core: fix squash migrations error when AK_ADMIN_TOKEN is set

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-10-12 17:45:10 +02:00
parent d39dbc7287
commit 2b09d97522
3 changed files with 299 additions and 122 deletions

View File

@ -0,0 +1,118 @@
# Generated by Django 3.2.8 on 2021-10-12 15:36
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
import authentik.core.models
def set_default_token_key(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
Token = apps.get_model("authentik_core", "Token")
for token in Token.objects.using(db_alias).all():
token.key = token.pk.hex
token.save()
class Migration(migrations.Migration):
replaces = [
("authentik_core", "0012_auto_20201003_1737"),
("authentik_core", "0013_auto_20201003_2132"),
("authentik_core", "0014_auto_20201018_1158"),
("authentik_core", "0015_application_icon"),
("authentik_core", "0016_auto_20201202_2234"),
]
dependencies = [
("authentik_providers_saml", "0006_remove_samlprovider_name"),
("authentik_providers_oauth2", "0006_remove_oauth2provider_name"),
("authentik_core", "0011_provider_name_temp"),
]
operations = [
migrations.RenameField(
model_name="provider",
old_name="name_temp",
new_name="name",
),
migrations.AddField(
model_name="token",
name="identifier",
field=models.TextField(default=""),
preserve_default=False,
),
migrations.AlterField(
model_name="token",
name="intent",
field=models.TextField(
choices=[
("verification", "Intent Verification"),
("api", "Intent Api"),
("recovery", "Intent Recovery"),
],
default="verification",
),
),
migrations.AlterUniqueTogether(
name="token",
unique_together={("identifier", "user")},
),
migrations.AddField(
model_name="token",
name="key",
field=models.TextField(default=authentik.core.models.default_token_key),
),
migrations.AlterUniqueTogether(
name="token",
unique_together=set(),
),
migrations.AlterField(
model_name="token",
name="identifier",
field=models.SlugField(max_length=255),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_co_key_e45007_idx"),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["identifier"], name="authentik_co_identif_1a34a8_idx"),
),
migrations.RunPython(
code=set_default_token_key,
),
migrations.RemoveField(
model_name="application",
name="meta_icon_url",
),
migrations.AddField(
model_name="application",
name="meta_icon",
field=models.FileField(blank=True, default="", upload_to="application-icons/"),
),
migrations.RemoveIndex(
model_name="token",
name="authentik_co_key_e45007_idx",
),
migrations.RemoveIndex(
model_name="token",
name="authentik_co_identif_1a34a8_idx",
),
migrations.RenameField(
model_name="user",
old_name="pb_groups",
new_name="ak_groups",
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["identifier"], name="authentik_c_identif_d9d032_idx"),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_c_key_f71355_idx"),
),
]

