Jens Langhammer
3a2f285a87
flows: add API to debug-execute a flow and import flow
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 22:21:04 +02:00
Jens Langhammer
a09481dea2
flows: add API to set background image
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:40:08 +02:00
Jens Langhammer
03ff495011
web/admin: migrate application form to web
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:39:53 +02:00
Jens Langhammer
657b0089b1
core: add set_icon operation to applications API to set icon
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:16:13 +02:00
Jens Langhammer
7d74e1d2c4
*: revert to drf-yasg upstream
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 21:04:54 +02:00
Jens Langhammer
a52b57cc38
events: fix missing send_once param from api
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:58:54 +02:00
Jens Langhammer
372cf4a8cb
api: add error responses to swagger schema
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 18:09:45 +02:00
Jens Langhammer
a445b03523
crypto: add API to generate keypair
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 17:33:27 +02:00
Jens Langhammer
464a56ad52
Merge branch 'master' into new-forms
2021-03-29 15:37:12 +02:00
Jens Langhammer
0793fff222
*: simplify API permissions checking, add API for user recovery
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 15:36:35 +02:00
Jens Langhammer
3cc7d54cc1
policies: use GroupSerializer for PolicyBinding API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-29 12:28:06 +02:00
Jens Langhammer
bd9c0efab7
core: use only user ids for group
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-28 22:03:48 +02:00
Jens Langhammer
32fb90e056
core: include full users in group API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-27 15:53:54 +01:00
Jens Langhammer
6e46124c94
web/admin/user: fix user source connection lookups
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 21:40:08 +01:00
Jens Langhammer
533a719914
sources/oauth: migrate to webcomponents
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 20:35:00 +01:00
Jens Langhammer
83c3a116f3
core: add Serializer for UserSettings, used by stages and sources
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:46:31 +01:00
Jens Langhammer
f695a3f40a
stages/authenticator_*: fix missing fields
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 17:19:39 +01:00
Jens Langhammer
17f7a97ef3
sources/oauth2: add API For UserSourceConnection
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 14:46:08 +01:00
Jens Langhammer
3698c6431c
flow: pass Query on FlowExecutorSolve to prevent redirect issues
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 14:12:49 +01:00
Jens Langhammer
1d641b2432
root: update swagger
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-24 09:55:50 +01:00
Jens Langhammer
5b8b973345
flows: revert to sever-side redirects for security, pass querystring from client during flow plan
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 22:35:50 +01:00
Jens Langhammer
0671d712fa
policies: remove deprecated group_membership policy
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 14:43:24 +01:00
Jens Langhammer
6961089425
flows: add API to clear cache
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-23 10:37:41 +01:00
Jens L
fe7f23238c
Static SPA ( #648 )
...
* core: initial migration to /if
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: move jsi18n to api
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix static URLs in tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add new html files to rollup
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: fix rollup config and nginx config
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: add Impersonation support to user API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: add banner for impersonation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* tests: fix test_user function for new User API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: add background to API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: set background from flow API
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* core: make root view login_required for redirect
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* flows: redirect to root-redirect instead of if-admin direct
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* api: add header to prevent Authorization Basic prompt in browser
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* web: redirect to root when user/me request fails
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-22 13:44:17 +01:00
Jens Langhammer
7e47906475
api: add Footer links to config API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-21 17:35:00 +01:00
Jens Langhammer
3d45956f15
web: fix display of scopes
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 19:05:10 +01:00
Jens Langhammer
4c49209f71
core: add user metrics API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-20 17:30:01 +01:00
Jens Langhammer
080282a0bc
events: add better filters to event API
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 18:11:38 +01:00
Jens Langhammer
5b4c5d0f31
stages/consent: add API to get user's given consent
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 16:07:33 +01:00
Jens Langhammer
9ad10863de
providers/oauth2: add API for auth codes and refresh tokens
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 15:59:38 +01:00
Jens Langhammer
a57d524273
flows: add API for flow export
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 14:36:00 +01:00
Jens Langhammer
dae60b5a08
*: replace ReadOnlyModelViewSet with List/Retrieve/Delete viewsets
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 12:11:07 +01:00
Jens Langhammer
a6123cfbe4
flows: add API for user's stage settings
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 00:33:12 +01:00
Jens Langhammer
07142cab8b
core: add API for user source settings
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-18 00:32:40 +01:00
Jens Langhammer
c70f6e3122
events: fix Schema for query params for top_per_user
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-17 18:33:12 +01:00
Jens Langhammer
07ca82e599
admin: include git build hash in gh-* tags and show build hash in admin overview
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-16 14:42:01 +01:00
Jens Langhammer
34a3d81eff
stages/authenticator_*: add API for authenticator devices
2021-03-09 10:38:07 +01:00
Jens L
2852fa3c5e
web: use generated API Client ( #616 )
...
