Outpost LDAP (#784)
* outposts: initial ldap outpost implementation Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: add LDAP Binding using flows Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add API to check access to single application by slug Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: check application access Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/ldap: add LDAP provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: add ability to use multiple providers on the same outpost Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: add UI for LDAP Provider Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: fix linting Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: add controllers Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: fix type not being configurable Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: use authorization_flow instead of separate field Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: add dockerfile Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/ldap: fix lint error Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: add groups to users Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * providers/ldap: add search_group to limit who can do search requests Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: improve logging,return success for empty DN Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts: allow outposts to have non-object specific permissions Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: use forked version of ldap library Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/ldap: save user DN to determine who can search Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * */api: fix lookups per user Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: only show plex servers you own Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * lib: add support for file:// protocol in config file Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web/admin: hide oauth client secret if not updating Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost/ldap: check access based on Group Membership Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * core: show users and groups when user has overall user permissions Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * lib: handle errors when reading config from file:// Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * web: fix package json failing Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: bump node spec to 16x for npm version and lockfile v2 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens L
@ -12,7 +12,7 @@ stages:
|
||||
steps:
|
||||
- task: NodeTool@0
|
||||
inputs:
|
||||
versionSpec: '14.x'
|
||||
versionSpec: '16.x'
|
||||
displayName: 'Install Node.js'
|
||||
- task: CmdLine@2
|
||||
inputs:
|
||||
@ -31,7 +31,7 @@ stages:
|
||||
steps:
|
||||
- task: NodeTool@0
|
||||
inputs:
|
||||
versionSpec: '14.x'
|
||||
versionSpec: '16.x'
|
||||
displayName: 'Install Node.js'
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
@ -53,7 +53,7 @@ stages:
|
||||
steps:
|
||||
- task: NodeTool@0
|
||||
inputs:
|
||||
versionSpec: '14.x'
|
||||
versionSpec: '16.x'
|
||||
displayName: 'Install Node.js'
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
@ -77,7 +77,7 @@ stages:
|
||||
steps:
|
||||
- task: NodeTool@0
|
||||
inputs:
|
||||
versionSpec: '14.x'
|
||||
versionSpec: '16.x'
|
||||
displayName: 'Install Node.js'
|
||||
- task: DownloadPipelineArtifact@2
|
||||
inputs:
|
||||
|
||||
@ -87,5 +87,6 @@
|
||||
"typescript": "^4.2.4",
|
||||
"webcomponent-qr-code": "^1.0.5",
|
||||
"yaml": "^1.10.2"
|
||||
}
|
||||
},
|
||||
"devDependencies": {}
|
||||
}
|
||||
|
||||
@ -11,6 +11,7 @@ export interface PlexResource {
|
||||
name: string;
|
||||
provides: string;
|
||||
clientIdentifier: string;
|
||||
owned: boolean;
|
||||
}
|
||||
|
||||
export const DEFAULT_HEADERS = {
|
||||
@ -88,7 +89,7 @@ export class PlexAPIClient {
|
||||
});
|
||||
const resources: PlexResource[] = await resourcesResponse.json();
|
||||
return resources.filter(r => {
|
||||
return r.provides === "server";
|
||||
return r.provides.toLowerCase().includes("server") && r.owned;
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -91,7 +91,7 @@ msgid "Action"
|
||||
msgstr "Action"
|
||||
|
||||
#: src/pages/groups/MemberSelectModal.ts:46
|
||||
#: src/pages/users/UserListPage.ts:51
|
||||
#: src/pages/users/UserListPage.ts:55
|
||||
#: src/pages/users/UserViewPage.ts:116
|
||||
msgid "Active"
|
||||
msgstr "Active"
|
||||
@ -767,8 +767,8 @@ msgstr "Copy Key"
|
||||
#: src/pages/stages/prompt/PromptStageForm.ts:98
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:50
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:58
|
||||
#: src/pages/users/UserListPage.ts:151
|
||||
#: src/pages/users/UserListPage.ts:159
|
||||
#: src/pages/users/UserListPage.ts:155
|
||||
#: src/pages/users/UserListPage.ts:163
|
||||
msgid "Create"
|
||||
msgstr "Create"
|
||||
|
||||
@ -838,7 +838,7 @@ msgstr "Create Stage binding"
|
||||
msgid "Create Token"
|
||||
msgstr "Create Token"
|
||||
|
||||
#: src/pages/users/UserListPage.ts:154
|
||||
#: src/pages/users/UserListPage.ts:158
|
||||
msgid "Create User"
|
||||
msgstr "Create User"
|
||||
|
||||
@ -916,7 +916,7 @@ msgstr "Define how notifications are sent to users, like Email or Webhook."
