sources/ldap: rename ldappropertymapping to ldapsourcepropertymapping (#10606)

authentik/sources/ldap/api.py

@@ -21,7 +21,7 @@ from authentik.core.api.sources import SourceSerializer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.crypto.models import CertificateKeyPair
 from authentik.lib.sync.outgoing.api import SyncStatusSerializer
-from authentik.sources.ldap.models import LDAPPropertyMapping, LDAPSource
+from authentik.sources.ldap.models import LDAPSource, LDAPSourcePropertyMapping
 from authentik.sources.ldap.tasks import CACHE_KEY_STATUS, SYNC_CLASSES
 
 
@@ -177,29 +177,29 @@ class LDAPSourceViewSet(UsedByMixin, ModelViewSet):
         return Response(data=all_objects)
 
 
-class LDAPPropertyMappingSerializer(PropertyMappingSerializer):
+class LDAPSourcePropertyMappingSerializer(PropertyMappingSerializer):
     """LDAP PropertyMapping Serializer"""
 
     class Meta:
-        model = LDAPPropertyMapping
+        model = LDAPSourcePropertyMapping
         fields = PropertyMappingSerializer.Meta.fields
 
 
-class LDAPPropertyMappingFilter(FilterSet):
+class LDAPSourcePropertyMappingFilter(FilterSet):
-    """Filter for LDAPPropertyMapping"""
+    """Filter for LDAPSourcePropertyMapping"""
 
     managed = extend_schema_field(OpenApiTypes.STR)(AllValuesMultipleFilter(field_name="managed"))
 
     class Meta:
-        model = LDAPPropertyMapping
+        model = LDAPSourcePropertyMapping
         fields = "__all__"
 
 
-class LDAPPropertyMappingViewSet(UsedByMixin, ModelViewSet):
+class LDAPSourcePropertyMappingViewSet(UsedByMixin, ModelViewSet):
     """LDAP PropertyMapping Viewset"""
 
-    queryset = LDAPPropertyMapping.objects.all()
+    queryset = LDAPSourcePropertyMapping.objects.all()
-    serializer_class = LDAPPropertyMappingSerializer
+    serializer_class = LDAPSourcePropertyMappingSerializer
-    filterset_class = LDAPPropertyMappingFilter
+    filterset_class = LDAPSourcePropertyMappingFilter
     search_fields = ["name"]
     ordering = ["name"]

authentik/sources/ldap/migrations/0006_rename_ldappropertymapping_ldapsourcepropertymapping_and_more.py

@@ -0,0 +1,25 @@
+# Generated by Django 5.0.7 on 2024-07-24 12:44
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("authentik_core", "0037_remove_source_property_mappings"),
+        ("authentik_sources_ldap", "0005_remove_ldappropertymapping_object_field_and_more"),
+    ]
+
+    operations = [
+        migrations.RenameModel(
+            old_name="LDAPPropertyMapping",
+            new_name="LDAPSourcePropertyMapping",
+        ),
+        migrations.AlterModelOptions(
+            name="ldapsourcepropertymapping",
+            options={
+                "verbose_name": "LDAP Source Property Mapping",
+                "verbose_name_plural": "LDAP Source Property Mappings",
+            },
+        ),
+    ]

authentik/sources/ldap/models.py

@@ -135,9 +135,9 @@ class LDAPSource(Source):
 
     @property
     def property_mapping_type(self) -> "type[PropertyMapping]":
-        from authentik.sources.ldap.models import LDAPPropertyMapping
+        from authentik.sources.ldap.models import LDAPSourcePropertyMapping
 
-        return LDAPPropertyMapping
+        return LDAPSourcePropertyMapping
 
     def update_properties_with_uniqueness_field(self, properties, dn, ldap, **kwargs):
         properties.setdefault("attributes", {})[LDAP_DISTINGUISHED_NAME] = dn
@@ -285,22 +285,22 @@ class LDAPSource(Source):
         verbose_name_plural = _("LDAP Sources")
 
 
-class LDAPPropertyMapping(PropertyMapping):
+class LDAPSourcePropertyMapping(PropertyMapping):
     """Map LDAP Property to User or Group object attribute"""
 
