rbac: add InitialPermissions (#13795)

* add `InitialPermissions` model to RBAC This is a powerful construct between Permission and Role to set initial permissions for newly created objects. * use safer `request.user` * fixup! use safer `request.user` * force all self-defined serializers to descend from our custom one See https://github.com/goauthentik/authentik/pull/10139 * reorganize initial permission assignment * fixup! reorganize initial permission assignment
2025-04-14 17:55:49 +02:00
parent 38a9e46af3
commit 03d5dad867
21 changed files with 1047 additions and 10 deletions
--- a/web/src/admin/Routes.ts
+++ b/web/src/admin/Routes.ts
@ -84,6 +84,10 @@ export const ROUTES: Route[] = [
        await import("@goauthentik/admin/roles/RoleListPage");
        return html`<ak-role-list></ak-role-list>`;
    }),
+    new Route(new RegExp("^/identity/initial-permissions$"), async () => {
+        await import("@goauthentik/admin/rbac/InitialPermissionsListPage");
+        return html`<ak-initial-permissions-list></ak-initial-permissions-list>`;
+    }),
    new Route(new RegExp(`^/identity/roles/(?<id>${UUID_REGEX})$`), async (args) => {
        await import("@goauthentik/admin/roles/RoleViewPage");
        return html`<ak-role-view roleId=${args.id}></ak-role-view>`;