|
||||
#: src/pages/tokens/TokenListPage.ts:68
|
||||
#: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts:40
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:125
|
||||
#: src/pages/users/UserListPage.ts:115
|
||||
#: src/pages/users/UserListPage.ts:119
|
||||
msgid "Delete"
|
||||
msgstr "Delete"
|
||||
|
||||
@ -1006,8 +1006,8 @@ msgstr "Digest algorithm"
|
||||
msgid "Digits"
|
||||
msgstr "Digits"
|
||||
|
||||
#: src/pages/users/UserListPage.ts:81
|
||||
#: src/pages/users/UserListPage.ts:100
|
||||
#: src/pages/users/UserListPage.ts:85
|
||||
#: src/pages/users/UserListPage.ts:104
|
||||
msgid "Disable"
|
||||
msgstr "Disable"
|
||||
|
||||
@ -1068,7 +1068,7 @@ msgstr "Each provider has a different issuer, based on the application slug."
|
||||
#: src/pages/stages/StageListPage.ts:98
|
||||
#: src/pages/stages/prompt/PromptListPage.ts:75
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:113
|
||||
#: src/pages/users/UserListPage.ts:76
|
||||
#: src/pages/users/UserListPage.ts:80
|
||||
#: src/pages/users/UserViewPage.ts:147
|
||||
msgid "Edit"
|
||||
msgstr "Edit"
|
||||
@ -1119,8 +1119,8 @@ msgstr "Email or username"
|
||||
msgid "Email: Text field with Email type."
|
||||
msgstr "Email: Text field with Email type."
|
||||
|
||||
#: src/pages/users/UserListPage.ts:81
|
||||
#: src/pages/users/UserListPage.ts:100
|
||||
#: src/pages/users/UserListPage.ts:85
|
||||
#: src/pages/users/UserListPage.ts:104
|
||||
msgid "Enable"
|
||||
msgstr "Enable"
|
||||
|
||||
@ -1520,6 +1520,10 @@ msgstr "Hidden: Hidden field, can be used to insert data into form."
|
||||
msgid "Hide managed mappings"
|
||||
msgstr "Hide managed mappings"
|
||||
|
||||
#: src/pages/users/UserListPage.ts:186
|
||||
msgid "Hide service-accounts"
|
||||
msgstr "Hide service-accounts"
|
||||
|
||||
#: src/pages/events/RuleForm.ts:93
|
||||
#: src/pages/groups/GroupForm.ts:131
|
||||
#: src/pages/outposts/OutpostForm.ts:98
|
||||
@ -1577,7 +1581,7 @@ msgstr "If this flag is set, this Stage will jump to the next Stage when no Invi
|
||||
msgid "If your authentik Instance is using a self-signed certificate, set this value."
|
||||
msgstr "If your authentik Instance is using a self-signed certificate, set this value."
|
||||
|
||||
#: src/pages/users/UserListPage.ts:143
|
||||
#: src/pages/users/UserListPage.ts:147
|
||||
msgid "Impersonate"
|
||||
msgstr "Impersonate"
|
||||
|
||||
@ -1680,7 +1684,7 @@ msgid "Label shown next to/above the prompt."
|
||||
msgstr "Label shown next to/above the prompt."
|
||||
|
||||
#: src/pages/groups/MemberSelectModal.ts:47
|
||||
#: src/pages/users/UserListPage.ts:52
|
||||
#: src/pages/users/UserListPage.ts:56
|
||||
#: src/pages/users/UserViewPage.ts:108
|
||||
msgid "Last login"
|
||||
msgstr "Last login"
|
||||
@ -1986,7 +1990,7 @@ msgstr "Monitor"
|
||||
#: src/pages/stages/user_write/UserWriteStageForm.ts:55
|
||||
#: src/pages/user-settings/UserDetailsPage.ts:64
|
||||
#: src/pages/users/UserForm.ts:54
|
||||
#: src/pages/users/UserListPage.ts:50
|
||||
#: src/pages/users/UserListPage.ts:54
|
||||
#: src/pages/users/UserViewPage.ts:92
|
||||
msgid "Name"
|
||||
msgstr "Name"
|
||||
@ -2020,7 +2024,7 @@ msgstr "New version available!"
