habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lib/sync/outgoing: add dry run (#13244)

Browse Source 
* lib/sync/outgoing: add dry run

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add option to temporarily override dry run

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* web a

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* web b

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add some test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add more tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add dry run label

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add support for entra too

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add web

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add entra test and improve error handling

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L.
2025-03-01 19:44:17 +00:00
committed by GitHub
parent 9b01213990
commit b5a8957720
25 changed files with 469 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
web/src/admin/providers/google_workspace/GoogleWorkspaceProviderForm.ts
View File

@ -161,6 +161,26 @@ export class GoogleWorkspaceProviderFormPage extends BaseProviderForm<GoogleWork
help=${msg("Determines what authentik will do when a Group is deleted.")}
>
</ak-radio-input>
<ak-form-element-horizontal name="dryRun">
<label class="pf-c-switch">
<input
class="pf-c-switch__input"
type="checkbox"
?checked=${first(this.instance?.dryRun, false)}
/>
<span class="pf-c-switch__toggle">
<span class="pf-c-switch__toggle-icon">
<i class="fas fa-check" aria-hidden="true"></i>
</span>
</span>
<span class="pf-c-switch__label">${msg("Enable dry-run mode")}</span>
</label>
<p class="pf-c-form__helper-text">
${msg(
"When enabled, mutating requests will be dropped and logged instead.",
)}
</p>
</ak-form-element-horizontal>
</div>
</ak-form-group>
<ak-form-group ?expanded=${true}>

18
web/src/admin/providers/google_workspace/GoogleWorkspaceProviderViewPage.ts
View File

@ -4,6 +4,7 @@ import "@goauthentik/admin/providers/google_workspace/GoogleWorkspaceProviderUse
import "@goauthentik/admin/rbac/ObjectPermissionsPage";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { EVENT_REFRESH } from "@goauthentik/common/constants";
import "@goauthentik/components/ak-status-label";
import "@goauthentik/components/events/ObjectChangelog";
import { AKElement } from "@goauthentik/elements/Base";
import "@goauthentik/elements/Markdown";
@ -176,6 +177,23 @@ export class GoogleWorkspaceProviderViewPage extends AKElement {
</div>
</dd>
</div>
<div class="pf-c-description-list__group">
<dt class="pf-c-description-list__term">
<span class="pf-c-description-list__text"
>${msg("Dry-run")}</span
>
</dt>
<dd class="pf-c-description-list__description">
<div class="pf-c-description-list__text">
<ak-status-label
?good=${!this.provider.dryRun}
type="info"
good-label=${msg("No")}
bad-label=${msg("Yes")}
></ak-status-label>
</div>
</dd>
</div>
</dl>
</div>
<div class="pf-c-card__footer">

20
web/src/admin/providers/microsoft_entra/MicrosoftEntraProviderForm.ts
View File

@ -150,6 +150,26 @@ export class MicrosoftEntraProviderFormPage extends BaseProviderForm<MicrosoftEn
help=${msg("Determines what authentik will do when a Group is deleted.")}
>
</ak-radio-input>
<ak-form-element-horizontal name="dryRun">
<label class="pf-c-switch">
<input
class="pf-c-switch__input"
type="checkbox"
?checked=${first(this.instance?.dryRun, false)}
/>
<span class="pf-c-switch__toggle">
<span class="pf-c-switch__toggle-icon">
<i class="fas fa-check" aria-hidden="true"></i>
</span>
</span>
<span class="pf-c-switch__label">${msg("Enable dry-run mode")}</span>
</label>
<p class="pf-c-form__helper-text">
${msg(
"When enabled, mutating requests will be dropped and logged instead.",
)}
</p>
</ak-form-element-horizontal>
</div>
</ak-form-group>
<ak-form-group ?expanded=${true}>

17
web/src/admin/providers/microsoft_entra/MicrosoftEntraProviderViewPage.ts
View File

@ -176,6 +176,23 @@ export class MicrosoftEntraProviderViewPage extends AKElement {
</div>
</dd>
</div>
<div class="pf-c-description-list__group">
<dt class="pf-c-description-list__term">
<span class="pf-c-description-list__text"
>${msg("Dry-run")}</span
>
</dt>
<dd class="pf-c-description-list__description">
<div class="pf-c-description-list__text">
<ak-status-label
?good=${!this.provider.dryRun}
type="info"
good-label=${msg("No")}
bad-label=${msg("Yes")}
></ak-status-label>
</div>
</dd>
</div>
</dl>
</div>
<div class="pf-c-card__footer">

