
|
blank=True,
|
||||||
),
|
),
|
||||||
|
@ -317,7 +324,10 @@ class Migration(migrations.Migration):
|
||||||
name="send_once",
|
name="send_once",
|
||||||
field=models.BooleanField(
|
field=models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="Only send notification once, for example when sending a webhook into a chat channel.",
|
help_text=(
|
||||||
|
"Only send notification once, for example when sending a webhook into a chat"
|
||||||
|
" channel."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.RunPython(
|
migrations.RunPython(
|
||||||
|
|
|
@ -3,7 +3,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_events", "0001_squashed_0019_alter_notificationtransport_webhook_url"),
|
("authentik_events", "0001_squashed_0019_alter_notificationtransport_webhook_url"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -283,7 +283,6 @@ class Event(SerializerModel, ExpiringModel):
|
||||||
return f"Event action={self.action} user={self.user} context={self.context}"
|
return f"Event action={self.action} user={self.user} context={self.context}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Event")
|
verbose_name = _("Event")
|
||||||
verbose_name_plural = _("Events")
|
verbose_name_plural = _("Events")
|
||||||
|
|
||||||
|
@ -460,7 +459,6 @@ class NotificationTransport(SerializerModel):
|
||||||
return f"Notification Transport {self.name}"
|
return f"Notification Transport {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Notification Transport")
|
verbose_name = _("Notification Transport")
|
||||||
verbose_name_plural = _("Notification Transports")
|
verbose_name_plural = _("Notification Transports")
|
||||||
|
|
||||||
|
@ -495,7 +493,6 @@ class Notification(SerializerModel):
|
||||||
return f"Notification for user {self.user}: {body_trunc}"
|
return f"Notification for user {self.user}: {body_trunc}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Notification")
|
verbose_name = _("Notification")
|
||||||
verbose_name_plural = _("Notifications")
|
verbose_name_plural = _("Notifications")
|
||||||
|
|
||||||
|
@ -507,10 +504,8 @@ class NotificationRule(SerializerModel, PolicyBindingModel):
|
||||||
transports = models.ManyToManyField(
|
transports = models.ManyToManyField(
|
||||||
NotificationTransport,
|
NotificationTransport,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Select which transports should be used to notify the user. If none are "
|
||||||
"Select which transports should be used to notify the user. If none are "
|
"selected, the notification will only be shown in the authentik UI."
|
||||||
"selected, the notification will only be shown in the authentik UI."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
blank=True,
|
blank=True,
|
||||||
)
|
)
|
||||||
|
@ -522,10 +517,8 @@ class NotificationRule(SerializerModel, PolicyBindingModel):
|
||||||
group = models.ForeignKey(
|
group = models.ForeignKey(
|
||||||
Group,
|
Group,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Define which group of users this notification should be sent and shown to. "
|
||||||
"Define which group of users this notification should be sent and shown to. "
|
"If left empty, Notification won't ben sent."
|
||||||
"If left empty, Notification won't ben sent."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
null=True,
|
null=True,
|
||||||
blank=True,
|
blank=True,
|
||||||
|
@ -542,7 +535,6 @@ class NotificationRule(SerializerModel, PolicyBindingModel):
|
||||||
return f"Notification Rule {self.name}"
|
return f"Notification Rule {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Notification Rule")
|
verbose_name = _("Notification Rule")
|
||||||
verbose_name_plural = _("Notification Rules")
|
verbose_name_plural = _("Notification Rules")
|
||||||
|
|
||||||
|
@ -564,6 +556,5 @@ class NotificationWebhookMapping(PropertyMapping):
|
||||||
return f"Webhook Mapping {self.name}"
|
return f"Webhook Mapping {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Webhook Mapping")
|
verbose_name = _("Webhook Mapping")
|
||||||
verbose_name_plural = _("Webhook Mappings")
|
verbose_name_plural = _("Webhook Mappings")
|
||||||
|
|
|
@ -178,7 +178,7 @@ class MonitoredTask(Task):
|
||||||
).save(self.result_timeout_hours)
|
).save(self.result_timeout_hours)
|
||||||
Event.new(
|
Event.new(
|
||||||
EventAction.SYSTEM_TASK_EXCEPTION,
|
EventAction.SYSTEM_TASK_EXCEPTION,
|
||||||
message=(f"Task {self.__name__} encountered an error: {exception_to_string(exc)}"),
|
message=f"Task {self.__name__} encountered an error: {exception_to_string(exc)}",
|
||||||
).save()
|
).save()
|
||||||
|
|
||||||
def run(self, *args, **kwargs):
|
def run(self, *args, **kwargs):
|
||||||
|
|
|
@ -13,7 +13,6 @@ class FlowStageBindingSerializer(ModelSerializer):
|
||||||
stage_obj = StageSerializer(read_only=True, source="stage")
|
stage_obj = StageSerializer(read_only=True, source="stage")
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = FlowStageBinding
|
model = FlowStageBinding
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -53,7 +53,6 @@ class FlowSerializer(ModelSerializer):
|
||||||
return reverse("authentik_api:flow-export", kwargs={"slug": flow.slug})
|
return reverse("authentik_api:flow-export", kwargs={"slug": flow.slug})
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Flow
|
model = Flow
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -82,7 +81,6 @@ class FlowSetSerializer(FlowSerializer):
|
||||||
"""Stripped down flow serializer"""
|
"""Stripped down flow serializer"""
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Flow
|
model = Flow
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -33,7 +33,6 @@ class StageSerializer(ModelSerializer, MetaNameSerializer):
|
||||||
return obj.component
|
return obj.component
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Stage
|
model = Stage
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -7,7 +7,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_flows", "0001_initial"),
|
("authentik_flows", "0001_initial"),
|
||||||