     @property
     def component(self) -> str:
-        return "ak-property-mapping-ldap-form"
+        return "ak-property-mapping-ldap-source-form"
 
     @property
     def serializer(self) -> type[Serializer]:
-        from authentik.sources.ldap.api import LDAPPropertyMappingSerializer
+        from authentik.sources.ldap.api import LDAPSourcePropertyMappingSerializer
 
-        return LDAPPropertyMappingSerializer
+        return LDAPSourcePropertyMappingSerializer
 
     def __str__(self):
         return str(self.name)
 
     class Meta:
-        verbose_name = _("LDAP Property Mapping")
+        verbose_name = _("LDAP Source Property Mapping")
-        verbose_name_plural = _("LDAP Property Mappings")
+        verbose_name_plural = _("LDAP Source Property Mappings")

authentik/sources/ldap/tests/test_auth.py

@@ -9,7 +9,7 @@ from authentik.blueprints.tests import apply_blueprint
 from authentik.core.models import User
 from authentik.lib.generators import generate_key
 from authentik.sources.ldap.auth import LDAPBackend
-from authentik.sources.ldap.models import LDAPPropertyMapping, LDAPSource
+from authentik.sources.ldap.models import LDAPSource, LDAPSourcePropertyMapping
 from authentik.sources.ldap.sync.users import UserLDAPSynchronizer
 from authentik.sources.ldap.tests.mock_ad import mock_ad_connection
 from authentik.sources.ldap.tests.mock_slapd import mock_slapd_connection
@@ -33,7 +33,7 @@ class LDAPSyncTests(TestCase):
     def test_auth_direct_user_ad(self):
         """Test direct auth"""
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default-")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms-")
             )
@@ -64,7 +64,7 @@ class LDAPSyncTests(TestCase):
     def test_auth_synced_user_ad(self):
         """Test Cached auth"""
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default-")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms-")
             )
@@ -90,7 +90,7 @@ class LDAPSyncTests(TestCase):
         """Test Cached auth"""
         self.source.object_uniqueness_field = "uid"
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(name__startswith="authentik default LDAP Mapping")
                 | Q(name__startswith="authentik default OpenLDAP Mapping")
             )

authentik/sources/ldap/tests/test_password.py

@@ -6,7 +6,7 @@ from django.test import TestCase
 
 from authentik.core.models import User
 from authentik.lib.generators import generate_key
-from authentik.sources.ldap.models import LDAPPropertyMapping, LDAPSource
+from authentik.sources.ldap.models import LDAPSource, LDAPSourcePropertyMapping
 from authentik.sources.ldap.password import LDAPPasswordChanger
 from authentik.sources.ldap.tests.mock_ad import mock_ad_connection
 
@@ -25,7 +25,7 @@ class LDAPPasswordTests(TestCase):
             additional_user_dn="ou=users",
             additional_group_dn="ou=groups",
         )
-        self.source.user_property_mappings.set(LDAPPropertyMapping.objects.all())
+        self.source.user_property_mappings.set(LDAPSourcePropertyMapping.objects.all())
         self.source.save()
 
     @patch("authentik.sources.ldap.models.LDAPSource.connection", LDAP_CONNECTION_PATCH)

authentik/sources/ldap/tests/test_sync.py

@@ -13,7 +13,7 @@ from authentik.events.system_tasks import TaskStatus
 from authentik.lib.generators import generate_id, generate_key
 from authentik.lib.sync.outgoing.exceptions import StopSync
 from authentik.lib.utils.reflection import class_to_path
-from authentik.sources.ldap.models import LDAPPropertyMapping, LDAPSource
+from authentik.sources.ldap.models import LDAPSource, LDAPSourcePropertyMapping
 from authentik.sources.ldap.sync.groups import GroupLDAPSynchronizer
 from authentik.sources.ldap.sync.membership import MembershipLDAPSynchronizer
 from authentik.sources.ldap.sync.users import UserLDAPSynchronizer
@@ -49,12 +49,12 @@ class LDAPSyncTests(TestCase):
     def test_sync_error(self):
         """Test user sync"""
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms")
             )
         )
-        mapping = LDAPPropertyMapping.objects.create(
+        mapping = LDAPSourcePropertyMapping.objects.create(
             name="name",
             expression="q",
         )
@@ -76,12 +76,14 @@ class LDAPSyncTests(TestCase):
 