* api: fix types for config API
* api: remove broken swagger UI
* admin: re-fix system task enum
* events: make event optional
* events: fix Schema for notification transport test
* flows: use APIView for Flow Executor
* core: fix schema for Metrics APIs
* web: rewrite to use generated API client
* web: generate API Client in CI
* admin: use x_cord and y_cord to prevent yaml issues
* events: fix linting errors
* web: don't lint generated code
* core: fix fields not being required in TypeSerializer
* flows: fix missing permission_classes
* web: cleanup
* web: fix rendering of graph on Overview page
* web: cleanup imports
* core: fix missing background image filter
* flows: fix flows not advancing properly
* stages/*: fix warnings during get_challenge
* web: send Flow response as JSON instead of FormData
* web: fix styles for horizontal tabs
* web: add base chart class and custom chart for application view
* root: generate ts client for e2e tests
* web: don't attempt to connect to websocket in selenium tests
* web: fix UserTokenList not being included in the build
* web: fix styling for static token list
* web: fix CSRF Token missing
* stages/authenticator_static: fix error when disable static tokens
* core: fix display issue when updating user info
* web: fix Flow executor not showing spinner when redirecting
2021-03-08 11:14:00 +01:00
Jens Langhammer
ff5f5f65e8
web: fix date display issue
2021-03-03 21:53:30 +01:00
Jens Langhammer
466723573c
api: fix types for config API
2021-03-03 20:05:43 +01:00
Jens Langhammer
ea784d47f4
admin: fix mismatched Swagger schema
2021-03-03 17:44:47 +01:00
Jens Langhammer
77d5ba2862
events: fix typo in events API
2021-03-03 16:54:59 +01:00
Jens Langhammer
f4580a1097
api: remove legacy messages API as its WS only
2021-03-03 15:02:20 +01:00
Jens Langhammer
c002c4b610
api: make pagination required
2021-03-03 10:37:03 +01:00
Jens Langhammer
3cb0575a1e
root: fix swagger pagination not matching API
2021-03-03 09:28:22 +01:00
Jens Langhammer
373793ce9a
policies: show more information when provider fails to resolve application
2021-03-02 16:58:55 +01:00
Jens Langhammer
792fa45dca
providers/oauth2: add logout URL to Setup URLs API
2021-03-02 15:11:18 +01:00
Jens Langhammer
c65b2944b3
stages/reputation: add API for user and IP Score
2021-03-01 20:22:37 +01:00
Jens Langhammer
2ae5a81c15
stages/deny: add deny stage
2021-03-01 20:16:54 +01:00
Jens Langhammer
ed8b78600e
stages/authenticator_validate: add configuration stage to configure Authenticator
2021-03-01 19:23:59 +01:00
Jens Langhammer
d6fd2b0afa
sources/saml: add Metadata API
2021-03-01 10:50:45 +01:00
Jens Langhammer
9e6a7bf16b
stages/captcha: migrated to SPA
2021-02-25 19:58:38 +01:00
Jens Langhammer
8878fac4e7
stages/authenticator_validate: send challenge for each device
2021-02-23 18:25:58 +01:00
Jens Langhammer
88e5b22d16
flows: add get_pending_user() for WithUserInfoChallenge
2021-02-21 18:35:21 +01:00
Jens Langhammer
c1e6786ea1
stages/password: Migrate to SPA
2021-02-21 00:14:42 +01:00
Jens Langhammer
854d94056e
web: migrate remaining list views to web
2021-02-20 00:19:53 +01:00
Jens Langhammer
9d4c22c706
web: show header while loading application info
2021-02-19 23:34:06 +01:00
Jens Langhammer
6597d5bd28
web: migrate Token List to web
2021-02-19 19:09:30 +01:00
Jens Langhammer
fd28f37c0d
web: migrate User list to web
2021-02-19 18:43:57 +01:00
Jens Langhammer
865f652476
web: migrate Outpost Service Connection to web
2021-02-19 17:49:34 +01:00
Jens Langhammer
71f771c22c
core: add types API to propertymapping
2021-02-19 17:10:30 +01:00
Jens Langhammer
79089d8981
policies: add bound count to api
2021-02-19 16:53:30 +01:00
Jens Langhammer
44e51970e1
web: update for new cached actions
2021-02-19 16:37:50 +01:00
Jens L
8708e487ae
stages: add WebAuthn stage ( #550 )
...
