events: add ability to create events via API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
4ec5df6b12
commit
60c3cf890a
|
@ -6,11 +6,11 @@ from drf_spectacular.types import OpenApiTypes
|
|||
from drf_spectacular.utils import OpenApiParameter, extend_schema
|
||||
from guardian.shortcuts import get_objects_for_user
|
||||
from rest_framework.decorators import action
|
||||
from rest_framework.fields import CharField, DictField, IntegerField
|
||||
from rest_framework.fields import DictField, IntegerField
|
||||
from rest_framework.request import Request
|
||||
from rest_framework.response import Response
|
||||
from rest_framework.serializers import ModelSerializer
|
||||
from rest_framework.viewsets import ReadOnlyModelViewSet
|
||||
from rest_framework.viewsets import ModelViewSet
|
||||
|
||||
from authentik.core.api.utils import PassiveSerializer, TypeCreateSerializer
|
||||
from authentik.events.models import Event, EventAction
|
||||
|
@ -19,11 +19,6 @@ from authentik.events.models import Event, EventAction
|
|||
class EventSerializer(ModelSerializer):
|
||||
"""Event Serializer"""
|
||||
|
||||
# Since we only use this serializer for read-only operations,
|
||||
# no checking of the action is done here.
|
||||
# This allows clients to check wildcards, prefixes and custom types
|
||||
action = CharField()
|
||||
|
||||
class Meta:
|
||||
|
||||
model = Event
|
||||
|
@ -96,7 +91,7 @@ class EventsFilter(django_filters.FilterSet):
|
|||
fields = ["action", "client_ip", "username"]
|
||||
|
||||
|
||||
class EventViewSet(ReadOnlyModelViewSet):
|
||||
class EventViewSet(ModelViewSet):
|
||||
"""Event Read-Only Viewset"""
|
||||
|
||||
queryset = Event.objects.all()
|
||||
|
|
|
@ -405,7 +405,10 @@ class Outpost(models.Model):
|
|||
|
||||
def get_required_objects(self) -> Iterable[Union[models.Model, str]]:
|
||||
"""Get an iterator of all objects the user needs read access to"""
|
||||
objects: list[Union[models.Model, str]] = [self]
|
||||
objects: list[Union[models.Model, str]] = [
|
||||
self,
|
||||
"authentik_events.add_event",
|
||||
]
|
||||
for provider in (
|
||||
Provider.objects.filter(outpost=self).select_related().select_subclasses()
|
||||
):
|
||||
|
|
|
@ -153,6 +153,7 @@ SPECTACULAR_SETTINGS = {
|
|||
"url": "https://github.com/goauthentik/authentik/blob/master/LICENSE",
|
||||
},
|
||||
"ENUM_NAME_OVERRIDES": {
|
||||
"EventActions": "authentik.events.models.EventAction",
|
||||
"ChallengeChoices": "authentik.flows.challenge.ChallengeTypes",
|
||||
"FlowDesignationEnum": "authentik.flows.models.FlowDesignation",
|
||||
"PolicyEngineMode": "authentik.policies.models.PolicyEngineMode",
|
||||
|
|
220
schema.yml
220
schema.yml
|
@ -3572,6 +3572,37 @@ paths:
|
|||
$ref: '#/components/schemas/ValidationError'
|
||||
'403':
|
||||
$ref: '#/components/schemas/GenericError'
|
||||
post:
|
||||
operationId: events_events_create
|
||||
description: Event Read-Only Viewset
|
||||
tags:
|
||||
- events
|
||||
requestBody:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/EventRequest'
|
||||
application/x-www-form-urlencoded:
|
||||
schema:
|
||||
$ref: '#/components/schemas/EventRequest'
|
||||
multipart/form-data:
|
||||
schema:
|
||||
$ref: '#/components/schemas/EventRequest'
|
||||
required: true
|
||||
security:
|
||||
- authentik: []
|
||||
- cookieAuth: []
|
||||
responses:
|
||||
'201':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/Event'
|
||||
description: ''
|
||||
'400':
|
||||
$ref: '#/components/schemas/ValidationError'
|
||||
'403':
|
||||
$ref: '#/components/schemas/GenericError'
|
||||
/api/v2beta/events/events/{event_uuid}/:
|
||||
get:
|
||||
operationId: events_events_retrieve
|
||||
|
@ -3600,6 +3631,106 @@ paths:
|
|||
$ref: '#/components/schemas/ValidationError'
|
||||
'403':
|
||||
$ref: '#/components/schemas/GenericError'
|
||||
put:
|
||||
operationId: events_events_update
|
||||
description: Event Read-Only Viewset
|
||||
parameters:
|
||||
- in: path
|
||||
name: event_uuid
|
||||
schema:
|
||||
type: string
|
||||
format: uuid
|
||||
description: A UUID string identifying this Event.