View File

@ -14,15 +14,6 @@ from django.db.models import Count
import authentik.core.models import authentik.core.models
def set_default_token_key(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias
Token = apps.get_model("authentik_core", "Token")
for token in Token.objects.using(db_alias).all():
token.key = token.pk.hex
token.save()
def migrate_sessions(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): def migrate_sessions(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
db_alias = schema_editor.connection.alias db_alias = schema_editor.connection.alias
from django.contrib.sessions.backends.cache import KEY_PREFIX from django.contrib.sessions.backends.cache import KEY_PREFIX
@ -68,12 +59,6 @@ def create_default_user_token(apps: Apps, schema_editor: BaseDatabaseSchemaEdito
class Migration(migrations.Migration): class Migration(migrations.Migration):
replaces = [ replaces = [
("authentik_core", "0012_auto_20201003_1737"),
("authentik_core", "0013_auto_20201003_2132"),
("authentik_core", "0014_auto_20201018_1158"),
("authentik_core", "0015_application_icon"),
("authentik_core", "0016_auto_20201202_2234"),
("authentik_core", "0017_managed"),
("authentik_core", "0018_auto_20210330_1345"), ("authentik_core", "0018_auto_20210330_1345"),
("authentik_core", "0019_source_managed"), ("authentik_core", "0019_source_managed"),
("authentik_core", "0020_source_user_matching_mode"), ("authentik_core", "0020_source_user_matching_mode"),
@ -88,116 +73,10 @@ class Migration(migrations.Migration):
] ]
dependencies = [ dependencies = [
("authentik_providers_saml", "0006_remove_samlprovider_name"), ("authentik_core", "0017_managed"),
("authentik_core", "0011_provider_name_temp"),
("authentik_providers_oauth2", "0006_remove_oauth2provider_name"),
] ]
operations = [ operations = [
migrations.RenameField(
model_name="provider",
old_name="name_temp",
new_name="name",
),
migrations.AddField(
model_name="token",
name="identifier",
field=models.TextField(default=""),
preserve_default=False,
),
migrations.AlterField(
model_name="token",
name="intent",
field=models.TextField(
choices=[
("verification", "Intent Verification"),
("api", "Intent Api"),
("recovery", "Intent Recovery"),
],
default="verification",
),
),
migrations.AlterUniqueTogether(
name="token",
unique_together={("identifier", "user")},
),
migrations.AddField(
model_name="token",
name="key",
field=models.TextField(default=authentik.core.models.default_token_key),
),
migrations.AlterUniqueTogether(
name="token",
unique_together=set(),
),
migrations.AlterField(
model_name="token",
name="identifier",
field=models.SlugField(max_length=255),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_co_key_e45007_idx"),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["identifier"], name="authentik_co_identif_1a34a8_idx"),
),
migrations.RunPython(
code=set_default_token_key,
),
migrations.RemoveField(
model_name="application",
name="meta_icon_url",
),
migrations.AddField(
model_name="application",
name="meta_icon",
field=models.FileField(blank=True, default="", upload_to="application-icons/"),
),
migrations.RemoveIndex(
model_name="token",
name="authentik_co_key_e45007_idx",
),
migrations.RemoveIndex(
model_name="token",
name="authentik_co_identif_1a34a8_idx",
),
migrations.RenameField(
model_name="user",
old_name="pb_groups",
new_name="ak_groups",
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["identifier"], name="authentik_c_identif_d9d032_idx"),
),
migrations.AddIndex(
model_name="token",
index=models.Index(fields=["key"], name="authentik_c_key_f71355_idx"),
),
migrations.AddField(
model_name="propertymapping",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
unique=True,
verbose_name="Managed by authentik",
),
),
migrations.AddField(
model_name="token",
name="managed",
field=models.TextField(
default=None,
help_text="Objects which are managed by authentik. These objects are created and updated automatically. This is flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.",
null=True,
unique=True,
verbose_name="Managed by authentik",
),
),
migrations.AlterModelOptions( migrations.AlterModelOptions(
name="token", name="token",
options={ options={

