trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

events: add ability to create events via API 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-06-26 23:37:03 +02:00
parent 4ec5df6b12
commit 60c3cf890a
4 changed files with 195 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
authentik/events/api/event.py
View File

@ -6,11 +6,11 @@ from drf_spectacular.types import OpenApiTypes
from drf_spectacular.utils import OpenApiParameter, extend_schema from drf_spectacular.utils import OpenApiParameter, extend_schema
from guardian.shortcuts import get_objects_for_user from guardian.shortcuts import get_objects_for_user
from rest_framework.decorators import action from rest_framework.decorators import action
from rest_framework.fields import CharField, DictField, IntegerField from rest_framework.fields import DictField, IntegerField
from rest_framework.request import Request from rest_framework.request import Request
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ReadOnlyModelViewSet from rest_framework.viewsets import ModelViewSet
from authentik.core.api.utils import PassiveSerializer, TypeCreateSerializer from authentik.core.api.utils import PassiveSerializer, TypeCreateSerializer
from authentik.events.models import Event, EventAction from authentik.events.models import Event, EventAction
@ -19,11 +19,6 @@ from authentik.events.models import Event, EventAction
class EventSerializer(ModelSerializer): class EventSerializer(ModelSerializer):
"""Event Serializer""" """Event Serializer"""
# Since we only use this serializer for read-only operations,
# no checking of the action is done here.
# This allows clients to check wildcards, prefixes and custom types
action = CharField()
class Meta: class Meta:
model = Event model = Event
@ -96,7 +91,7 @@ class EventsFilter(django_filters.FilterSet):
fields = ["action", "client_ip", "username"] fields = ["action", "client_ip", "username"]
class EventViewSet(ReadOnlyModelViewSet): class EventViewSet(ModelViewSet):
"""Event Read-Only Viewset""" """Event Read-Only Viewset"""
queryset = Event.objects.all() queryset = Event.objects.all()

5
authentik/outposts/models.py
View File

@ -405,7 +405,10 @@ class Outpost(models.Model):
def get_required_objects(self) -> Iterable[Union[models.Model, str]]: def get_required_objects(self) -> Iterable[Union[models.Model, str]]:
"""Get an iterator of all objects the user needs read access to""" """Get an iterator of all objects the user needs read access to"""
objects: list[Union[models.Model, str]] = [self] objects: list[Union[models.Model, str]] = [
self,
"authentik_events.add_event",
]
for provider in ( for provider in (
Provider.objects.filter(outpost=self).select_related().select_subclasses() Provider.objects.filter(outpost=self).select_related().select_subclasses()
): ):

1
authentik/root/settings.py
View File

@ -153,6 +153,7 @@ SPECTACULAR_SETTINGS = {
"url": "https://github.com/goauthentik/authentik/blob/master/LICENSE", "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE",
}, },
"ENUM_NAME_OVERRIDES": { "ENUM_NAME_OVERRIDES": {
"EventActions": "authentik.events.models.EventAction",
"ChallengeChoices": "authentik.flows.challenge.ChallengeTypes", "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes",
"FlowDesignationEnum": "authentik.flows.models.FlowDesignation", "FlowDesignationEnum": "authentik.flows.models.FlowDesignation",
"PolicyEngineMode": "authentik.policies.models.PolicyEngineMode", "PolicyEngineMode": "authentik.policies.models.PolicyEngineMode",

