trustchain-oc1-orchestral/authentik
Archived
10
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Update index.md

Browse source 
Replace user.ak_groups.all() with user.all_groups per 2023.8 release notes in Admin Group

Update Expression in Admin group to only pass groups that start with 'NC-' to NextCloud.  Add verbiage around naming for admin group.

Signed-off-by: Sean Dion <smdion@gmail.com>
This commit is contained in:
Sean Dion 2023-10-26 12:39:35 -05:00 committed by GitHub
parent e086da68cd
commit 4865864d97
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
website/integrations/services/nextcloud/index.md
View file

@ -98,13 +98,14 @@ To give authentik users admin access to your Nextcloud instance, you need to cre
Create a custom SAML Property Mapping: Create a custom SAML Property Mapping:
- Set the _SAML Attribute Name_ to `http://schemas.xmlsoap.org/claims/Group`. - Set the _SAML Attribute Name_ to `http://schemas.xmlsoap.org/claims/Group`.
- Set the _Expression_ to: - Set group names that you want to passthrough to start with 'NC-'
- Set the admin group to 'NC-Admin'
- Set the _Expression_ to (the 'NC-' will be removed before sending to Nextcloud):
```python ```python
for group in user.ak_groups.all(): groups = [group.name for group in user.all_groups() if group.name.startswith("NC-")]
yield group.name for group in groups:
if ak_is_group_member(request.user, name="<authentik nextcloud admin group's name>"): yield group[3:]
yield "admin"
``` ```
Then, edit the Nextcloud SAML Provider, and replace the default Groups mapping with the one you've created above. Then, edit the Nextcloud SAML Provider, and replace the default Groups mapping with the one you've created above.