root: partial Live-updating config (#5959)

* stages/email: directly use email credentials from config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use custom database backend that supports dynamic credentials Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add crude config reloader Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make method names for CONFIG clearer Signed-off-by: Jens Langhammer <jens@goauthentik.io> * replace config.set with environ Not sure if this is the cleanest way, but it persists through a config reload Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add set for @patch Signed-off-by: Jens Langhammer <jens@goauthentik.io> * even more crudeness Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clean up some old stuff? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * somewhat rewrite config loader to keep track of a source of an attribute so we can refresh it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup old things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix flow e2e Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-07-19 23:13:22 +02:00
parent fb4e4dc8db
commit 2f469d2709
44 changed files with 260 additions and 184 deletions
--- a/blueprints/default/flow-default-user-settings-flow.yaml
+++ b/blueprints/default/flow-default-user-settings-flow.yaml
@ -94,21 +94,21 @@ entries:
      prompt_data = request.context.get("prompt_data")

      if not request.user.group_attributes(request.http_request).get(
-          USER_ATTRIBUTE_CHANGE_EMAIL, CONFIG.y_bool("default_user_change_email", True)
+          USER_ATTRIBUTE_CHANGE_EMAIL, CONFIG.get_bool("default_user_change_email", True)
      ):
          if prompt_data.get("email") != request.user.email:
              ak_message("Not allowed to change email address.")
              return False

      if not request.user.group_attributes(request.http_request).get(
-          USER_ATTRIBUTE_CHANGE_NAME, CONFIG.y_bool("default_user_change_name", True)
+          USER_ATTRIBUTE_CHANGE_NAME, CONFIG.get_bool("default_user_change_name", True)
      ):
          if prompt_data.get("name") != request.user.name:
              ak_message("Not allowed to change name.")
              return False

      if not request.user.group_attributes(request.http_request).get(
-          USER_ATTRIBUTE_CHANGE_USERNAME, CONFIG.y_bool("default_user_change_username", True)
+          USER_ATTRIBUTE_CHANGE_USERNAME, CONFIG.get_bool("default_user_change_username", True)
      ):
          if prompt_data.get("username") != request.user.username:
              ak_message("Not allowed to change username.")