outposts: update outpost permissions on m2m change

closes #1105

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-07-04 19:13:59 +02:00
parent da8417a141
commit df92111296
3 changed files with 14 additions and 1 deletions

View file

@ -1,7 +1,7 @@
"""authentik outpost signals"""
from django.core.cache import cache
from django.db.models import Model
from django.db.models.signals import post_save, pre_delete, pre_save
from django.db.models.signals import m2m_changed, post_save, pre_delete, pre_save
from django.dispatch import receiver
from structlog.stdlib import get_logger
@ -46,6 +46,14 @@ def pre_save_outpost(sender, instance: Outpost, **_):
outpost_controller.delay(instance.pk.hex, action="down", from_cache=True)
@receiver(m2m_changed, sender=Outpost.providers.through)
# pylint: disable=unused-argument
def m2m_changed_update(sender, instance: Model, action: str, **_):
"""Update outpost on m2m change, when providers are added or removed"""
if action in ["post_add", "post_remove", "post_clear"]:
outpost_post_save.delay(class_to_path(instance.__class__), instance.pk)
@receiver(post_save)
# pylint: disable=unused-argument
def post_save_update(sender, instance: Model, **_):

View file

@ -195,6 +195,8 @@ class TestProviderLDAP(SeleniumTestCase):
"goauthentik.io/ldap/user",
],
"memberOf": [],
"accountStatus": ["true"],
"superuser": ["false"],
"goauthentik.io/ldap/active": ["true"],
"goauthentik.io/ldap/superuser": ["false"],
"goauthentik.io/user/override-ips": ["true"],
@ -218,6 +220,8 @@ class TestProviderLDAP(SeleniumTestCase):
"memberOf": [
"cn=authentik Admins,ou=groups,dc=ldap,dc=goauthentik,dc=io"
],
"accountStatus": ["true"],
"superuser": ["true"],
"goauthentik.io/ldap/active": ["true"],
"goauthentik.io/ldap/superuser": ["true"],
"extraAttribute": ["bar"],

View file

@ -149,6 +149,7 @@ slug: "2021.6"
- outposts: fix docker controller not checking env correctly
- outposts: fix docker controller not checking ports correctly
- outposts: fix empty message when docker outpost controller has changed nothing
- outposts: fix permissions not being set correctly upon outpost creation
- outposts/ldap: add support for boolean fields in ldap
- outposts/proxy: always redirect to session-end interface on sign_out
- providers/oauth2: add revoked field, create suspicious event when previous token is used