trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/ldap: fix LDAP Outpost application selection (#5812) 

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-05-31 14:14:25 +02:00 committed by Jens Langhammer
parent a7bf963409
commit 772acb10d6
No known key found for this signature in database
3 changed files with 52 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
authentik/core/api/providers.py
View File

@ -1,4 +1,6 @@
"""Provider API Views""" """Provider API Views"""
from django.db.models import QuerySet
from django.db.models.query import Q
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django_filters.filters import BooleanFilter from django_filters.filters import BooleanFilter
from django_filters.filterset import FilterSet from django_filters.filterset import FilterSet
@ -56,17 +58,22 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer):
class ProviderFilter(FilterSet): class ProviderFilter(FilterSet):
"""Filter for groups""" """Filter for providers"""
application__isnull = BooleanFilter( application__isnull = BooleanFilter(method="filter_application__isnull")
field_name="application",
lookup_expr="isnull",
)
backchannel_only = BooleanFilter( backchannel_only = BooleanFilter(
method="filter_backchannel_only", method="filter_backchannel_only",
) )
def filter_backchannel_only(self, queryset, name, value): def filter_application__isnull(self, queryset: QuerySet, name, value):
"""Only return providers that are neither assigned to application,
both as provider or application provider"""
return queryset.filter(
Q(backchannel_application__isnull=value, is_backchannel=True)
| Q(application__isnull=value)
)
def filter_backchannel_only(self, queryset: QuerySet, name, value):
"""Only return backchannel providers""" """Only return backchannel providers"""
return queryset.filter(is_backchannel=value) return queryset.filter(is_backchannel=value)

47
authentik/providers/ldap/api.py
View File

@ -1,4 +1,8 @@
"""LDAPProvider API Views""" """LDAPProvider API Views"""
from django.db.models import QuerySet
from django.db.models.query import Q
from django_filters.filters import BooleanFilter
from django_filters.filterset import FilterSet
from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.fields import CharField, ListField, SerializerMethodField
from rest_framework.serializers import ModelSerializer from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet from rest_framework.viewsets import ModelViewSet, ReadOnlyModelViewSet
@ -29,24 +33,41 @@ class LDAPProviderSerializer(ProviderSerializer):
extra_kwargs = ProviderSerializer.Meta.extra_kwargs extra_kwargs = ProviderSerializer.Meta.extra_kwargs
class LDAPProviderFilter(FilterSet):
"""LDAP Provider filters"""
application__isnull = BooleanFilter(method="filter_application__isnull")
def filter_application__isnull(self, queryset: QuerySet, name, value):
"""Only return providers that are neither assigned to application,
both as provider or application provider"""
return queryset.filter(
Q(backchannel_application__isnull=value) | Q(application__isnull=value)
)
class Meta:
model = LDAPProvider
fields = {
"application": ["isnull"],
"name": ["iexact"],
"authorization_flow__slug": ["iexact"],
"base_dn": ["iexact"],
"search_group__group_uuid": ["iexact"],
"search_group__name": ["iexact"],
"certificate__kp_uuid": ["iexact"],
"certificate__name": ["iexact"],
"tls_server_name": ["iexact"],
"uid_start_number": ["iexact"],
"gid_start_number": ["iexact"],
}
class LDAPProviderViewSet(UsedByMixin, ModelViewSet): class LDAPProviderViewSet(UsedByMixin, ModelViewSet):
"""LDAPProvider Viewset""" """LDAPProvider Viewset"""
queryset = LDAPProvider.objects.all() queryset = LDAPProvider.objects.all()
serializer_class = LDAPProviderSerializer serializer_class = LDAPProviderSerializer
filterset_fields = { filterset_class = LDAPProviderFilter
"application": ["isnull"],
"name": ["iexact"],
"authorization_flow__slug": ["iexact"],
"base_dn": ["iexact"],
"search_group__group_uuid": ["iexact"],
"search_group__name": ["iexact"],
"certificate__kp_uuid": ["iexact"],
"certificate__name": ["iexact"],
"tls_server_name": ["iexact"],
"uid_start_number": ["iexact"],
"gid_start_number": ["iexact"],
}
search_fields = ["name"] search_fields = ["name"]
ordering = ["name"] ordering = ["name"]

6
web/src/admin/outposts/OutpostForm.ts
View File

@ -191,8 +191,12 @@ export class OutpostForm extends ModelForm<Outpost, string> {
const selected = Array.from(this.instance?.providers || []).some((sp) => { const selected = Array.from(this.instance?.providers || []).some((sp) => {
return sp == provider.pk; return sp == provider.pk;
}); });
let appName = provider.assignedApplicationName;
if (provider.assignedBackchannelApplicationName) {
appName = provider.assignedBackchannelApplicationName;
}
return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}> return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}>
${provider.assignedApplicationName} (${provider.name}) ${appName} (${provider.name})
</option>`; </option>`;
})} })}
</select> </select>