("authentik_flows", "0003_auto_20200523_1133"),
|
("authentik_flows", "0003_auto_20200523_1133"),
|
||||||
|
@ -98,7 +97,10 @@ class Migration(migrations.Migration):
|
||||||
"re_evaluate_policies",
|
"re_evaluate_policies",
|
||||||
models.BooleanField(
|
models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="When this option is enabled, the planner will re-evaluate policies bound to this.",
|
help_text=(
|
||||||
|
"When this option is enabled, the planner will re-evaluate policies"
|
||||||
|
" bound to this."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
("order", models.IntegerField()),
|
("order", models.IntegerField()),
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0007_auto_20200703_2059"),
|
("authentik_flows", "0007_auto_20200703_2059"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0008_default_flows"),
|
("authentik_flows", "0008_default_flows"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0009_source_flows"),
|
("authentik_flows", "0009_source_flows"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -3,7 +3,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0010_provider_flows"),
|
("authentik_flows", "0010_provider_flows"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -20,7 +20,6 @@ def update_flow_designation(apps: Apps, schema_editor: BaseDatabaseSchemaEditor)
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_flows", "0012_auto_20200908_1542"),
|
("authentik_flows", "0012_auto_20200908_1542"),
|
||||||
("authentik_flows", "0013_auto_20200924_1605"),
|
("authentik_flows", "0013_auto_20200924_1605"),
|
||||||
|
@ -79,7 +78,10 @@ class Migration(migrations.Migration):
|
||||||
name="re_evaluate_policies",
|
name="re_evaluate_policies",
|
||||||
field=models.BooleanField(
|
field=models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="When this option is enabled, the planner will re-evaluate policies bound to this binding.",
|
help_text=(
|
||||||
|
"When this option is enabled, the planner will re-evaluate policies bound to"
|
||||||
|
" this binding."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
|
@ -94,7 +96,10 @@ class Migration(migrations.Migration):
|
||||||
name="evaluate_on_plan",
|
name="evaluate_on_plan",
|
||||||
field=models.BooleanField(
|
field=models.BooleanField(
|
||||||
default=True,
|
default=True,
|
||||||
help_text="Evaluate policies during the Flow planning process. Disable this for input-based policies.",
|
help_text=(
|
||||||
|
"Evaluate policies during the Flow planning process. Disable this for"
|
||||||
|
" input-based policies."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
|
@ -120,7 +125,10 @@ class Migration(migrations.Migration):
|
||||||
("recovery", "Recovery"),
|
("recovery", "Recovery"),
|
||||||
("stage_configuration", "Stage Configuration"),
|
("stage_configuration", "Stage Configuration"),
|
||||||
],
|
],
|
||||||
help_text="Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.",
|
help_text=(
|
||||||
|
"Decides what this Flow is used for. For example, the Authentication flow is"
|
||||||
|
" redirect to when an un-authenticated user visits authentik."
|
||||||
|
),
|
||||||
max_length=100,
|
max_length=100,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0017_auto_20210329_1334"),
|
("authentik_flows", "0017_auto_20210329_1334"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_flows", "0019_alter_flow_background"),
|
("authentik_flows", "0019_alter_flow_background"),
|
||||||
("authentik_flows", "0020_flow_compatibility_mode"),
|
("authentik_flows", "0020_flow_compatibility_mode"),
|
||||||
|
@ -39,7 +38,12 @@ class Migration(migrations.Migration):
|
||||||
("restart_with_context", "Restart With Context"),
|
("restart_with_context", "Restart With Context"),
|
||||||
],
|
],
|
||||||
default="retry",
|
default="retry",
|
||||||
help_text="Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.",
|
help_text=(
|
||||||
|
"Configure how the flow executor should handle an invalid response to a"
|
||||||
|
" challenge. RETRY returns the error message and a similar challenge to the"
|
||||||
|
" executor. RESTART restarts the flow from the beginning, and"
|
||||||
|
" RESTART_WITH_CONTEXT restarts the flow while keeping the current context."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
|
@ -58,7 +62,10 @@ class Migration(migrations.Migration):
|
||||||
name="compatibility_mode",
|
name="compatibility_mode",
|
||||||
field=models.BooleanField(
|
field=models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="Enable compatibility mode, increases compatibility with password managers on mobile devices.",
|
help_text=(
|
||||||
|
"Enable compatibility mode, increases compatibility with password managers on"
|
||||||
|
" mobile devices."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
|
@ -5,7 +5,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0018_auto_20210330_1345_squashed_0028_alter_token_intent"),
|
("authentik_core", "0018_auto_20210330_1345_squashed_0028_alter_token_intent"),
|
||||||
(
|
(
|
||||||
|
|
|
@ -3,7 +3,6 @@ from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0020_flowtoken"),
|
("authentik_flows", "0020_flowtoken"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0021_auto_20211227_2103"),
|
("authentik_flows", "0021_auto_20211227_2103"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0022_flow_layout"),
|
("authentik_flows", "0022_flow_layout"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0023_flow_denied_action"),
|
("authentik_flows", "0023_flow_denied_action"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -135,10 +135,8 @@ class Flow(SerializerModel, PolicyBindingModel):
|
||||||
max_length=100,
|
max_length=100,
|
||||||
choices=FlowDesignation.choices,
|
choices=FlowDesignation.choices,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Decides what this Flow is used for. For example, the Authentication flow "
|
||||||
"Decides what this Flow is used for. For example, the Authentication flow "
|
"is redirect to when an un-authenticated user visits authentik."
