providers/oauth2: migrate scope mapping to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
parent
656fe00302
commit
6a69425688
|
|
@ -1,13 +1,7 @@
|
|||
"""authentik URL Configuration"""
|
||||
from django.urls import path
|
||||
|
||||
from authentik.admin.views import (
|
||||
policies,
|
||||
property_mappings,
|
||||
providers,
|
||||
sources,
|
||||
stages,
|
||||
)
|
||||
from authentik.admin.views import policies, providers, sources, stages
|
||||
from authentik.providers.saml.views.metadata import MetadataImportView
|
||||
|
||||
urlpatterns = [
|
||||
|
|
@ -48,15 +42,4 @@ urlpatterns = [
|
|||
stages.StageUpdateView.as_view(),
|
||||
name="stage-update",
|
||||
),
|
||||
# Property Mappings
|
||||
path(
|
||||
"property-mappings/create/",
|
||||
property_mappings.PropertyMappingCreateView.as_view(),
|
||||
name="property-mapping-create",
|
||||
),
|
||||
path(
|
||||
"property-mappings/<uuid:pk>/update/",
|
||||
property_mappings.PropertyMappingUpdateView.as_view(),
|
||||
name="property-mapping-update",
|
||||
),
|
||||
]
|
||||
|
|
|
|||
|
|
@ -1,41 +0,0 @@
|
|||
"""authentik PropertyMapping administration"""
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
from django.contrib.auth.mixins import (
|
||||
PermissionRequiredMixin as DjangoPermissionRequiredMixin,
|
||||
)
|
||||
from django.contrib.messages.views import SuccessMessageMixin
|
||||
from django.utils.translation import gettext as _
|
||||
from guardian.mixins import PermissionRequiredMixin
|
||||
|
||||
from authentik.admin.views.utils import InheritanceCreateView, InheritanceUpdateView
|
||||
from authentik.core.models import PropertyMapping
|
||||
|
||||
|
||||
class PropertyMappingCreateView(
|
||||
SuccessMessageMixin,
|
||||
LoginRequiredMixin,
|
||||
DjangoPermissionRequiredMixin,
|
||||
InheritanceCreateView,
|
||||
):
|
||||
"""Create new PropertyMapping"""
|
||||
|
||||
model = PropertyMapping
|
||||
permission_required = "authentik_core.add_propertymapping"
|
||||
success_url = "/"
|
||||
template_name = "generic/create.html"
|
||||
success_message = _("Successfully created Property Mapping")
|
||||
|
||||
|
||||
class PropertyMappingUpdateView(
|
||||
SuccessMessageMixin,
|
||||
LoginRequiredMixin,
|
||||
PermissionRequiredMixin,
|
||||
InheritanceUpdateView,
|
||||
):
|
||||
"""Update property_mapping"""
|
||||
|
||||
model = PropertyMapping
|
||||
permission_required = "authentik_core.change_propertymapping"
|
||||
success_url = "/"
|
||||
template_name = "generic/update.html"
|
||||
success_message = _("Successfully updated Property Mapping")
|
||||
|
|
@ -35,18 +35,12 @@ class PropertyMappingTestResultSerializer(PassiveSerializer):
|
|||
class PropertyMappingSerializer(ModelSerializer, MetaNameSerializer):
|
||||
"""PropertyMapping Serializer"""
|
||||
|
||||
object_type = SerializerMethodField(method_name="get_type")
|
||||
object_type = SerializerMethodField()
|
||||
|
||||
def get_type(self, obj):
|
||||
def get_object_type(self, obj: PropertyMapping) -> str:
|
||||
"""Get object type so that we know which API Endpoint to use to get the full object"""
|
||||
return obj._meta.object_name.lower().replace("propertymapping", "")
|
||||
|
||||
def to_representation(self, instance: PropertyMapping):
|
||||
# pyright: reportGeneralTypeIssues=false
|
||||
if instance.__class__ == PropertyMapping:
|
||||
return super().to_representation(instance)
|
||||
return instance.serializer(instance=instance).data
|
||||
|
||||
class Meta:
|
||||
|
||||
model = PropertyMapping
|
||||
|
|
@ -89,8 +83,7 @@ class PropertyMappingViewSet(
|
|||
{
|
||||
"name": verbose_name(subclass),
|
||||
"description": subclass.__doc__,
|
||||
"link": reverse("authentik_admin:property-mapping-create")
|
||||
+ f"?type={subclass.__name__}",
|
||||
"link": subclass.component,
|
||||
}
|
||||
)
|
||||
return Response(TypeCreateSerializer(data, many=True).data)
|
||||
|
|
|
|||
|
|
