habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rbac: permissions endpoint: allow authenticated users (#12608)

Browse Source
This commit is contained in:
Marc 'risson' Schmitt
2025-01-09 14:36:57 +01:00
committed by GitHub
parent bb7338f5c1
commit 9d15fa4a57
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
authentik/rbac/api/rbac.py
View File

@ -5,6 +5,7 @@ from django.contrib.auth.models import Permission
from django.db.models import QuerySet
from django_filters.filters import ModelChoiceFilter
from django_filters.filterset import FilterSet
from django_filters.rest_framework import DjangoFilterBackend
from rest_framework.exceptions import ValidationError
from rest_framework.fields import (
CharField,
@ -13,6 +14,8 @@ from rest_framework.fields import (
ReadOnlyField,
SerializerMethodField,
)
from rest_framework.filters import OrderingFilter, SearchFilter
from rest_framework.permissions import IsAuthenticated
from rest_framework.viewsets import ReadOnlyModelViewSet
from authentik.core.api.utils import ModelSerializer, PassiveSerializer
@ -92,7 +95,9 @@ class RBACPermissionViewSet(ReadOnlyModelViewSet):
queryset = Permission.objects.none()
serializer_class = PermissionSerializer
ordering = ["name"]
filter_backends = [DjangoFilterBackend, OrderingFilter, SearchFilter]
filterset_class = PermissionFilter
permission_classes = [IsAuthenticated]
search_fields = [
"codename",
"content_type__model",