diff --git a/authentik/policies/api.py b/authentik/policies/api.py index 2f271719a..703d4bf0f 100644 --- a/authentik/policies/api.py +++ b/authentik/policies/api.py @@ -59,15 +59,22 @@ class PolicySerializer(ModelSerializer, MetaNameSerializer): _resolve_inheritance: bool object_type = SerializerMethodField() + bound_to = SerializerMethodField() def __init__(self, *args, resolve_inheritance: bool = True, **kwargs): super().__init__(*args, **kwargs) self._resolve_inheritance = resolve_inheritance - def get_object_type(self, obj): + def get_object_type(self, obj: Policy) -> str: """Get object type so that we know which API Endpoint to use to get the full object""" return obj._meta.object_name.lower().replace("policy", "") + def get_bound_to(self, obj: Policy) -> int: + """Return objects policy is bound to""" + if not obj.bindings.exists() and not obj.promptstage_set.exists(): + return 0 + return obj.bindings.count() + def to_representation(self, instance: Policy): # pyright: reportGeneralTypeIssues=false if instance.__class__ == Policy or not self._resolve_inheritance: @@ -86,6 +93,7 @@ class PolicySerializer(ModelSerializer, MetaNameSerializer): "object_type", "verbose_name", "verbose_name_plural", + "bound_to", ] depth = 3 @@ -101,7 +109,9 @@ class PolicyViewSet(ReadOnlyModelViewSet): } def get_queryset(self): - return Policy.objects.select_subclasses() + return Policy.objects.select_subclasses().prefetch_related( + "bindings", "promptstage_set" + ) @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False) diff --git a/swagger.yaml b/swagger.yaml index ebd5de26e..99d8fb2fc 100755 --- a/swagger.yaml +++ b/swagger.yaml @@ -8853,6 +8853,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true TypeCreate: description: Types of an object that can be created type: object @@ -9254,6 +9258,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true result: title: Result type: boolean @@ -9297,6 +9305,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true action: title: Action description: Match created events with this action type. When left empty, @@ -9410,6 +9422,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true expression: title: Expression type: string @@ -9444,6 +9460,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true group: title: Group type: string @@ -9479,6 +9499,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true password_field: title: Password field description: Field key to check, field keys defined in Prompt stages are available. @@ -9521,6 +9545,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true password_field: title: Password field description: Field key to check, field keys defined in Prompt stages are available. @@ -9586,6 +9614,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true days: title: Days type: integer @@ -9624,6 +9656,10 @@ definitions: title: Verbose name plural type: string readOnly: true + bound_to: + title: Bound to + type: integer + readOnly: true check_ip: title: Check ip type: boolean