diff --git a/authentik/core/api/applications.py b/authentik/core/api/applications.py index ffc1c1e74..b576d9221 100644 --- a/authentik/core/api/applications.py +++ b/authentik/core/api/applications.py @@ -107,15 +107,19 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet): return applications @extend_schema( - request=inline_serializer( - "CheckAccessRequest", fields={"for_user": IntegerField(required=False)} - ), + parameters=[ + OpenApiParameter( + name="for_user", + location=OpenApiParameter.QUERY, + type=OpenApiTypes.INT, + ) + ], responses={ 200: PolicyTestResultSerializer(), 404: OpenApiResponse(description="for_user user not found"), }, ) - @action(detail=True, methods=["POST"]) + @action(detail=True, methods=["GET"]) # pylint: disable=unused-argument def check_access(self, request: Request, slug: str) -> Response: """Check access to a single application by slug""" diff --git a/schema.yml b/schema.yml index 1366e80e5..1d38e7bc4 100644 --- a/schema.yml +++ b/schema.yml @@ -1504,10 +1504,14 @@ paths: '403': $ref: '#/components/schemas/GenericError' /api/v2beta/core/applications/{slug}/check_access/: - post: - operationId: core_applications_check_access_create + get: + operationId: core_applications_check_access_retrieve description: Check access to a single application by slug parameters: + - in: query + name: for_user + schema: + type: integer - in: path name: slug schema: @@ -1516,17 +1520,6 @@ paths: required: true tags: - core - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/CheckAccessRequestRequest' - application/x-www-form-urlencoded: - schema: - $ref: '#/components/schemas/CheckAccessRequestRequest' - multipart/form-data: - schema: - $ref: '#/components/schemas/CheckAccessRequestRequest' security: - authentik: [] - cookieAuth: [] @@ -18415,11 +18408,6 @@ components: - shell - redirect type: string - CheckAccessRequestRequest: - type: object - properties: - for_user: - type: integer ClientTypeEnum: enum: - confidential