Commit Graph

161 Commits

Author SHA1 Message Date
Jens Langhammer 865f652476 web: migrate Outpost Service Connection to web 2021-02-19 17:49:34 +01:00
Jens Langhammer 71f771c22c core: add types API to propertymapping 2021-02-19 17:10:30 +01:00
Jens Langhammer 79089d8981 policies: add bound count to api 2021-02-19 16:53:30 +01:00
Jens Langhammer 44e51970e1 web: update for new cached actions 2021-02-19 16:37:50 +01:00
Jens L 8708e487ae
stages: add WebAuthn stage (#550)
* core: add User.uid for globally unique user ID

* admin: fix ?next for Flow list

* stages: add initial webauthn implementation

* web: add ak-flow-submit event to submit flow stage

* web: show error message for webauthn registration

* admin: fix next param not redirecting correctly

* stages/webauthn: remove form

* stages/webauthn: add API

* web: update flow diagram on ak-refresh

* stages/webauthn: add initial authentication

* stages/webauthn: initial authentication implementation

* web: cleanup webauthn utils

* stages: rename otp_* to authenticator and move webauthn to authenticator

* docs: fix broken links

* stages/authenticator_*: fix template paths

* stages/authenticator_validate: add device classes

* stages/authenticator_webauthn: implement django_otp.devices

* stages/authenticator_*: update default stage names

* web: add button to create stage on flow page

* web: don't minify HTML, remove nbsp

* admin: fix typo in stage list

* stages/*: use common base class for stage serializer

* stages/authenticator_*: create default objects after rename

* tests/e2e: adjust stage order
2021-02-17 20:49:58 +01:00
Jens Langhammer 4cfcc48b23 admin: migrate certificate-keypair list to web 2021-02-16 23:16:52 +01:00
Jens Langhammer f8ba623fc1 web: add more related links, add policy/user/group support for bindings 2021-02-16 20:52:59 +01:00
Jens Langhammer 1afb4a7a76 policies: add ability to directly assign groups in bindings 2021-02-11 20:36:48 +01:00
Jens Langhammer aa0f5df218 policies/*: cleanup api and forms, use correct inheritance 2021-02-11 19:50:02 +01:00
Jens Langhammer d2df426489 core: fix tokens using wrong lookup 2021-02-10 20:32:54 +01:00
Jens Langhammer a367d8515f core: add source endpoint 2021-02-10 20:12:07 +01:00
Jens Langhammer 2b7a22a29a core: add providers/types endpoint 2021-02-10 20:11:54 +01:00
Jens Langhammer 0af66a26ab crypto: move certificate and key data to separate api calls to create events 2021-02-09 21:47:00 +01:00
Jens Langhammer 71c9108f89 events: rename token_view to secret_view 2021-02-09 18:20:28 +01:00
Jens Langhammer 45f1d95bf9 sources/oauth: add callback URL to api 2021-02-09 16:58:19 +01:00
Jens Langhammer 552f8c6a9a sources/*: switch API to use slug in URL 2021-02-09 16:08:30 +01:00
Jens Langhammer 2acdcf74e1 sources/ldap: add API for sync status 2021-02-09 10:21:59 +01:00
Jens Langhammer 78bcb90a1e outposts: ensure Outpost API is backwards compatible 2021-02-08 19:51:46 +01:00
Jens Langhammer 820f658b49 web: add outpost list page 2021-02-08 19:04:19 +01:00
Jens Langhammer efc46f52e6 outposts: move health to API 2021-02-08 19:01:10 +01:00
Jens Langhammer 3ced67b151 sources/*: simplify source api 2021-02-08 10:25:59 +01:00
Jens Langhammer 830b8bcd5b web: add page for OAuth2 Provider 2021-02-06 18:39:15 +01:00
Jens Langhammer 91d6a3c8c7 providers/*: simplify provider API 2021-02-06 17:31:29 +01:00
Jens L a6ac82c492
*: rewrite managed objects, use nullable text flag instead of boolean as uid (#533) 2021-02-06 15:56:21 +00:00
Jens Langhammer 32cf960053 sources/ldap: add property_mappings_group to make group mapping more customisable 2021-02-06 15:27:07 +01:00
Jens Langhammer 14dc420747 sources/ldap: rewrite group membership syncing 2021-02-04 20:06:42 +01:00
Jens Langhammer 178417fe67 web: start implementing provider list 2021-02-04 10:09:19 +01:00
Jens L e25d03d8f4
Managed objects (#519)
* managed: add base manager and Ops