|
||||
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:108
|
||||
#: src/pages/tokens/TokenListPage.ts:56
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:83
|
||||
#: src/pages/users/UserListPage.ts:63
|
||||
#: src/pages/users/UserListPage.ts:67
|
||||
msgid "No"
|
||||
msgstr "No"
|
||||
|
||||
@ -2070,7 +2074,7 @@ msgstr "No policies are currently bound to this object."
|
||||
msgid "No policies cached. Users may experience slow response times."
|
||||
msgstr "No policies cached. Users may experience slow response times."
|
||||
|
||||
#: src/pages/users/UserListPage.ts:135
|
||||
#: src/pages/users/UserListPage.ts:139
|
||||
msgid "No recovery flow is configured."
|
||||
msgstr "No recovery flow is configured."
|
||||
|
||||
@ -2628,7 +2632,7 @@ msgstr "Required"
|
||||
msgid "Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only."
|
||||
msgstr "Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only."
|
||||
|
||||
#: src/pages/users/UserListPage.ts:140
|
||||
#: src/pages/users/UserListPage.ts:144
|
||||
#: src/pages/users/UserViewPage.ts:165
|
||||
msgid "Reset Password"
|
||||
msgstr "Reset Password"
|
||||
@ -3172,7 +3176,7 @@ msgstr "Successfully deleted {0} {1}"
|
||||
msgid "Successfully generated certificate-key pair."
|
||||
msgstr "Successfully generated certificate-key pair."
|
||||
|
||||
#: src/pages/users/UserListPage.ts:128
|
||||
#: src/pages/users/UserListPage.ts:132
|
||||
#: src/pages/users/UserViewPage.ts:160
|
||||
msgid "Successfully generated recovery link"
|
||||
msgstr "Successfully generated recovery link"
|
||||
@ -3613,7 +3617,7 @@ msgstr "Up-to-date!"
|
||||
#: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts:71
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:105
|
||||
#: src/pages/users/UserActiveForm.ts:66
|
||||
#: src/pages/users/UserListPage.ts:68
|
||||
#: src/pages/users/UserListPage.ts:72
|
||||
#: src/pages/users/UserViewPage.ts:139
|
||||
msgid "Update"
|
||||
msgstr "Update"
|
||||
@ -3693,7 +3697,7 @@ msgid "Update Token"
|
||||
msgstr "Update Token"
|
||||
|
||||
#: src/pages/policies/BoundPoliciesList.ts:106
|
||||
#: src/pages/users/UserListPage.ts:71
|
||||
#: src/pages/users/UserListPage.ts:75
|
||||
#: src/pages/users/UserViewPage.ts:142
|
||||
msgid "Update User"
|
||||
msgstr "Update User"
|
||||
@ -3758,8 +3762,8 @@ msgstr "Use the user's username, but deny enrollment when the username already e
|
||||
#: src/pages/property-mappings/PropertyMappingTestForm.ts:51
|
||||
#: src/pages/tokens/TokenListPage.ts:45
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:72
|
||||
#: src/pages/users/UserListPage.ts:88
|
||||
#: src/pages/users/UserListPage.ts:108
|
||||
#: src/pages/users/UserListPage.ts:92
|
||||
#: src/pages/users/UserListPage.ts:112
|
||||
msgid "User"
|
||||
msgstr "User"
|
||||
|
||||
@ -3841,7 +3845,7 @@ msgstr "Username: Same as Text input, but checks for and prevents duplicate user
|
||||
|
||||
#: src/interfaces/AdminInterface.ts:32
|
||||
#: src/pages/admin-overview/AdminOverviewPage.ts:50
|
||||
#: src/pages/users/UserListPage.ts:32
|
||||
#: src/pages/users/UserListPage.ts:33
|
||||
msgid "Users"
|
||||
msgstr "Users"
|
||||
|
||||
@ -4013,7 +4017,7 @@ msgstr "X509 Subject"
|
||||
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:105
|
||||
#: src/pages/tokens/TokenListPage.ts:56
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:83
|
||||
#: src/pages/users/UserListPage.ts:63
|
||||
#: src/pages/users/UserListPage.ts:67
|
||||
msgid "Yes"
|
||||
msgstr "Yes"
|
||||
|
||||
|
||||
@ -91,7 +91,7 @@ msgid "Action"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/groups/MemberSelectModal.ts:46
|
||||
#: src/pages/users/UserListPage.ts:51
|
||||
#: src/pages/users/UserListPage.ts:55
|
||||
#: src/pages/users/UserViewPage.ts:116
|
||||
msgid "Active"
|
||||
msgstr ""
|
||||
@ -761,8 +761,8 @@ msgstr ""
|
||||
#: src/pages/stages/prompt/PromptStageForm.ts:98
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:50
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:58
|
||||
