add ability to disable tenants api

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
Marc 'risson' Schmitt 2023-12-04 07:40:23 +01:00
parent c69bed8063
commit d28c58adca
No known key found for this signature in database
GPG Key ID: 9C3FA22FABF1AA8D
4 changed files with 22 additions and 8 deletions

View File

@ -110,7 +110,10 @@ geoip: "/geoip/GeoLite2-City.mmdb"
cert_discovery_dir: /certs
default_token_length: 60
tenant_management_key: ""
tenants:
api:
enabled: false
key: ""
blueprints_dir: /blueprints

View File

@ -23,10 +23,10 @@ class TenantManagementKeyPermission(permissions.BasePermission):
def has_permission(self, request: Request, view: View) -> bool:
token = validate_auth(get_authorization_header(request))
tenant_management_key = CONFIG.get("tenant_management_key")
if compare_digest("", tenant_management_key):
key = CONFIG.get("tenants.api.key")
if compare_digest("", key):
return False
return compare_digest(token, tenant_management_key)
return compare_digest(token, key)
class TenantSerializer(ModelSerializer):

View File

@ -1,10 +1,15 @@
"""API URLs"""
from django.urls import path
from authentik.lib.config import CONFIG
from authentik.tenants.api import SettingsView, TenantViewSet
api_urlpatterns = [
path("admin/settings/", SettingsView.as_view(), name="tenant_settings"),
]
if CONFIG.get_bool("tenants.api.enabled", False):
api_urlpatterns += [
(
"tenants",
TenantViewSet,

View File

@ -18,6 +18,12 @@ with open("local.env.yml", "w", encoding="utf-8") as _config:
"blueprints_dir": "./blueprints",
"cert_discovery_dir": "./certs",
"geoip": "tests/GeoLite2-City-Test.mmdb",
"tenants": {
"api": {
"enabled": True,
"key": generate_id(),
},
},
},
_config,
default_flow_style=False,