events: add user filter to notifications

as superuser all notifications are returned regardless of permission so we need to filter

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-05-14 22:31:13 +02:00
parent c64a99345b
commit eb4dce91c3
11 changed files with 50 additions and 34 deletions

View file

@ -22,11 +22,11 @@ from authentik.core.api.sources import SourceViewSet, UserSourceConnectionViewSe
from authentik.core.api.tokens import TokenViewSet
from authentik.core.api.users import UserViewSet
from authentik.crypto.api import CertificateKeyPairViewSet
from authentik.events.api.event import EventViewSet
from authentik.events.api.notification import NotificationViewSet
from authentik.events.api.notification_mapping import NotificationWebhookMappingViewSet
from authentik.events.api.notification_rule import NotificationRuleViewSet
from authentik.events.api.notification_transport import NotificationTransportViewSet
from authentik.events.api.events import EventViewSet
from authentik.events.api.notification_mappings import NotificationWebhookMappingViewSet
from authentik.events.api.notification_rules import NotificationRuleViewSet
from authentik.events.api.notification_transports import NotificationTransportViewSet
from authentik.events.api.notifications import NotificationViewSet
from authentik.flows.api.bindings import FlowStageBindingViewSet
from authentik.flows.api.flows import FlowViewSet
from authentik.flows.api.stages import StageViewSet

View file

@ -13,7 +13,7 @@ from rest_framework.viewsets import GenericViewSet
from authentik.api.authorization import OwnerFilter, OwnerPermissions
from authentik.core.api.used_by import UsedByMixin
from authentik.events.api.event import EventSerializer
from authentik.events.api.events import EventSerializer
from authentik.events.models import Notification
@ -55,6 +55,7 @@ class NotificationViewSet(
"created",
"event",
"seen",
"user",
]
permission_classes = [OwnerPermissions]
filter_backends = [OwnerFilter, DjangoFilterBackend, OrderingFilter, SearchFilter]

View file

@ -518,7 +518,7 @@ class NotificationWebhookMapping(PropertyMapping):
@property
def serializer(self) -> type["Serializer"]:
from authentik.events.api.notification_mapping import NotificationWebhookMappingSerializer
from authentik.events.api.notification_mappings import NotificationWebhookMappingSerializer
return NotificationWebhookMappingSerializer

View file

@ -4070,6 +4070,10 @@ paths:
- alert
- notice
- warning
- in: query
name: user
schema:
type: integer
tags:
- events
security:

View file

@ -13,6 +13,7 @@ import { EventsApi } from "@goauthentik/api";
import { DEFAULT_CONFIG, tenant } from "../api/Config";
import { currentInterface } from "../api/Sentry";
import { me } from "../api/Users";
import {
EVENT_API_DRAWER_TOGGLE,
EVENT_NOTIFICATION_DRAWER_TOGGLE,
@ -102,15 +103,18 @@ export class PageHeader extends LitElement {
}
firstUpdated(): void {
me().then((user) => {
new EventsApi(DEFAULT_CONFIG)
.eventsNotificationsList({
seen: false,
ordering: "-created",
pageSize: 1,
user: user.user.pk,
})
.then((r) => {
this.hasNotifications = r.pagination.count > 0;
});
});
}
renderIcon(): TemplateResult {

View file

@ -14,6 +14,7 @@ import { EventsApi, Notification } from "@goauthentik/api";
import { AKResponse } from "../../api/Client";
import { DEFAULT_CONFIG } from "../../api/Config";
import { me } from "../../api/Users";
import { EVENT_NOTIFICATION_DRAWER_TOGGLE, EVENT_REFRESH } from "../../constants";
import { ActionToLabel } from "../../pages/events/utils";
import { MessageLevel } from "../messages/Message";
@ -53,15 +54,18 @@ export class NotificationDrawer extends LitElement {
}
firstUpdated(): void {
me().then((user) => {
new EventsApi(DEFAULT_CONFIG)
.eventsNotificationsList({
seen: false,
ordering: "-created",
user: user.user.pk,
})
.then((r) => {
this.notifications = r;
this.unread = r.results.length;
});
});
}
renderItem(item: Notification): TemplateResult {

View file

@ -123,15 +123,18 @@ export class UserInterface extends LitElement {
}
firstUpdated(): void {
me().then((user) => {
new EventsApi(DEFAULT_CONFIG)
.eventsNotificationsList({
seen: false,
ordering: "-created",
pageSize: 1,
user: user.user.pk,
})
.then((r) => {
this.notificationsCount = r.pagination.count;
});
});
}
render(): TemplateResult {