#: src/pages/users/UserListPage.ts:151
|
||||
#: src/pages/users/UserListPage.ts:159
|
||||
#: src/pages/users/UserListPage.ts:155
|
||||
#: src/pages/users/UserListPage.ts:163
|
||||
msgid "Create"
|
||||
msgstr ""
|
||||
|
||||
@ -832,7 +832,7 @@ msgstr ""
|
||||
msgid "Create Token"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:154
|
||||
#: src/pages/users/UserListPage.ts:158
|
||||
msgid "Create User"
|
||||
msgstr ""
|
||||
|
||||
@ -910,7 +910,7 @@ msgstr ""
|
||||
#: src/pages/tokens/TokenListPage.ts:68
|
||||
#: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts:40
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:125
|
||||
#: src/pages/users/UserListPage.ts:115
|
||||
#: src/pages/users/UserListPage.ts:119
|
||||
msgid "Delete"
|
||||
msgstr ""
|
||||
|
||||
@ -998,8 +998,8 @@ msgstr ""
|
||||
msgid "Digits"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:81
|
||||
#: src/pages/users/UserListPage.ts:100
|
||||
#: src/pages/users/UserListPage.ts:85
|
||||
#: src/pages/users/UserListPage.ts:104
|
||||
msgid "Disable"
|
||||
msgstr ""
|
||||
|
||||
@ -1060,7 +1060,7 @@ msgstr ""
|
||||
#: src/pages/stages/StageListPage.ts:98
|
||||
#: src/pages/stages/prompt/PromptListPage.ts:75
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:113
|
||||
#: src/pages/users/UserListPage.ts:76
|
||||
#: src/pages/users/UserListPage.ts:80
|
||||
#: src/pages/users/UserViewPage.ts:147
|
||||
msgid "Edit"
|
||||
msgstr ""
|
||||
@ -1111,8 +1111,8 @@ msgstr ""
|
||||
msgid "Email: Text field with Email type."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:81
|
||||
#: src/pages/users/UserListPage.ts:100
|
||||
#: src/pages/users/UserListPage.ts:85
|
||||
#: src/pages/users/UserListPage.ts:104
|
||||
msgid "Enable"
|
||||
msgstr ""
|
||||
|
||||
@ -1512,6 +1512,10 @@ msgstr ""
|
||||
msgid "Hide managed mappings"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:186
|
||||
msgid "Hide service-accounts"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/events/RuleForm.ts:93
|
||||
#: src/pages/groups/GroupForm.ts:131
|
||||
#: src/pages/outposts/OutpostForm.ts:98
|
||||
@ -1569,7 +1573,7 @@ msgstr ""
|
||||
msgid "If your authentik Instance is using a self-signed certificate, set this value."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:143
|
||||
#: src/pages/users/UserListPage.ts:147
|
||||
msgid "Impersonate"
|
||||
msgstr ""
|
||||
|
||||
@ -1672,7 +1676,7 @@ msgid "Label shown next to/above the prompt."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/groups/MemberSelectModal.ts:47
|
||||
#: src/pages/users/UserListPage.ts:52
|
||||
#: src/pages/users/UserListPage.ts:56
|
||||
#: src/pages/users/UserViewPage.ts:108
|
||||
msgid "Last login"
|
||||
msgstr ""
|
||||
@ -1978,7 +1982,7 @@ msgstr ""
|
||||
#: src/pages/stages/user_write/UserWriteStageForm.ts:55
|
||||
#: src/pages/user-settings/UserDetailsPage.ts:64
|
||||
#: src/pages/users/UserForm.ts:54
|
||||
#: src/pages/users/UserListPage.ts:50
|
||||
#: src/pages/users/UserListPage.ts:54
|
||||
#: src/pages/users/UserViewPage.ts:92
|
||||
msgid "Name"
|
||||
msgstr ""
|
||||
@ -2012,7 +2016,7 @@ msgstr ""
|
||||
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:108
|
||||
#: src/pages/tokens/TokenListPage.ts:56
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:83
|
||||
#: src/pages/users/UserListPage.ts:63
|
||||
#: src/pages/users/UserListPage.ts:67
|
||||
msgid "No"
|
||||
msgstr ""
|
||||
|
||||
@ -2062,7 +2066,7 @@ msgstr ""
|
||||
msgid "No policies cached. Users may experience slow response times."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:135
|
||||
#: src/pages/users/UserListPage.ts:139
|
||||
msgid "No recovery flow is configured."
|
||||
msgstr ""
|
||||
|
||||
@ -2620,7 +2624,7 @@ msgstr ""
|
||||
msgid "Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:140
|
||||
#: src/pages/users/UserListPage.ts:144
|
||||
#: src/pages/users/UserViewPage.ts:165
|
||||
msgid "Reset Password"
|
||||
msgstr ""
|
||||
@ -3164,7 +3168,7 @@ msgstr ""
|
||||
msgid "Successfully generated certificate-key pair."
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/users/UserListPage.ts:128
|
||||
#: src/pages/users/UserListPage.ts:132
|
||||
#: src/pages/users/UserViewPage.ts:160
|
||||
msgid "Successfully generated recovery link"
|
||||
msgstr ""
|
||||
@ -3601,7 +3605,7 @@ msgstr ""
|
||||
#: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts:71
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:105
|
||||
#: src/pages/users/UserActiveForm.ts:66
|
||||
#: src/pages/users/UserListPage.ts:68
|
||||
#: src/pages/users/UserListPage.ts:72
|
||||
#: src/pages/users/UserViewPage.ts:139
|
||||
msgid "Update"
|
||||
msgstr ""
|
||||
@ -3681,7 +3685,7 @@ msgid "Update Token"
|
||||
msgstr ""
|
||||
|
||||
#: src/pages/policies/BoundPoliciesList.ts:106
|
||||
#: src/pages/users/UserListPage.ts:71
|
||||
#: src/pages/users/UserListPage.ts:75
|
||||
#: src/pages/users/UserViewPage.ts:142
|
||||
msgid "Update User"
|
||||
msgstr ""
|
||||
@ -3746,8 +3750,8 @@ msgstr ""
|
||||
#: src/pages/property-mappings/PropertyMappingTestForm.ts:51
|
||||
#: src/pages/tokens/TokenListPage.ts:45
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:72
|
||||
#: src/pages/users/UserListPage.ts:88
|
||||
#: src/pages/users/UserListPage.ts:108
|
||||
#: src/pages/users/UserListPage.ts:92
|
||||
#: src/pages/users/UserListPage.ts:112
|
||||
msgid "User"
|
||||
msgstr ""
|
||||
|
||||
@ -3829,7 +3833,7 @@ msgstr ""
|
||||
|
||||
#: src/interfaces/AdminInterface.ts:32
|
||||
#: src/pages/admin-overview/AdminOverviewPage.ts:50
|
||||
#: src/pages/users/UserListPage.ts:32
|
||||
#: src/pages/users/UserListPage.ts:33
|
||||
msgid "Users"
|
||||
msgstr ""
|
||||
|
||||
@ -3999,7 +4003,7 @@ msgstr ""
|
||||
#: src/pages/providers/proxy/ProxyProviderViewPage.ts:105
|
||||
#: src/pages/tokens/TokenListPage.ts:56
|
||||
#: src/pages/user-settings/tokens/UserTokenList.ts:83
|
||||
#: src/pages/users/UserListPage.ts:63
|
||||
#: src/pages/users/UserListPage.ts:67
|
||||
msgid "Yes"
|
||||
msgstr ""
|
||||
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
import { Outpost, OutpostsApi, ProvidersApi } from "authentik-api";
|
||||
import { Outpost, OutpostsApi, OutpostTypeEnum, ProvidersApi } from "authentik-api";
|
||||
import { t } from "@lingui/macro";
|
||||
import { customElement, property } from "lit-element";
|
||||
import { html, TemplateResult } from "lit-html";
|
||||
@ -50,7 +50,8 @@ export class OutpostForm extends Form<Outpost> {
|
||||
?required=${true}
|
||||
name="type">
|
||||
<select class="pf-c-form-control">
|
||||
<option value="proxy" ?selected=${true}>${t`Proxy`}</option>s
|
||||
<option value=${OutpostTypeEnum.Proxy} ?selected=${this.outpost?.type === OutpostTypeEnum.Proxy}>${t`Proxy`}</option>
|
||||
<option value=${OutpostTypeEnum.Ldap} ?selected=${this.outpost?.type === OutpostTypeEnum.Ldap}>${t`LDAP`}</option>
|
||||
</select>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
@ -88,6 +89,16 @@ export class OutpostForm extends Form<Outpost> {
|
||||
return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}>${provider.verboseName} ${provider.name}</option>`;
|
||||
});
|
||||
}), html`<option>${t`Loading...`}</option>`)}
|
||||
${until(new ProvidersApi(DEFAULT_CONFIG).providersLdapList({
|
||||
ordering: "pk"
|
||||
}).then(providers => {
|
||||
return providers.results.map(provider => {
|
||||
const selected = Array.from(this.outpost?.providers || []).some(sp => {
|
||||
return sp == provider.pk;
|
||||
});
|
||||
return html`<option value=${ifDefined(provider.pk)} ?selected=${selected}>${provider.verboseName} ${provider.name}</option>`;
|
||||
});
|
||||
}), html`<option>${t`Loading...`}</option>`)}
|
||||
</select>
|
||||
<p class="pf-c-form__helper-text">${t`Hold control/command to select multiple items.`}</p>
|
||||
</ak-form-element-horizontal>
|
||||
|
||||
@ -8,6 +8,7 @@ import "../../elements/buttons/Dropdown";
|
||||
import "../../elements/forms/DeleteForm";
|
||||
import "../../elements/forms/ModalForm";
|
||||
import "../../elements/forms/ProxyForm";
|
||||
import "./ldap/LDAPProviderForm";
|
||||
import "./oauth2/OAuth2ProviderForm";
|
||||
import "./proxy/ProxyProviderForm";
|
||||
import "./saml/SAMLProviderForm";
|
||||
|
||||
103
web/src/pages/providers/ldap/LDAPProviderForm.ts
Normal file
103
web/src/pages/providers/ldap/LDAPProviderForm.ts
Normal file
@ -0,0 +1,103 @@
|
||||
import { FlowDesignationEnum, FlowsApi, ProvidersApi, LDAPProvider, CoreApi } from "authentik-api";
|
||||
import { t } from "@lingui/macro";
|
||||
import { customElement, property } from "lit-element";
|
||||
import { html, TemplateResult } from "lit-html";
|
||||
import { DEFAULT_CONFIG } from "../../../api/Config";
|
||||
import { Form } from "../../../elements/forms/Form";
|
||||
import { until } from "lit-html/directives/until";
|
||||
import { ifDefined } from "lit-html/directives/if-defined";
|
||||
import "../../../elements/forms/HorizontalFormElement";
|
||||
import "../../../elements/forms/FormGroup";
|
||||
import { first } from "../../../utils";
|
||||
|
||||
@customElement("ak-provider-ldap-form")
|
||||
export class LDAPProviderFormPage extends Form<LDAPProvider> {
|
||||
|
||||
set providerUUID(value: number) {
|
||||
new ProvidersApi(DEFAULT_CONFIG).providersLdapRead({
|
||||
id: value,
|
||||
}).then(provider => {
|
||||
this.provider = provider;
|
||||
});
|
||||
}
|
||||
|
||||
@property({attribute: false})
|
||||
provider?: LDAPProvider;
|
||||
|
||||
getSuccessMessage(): string {
|
||||
if (this.provider) {
|
||||
return t`Successfully updated provider.`;
|
||||
} else {
|
||||
return t`Successfully created provider.`;
|
||||
}
|
||||
}
|
||||
|
||||
send = (data: LDAPProvider): Promise<LDAPProvider> => {
|
||||
if (this.provider) {
|
||||
return new ProvidersApi(DEFAULT_CONFIG).providersLdapUpdate({
|
||||
id: this.provider.pk || 0,
|
||||
data: data
|
||||
});
|
||||
} else {
|
||||
return new ProvidersApi(DEFAULT_CONFIG).providersLdapCreate({
|
||||
data: data
|
||||
});
|
||||
}
|
||||
};
|
||||
|
||||
renderForm(): TemplateResult {
|
||||
return html`<form class="pf-c-form pf-m-horizontal">
|
||||
<ak-form-element-horizontal
|
||||
label=${t`Name`}
|
||||
?required=${true}
|
||||
name="name">
|
||||
<input type="text" value="${ifDefined(this.provider?.name)}" class="pf-c-form-control" required>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${t`Bind flow`}
|
||||
?required=${true}
|
||||
name="authorizationFlow">
|
||||
<select class="pf-c-form-control">
|
||||
${until(new FlowsApi(DEFAULT_CONFIG).flowsInstancesList({
|
||||
ordering: "pk",
|
||||
designation: FlowDesignationEnum.Authentication,
|
||||
}).then(flows => {
|
||||
return flows.results.map(flow => {
|
||||
return html`<option value=${ifDefined(flow.pk)} ?selected=${this.provider?.authorizationFlow === flow.pk}>${flow.name} (${flow.slug})</option>`;
|
||||
});
|
||||
}), html`<option>${t`Loading...`}</option>`)}
|
||||
</select>
|
||||
<p class="pf-c-form__helper-text">${t`Flow used for users to authenticate. Currently only identification and password stages are supported.`}</p>
|
||||
</ak-form-element-horizontal>
|
||||
<ak-form-element-horizontal
|
||||
label=${t`Group`}
|
||||
name="searchGroup">
|
||||
<select class="pf-c-form-control">
|
||||
<option value="" ?selected=${this.provider?.searchGroup === undefined}>---------</option>
|
||||
${until(new CoreApi(DEFAULT_CONFIG).coreGroupsList({}).then(groups => {
|
||||
return groups.results.map(group => {
|
||||
return html`<option value=${ifDefined(group.pk)} ?selected=${this.provider?.searchGroup === group.pk}>${group.name}</option>`;
|
||||
});
|
||||
}), html`<option>${t`Loading...`}</option>`)}
|
||||
</select>
|
||||
<p class="pf-c-form__helper-text">${t`Users in the selected group can do search queries.`}</p>
|
||||
</ak-form-element-horizontal>
|
||||
|
||||
<ak-form-group .expanded=${true}>
|
||||
<span slot="header">
|
||||
${t`Protocol settings`}
|
||||
</span>
|
||||
<div slot="body" class="pf-c-form">
|
||||
<ak-form-element-horizontal
|
||||
label=${t`Base DN`}
|
||||
?required=${true}
|
||||
name="baseDn">
|
||||
<input type="text" value="${first(this.provider?.baseDn, "DC=ldap,DC=goauthentik,DC=io")}" class="pf-c-form-control" required>
|
||||
<p class="pf-c-form__helper-text">${t`LDAP DN under which bind requests and search requests can be made.`}</p>
|
||||
</ak-form-element-horizontal>
|
||||
</div>
|
||||
</ak-form-group>
|
||||
</form>`;
|
||||
}
|
||||
|
||||
}
|
||||
129
web/src/pages/providers/ldap/LDAPProviderViewPage.ts
Normal file
129
web/src/pages/providers/ldap/LDAPProviderViewPage.ts
Normal file
@ -0,0 +1,129 @@
|
||||
import { t } from "@lingui/macro";
|
||||
import { CSSResult, customElement, html, LitElement, property, TemplateResult } from "lit-element";
|
||||
import PFButton from "@patternfly/patternfly/components/Button/button.css";
|
||||
import PFPage from "@patternfly/patternfly/components/Page/page.css";
|
||||
import PFContent from "@patternfly/patternfly/components/Content/content.css";
|
||||
import PFGallery from "@patternfly/patternfly/layouts/Gallery/gallery.css";
|
||||
import PFCard from "@patternfly/patternfly/components/Card/card.css";
|
||||
import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css";
|
||||
import PFSizing from "@patternfly/patternfly/utilities/Sizing/sizing.css";
|
||||
import PFFlex from "@patternfly/patternfly/utilities/Flex/flex.css";
|
||||
import PFDisplay from "@patternfly/patternfly/utilities/Display/display.css";
|
||||
import PFBase from "@patternfly/patternfly/patternfly-base.css";
|
||||
import AKGlobal from "../../../authentik.css";
|
||||
|
||||
import "../../../elements/buttons/ModalButton";
|
||||
import "../../../elements/buttons/SpinnerButton";
|
||||
import "../../../elements/CodeMirror";
|
||||
import "../../../elements/Tabs";
|
||||
import "../../../elements/events/ObjectChangelog";
|
||||
import "../RelatedApplicationButton";
|
||||
import "./LDAPProviderForm";
|
||||
import { ProvidersApi, LDAPProvider } from "authentik-api";
|
||||
import { DEFAULT_CONFIG } from "../../../api/Config";
|
||||
import { EVENT_REFRESH } from "../../../constants";
|
||||
|
||||
@customElement("ak-provider-ldap-view")
|
||||
export class LDAPProviderViewPage extends LitElement {
|
||||
|
||||
@property()
|
||||
set args(value: { [key: string]: number }) {
|
||||
this.providerID = value.id;
|
||||
}
|
||||
|
||||
@property({type: Number})
|
||||
set providerID(value: number) {
|
||||
new ProvidersApi(DEFAULT_CONFIG).providersLdapRead({
|
||||
id: value,
|
||||
}).then((prov) => (this.provider = prov));
|
||||
}
|
||||
|
||||
@property({ attribute: false })
|
||||
provider?: LDAPProvider;
|
||||
|
||||
static get styles(): CSSResult[] {
|
||||
return [PFBase, PFButton, PFPage, PFFlex, PFDisplay, PFGallery, PFContent, PFCard, PFDescriptionList, PFSizing, AKGlobal];
|
||||
}
|
||||
|
||||
constructor() {
|
||||
super();
|
||||
this.addEventListener(EVENT_REFRESH, () => {
|
||||
if (!this.provider?.pk) return;
|
||||
this.providerID = this.provider?.pk;
|
||||
});
|
||||
}
|
||||
|
||||
render(): TemplateResult {
|
||||
if (!this.provider) {
|
||||
return html``;
|
||||
}
|
||||
return html`<ak-tabs>
|
||||
<section slot="page-overview" data-tab-title="${t`Overview`}" class="pf-c-page__main-section pf-m-no-padding-mobile">
|
||||
<div class="pf-u-display-flex pf-u-justify-content-center">
|
||||
<div class="pf-u-w-75">
|
||||
<div class="pf-c-card">
|
||||
<div class="pf-c-card__body">
|
||||
<dl class="pf-c-description-list pf-m-3-col-on-lg">
|
||||
<div class="pf-c-description-list__group">
|
||||
<dt class="pf-c-description-list__term">
|
||||
<span class="pf-c-description-list__text">${t`Name`}</span>
|
||||
</dt>
|
||||
<dd class="pf-c-description-list__description">
|
||||
<div class="pf-c-description-list__text">${this.provider.name}</div>
|
||||
</dd>
|
||||
</div>
|
||||
<div class="pf-c-description-list__group">
|
||||
<dt class="pf-c-description-list__term">
|
||||
<span class="pf-c-description-list__text">${t`Assigned to application`}</span>
|
||||
</dt>
|
||||
<dd class="pf-c-description-list__description">
|
||||
<div class="pf-c-description-list__text">
|
||||
<ak-provider-related-application .provider=${this.provider}></ak-provider-related-application>
|
||||
</div>
|
||||
</dd>
|
||||
</div>
|
||||
<div class="pf-c-description-list__group">
|
||||
<dt class="pf-c-description-list__term">
|
||||
<span class="pf-c-description-list__text">${t`Base DN`}</span>
|
||||
</dt>
|
||||
<dd class="pf-c-description-list__description">
|
||||
<div class="pf-c-description-list__text">${this.provider.baseDn}</div>
|
||||
</dd>
|
||||
</div>
|
||||
</dl>
|
||||
</div>
|
||||
<div class="pf-c-card__footer">
|
||||
<ak-forms-modal>
|
||||
<span slot="submit">
|
||||
${t`Update`}
|
||||
</span>
|
||||
<span slot="header">
|
||||
${t`Update LDAP Provider`}
|
||||
</span>
|
||||
<ak-provider-ldap-form
|
||||
slot="form"
|
||||
.providerUUID=${this.provider.pk || 0}>
|
||||
</ak-provider-ldap-form>
|
||||
<button slot="trigger" class="pf-c-button pf-m-primary">
|
||||
${t`Edit`}
|
||||
</button>
|
||||
</ak-forms-modal>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
<section slot="page-changelog" data-tab-title="${t`Changelog`}" class="pf-c-page__main-section pf-m-no-padding-mobile">
|
||||
<div class="pf-c-card">
|
||||
<div class="pf-c-card__body">
|
||||
<ak-object-changelog
|
||||
targetModelPk=${this.provider.pk || ""}
|
||||
targetModelApp="authentik_providers_ldap"
|
||||
targetModelName="LDAPProvider">
|
||||
</ak-object-changelog>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
</ak-tabs>`;
|
||||
}
|
||||
}
|
||||
@ -156,6 +156,7 @@ export class OAuthSourceForm extends Form<OAuthSource> {
|
||||
<ak-form-element-horizontal
|
||||
label=${t`Consumer secret`}
|
||||
?required=${true}
|
||||
?writeOnly=${this.source !== undefined}
|
||||
name="consumerSecret">
|
||||
<input type="text" value="${ifDefined(this.source?.consumerSecret)}" class="pf-c-form-control" required>
|
||||
</ak-form-element-horizontal>
|
||||
|
||||
Reference in New Issue
Block a user