|
||||||
"is redirect to when an un-authenticated user visits authentik."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -192,7 +190,6 @@ class Flow(SerializerModel, PolicyBindingModel):
|
||||||
return f"Flow {self.name} ({self.slug})"
|
return f"Flow {self.name} ({self.slug})"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Flow")
|
verbose_name = _("Flow")
|
||||||
verbose_name_plural = _("Flows")
|
verbose_name_plural = _("Flows")
|
||||||
|
|
||||||
|
@ -216,10 +213,8 @@ class FlowStageBinding(SerializerModel, PolicyBindingModel):
|
||||||
evaluate_on_plan = models.BooleanField(
|
evaluate_on_plan = models.BooleanField(
|
||||||
default=True,
|
default=True,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Evaluate policies during the Flow planning process. "
|
||||||
"Evaluate policies during the Flow planning process. "
|
"Disable this for input-based policies."
|
||||||
"Disable this for input-based policies."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
re_evaluate_policies = models.BooleanField(
|
re_evaluate_policies = models.BooleanField(
|
||||||
|
@ -252,7 +247,6 @@ class FlowStageBinding(SerializerModel, PolicyBindingModel):
|
||||||
return f"Flow-stage binding #{self.order} to {self.target_id}"
|
return f"Flow-stage binding #{self.order} to {self.target_id}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
ordering = ["target", "order"]
|
ordering = ["target", "order"]
|
||||||
|
|
||||||
verbose_name = _("Flow Stage Binding")
|
verbose_name = _("Flow Stage Binding")
|
||||||
|
@ -271,15 +265,12 @@ class ConfigurableStage(models.Model):
|
||||||
null=True,
|
null=True,
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Flow used by an authenticated user to configure this Stage. "
|
||||||
"Flow used by an authenticated user to configure this Stage. "
|
"If empty, user will not be able to configure this stage."
|
||||||
"If empty, user will not be able to configure this stage."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
abstract = True
|
abstract = True
|
||||||
|
|
||||||
|
|
||||||
|
@ -305,6 +296,5 @@ class FlowToken(Token):
|
||||||
return f"Flow Token {super().__str__()}"
|
return f"Flow Token {super().__str__()}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Flow Token")
|
verbose_name = _("Flow Token")
|
||||||
verbose_name_plural = _("Flow Tokens")
|
verbose_name_plural = _("Flow Tokens")
|
||||||
|
|
|
@ -207,10 +207,13 @@ class FlowPlanner:
|
||||||
) -> FlowPlan:
|
) -> FlowPlan:
|
||||||
"""Build flow plan by checking each stage in their respective
|
"""Build flow plan by checking each stage in their respective
|
||||||
order and checking the applied policies"""
|
order and checking the applied policies"""
|
||||||
with Hub.current.start_span(
|
with (
|
||||||
op="authentik.flow.planner.build_plan",
|
Hub.current.start_span(
|
||||||
description=self.flow.slug,
|
op="authentik.flow.planner.build_plan",
|
||||||
) as span, HIST_FLOWS_PLAN_TIME.labels(flow_slug=self.flow.slug).time():
|
description=self.flow.slug,
|
||||||
|
) as span,
|
||||||
|
HIST_FLOWS_PLAN_TIME.labels(flow_slug=self.flow.slug).time(),
|
||||||
|
):
|
||||||
span: Span
|
span: Span
|
||||||
span.set_data("flow", self.flow)
|
span.set_data("flow", self.flow)
|
||||||
span.set_data("user", user)
|
span.set_data("user", user)
|
||||||
|
|
|
@ -209,7 +209,6 @@ class TestFlowExecutor(FlowTestCase):
|
||||||
|
|
||||||
# Here we patch the dummy policy to evaluate to true so the stage is included
|
# Here we patch the dummy policy to evaluate to true so the stage is included
|
||||||
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
||||||
|
|
||||||
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
||||||
# First request, run the planner
|
# First request, run the planner
|
||||||
response = self.client.get(exec_url)
|
response = self.client.get(exec_url)
|
||||||
|
@ -259,7 +258,6 @@ class TestFlowExecutor(FlowTestCase):
|
||||||
|
|
||||||
# Here we patch the dummy policy to evaluate to true so the stage is included
|
# Here we patch the dummy policy to evaluate to true so the stage is included
|
||||||
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
||||||
|
|
||||||
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
||||||
# First request, run the planner
|
# First request, run the planner
|
||||||
response = self.client.get(exec_url)
|
response = self.client.get(exec_url)
|
||||||
|
@ -319,7 +317,6 @@ class TestFlowExecutor(FlowTestCase):
|
||||||
|
|
||||||
# Here we patch the dummy policy to evaluate to true so the stage is included
|
# Here we patch the dummy policy to evaluate to true so the stage is included
|
||||||
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
||||||
|
|
||||||
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
||||||
# First request, run the planner
|
# First request, run the planner
|
||||||
response = self.client.get(exec_url)
|
response = self.client.get(exec_url)
|
||||||
|
@ -396,7 +393,6 @@ class TestFlowExecutor(FlowTestCase):
|
||||||
|
|
||||||
# Here we patch the dummy policy to evaluate to true so the stage is included
|
# Here we patch the dummy policy to evaluate to true so the stage is included
|
||||||
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
with patch("authentik.policies.dummy.models.DummyPolicy.passes", POLICY_RETURN_TRUE):
|
||||||
|
|
||||||
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
exec_url = reverse("authentik_api:flow-executor", kwargs={"flow_slug": flow.slug})
|
||||||
# First request, run the planner
|
# First request, run the planner
|
||||||
response = self.client.get(exec_url)
|
response = self.client.get(exec_url)
|
||||||
|
|
|
@ -56,10 +56,8 @@ class OutpostSerializer(ModelSerializer):
|
||||||
for provider in providers:
|
for provider in providers:
|
||||||
if not isinstance(provider, type_map[self.initial_data.get("type")]):
|
if not isinstance(provider, type_map[self.initial_data.get("type")]):
|
||||||
raise ValidationError(
|
raise ValidationError(
|
||||||
(
|
f"Outpost type {self.initial_data['type']} can't be used with "
|
||||||
f"Outpost type {self.initial_data['type']} can't be used with "
|
f"{provider.__class__.__name__} providers."
|
||||||
f"{provider.__class__.__name__} providers."
