stages/user_write: if any connection is being sent in the plan context, save it to the user
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
83e08f12ae
commit
241d790e69
|
@ -11,7 +11,6 @@ from django.utils.translation import gettext as _
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
|
||||||
from authentik.core.models import (
|
from authentik.core.models import (
|
||||||
USER_ATTRIBUTE_SOURCES,
|
|
||||||
Source,
|
Source,
|
||||||
SourceUserMatchingModes,
|
SourceUserMatchingModes,
|
||||||
User,
|
User,
|
||||||
|
@ -271,11 +270,6 @@ class SourceFlowManager:
|
||||||
if not self.source.enrollment_flow:
|
if not self.source.enrollment_flow:
|
||||||
self._logger.warning("source has no enrollment flow")
|
self._logger.warning("source has no enrollment flow")
|
||||||
return HttpResponseBadRequest()
|
return HttpResponseBadRequest()
|
||||||
if USER_ATTRIBUTE_SOURCES not in self.enroll_info or not isinstance(
|
|
||||||
self.enroll_info[USER_ATTRIBUTE_SOURCES], list
|
|
||||||
):
|
|
||||||
self.enroll_info[USER_ATTRIBUTE_SOURCES] = []
|
|
||||||
self.enroll_info[USER_ATTRIBUTE_SOURCES].append(self.source.name)
|
|
||||||
return self._handle_login_flow(
|
return self._handle_login_flow(
|
||||||
self.source.enrollment_flow,
|
self.source.enrollment_flow,
|
||||||
**{
|
**{
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
"""Plex Source Serializer"""
|
"""Plex Source Serializer"""
|
||||||
from django.http import Http404
|
|
||||||
from django.shortcuts import get_object_or_404
|
from django.shortcuts import get_object_or_404
|
||||||
from drf_yasg import openapi
|
from drf_yasg import openapi
|
||||||
from drf_yasg.utils import swagger_auto_schema
|
from drf_yasg.utils import swagger_auto_schema
|
||||||
|
|
|
@ -7,7 +7,8 @@ from django.utils.translation import gettext as _
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
|
||||||
from authentik.core.middleware import SESSION_IMPERSONATE_USER
|
from authentik.core.middleware import SESSION_IMPERSONATE_USER
|
||||||
from authentik.core.models import User
|
from authentik.core.models import USER_ATTRIBUTE_SOURCES, User, UserSourceConnection
|
||||||
|
from authentik.core.sources.stage import PLAN_CONTEXT_SOURCES_CONNECTION
|
||||||
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
|
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER
|
||||||
from authentik.flows.stage import StageView
|
from authentik.flows.stage import StageView
|
||||||
from authentik.lib.utils.reflection import class_to_path
|
from authentik.lib.utils.reflection import class_to_path
|
||||||
|
@ -41,7 +42,7 @@ class UserWriteStageView(StageView):
|
||||||
flow_slug=self.executor.flow.slug,
|
flow_slug=self.executor.flow.slug,
|
||||||
)
|
)
|
||||||
user_created = True
|
user_created = True
|
||||||
user = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
|
user: User = self.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
|
||||||
# Before we change anything, check if the user is the same as in the request
|
# Before we change anything, check if the user is the same as in the request
|
||||||
# and we're updating a password. In that case we need to update the session hash
|
# and we're updating a password. In that case we need to update the session hash
|
||||||
# Also check that we're not currently impersonating, so we don't update the session
|
# Also check that we're not currently impersonating, so we don't update the session
|
||||||
|
@ -73,6 +74,16 @@ class UserWriteStageView(StageView):
|
||||||
if user.username == "":
|
if user.username == "":
|
||||||
LOGGER.warning("Aborting write to empty username", user=user)
|
LOGGER.warning("Aborting write to empty username", user=user)
|
||||||
return self.executor.stage_invalid()
|
return self.executor.stage_invalid()
|
||||||
|
# Check if we're writing from a source, and save the source to the attributes
|
||||||
|
if PLAN_CONTEXT_SOURCES_CONNECTION in self.executor.plan.context:
|
||||||
|
if USER_ATTRIBUTE_SOURCES not in user.attributes or not isinstance(
|
||||||
|
user.attributes.get(USER_ATTRIBUTE_SOURCES), list
|
||||||
|
):
|
||||||
|
user.attributes[USER_ATTRIBUTE_SOURCES] = []
|
||||||
|
connection: UserSourceConnection = self.executor.plan.context[
|
||||||
|
PLAN_CONTEXT_SOURCES_CONNECTION
|
||||||
|
]
|
||||||
|
user.attributes[USER_ATTRIBUTE_SOURCES].append(connection.source.name)
|
||||||
user.save()
|
user.save()
|
||||||
user_write.send(
|
user_write.send(
|
||||||
sender=self, request=request, user=user, data=data, created=user_created
|
sender=self, request=request, user=user, data=data, created=user_created
|
||||||
|
|
Reference in a new issue