|
||||
required: true
|
||||
tags:
|
||||
- events
|
||||
requestBody:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/EventRequest'
|
||||
application/x-www-form-urlencoded:
|
||||
schema:
|
||||
$ref: '#/components/schemas/EventRequest'
|
||||
multipart/form-data:
|
||||
schema:
|
||||
$ref: '#/components/schemas/EventRequest'
|
||||
required: true
|
||||
security:
|
||||
- authentik: []
|
||||
- cookieAuth: []
|
||||
responses:
|
||||
'200':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/Event'
|
||||
description: ''
|
||||
'400':
|
||||
$ref: '#/components/schemas/ValidationError'
|
||||
'403':
|
||||
$ref: '#/components/schemas/GenericError'
|
||||
patch:
|
||||
operationId: events_events_partial_update
|
||||
description: Event Read-Only Viewset
|
||||
parameters:
|
||||
- in: path
|
||||
name: event_uuid
|
||||
schema:
|
||||
type: string
|
||||
format: uuid
|
||||
description: A UUID string identifying this Event.
|
||||
required: true
|
||||
tags:
|
||||
- events
|
||||
requestBody:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/PatchedEventRequest'
|
||||
application/x-www-form-urlencoded:
|
||||
schema:
|
||||
$ref: '#/components/schemas/PatchedEventRequest'
|
||||
multipart/form-data:
|
||||
schema:
|
||||
$ref: '#/components/schemas/PatchedEventRequest'
|
||||
security:
|
||||
- authentik: []
|
||||
- cookieAuth: []
|
||||
responses:
|
||||
'200':
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: '#/components/schemas/Event'
|
||||
description: ''
|
||||
'400':
|
||||
$ref: '#/components/schemas/ValidationError'
|
||||
'403':
|
||||
$ref: '#/components/schemas/GenericError'
|
||||
delete:
|
||||
operationId: events_events_destroy
|
||||
description: Event Read-Only Viewset
|
||||
parameters:
|
||||
- in: path
|
||||
name: event_uuid
|
||||
schema:
|
||||
type: string
|
||||
format: uuid
|
||||
description: A UUID string identifying this Event.
|
||||
required: true
|
||||
tags:
|
||||
- events
|
||||
security:
|
||||
- authentik: []
|
||||
- cookieAuth: []
|
||||
responses:
|
||||
'204':
|
||||
description: No response body
|
||||
'400':
|
||||
$ref: '#/components/schemas/ValidationError'
|
||||
'403':
|
||||
$ref: '#/components/schemas/GenericError'
|
||||
/api/v2beta/events/events/actions/:
|
||||
get:
|
||||
operationId: events_events_actions_list
|
||||
|
@ -19242,7 +19373,7 @@ components:
|
|||
type: object
|
||||
additionalProperties: {}
|
||||
action:
|
||||
type: string
|
||||
$ref: '#/components/schemas/EventActions'
|
||||
app:
|
||||
type: string
|
||||
context:
|
||||
|
@ -19266,6 +19397,34 @@ components:
|
|||
- app
|
||||
- created
|
||||
- pk
|
||||
EventActions:
|
||||
enum:
|
||||
- login
|
||||
- login_failed
|
||||
- logout
|
||||
- user_write
|
||||
- suspicious_request
|
||||
- password_set
|
||||
- secret_view
|
||||
- invitation_used
|
||||
- authorize_application
|
||||
- source_linked
|
||||
- impersonation_started
|
||||
- impersonation_ended
|
||||
- policy_execution
|
||||
- policy_exception
|
||||
- property_mapping_exception
|
||||
- system_task_execution
|
||||
- system_task_exception
|
||||
- system_exception
|
||||
- configuration_error
|
||||
- model_created
|
||||
- model_updated
|
||||
- model_deleted
|
||||
- email_sent
|
||||
- update_available
|
||||
- custom_
|
||||
type: string
|
||||
EventMatcherPolicy:
|
||||
type: object
|
||||
description: Event Matcher Policy Serializer
|
||||
|
@ -19296,7 +19455,7 @@ components:
|
|||
readOnly: true
|
||||
action:
|
||||
allOf:
|
||||
- $ref: '#/components/schemas/EventMatcherPolicyActionEnum'
|
||||
- $ref: '#/components/schemas/EventActions'
|
||||
description: Match created events with this action type. When left empty,
|
||||
all action types will be matched.