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
if self.instance and self.instance.managed == MANAGED_OUTPOST:
|
if self.instance and self.instance.managed == MANAGED_OUTPOST:
|
||||||
return providers
|
return providers
|
||||||
|
@ -76,7 +74,6 @@ class OutpostSerializer(ModelSerializer):
|
||||||
return config
|
return config
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Outpost
|
model = Outpost
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -124,7 +121,6 @@ class OutpostFilter(FilterSet):
|
||||||
)
|
)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Outpost
|
model = Outpost
|
||||||
fields = {
|
fields = {
|
||||||
"providers": ["isnull"],
|
"providers": ["isnull"],
|
||||||
|
|
|
@ -37,7 +37,6 @@ class ServiceConnectionSerializer(ModelSerializer, MetaNameSerializer):
|
||||||
return obj.component
|
return obj.component
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = OutpostServiceConnection
|
model = OutpostServiceConnection
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -101,7 +100,6 @@ class DockerServiceConnectionSerializer(ServiceConnectionSerializer):
|
||||||
"""DockerServiceConnection Serializer"""
|
"""DockerServiceConnection Serializer"""
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = DockerServiceConnection
|
model = DockerServiceConnection
|
||||||
fields = ServiceConnectionSerializer.Meta.fields + [
|
fields = ServiceConnectionSerializer.Meta.fields + [
|
||||||
"url",
|
"url",
|
||||||
|
@ -140,7 +138,6 @@ class KubernetesServiceConnectionSerializer(ServiceConnectionSerializer):
|
||||||
return kubeconfig
|
return kubeconfig
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = KubernetesServiceConnection
|
model = KubernetesServiceConnection
|
||||||
fields = ServiceConnectionSerializer.Meta.fields + ["kubeconfig", "verify_ssl"]
|
fields = ServiceConnectionSerializer.Meta.fields + ["kubeconfig", "verify_ssl"]
|
||||||
|
|
||||||
|
|
|
@ -80,7 +80,6 @@ def update_config_prefix(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_outposts", "0001_initial"),
|
("authentik_outposts", "0001_initial"),
|
||||||
("authentik_outposts", "0002_auto_20200826_1306"),
|
("authentik_outposts", "0002_auto_20200826_1306"),
|
||||||
|
@ -136,7 +135,10 @@ class Migration(migrations.Migration):
|
||||||
("custom", "Custom"),
|
("custom", "Custom"),
|
||||||
],
|
],
|
||||||
default="custom",
|
default="custom",
|
||||||
help_text="Select between authentik-managed deployment types or a custom deployment.",
|
help_text=(
|
||||||
|
"Select between authentik-managed deployment types or a custom"
|
||||||
|
" deployment."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
],
|
],
|
||||||
|
@ -158,7 +160,10 @@ class Migration(migrations.Migration):
|
||||||
"local",
|
"local",
|
||||||
models.BooleanField(
|
models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="If enabled, use the local connection. Required Docker socket/Kubernetes Integration",
|
help_text=(
|
||||||
|
"If enabled, use the local connection. Required Docker"
|
||||||
|
" socket/Kubernetes Integration"
|
||||||
|
),
|
||||||
unique=True,
|
unique=True,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
@ -207,7 +212,10 @@ class Migration(migrations.Migration):
|
||||||
field=models.ForeignKey(
|
field=models.ForeignKey(
|
||||||
blank=True,
|
blank=True,
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment.",
|
help_text=(
|
||||||
|
"Select Service-Connection authentik should use to manage this outpost. Leave"
|
||||||
|
" empty if authentik should not handle the deployment."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
on_delete=django.db.models.deletion.SET_DEFAULT,
|
on_delete=django.db.models.deletion.SET_DEFAULT,
|
||||||
to="authentik_outposts.outpostserviceconnection",
|
to="authentik_outposts.outpostserviceconnection",
|
||||||
|
@ -240,7 +248,10 @@ class Migration(migrations.Migration):
|
||||||
field=authentik.lib.models.InheritanceForeignKey(
|
field=authentik.lib.models.InheritanceForeignKey(
|
||||||
blank=True,
|
blank=True,
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Select Service-Connection authentik should use to manage this outpost. Leave empty if authentik should not handle the deployment.",
|
help_text=(
|
||||||
|
"Select Service-Connection authentik should use to manage this outpost. Leave"
|
||||||
|
" empty if authentik should not handle the deployment."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
on_delete=django.db.models.deletion.SET_DEFAULT,
|
on_delete=django.db.models.deletion.SET_DEFAULT,
|
||||||
to="authentik_outposts.outpostserviceconnection",
|
to="authentik_outposts.outpostserviceconnection",
|
||||||
|
@ -258,7 +269,10 @@ class Migration(migrations.Migration):
|
||||||
name="kubeconfig",
|
name="kubeconfig",
|
||||||
field=models.JSONField(
|
field=models.JSONField(
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Paste your kubeconfig here. authentik will automatically use the currently selected context.",
|
help_text=(
|
||||||
|
"Paste your kubeconfig here. authentik will automatically use the currently"
|
||||||
|
" selected context."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
preserve_default=False,
|
preserve_default=False,
|
||||||
),
|
),
|
||||||
|
@ -272,7 +286,10 @@ class Migration(migrations.Migration):
|
||||||
field=models.ForeignKey(
|
field=models.ForeignKey(
