providers/SCIM: improve backchannel signalling (#5657)
* providers/scim: add warning when provider is not used as backchannel provider Signed-off-by: Jens Langhammer <jens@goauthentik.io> * providers/scim: don't sync SCIM provider that isn't used as backchannel at all Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
cd7de4c0b9
commit
68a1bcf233
|
@ -24,8 +24,8 @@ class SCIMProviderSerializer(ProviderSerializer):
|
||||||
"property_mappings",
|
"property_mappings",
|
||||||
"property_mappings_group",
|
"property_mappings_group",
|
||||||
"component",
|
"component",
|
||||||
"assigned_application_slug",
|
"assigned_backchannel_application_slug",
|
||||||
"assigned_application_name",
|
"assigned_backchannel_application_name",
|
||||||
"verbose_name",
|
"verbose_name",
|
||||||
"verbose_name_plural",
|
"verbose_name_plural",
|
||||||
"meta_model_name",
|
"meta_model_name",
|
||||||
|
|
|
@ -42,7 +42,9 @@ def scim_sync_all():
|
||||||
@CELERY_APP.task(bind=True, base=MonitoredTask)
|
@CELERY_APP.task(bind=True, base=MonitoredTask)
|
||||||
def scim_sync(self: MonitoredTask, provider_pk: int) -> None:
|
def scim_sync(self: MonitoredTask, provider_pk: int) -> None:
|
||||||
"""Run SCIM full sync for provider"""
|
"""Run SCIM full sync for provider"""
|
||||||
provider: SCIMProvider = SCIMProvider.objects.filter(pk=provider_pk).first()
|
provider: SCIMProvider = SCIMProvider.objects.filter(
|
||||||
|
pk=provider_pk, backchannel_application__isnull=False
|
||||||
|
).first()
|
||||||
if not provider:
|
if not provider:
|
||||||
return
|
return
|
||||||
self.set_uid(slugify(provider.name))
|
self.set_uid(slugify(provider.name))
|
||||||
|
|
|
@ -36,6 +36,7 @@ class SCIMMembershipTests(TestCase):
|
||||||
slug=generate_id(),
|
slug=generate_id(),
|
||||||
)
|
)
|
||||||
self.app.backchannel_providers.add(self.provider)
|
self.app.backchannel_providers.add(self.provider)
|
||||||
|
self.provider.save()
|
||||||
self.provider.property_mappings.set(
|
self.provider.property_mappings.set(
|
||||||
[SCIMMapping.objects.get(managed="goauthentik.io/providers/scim/user")]
|
[SCIMMapping.objects.get(managed="goauthentik.io/providers/scim/user")]
|
||||||
)
|
)
|
||||||
|
|
|
@ -39824,11 +39824,11 @@ components:
|
||||||
type: string
|
type: string
|
||||||
description: Get object component so that we know how to edit the object
|
description: Get object component so that we know how to edit the object
|
||||||
readOnly: true
|
readOnly: true
|
||||||
assigned_application_slug:
|
assigned_backchannel_application_slug:
|
||||||
type: string
|
type: string
|
||||||
description: Internal application name, used in URLs.
|
description: Internal application name, used in URLs.
|
||||||
readOnly: true
|
readOnly: true
|
||||||
assigned_application_name:
|
assigned_backchannel_application_name:
|
||||||
type: string
|
type: string
|
||||||
description: Application's display Name.
|
description: Application's display Name.
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
@ -39857,8 +39857,8 @@ components:
|
||||||
format: uuid
|
format: uuid
|
||||||
nullable: true
|
nullable: true
|
||||||
required:
|
required:
|
||||||
- assigned_application_name
|
- assigned_backchannel_application_name
|
||||||
- assigned_application_slug
|
- assigned_backchannel_application_slug
|
||||||
- component
|
- component
|
||||||
- meta_model_name
|
- meta_model_name
|
||||||
- name
|
- name
|
||||||
|
|
|
@ -121,9 +121,14 @@ export class SCIMProviderViewPage extends AKElement {
|
||||||
if (!this.provider) {
|
if (!this.provider) {
|
||||||
return html``;
|
return html``;
|
||||||
}
|
}
|
||||||
return html` <div slot="header" class="pf-c-banner pf-m-info">
|
return html`<div slot="header" class="pf-c-banner pf-m-info">
|
||||||
${t`SCIM provider is in preview.`}
|
${t`SCIM provider is in preview.`}
|
||||||
</div>
|
</div>
|
||||||
|
${!this.provider?.assignedBackchannelApplicationName
|
||||||
|
? html`<div slot="header" class="pf-c-banner pf-m-warning">
|
||||||
|
${t`Warning: Provider is not assigned to an application as backchannel provider.`}
|
||||||
|
</div>`
|
||||||
|
: html``}
|
||||||
<div class="pf-c-page__main-section pf-m-no-padding-mobile pf-l-grid pf-m-gutter">
|
<div class="pf-c-page__main-section pf-m-no-padding-mobile pf-l-grid pf-m-gutter">
|
||||||
<div class="pf-l-grid__item pf-m-7-col pf-l-stack pf-m-gutter">
|
<div class="pf-l-grid__item pf-m-7-col pf-l-stack pf-m-gutter">
|
||||||
<div class="pf-c-card pf-m-12-col pf-l-stack__item">
|
<div class="pf-c-card pf-m-12-col pf-l-stack__item">
|
||||||
|
|
Reference in a new issue