sources/ldap: fix parent_group not being applied
closes #2464 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
parent
dcaa8d6322
commit
a3df414f24
|
|
@ -37,6 +37,7 @@ class GroupLDAPSynchronizer(BaseLDAPSynchronizer):
|
||||||
uniq = self._flatten(attributes[self._source.object_uniqueness_field])
|
uniq = self._flatten(attributes[self._source.object_uniqueness_field])
|
||||||
try:
|
try:
|
||||||
defaults = self.build_group_properties(group_dn, **attributes)
|
defaults = self.build_group_properties(group_dn, **attributes)
|
||||||
|
defaults["parent"] = self._source.sync_parent_group
|
||||||
self._logger.debug("Creating group with attributes", **defaults)
|
self._logger.debug("Creating group with attributes", **defaults)
|
||||||
if "name" not in defaults:
|
if "name" not in defaults:
|
||||||
raise IntegrityError("Name was not set by propertymappings")
|
raise IntegrityError("Name was not set by propertymappings")
|
||||||
|
|
@ -47,7 +48,6 @@ class GroupLDAPSynchronizer(BaseLDAPSynchronizer):
|
||||||
Group,
|
Group,
|
||||||
{
|
{
|
||||||
f"attributes__{LDAP_UNIQUENESS}": uniq,
|
f"attributes__{LDAP_UNIQUENESS}": uniq,
|
||||||
"parent": self._source.sync_parent_group,
|
|
||||||
},
|
},
|
||||||
defaults,
|
defaults,
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -5,6 +5,7 @@ from django.db.models import Q
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
|
|
||||||
from authentik.core.models import Group, User
|
from authentik.core.models import Group, User
|
||||||
|
from authentik.core.tests.utils import create_test_admin_user
|
||||||
from authentik.events.models import Event, EventAction
|
from authentik.events.models import Event, EventAction
|
||||||
from authentik.lib.generators import generate_key
|
from authentik.lib.generators import generate_key
|
||||||
from authentik.managed.manager import ObjectManager
|
from authentik.managed.manager import ObjectManager
|
||||||
|
|
@ -24,7 +25,7 @@ class LDAPSyncTests(TestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
ObjectManager().run()
|
ObjectManager().run()
|
||||||
self.source = LDAPSource.objects.create(
|
self.source: LDAPSource = LDAPSource.objects.create(
|
||||||
name="ldap",
|
name="ldap",
|
||||||
slug="ldap",
|
slug="ldap",
|
||||||
base_dn="dc=goauthentik,dc=io",
|
base_dn="dc=goauthentik,dc=io",
|
||||||
|
|
@ -120,6 +121,9 @@ class LDAPSyncTests(TestCase):
|
||||||
self.source.property_mappings_group.set(
|
self.source.property_mappings_group.set(
|
||||||
LDAPPropertyMapping.objects.filter(managed="goauthentik.io/sources/ldap/default-name")
|
LDAPPropertyMapping.objects.filter(managed="goauthentik.io/sources/ldap/default-name")
|
||||||
)
|
)
|
||||||
|
_user = create_test_admin_user()
|
||||||
|
parent_group = Group.objects.get(name=_user.username)
|
||||||
|
self.source.sync_parent_group = parent_group
|
||||||
connection = PropertyMock(return_value=mock_ad_connection(LDAP_PASSWORD))
|
connection = PropertyMock(return_value=mock_ad_connection(LDAP_PASSWORD))
|
||||||
with patch("authentik.sources.ldap.models.LDAPSource.connection", connection):
|
with patch("authentik.sources.ldap.models.LDAPSource.connection", connection):
|
||||||
self.source.save()
|
self.source.save()
|
||||||
|
|
@ -127,8 +131,9 @@ class LDAPSyncTests(TestCase):
|
||||||
group_sync.sync()
|
group_sync.sync()
|
||||||
membership_sync = MembershipLDAPSynchronizer(self.source)
|
membership_sync = MembershipLDAPSynchronizer(self.source)
|
||||||
membership_sync.sync()
|
membership_sync.sync()
|
||||||
group = Group.objects.filter(name="test-group")
|
group: Group = Group.objects.filter(name="test-group").first()
|
||||||
self.assertTrue(group.exists())
|
self.assertIsNotNone(group)
|
||||||
|
self.assertEqual(group.parent, parent_group)
|
||||||
|
|
||||||
def test_sync_groups_openldap(self):
|
def test_sync_groups_openldap(self):
|
||||||
"""Test group sync"""
|
"""Test group sync"""
|
||||||
|
|
|
||||||
|
|
@ -165,9 +165,9 @@ export class LibraryPage extends LitElement {
|
||||||
<section class="pf-c-page__main-section">
|
<section class="pf-c-page__main-section">
|
||||||
${loading(
|
${loading(
|
||||||
this.apps,
|
this.apps,
|
||||||
html`${((this.apps?.results || []).filter((app) => {
|
html`${(this.apps?.results || []).filter((app) => {
|
||||||
return app.launchUrl !== null;
|
return app.launchUrl !== null;
|
||||||
})).length > 0
|
}).length > 0
|
||||||
? this.renderApps(config)
|
? this.renderApps(config)
|
||||||
: this.renderEmptyState()}`,
|
: this.renderEmptyState()}`,
|
||||||
)}
|
)}
|
||||||
|
|
|
||||||
|
|
@ -101,11 +101,13 @@ export class UserSettingsFlowExecutor extends LitElement implements StageHost {
|
||||||
if (!this.flowSlug) {
|
if (!this.flowSlug) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
new FlowsApi(DEFAULT_CONFIG).flowsInstancesExecuteRetrieve({
|
new FlowsApi(DEFAULT_CONFIG)
|
||||||
slug: this.flowSlug || "",
|
.flowsInstancesExecuteRetrieve({
|
||||||
}).then(() => {
|
slug: this.flowSlug || "",
|
||||||
this.nextChallenge();
|
})
|
||||||
})
|
.then(() => {
|
||||||
|
this.nextChallenge();
|
||||||
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Reference in a new issue