|
||||||
blank=True,
|
blank=True,
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Certificate/Key used for authentication. Can be left empty for no authentication.",
|
help_text=(
|
||||||
|
"Certificate/Key used for authentication. Can be left empty for no"
|
||||||
|
" authentication."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
on_delete=django.db.models.deletion.SET_DEFAULT,
|
on_delete=django.db.models.deletion.SET_DEFAULT,
|
||||||
related_name="+",
|
related_name="+",
|
||||||
|
@ -285,7 +302,10 @@ class Migration(migrations.Migration):
|
||||||
field=models.ForeignKey(
|
field=models.ForeignKey(
|
||||||
blank=True,
|
blank=True,
|
||||||
default=None,
|
default=None,
|
||||||
help_text="CA which the endpoint's Certificate is verified against. Can be left empty for no validation.",
|
help_text=(
|
||||||
|
"CA which the endpoint's Certificate is verified against. Can be left empty for"
|
||||||
|
" no validation."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
on_delete=django.db.models.deletion.SET_DEFAULT,
|
on_delete=django.db.models.deletion.SET_DEFAULT,
|
||||||
related_name="+",
|
related_name="+",
|
||||||
|
@ -297,7 +317,10 @@ class Migration(migrations.Migration):
|
||||||
name="local",
|
name="local",
|
||||||
field=models.BooleanField(
|
field=models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="If enabled, use the local connection. Required Docker socket/Kubernetes Integration",
|
help_text=(
|
||||||
|
"If enabled, use the local connection. Required Docker socket/Kubernetes"
|
||||||
|
" Integration"
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.RunPython(
|
migrations.RunPython(
|
||||||
|
@ -310,7 +333,10 @@ class Migration(migrations.Migration):
|
||||||
model_name="dockerserviceconnection",
|
model_name="dockerserviceconnection",
|
||||||
name="url",
|
name="url",
|
||||||
field=models.TextField(
|
field=models.TextField(
|
||||||
help_text="Can be in the format of 'unix://<path>' when connecting to a local docker daemon, or 'https://<hostname>:2376' when connecting to a remote system."
|
help_text=(
|
||||||
|
"Can be in the format of 'unix://<path>' when connecting to a local docker"
|
||||||
|
" daemon, or 'https://<hostname>:2376' when connecting to a remote system."
|
||||||
|
)
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
|
@ -318,7 +344,10 @@ class Migration(migrations.Migration):
|
||||||
name="kubeconfig",
|
name="kubeconfig",
|
||||||
field=models.JSONField(
|
field=models.JSONField(
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text="Paste your kubeconfig here. authentik will automatically use the currently selected context.",
|
help_text=(
|
||||||
|
"Paste your kubeconfig here. authentik will automatically use the currently"
|
||||||
|
" selected context."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
|
@ -331,7 +360,12 @@ class Migration(migrations.Migration):
|
||||||
name="managed",
|
name="managed",
|
||||||
field=models.TextField(
|
field=models.TextField(
|
||||||
default=None,
|
default=None,
|
||||||
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
|
help_text=(
|
||||||
|
"Objects which are managed by authentik. These objects are created and updated"
|
||||||
|
" automatically. This is flag only indicates that an object can be overwritten"
|
||||||
|
" by migrations. You can still modify the objects via the API, but expect"
|
||||||
|
" changes to be overwritten in a later update."
|
||||||
|
),
|
||||||
null=True,
|
null=True,
|
||||||
unique=True,
|
unique=True,
|
||||||
verbose_name="Managed by authentik",
|
verbose_name="Managed by authentik",
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_outposts", "0001_squashed_0017_outpost_managed"),
|
("authentik_outposts", "0001_squashed_0017_outpost_managed"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -86,7 +86,6 @@ class OutpostModel(Model):
|
||||||
return [self]
|
return [self]
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
abstract = True
|
abstract = True
|
||||||
|
|
||||||
|
|
||||||
|
@ -119,10 +118,7 @@ class OutpostServiceConnection(models.Model):
|
||||||
local = models.BooleanField(
|
local = models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"If enabled, use the local connection. Required Docker socket/Kubernetes Integration"
|
||||||
"If enabled, use the local connection. Required Docker "
|
|
||||||
"socket/Kubernetes Integration"
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -152,7 +148,6 @@ class OutpostServiceConnection(models.Model):
|
||||||
return ""
|
return ""
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Outpost Service-Connection")
|
verbose_name = _("Outpost Service-Connection")
|
||||||
verbose_name_plural = _("Outpost Service-Connections")
|
verbose_name_plural = _("Outpost Service-Connections")
|
||||||
|
|
||||||
|
@ -162,10 +157,8 @@ class DockerServiceConnection(SerializerModel, OutpostServiceConnection):
|
||||||
|
|
||||||
url = models.TextField(
|
url = models.TextField(
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Can be in the format of 'unix://<path>' when connecting to a local docker daemon, "
|
||||||
"Can be in the format of 'unix://<path>' when connecting to a local docker daemon, "
|
"or 'https://<hostname>:2376' when connecting to a remote system."
|
||||||
"or 'https://<hostname>:2376' when connecting to a remote system."