220
schema.yml
View File

@ -3572,6 +3572,37 @@ paths:
$ref: '#/components/schemas/ValidationError' $ref: '#/components/schemas/ValidationError'
'403': '403':
$ref: '#/components/schemas/GenericError' $ref: '#/components/schemas/GenericError'
post:
operationId: events_events_create
description: Event Read-Only Viewset
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EventRequest'
application/x-www-form-urlencoded:
schema:
$ref: '#/components/schemas/EventRequest'
multipart/form-data:
schema:
$ref: '#/components/schemas/EventRequest'
required: true
security:
- authentik: []
- cookieAuth: []
responses:
'201':
content:
application/json:
schema:
$ref: '#/components/schemas/Event'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
/api/v2beta/events/events/{event_uuid}/: /api/v2beta/events/events/{event_uuid}/:
get: get:
operationId: events_events_retrieve operationId: events_events_retrieve
@ -3600,6 +3631,106 @@ paths:
$ref: '#/components/schemas/ValidationError' $ref: '#/components/schemas/ValidationError'
'403': '403':
$ref: '#/components/schemas/GenericError' $ref: '#/components/schemas/GenericError'
put:
operationId: events_events_update
description: Event Read-Only Viewset
parameters:
- in: path
name: event_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EventRequest'
application/x-www-form-urlencoded:
schema:
$ref: '#/components/schemas/EventRequest'
multipart/form-data:
schema:
$ref: '#/components/schemas/EventRequest'
required: true
security:
- authentik: []
- cookieAuth: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Event'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
patch:
operationId: events_events_partial_update
description: Event Read-Only Viewset
parameters:
- in: path
name: event_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event.
required: true
tags:
- events
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/PatchedEventRequest'
application/x-www-form-urlencoded:
schema:
$ref: '#/components/schemas/PatchedEventRequest'
multipart/form-data:
schema:
$ref: '#/components/schemas/PatchedEventRequest'
security:
- authentik: []
- cookieAuth: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/Event'
description: ''
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
delete:
operationId: events_events_destroy
description: Event Read-Only Viewset
parameters:
- in: path
name: event_uuid
schema:
type: string
format: uuid
description: A UUID string identifying this Event.
required: true
tags:
- events
security:
- authentik: []
- cookieAuth: []
responses:
'204':
description: No response body
'400':
$ref: '#/components/schemas/ValidationError'
'403':
$ref: '#/components/schemas/GenericError'
/api/v2beta/events/events/actions/: /api/v2beta/events/events/actions/:
get: get:
operationId: events_events_actions_list operationId: events_events_actions_list
@ -19242,7 +19373,7 @@ components:
type: object type: object
additionalProperties: {} additionalProperties: {}
action: action:
type: string $ref: '#/components/schemas/EventActions'
app: app:
type: string type: string
context: context:
@ -19266,6 +19397,34 @@ components:
- app - app
- created - created
- pk - pk
EventActions:
enum:
- login
- login_failed
- logout
- user_write
- suspicious_request
- password_set
- secret_view
- invitation_used
- authorize_application
- source_linked
- impersonation_started
- impersonation_ended
- policy_execution
- policy_exception
- property_mapping_exception
- system_task_execution
- system_task_exception
- system_exception
- configuration_error
- model_created
- model_updated
- model_deleted
- email_sent
- update_available
- custom_
type: string
EventMatcherPolicy: EventMatcherPolicy:
type: object type: object
description: Event Matcher Policy Serializer description: Event Matcher Policy Serializer
@ -19296,7 +19455,7 @@ components:
readOnly: true readOnly: true
action: action:
allOf: allOf:
- $ref: '#/components/schemas/EventMatcherPolicyActionEnum' - $ref: '#/components/schemas/EventActions'
description: Match created events with this action type. When left empty, description: Match created events with this action type. When left empty,
all action types will be matched. all action types will be matched.
client_ip: client_ip:
@ -19314,34 +19473,6 @@ components:
- pk - pk
- verbose_name - verbose_name
- verbose_name_plural - verbose_name_plural
EventMatcherPolicyActionEnum:
enum:
- login
- login_failed
- logout
- user_write
- suspicious_request
- password_set
- secret_view
- invitation_used
- authorize_application
- source_linked
- impersonation_started
- impersonation_ended
- policy_execution
- policy_exception
- property_mapping_exception
- system_task_execution
- system_task_exception
- system_exception
- configuration_error
- model_created
- model_updated
- model_deleted
- email_sent
- update_available
- custom_
type: string
EventMatcherPolicyRequest: EventMatcherPolicyRequest:
type: object type: object
description: Event Matcher Policy Serializer description: Event Matcher Policy Serializer
@ -19355,7 +19486,7 @@ components:
will be logged. By default, only execution errors are logged. will be logged. By default, only execution errors are logged.
action: action:
allOf: allOf:
- $ref: '#/components/schemas/EventMatcherPolicyActionEnum' - $ref: '#/components/schemas/EventActions'
description: Match created events with this action type. When left empty, description: Match created events with this action type. When left empty,
all action types will be matched. all action types will be matched.
client_ip: client_ip:
@ -19375,7 +19506,7 @@ components:
type: object type: object
additionalProperties: {} additionalProperties: {}
action: action:
type: string $ref: '#/components/schemas/EventActions'
app: app:
type: string type: string
context: context:
@ -24429,7 +24560,7 @@ components:
will be logged. By default, only execution errors are logged. will be logged. By default, only execution errors are logged.
action: action:
allOf: allOf:
- $ref: '#/components/schemas/EventMatcherPolicyActionEnum' - $ref: '#/components/schemas/EventActions'
description: Match created events with this action type. When left empty, description: Match created events with this action type. When left empty,
all action types will be matched. all action types will be matched.
client_ip: client_ip:
@ -24441,6 +24572,29 @@ components:
- $ref: '#/components/schemas/AppEnum' - $ref: '#/components/schemas/AppEnum'
description: Match events created by selected application. When left empty, description: Match events created by selected application. When left empty,
all applications are matched. all applications are matched.
PatchedEventRequest:
type: object
description: Event Serializer
properties:
user:
type: object
additionalProperties: {}
action:
$ref: '#/components/schemas/EventActions'
app:
type: string
context:
type: object
additionalProperties: {}
client_ip:
type: string
nullable: true
expires:
type: string
format: date-time
tenant:
type: object
additionalProperties: {}
PatchedExpressionPolicyRequest: PatchedExpressionPolicyRequest:
type: object type: object
description: Group Membership Policy Serializer description: Group Membership Policy Serializer