From a960ce9454f50c38b1f4623c7833345191940620 Mon Sep 17 00:00:00 2001 From: Jens L Date: Thu, 5 Jan 2023 15:46:20 +0100 Subject: [PATCH] stages/user_write: add more user creation options (#4367) * add more user creation options Signed-off-by: Jens Langhammer * update blueprints and docs Signed-off-by: Jens Langhammer Signed-off-by: Jens Langhammer --- authentik/stages/user_write/api.py | 2 +- ...serwritestage_can_create_users_and_more.py | 44 +++++++++++++++++++ authentik/stages/user_write/models.py | 19 ++++---- authentik/stages/user_write/stage.py | 8 +++- authentik/stages/user_write/tests.py | 6 +-- .../default/0-flow-password-change.yaml | 2 +- .../20-flow-default-source-enrollment.yaml | 2 +- .../30-flow-default-user-settings-flow.yaml | 2 +- blueprints/default/91-flow-oobe.yaml | 2 +- .../example/flows-enrollment-2-stage.yaml | 2 +- .../flows-enrollment-email-verification.yaml | 2 +- .../flows-recovery-email-verification.yaml | 2 +- locale/en/LC_MESSAGES/django.po | 16 +++---- schema.yml | 36 ++++++++------- .../stages/user_write/UserWriteStageForm.ts | 35 ++++++++++----- web/src/locales/de.po | 32 ++++++++++++-- web/src/locales/en.po | 32 ++++++++++++-- web/src/locales/es.po | 32 ++++++++++++-- web/src/locales/fr_FR.po | 32 ++++++++++++-- web/src/locales/pl.po | 32 ++++++++++++-- web/src/locales/pseudo-LOCALE.po | 32 ++++++++++++-- web/src/locales/tr.po | 32 ++++++++++++-- web/src/locales/zh-Hans.po | 32 ++++++++++++-- web/src/locales/zh-Hant.po | 32 ++++++++++++-- web/src/locales/zh_TW.po | 32 ++++++++++++-- website/docs/flow/stages/user_write.md | 10 ++++- 26 files changed, 413 insertions(+), 97 deletions(-) create mode 100644 authentik/stages/user_write/migrations/0007_remove_userwritestage_can_create_users_and_more.py diff --git a/authentik/stages/user_write/api.py b/authentik/stages/user_write/api.py index 32e324349..339041dde 100644 --- a/authentik/stages/user_write/api.py +++ b/authentik/stages/user_write/api.py @@ -13,9 +13,9 @@ class UserWriteStageSerializer(StageSerializer): model = UserWriteStage fields = StageSerializer.Meta.fields + [ + "user_creation_mode", "create_users_as_inactive", "create_users_group", - "can_create_users", "user_path_template", ] diff --git a/authentik/stages/user_write/migrations/0007_remove_userwritestage_can_create_users_and_more.py b/authentik/stages/user_write/migrations/0007_remove_userwritestage_can_create_users_and_more.py new file mode 100644 index 000000000..7b55c1ba2 --- /dev/null +++ b/authentik/stages/user_write/migrations/0007_remove_userwritestage_can_create_users_and_more.py @@ -0,0 +1,44 @@ +# Generated by Django 4.1.5 on 2023-01-05 12:34 + +from django.apps.registry import Apps +from django.db import migrations, models +from django.db.backends.base.schema import BaseDatabaseSchemaEditor + + +def migrate_to_user_creation_mode(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): + UserWriteStage = apps.get_model("authentik_stages_user_write", "userwritestage") + from authentik.stages.user_write.models import UserCreationMode + + for stage in UserWriteStage.objects.using(schema_editor.connection.alias).all(): + if stage.can_create_users: + stage.user_creation_mode = UserCreationMode.NEVER_CREATE + else: + stage.user_creation_mode = UserCreationMode.CREATE_WHEN_REQUIRED + stage.save() + + +class Migration(migrations.Migration): + + dependencies = [ + ("authentik_stages_user_write", "0006_userwritestage_can_create_users"), + ] + + operations = [ + migrations.AddField( + model_name="userwritestage", + name="user_creation_mode", + field=models.TextField( + choices=[ + ("never_create", "Never Create"), + ("create_when_required", "Create When Required"), + ("always_create", "Always Create"), + ], + default="create_when_required", + ), + ), + migrations.RunPython(migrate_to_user_creation_mode), + migrations.RemoveField( + model_name="userwritestage", + name="can_create_users", + ), + ] diff --git a/authentik/stages/user_write/models.py b/authentik/stages/user_write/models.py index 5fcb7e842..a07e4c46c 100644 --- a/authentik/stages/user_write/models.py +++ b/authentik/stages/user_write/models.py @@ -9,18 +9,21 @@ from authentik.core.models import Group from authentik.flows.models import Stage +class UserCreationMode(models.TextChoices): + """Behavior of user_write stage when a user is not set in the flow context""" + + NEVER_CREATE = "never_create" + CREATE_WHEN_REQUIRED = "create_when_required" + ALWAYS_CREATE = "always_create" + + class UserWriteStage(Stage): """Writes currently pending data into the pending user, or if no user exists, creates a new user with the data.""" - can_create_users = models.BooleanField( - default=True, - help_text=_( - ( - "When set, this stage can create users. " - "If not enabled and no user is available, stage will fail." - ) - ), + user_creation_mode = models.TextField( + choices=UserCreationMode.choices, + default=UserCreationMode.CREATE_WHEN_REQUIRED, ) create_users_as_inactive = models.BooleanField( diff --git a/authentik/stages/user_write/stage.py b/authentik/stages/user_write/stage.py index def921042..2655c6123 100644 --- a/authentik/stages/user_write/stage.py +++ b/authentik/stages/user_write/stage.py @@ -15,6 +15,7 @@ from authentik.flows.stage import StageView from authentik.stages.password import BACKEND_INBUILT from authentik.stages.password.stage import PLAN_CONTEXT_AUTHENTICATION_BACKEND from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT +from authentik.stages.user_write.models import UserCreationMode from authentik.stages.user_write.signals import user_write PLAN_CONTEXT_GROUPS = "groups" @@ -56,8 +57,11 @@ class UserWriteStageView(StageView): path = User.default_path() if not self.request.user.is_anonymous: self.executor.plan.context.setdefault(PLAN_CONTEXT_PENDING_USER, self.request.user) - if PLAN_CONTEXT_PENDING_USER not in self.executor.plan.context: - if not self.executor.current_stage.can_create_users: + if ( + PLAN_CONTEXT_PENDING_USER not in self.executor.plan.context + or self.executor.current_stage.user_creation_mode == UserCreationMode.ALWAYS_CREATE + ): + if self.executor.current_stage.user_creation_mode == UserCreationMode.NEVER_CREATE: return None, False self.executor.plan.context[PLAN_CONTEXT_PENDING_USER] = User( is_active=not self.executor.current_stage.create_users_as_inactive, diff --git a/authentik/stages/user_write/tests.py b/authentik/stages/user_write/tests.py index 2c967300d..434adfdb9 100644 --- a/authentik/stages/user_write/tests.py +++ b/authentik/stages/user_write/tests.py @@ -14,7 +14,7 @@ from authentik.flows.tests.test_executor import TO_STAGE_RESPONSE_MOCK from authentik.flows.views.executor import SESSION_KEY_PLAN from authentik.lib.generators import generate_key from authentik.stages.prompt.stage import PLAN_CONTEXT_PROMPT -from authentik.stages.user_write.models import UserWriteStage +from authentik.stages.user_write.models import UserCreationMode, UserWriteStage from authentik.stages.user_write.stage import PLAN_CONTEXT_GROUPS, UserWriteStageView @@ -26,7 +26,7 @@ class TestUserWriteStage(FlowTestCase): self.flow = create_test_flow() self.group = Group.objects.create(name="test-group") self.other_group = Group.objects.create(name="other-group") - self.stage = UserWriteStage.objects.create( + self.stage: UserWriteStage = UserWriteStage.objects.create( name="write", create_users_as_inactive=True, create_users_group=self.group ) self.binding = FlowStageBinding.objects.create(target=self.flow, stage=self.stage, order=2) @@ -164,7 +164,7 @@ class TestUserWriteStage(FlowTestCase): def test_no_create(self): """Test can_create_users set to false""" - self.stage.can_create_users = False + self.stage.user_creation_mode = UserCreationMode.NEVER_CREATE self.stage.save() plan = FlowPlan(flow_pk=self.flow.pk.hex, bindings=[self.binding], markers=[StageMarker()]) session = self.client.session diff --git a/blueprints/default/0-flow-password-change.yaml b/blueprints/default/0-flow-password-change.yaml index 6c6866bfc..d385d498d 100644 --- a/blueprints/default/0-flow-password-change.yaml +++ b/blueprints/default/0-flow-password-change.yaml @@ -46,7 +46,7 @@ entries: id: default-password-change-write model: authentik_stages_user_write.userwritestage attrs: - can_create_users: false + user_creation_mode: never_create - identifiers: order: 0 stage: !KeyOf default-password-change-prompt diff --git a/blueprints/default/20-flow-default-source-enrollment.yaml b/blueprints/default/20-flow-default-source-enrollment.yaml index 8631190c4..e9bb86208 100644 --- a/blueprints/default/20-flow-default-source-enrollment.yaml +++ b/blueprints/default/20-flow-default-source-enrollment.yaml @@ -58,7 +58,7 @@ entries: id: default-source-enrollment-write model: authentik_stages_user_write.userwritestage attrs: - can_create_users: true + user_creation_mode: always_create - attrs: re_evaluate_policies: true identifiers: diff --git a/blueprints/default/30-flow-default-user-settings-flow.yaml b/blueprints/default/30-flow-default-user-settings-flow.yaml index c50779025..0dee0d245 100644 --- a/blueprints/default/30-flow-default-user-settings-flow.yaml +++ b/blueprints/default/30-flow-default-user-settings-flow.yaml @@ -110,7 +110,7 @@ entries: - identifiers: name: default-user-settings-write attrs: - can_create_users: false + user_creation_mode: never_create id: default-user-settings-write model: authentik_stages_user_write.userwritestage - attrs: diff --git a/blueprints/default/91-flow-oobe.yaml b/blueprints/default/91-flow-oobe.yaml index 66e957aee..3c90073d9 100644 --- a/blueprints/default/91-flow-oobe.yaml +++ b/blueprints/default/91-flow-oobe.yaml @@ -103,7 +103,7 @@ entries: name: default-password-change-write model: authentik_stages_user_write.userwritestage attrs: - can_create_users: false + user_creation_mode: never_create - attrs: evaluate_on_plan: true invalid_response_action: retry diff --git a/blueprints/example/flows-enrollment-2-stage.yaml b/blueprints/example/flows-enrollment-2-stage.yaml index 3e4f3dcf3..285bbcf88 100644 --- a/blueprints/example/flows-enrollment-2-stage.yaml +++ b/blueprints/example/flows-enrollment-2-stage.yaml @@ -96,7 +96,7 @@ entries: id: default-enrollment-user-write model: authentik_stages_user_write.userwritestage attrs: - can_create_users: true + user_creation_mode: always_create - identifiers: target: !KeyOf flow stage: !KeyOf default-enrollment-prompt-first diff --git a/blueprints/example/flows-enrollment-email-verification.yaml b/blueprints/example/flows-enrollment-email-verification.yaml index ffb6d63f6..aacf58b6e 100644 --- a/blueprints/example/flows-enrollment-email-verification.yaml +++ b/blueprints/example/flows-enrollment-email-verification.yaml @@ -114,7 +114,7 @@ entries: model: authentik_stages_user_write.userwritestage attrs: create_users_as_inactive: true - can_create_users: true + user_creation_mode: always_create - identifiers: target: !KeyOf flow stage: !KeyOf default-enrollment-prompt-first diff --git a/blueprints/example/flows-recovery-email-verification.yaml b/blueprints/example/flows-recovery-email-verification.yaml index 79a7cfc10..dc8566f87 100644 --- a/blueprints/example/flows-recovery-email-verification.yaml +++ b/blueprints/example/flows-recovery-email-verification.yaml @@ -64,7 +64,7 @@ entries: id: default-recovery-user-write model: authentik_stages_user_write.userwritestage attrs: - can_create_users: false + user_creation_mode: never_create - identifiers: name: default-recovery-identification id: default-recovery-identification diff --git a/locale/en/LC_MESSAGES/django.po b/locale/en/LC_MESSAGES/django.po index d8ec7dd34..c364508e9 100644 --- a/locale/en/LC_MESSAGES/django.po +++ b/locale/en/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2023-01-05 12:01+0000\n" +"POT-Creation-Date: 2023-01-05 13:59+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -1918,31 +1918,31 @@ msgstr "" msgid "User Logout Stages" msgstr "" -#: authentik/stages/user_write/models.py:28 +#: authentik/stages/user_write/models.py:31 msgid "When set, newly created users are inactive and cannot login." msgstr "" -#: authentik/stages/user_write/models.py:36 +#: authentik/stages/user_write/models.py:39 msgid "Optionally add newly created users to this group." msgstr "" -#: authentik/stages/user_write/models.py:62 +#: authentik/stages/user_write/models.py:65 msgid "User Write Stage" msgstr "" -#: authentik/stages/user_write/models.py:63 +#: authentik/stages/user_write/models.py:66 msgid "User Write Stages" msgstr "" -#: authentik/stages/user_write/stage.py:117 +#: authentik/stages/user_write/stage.py:121 msgid "No Pending data." msgstr "" -#: authentik/stages/user_write/stage.py:123 +#: authentik/stages/user_write/stage.py:127 msgid "No user found and can't create new user." msgstr "" -#: authentik/stages/user_write/stage.py:150 +#: authentik/stages/user_write/stage.py:154 msgid "Failed to save user" msgstr "" diff --git a/schema.yml b/schema.yml index e1f7c50b3..9fd8decb7 100644 --- a/schema.yml +++ b/schema.yml @@ -24409,10 +24409,6 @@ paths: operationId: stages_user_write_list description: UserWriteStage Viewset parameters: - - in: query - name: can_create_users - schema: - type: boolean - in: query name: create_users_as_inactive schema: @@ -24455,6 +24451,14 @@ paths: schema: type: string format: uuid + - in: query + name: user_creation_mode + schema: + type: string + enum: + - always_create + - create_when_required + - never_create - in: query name: user_path_template schema: @@ -34806,6 +34810,8 @@ components: type: array items: $ref: '#/components/schemas/FlowSetRequest' + user_creation_mode: + $ref: '#/components/schemas/UserCreationModeEnum' create_users_as_inactive: type: boolean description: When set, newly created users are inactive and cannot login. @@ -34814,10 +34820,6 @@ components: format: uuid nullable: true description: Optionally add newly created users to this group. - can_create_users: - type: boolean - description: When set, this stage can create users. If not enabled and no - user is available, stage will fail. user_path_template: type: string PatchedWebAuthnDeviceRequest: @@ -37507,6 +37509,12 @@ components: - application - pk - user + UserCreationModeEnum: + enum: + - never_create + - create_when_required + - always_create + type: string UserDeleteStage: type: object description: UserDeleteStage Serializer @@ -38049,6 +38057,8 @@ components: type: array items: $ref: '#/components/schemas/FlowSet' + user_creation_mode: + $ref: '#/components/schemas/UserCreationModeEnum' create_users_as_inactive: type: boolean description: When set, newly created users are inactive and cannot login. @@ -38057,10 +38067,6 @@ components: format: uuid nullable: true description: Optionally add newly created users to this group. - can_create_users: - type: boolean - description: When set, this stage can create users. If not enabled and no - user is available, stage will fail. user_path_template: type: string required: @@ -38081,6 +38087,8 @@ components: type: array items: $ref: '#/components/schemas/FlowSetRequest' + user_creation_mode: + $ref: '#/components/schemas/UserCreationModeEnum' create_users_as_inactive: type: boolean description: When set, newly created users are inactive and cannot login. @@ -38089,10 +38097,6 @@ components: format: uuid nullable: true description: Optionally add newly created users to this group. - can_create_users: - type: boolean - description: When set, this stage can create users. If not enabled and no - user is available, stage will fail. user_path_template: type: string required: diff --git a/web/src/admin/stages/user_write/UserWriteStageForm.ts b/web/src/admin/stages/user_write/UserWriteStageForm.ts index 2b1660ea4..0c580a253 100644 --- a/web/src/admin/stages/user_write/UserWriteStageForm.ts +++ b/web/src/admin/stages/user_write/UserWriteStageForm.ts @@ -1,8 +1,10 @@ +import { UserCreationModeEnum } from "@goauthentik/api/dist/models/UserCreationModeEnum"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { first } from "@goauthentik/common/utils"; import "@goauthentik/elements/forms/FormGroup"; import "@goauthentik/elements/forms/HorizontalFormElement"; import { ModelForm } from "@goauthentik/elements/forms/ModelForm"; +import "@goauthentik/elements/forms/Radio"; import "@goauthentik/elements/forms/SearchSelect"; import { t } from "@lingui/macro"; @@ -60,17 +62,28 @@ export class UserWriteStageForm extends ModelForm { ${t`Stage-specific settings`}
-
- - -
-

- ${t`When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail.`} -

+ +
diff --git a/web/src/locales/de.po b/web/src/locales/de.po index e07de0df9..7ddb27cc2 100644 --- a/web/src/locales/de.po +++ b/web/src/locales/de.po @@ -446,6 +446,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "Alternativ kannst Du auch auf diesen Link klicken, wenn Du Duo auf Deinem Gerät installiert hast: " +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -968,8 +972,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "Kann das Format 'unix://' haben, wenn eine Verbindung zu einem lokalen Docker-Daemon hergestellt wird, oder 'ssh://', wenn eine Verbindung über SSH hergestellt wird, oder 'https://:2376', wenn eine Verbindung zu einem entfernten System hergestellt wird." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1647,6 +1651,10 @@ msgstr "Neue Quelle erstellen." msgid "Create a new stage." msgstr "Neue Stufe erstellen." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1677,6 +1685,10 @@ msgstr "" msgid "Create users as inactive" msgstr "Benutzer als inaktiv anlegen" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3793,6 +3805,10 @@ msgstr "Ergebnis verneinen" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "Negiert das Ergebnis der Bindung. Nachrichten sind nicht betroffen." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7323,8 +7339,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "Wenn diese Option aktiviert ist, wird die Einladung nach ihrer Benutzung gelöscht." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7334,6 +7350,14 @@ msgstr "Wenn diese Option aktiviert ist, werden Benutzerfelder unabhängig von i msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "Wenn mehrere Stufen ausgewählt sind, kann der Benutzer wählen, welche er registrieren möchte." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "Wenn diese Option ausgewählt ist, wird ein Passwortfeld auf derselben Seite statt auf einer separaten Seite angezeigt. Dadurch werden Angriffe auf die Aufzählung von Benutzernamen verhindert." diff --git a/web/src/locales/en.po b/web/src/locales/en.po index e7f9dd7ec..ac7b6b49d 100644 --- a/web/src/locales/en.po +++ b/web/src/locales/en.po @@ -429,6 +429,10 @@ msgstr "Also known as EntityID." msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "Alternatively, if your current device has Duo installed, click on this link:" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "Always create new users" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "Always execute the configured bind flow to authenticate the user" @@ -961,8 +965,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "Can be in the format of 'unix://' when connecting to a local docker daemon, using 'ssh://' to connect via SSH, or 'https://:2376' when connecting to a remote system." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "Can create users" +#~ msgid "Can create users" +#~ msgstr "Can create users" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1651,6 +1655,10 @@ msgstr "Create a new source." msgid "Create a new stage." msgstr "Create a new stage." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "Create a new user even if a user is in the flow context." + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "Create application" @@ -1681,6 +1689,10 @@ msgstr "Create user" msgid "Create users as inactive" msgstr "Create users as inactive" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "Create users when required" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3850,6 +3862,10 @@ msgstr "Negate result" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "Negates the outcome of the binding. Messages are unaffected." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "Never create users" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "New application" @@ -7482,8 +7498,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "When enabled, the invitation will be deleted after usage." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7493,6 +7509,14 @@ msgstr "When enabled, user fields are matched regardless of their casing." msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "When multiple stages are selected, the user can choose which one they want to enroll." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "When no user is present in the flow context, the stage will fail." + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "When no user is present in the the flow context, a new user is created." + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." diff --git a/web/src/locales/es.po b/web/src/locales/es.po index d6c63c554..cc2a97057 100644 --- a/web/src/locales/es.po +++ b/web/src/locales/es.po @@ -424,6 +424,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "Como alternativa, si su dispositivo actual tiene instalado Duo, haga clic en este enlace:" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -946,8 +950,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "Puede tener el formato 'unix: //' cuando se conecta a un servicio local de docker, usando 'ssh: //' para conectarse a través de SSH, o 'https://:2376' cuando se conecta a un sistema remoto." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1623,6 +1627,10 @@ msgstr "" msgid "Create a new stage." msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1653,6 +1661,10 @@ msgstr "" msgid "Create users as inactive" msgstr "Crear usuarios como inactivos" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3769,6 +3781,10 @@ msgstr "Negar el resultado" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "Negar el resultado de la vinculación. Los mensajes no se ven afectados." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7299,8 +7315,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "Cuando se habilita, la invitación se eliminará después de su uso." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7310,6 +7326,14 @@ msgstr "Cuando se habilita, los campos de usuario coinciden independientemente d msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "Cuando se selecciona, se muestra un campo de contraseña en la misma página en lugar de en una página separada. Esto evita ataques de enumeración de nombres de usuario." diff --git a/web/src/locales/fr_FR.po b/web/src/locales/fr_FR.po index bedda7d67..aa3835ae4 100644 --- a/web/src/locales/fr_FR.po +++ b/web/src/locales/fr_FR.po @@ -429,6 +429,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "Sinon, si Duo est installé sur cet appareil, cliquez sur ce lien :" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -951,8 +955,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1628,6 +1632,10 @@ msgstr "Créer une nouvelle source." msgid "Create a new stage." msgstr "Créer une nouvelle étape." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1658,6 +1666,10 @@ msgstr "" msgid "Create users as inactive" msgstr "Créer des utilisateurs inactifs" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3770,6 +3782,10 @@ msgstr "Inverser le résultat" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "Inverse le résultat de la liaison. Les messages ne sont pas affectés." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7290,8 +7306,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "Si activée, l'invitation sera supprimée après utilisation." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7301,6 +7317,14 @@ msgstr "Si activé, les champs de l'utilisateur sont mis en correspondance en ig msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "Lorsque plusieurs étapes sont sélectionnées, les utilisateurs peuvent choisir celle qu’ils souhaient utiliser pour s’enrôler." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "Si activée, un champ de mot de passe est affiché sur la même page au lieu d'une page séparée. Cela permet d'éviter les attaques par énumération de noms d'utilisateur." diff --git a/web/src/locales/pl.po b/web/src/locales/pl.po index e99a93ca7..c323aec6b 100644 --- a/web/src/locales/pl.po +++ b/web/src/locales/pl.po @@ -428,6 +428,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "Alternatywnie, jeśli na Twoim obecnym urządzeniu jest zainstalowany Duo, kliknij ten link:" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -950,8 +954,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "Może mieć format „unix://” podczas łączenia się z lokalnym demonem dockera, używając „ssh://” do łączenia się przez SSH lub „https://:2376” podczas łączenia się z systemem zdalnym." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1629,6 +1633,10 @@ msgstr "Utwórz nowe źródło." msgid "Create a new stage." msgstr "Utwórz nowy etap." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1659,6 +1667,10 @@ msgstr "" msgid "Create users as inactive" msgstr "Utwórz użytkowników jako nieaktywnych" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3777,6 +3789,10 @@ msgstr "Neguj wynik" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "Neguje wynik wiązania. Wiadomości pozostają nienaruszone." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7311,8 +7327,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "Po włączeniu zaproszenie zostanie usunięte po użyciu." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7322,6 +7338,14 @@ msgstr "Po włączeniu pola użytkownika są dopasowywane niezależnie od wielko msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "W przypadku wybrania wielu etapów użytkownik może wybrać, na który chce się zapisać." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "Po wybraniu pole hasła jest wyświetlane na tej samej stronie zamiast na osobnej stronie. Zapobiega to atakom polegającym na wyliczaniu nazw użytkowników." diff --git a/web/src/locales/pseudo-LOCALE.po b/web/src/locales/pseudo-LOCALE.po index 92fe68676..0be2e16fd 100644 --- a/web/src/locales/pseudo-LOCALE.po +++ b/web/src/locales/pseudo-LOCALE.po @@ -425,6 +425,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -953,8 +957,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1639,6 +1643,10 @@ msgstr "" msgid "Create a new stage." msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1669,6 +1677,10 @@ msgstr "" msgid "Create users as inactive" msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3832,6 +3844,10 @@ msgstr "" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7450,8 +7466,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7461,6 +7477,14 @@ msgstr "" msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "" diff --git a/web/src/locales/tr.po b/web/src/locales/tr.po index 633fa45f5..bec47593b 100644 --- a/web/src/locales/tr.po +++ b/web/src/locales/tr.po @@ -424,6 +424,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "Alternatif olarak, mevcut cihazınızda Duo yüklüyse, şu bağlantıya tıklayın:" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -946,8 +950,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "SSH üzerinden bağlanmak için 'ssh: //' veya uzak bir sisteme bağlanırken 'https://:2376' kullanarak yerel bir docker daemonuna bağlanırken 'unix: //' biçiminde olabilir." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1623,6 +1627,10 @@ msgstr "" msgid "Create a new stage." msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1653,6 +1661,10 @@ msgstr "" msgid "Create users as inactive" msgstr "Kullanıcıları etkin olmayan olarak oluşturma" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3769,6 +3781,10 @@ msgstr "Negate sonucu" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "Bağlamanın sonucunu susturur. Mesajlar etkilenmez." +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7299,8 +7315,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "Etkinleştirildiğinde, davetiye kullanımdan sonra silinir." #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7310,6 +7326,14 @@ msgstr "Etkinleştirildiğinde, kullanıcı alanları muhafazası ne olursa olsu msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "Seçildiğinde, ayrı bir sayfa yerine aynı sayfada bir parola alanı gösterilir. Bu, kullanıcı adı numaralandırma saldırılarını engeller." diff --git a/web/src/locales/zh-Hans.po b/web/src/locales/zh-Hans.po index c78c1236c..fb06cd050 100644 --- a/web/src/locales/zh-Hans.po +++ b/web/src/locales/zh-Hans.po @@ -430,6 +430,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "或者,如果您当前的设备已安装 Duo,请点击此链接:" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -952,8 +956,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "连接到本地 Docker 守护进程时可以采用 'unix://' 格式,通过 SSH 连接时采用 'ssh://' 格式,或者在连接到远程系统时采用 'https://:2376' 格式。" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1631,6 +1635,10 @@ msgstr "创建一个新身份来源。" msgid "Create a new stage." msgstr "创建一个新阶段。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1661,6 +1669,10 @@ msgstr "" msgid "Create users as inactive" msgstr "创建未激活用户" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3777,6 +3789,10 @@ msgstr "反转结果" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "反转绑定的结果。消息不受影响。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7309,8 +7325,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "启用后,邀请将在使用后被删除。" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7320,6 +7336,14 @@ msgstr "启用后,无论大小写如何,都将匹配用户字段。" msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "选中多个阶段时,用户可以选择要注册哪个。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "选中后,密码字段将显示在同一页面,而不是单独的页面上。这样可以防止用户名枚举攻击。" diff --git a/web/src/locales/zh-Hant.po b/web/src/locales/zh-Hant.po index 1d04bae8c..bb067dfda 100644 --- a/web/src/locales/zh-Hant.po +++ b/web/src/locales/zh-Hant.po @@ -430,6 +430,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "或者,如果您当前的设备已安装 Duo,请单击此链接:" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -952,8 +956,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "连接到本地 docker 守护进程时可以采用 'unix: //' 的格式,通过 SSH 连接时使用 'ssh: //',或者在连接到远程系统时使用 'https://:2376' 的格式。" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1631,6 +1635,10 @@ msgstr "创建一个新身份来源。" msgid "Create a new stage." msgstr "创建一个新阶段。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1661,6 +1669,10 @@ msgstr "" msgid "Create users as inactive" msgstr "将用户创建为非活动用户" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3777,6 +3789,10 @@ msgstr "否定结果" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "否定绑定的结果。消息不受影响。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7309,8 +7325,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "启用后,邀请将在使用后被删除。" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7320,6 +7336,14 @@ msgstr "启用后,无论用户字段大小写如何,都将匹配用户字段 msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "选中多个阶段时,用户可以选择要注册哪个。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "选中后,密码字段将显示在同一页面上,而不是单独的页面上。这样可以防止用户名枚举攻击。" diff --git a/web/src/locales/zh_TW.po b/web/src/locales/zh_TW.po index e21fc055b..015985799 100644 --- a/web/src/locales/zh_TW.po +++ b/web/src/locales/zh_TW.po @@ -430,6 +430,10 @@ msgstr "" msgid "Alternatively, if your current device has Duo installed, click on this link:" msgstr "或者,如果您当前的设备已安装 Duo,请单击此链接:" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Always create new users" +msgstr "" + #: src/admin/providers/ldap/LDAPProviderForm.ts msgid "Always execute the configured bind flow to authenticate the user" msgstr "" @@ -952,8 +956,8 @@ msgid "Can be in the format of 'unix://' when connecting to a local docker daemo msgstr "连接到本地 docker 守护进程时可以采用 'unix: //' 的格式,通过 SSH 连接时使用 'ssh: //',或者在连接到远程系统时使用 'https://:2376' 的格式。" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "Can create users" -msgstr "" +#~ msgid "Can create users" +#~ msgstr "" #: src/admin/groups/MemberSelectModal.ts #: src/admin/users/GroupSelectModal.ts @@ -1631,6 +1635,10 @@ msgstr "创建一个新身份来源。" msgid "Create a new stage." msgstr "创建一个新阶段。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create a new user even if a user is in the flow context." +msgstr "" + #: src/admin/applications/wizard/InitialApplicationWizardPage.ts msgid "Create application" msgstr "" @@ -1661,6 +1669,10 @@ msgstr "" msgid "Create users as inactive" msgstr "将用户创建为非活动用户" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Create users when required" +msgstr "" + #: src/admin/outposts/ServiceConnectionWizard.ts #: src/admin/policies/PolicyWizard.ts #: src/admin/property-mappings/PropertyMappingWizard.ts @@ -3777,6 +3789,10 @@ msgstr "否定结果" msgid "Negates the outcome of the binding. Messages are unaffected." msgstr "否定绑定的结果。消息不受影响。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "Never create users" +msgstr "" + #: src/admin/applications/wizard/ApplicationWizard.ts msgid "New application" msgstr "" @@ -7309,8 +7325,8 @@ msgid "When enabled, the invitation will be deleted after usage." msgstr "启用后,邀请将在使用后被删除。" #: src/admin/stages/user_write/UserWriteStageForm.ts -msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." -msgstr "" +#~ msgid "When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail." +#~ msgstr "" #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When enabled, user fields are matched regardless of their casing." @@ -7320,6 +7336,14 @@ msgstr "启用后,无论用户字段大小写如何,都将匹配用户字段 msgid "When multiple stages are selected, the user can choose which one they want to enroll." msgstr "选中多个阶段时,用户可以选择要注册哪个。" +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the flow context, the stage will fail." +msgstr "" + +#: src/admin/stages/user_write/UserWriteStageForm.ts +msgid "When no user is present in the the flow context, a new user is created." +msgstr "" + #: src/admin/stages/identification/IdentificationStageForm.ts msgid "When selected, a password field is shown on the same page instead of a separate page. This prevents username enumeration attacks." msgstr "选中后,密码字段将显示在同一页面上,而不是单独的页面上。这样可以防止用户名枚举攻击。" diff --git a/website/docs/flow/stages/user_write.md b/website/docs/flow/stages/user_write.md index fb9acf6ad..02ae9ce02 100644 --- a/website/docs/flow/stages/user_write.md +++ b/website/docs/flow/stages/user_write.md @@ -2,7 +2,7 @@ title: User write stage --- -This stages writes data from the current context to the current pending user. If no user is pending, a new one is created. +This stages writes data from the current flow context to a user. Newly created users can be created as inactive and can be assigned to a selected group. @@ -17,3 +17,11 @@ group, _ = Group.objects.get_or_create(name="some-group") request.context["flow_plan"].context["groups"] = [group] return True ``` + +### User creation + +By default, this stage will create a new user when none is present in the flow context. + +Starting with authentik 2022.12, the stage can by default not create new users to prevent users from creating new accounts without authorization. + +Starting with authentik 2023.1, this option has been expanded to allow user creation, forbid it or force user creation.