api: add OwnerFilter

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/api/authorization.py

@@ -1,9 +1,20 @@
 """API Authorization"""
 from django.db.models import Model
+from django.db.models.query import QuerySet
+from rest_framework.filters import BaseFilterBackend
 from rest_framework.permissions import BasePermission
 from rest_framework.request import Request
 
 
+class OwnerFilter(BaseFilterBackend):
+    """Filter objects by their owner"""
+
+    owner_key = "user"
+
+    def filter_queryset(self, request: Request, queryset: QuerySet, view) -> QuerySet:
+        return queryset.filter(**{self.owner_key: request.user})
+
+
 class OwnerPermissions(BasePermission):
     """Authorize requests by an object's owner matching the requesting user"""
 

swagger.yaml

@@ -18045,6 +18045,7 @@ definitions:
     required:
       - name
       - slug
+      - plex_token
     type: object
     properties:
       pk:

web/src/pages/sources/plex/PlexSourceForm.ts

@@ -46,7 +46,7 @@ export class PlexSourceForm extends ModelForm<PlexSource, string> {
     }
 
     send = (data: PlexSource): Promise<PlexSource> => {
-        data.plexToken = this.plexToken;
+        data.plexToken = this.plexToken || "";
         if (this.instance?.slug) {
             return new SourcesApi(DEFAULT_CONFIG).sourcesPlexUpdate({
                 slug: this.instance.slug,