From 5262f61483d795f4b5b603f191378c99493bbd9c Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Wed, 19 Feb 2025 13:16:18 +0100 Subject: [PATCH] providers/rac: move to open source (cherry-pick #13015) (#13112) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit providers/rac: move to open source (#13015) * move RAC to open source * move web out of enterprise * remove enterprise license requirements from RAC * format --------- Signed-off-by: Jens Langhammer Co-authored-by: Simonyi Gergő <28359278+gergosimonyi@users.noreply.github.com> Co-authored-by: Jens Langhammer --- authentik/blueprints/v1/importer.py | 2 +- authentik/enterprise/providers/rac/apps.py | 14 - authentik/enterprise/settings.py | 1 - authentik/outposts/api/outposts.py | 2 +- authentik/outposts/tasks.py | 4 +- .../providers/rac/__init__.py | 0 .../providers/rac/api/__init__.py | 0 .../providers/rac/api/connection_tokens.py | 9 +- .../providers/rac/api/endpoints.py | 7 +- .../providers/rac/api/property_mappings.py | 2 +- .../providers/rac/api/providers.py | 5 +- authentik/providers/rac/apps.py | 14 + .../providers/rac/consumer_client.py | 8 +- .../providers/rac/consumer_outpost.py | 2 +- .../providers/rac/controllers/__init__.py | 0 .../providers/rac/controllers/docker.py | 0 .../providers/rac/controllers/kubernetes.py | 0 .../providers/rac/migrations/0001_initial.py | 0 ..._alter_connectiontoken_options_and_more.py | 0 .../0002_endpoint_maximum_connections.py | 0 ..._alter_connectiontoken_options_and_more.py | 0 .../0004_alter_connectiontoken_expires.py | 0 .../0005_alter_racpropertymapping_options.py | 0 ...authentik_p_expires_91f148_idx_and_more.py | 0 .../providers/rac/migrations/__init__.py | 0 .../{enterprise => }/providers/rac/models.py | 6 +- .../{enterprise => }/providers/rac/signals.py | 6 +- .../providers/rac/templates/if/rac.html | 2 +- .../providers/rac/tests/__init__.py | 0 .../providers/rac/tests/test_api.py | 20 - .../providers/rac/tests/test_endpoints_api.py | 2 +- .../providers/rac/tests/test_models.py | 4 +- .../providers/rac/tests/test_views.py | 47 +- .../{enterprise => }/providers/rac/urls.py | 14 +- .../{enterprise => }/providers/rac/views.py | 6 +- authentik/root/settings.py | 1 + blueprints/schema.json | 668 +++++++++--------- schema.yml | 8 +- web/build.mjs | 2 +- web/scripts/knip.config.ts | 2 +- web/src/{enterprise => }/rac/index.ts | 0 41 files changed, 395 insertions(+), 463 deletions(-) delete mode 100644 authentik/enterprise/providers/rac/apps.py rename authentik/{enterprise => }/providers/rac/__init__.py (100%) rename authentik/{enterprise => }/providers/rac/api/__init__.py (100%) rename authentik/{enterprise => }/providers/rac/api/connection_tokens.py (78%) rename authentik/{enterprise => }/providers/rac/api/endpoints.py (94%) rename authentik/{enterprise => }/providers/rac/api/property_mappings.py (95%) rename authentik/{enterprise => }/providers/rac/api/providers.py (87%) create mode 100644 authentik/providers/rac/apps.py rename authentik/{enterprise => }/providers/rac/consumer_client.py (96%) rename authentik/{enterprise => }/providers/rac/consumer_outpost.py (95%) rename authentik/{enterprise => }/providers/rac/controllers/__init__.py (100%) rename authentik/{enterprise => }/providers/rac/controllers/docker.py (100%) rename authentik/{enterprise => }/providers/rac/controllers/kubernetes.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/0001_initial.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/0001_squashed_0003_alter_connectiontoken_options_and_more.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/0002_endpoint_maximum_connections.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/0003_alter_connectiontoken_options_and_more.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/0004_alter_connectiontoken_expires.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/0005_alter_racpropertymapping_options.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/0006_connectiontoken_authentik_p_expires_91f148_idx_and_more.py (100%) rename authentik/{enterprise => }/providers/rac/migrations/__init__.py (100%) rename authentik/{enterprise => }/providers/rac/models.py (96%) rename authentik/{enterprise => }/providers/rac/signals.py (88%) rename authentik/{enterprise => }/providers/rac/templates/if/rac.html (85%) rename authentik/{enterprise => }/providers/rac/tests/__init__.py (100%) rename authentik/{enterprise => }/providers/rac/tests/test_api.py (53%) rename authentik/{enterprise => }/providers/rac/tests/test_endpoints_api.py (98%) rename authentik/{enterprise => }/providers/rac/tests/test_models.py (98%) rename authentik/{enterprise => }/providers/rac/tests/test_views.py (67%) rename authentik/{enterprise => }/providers/rac/urls.py (66%) rename authentik/{enterprise => }/providers/rac/views.py (96%) rename web/src/{enterprise => }/rac/index.ts (100%) diff --git a/authentik/blueprints/v1/importer.py b/authentik/blueprints/v1/importer.py index a86e62c4a8..700a32ad73 100644 --- a/authentik/blueprints/v1/importer.py +++ b/authentik/blueprints/v1/importer.py @@ -50,7 +50,6 @@ from authentik.enterprise.providers.microsoft_entra.models import ( MicrosoftEntraProviderGroup, MicrosoftEntraProviderUser, ) -from authentik.enterprise.providers.rac.models import ConnectionToken from authentik.enterprise.providers.ssf.models import StreamEvent from authentik.enterprise.stages.authenticator_endpoint_gdtc.models import ( EndpointDevice, @@ -72,6 +71,7 @@ from authentik.providers.oauth2.models import ( DeviceToken, RefreshToken, ) +from authentik.providers.rac.models import ConnectionToken from authentik.providers.scim.models import SCIMProviderGroup, SCIMProviderUser from authentik.rbac.models import Role from authentik.sources.scim.models import SCIMSourceGroup, SCIMSourceUser diff --git a/authentik/enterprise/providers/rac/apps.py b/authentik/enterprise/providers/rac/apps.py deleted file mode 100644 index 6359c5594b..0000000000 --- a/authentik/enterprise/providers/rac/apps.py +++ /dev/null @@ -1,14 +0,0 @@ -"""RAC app config""" - -from authentik.enterprise.apps import EnterpriseConfig - - -class AuthentikEnterpriseProviderRAC(EnterpriseConfig): - """authentik enterprise rac app config""" - - name = "authentik.enterprise.providers.rac" - label = "authentik_providers_rac" - verbose_name = "authentik Enterprise.Providers.RAC" - default = True - mountpoint = "" - ws_mountpoint = "authentik.enterprise.providers.rac.urls" diff --git a/authentik/enterprise/settings.py b/authentik/enterprise/settings.py index a032fbd016..7f735eb312 100644 --- a/authentik/enterprise/settings.py +++ b/authentik/enterprise/settings.py @@ -16,7 +16,6 @@ TENANT_APPS = [ "authentik.enterprise.audit", "authentik.enterprise.providers.google_workspace", "authentik.enterprise.providers.microsoft_entra", - "authentik.enterprise.providers.rac", "authentik.enterprise.providers.ssf", "authentik.enterprise.stages.authenticator_endpoint_gdtc", "authentik.enterprise.stages.source", diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py index ba84cf42e3..b4723ce3a6 100644 --- a/authentik/outposts/api/outposts.py +++ b/authentik/outposts/api/outposts.py @@ -19,7 +19,6 @@ from authentik.core.api.used_by import UsedByMixin from authentik.core.api.utils import JSONDictField, ModelSerializer, PassiveSerializer from authentik.core.models import Provider from authentik.enterprise.license import LicenseKey -from authentik.enterprise.providers.rac.models import RACProvider from authentik.lib.utils.time import timedelta_from_string, timedelta_string_validator from authentik.outposts.api.service_connections import ServiceConnectionSerializer from authentik.outposts.apps import MANAGED_OUTPOST, MANAGED_OUTPOST_NAME @@ -31,6 +30,7 @@ from authentik.outposts.models import ( ) from authentik.providers.ldap.models import LDAPProvider from authentik.providers.proxy.models import ProxyProvider +from authentik.providers.rac.models import RACProvider from authentik.providers.radius.models import RadiusProvider diff --git a/authentik/outposts/tasks.py b/authentik/outposts/tasks.py index 7a80ce9be4..e09dcf769f 100644 --- a/authentik/outposts/tasks.py +++ b/authentik/outposts/tasks.py @@ -18,8 +18,6 @@ from kubernetes.config.kube_config import KUBE_CONFIG_DEFAULT_LOCATION from structlog.stdlib import get_logger from yaml import safe_load -from authentik.enterprise.providers.rac.controllers.docker import RACDockerController -from authentik.enterprise.providers.rac.controllers.kubernetes import RACKubernetesController from authentik.events.models import TaskStatus from authentik.events.system_tasks import SystemTask, prefill_task from authentik.lib.config import CONFIG @@ -41,6 +39,8 @@ from authentik.providers.ldap.controllers.docker import LDAPDockerController from authentik.providers.ldap.controllers.kubernetes import LDAPKubernetesController from authentik.providers.proxy.controllers.docker import ProxyDockerController from authentik.providers.proxy.controllers.kubernetes import ProxyKubernetesController +from authentik.providers.rac.controllers.docker import RACDockerController +from authentik.providers.rac.controllers.kubernetes import RACKubernetesController from authentik.providers.radius.controllers.docker import RadiusDockerController from authentik.providers.radius.controllers.kubernetes import RadiusKubernetesController from authentik.root.celery import CELERY_APP diff --git a/authentik/enterprise/providers/rac/__init__.py b/authentik/providers/rac/__init__.py similarity index 100% rename from authentik/enterprise/providers/rac/__init__.py rename to authentik/providers/rac/__init__.py diff --git a/authentik/enterprise/providers/rac/api/__init__.py b/authentik/providers/rac/api/__init__.py similarity index 100% rename from authentik/enterprise/providers/rac/api/__init__.py rename to authentik/providers/rac/api/__init__.py diff --git a/authentik/enterprise/providers/rac/api/connection_tokens.py b/authentik/providers/rac/api/connection_tokens.py similarity index 78% rename from authentik/enterprise/providers/rac/api/connection_tokens.py rename to authentik/providers/rac/api/connection_tokens.py index 18c1485d12..c6de12b1c2 100644 --- a/authentik/enterprise/providers/rac/api/connection_tokens.py +++ b/authentik/providers/rac/api/connection_tokens.py @@ -6,13 +6,12 @@ from rest_framework.viewsets import GenericViewSet from authentik.core.api.groups import GroupMemberSerializer from authentik.core.api.used_by import UsedByMixin from authentik.core.api.utils import ModelSerializer -from authentik.enterprise.api import EnterpriseRequiredMixin -from authentik.enterprise.providers.rac.api.endpoints import EndpointSerializer -from authentik.enterprise.providers.rac.api.providers import RACProviderSerializer -from authentik.enterprise.providers.rac.models import ConnectionToken +from authentik.providers.rac.api.endpoints import EndpointSerializer +from authentik.providers.rac.api.providers import RACProviderSerializer +from authentik.providers.rac.models import ConnectionToken -class ConnectionTokenSerializer(EnterpriseRequiredMixin, ModelSerializer): +class ConnectionTokenSerializer(ModelSerializer): """ConnectionToken Serializer""" provider_obj = RACProviderSerializer(source="provider", read_only=True) diff --git a/authentik/enterprise/providers/rac/api/endpoints.py b/authentik/providers/rac/api/endpoints.py similarity index 94% rename from authentik/enterprise/providers/rac/api/endpoints.py rename to authentik/providers/rac/api/endpoints.py index 6cb4aea8fa..4f63976158 100644 --- a/authentik/enterprise/providers/rac/api/endpoints.py +++ b/authentik/providers/rac/api/endpoints.py @@ -14,10 +14,9 @@ from structlog.stdlib import get_logger from authentik.core.api.used_by import UsedByMixin from authentik.core.api.utils import ModelSerializer from authentik.core.models import Provider -from authentik.enterprise.api import EnterpriseRequiredMixin -from authentik.enterprise.providers.rac.api.providers import RACProviderSerializer -from authentik.enterprise.providers.rac.models import Endpoint from authentik.policies.engine import PolicyEngine +from authentik.providers.rac.api.providers import RACProviderSerializer +from authentik.providers.rac.models import Endpoint from authentik.rbac.filters import ObjectFilter LOGGER = get_logger() @@ -28,7 +27,7 @@ def user_endpoint_cache_key(user_pk: str) -> str: return f"goauthentik.io/providers/rac/endpoint_access/{user_pk}" -class EndpointSerializer(EnterpriseRequiredMixin, ModelSerializer): +class EndpointSerializer(ModelSerializer): """Endpoint Serializer""" provider_obj = RACProviderSerializer(source="provider", read_only=True) diff --git a/authentik/enterprise/providers/rac/api/property_mappings.py b/authentik/providers/rac/api/property_mappings.py similarity index 95% rename from authentik/enterprise/providers/rac/api/property_mappings.py rename to authentik/providers/rac/api/property_mappings.py index d41a4eb16c..4a5beafdb3 100644 --- a/authentik/enterprise/providers/rac/api/property_mappings.py +++ b/authentik/providers/rac/api/property_mappings.py @@ -10,7 +10,7 @@ from rest_framework.viewsets import ModelViewSet from authentik.core.api.property_mappings import PropertyMappingSerializer from authentik.core.api.used_by import UsedByMixin from authentik.core.api.utils import JSONDictField -from authentik.enterprise.providers.rac.models import RACPropertyMapping +from authentik.providers.rac.models import RACPropertyMapping class RACPropertyMappingSerializer(PropertyMappingSerializer): diff --git a/authentik/enterprise/providers/rac/api/providers.py b/authentik/providers/rac/api/providers.py similarity index 87% rename from authentik/enterprise/providers/rac/api/providers.py rename to authentik/providers/rac/api/providers.py index 9d0439ee7e..35ae2b2410 100644 --- a/authentik/enterprise/providers/rac/api/providers.py +++ b/authentik/providers/rac/api/providers.py @@ -5,11 +5,10 @@ from rest_framework.viewsets import ModelViewSet from authentik.core.api.providers import ProviderSerializer from authentik.core.api.used_by import UsedByMixin -from authentik.enterprise.api import EnterpriseRequiredMixin -from authentik.enterprise.providers.rac.models import RACProvider +from authentik.providers.rac.models import RACProvider -class RACProviderSerializer(EnterpriseRequiredMixin, ProviderSerializer): +class RACProviderSerializer(ProviderSerializer): """RACProvider Serializer""" outpost_set = ListField(child=CharField(), read_only=True, source="outpost_set.all") diff --git a/authentik/providers/rac/apps.py b/authentik/providers/rac/apps.py new file mode 100644 index 0000000000..7b11c1e540 --- /dev/null +++ b/authentik/providers/rac/apps.py @@ -0,0 +1,14 @@ +"""RAC app config""" + +from django.apps import AppConfig + + +class AuthentikProviderRAC(AppConfig): + """authentik rac app config""" + + name = "authentik.providers.rac" + label = "authentik_providers_rac" + verbose_name = "authentik Providers.RAC" + default = True + mountpoint = "" + ws_mountpoint = "authentik.providers.rac.urls" diff --git a/authentik/enterprise/providers/rac/consumer_client.py b/authentik/providers/rac/consumer_client.py similarity index 96% rename from authentik/enterprise/providers/rac/consumer_client.py rename to authentik/providers/rac/consumer_client.py index b6331ca563..b55059ec20 100644 --- a/authentik/enterprise/providers/rac/consumer_client.py +++ b/authentik/providers/rac/consumer_client.py @@ -7,22 +7,22 @@ from channels.generic.websocket import AsyncWebsocketConsumer from django.http.request import QueryDict from structlog.stdlib import BoundLogger, get_logger -from authentik.enterprise.providers.rac.models import ConnectionToken, RACProvider from authentik.outposts.consumer import OUTPOST_GROUP_INSTANCE from authentik.outposts.models import Outpost, OutpostState, OutpostType +from authentik.providers.rac.models import ConnectionToken, RACProvider # Global broadcast group, which messages are sent to when the outpost connects back # to authentik for a specific connection # The `RACClientConsumer` consumer adds itself to this group on connection, # and removes itself once it has been assigned a specific outpost channel -RAC_CLIENT_GROUP = "group_enterprise_rac_client" +RAC_CLIENT_GROUP = "group_rac_client" # A group for all connections in a given authentik session ID # A disconnect message is sent to this group when the session expires/is deleted -RAC_CLIENT_GROUP_SESSION = "group_enterprise_rac_client_%(session)s" +RAC_CLIENT_GROUP_SESSION = "group_rac_client_%(session)s" # A group for all connections with a specific token, which in almost all cases # is just one connection, however this is used to disconnect the connection # when the token is deleted -RAC_CLIENT_GROUP_TOKEN = "group_enterprise_rac_token_%(token)s" # nosec +RAC_CLIENT_GROUP_TOKEN = "group_rac_token_%(token)s" # nosec # Step 1: Client connects to this websocket endpoint # Step 2: We prepare all the connection args for Guac diff --git a/authentik/enterprise/providers/rac/consumer_outpost.py b/authentik/providers/rac/consumer_outpost.py similarity index 95% rename from authentik/enterprise/providers/rac/consumer_outpost.py rename to authentik/providers/rac/consumer_outpost.py index a1119d85a8..a6f8aea07f 100644 --- a/authentik/enterprise/providers/rac/consumer_outpost.py +++ b/authentik/providers/rac/consumer_outpost.py @@ -3,7 +3,7 @@ from channels.exceptions import ChannelFull from channels.generic.websocket import AsyncWebsocketConsumer -from authentik.enterprise.providers.rac.consumer_client import RAC_CLIENT_GROUP +from authentik.providers.rac.consumer_client import RAC_CLIENT_GROUP class RACOutpostConsumer(AsyncWebsocketConsumer): diff --git a/authentik/enterprise/providers/rac/controllers/__init__.py b/authentik/providers/rac/controllers/__init__.py similarity index 100% rename from authentik/enterprise/providers/rac/controllers/__init__.py rename to authentik/providers/rac/controllers/__init__.py diff --git a/authentik/enterprise/providers/rac/controllers/docker.py b/authentik/providers/rac/controllers/docker.py similarity index 100% rename from authentik/enterprise/providers/rac/controllers/docker.py rename to authentik/providers/rac/controllers/docker.py diff --git a/authentik/enterprise/providers/rac/controllers/kubernetes.py b/authentik/providers/rac/controllers/kubernetes.py similarity index 100% rename from authentik/enterprise/providers/rac/controllers/kubernetes.py rename to authentik/providers/rac/controllers/kubernetes.py diff --git a/authentik/enterprise/providers/rac/migrations/0001_initial.py b/authentik/providers/rac/migrations/0001_initial.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/0001_initial.py rename to authentik/providers/rac/migrations/0001_initial.py diff --git a/authentik/enterprise/providers/rac/migrations/0001_squashed_0003_alter_connectiontoken_options_and_more.py b/authentik/providers/rac/migrations/0001_squashed_0003_alter_connectiontoken_options_and_more.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/0001_squashed_0003_alter_connectiontoken_options_and_more.py rename to authentik/providers/rac/migrations/0001_squashed_0003_alter_connectiontoken_options_and_more.py diff --git a/authentik/enterprise/providers/rac/migrations/0002_endpoint_maximum_connections.py b/authentik/providers/rac/migrations/0002_endpoint_maximum_connections.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/0002_endpoint_maximum_connections.py rename to authentik/providers/rac/migrations/0002_endpoint_maximum_connections.py diff --git a/authentik/enterprise/providers/rac/migrations/0003_alter_connectiontoken_options_and_more.py b/authentik/providers/rac/migrations/0003_alter_connectiontoken_options_and_more.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/0003_alter_connectiontoken_options_and_more.py rename to authentik/providers/rac/migrations/0003_alter_connectiontoken_options_and_more.py diff --git a/authentik/enterprise/providers/rac/migrations/0004_alter_connectiontoken_expires.py b/authentik/providers/rac/migrations/0004_alter_connectiontoken_expires.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/0004_alter_connectiontoken_expires.py rename to authentik/providers/rac/migrations/0004_alter_connectiontoken_expires.py diff --git a/authentik/enterprise/providers/rac/migrations/0005_alter_racpropertymapping_options.py b/authentik/providers/rac/migrations/0005_alter_racpropertymapping_options.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/0005_alter_racpropertymapping_options.py rename to authentik/providers/rac/migrations/0005_alter_racpropertymapping_options.py diff --git a/authentik/enterprise/providers/rac/migrations/0006_connectiontoken_authentik_p_expires_91f148_idx_and_more.py b/authentik/providers/rac/migrations/0006_connectiontoken_authentik_p_expires_91f148_idx_and_more.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/0006_connectiontoken_authentik_p_expires_91f148_idx_and_more.py rename to authentik/providers/rac/migrations/0006_connectiontoken_authentik_p_expires_91f148_idx_and_more.py diff --git a/authentik/enterprise/providers/rac/migrations/__init__.py b/authentik/providers/rac/migrations/__init__.py similarity index 100% rename from authentik/enterprise/providers/rac/migrations/__init__.py rename to authentik/providers/rac/migrations/__init__.py diff --git a/authentik/enterprise/providers/rac/models.py b/authentik/providers/rac/models.py similarity index 96% rename from authentik/enterprise/providers/rac/models.py rename to authentik/providers/rac/models.py index 39b59553ce..26d7b60734 100644 --- a/authentik/enterprise/providers/rac/models.py +++ b/authentik/providers/rac/models.py @@ -74,7 +74,7 @@ class RACProvider(Provider): @property def serializer(self) -> type[Serializer]: - from authentik.enterprise.providers.rac.api.providers import RACProviderSerializer + from authentik.providers.rac.api.providers import RACProviderSerializer return RACProviderSerializer @@ -100,7 +100,7 @@ class Endpoint(SerializerModel, PolicyBindingModel): @property def serializer(self) -> type[Serializer]: - from authentik.enterprise.providers.rac.api.endpoints import EndpointSerializer + from authentik.providers.rac.api.endpoints import EndpointSerializer return EndpointSerializer @@ -129,7 +129,7 @@ class RACPropertyMapping(PropertyMapping): @property def serializer(self) -> type[Serializer]: - from authentik.enterprise.providers.rac.api.property_mappings import ( + from authentik.providers.rac.api.property_mappings import ( RACPropertyMappingSerializer, ) diff --git a/authentik/enterprise/providers/rac/signals.py b/authentik/providers/rac/signals.py similarity index 88% rename from authentik/enterprise/providers/rac/signals.py rename to authentik/providers/rac/signals.py index 2cf7b00bf9..f36cb19898 100644 --- a/authentik/enterprise/providers/rac/signals.py +++ b/authentik/providers/rac/signals.py @@ -10,12 +10,12 @@ from django.dispatch import receiver from django.http import HttpRequest from authentik.core.models import User -from authentik.enterprise.providers.rac.api.endpoints import user_endpoint_cache_key -from authentik.enterprise.providers.rac.consumer_client import ( +from authentik.providers.rac.api.endpoints import user_endpoint_cache_key +from authentik.providers.rac.consumer_client import ( RAC_CLIENT_GROUP_SESSION, RAC_CLIENT_GROUP_TOKEN, ) -from authentik.enterprise.providers.rac.models import ConnectionToken, Endpoint +from authentik.providers.rac.models import ConnectionToken, Endpoint @receiver(user_logged_out) diff --git a/authentik/enterprise/providers/rac/templates/if/rac.html b/authentik/providers/rac/templates/if/rac.html similarity index 85% rename from authentik/enterprise/providers/rac/templates/if/rac.html rename to authentik/providers/rac/templates/if/rac.html index 156d96085e..4f26fba880 100644 --- a/authentik/enterprise/providers/rac/templates/if/rac.html +++ b/authentik/providers/rac/templates/if/rac.html @@ -3,7 +3,7 @@ {% load authentik_core %} {% block head %} - + diff --git a/authentik/enterprise/providers/rac/tests/__init__.py b/authentik/providers/rac/tests/__init__.py similarity index 100% rename from authentik/enterprise/providers/rac/tests/__init__.py rename to authentik/providers/rac/tests/__init__.py diff --git a/authentik/enterprise/providers/rac/tests/test_api.py b/authentik/providers/rac/tests/test_api.py similarity index 53% rename from authentik/enterprise/providers/rac/tests/test_api.py rename to authentik/providers/rac/tests/test_api.py index da71133e80..c66bb11853 100644 --- a/authentik/enterprise/providers/rac/tests/test_api.py +++ b/authentik/providers/rac/tests/test_api.py @@ -1,16 +1,9 @@ """Test RAC Provider""" -from datetime import timedelta -from time import mktime -from unittest.mock import MagicMock, patch - from django.urls import reverse -from django.utils.timezone import now from rest_framework.test import APITestCase from authentik.core.tests.utils import create_test_admin_user, create_test_flow -from authentik.enterprise.license import LicenseKey -from authentik.enterprise.models import License from authentik.lib.generators import generate_id @@ -20,21 +13,8 @@ class TestAPI(APITestCase): def setUp(self) -> None: self.user = create_test_admin_user() - @patch( - "authentik.enterprise.license.LicenseKey.validate", - MagicMock( - return_value=LicenseKey( - aud="", - exp=int(mktime((now() + timedelta(days=3000)).timetuple())), - name=generate_id(), - internal_users=100, - external_users=100, - ) - ), - ) def test_create(self): """Test creation of RAC Provider""" - License.objects.create(key=generate_id()) self.client.force_login(self.user) response = self.client.post( reverse("authentik_api:racprovider-list"), diff --git a/authentik/enterprise/providers/rac/tests/test_endpoints_api.py b/authentik/providers/rac/tests/test_endpoints_api.py similarity index 98% rename from authentik/enterprise/providers/rac/tests/test_endpoints_api.py rename to authentik/providers/rac/tests/test_endpoints_api.py index 1ad9b70daf..9a2469bbba 100644 --- a/authentik/enterprise/providers/rac/tests/test_endpoints_api.py +++ b/authentik/providers/rac/tests/test_endpoints_api.py @@ -5,10 +5,10 @@ from rest_framework.test import APITestCase from authentik.core.models import Application from authentik.core.tests.utils import create_test_admin_user -from authentik.enterprise.providers.rac.models import Endpoint, Protocols, RACProvider from authentik.lib.generators import generate_id from authentik.policies.dummy.models import DummyPolicy from authentik.policies.models import PolicyBinding +from authentik.providers.rac.models import Endpoint, Protocols, RACProvider class TestEndpointsAPI(APITestCase): diff --git a/authentik/enterprise/providers/rac/tests/test_models.py b/authentik/providers/rac/tests/test_models.py similarity index 98% rename from authentik/enterprise/providers/rac/tests/test_models.py rename to authentik/providers/rac/tests/test_models.py index b6e7258d83..4a9fad4e67 100644 --- a/authentik/enterprise/providers/rac/tests/test_models.py +++ b/authentik/providers/rac/tests/test_models.py @@ -4,14 +4,14 @@ from django.test import TransactionTestCase from authentik.core.models import Application, AuthenticatedSession from authentik.core.tests.utils import create_test_admin_user -from authentik.enterprise.providers.rac.models import ( +from authentik.lib.generators import generate_id +from authentik.providers.rac.models import ( ConnectionToken, Endpoint, Protocols, RACPropertyMapping, RACProvider, ) -from authentik.lib.generators import generate_id class TestModels(TransactionTestCase): diff --git a/authentik/enterprise/providers/rac/tests/test_views.py b/authentik/providers/rac/tests/test_views.py similarity index 67% rename from authentik/enterprise/providers/rac/tests/test_views.py rename to authentik/providers/rac/tests/test_views.py index a63f27fba0..80778d2ebc 100644 --- a/authentik/enterprise/providers/rac/tests/test_views.py +++ b/authentik/providers/rac/tests/test_views.py @@ -1,23 +1,17 @@ """RAC Views tests""" -from datetime import timedelta from json import loads -from time import mktime -from unittest.mock import MagicMock, patch from django.urls import reverse -from django.utils.timezone import now from rest_framework.test import APITestCase from authentik.core.models import Application from authentik.core.tests.utils import create_test_admin_user, create_test_flow -from authentik.enterprise.license import LicenseKey -from authentik.enterprise.models import License -from authentik.enterprise.providers.rac.models import Endpoint, Protocols, RACProvider from authentik.lib.generators import generate_id from authentik.policies.denied import AccessDeniedResponse from authentik.policies.dummy.models import DummyPolicy from authentik.policies.models import PolicyBinding +from authentik.providers.rac.models import Endpoint, Protocols, RACProvider class TestRACViews(APITestCase): @@ -39,21 +33,8 @@ class TestRACViews(APITestCase): provider=self.provider, ) - @patch( - "authentik.enterprise.license.LicenseKey.validate", - MagicMock( - return_value=LicenseKey( - aud="", - exp=int(mktime((now() + timedelta(days=3000)).timetuple())), - name=generate_id(), - internal_users=100, - external_users=100, - ) - ), - ) def test_no_policy(self): """Test request""" - License.objects.create(key=generate_id()) self.client.force_login(self.user) response = self.client.get( reverse( @@ -70,18 +51,6 @@ class TestRACViews(APITestCase): final_response = self.client.get(next_url) self.assertEqual(final_response.status_code, 200) - @patch( - "authentik.enterprise.license.LicenseKey.validate", - MagicMock( - return_value=LicenseKey( - aud="", - exp=int(mktime((now() + timedelta(days=3000)).timetuple())), - name=generate_id(), - internal_users=100, - external_users=100, - ) - ), - ) def test_app_deny(self): """Test request (deny on app level)""" PolicyBinding.objects.create( @@ -89,7 +58,6 @@ class TestRACViews(APITestCase): policy=DummyPolicy.objects.create(name="deny", result=False, wait_min=1, wait_max=2), order=0, ) - License.objects.create(key=generate_id()) self.client.force_login(self.user) response = self.client.get( reverse( @@ -99,18 +67,6 @@ class TestRACViews(APITestCase): ) self.assertIsInstance(response, AccessDeniedResponse) - @patch( - "authentik.enterprise.license.LicenseKey.validate", - MagicMock( - return_value=LicenseKey( - aud="", - exp=int(mktime((now() + timedelta(days=3000)).timetuple())), - name=generate_id(), - internal_users=100, - external_users=100, - ) - ), - ) def test_endpoint_deny(self): """Test request (deny on endpoint level)""" PolicyBinding.objects.create( @@ -118,7 +74,6 @@ class TestRACViews(APITestCase): policy=DummyPolicy.objects.create(name="deny", result=False, wait_min=1, wait_max=2), order=0, ) - License.objects.create(key=generate_id()) self.client.force_login(self.user) response = self.client.get( reverse( diff --git a/authentik/enterprise/providers/rac/urls.py b/authentik/providers/rac/urls.py similarity index 66% rename from authentik/enterprise/providers/rac/urls.py rename to authentik/providers/rac/urls.py index 88b3e2e828..07e6f661cc 100644 --- a/authentik/enterprise/providers/rac/urls.py +++ b/authentik/providers/rac/urls.py @@ -4,14 +4,14 @@ from channels.auth import AuthMiddleware from channels.sessions import CookieMiddleware from django.urls import path -from authentik.enterprise.providers.rac.api.connection_tokens import ConnectionTokenViewSet -from authentik.enterprise.providers.rac.api.endpoints import EndpointViewSet -from authentik.enterprise.providers.rac.api.property_mappings import RACPropertyMappingViewSet -from authentik.enterprise.providers.rac.api.providers import RACProviderViewSet -from authentik.enterprise.providers.rac.consumer_client import RACClientConsumer -from authentik.enterprise.providers.rac.consumer_outpost import RACOutpostConsumer -from authentik.enterprise.providers.rac.views import RACInterface, RACStartView from authentik.outposts.channels import TokenOutpostMiddleware +from authentik.providers.rac.api.connection_tokens import ConnectionTokenViewSet +from authentik.providers.rac.api.endpoints import EndpointViewSet +from authentik.providers.rac.api.property_mappings import RACPropertyMappingViewSet +from authentik.providers.rac.api.providers import RACProviderViewSet +from authentik.providers.rac.consumer_client import RACClientConsumer +from authentik.providers.rac.consumer_outpost import RACOutpostConsumer +from authentik.providers.rac.views import RACInterface, RACStartView from authentik.root.asgi_middleware import SessionMiddleware from authentik.root.middleware import ChannelsLoggingMiddleware diff --git a/authentik/enterprise/providers/rac/views.py b/authentik/providers/rac/views.py similarity index 96% rename from authentik/enterprise/providers/rac/views.py rename to authentik/providers/rac/views.py index 36785766a3..bac8e21b90 100644 --- a/authentik/enterprise/providers/rac/views.py +++ b/authentik/providers/rac/views.py @@ -10,8 +10,6 @@ from django.utils.translation import gettext as _ from authentik.core.models import Application, AuthenticatedSession from authentik.core.views.interface import InterfaceView -from authentik.enterprise.policy import EnterprisePolicyAccessView -from authentik.enterprise.providers.rac.models import ConnectionToken, Endpoint, RACProvider from authentik.events.models import Event, EventAction from authentik.flows.challenge import RedirectChallenge from authentik.flows.exceptions import FlowNonApplicableException @@ -20,9 +18,11 @@ from authentik.flows.planner import PLAN_CONTEXT_APPLICATION, FlowPlanner from authentik.flows.stage import RedirectStage from authentik.lib.utils.time import timedelta_from_string from authentik.policies.engine import PolicyEngine +from authentik.policies.views import PolicyAccessView +from authentik.providers.rac.models import ConnectionToken, Endpoint, RACProvider -class RACStartView(EnterprisePolicyAccessView): +class RACStartView(PolicyAccessView): """Start a RAC connection by checking access and creating a connection token""" endpoint: Endpoint diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 6eddf6c98d..a9568c64ba 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -87,6 +87,7 @@ TENANT_APPS = [ "authentik.providers.ldap", "authentik.providers.oauth2", "authentik.providers.proxy", + "authentik.providers.rac", "authentik.providers.radius", "authentik.providers.saml", "authentik.providers.scim", diff --git a/blueprints/schema.json b/blueprints/schema.json index 66c9da9a27..940567a9b9 100644 --- a/blueprints/schema.json +++ b/blueprints/schema.json @@ -801,6 +801,126 @@ } } }, + { + "type": "object", + "required": [ + "model", + "identifiers" + ], + "properties": { + "model": { + "const": "authentik_providers_rac.racprovider" + }, + "id": { + "type": "string" + }, + "state": { + "type": "string", + "enum": [ + "absent", + "present", + "created", + "must_created" + ], + "default": "present" + }, + "conditions": { + "type": "array", + "items": { + "type": "boolean" + } + }, + "permissions": { + "$ref": "#/$defs/model_authentik_providers_rac.racprovider_permissions" + }, + "attrs": { + "$ref": "#/$defs/model_authentik_providers_rac.racprovider" + }, + "identifiers": { + "$ref": "#/$defs/model_authentik_providers_rac.racprovider" + } + } + }, + { + "type": "object", + "required": [ + "model", + "identifiers" + ], + "properties": { + "model": { + "const": "authentik_providers_rac.endpoint" + }, + "id": { + "type": "string" + }, + "state": { + "type": "string", + "enum": [ + "absent", + "present", + "created", + "must_created" + ], + "default": "present" + }, + "conditions": { + "type": "array", + "items": { + "type": "boolean" + } + }, + "permissions": { + "$ref": "#/$defs/model_authentik_providers_rac.endpoint_permissions" + }, + "attrs": { + "$ref": "#/$defs/model_authentik_providers_rac.endpoint" + }, + "identifiers": { + "$ref": "#/$defs/model_authentik_providers_rac.endpoint" + } + } + }, + { + "type": "object", + "required": [ + "model", + "identifiers" + ], + "properties": { + "model": { + "const": "authentik_providers_rac.racpropertymapping" + }, + "id": { + "type": "string" + }, + "state": { + "type": "string", + "enum": [ + "absent", + "present", + "created", + "must_created" + ], + "default": "present" + }, + "conditions": { + "type": "array", + "items": { + "type": "boolean" + } + }, + "permissions": { + "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping_permissions" + }, + "attrs": { + "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping" + }, + "identifiers": { + "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping" + } + } + }, { "type": "object", "required": [ @@ -3561,126 +3681,6 @@ } } }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_rac.racprovider" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "permissions": { - "$ref": "#/$defs/model_authentik_providers_rac.racprovider_permissions" - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_rac.racprovider" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_rac.racprovider" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_rac.endpoint" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "permissions": { - "$ref": "#/$defs/model_authentik_providers_rac.endpoint_permissions" - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_rac.endpoint" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_rac.endpoint" - } - } - }, - { - "type": "object", - "required": [ - "model", - "identifiers" - ], - "properties": { - "model": { - "const": "authentik_providers_rac.racpropertymapping" - }, - "id": { - "type": "string" - }, - "state": { - "type": "string", - "enum": [ - "absent", - "present", - "created", - "must_created" - ], - "default": "present" - }, - "conditions": { - "type": "array", - "items": { - "type": "boolean" - } - }, - "permissions": { - "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping_permissions" - }, - "attrs": { - "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping" - }, - "identifiers": { - "$ref": "#/$defs/model_authentik_providers_rac.racpropertymapping" - } - } - }, { "type": "object", "required": [ @@ -4663,6 +4663,7 @@ "authentik.providers.ldap", "authentik.providers.oauth2", "authentik.providers.proxy", + "authentik.providers.rac", "authentik.providers.radius", "authentik.providers.saml", "authentik.providers.scim", @@ -4703,7 +4704,6 @@ "authentik.enterprise.audit", "authentik.enterprise.providers.google_workspace", "authentik.enterprise.providers.microsoft_entra", - "authentik.enterprise.providers.rac", "authentik.enterprise.providers.ssf", "authentik.enterprise.stages.authenticator_endpoint_gdtc", "authentik.enterprise.stages.source", @@ -4738,6 +4738,9 @@ "authentik_providers_oauth2.scopemapping", "authentik_providers_oauth2.oauth2provider", "authentik_providers_proxy.proxyprovider", + "authentik_providers_rac.racprovider", + "authentik_providers_rac.endpoint", + "authentik_providers_rac.racpropertymapping", "authentik_providers_radius.radiusprovider", "authentik_providers_radius.radiusproviderpropertymapping", "authentik_providers_saml.samlprovider", @@ -4807,9 +4810,6 @@ "authentik_providers_google_workspace.googleworkspaceprovidermapping", "authentik_providers_microsoft_entra.microsoftentraprovider", "authentik_providers_microsoft_entra.microsoftentraprovidermapping", - "authentik_providers_rac.racprovider", - "authentik_providers_rac.endpoint", - "authentik_providers_rac.racpropertymapping", "authentik_providers_ssf.ssfprovider", "authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage", "authentik_stages_source.sourcestage", @@ -6046,6 +6046,216 @@ } } }, + "model_authentik_providers_rac.racprovider": { + "type": "object", + "properties": { + "name": { + "type": "string", + "minLength": 1, + "title": "Name" + }, + "authentication_flow": { + "type": "string", + "format": "uuid", + "title": "Authentication flow", + "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." + }, + "authorization_flow": { + "type": "string", + "format": "uuid", + "title": "Authorization flow", + "description": "Flow used when authorizing this provider." + }, + "property_mappings": { + "type": "array", + "items": { + "type": "string", + "format": "uuid" + }, + "title": "Property mappings" + }, + "settings": { + "type": "object", + "additionalProperties": true, + "title": "Settings" + }, + "connection_expiry": { + "type": "string", + "minLength": 1, + "title": "Connection expiry", + "description": "Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)" + }, + "delete_token_on_disconnect": { + "type": "boolean", + "title": "Delete token on disconnect", + "description": "When set to true, connection tokens will be deleted upon disconnect." + } + }, + "required": [] + }, + "model_authentik_providers_rac.racprovider_permissions": { + "type": "array", + "items": { + "type": "object", + "required": [ + "permission" + ], + "properties": { + "permission": { + "type": "string", + "enum": [ + "add_racprovider", + "change_racprovider", + "delete_racprovider", + "view_racprovider" + ] + }, + "user": { + "type": "integer" + }, + "role": { + "type": "string" + } + } + } + }, + "model_authentik_providers_rac.endpoint": { + "type": "object", + "properties": { + "name": { + "type": "string", + "minLength": 1, + "title": "Name" + }, + "provider": { + "type": "integer", + "title": "Provider" + }, + "protocol": { + "type": "string", + "enum": [ + "rdp", + "vnc", + "ssh" + ], + "title": "Protocol" + }, + "host": { + "type": "string", + "minLength": 1, + "title": "Host" + }, + "settings": { + "type": "object", + "additionalProperties": true, + "title": "Settings" + }, + "property_mappings": { + "type": "array", + "items": { + "type": "string", + "format": "uuid" + }, + "title": "Property mappings" + }, + "auth_mode": { + "type": "string", + "enum": [ + "static", + "prompt" + ], + "title": "Auth mode" + }, + "maximum_connections": { + "type": "integer", + "minimum": -2147483648, + "maximum": 2147483647, + "title": "Maximum connections" + } + }, + "required": [] + }, + "model_authentik_providers_rac.endpoint_permissions": { + "type": "array", + "items": { + "type": "object", + "required": [ + "permission" + ], + "properties": { + "permission": { + "type": "string", + "enum": [ + "add_endpoint", + "change_endpoint", + "delete_endpoint", + "view_endpoint" + ] + }, + "user": { + "type": "integer" + }, + "role": { + "type": "string" + } + } + } + }, + "model_authentik_providers_rac.racpropertymapping": { + "type": "object", + "properties": { + "managed": { + "type": [ + "string", + "null" + ], + "minLength": 1, + "title": "Managed by authentik", + "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." + }, + "name": { + "type": "string", + "minLength": 1, + "title": "Name" + }, + "expression": { + "type": "string", + "title": "Expression" + }, + "static_settings": { + "type": "object", + "additionalProperties": true, + "title": "Static settings" + } + }, + "required": [] + }, + "model_authentik_providers_rac.racpropertymapping_permissions": { + "type": "array", + "items": { + "type": "object", + "required": [ + "permission" + ], + "properties": { + "permission": { + "type": "string", + "enum": [ + "add_racpropertymapping", + "change_racpropertymapping", + "delete_racpropertymapping", + "view_racpropertymapping" + ] + }, + "user": { + "type": "integer" + }, + "role": { + "type": "string" + } + } + } + }, "model_authentik_providers_radius.radiusprovider": { "type": "object", "properties": { @@ -14215,216 +14425,6 @@ } } }, - "model_authentik_providers_rac.racprovider": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "authentication_flow": { - "type": "string", - "format": "uuid", - "title": "Authentication flow", - "description": "Flow used for authentication when the associated application is accessed by an un-authenticated user." - }, - "authorization_flow": { - "type": "string", - "format": "uuid", - "title": "Authorization flow", - "description": "Flow used when authorizing this provider." - }, - "property_mappings": { - "type": "array", - "items": { - "type": "string", - "format": "uuid" - }, - "title": "Property mappings" - }, - "settings": { - "type": "object", - "additionalProperties": true, - "title": "Settings" - }, - "connection_expiry": { - "type": "string", - "minLength": 1, - "title": "Connection expiry", - "description": "Determines how long a session lasts. Default of 0 means that the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)" - }, - "delete_token_on_disconnect": { - "type": "boolean", - "title": "Delete token on disconnect", - "description": "When set to true, connection tokens will be deleted upon disconnect." - } - }, - "required": [] - }, - "model_authentik_providers_rac.racprovider_permissions": { - "type": "array", - "items": { - "type": "object", - "required": [ - "permission" - ], - "properties": { - "permission": { - "type": "string", - "enum": [ - "add_racprovider", - "change_racprovider", - "delete_racprovider", - "view_racprovider" - ] - }, - "user": { - "type": "integer" - }, - "role": { - "type": "string" - } - } - } - }, - "model_authentik_providers_rac.endpoint": { - "type": "object", - "properties": { - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "provider": { - "type": "integer", - "title": "Provider" - }, - "protocol": { - "type": "string", - "enum": [ - "rdp", - "vnc", - "ssh" - ], - "title": "Protocol" - }, - "host": { - "type": "string", - "minLength": 1, - "title": "Host" - }, - "settings": { - "type": "object", - "additionalProperties": true, - "title": "Settings" - }, - "property_mappings": { - "type": "array", - "items": { - "type": "string", - "format": "uuid" - }, - "title": "Property mappings" - }, - "auth_mode": { - "type": "string", - "enum": [ - "static", - "prompt" - ], - "title": "Auth mode" - }, - "maximum_connections": { - "type": "integer", - "minimum": -2147483648, - "maximum": 2147483647, - "title": "Maximum connections" - } - }, - "required": [] - }, - "model_authentik_providers_rac.endpoint_permissions": { - "type": "array", - "items": { - "type": "object", - "required": [ - "permission" - ], - "properties": { - "permission": { - "type": "string", - "enum": [ - "add_endpoint", - "change_endpoint", - "delete_endpoint", - "view_endpoint" - ] - }, - "user": { - "type": "integer" - }, - "role": { - "type": "string" - } - } - } - }, - "model_authentik_providers_rac.racpropertymapping": { - "type": "object", - "properties": { - "managed": { - "type": [ - "string", - "null" - ], - "minLength": 1, - "title": "Managed by authentik", - "description": "Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update." - }, - "name": { - "type": "string", - "minLength": 1, - "title": "Name" - }, - "expression": { - "type": "string", - "title": "Expression" - }, - "static_settings": { - "type": "object", - "additionalProperties": true, - "title": "Static settings" - } - }, - "required": [] - }, - "model_authentik_providers_rac.racpropertymapping_permissions": { - "type": "array", - "items": { - "type": "object", - "required": [ - "permission" - ], - "properties": { - "permission": { - "type": "string", - "enum": [ - "add_racpropertymapping", - "change_racpropertymapping", - "delete_racpropertymapping", - "view_racpropertymapping" - ] - }, - "user": { - "type": "integer" - }, - "role": { - "type": "string" - } - } - } - }, "model_authentik_providers_ssf.ssfprovider": { "type": "object", "properties": { diff --git a/schema.yml b/schema.yml index 66bea02798..8271b69e3c 100644 --- a/schema.yml +++ b/schema.yml @@ -39482,6 +39482,7 @@ components: - authentik.providers.ldap - authentik.providers.oauth2 - authentik.providers.proxy + - authentik.providers.rac - authentik.providers.radius - authentik.providers.saml - authentik.providers.scim @@ -39522,7 +39523,6 @@ components: - authentik.enterprise.audit - authentik.enterprise.providers.google_workspace - authentik.enterprise.providers.microsoft_entra - - authentik.enterprise.providers.rac - authentik.enterprise.providers.ssf - authentik.enterprise.stages.authenticator_endpoint_gdtc - authentik.enterprise.stages.source @@ -46625,6 +46625,9 @@ components: - authentik_providers_oauth2.scopemapping - authentik_providers_oauth2.oauth2provider - authentik_providers_proxy.proxyprovider + - authentik_providers_rac.racprovider + - authentik_providers_rac.endpoint + - authentik_providers_rac.racpropertymapping - authentik_providers_radius.radiusprovider - authentik_providers_radius.radiusproviderpropertymapping - authentik_providers_saml.samlprovider @@ -46694,9 +46697,6 @@ components: - authentik_providers_google_workspace.googleworkspaceprovidermapping - authentik_providers_microsoft_entra.microsoftentraprovider - authentik_providers_microsoft_entra.microsoftentraprovidermapping - - authentik_providers_rac.racprovider - - authentik_providers_rac.endpoint - - authentik_providers_rac.racpropertymapping - authentik_providers_ssf.ssfprovider - authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage - authentik_stages_source.sourcestage diff --git a/web/build.mjs b/web/build.mjs index 65d36a7d80..f9ca7b346c 100644 --- a/web/build.mjs +++ b/web/build.mjs @@ -74,7 +74,7 @@ const interfaces = [ ["user/UserInterface.ts", "user"], ["flow/FlowInterface.ts", "flow"], ["standalone/api-browser/index.ts", "standalone/api-browser"], - ["enterprise/rac/index.ts", "enterprise/rac"], + ["rac/index.ts", "rac"], ["standalone/loading/index.ts", "standalone/loading"], ["polyfill/poly.ts", "."], ]; diff --git a/web/scripts/knip.config.ts b/web/scripts/knip.config.ts index a923bd63ae..b2a1ac3f11 100644 --- a/web/scripts/knip.config.ts +++ b/web/scripts/knip.config.ts @@ -6,7 +6,7 @@ const config: KnipConfig = { "./src/user/UserInterface.ts", "./src/flow/FlowInterface.ts", "./src/standalone/api-browser/index.ts", - "./src/enterprise/rac/index.ts", + "./src/rac/index.ts", "./src/standalone/loading/index.ts", "./src/polyfill/poly.ts", ], diff --git a/web/src/enterprise/rac/index.ts b/web/src/rac/index.ts similarity index 100% rename from web/src/enterprise/rac/index.ts rename to web/src/rac/index.ts