|
|
||||||
)
|
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
tls_verification = models.ForeignKey(
|
tls_verification = models.ForeignKey(
|
||||||
|
@ -176,10 +169,8 @@ class DockerServiceConnection(SerializerModel, OutpostServiceConnection):
|
||||||
related_name="+",
|
related_name="+",
|
||||||
on_delete=models.SET_DEFAULT,
|
on_delete=models.SET_DEFAULT,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"CA which the endpoint's Certificate is verified against. "
|
||||||
"CA which the endpoint's Certificate is verified against. "
|
"Can be left empty for no validation."
|
||||||
"Can be left empty for no validation."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
tls_authentication = models.ForeignKey(
|
tls_authentication = models.ForeignKey(
|
||||||
|
@ -208,7 +199,6 @@ class DockerServiceConnection(SerializerModel, OutpostServiceConnection):
|
||||||
return f"Docker Service-Connection {self.name}"
|
return f"Docker Service-Connection {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Docker Service-Connection")
|
verbose_name = _("Docker Service-Connection")
|
||||||
verbose_name_plural = _("Docker Service-Connections")
|
verbose_name_plural = _("Docker Service-Connections")
|
||||||
|
|
||||||
|
@ -218,10 +208,8 @@ class KubernetesServiceConnection(SerializerModel, OutpostServiceConnection):
|
||||||
|
|
||||||
kubeconfig = models.JSONField(
|
kubeconfig = models.JSONField(
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Paste your kubeconfig here. authentik will automatically use "
|
||||||
"Paste your kubeconfig here. authentik will automatically use "
|
"the currently selected context."
|
||||||
"the currently selected context."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
blank=True,
|
blank=True,
|
||||||
)
|
)
|
||||||
|
@ -243,7 +231,6 @@ class KubernetesServiceConnection(SerializerModel, OutpostServiceConnection):
|
||||||
return f"Kubernetes Service-Connection {self.name}"
|
return f"Kubernetes Service-Connection {self.name}"
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Kubernetes Service-Connection")
|
verbose_name = _("Kubernetes Service-Connection")
|
||||||
verbose_name_plural = _("Kubernetes Service-Connections")
|
verbose_name_plural = _("Kubernetes Service-Connections")
|
||||||
|
|
||||||
|
@ -261,10 +248,8 @@ class Outpost(SerializerModel, ManagedModel):
|
||||||
null=True,
|
null=True,
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Select Service-Connection authentik should use to manage this outpost. "
|
||||||
"Select Service-Connection authentik should use to manage this outpost. "
|
"Leave empty if authentik should not handle the deployment."
|
||||||
"Leave empty if authentik should not handle the deployment."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
on_delete=models.SET_DEFAULT,
|
on_delete=models.SET_DEFAULT,
|
||||||
)
|
)
|
||||||
|
@ -315,7 +300,7 @@ class Outpost(SerializerModel, ManagedModel):
|
||||||
if isinstance(model_or_perm, models.Model):
|
if isinstance(model_or_perm, models.Model):
|
||||||
model_or_perm: models.Model
|
model_or_perm: models.Model
|
||||||
code_name = (
|
code_name = (
|
||||||
f"{model_or_perm._meta.app_label}." f"view_{model_or_perm._meta.model_name}"
|
f"{model_or_perm._meta.app_label}.view_{model_or_perm._meta.model_name}"
|
||||||
)
|
)
|
||||||
try:
|
try:
|
||||||
assign_perm(code_name, user, model_or_perm)
|
assign_perm(code_name, user, model_or_perm)
|
||||||
|
|
|
@ -63,7 +63,6 @@ class PolicyBindingSerializer(ModelSerializer):
|
||||||
user_obj = UserSerializer(required=False, read_only=True, source="user")
|
user_obj = UserSerializer(required=False, read_only=True, source="user")
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = PolicyBinding
|
model = PolicyBinding
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
@ -109,7 +108,6 @@ class PolicyBindingFilter(FilterSet):
|
||||||
policy__isnull = BooleanFilter("policy", "isnull")
|
policy__isnull = BooleanFilter("policy", "isnull")
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = PolicyBinding
|
model = PolicyBinding
|
||||||
fields = ["policy", "policy__isnull", "target", "target_in", "enabled", "order", "timeout"]
|
fields = ["policy", "policy__isnull", "target", "target_in", "enabled", "order", "timeout"]
|
||||||
|
|
||||||
|
|
|
@ -56,7 +56,6 @@ class PolicySerializer(ModelSerializer, MetaNameSerializer):
|
||||||
return dict(instance.serializer(instance=instance, resolve_inheritance=False).data)
|
return dict(instance.serializer(instance=instance, resolve_inheritance=False).data)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
model = Policy
|
model = Policy
|
||||||
fields = [
|
fields = [
|
||||||
"pk",
|
"pk",
|
||||||
|
|
|
@ -5,7 +5,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_dummy", "0001_initial"),
|
("authentik_policies_dummy", "0001_initial"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -41,6 +41,5 @@ class DummyPolicy(Policy):
|
||||||
return PolicyResult(self.result, "dummy")
|
return PolicyResult(self.result, "dummy")
|
||||||
|
|
||||||
class Meta(Policy.PolicyMeta):
|
class Meta(Policy.PolicyMeta):
|
||||||
|
|
||||||
verbose_name = _("Dummy Policy")
|
verbose_name = _("Dummy Policy")
|
||||||
verbose_name_plural = _("Dummy Policies")
|
verbose_name_plural = _("Dummy Policies")
|
||||||
|
|
|
@ -80,13 +80,16 @@ class PolicyEngine:
|
||||||
|
|
||||||
def build(self) -> "PolicyEngine":
|
def build(self) -> "PolicyEngine":
|
||||||
"""Build wrapper which monitors performance"""
|
"""Build wrapper which monitors performance"""
|
||||||
with Hub.current.start_span(
|
with (
|
||||||
op="authentik.policy.engine.build",
|
Hub.current.start_span(
|
||||||
description=self.__pbm,
|
op="authentik.policy.engine.build",
|
||||||
) as span, HIST_POLICIES_BUILD_TIME.labels(
|
description=self.__pbm,
|
||||||
object_pk=str(self.__pbm.pk),
|
) as span,
|
||||||
object_type=f"{self.__pbm._meta.app_label}.{self.__pbm._meta.model_name}",
|
HIST_POLICIES_BUILD_TIME.labels(
|
||||||
).time():
|
object_pk=str(self.__pbm.pk),
|
||||||
|
object_type=f"{self.__pbm._meta.app_label}.{self.__pbm._meta.model_name}",
|
||||||
|
).time(),
|
||||||
|
):
|
||||||
span: Span
|
span: Span
|
||||||
span.set_data("pbm", self.__pbm)
|
span.set_data("pbm", self.__pbm)
|
||||||
span.set_data("request", self.request)
|
span.set_data("request", self.request)
|
||||||
|
|
|
@ -5,7 +5,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
("authentik_policies_event_matcher", "0001_initial"),
|
("authentik_policies_event_matcher", "0001_initial"),
|
||||||
("authentik_policies_event_matcher", "0002_auto_20201230_2046"),
|
("authentik_policies_event_matcher", "0002_auto_20201230_2046"),
|
||||||
|
@ -81,14 +80,20 @@ class Migration(migrations.Migration):
|
||||||
("update_available", "Update Available"),
|
("update_available", "Update Available"),
|
||||||
("custom_", "Custom Prefix"),
|
("custom_", "Custom Prefix"),
|
||||||
],
|
],
|
||||||
help_text="Match created events with this action type. When left empty, all action types will be matched.",
|
help_text=(
|
||||||
|
"Match created events with this action type. When left empty, all"
|
||||||
|
" action types will be matched."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
(
|
(
|
||||||
"client_ip",
|
"client_ip",
|
||||||
models.TextField(
|
models.TextField(
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text="Matches Event's Client IP (strict matching, for network matching use an Expression Policy)",
|
help_text=(
|
||||||
|
"Matches Event's Client IP (strict matching, for network matching use"
|
||||||
|
" an Expression Policy)"
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
(
|
(
|
||||||
|
@ -161,7 +166,10 @@ class Migration(migrations.Migration):
|
||||||
("authentik.blueprints", "authentik Blueprints"),
|
("authentik.blueprints", "authentik Blueprints"),
|
||||||
],
|
],
|
||||||
default="",
|
default="",
|
||||||
help_text="Match events created by selected application. When left empty, all applications are matched.",
|
help_text=(
|
||||||
|
"Match events created by selected application. When left empty, all"
|
||||||
|
" applications are matched."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
],
|
],
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_event_matcher", "0018_alter_eventmatcherpolicy_action"),
|
("authentik_policies_event_matcher", "0018_alter_eventmatcherpolicy_action"),
|
||||||
]
|
]
|
||||||
|
@ -73,7 +72,10 @@ class Migration(migrations.Migration):
|
||||||
("authentik.core", "authentik Core"),
|
("authentik.core", "authentik Core"),
|
||||||
],
|
],
|
||||||
default="",
|
default="",
|
||||||
help_text="Match events created by selected application. When left empty, all applications are matched.",
|
help_text=(
|
||||||
|
"Match events created by selected application. When left empty, all"
|
||||||
|
" applications are matched."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_event_matcher", "0019_alter_eventmatcherpolicy_app"),
|
("authentik_policies_event_matcher", "0019_alter_eventmatcherpolicy_app"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
(
|
(
|
||||||
"authentik_policies_event_matcher",
|
"authentik_policies_event_matcher",
|
||||||
|
@ -19,7 +18,10 @@ class Migration(migrations.Migration):
|
||||||
field=models.TextField(
|
field=models.TextField(
|
||||||
blank=True,
|
blank=True,
|
||||||
default="",
|
default="",
|
||||||
help_text="Match events created by selected application. When left empty, all applications are matched.",
|
help_text=(
|
||||||
|
"Match events created by selected application. When left empty, all"
|
||||||
|
" applications are matched."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
|
@ -26,29 +26,23 @@ class EventMatcherPolicy(Policy):
|
||||||
choices=EventAction.choices,
|
choices=EventAction.choices,
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Match created events with this action type. "
|
||||||
"Match created events with this action type. "
|
"When left empty, all action types will be matched."
|
||||||
"When left empty, all action types will be matched."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
app = models.TextField(
|
app = models.TextField(
|
||||||
blank=True,
|
blank=True,
|
||||||
default="",
|
default="",
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Match events created by selected application. "
|
||||||
"Match events created by selected application. "
|
"When left empty, all applications are matched."
|
||||||
"When left empty, all applications are matched."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
client_ip = models.TextField(
|
client_ip = models.TextField(
|
||||||
blank=True,
|
blank=True,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"Matches Event's Client IP (strict matching, "
|
||||||
"Matches Event's Client IP (strict matching, "
|
"for network matching use an Expression Policy)"
|
||||||
"for network matching use an Expression Policy)"
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -75,6 +69,5 @@ class EventMatcherPolicy(Policy):
|
||||||
return PolicyResult(False)
|
return PolicyResult(False)
|
||||||
|
|
||||||
class Meta(Policy.PolicyMeta):
|
class Meta(Policy.PolicyMeta):
|
||||||
|
|
||||||
verbose_name = _("Event Matcher Policy")
|
verbose_name = _("Event Matcher Policy")
|
||||||
verbose_name_plural = _("Event Matcher Policies")
|
verbose_name_plural = _("Event Matcher Policies")
|
||||||
|
|
|
@ -5,7 +5,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_expiry", "0001_initial"),
|
("authentik_policies_expiry", "0001_initial"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -42,7 +42,7 @@ class PasswordExpiryPolicy(Policy):
|
||||||
request.user.set_unusable_password()
|
request.user.set_unusable_password()
|
||||||
request.user.save()
|
request.user.save()
|
||||||
message = _(
|
message = _(
|
||||||
("Password expired %(days)d days ago. " "Please update your password.")
