events: set default admin group to receive default triggers

This commit is contained in:
Jens Langhammer 2021-01-12 23:06:42 +01:00
parent b6948334f2
commit b14c5039ed
2 changed files with 21 additions and 5 deletions

View file

@ -9,18 +9,23 @@ from authentik.events.models import EventAction
def notify_configuration_error(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): def notify_configuration_error(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias db_alias = schema_editor.connection.alias
Group = apps.get_model("authentik_core", "Group")
PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding") PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding")
EventMatcherPolicy = apps.get_model( EventMatcherPolicy = apps.get_model(
"authentik_policies_event_matcher", "EventMatcherPolicy" "authentik_policies_event_matcher", "EventMatcherPolicy"
) )
NotificationTrigger = apps.get_model("authentik_events", "NotificationTrigger") NotificationTrigger = apps.get_model("authentik_events", "NotificationTrigger")
admin_group = Group.objects.using(db_alias).filter(
name="authentik Admins", is_superuser=True
)
policy, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create( policy, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create(
name="default-match-configuration-error", name="default-match-configuration-error",
defaults={"action": EventAction.CONFIGURATION_ERROR}, defaults={"action": EventAction.CONFIGURATION_ERROR},
) )
trigger, _ = NotificationTrigger.objects.using(db_alias).update_or_create( trigger, _ = NotificationTrigger.objects.using(db_alias).update_or_create(
name="default-notify-configuration-error", name="default-notify-configuration-error", defaults={"trigger": admin_group}
) )
PolicyBinding.objects.using(db_alias).update_or_create( PolicyBinding.objects.using(db_alias).update_or_create(
target=trigger, target=trigger,
@ -33,18 +38,23 @@ def notify_configuration_error(apps: Apps, schema_editor: BaseDatabaseSchemaEdit
def notify_update(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): def notify_update(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias db_alias = schema_editor.connection.alias
Group = apps.get_model("authentik_core", "Group")
PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding") PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding")
EventMatcherPolicy = apps.get_model( EventMatcherPolicy = apps.get_model(
"authentik_policies_event_matcher", "EventMatcherPolicy" "authentik_policies_event_matcher", "EventMatcherPolicy"
) )
NotificationTrigger = apps.get_model("authentik_events", "NotificationTrigger") NotificationTrigger = apps.get_model("authentik_events", "NotificationTrigger")
admin_group = Group.objects.using(db_alias).filter(
name="authentik Admins", is_superuser=True
)
policy, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create( policy, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create(
name="default-match-update", name="default-match-update",
defaults={"action": EventAction.UPDATE_AVAILABLE}, defaults={"action": EventAction.UPDATE_AVAILABLE},
) )
trigger, _ = NotificationTrigger.objects.using(db_alias).update_or_create( trigger, _ = NotificationTrigger.objects.using(db_alias).update_or_create(
name="default-notify-update", name="default-notify-update", defaults={"trigger": admin_group}
) )
PolicyBinding.objects.using(db_alias).update_or_create( PolicyBinding.objects.using(db_alias).update_or_create(
target=trigger, target=trigger,
@ -57,12 +67,17 @@ def notify_update(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
def notify_exception(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): def notify_exception(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias db_alias = schema_editor.connection.alias
Group = apps.get_model("authentik_core", "Group")
PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding") PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding")
EventMatcherPolicy = apps.get_model( EventMatcherPolicy = apps.get_model(
"authentik_policies_event_matcher", "EventMatcherPolicy" "authentik_policies_event_matcher", "EventMatcherPolicy"
) )
NotificationTrigger = apps.get_model("authentik_events", "NotificationTrigger") NotificationTrigger = apps.get_model("authentik_events", "NotificationTrigger")
admin_group = Group.objects.using(db_alias).filter(
name="authentik Admins", is_superuser=True
)
policy_policy_exc, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create( policy_policy_exc, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create(
name="default-match-policy-exception", name="default-match-policy-exception",
defaults={"action": EventAction.POLICY_EXCEPTION}, defaults={"action": EventAction.POLICY_EXCEPTION},
@ -72,7 +87,7 @@ def notify_exception(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
defaults={"action": EventAction.PROPERTY_MAPPING_EXCEPTION}, defaults={"action": EventAction.PROPERTY_MAPPING_EXCEPTION},
) )
trigger, _ = NotificationTrigger.objects.using(db_alias).update_or_create( trigger, _ = NotificationTrigger.objects.using(db_alias).update_or_create(
name="default-notify-exception", name="default-notify-exception", defaults={"trigger": admin_group}
) )
PolicyBinding.objects.using(db_alias).update_or_create( PolicyBinding.objects.using(db_alias).update_or_create(
target=trigger, target=trigger,
@ -97,6 +112,7 @@ class Migration(migrations.Migration):
"authentik_events", "authentik_events",
"0010_notification_notificationtransport_notificationtrigger", "0010_notification_notificationtransport_notificationtrigger",
), ),
("authentik_core", "0016_auto_20201202_2234"),
("authentik_policies_event_matcher", "0003_auto_20210110_1907"), ("authentik_policies_event_matcher", "0003_auto_20210110_1907"),
("authentik_policies", "0004_policy_execution_logging"), ("authentik_policies", "0004_policy_execution_logging"),
] ]

View file

@ -1,6 +1,4 @@
"""authentik events signal listener""" """authentik events signal listener"""
from authentik.flows.planner import FlowPlan, PLAN_CONTEXT_SOURCE
from authentik.flows.views import SESSION_KEY_PLAN
from threading import Thread from threading import Thread
from typing import Any, Dict, Optional from typing import Any, Dict, Optional
@ -17,6 +15,8 @@ from authentik.core.models import User
from authentik.core.signals import password_changed from authentik.core.signals import password_changed
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
from authentik.events.tasks import event_notification_handler from authentik.events.tasks import event_notification_handler
from authentik.flows.planner import PLAN_CONTEXT_SOURCE, FlowPlan
from authentik.flows.views import SESSION_KEY_PLAN
from authentik.stages.invitation.models import Invitation from authentik.stages.invitation.models import Invitation
from authentik.stages.invitation.signals import invitation_used from authentik.stages.invitation.signals import invitation_used
from authentik.stages.user_write.signals import user_write from authentik.stages.user_write.signals import user_write