* core: use ManagedModel for Token and PropertyMapping

* providers/saml: implement managed objects for SAML Provider

* sources/ldap: migrate to managed

* providers/oauth2: migrate to managed

* providers/proxy: migrate to managed

* *: load .managed in apps

* managed: add reconcile task, run on startup

* providers/oauth2: fix import path for managed

* providers/saml: don't set FriendlyName when mapping is none

* *: use ObjectManager in tests to ensure objects exist

* ci: use vmImage ubuntu-latest

* providers/saml: add new mapping for username and user id

* tests: remove docker proxy

* tests/e2e: use updated attribute names

* docs: update SAML docs

* tests/e2e: fix remaining saml cases

* outposts: make tokens as managed

* *: make PropertyMapping SerializerModel

* web: add page for property-mappings

* web: add codemirror to common_styles because codemirror

* docs: fix member-of in nextcloud

* docs: nextcloud add admin

* web: fix refresh reloading data two times

* web: add loading lock to table to prevent double loads

* web: add ability to use null in QueryArgs (value will be skipped)

* web: add hide option to property mappings

* web: fix linting
2021-02-03 21:18:31 +01:00
Jens Langhammer cfed41439e events: add send_once flag to send webhooks only once 2021-02-02 19:34:55 +01:00
Jens Langhammer 5ef4354723 providers/saml: make NameID configurable using a Property Mapping 2021-01-28 22:50:13 +01:00
Jens Langhammer 3d3a0cd9e3 events: create event when system task fails 2021-01-18 10:09:14 +01:00
Jens Langhammer f959212692 events: make notifications filterable 2021-01-16 19:08:07 +01:00
Jens Langhammer 192dbe05c4 events: triggers -> rules 2021-01-16 14:15:23 +01:00
Jens Langhammer 2e42da11ea policies/event_matcher: simplify validity checking 2021-01-15 11:26:55 +01:00
Jens Langhammer 6192b2787f events: notifications: send entire event in API 2021-01-14 17:22:02 +01:00
Jens Langhammer 1342266368 events: include full group in event notification 2021-01-14 17:22:02 +01:00
Jens Langhammer 9fe8554f28 events: make notification read/update only 2021-01-14 17:22:02 +01:00
Jens Langhammer b6948334f2 policies/event_matcher: fix verbose_name 2021-01-12 23:06:24 +01:00
Jens Langhammer 47ddf0d7f2 web: add UI for notification triggers 2021-01-12 22:26:57 +01:00
Jens Langhammer 8369fa16ae events: add mode_verbose to transport, return string on send error 2021-01-12 21:51:55 +01:00
Jens L 1ccf6dcf6f
events: Notifications (#418)
* events: initial alerting implementation

* policies: move error handling to process, ensure policy UUID is saved

* policies: add tests for error handling in PolicyProcess

* events: improve loop detection

* events: add API for action and trigger

* policies: ensure http_request is not used in context

* events: adjust unittests for user handling

* policies/event_matcher: add policy type

* events: add API tests

* events: add middleware tests

* core: make application's provider not required

* outposts: allow blank kubeconfig

* outposts: validate kubeconfig before saving

* api: fix formatting

* stages/invitation: remove invitation_created signal as model_created functions the same

* stages/invitation: ensure created_by is set when creating from API

* events: rebase migrations on master

* events: fix missing Alerts from API

* policies: fix unittests

* events: add tests for alerts

* events: rename from alerting to notifications

* events: add ability to specify severity of notification created

* policies/event_matcher: Add app field to match on event app

* policies/event_matcher: fix EventMatcher not being included in API

* core: use objects.none() when get_queryset is used

* events: use m2m for multiple transports, create notification object in task

* events: add default triggers

* events: fix migrations return value

* events: fix notification_transport not being in the correct queue

* stages/email: allow sending of email without backend

* events: implement sending via webhook + slack/discord + email
2021-01-11 18:43:59 +01:00
Jens L 82bb179bc2
root: global email settings (#448)
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00
Jens Langhammer 4fde1b7365 providers/saml: allow audience to be empty 2020-12-30 22:15:28 +01:00
Jens Langhammer 590597caf6 events: replace list view with SPA Page 2020-12-28 14:32:34 +01:00
Jens Langhammer 0e1587bc1a providers/oauth2: don't write authorization code to event log 2020-12-28 01:07:18 +01:00
Jens Langhammer ee2e737782 providers/oauth2: remove response_type field as spec doesn't require validation 2020-12-27 18:12:47 +01:00
Jens Langhammer 55322995a1 providers/oauth2: make iss field configurable 2020-12-27 15:02:12 +01:00
Jens Langhammer 5b18e28753 providers/oauth2: fix include_claims_in_id_token not being shown in form/API 2020-12-27 14:05:10 +01:00
Jens Langhammer fc98c3934a providers/*: implement configuration_error 2020-12-27 13:15:31 +01:00
Jens Langhammer 5f90f54195 stages/invitation: ensure created_by is set when creating from API 2020-12-27 13:11:28 +01:00