@ -382,8 +382,8 @@ class PropertyMapping(SerializerModel, ManagedModel):
|
|||
objects = InheritanceManager()
|
||||
|
||||
@property
|
||||
def form(self) -> Type[ModelForm]:
|
||||
"""Return Form class used to edit this object"""
|
||||
def component(self) -> str:
|
||||
"""Return component used to edit this object"""
|
||||
raise NotImplementedError
|
||||
|
||||
@property
|
||||
|
|
|
|||
|
|
@ -112,10 +112,8 @@ class ScopeMapping(PropertyMapping):
|
|||
)
|
||||
|
||||
@property
|
||||
def form(self) -> Type[ModelForm]:
|
||||
from authentik.providers.oauth2.forms import ScopeMappingForm
|
||||
|
||||
return ScopeMappingForm
|
||||
def component(self) -> str:
|
||||
return "ak-service-connection-docker-form"
|
||||
|
||||
@property
|
||||
def serializer(self) -> Type[Serializer]:
|
||||
|
|
|
|||
|
|
@ -1,14 +0,0 @@
|
|||
{% extends "generic/form.html" %}
|
||||
|
||||
{% load i18n %}
|
||||
|
||||
{% block beneath_form %}
|
||||
<div class="pf-c-form__group ">
|
||||
<label for="" class="pf-c-form__label"></label>
|
||||
<div class="c-form__horizontal-group">
|
||||
<p>
|
||||
Expression using Python. See <a href="https://goauthentik.io/docs/property-mappings/expression/">here</a> for a list of all variables.
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
|
@ -8,10 +8,6 @@ export class AdminURLManager {
|
|||
return `/administration/providers/${rest}`;
|
||||
}
|
||||
|
||||
static propertyMappings(rest: string): string {
|
||||
return `/administration/property-mappings/${rest}`;
|
||||
}
|
||||
|
||||
static stages(rest: string): string {
|
||||
return `/administration/stages/${rest}`;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,13 +8,16 @@ import "../../elements/buttons/Dropdown";
|
|||
import "../../elements/buttons/SpinnerButton";
|
||||
import "../../elements/forms/DeleteForm";
|
||||
import "../../elements/forms/ModalForm";
|
||||
import "../../elements/forms/ProxyForm";
|
||||
import "./PropertyMappingTestForm";
|
||||
import "./PropertyMappingScopeForm";
|
||||
import "./PropertyMappingLDAPForm";
|
||||
import { TableColumn } from "../../elements/table/Table";
|
||||
import { until } from "lit-html/directives/until";
|
||||
import { PAGE_SIZE } from "../../constants";
|
||||
import { PropertyMapping, PropertymappingsApi } from "authentik-api";
|
||||
import { DEFAULT_CONFIG } from "../../api/Config";
|
||||
import { AdminURLManager } from "../../api/legacy";
|
||||
import { ifDefined } from "lit-html/directives/if-defined";
|
||||
|
||||
@customElement("ak-property-mapping-list")
|
||||
export class PropertyMappingListPage extends TablePage<PropertyMapping> {
|
||||
|
|
@ -60,12 +63,28 @@ export class PropertyMappingListPage extends TablePage<PropertyMapping> {
|
|||
html`${item.name}`,
|
||||
html`${item.verboseName}`,
|
||||
html`
|
||||
<ak-modal-button href="${AdminURLManager.propertyMappings(`${item.pk}/update/`)}">
|
||||
<ak-spinner-button slot="trigger" class="pf-m-secondary">
|
||||
<ak-forms-modal>
|
||||
<span slot="submit">
|
||||
${gettext("Update")}
|
||||
</span>
|
||||
<span slot="header">
|
||||
${gettext(`Update ${item.verboseName}`)}
|
||||
</span>
|
||||
<ak-proxy-form
|
||||
slot="form"
|
||||
.args=${{
|
||||
"mappingUUID": item.pk
|
||||
}}
|
||||
type=${ifDefined(item.objectType)}
|
||||
.typeMap=${{
|
||||
"scopemapping": "ak-property-mapping-scope-form",
|
||||
"ldap": "ak-property-mapping-ldap-form",
|
||||
}}>
|
||||
</ak-proxy-form>
|
||||
<button slot="trigger" class="pf-c-button pf-m-secondary">
|
||||
${gettext("Edit")}
|
||||
</ak-spinner-button>
|
||||
<div slot="modal"></div>
|
||||
</ak-modal-button>
|
||||
</button>
|
||||
</ak-forms-modal>
|
||||
<ak-forms-modal .closeAfterSuccessfulSubmit=${false}>
|
||||
<span slot="submit">
|
||||
${gettext("Test")}
|
||||
|
|
@ -105,12 +124,22 @@ export class PropertyMappingListPage extends TablePage<PropertyMapping> {
|
|||
${until(new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsAllTypes({}).then((types) => {