|
"Password expired %(days)d days ago. Please update your password."
|
||||||
% {"days": days_since_expiry}
|
% {"days": days_since_expiry}
|
||||||
)
|
)
|
||||||
return PolicyResult(False, message)
|
return PolicyResult(False, message)
|
||||||
|
@ -50,6 +50,5 @@ class PasswordExpiryPolicy(Policy):
|
||||||
return PolicyResult(True)
|
return PolicyResult(True)
|
||||||
|
|
||||||
class Meta(Policy.PolicyMeta):
|
class Meta(Policy.PolicyMeta):
|
||||||
|
|
||||||
verbose_name = _("Password Expiry Policy")
|
verbose_name = _("Password Expiry Policy")
|
||||||
verbose_name_plural = _("Password Expiry Policies")
|
verbose_name_plural = _("Password Expiry Policies")
|
||||||
|
|
|
@ -5,7 +5,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
|
|
@ -16,7 +16,6 @@ def remove_pb_flow_plan(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_expression", "0001_initial"),
|
("authentik_policies_expression", "0001_initial"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -18,7 +18,6 @@ def replace_pb_prefix(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_expression", "0002_auto_20200926_1156"),
|
("authentik_policies_expression", "0002_auto_20200926_1156"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_expression", "0003_auto_20201203_1223"),
|
("authentik_policies_expression", "0003_auto_20201203_1223"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -37,6 +37,5 @@ class ExpressionPolicy(Policy):
|
||||||
return super().save(*args, **kwargs)
|
return super().save(*args, **kwargs)
|
||||||
|
|
||||||
class Meta(Policy.PolicyMeta):
|
class Meta(Policy.PolicyMeta):
|
||||||
|
|
||||||
verbose_name = _("Expression Policy")
|
verbose_name = _("Expression Policy")
|
||||||
verbose_name_plural = _("Expression Policies")
|
verbose_name_plural = _("Expression Policies")
|
||||||
|
|
|
@ -7,7 +7,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = []
|
dependencies = []
|
||||||
|
|
|
@ -7,7 +7,6 @@ import authentik.lib.models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies", "0001_initial"),
|
("authentik_policies", "0001_initial"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -7,7 +7,6 @@ import authentik.lib.models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies", "0002_auto_20200528_1647"),
|
("authentik_policies", "0002_auto_20200528_1647"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies", "0003_auto_20200908_1542"),
|
("authentik_policies", "0003_auto_20200908_1542"),
|
||||||
]
|
]
|
||||||
|
@ -15,7 +14,10 @@ class Migration(migrations.Migration):
|
||||||
name="execution_logging",
|
name="execution_logging",
|
||||||
field=models.BooleanField(
|
field=models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.",
|
help_text=(
|
||||||
|
"When this option is enabled, all executions of this policy will be logged. By"
|
||||||
|
" default, only execution errors are logged."
|
||||||
|
),
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
|
@ -30,7 +30,6 @@ def migrate_from_groupmembership(apps: Apps, schema_editor: BaseDatabaseSchemaEd
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_core", "0017_managed"),
|
("authentik_core", "0017_managed"),
|
||||||
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
|
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies", "0005_binding_group"),
|
("authentik_policies", "0005_binding_group"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies", "0006_auto_20210329_1334"),
|
("authentik_policies", "0006_auto_20210329_1334"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies", "0007_policybindingmodel_policy_engine_mode"),
|
("authentik_policies", "0007_policybindingmodel_policy_engine_mode"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies", "0008_policybinding_authentik_p_policy__534e15_idx_and_more"),
|
("authentik_policies", "0008_policybinding_authentik_p_policy__534e15_idx_and_more"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -141,7 +141,6 @@ class PolicyBinding(SerializerModel):
|
||||||
return ""
|
return ""
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
||||||
verbose_name = _("Policy Binding")
|
verbose_name = _("Policy Binding")
|
||||||
verbose_name_plural = _("Policy Bindings")
|
verbose_name_plural = _("Policy Bindings")
|
||||||
unique_together = ("policy", "target", "order")
|
unique_together = ("policy", "target", "order")
|
||||||
|
@ -164,10 +163,8 @@ class Policy(SerializerModel, CreatedUpdatedModel):
|
||||||
execution_logging = models.BooleanField(
|
execution_logging = models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text=_(
|
help_text=_(
|
||||||
(
|
"When this option is enabled, all executions of this policy will be logged. "
|
||||||
"When this option is enabled, all executions of this policy will be logged. "
|
"By default, only execution errors are logged."
|
||||||
"By default, only execution errors are logged."
|
|
||||||
)
|
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_password", "0001_initial"),
|
("authentik_policies_password", "0001_initial"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_password", "0002_passwordpolicy_password_field"),
|
("authentik_policies_password", "0002_passwordpolicy_password_field"),
|
||||||
]
|
]
|
||||||
|
|
|
@ -4,7 +4,6 @@ from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_policies_password", "0003_passwordpolicy_amount_digits"),
|
("authentik_policies_password", "0003_passwordpolicy_amount_digits"),
|
||||||
]
|
]
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Reference in a new issue