|
||||
client_ip:
|
||||
|
@ -19314,34 +19473,6 @@ components:
|
|||
- pk
|
||||
- verbose_name
|
||||
- verbose_name_plural
|
||||
EventMatcherPolicyActionEnum:
|
||||
enum:
|
||||
- login
|
||||
- login_failed
|
||||
- logout
|
||||
- user_write
|
||||
- suspicious_request
|
||||
- password_set
|
||||
- secret_view
|
||||
- invitation_used
|
||||
- authorize_application
|
||||
- source_linked
|
||||
- impersonation_started
|
||||
- impersonation_ended
|
||||
- policy_execution
|
||||
- policy_exception
|
||||
- property_mapping_exception
|
||||
- system_task_execution
|
||||
- system_task_exception
|
||||
- system_exception
|
||||
- configuration_error
|
||||
- model_created
|
||||
- model_updated
|
||||
- model_deleted
|
||||
- email_sent
|
||||
- update_available
|
||||
- custom_
|
||||
type: string
|
||||
EventMatcherPolicyRequest:
|
||||
type: object
|
||||
description: Event Matcher Policy Serializer
|
||||
|
@ -19355,7 +19486,7 @@ components:
|
|||
will be logged. By default, only execution errors are logged.
|
||||
action:
|
||||
allOf:
|
||||
- $ref: '#/components/schemas/EventMatcherPolicyActionEnum'
|
||||
- $ref: '#/components/schemas/EventActions'
|
||||
description: Match created events with this action type. When left empty,
|
||||
all action types will be matched.
|
||||
client_ip:
|
||||
|
@ -19375,7 +19506,7 @@ components:
|
|||
type: object
|
||||
additionalProperties: {}
|
||||
action:
|
||||
type: string
|
||||
$ref: '#/components/schemas/EventActions'
|
||||
app:
|
||||
type: string
|
||||
context:
|
||||
|
@ -24429,7 +24560,7 @@ components:
|
|||
will be logged. By default, only execution errors are logged.
|
||||
action:
|
||||
allOf:
|
||||
- $ref: '#/components/schemas/EventMatcherPolicyActionEnum'
|
||||
- $ref: '#/components/schemas/EventActions'
|
||||
description: Match created events with this action type. When left empty,
|
||||
all action types will be matched.
|
||||
client_ip:
|
||||
|
@ -24441,6 +24572,29 @@ components:
|
|||
- $ref: '#/components/schemas/AppEnum'
|
||||
description: Match events created by selected application. When left empty,
|
||||
all applications are matched.
|
||||
PatchedEventRequest:
|
||||
type: object
|
||||
description: Event Serializer
|
||||
properties:
|
||||
user:
|
||||
type: object
|
||||
additionalProperties: {}
|
||||
action:
|
||||
$ref: '#/components/schemas/EventActions'
|
||||
app:
|
||||
type: string
|
||||
context:
|
||||
type: object
|
||||
additionalProperties: {}
|
||||
client_ip:
|
||||
type: string
|
||||
nullable: true
|
||||
expires:
|
||||
type: string
|
||||
format: date-time
|
||||
tenant:
|
||||
type: object
|
||||
additionalProperties: {}
|
||||
PatchedExpressionPolicyRequest:
|
||||
type: object
|
||||
description: Group Membership Policy Serializer
|
||||
|
|
Reference in New Issue