From 0e67c1d818b705c6063d1cb7a6bb841aee260630 Mon Sep 17 00:00:00 2001 From: Marc 'risson' Schmitt Date: Tue, 24 Jun 2025 20:04:29 +0200 Subject: [PATCH] rework event trigger tasks Signed-off-by: Marc 'risson' Schmitt --- authentik/events/models.py | 2 +- authentik/events/signals.py | 5 ++--- authentik/events/tasks.py | 24 ++++++++++++++++++++---- web/src/admin/events/RuleListPage.ts | 19 +++++++++++++++++++ 4 files changed, 42 insertions(+), 8 deletions(-) diff --git a/authentik/events/models.py b/authentik/events/models.py index b1c369dcfa..d1f128837e 100644 --- a/authentik/events/models.py +++ b/authentik/events/models.py @@ -535,7 +535,7 @@ class Notification(SerializerModel): verbose_name_plural = _("Notifications") -class NotificationRule(SerializerModel, PolicyBindingModel): +class NotificationRule(TasksModel, SerializerModel, PolicyBindingModel): """Decide when to create a Notification based on policies attached to this object.""" name = models.TextField(unique=True) diff --git a/authentik/events/signals.py b/authentik/events/signals.py index 9e6774dbeb..8e706a4c01 100644 --- a/authentik/events/signals.py +++ b/authentik/events/signals.py @@ -111,10 +111,9 @@ def on_password_changed(sender, user: User, password: str, request: HttpRequest @receiver(post_save, sender=Event) def event_post_save_notification(sender, instance: Event, **_): """Start task to check if any policies trigger an notification on this event""" - from authentik.events.tasks import event_trigger_handler + from authentik.events.tasks import event_trigger_dispatch - for trigger in NotificationRule.objects.all(): - event_trigger_handler.send(instance.event_uuid, trigger.name) + event_trigger_dispatch.send(instance.event_uuid) @receiver(pre_delete, sender=User) diff --git a/authentik/events/tasks.py b/authentik/events/tasks.py index a29b5ea988..5ef96577ca 100644 --- a/authentik/events/tasks.py +++ b/authentik/events/tasks.py @@ -23,13 +23,27 @@ from authentik.tasks.models import Task LOGGER = get_logger() -@actor(description=_("Check if policies attached to NotificationRule match event.")) +@actor(description=_("Dispatch new event notifications.")) +def event_trigger_dispatch(event_uuid: UUID): + for trigger in NotificationRule.objects.all(): + event_trigger_handler.send_with_options(args=(event_uuid, trigger.name), rel_obj=trigger) + + +@actor( + description=_( + "Check if policies attached to NotificationRule match event " + "and dispatch notification tasks." + ) +) def event_trigger_handler(event_uuid: UUID, trigger_name: str): """Check if policies attached to NotificationRule match event""" + self: Task = CurrentTask.get_task() + event: Event = Event.objects.filter(event_uuid=event_uuid).first() if not event: - LOGGER.warning("event doesn't exist yet or anymore", event_uuid=event_uuid) + self.warning("event doesn't exist yet or anymore", event_uuid=event_uuid) return + trigger: NotificationRule | None = NotificationRule.objects.filter(name=trigger_name).first() if not trigger: return @@ -64,9 +78,9 @@ def event_trigger_handler(event_uuid: UUID, trigger_name: str): LOGGER.debug("e(trigger): event trigger matched", trigger=trigger) # Create the notification objects + count = 0 for transport in trigger.transports.all(): for user in trigger.destination_users(event): - LOGGER.debug("created notification") notification_transport.send_with_options( args=( transport.pk, @@ -76,8 +90,10 @@ def event_trigger_handler(event_uuid: UUID, trigger_name: str): ), rel_obj=transport, ) + count += 1 if transport.send_once: break + self.info(f"Created {count} notification tasks") @actor(description=_("Send notification.")) @@ -95,7 +111,7 @@ def notification_transport(transport_pk: int, event_pk: str, user_pk: int, trigg notification = Notification( severity=trigger.severity, body=event.summary, event=event, user=user ) - transport = NotificationTransport.objects.filter(pk=transport_pk).first() + transport: NotificationTransport = NotificationTransport.objects.filter(pk=transport_pk).first() if not transport: return transport.send(notification) diff --git a/web/src/admin/events/RuleListPage.ts b/web/src/admin/events/RuleListPage.ts index 8c9a9f3fdd..8e301db700 100644 --- a/web/src/admin/events/RuleListPage.ts +++ b/web/src/admin/events/RuleListPage.ts @@ -1,6 +1,7 @@ import "@goauthentik/admin/events/RuleForm"; import "@goauthentik/admin/policies/BoundPoliciesList"; import "@goauthentik/admin/rbac/ObjectPermissionModal"; +import "@goauthentik/admin/system-tasks/TaskList"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { severityToLabel } from "@goauthentik/common/labels"; import "@goauthentik/components/ak-status-label"; @@ -18,6 +19,7 @@ import { customElement, property } from "lit/decorators.js"; import { EventsApi, + ModelEnum, NotificationRule, RbacPermissionsAssignedByUsersListModelEnum, } from "@goauthentik/api"; @@ -124,6 +126,7 @@ export class RuleListPage extends TablePage { } renderExpanded(item: NotificationRule): TemplateResult { + const [appLabel, modelName] = ModelEnum.AuthentikEventsNotificationrule.split("."); return html`

@@ -133,6 +136,22 @@ Bindings to groups/users are checked against the user of the event.`, )}

+
+
+
+ ${msg("Tasks")} +
+
+
+ +
+
+
+
`; }