rework event trigger tasks

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2025-06-24 20:04:29 +02:00
parent 2a460201bb
commit 0e67c1d818
4 changed files with 42 additions and 8 deletions
--- a/authentik/events/models.py
+++ b/authentik/events/models.py
@ -535,7 +535,7 @@ class Notification(SerializerModel):
        verbose_name_plural = _("Notifications")


-class NotificationRule(SerializerModel, PolicyBindingModel):
+class NotificationRule(TasksModel, SerializerModel, PolicyBindingModel):
    """Decide when to create a Notification based on policies attached to this object."""

    name = models.TextField(unique=True)
--- a/authentik/events/signals.py
+++ b/authentik/events/signals.py
@ -111,10 +111,9 @@ def on_password_changed(sender, user: User, password: str, request: HttpRequest
@receiver(post_save, sender=Event)
 def event_post_save_notification(sender, instance: Event, **_):
    """Start task to check if any policies trigger an notification on this event"""
-    from authentik.events.tasks import event_trigger_handler
+    from authentik.events.tasks import event_trigger_dispatch

-    for trigger in NotificationRule.objects.all():
-        event_trigger_handler.send(instance.event_uuid, trigger.name)
+    event_trigger_dispatch.send(instance.event_uuid)


@receiver(pre_delete, sender=User)
--- a/authentik/events/tasks.py
+++ b/authentik/events/tasks.py
@ -23,13 +23,27 @@ from authentik.tasks.models import Task
 LOGGER = get_logger()


-@actor(description=_("Check if policies attached to NotificationRule match event."))
+@actor(description=_("Dispatch new event notifications."))
+def event_trigger_dispatch(event_uuid: UUID):
+    for trigger in NotificationRule.objects.all():
+        event_trigger_handler.send_with_options(args=(event_uuid, trigger.name), rel_obj=trigger)
+
+
+@actor(
+    description=_(
+        "Check if policies attached to NotificationRule match event "
+        "and dispatch notification tasks."
+    )
+)
 def event_trigger_handler(event_uuid: UUID, trigger_name: str):
    """Check if policies attached to NotificationRule match event"""
+    self: Task = CurrentTask.get_task()
+
    event: Event = Event.objects.filter(event_uuid=event_uuid).first()
    if not event:
-        LOGGER.warning("event doesn't exist yet or anymore", event_uuid=event_uuid)
+        self.warning("event doesn't exist yet or anymore", event_uuid=event_uuid)
        return
+
    trigger: NotificationRule | None = NotificationRule.objects.filter(name=trigger_name).first()
    if not trigger:
        return
@ -64,9 +78,9 @@ def event_trigger_handler(event_uuid: UUID, trigger_name: str):

    LOGGER.debug("e(trigger): event trigger matched", trigger=trigger)
    # Create the notification objects
+    count = 0
    for transport in trigger.transports.all():
        for user in trigger.destination_users(event):
-            LOGGER.debug("created notification")
            notification_transport.send_with_options(
                args=(
                    transport.pk,
@ -76,8 +90,10 @@ def event_trigger_handler(event_uuid: UUID, trigger_name: str):
                ),
                rel_obj=transport,
            )
+            count += 1
            if transport.send_once:
                break
+    self.info(f"Created {count} notification tasks")


@actor(description=_("Send notification."))
@ -95,7 +111,7 @@ def notification_transport(transport_pk: int, event_pk: str, user_pk: int, trigg
    notification = Notification(
        severity=trigger.severity, body=event.summary, event=event, user=user
    )
-    transport = NotificationTransport.objects.filter(pk=transport_pk).first()
+    transport: NotificationTransport = NotificationTransport.objects.filter(pk=transport_pk).first()
    if not transport:
        return
    transport.send(notification)
--- a/web/src/admin/events/RuleListPage.ts
+++ b/web/src/admin/events/RuleListPage.ts
@ -1,6 +1,7 @@
 import "@goauthentik/admin/events/RuleForm";
 import "@goauthentik/admin/policies/BoundPoliciesList";
 import "@goauthentik/admin/rbac/ObjectPermissionModal";
+import "@goauthentik/admin/system-tasks/TaskList";
 import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
 import { severityToLabel } from "@goauthentik/common/labels";
 import "@goauthentik/components/ak-status-label";
@ -18,6 +19,7 @@ import { customElement, property } from "lit/decorators.js";

 import {
    EventsApi,
+    ModelEnum,
    NotificationRule,
    RbacPermissionsAssignedByUsersListModelEnum,
 } from "@goauthentik/api";
@ -124,6 +126,7 @@ export class RuleListPage extends TablePage<NotificationRule> {
    }

    renderExpanded(item: NotificationRule): TemplateResult {
+        const [appLabel, modelName] = ModelEnum.AuthentikEventsNotificationrule.split(".");
        return html` <td role="cell" colspan="4">
            <div class="pf-c-table__expandable-row-content">
                <p>
@ -133,6 +136,22 @@ Bindings to groups/users are checked against the user of the event.`,
                    )}
                </p>
                <ak-bound-policies-list .target=${item.pk}> </ak-bound-policies-list>
+                <dl class="pf-c-description-list pf-m-horizontal">
+                    <div class="pf-c-description-list__group">
+                        <dt class="pf-c-description-list__term">
+                            <span class="pf-c-description-list__text">${msg("Tasks")}</span>
+                        </dt>
+                        <dd class="pf-c-description-list__description">
+                            <div class="pf-c-description-list__text">
+                                <ak-task-list
+                                    .relObjAppLabel=${appLabel}
+                                    .relObjModel=${modelName}
+                                    .relObjId="${item.pk}"
+                                ></ak-task-list>
+                            </div>
+                        </dd>
+                    </div>
+                </dl>
            </div>
        </td>`;
    }