sources/*: only allow superusers to directly create source connections
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
42a9979d91
commit
3c8bbc2621
|
@ -3,7 +3,7 @@ from django_filters.rest_framework import DjangoFilterBackend
|
||||||
from rest_framework.filters import OrderingFilter, SearchFilter
|
from rest_framework.filters import OrderingFilter, SearchFilter
|
||||||
from rest_framework.viewsets import ModelViewSet
|
from rest_framework.viewsets import ModelViewSet
|
||||||
|
|
||||||
from authentik.api.authorization import OwnerFilter, OwnerPermissions
|
from authentik.api.authorization import OwnerFilter, OwnerSuperuserPermissions
|
||||||
from authentik.core.api.sources import SourceSerializer
|
from authentik.core.api.sources import SourceSerializer
|
||||||
from authentik.core.api.used_by import UsedByMixin
|
from authentik.core.api.used_by import UsedByMixin
|
||||||
from authentik.sources.oauth.models import UserOAuthSourceConnection
|
from authentik.sources.oauth.models import UserOAuthSourceConnection
|
||||||
|
@ -27,11 +27,6 @@ class UserOAuthSourceConnectionViewSet(UsedByMixin, ModelViewSet):
|
||||||
queryset = UserOAuthSourceConnection.objects.all()
|
queryset = UserOAuthSourceConnection.objects.all()
|
||||||
serializer_class = UserOAuthSourceConnectionSerializer
|
serializer_class = UserOAuthSourceConnectionSerializer
|
||||||
filterset_fields = ["source__slug"]
|
filterset_fields = ["source__slug"]
|
||||||
permission_classes = [OwnerPermissions]
|
permission_classes = [OwnerSuperuserPermissions]
|
||||||
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
|
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
|
||||||
ordering = ["source__slug"]
|
ordering = ["source__slug"]
|
||||||
|
|
||||||
def perform_create(self, serializer: UserOAuthSourceConnectionSerializer):
|
|
||||||
if not self.request.user.is_superuser:
|
|
||||||
return serializer.save()
|
|
||||||
return serializer.save(user=self.request.user)
|
|
||||||
|
|
|
@ -3,7 +3,7 @@ from django_filters.rest_framework import DjangoFilterBackend
|
||||||
from rest_framework.filters import OrderingFilter, SearchFilter
|
from rest_framework.filters import OrderingFilter, SearchFilter
|
||||||
from rest_framework.viewsets import ModelViewSet
|
from rest_framework.viewsets import ModelViewSet
|
||||||
|
|
||||||
from authentik.api.authorization import OwnerFilter, OwnerPermissions
|
from authentik.api.authorization import OwnerFilter, OwnerSuperuserPermissions
|
||||||
from authentik.core.api.sources import SourceSerializer
|
from authentik.core.api.sources import SourceSerializer
|
||||||
from authentik.core.api.used_by import UsedByMixin
|
from authentik.core.api.used_by import UsedByMixin
|
||||||
from authentik.sources.plex.models import PlexSourceConnection
|
from authentik.sources.plex.models import PlexSourceConnection
|
||||||
|
@ -32,11 +32,6 @@ class PlexSourceConnectionViewSet(UsedByMixin, ModelViewSet):
|
||||||
queryset = PlexSourceConnection.objects.all()
|
queryset = PlexSourceConnection.objects.all()
|
||||||
serializer_class = PlexSourceConnectionSerializer
|
serializer_class = PlexSourceConnectionSerializer
|
||||||
filterset_fields = ["source__slug"]
|
filterset_fields = ["source__slug"]
|
||||||
permission_classes = [OwnerPermissions]
|
permission_classes = [OwnerSuperuserPermissions]
|
||||||
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
|
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]
|
||||||
ordering = ["pk"]
|
ordering = ["pk"]
|
||||||
|
|
||||||
def perform_create(self, serializer: PlexSourceConnectionSerializer):
|
|
||||||
if not self.request.user.is_superuser:
|
|
||||||
return serializer.save()
|
|
||||||
return serializer.save(user=self.request.user)
|
|
||||||
|
|
Reference in a new issue