|
||||
return types.map((type) => {
|
||||
return html`<li>
|
||||
<ak-modal-button href="${type.link}">
|
||||
<button slot="trigger" class="pf-c-dropdown__menu-item">${type.name}<br>
|
||||
<ak-forms-modal>
|
||||
<span slot="submit">
|
||||
${gettext("Create")}
|
||||
</span>
|
||||
<span slot="header">
|
||||
${gettext(`Create ${type.name}`)}
|
||||
</span>
|
||||
<ak-proxy-form
|
||||
slot="form"
|
||||
type=${type.link}>
|
||||
</ak-proxy-form>
|
||||
<button slot="trigger" class="pf-c-dropdown__menu-item">
|
||||
${type.name}<br>
|
||||
<small>${type.description}</small>
|
||||
</button>
|
||||
<div slot="modal"></div>
|
||||
</ak-modal-button>
|
||||
</ak-forms-modal>
|
||||
</li>`;
|
||||
});
|
||||
}), html`<ak-spinner></ak-spinner>`)}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,79 @@
|
|||
import { ScopeMapping, PropertymappingsApi } from "authentik-api";
|
||||
import { gettext } from "django";
|
||||
import { customElement, property } from "lit-element";
|
||||
import { html, TemplateResult } from "lit-html";
|
||||
import { DEFAULT_CONFIG } from "../../api/Config";
|
||||
import { Form } from "../../elements/forms/Form";
|
||||
import { ifDefined } from "lit-html/directives/if-defined";
|
||||
import "../../elements/forms/HorizontalFormElement";
|
||||
|
||||
@customElement("ak-property-mapping-scope-form")
|
||||
export class PropertyMappingScopeForm extends Form<ScopeMapping> {
|
||||
|
||||
set mappingUUID(value: string) {
|
||||
new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeRead({
|
||||
pmUuid: value,
|
||||
}).then(mapping => {
|
||||
this.mapping = mapping;
|
||||
});
|
||||
}
|
||||
|
||||
@property({attribute: false})
|
||||
mapping?: ScopeMapping;
|
||||
|
||||
getSuccessMessage(): string {
|
||||
if (this.mapping) {
|
||||
return gettext("Successfully updated mapping.");
|
||||
} else {
|
||||
return gettext("Successfully created mapping.");
|
||||
}
|
||||
}
|
||||
|
||||
send = (data: ScopeMapping): Promise<ScopeMapping> => {
|
||||
if (this.mapping) {
|
||||
return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeUpdate({
|
||||
pmUuid: this.mapping.pk || "",
|
||||
data: data
|
||||
});
|
||||
} else {
|
||||
return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeCreate({
|
||||
data: data
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
renderForm(): TemplateResult {
|
||||
return html`<form class="pf-c-form pf-m-horizontal">
|
||||
<ak-form-element-horizontal
|
||||
label=${gettext("Name")}
|
||||
?required=${true}
|
||||
name="name">
|
||||
<input type="text" value="${ifDefined(this.mapping?.name)}" class="pf-c-form-control" required>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${gettext("Scope name")}
|
||||
?required=${true}
|
||||
name="scopeName">
|
||||
<input type="text" value="${ifDefined(this.mapping?.scopeName)}" class="pf-c-form-control" required>
|
||||
<p class="pf-c-form__helper-text">${gettext("Scope which the client can specify to access these properties.")}</p>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${gettext("Description")}
|
||||
?required=${true}
|
||||
name="description">
|
||||
<input type="text" value="${ifDefined(this.mapping?.description)}" class="pf-c-form-control" required>
|
||||
<p class="pf-c-form__helper-text">${gettext("Description shown to the user when consenting. If left empty, the user won't be informed.")}</p>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${gettext("Expression")}
|
||||
name="expression">
|
||||
<ak-codemirror mode="python" value="${this.mapping?.expression}">
|
||||
</ak-codemirror>
|
||||
<p class="pf-c-form__helper-text">
|
||||
Expression using Python. See <a href="https://goauthentik.io/docs/property-mappings/expression/">here</a> for a list of all variables.
|
||||
</p>
|
||||
</ak-form-element-horizontal>
|
||||
</form>`;
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue