outposts: add repair_permissions command

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-23 14:53:53 +02:00 · 2021-08-23 14:53:53 +02:00 · 12e2f7b945
parent 45d47f828a
commit 12e2f7b945
6 changed files with 38 additions and 1 deletions
--- a/authentik/outposts/management/init.py
+++ b/authentik/outposts/management/init.py
--- a/authentik/outposts/management/commands/init.py
+++ b/authentik/outposts/management/commands/init.py
--- a/authentik/outposts/management/commands/repair_permissions.py
+++ b/authentik/outposts/management/commands/repair_permissions.py
@ -0,0 +1,15 @@
 """Repair missing permissions"""
 from django.core.management.base import BaseCommand, no_translations
 from django.apps import apps
 from django.contrib.auth.management import create_permissions
 class Command(BaseCommand):  # pragma: no cover
    """Repair missing permissions"""
    @no_translations
    def handle(self, *args, **options):
        """Check permissions for all apps"""
        for app in apps.get_app_configs():
            self.stdout.write(f"Checking app {app.name} ({app.label})\n")
            create_permissions(app, verbosity=0)
--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@ -371,7 +371,11 @@ class Outpost(ManagedModel):
                        )
                        Event.new(
                            action=EventAction.SYSTEM_EXCEPTION,
-                            message=exception_to_string(exc),
+                            message=(
                                "While setting the permissions for the service-account, a permission "
                                "was not found: "
                                "Check https://goauthentik.io/docs/troubleshooting/missing_permission"
                            ) + exception_to_string(exc),
                        ).set_user(user).save()
                else:
                    app_label, perm = model_or_perm.split(".")
--- a/website/docs/troubleshooting/missing_permission.md
+++ b/website/docs/troubleshooting/missing_permission.md
@ -0,0 +1,17 @@
 ---
 title: Missing Permissions system_exception events
 ---
 This error can occur during initial setup, when authentik bootstraps the embedded Outpost, while the database migrations are not finished yet.
 The error should be temporary and not occur after initial installation.
 If it does, you can run the following command to ensure all permissions exist:
 ```
 docker-compose run --rm worker repair_permissions
 # Or for kubernetes
 kubectl exec -it authentik-worker-.... -- ak repair_permissions
 ```
 If the error persists after running this command, please open an Issue on [GitHub](https://github.com/goauthentik/authentik/issues/)
--- a/website/sidebars.js
+++ b/website/sidebars.js
@ -204,6 +204,7 @@ module.exports = {
                "troubleshooting/emails",
                "troubleshooting/login",
                "troubleshooting/image_upload_backup",
                "troubleshooting/missing_permission",
            ],
        },
    ],