core: only show Reset password link when recovery flow is configured

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-07-04 12:44:57 +02:00
parent ca44f8bd60
commit 320dab3425
3 changed files with 37 additions and 27 deletions

View file

@ -2,12 +2,11 @@
from json import loads from json import loads
from django.db.models.query import QuerySet from django.db.models.query import QuerySet
from django.http.response import Http404
from django.urls import reverse_lazy from django.urls import reverse_lazy
from django.utils.http import urlencode from django.utils.http import urlencode
from django_filters.filters import BooleanFilter, CharFilter from django_filters.filters import BooleanFilter, CharFilter
from django_filters.filterset import FilterSet from django_filters.filterset import FilterSet
from drf_spectacular.utils import OpenApiResponse, extend_schema, extend_schema_field from drf_spectacular.utils import extend_schema, extend_schema_field
from guardian.utils import get_anonymous_user from guardian.utils import get_anonymous_user
from rest_framework.decorators import action from rest_framework.decorators import action
from rest_framework.fields import CharField, JSONField, SerializerMethodField from rest_framework.fields import CharField, JSONField, SerializerMethodField
@ -173,7 +172,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
@extend_schema( @extend_schema(
responses={ responses={
"200": LinkSerializer(many=False), "200": LinkSerializer(many=False),
"404": OpenApiResponse(description="No recovery flow found."), "404": LinkSerializer(many=False),
}, },
) )
@action(detail=True, pagination_class=None, filter_backends=[]) @action(detail=True, pagination_class=None, filter_backends=[])
@ -184,7 +183,7 @@ class UserViewSet(UsedByMixin, ModelViewSet):
# Check that there is a recovery flow, if not return an error # Check that there is a recovery flow, if not return an error
flow = tenant.flow_recovery flow = tenant.flow_recovery
if not flow: if not flow:
raise Http404 return Response({"link": ""}, status=404)
user: User = self.get_object() user: User = self.get_object()
token, __ = Token.objects.get_or_create( token, __ = Token.objects.get_or_create(
identifier=f"{user.uid}-password-reset", identifier=f"{user.uid}-password-reset",

View file

@ -3096,7 +3096,11 @@ paths:
$ref: '#/components/schemas/Link' $ref: '#/components/schemas/Link'
description: '' description: ''
'404': '404':
description: No recovery flow found. content:
application/json:
schema:
$ref: '#/components/schemas/Link'
description: ''
'400': '400':
$ref: '#/components/schemas/ValidationError' $ref: '#/components/schemas/ValidationError'
'403': '403':

View file

@ -9,13 +9,14 @@ import "../../elements/buttons/ActionButton";
import { TableColumn } from "../../elements/table/Table"; import { TableColumn } from "../../elements/table/Table";
import { PAGE_SIZE } from "../../constants"; import { PAGE_SIZE } from "../../constants";
import { CoreApi, User } from "authentik-api"; import { CoreApi, User } from "authentik-api";
import { DEFAULT_CONFIG } from "../../api/Config"; import { DEFAULT_CONFIG, tenant } from "../../api/Config";
import "../../elements/forms/DeleteForm"; import "../../elements/forms/DeleteForm";
import "./UserActiveForm"; import "./UserActiveForm";
import "./UserForm"; import "./UserForm";
import { showMessage } from "../../elements/messages/MessageContainer"; import { showMessage } from "../../elements/messages/MessageContainer";
import { MessageLevel } from "../../elements/messages/Message"; import { MessageLevel } from "../../elements/messages/Message";
import { first } from "../../utils"; import { first } from "../../utils";
import { until } from "lit-html/directives/until";
@customElement("ak-user-list") @customElement("ak-user-list")
export class UserListPage extends TablePage<User> { export class UserListPage extends TablePage<User> {
@ -128,27 +129,33 @@ export class UserListPage extends TablePage<User> {
</li> </li>
</ul> </ul>
</ak-dropdown> </ak-dropdown>
<ak-action-button ${until(tenant().then(te => {
.apiRequest=${() => { if (te.flowRecovery) {
return new CoreApi(DEFAULT_CONFIG).coreUsersRecoveryRetrieve({ return html`
id: item.pk || 0, <ak-action-button
}).then(rec => { .apiRequest=${() => {
showMessage({ return new CoreApi(DEFAULT_CONFIG).coreUsersRecoveryRetrieve({
level: MessageLevel.success, id: item.pk || 0,
message: t`Successfully generated recovery link`, }).then(rec => {
description: rec.link showMessage({
}); level: MessageLevel.success,
}).catch((ex: Response) => { message: t`Successfully generated recovery link`,
ex.json().then(() => { description: rec.link
showMessage({ });
level: MessageLevel.error, }).catch((ex: Response) => {
message: t`No recovery flow is configured.`, ex.json().then(() => {
}); showMessage({
}); level: MessageLevel.error,
}); message: t`No recovery flow is configured.`,
}}> });
${t`Reset Password`} });
</ak-action-button> });
}}>
${t`Reset Password`}
</ak-action-button>`;
}
return html``;
}))}
<a class="pf-c-button pf-m-tertiary" href="${`/-/impersonation/${item.pk}/`}"> <a class="pf-c-button pf-m-tertiary" href="${`/-/impersonation/${item.pk}/`}">
${t`Impersonate`} ${t`Impersonate`}
</a>`, </a>`,