* core: add User.uid for globally unique user ID
* admin: fix ?next for Flow list
* stages: add initial webauthn implementation
* web: add ak-flow-submit event to submit flow stage
* web: show error message for webauthn registration
* admin: fix next param not redirecting correctly
* stages/webauthn: remove form
* stages/webauthn: add API
* web: update flow diagram on ak-refresh
* stages/webauthn: add initial authentication
* stages/webauthn: initial authentication implementation
* web: cleanup webauthn utils
* stages: rename otp_* to authenticator and move webauthn to authenticator
* docs: fix broken links
* stages/authenticator_*: fix template paths
* stages/authenticator_validate: add device classes
* stages/authenticator_webauthn: implement django_otp.devices
* stages/authenticator_*: update default stage names
* web: add button to create stage on flow page
* web: don't minify HTML, remove nbsp
* admin: fix typo in stage list
* stages/*: use common base class for stage serializer
* stages/authenticator_*: create default objects after rename
* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
Jens Langhammer
4cfcc48b23
admin: migrate certificate-keypair list to web
2021-02-16 23:16:52 +01:00
Jens Langhammer
f8ba623fc1
web: add more related links, add policy/user/group support for bindings
2021-02-16 20:52:59 +01:00
Jens Langhammer
1afb4a7a76
policies: add ability to directly assign groups in bindings
2021-02-11 20:36:48 +01:00
Jens Langhammer
aa0f5df218
policies/*: cleanup api and forms, use correct inheritance
2021-02-11 19:50:02 +01:00
Jens Langhammer
d2df426489
core: fix tokens using wrong lookup
2021-02-10 20:32:54 +01:00
Jens Langhammer
a367d8515f
core: add source endpoint
2021-02-10 20:12:07 +01:00
Jens Langhammer
2b7a22a29a
core: add providers/types endpoint
2021-02-10 20:11:54 +01:00
Jens Langhammer
0af66a26ab
crypto: move certificate and key data to separate api calls to create events
2021-02-09 21:47:00 +01:00
Jens Langhammer
71c9108f89
events: rename token_view to secret_view
2021-02-09 18:20:28 +01:00
Jens Langhammer
45f1d95bf9
sources/oauth: add callback URL to api
2021-02-09 16:58:19 +01:00
Jens Langhammer
552f8c6a9a
sources/*: switch API to use slug in URL
2021-02-09 16:08:30 +01:00
Jens Langhammer
2acdcf74e1
sources/ldap: add API for sync status
2021-02-09 10:21:59 +01:00
Jens Langhammer
78bcb90a1e
outposts: ensure Outpost API is backwards compatible
2021-02-08 19:51:46 +01:00
Jens Langhammer
820f658b49
web: add outpost list page
2021-02-08 19:04:19 +01:00
Jens Langhammer
efc46f52e6
outposts: move health to API
2021-02-08 19:01:10 +01:00
Jens Langhammer
3ced67b151
sources/*: simplify source api
2021-02-08 10:25:59 +01:00
Jens Langhammer
830b8bcd5b
web: add page for OAuth2 Provider
2021-02-06 18:39:15 +01:00
Jens Langhammer
91d6a3c8c7
providers/*: simplify provider API
2021-02-06 17:31:29 +01:00
Jens L
a6ac82c492
*: rewrite managed objects, use nullable text flag instead of boolean as uid ( #533 )
2021-02-06 15:56:21 +00:00
Jens Langhammer
32cf960053
sources/ldap: add property_mappings_group to make group mapping more customisable
2021-02-06 15:27:07 +01:00
Jens Langhammer
14dc420747
sources/ldap: rewrite group membership syncing
2021-02-04 20:06:42 +01:00
Jens Langhammer
178417fe67
web: start implementing provider list
2021-02-04 10:09:19 +01:00
Jens L
e25d03d8f4
Managed objects ( #519 )
...
