recovery: add create_admin_group management command
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
61b5b36192
commit
c4e029ffe2
30
authentik/recovery/management/commands/create_admin_group.py
Normal file
30
authentik/recovery/management/commands/create_admin_group.py
Normal file
|
@ -0,0 +1,30 @@
|
|||
"""authentik recovery create_admin_group"""
|
||||
from django.core.management.base import BaseCommand
|
||||
from django.utils.translation import gettext as _
|
||||
|
||||
from authentik.core.models import Group, User
|
||||
|
||||
|
||||
class Command(BaseCommand):
|
||||
"""Create admin group if the default group gets deleted"""
|
||||
|
||||
help = _("Create admin group if the default group gets deleted.")
|
||||
|
||||
def add_arguments(self, parser):
|
||||
parser.add_argument("user", action="store", help="User to add to the admin group.")
|
||||
|
||||
def handle(self, *args, **options):
|
||||
"""Create admin group if the default group gets deleted"""
|
||||
username = options.get("user")
|
||||
user = User.objects.filter(username=username).first()
|
||||
if not user:
|
||||
self.stderr.write(f"User '{username}' not found.")
|
||||
return
|
||||
group, _ = Group.objects.update_or_create(
|
||||
name="authentik Admins",
|
||||
defaults={
|
||||
"is_superuser": True,
|
||||
},
|
||||
)
|
||||
group.users.add(user)
|
||||
self.stdout.write(f"User '{username}' successfully added to the group 'authentik Admins'.")
|
|
@ -7,12 +7,9 @@ from django.urls import reverse
|
|||
from django.utils.text import slugify
|
||||
from django.utils.timezone import now
|
||||
from django.utils.translation import gettext as _
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.core.models import Token, TokenIntents, User
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
||||
|
||||
class Command(BaseCommand):
|
||||
"""Create Token used to recover access"""
|
||||
|
|
17
website/docs/troubleshooting/missing_admin_group.md
Normal file
17
website/docs/troubleshooting/missing_admin_group.md
Normal file
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
title: Missing admin group
|
||||
---
|
||||
|
||||
If all of the Admin groups have been deleted, or misconfigured during sync, you can use the following command to gain access back.
|
||||
|
||||
Run the following command, where *username* is the user you want to add to the newly created group:
|
||||
|
||||
```
|
||||
docker-compose run --rm server create_admin_group username
|
||||
```
|
||||
|
||||
or, for Kubernetes, run
|
||||
|
||||
```
|
||||
kubectl exec -it deployment/authentik-worker -c authentik -- ak create_admin_group username
|
||||
```
|
|
@ -210,6 +210,7 @@ module.exports = {
|
|||
"troubleshooting/login",
|
||||
"troubleshooting/image_upload_backup",
|
||||
"troubleshooting/missing_permission",
|
||||
"troubleshooting/missing_admin_group",
|
||||
],
|
||||
},
|
||||
],
|
||||
|
|
Reference in a new issue