trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,718 Commits 95 Branches 330 Tags 336 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Jens L e28babb0b8
core: Initial RBAC (#6806) 
* rename consent permission

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* the user version

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

t

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* initial role

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start form

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* some minor table refactoring

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix user, add assign

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add roles ui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix backend

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add assign API for roles

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start adding toggle buttons

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start view page

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* exclude add_ permission for per-object perms

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* small cleanup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add permission list for roles

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make sidebar update

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix page header not re-rendering?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fixup

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add search

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* show first category in table groupBy except when its empty

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make model and object PK optional but required together

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* allow for setting global perms

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* exclude non-authentik permissions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* exclude models which aren't allowed (base models etc)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ensure all models have verbose_name set, exclude some more internal objects

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* lint fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix role perm assign

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add unasign for global perms

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add meta changes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* clear modal state after submit

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add roles to our group

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix duplicate url names

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make recursive group query more usable

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add name field to role itself and move group creation to signal

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start sync

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* move rbac stuff to separate django app

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint and such

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix go

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start API changes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more API tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make admin interface not require superuser for now, improve error handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* replace some IsAdminUser where applicable

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* migrate flow inspector perms to actual permission

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix license not being a serializermodel

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add permission modal to models without view page

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add additional permissions to assign/unassign permissions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add action to unassign user permissions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add permissions tab to remaining view pages

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix flow inspector permission check

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix codecov config?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more API tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ensure viewsets have an order set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* hopefully the last api name change

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* make perm modal less confusing

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* start user view permission page

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only make delete bulk form expandable if usedBy is set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* expand permission tables

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add user global permission table

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix lint

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests' url names

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add tests for assign perms

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add unassign tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* rebuild permissions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* prevent assigning/unassigning permissions to internal service accounts

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* only enable default api browser in debug

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix role object permissions showing duplicate

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix role link on role object permissions table

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix object permission modal having duplicate close buttons

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* return error if user has no global perm and no object perms

also improve error display on table

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* small optimisation

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* optimise even more

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update locale

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add system permission for non-object permissions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* allow access to admin interface based on perm

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* clean

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't exclude base models

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-10-16 17:31:50 +02:00
Ken Sternberg 9d18bc545f
web: change 'Attributes' to 'Custom attributes' on Invitation Field (#7145) 
Everywhere else, the label "Attributes" refers to the dictionary field that our
core models have and use as a JSON repository for key/value pairs that don't need
the full model's awareness or management.  Using the same label here, where the
term refers to the context data of the invitation itself, may confuse people,
so we've changed the label to signal its difference.
 2023-10-12 12:33:45 -07:00
Jens L b503379319
web: fix form default submit handler (#7122) 
* web/elements: rename renderInlineForm to renderForm set submit handler to empty function

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix all kinds of forms not using the form inheritance correctly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-10-12 15:12:46 +02:00
Jens L d1f2e7c0cd
web/admin: add additional Flow info (#7155) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-10-12 14:00:45 +02:00
Jens L 6f3fc22c9b
providers/saml: add default RelayState value for IDP-initiated requests (#7100) 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-10-09 00:08:16 +02:00
Jens L cb6dadbf94
stages/email: rework email templates (#7029) 
rework email templates

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
 2023-10-02 16:04:40 +02:00
Marc 'risson' Schmitt 9e23a5edab translate: Updates for web/xliff/en.xlf in fr 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2023-10-02 13:31:21 +02:00
Marc 'risson' Schmitt 9c3ff1d71b web: locales: rename fr_FR to fr to match transifex 
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
 2023-10-02 13:31:21 +02:00