import { t } from "@lingui/macro"; import { CSSResult, TemplateResult, html } from "lit"; import { customElement, property } from "lit/decorators.js"; import { until } from "lit/directives/until.js"; import PFAlert from "@patternfly/patternfly/components/Alert/alert.css"; import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css"; import { CapabilitiesEnum, CoreApi, ResponseError, User } from "@goauthentik/api"; import { AKResponse } from "../../api/Client"; import { DEFAULT_CONFIG, config, tenant } from "../../api/Config"; import { me } from "../../api/Users"; import { uiConfig } from "../../common/config"; import { PFColor } from "../../elements/Label"; import "../../elements/buttons/ActionButton"; import "../../elements/forms/DeleteBulkForm"; import "../../elements/forms/ModalForm"; import { MessageLevel } from "../../elements/messages/Message"; import { showMessage } from "../../elements/messages/MessageContainer"; import { getURLParam, updateURLParams } from "../../elements/router/RouteMatch"; import { Table, TableColumn } from "../../elements/table/Table"; import { first } from "../../utils"; import "./ServiceAccountForm"; import "./UserActiveForm"; import "./UserForm"; import "./UserPasswordForm"; import "./UserResetEmailForm"; @customElement("ak-user-related-list") export class RelatedUserList extends Table { expandable = true; checkbox = true; searchEnabled(): boolean { return true; } @property() groupUuid?: string; @property() order = "last_login"; @property({ type: Boolean }) hideServiceAccounts = getURLParam("hideServiceAccounts", true); static get styles(): CSSResult[] { return super.styles.concat(PFDescriptionList, PFAlert); } async apiEndpoint(page: number): Promise> { return new CoreApi(DEFAULT_CONFIG).coreUsersList({ ordering: this.order, page: page, pageSize: (await uiConfig()).pagination.perPage, search: this.search || "", groupsByPk: this.groupUuid ? [this.groupUuid] : [], attributes: this.hideServiceAccounts ? JSON.stringify({ "goauthentik.io/user/service-account__isnull": true, }) : undefined, }); } columns(): TableColumn[] { return [ new TableColumn(t`Name`, "username"), new TableColumn(t`Active`, "active"), new TableColumn(t`Last login`, "last_login"), new TableColumn(t`Actions`), ]; } renderToolbarSelected(): TemplateResult { const disabled = this.selectedElements.length < 1; return html` { return [ { key: t`Username`, value: item.username }, { key: t`ID`, value: item.pk.toString() }, { key: t`UID`, value: item.uid }, ]; }} .usedBy=${(item: User) => { return new CoreApi(DEFAULT_CONFIG).coreUsersUsedByList({ id: item.pk, }); }} .delete=${(item: User) => { return new CoreApi(DEFAULT_CONFIG).coreUsersDestroy({ id: item.pk, }); }} > ${until( me().then((user) => { const shouldShowWarning = this.selectedElements.find((el) => { return el.pk === user.user.pk || el.pk == user.original?.pk; }); if (shouldShowWarning) { return html`

${t`Warning: You're about to delete the user you're logged in as (${shouldShowWarning.username}). Proceed at your own risk.`}

`; } return html``; }), )}
`; } row(item: User): TemplateResult[] { return [ html`
${item.username}
${item.name}
`, html` ${item.isActive ? t`Yes` : t`No`} `, html`${first(item.lastLogin?.toLocaleString(), t`-`)}`, html` ${t`Update`} ${t`Update User`} ${until( config().then((config) => { if (config.capabilities.includes(CapabilitiesEnum.Impersonate)) { return html` ${t`Impersonate`} `; } return html``; }), )}`, ]; } renderExpanded(item: User): TemplateResult { return html`
${t`User status`}
${item.isActive ? t`Active` : t`Inactive`}
${item.isSuperuser ? t`Superuser` : t`Regular user`}
${t`Change status`}
{ return new CoreApi( DEFAULT_CONFIG, ).coreUsersPartialUpdate({ id: item.pk || 0, patchedUserRequest: { isActive: !item.isActive, }, }); }} >
${t`Recovery`}
${t`Update password`} ${t`Update password`} ${until( tenant().then((tenant) => { if (!tenant.flowRecovery) { return html`

${t`To let a user directly reset a their password, configure a recovery flow on the currently active tenant.`}

`; } return html` { return new CoreApi(DEFAULT_CONFIG) .coreUsersRecoveryRetrieve({ id: item.pk || 0, }) .then((rec) => { showMessage({ level: MessageLevel.success, message: t`Successfully generated recovery link`, description: rec.link, }); }) .catch((ex: ResponseError) => { ex.response.json().then(() => { showMessage({ level: MessageLevel.error, message: t`No recovery flow is configured.`, }); }); }); }} > ${t`Copy recovery link`} ${item.email ? html` ${t`Send link`} ${t`Send recovery link to user`} ` : html`${t`Recovery link cannot be emailed, user has no email address saved.`}`} `; }), )}
`; } renderToolbar(): TemplateResult { return html` ${t`Create`} ${t`Create User`} ${t`Create`} ${t`Create Service account`} ${super.renderToolbar()} `; } renderToolbarAfter(): TemplateResult { return html` 
{ this.hideServiceAccounts = !this.hideServiceAccounts; this.page = 1; this.fetch(); updateURLParams({ hideServiceAccounts: this.hideServiceAccounts, }); }} />
`; } }