-
-
Notifications
You must be signed in to change notification settings - Fork 884
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into web/bug/search-select-focus-issue
* main: (37 commits) release: 2024.6.3 website/docs: prepare 2024.6.3 release notes (#10775) website/scripts: updated readme, added docsmg.env file (#10710) web: bump API Client version (#10777) root: fix opencontainers ref (#10776) core: applications api: properly select provider (#10373) root: remove warnings (#10774) enterprise/rac: fix error when listing connection tokens as non-superuser (#10771) core: bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (#10754) core: bump goauthentik.io/api/v3 from 3.2024062.1 to 3.2024062.2 (#10753) core: bump golang.org/x/sync from 0.7.0 to 0.8.0 (#10755) web: bump the rollup group across 1 directory with 3 updates (#10756) web: bump core-js from 3.37.1 to 3.38.0 in /web (#10757) web: bump @swc/core from 1.7.4 to 1.7.6 in /web/sfe (#10758) web: bump rollup from 4.19.2 to 4.20.0 in /web/sfe (#10759) core: bump black from 24.4.2 to 24.8.0 (#10760) core: bump msgraph-sdk from 1.5.3 to 1.5.4 (#10761) core: bump coverage from 7.6.0 to 7.6.1 (#10762) core: bump ruff from 0.5.5 to 0.5.6 (#10763) core: bump django-filter from 24.2 to 24.3 (#10764) ...
- Loading branch information
Showing
65 changed files
with
4,856 additions
and
666 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
version: 1 | ||
entries: | ||
- model: authentik_core.user | ||
id: user | ||
identifiers: | ||
username: "%(id)s" | ||
attrs: | ||
name: "%(id)s" | ||
- model: authentik_rbac.role | ||
id: role | ||
identifiers: | ||
name: "%(id)s" | ||
- model: authentik_flows.flow | ||
identifiers: | ||
slug: "%(id)s" | ||
attrs: | ||
designation: authentication | ||
name: foo | ||
title: foo | ||
permissions: | ||
- permission: view_flow | ||
user: !KeyOf user | ||
- permission: view_flow | ||
role: !KeyOf role |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
version: 1 | ||
entries: | ||
- model: authentik_rbac.role | ||
identifiers: | ||
name: "%(id)s" | ||
attrs: | ||
permissions: | ||
- authentik_blueprints.view_blueprintinstance |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
version: 1 | ||
entries: | ||
- model: authentik_core.user | ||
identifiers: | ||
username: "%(id)s" | ||
attrs: | ||
name: "%(id)s" | ||
permissions: | ||
- authentik_blueprints.view_blueprintinstance |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
"""Test blueprints v1""" | ||
|
||
from django.test import TransactionTestCase | ||
from guardian.shortcuts import get_perms | ||
|
||
from authentik.blueprints.v1.importer import Importer | ||
from authentik.core.models import User | ||
from authentik.flows.models import Flow | ||
from authentik.lib.generators import generate_id | ||
from authentik.lib.tests.utils import load_fixture | ||
from authentik.rbac.models import Role | ||
|
||
|
||
class TestBlueprintsV1RBAC(TransactionTestCase): | ||
"""Test Blueprints rbac attribute""" | ||
|
||
def test_user_permission(self): | ||
"""Test permissions""" | ||
uid = generate_id() | ||
import_yaml = load_fixture("fixtures/rbac_user.yaml", id=uid) | ||
|
||
importer = Importer.from_string(import_yaml) | ||
self.assertTrue(importer.validate()[0]) | ||
self.assertTrue(importer.apply()) | ||
user = User.objects.filter(username=uid).first() | ||
self.assertIsNotNone(user) | ||
self.assertTrue(user.has_perms(["authentik_blueprints.view_blueprintinstance"])) | ||
|
||
def test_role_permission(self): | ||
"""Test permissions""" | ||
uid = generate_id() | ||
import_yaml = load_fixture("fixtures/rbac_role.yaml", id=uid) | ||
|
||
importer = Importer.from_string(import_yaml) | ||
self.assertTrue(importer.validate()[0]) | ||
self.assertTrue(importer.apply()) | ||
role = Role.objects.filter(name=uid).first() | ||
self.assertIsNotNone(role) | ||
self.assertEqual( | ||
list(role.group.permissions.all().values_list("codename", flat=True)), | ||
["view_blueprintinstance"], | ||
) | ||
|
||
def test_object_permission(self): | ||
"""Test permissions""" | ||
uid = generate_id() | ||
import_yaml = load_fixture("fixtures/rbac_object.yaml", id=uid) | ||
|
||
importer = Importer.from_string(import_yaml) | ||
self.assertTrue(importer.validate()[0]) | ||
self.assertTrue(importer.apply()) | ||
flow = Flow.objects.filter(slug=uid).first() | ||
user = User.objects.filter(username=uid).first() | ||
role = Role.objects.filter(name=uid).first() | ||
self.assertIsNotNone(flow) | ||
self.assertEqual(get_perms(user, flow), ["view_flow"]) | ||
self.assertEqual(get_perms(role.group, flow), ["view_flow"]) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.