trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sources/*: only allow superusers to directly create source connections 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-12-06 12:22:40 +01:00
parent 42a9979d91
commit 3c8bbc2621
2 changed files with 4 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
authentik/sources/oauth/api/source_connection.py
View File

@ -3,7 +3,7 @@ from django_filters.rest_framework import DjangoFilterBackend
from rest_framework.filters import OrderingFilter, SearchFilter from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
from authentik.api.authorization import OwnerFilter, OwnerPermissions from authentik.api.authorization import OwnerFilter, OwnerSuperuserPermissions
from authentik.core.api.sources import SourceSerializer from authentik.core.api.sources import SourceSerializer
from authentik.core.api.used_by import UsedByMixin from authentik.core.api.used_by import UsedByMixin
from authentik.sources.oauth.models import UserOAuthSourceConnection from authentik.sources.oauth.models import UserOAuthSourceConnection
@ -27,11 +27,6 @@ class UserOAuthSourceConnectionViewSet(UsedByMixin, ModelViewSet):
queryset = UserOAuthSourceConnection.objects.all() queryset = UserOAuthSourceConnection.objects.all()
serializer_class = UserOAuthSourceConnectionSerializer serializer_class = UserOAuthSourceConnectionSerializer
filterset_fields = ["source__slug"] filterset_fields = ["source__slug"]
permission_classes = [OwnerPermissions] permission_classes = [OwnerSuperuserPermissions]
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter] filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
ordering = ["source__slug"] ordering = ["source__slug"]
def perform_create(self, serializer: UserOAuthSourceConnectionSerializer):
if not self.request.user.is_superuser:
return serializer.save()
return serializer.save(user=self.request.user)

9
authentik/sources/plex/api/source_connection.py
View File

@ -3,7 +3,7 @@ from django_filters.rest_framework import DjangoFilterBackend
from rest_framework.filters import OrderingFilter, SearchFilter from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
from authentik.api.authorization import OwnerFilter, OwnerPermissions from authentik.api.authorization import OwnerFilter, OwnerSuperuserPermissions
from authentik.core.api.sources import SourceSerializer from authentik.core.api.sources import SourceSerializer
from authentik.core.api.used_by import UsedByMixin from authentik.core.api.used_by import UsedByMixin
from authentik.sources.plex.models import PlexSourceConnection from authentik.sources.plex.models import PlexSourceConnection
@ -32,11 +32,6 @@ class PlexSourceConnectionViewSet(UsedByMixin, ModelViewSet):
queryset = PlexSourceConnection.objects.all() queryset = PlexSourceConnection.objects.all()
serializer_class = PlexSourceConnectionSerializer serializer_class = PlexSourceConnectionSerializer
filterset_fields = ["source__slug"] filterset_fields = ["source__slug"]
permission_classes = [OwnerPermissions] permission_classes = [OwnerSuperuserPermissions]
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter] filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
ordering = ["pk"] ordering = ["pk"]
def perform_create(self, serializer: PlexSourceConnectionSerializer):
if not self.request.user.is_superuser:
return serializer.save()
return serializer.save(user=self.request.user)