import "@goauthentik/admin/users/ServiceAccountForm"; import "@goauthentik/admin/users/UserActiveForm"; import "@goauthentik/admin/users/UserForm"; import "@goauthentik/admin/users/UserPasswordForm"; import "@goauthentik/admin/users/UserResetEmailForm"; import { DEFAULT_CONFIG, config, tenant } from "@goauthentik/common/api/config"; import { MessageLevel } from "@goauthentik/common/messages"; import { uiConfig } from "@goauthentik/common/ui/config"; import { first } from "@goauthentik/common/utils"; import { PFColor } from "@goauthentik/elements/Label"; import "@goauthentik/elements/buttons/ActionButton"; import "@goauthentik/elements/buttons/Dropdown"; import "@goauthentik/elements/forms/DeleteBulkForm"; import { Form } from "@goauthentik/elements/forms/Form"; import "@goauthentik/elements/forms/HorizontalFormElement"; import "@goauthentik/elements/forms/ModalForm"; import { showMessage } from "@goauthentik/elements/messages/MessageContainer"; import { getURLParam, updateURLParams } from "@goauthentik/elements/router/RouteMatch"; import { PaginatedResponse } from "@goauthentik/elements/table/Table"; import { Table, TableColumn } from "@goauthentik/elements/table/Table"; import { UserOption } from "@goauthentik/elements/user/utils"; import { t } from "@lingui/macro"; import { CSSResult, TemplateResult, html } from "lit"; import { customElement, property, state } from "lit/decorators.js"; import { ifDefined } from "lit/directives/if-defined.js"; import { until } from "lit/directives/until.js"; import PFAlert from "@patternfly/patternfly/components/Alert/alert.css"; import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css"; import { CapabilitiesEnum, CoreApi, Group, ResponseError, User } from "@goauthentik/api"; @customElement("ak-user-related-add") export class RelatedUserAdd extends Form<{ users: number[] }> { @property({ attribute: false }) group?: Group; @state() usersToAdd: User[] = []; getSuccessMessage(): string { return t`Successfully added user(s).`; } send = async (data: { users: number[] }): Promise<{ users: number[] }> => { await Promise.all( data.users.map((user) => { return new CoreApi(DEFAULT_CONFIG).coreGroupsAddUserCreate({ groupUuid: this.group?.pk || "", userAccountRequest: { pk: user, }, }); }), ); return data; }; renderForm(): TemplateResult { return html`

{ this.usersToAdd = items; this.requestUpdate(); return Promise.resolve(); }} >

${this.usersToAdd.map((user) => { return html` { const idx = this.usersToAdd.indexOf(user); this.usersToAdd.splice(idx, 1); this.requestUpdate(); }} > ${UserOption(user)} `; })}

`; } } @customElement("ak-user-related-list") export class RelatedUserList extends Table { expandable = true; checkbox = true; searchEnabled(): boolean { return true; } @property() targetGroup?: Group; @property() order = "last_login"; @property({ type: Boolean }) hideServiceAccounts = getURLParam("hideServiceAccounts", true); static get styles(): CSSResult[] { return super.styles.concat(PFDescriptionList, PFAlert); } async apiEndpoint(page: number): Promise> { return new CoreApi(DEFAULT_CONFIG).coreUsersList({ ordering: this.order, page: page, pageSize: (await uiConfig()).pagination.perPage, search: this.search || "", groupsByPk: this.targetGroup ? [this.targetGroup.pk] : [], attributes: this.hideServiceAccounts ? JSON.stringify({ "goauthentik.io/user/service-account__isnull": true, }) : undefined, }); } columns(): TableColumn[] { return [ new TableColumn(t`Name`, "username"), new TableColumn(t`Active`, "active"), new TableColumn(t`Last login`, "last_login"), new TableColumn(t`Actions`), ]; } renderToolbarSelected(): TemplateResult { const disabled = this.selectedElements.length < 1; return html` { return [ { key: t`Username`, value: item.username }, { key: t`ID`, value: item.pk.toString() }, { key: t`UID`, value: item.uid }, ]; }} .delete=${(item: User) => { return new CoreApi(DEFAULT_CONFIG).coreGroupsRemoveUserCreate({ groupUuid: this.targetGroup?.pk || "", userAccountRequest: { pk: item.pk, }, }); }} > `; } row(item: User): TemplateResult[] { return [ html`

${item.username}

${item.name} `, html` ${item.isActive ? t`Yes` : t`No`} `, html`${first(item.lastLogin?.toLocaleString(), t`-`)}`, html` ${t`Update`} ${t`Update User`}

${until( config().then((config) => { if (config.capabilities.includes(CapabilitiesEnum.Impersonate)) { return html` ${t`Impersonate`} `; } return html``; }), )}`, ]; } renderExpanded(item: User): TemplateResult { return html`

${t`User status`}: ${item.isActive ? t`Active` : t`Inactive`}

${item.isSuperuser ? t`Superuser` : t`Regular user`}
${t`Change status`}: { return new CoreApi( DEFAULT_CONFIG, ).coreUsersPartialUpdate({ id: item.pk || 0, patchedUserRequest: { isActive: !item.isActive, }, }); }} >
${t`Recovery`}: ${t`Update password`} ${t`Update password`} ${until( tenant().then((tenant) => { if (!tenant.flowRecovery) { return html`
${t`To let a user directly reset a their password, configure a recovery flow on the currently active tenant.`}
`; } return html` { return new CoreApi(DEFAULT_CONFIG) .coreUsersRecoveryRetrieve({ id: item.pk || 0, }) .then((rec) => { showMessage({ level: MessageLevel.success, message: t`Successfully generated recovery link`, description: rec.link, }); }) .catch((ex: ResponseError) => { ex.response.json().then(() => { showMessage({ level: MessageLevel.error, message: t`No recovery flow is configured.`, }); }); }); }} > ${t`Copy recovery link`} ${item.email ? html` ${t`Send link`} ${t`Send recovery link to user`} ` : html`${t`Recovery link cannot be emailed, user has no email address saved.`}`} `; }), )}

`; } renderToolbar(): TemplateResult { return html` ${this.targetGroup ? html` ${t`Add`} ${t`Add User`}

` : html``} ${super.renderToolbar()} `; } renderToolbarAfter(): TemplateResult { return html` `; } }