From 4865864d97fa4279de886ea64e6b4f8ec353a7d4 Mon Sep 17 00:00:00 2001 From: Sean Dion Date: Thu, 26 Oct 2023 12:39:35 -0500 Subject: [PATCH] Update index.md Replace user.ak_groups.all() with user.all_groups per 2023.8 release notes in Admin Group Update Expression in Admin group to only pass groups that start with 'NC-' to NextCloud. Add verbiage around naming for admin group. Signed-off-by: Sean Dion --- website/integrations/services/nextcloud/index.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/website/integrations/services/nextcloud/index.md b/website/integrations/services/nextcloud/index.md index d052f8ca7..e5dd47784 100644 --- a/website/integrations/services/nextcloud/index.md +++ b/website/integrations/services/nextcloud/index.md @@ -98,13 +98,14 @@ To give authentik users admin access to your Nextcloud instance, you need to cre Create a custom SAML Property Mapping: - Set the _SAML Attribute Name_ to `http://schemas.xmlsoap.org/claims/Group`. -- Set the _Expression_ to: +- Set group names that you want to passthrough to start with 'NC-' +- Set the admin group to 'NC-Admin' +- Set the _Expression_ to (the 'NC-' will be removed before sending to Nextcloud): ```python -for group in user.ak_groups.all(): - yield group.name -if ak_is_group_member(request.user, name=""): - yield "admin" +groups = [group.name for group in user.all_groups() if group.name.startswith("NC-")] +for group in groups: + yield group[3:] ``` Then, edit the Nextcloud SAML Provider, and replace the default Groups mapping with the one you've created above.