*: fix api results when non-superuser

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-10 00:01:35 +02:00 · 2021-05-10 00:01:35 +02:00 · 1f1d322958
parent e4841ce1a4
commit 1f1d322958
7 changed files with 55 additions and 0 deletions
--- a/authentik/events/api/notification.py
+++ b/authentik/events/api/notification.py
@ -1,7 +1,9 @@
 """Notification API Views"""
+from django_filters.rest_framework import DjangoFilterBackend
 from guardian.utils import get_anonymous_user
 from rest_framework import mixins
 from rest_framework.fields import ReadOnlyField
+from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import GenericViewSet

@ -47,6 +49,11 @@ class NotificationViewSet(
        "event",
        "seen",
    ]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()
--- a/authentik/providers/oauth2/api/tokens.py
+++ b/authentik/providers/oauth2/api/tokens.py
@ -1,7 +1,9 @@
 """OAuth2Provider API Views"""
+from django_filters.rest_framework import DjangoFilterBackend
 from guardian.utils import get_anonymous_user
 from rest_framework import mixins
 from rest_framework.fields import CharField, ListField
+from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import GenericViewSet

@ -37,6 +39,11 @@ class AuthorizationCodeViewSet(
    serializer_class = ExpiringBaseGrantModelSerializer
    filterset_fields = ["user", "provider"]
    ordering = ["provider", "expires"]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()
@ -57,6 +64,11 @@ class RefreshTokenViewSet(
    serializer_class = ExpiringBaseGrantModelSerializer
    filterset_fields = ["user", "provider"]
    ordering = ["provider", "expires"]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()
--- a/authentik/sources/oauth/api/source_connection.py
+++ b/authentik/sources/oauth/api/source_connection.py
@ -1,5 +1,7 @@
 """OAuth Source Serializer"""
+from django_filters.rest_framework import DjangoFilterBackend
 from guardian.utils import get_anonymous_user
+from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.viewsets import ModelViewSet

 from authentik.core.api.sources import SourceSerializer
@ -25,6 +27,11 @@ class UserOAuthSourceConnectionViewSet(ModelViewSet):
    queryset = UserOAuthSourceConnection.objects.all()
    serializer_class = UserOAuthSourceConnectionSerializer
    filterset_fields = ["source__slug"]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()
--- a/authentik/stages/authenticator_static/api.py
+++ b/authentik/stages/authenticator_static/api.py
@ -1,6 +1,9 @@
 """AuthenticatorStaticStage API Views"""
+from django_filters import OrderingFilter
+from django_filters.rest_framework import DjangoFilterBackend
 from django_otp.plugins.otp_static.models import StaticDevice
 from guardian.utils import get_anonymous_user
+from rest_framework.filters import SearchFilter
 from rest_framework.permissions import IsAdminUser
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
@ -43,6 +46,11 @@ class StaticDeviceViewSet(ModelViewSet):
    search_fields = ["name"]
    filterset_fields = ["name"]
    ordering = ["name"]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()
--- a/authentik/stages/authenticator_totp/api.py
+++ b/authentik/stages/authenticator_totp/api.py
@ -1,6 +1,8 @@
 """AuthenticatorTOTPStage API Views"""
+from django_filters.rest_framework import DjangoFilterBackend
 from django_otp.plugins.otp_totp.models import TOTPDevice
 from guardian.utils import get_anonymous_user
+from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.permissions import IsAdminUser
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
@ -46,6 +48,11 @@ class TOTPDeviceViewSet(ModelViewSet):
    search_fields = ["name"]
    filterset_fields = ["name"]
    ordering = ["name"]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()
--- a/authentik/stages/authenticator_webauthn/api.py
+++ b/authentik/stages/authenticator_webauthn/api.py
@ -1,5 +1,7 @@
 """AuthenticateWebAuthnStage API Views"""
+from django_filters.rest_framework import DjangoFilterBackend
 from guardian.utils import get_anonymous_user
+from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.permissions import IsAdminUser
 from rest_framework.serializers import ModelSerializer
 from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
@ -45,6 +47,11 @@ class WebAuthnDeviceViewSet(ModelViewSet):
    search_fields = ["name"]
    filterset_fields = ["name"]
    ordering = ["name"]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()
--- a/authentik/stages/consent/api.py
+++ b/authentik/stages/consent/api.py
@ -1,6 +1,8 @@
 """ConsentStage API Views"""
+from django_filters.rest_framework import DjangoFilterBackend
 from guardian.utils import get_anonymous_user
 from rest_framework import mixins
+from rest_framework.filters import OrderingFilter, SearchFilter
 from rest_framework.viewsets import GenericViewSet, ModelViewSet

 from authentik.core.api.applications import ApplicationSerializer
@ -49,6 +51,11 @@ class UserConsentViewSet(
    serializer_class = UserConsentSerializer
    filterset_fields = ["user", "application"]
    ordering = ["application", "expires"]
+    filter_backends = [
+        DjangoFilterBackend,
+        OrderingFilter,
+        SearchFilter,
+    ]

    def get_queryset(self):
        user = self.request.user if self.request else get_anonymous_user()