View File

@ -0,0 +1,180 @@
# Generated by Django 3.2.8 on 2021-10-12 15:39
import django.db.models.deletion
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
import authentik.lib.models
import authentik.providers.proxy.models
def migrate_defaults(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
from authentik.providers.proxy.models import JWTAlgorithms, ProxyProvider
db_alias = schema_editor.connection.alias
for provider in ProxyProvider.objects.using(db_alias).filter(jwt_alg=JWTAlgorithms.RS256):
provider.set_oauth_defaults()
provider.save()
def migrate_mode(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
from authentik.providers.proxy.models import ProxyMode
db_alias = schema_editor.connection.alias
ProxyProvider = apps.get_model("authentik_providers_proxy", "proxyprovider")
for provider in ProxyProvider.objects.using(db_alias).all():
if provider.forward_auth_mode:
provider.mode = ProxyMode.FORWARD_SINGLE
provider.save()
class Migration(migrations.Migration):
replaces = [
("authentik_providers_proxy", "0001_initial"),
("authentik_providers_proxy", "0002_proxyprovider_cookie_secret"),
("authentik_providers_proxy", "0003_proxyprovider_certificate"),
("authentik_providers_proxy", "0004_auto_20200913_1947"),
("authentik_providers_proxy", "0005_auto_20200914_1536"),
("authentik_providers_proxy", "0006_proxyprovider_skip_path_regex"),
("authentik_providers_proxy", "0007_auto_20200923_1017"),
("authentik_providers_proxy", "0008_auto_20200930_0810"),
("authentik_providers_proxy", "0009_auto_20201007_1721"),
("authentik_providers_proxy", "0010_auto_20201214_0942"),
("authentik_providers_proxy", "0011_proxyprovider_forward_auth_mode"),
("authentik_providers_proxy", "0012_proxyprovider_cookie_domain"),
("authentik_providers_proxy", "0013_mode"),
("authentik_providers_proxy", "0014_proxy_v2"),
]
initial = True
dependencies = [
("authentik_crypto", "0002_create_self_signed_kp"),
("authentik_providers_oauth2", "0001_initial"),
]
operations = [
migrations.CreateModel(
name="ProxyProvider",
fields=[
(
"oauth2provider_ptr",
models.OneToOneField(
auto_created=True,
on_delete=django.db.models.deletion.CASCADE,
parent_link=True,
primary_key=True,
serialize=False,
to="authentik_providers_oauth2.oauth2provider",
),
),
(
"internal_host",
models.TextField(
blank=True,
validators=[
authentik.lib.models.DomainlessURLValidator(schemes=("http", "https"))
],
),
),
(
"external_host",
models.TextField(
validators=[
authentik.lib.models.DomainlessURLValidator(schemes=("http", "https"))
]
),
),
(
"cookie_secret",
models.TextField(default=authentik.providers.proxy.models.get_cookie_secret),
),
(
"certificate",
models.ForeignKey(
blank=True,
null=True,
on_delete=django.db.models.deletion.SET_NULL,
to="authentik_crypto.certificatekeypair",
),
),
(
"skip_path_regex",
models.TextField(
blank=True,
default="",
help_text="Regular expressions for which authentication is not required. Each new line is interpreted as a new Regular Expression.",
),
),
(
"internal_host_ssl_validation",
models.BooleanField(
default=True,
help_text="Validate SSL Certificates of upstream servers",
verbose_name="Internal host SSL Validation",
),
),
(
"basic_auth_enabled",
models.BooleanField(
default=False,
help_text="Set a custom HTTP-Basic Authentication header based on values from authentik.",
verbose_name="Set HTTP-Basic Authentication",
),
),
(
"basic_auth_password_attribute",
models.TextField(
blank=True,
help_text="User/Group Attribute used for the password part of the HTTP-Basic Header.",
verbose_name="HTTP-Basic Password Key",
),
),
(
"basic_auth_user_attribute",
models.TextField(
blank=True,
help_text="User/Group Attribute used for the user part of the HTTP-Basic Header. If not set, the user's Email address is used.",
verbose_name="HTTP-Basic Username Key",
),
),
(
"forward_auth_mode",
models.BooleanField(
default=False,
help_text="Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.",
),
),
("cookie_domain", models.TextField(blank=True, default="")),
(
"mode",
models.TextField(
choices=[
("proxy", "Proxy"),
("forward_single", "Forward Single"),
("forward_domain", "Forward Domain"),
],
default="proxy",
help_text="Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.",
),
),
],
options={
"verbose_name": "Proxy Provider",
"verbose_name_plural": "Proxy Providers",
},
bases=("authentik_providers_oauth2.oauth2provider",),
),
migrations.RunPython(
code=migrate_mode,
),
migrations.RemoveField(
model_name="proxyprovider",
name="forward_auth_mode",
),
migrations.RunPython(
code=migrate_defaults,
),
]