20
web/src/admin/providers/scim/SCIMProviderFormForm.ts
View File

@ -61,6 +61,26 @@ export function renderForm(provider?: Partial<SCIMProvider>, errors: ValidationE
)}
inputHint="code"
></ak-text-input>
<ak-form-element-horizontal name="dryRun">
<label class="pf-c-switch">
<input
class="pf-c-switch__input"
type="checkbox"
?checked=${first(provider?.dryRun, false)}
/>
<span class="pf-c-switch__toggle">
<span class="pf-c-switch__toggle-icon">
<i class="fas fa-check" aria-hidden="true"></i>
</span>
</span>
<span class="pf-c-switch__label">${msg("Enable dry-run mode")}</span>
</label>
<p class="pf-c-form__helper-text">
${msg(
"When enabled, mutating requests will be dropped and logged instead.",
)}
</p>
</ak-form-element-horizontal>
</div>
</ak-form-group>
<ak-form-group expanded>

21
web/src/admin/providers/scim/SCIMProviderViewPage.ts
View File

@ -5,6 +5,7 @@ import "@goauthentik/admin/providers/scim/SCIMProviderUserList";
import "@goauthentik/admin/rbac/ObjectPermissionsPage";
import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
import { EVENT_REFRESH } from "@goauthentik/common/constants";
import "@goauthentik/components/ak-status-label";
import "@goauthentik/components/events/ObjectChangelog";
import MDSCIMProvider from "@goauthentik/docs/add-secure-apps/providers/scim/index.md";
import { AKElement } from "@goauthentik/elements/Base";
@ -151,7 +152,7 @@ export class SCIMProviderViewPage extends AKElement {
<div class="pf-l-grid__item pf-m-7-col pf-l-stack pf-m-gutter">
<div class="pf-c-card pf-m-12-col pf-l-stack__item">
<div class="pf-c-card__body">
<dl class="pf-c-description-list pf-m-3-col-on-lg">
<dl class="pf-c-description-list pf-m-4-col-on-lg">
<div class="pf-c-description-list__group">
<dt class="pf-c-description-list__term">
<span class="pf-c-description-list__text"
@ -178,7 +179,23 @@ export class SCIMProviderViewPage extends AKElement {
</div>
</dd>
</div>
<div class="pf-c-description-list__group">
<dt class="pf-c-description-list__term">
<span class="pf-c-description-list__text"
>${msg("Dry-run")}</span
>
</dt>
<dd class="pf-c-description-list__description">
<div class="pf-c-description-list__text">
<ak-status-label
?good=${!this.provider.dryRun}
type="info"
good-label=${msg("No")}
bad-label=${msg("Yes")}
></ak-status-label>
</div>
</dd>
</div>
<div class="pf-c-description-list__group">
<dt class="pf-c-description-list__term">
<span class="pf-c-description-list__text"

28
web/src/elements/sync/SyncObjectForm.ts
View File

@ -119,12 +119,28 @@ export class SyncObjectForm extends Form<SyncObjectRequest> {
renderForm() {
return html` ${this.model === SyncObjectModelEnum.AuthentikCoreModelsUser
? this.renderSelectUser()
: nothing}
${this.model === SyncObjectModelEnum.AuthentikCoreModelsGroup
? this.renderSelectGroup()
: nothing}
${this.result ? this.renderResult() : html``}`;
? this.renderSelectUser()
: nothing}
${this.model === SyncObjectModelEnum.AuthentikCoreModelsGroup
? this.renderSelectGroup()
: nothing}
<ak-form-element-horizontal name="overrideDryRun">
<label class="pf-c-switch">
<input class="pf-c-switch__input" type="checkbox" />
<span class="pf-c-switch__toggle">
<span class="pf-c-switch__toggle-icon">
<i class="fas fa-check" aria-hidden="true"></i>
</span>
</span>
<span class="pf-c-switch__label">${msg("Override dry-run mode")}</span>
</label>
<p class="pf-c-form__helper-text">
${msg(
"When enabled, this sync will still execute mutating requests regardless of the dry-run mode in the provider.",
)}
</p>
</ak-form-element-horizontal>
${this.result ? this.renderResult() : html``}`;
}
}