* managed: add base manager and Ops
* core: use ManagedModel for Token and PropertyMapping
* providers/saml: implement managed objects for SAML Provider
* sources/ldap: migrate to managed
* providers/oauth2: migrate to managed
* providers/proxy: migrate to managed
* *: load .managed in apps
* managed: add reconcile task, run on startup
* providers/oauth2: fix import path for managed
* providers/saml: don't set FriendlyName when mapping is none
* *: use ObjectManager in tests to ensure objects exist
* ci: use vmImage ubuntu-latest
* providers/saml: add new mapping for username and user id
* tests: remove docker proxy
* tests/e2e: use updated attribute names
* docs: update SAML docs
* tests/e2e: fix remaining saml cases
* outposts: make tokens as managed
* *: make PropertyMapping SerializerModel
* web: add page for property-mappings
* web: add codemirror to common_styles because codemirror
* docs: fix member-of in nextcloud
* docs: nextcloud add admin
* web: fix refresh reloading data two times
* web: add loading lock to table to prevent double loads
* web: add ability to use null in QueryArgs (value will be skipped)
* web: add hide option to property mappings
* web: fix linting
2021-02-03 21:18:31 +01:00
Jens Langhammer
cfed41439e
events: add send_once flag to send webhooks only once
2021-02-02 19:34:55 +01:00
Jens Langhammer
5ef4354723
providers/saml: make NameID configurable using a Property Mapping
2021-01-28 22:50:13 +01:00
Jens Langhammer
3d3a0cd9e3
events: create event when system task fails
2021-01-18 10:09:14 +01:00
Jens Langhammer
f959212692
events: make notifications filterable
2021-01-16 19:08:07 +01:00
Jens Langhammer
192dbe05c4
events: triggers -> rules
2021-01-16 14:15:23 +01:00
Jens Langhammer
2e42da11ea
policies/event_matcher: simplify validity checking
2021-01-15 11:26:55 +01:00
Jens Langhammer
6192b2787f
events: notifications: send entire event in API
2021-01-14 17:22:02 +01:00
Jens Langhammer
1342266368
events: include full group in event notification
2021-01-14 17:22:02 +01:00
Jens Langhammer
9fe8554f28
events: make notification read/update only
2021-01-14 17:22:02 +01:00
Jens Langhammer
b6948334f2
policies/event_matcher: fix verbose_name
2021-01-12 23:06:24 +01:00
Jens Langhammer
47ddf0d7f2
web: add UI for notification triggers
2021-01-12 22:26:57 +01:00
Jens Langhammer
8369fa16ae
events: add mode_verbose to transport, return string on send error
2021-01-12 21:51:55 +01:00
Jens L
1ccf6dcf6f
events: Notifications ( #418 )
...
* events: initial alerting implementation
* policies: move error handling to process, ensure policy UUID is saved
* policies: add tests for error handling in PolicyProcess
* events: improve loop detection
* events: add API for action and trigger
* policies: ensure http_request is not used in context
* events: adjust unittests for user handling
* policies/event_matcher: add policy type
* events: add API tests
* events: add middleware tests
* core: make application's provider not required
* outposts: allow blank kubeconfig
* outposts: validate kubeconfig before saving
* api: fix formatting
* stages/invitation: remove invitation_created signal as model_created functions the same
* stages/invitation: ensure created_by is set when creating from API
* events: rebase migrations on master
* events: fix missing Alerts from API
* policies: fix unittests
* events: add tests for alerts
* events: rename from alerting to notifications
* events: add ability to specify severity of notification created
* policies/event_matcher: Add app field to match on event app
* policies/event_matcher: fix EventMatcher not being included in API
* core: use objects.none() when get_queryset is used
* events: use m2m for multiple transports, create notification object in task
* events: add default triggers
* events: fix migrations return value
* events: fix notification_transport not being in the correct queue
* stages/email: allow sending of email without backend
* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00