     def test_sync_mapping(self):
         """Test property mappings"""
-        none = LDAPPropertyMapping.objects.create(name=generate_id(), expression="return None")
+        none = LDAPSourcePropertyMapping.objects.create(
-        byte_mapping = LDAPPropertyMapping.objects.create(
+            name=generate_id(), expression="return None"
+        )
+        byte_mapping = LDAPSourcePropertyMapping.objects.create(
             name=generate_id(), expression="return b''"
         )
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms")
             )
@@ -97,7 +99,7 @@ class LDAPSyncTests(TestCase):
     def test_sync_users_ad(self):
         """Test user sync"""
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms")
             )
@@ -131,7 +133,7 @@ class LDAPSyncTests(TestCase):
         """Test user sync"""
         self.source.object_uniqueness_field = "uid"
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/openldap")
             )
@@ -147,7 +149,7 @@ class LDAPSyncTests(TestCase):
         """Test user sync (FreeIPA-ish), mainly testing vendor quirks"""
         self.source.object_uniqueness_field = "uid"
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/openldap")
             )
@@ -163,13 +165,15 @@ class LDAPSyncTests(TestCase):
     def test_sync_groups_ad(self):
         """Test group sync"""
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms")
             )
         )
         self.source.group_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(managed="goauthentik.io/sources/ldap/default-name")
+            LDAPSourcePropertyMapping.objects.filter(
+                managed="goauthentik.io/sources/ldap/default-name"
+            )
         )
         connection = MagicMock(return_value=mock_ad_connection(LDAP_PASSWORD))
         with patch("authentik.sources.ldap.models.LDAPSource.connection", connection):
@@ -190,13 +194,15 @@ class LDAPSyncTests(TestCase):
         self.source.object_uniqueness_field = "uid"
         self.source.group_object_filter = "(objectClass=groupOfNames)"
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/openldap")
             )
         )
         self.source.group_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(managed="goauthentik.io/sources/ldap/openldap-cn")
+            LDAPSourcePropertyMapping.objects.filter(
+                managed="goauthentik.io/sources/ldap/openldap-cn"
+            )
         )
         connection = MagicMock(return_value=mock_slapd_connection(LDAP_PASSWORD))
         with patch("authentik.sources.ldap.models.LDAPSource.connection", connection):
@@ -215,13 +221,15 @@ class LDAPSyncTests(TestCase):
         self.source.user_object_filter = "(objectClass=posixAccount)"
         self.source.group_object_filter = "(objectClass=posixGroup)"
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/openldap")
             )
         )
         self.source.group_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(managed="goauthentik.io/sources/ldap/openldap-cn")
+            LDAPSourcePropertyMapping.objects.filter(
+                managed="goauthentik.io/sources/ldap/openldap-cn"
+            )
         )
         connection = MagicMock(return_value=mock_slapd_connection(LDAP_PASSWORD))
         with patch("authentik.sources.ldap.models.LDAPSource.connection", connection):
@@ -239,7 +247,7 @@ class LDAPSyncTests(TestCase):
     def test_tasks_ad(self):
         """Test Scheduled tasks"""
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms")
             )
@@ -254,7 +262,7 @@ class LDAPSyncTests(TestCase):
         self.source.object_uniqueness_field = "uid"
         self.source.group_object_filter = "(objectClass=groupOfNames)"
         self.source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/openldap")
             )

authentik/sources/ldap/urls.py

@@ -1,8 +1,8 @@
 """API URLs"""
 
-from authentik.sources.ldap.api import LDAPPropertyMappingViewSet, LDAPSourceViewSet
+from authentik.sources.ldap.api import LDAPSourcePropertyMappingViewSet, LDAPSourceViewSet
 
 api_urlpatterns = [
-    ("propertymappings/ldap", LDAPPropertyMappingViewSet),
+    ("propertymappings/source/ldap", LDAPSourcePropertyMappingViewSet),
     ("sources/ldap", LDAPSourceViewSet),
 ]

blueprints/example/sources-google-ldap-mappings.yaml

@@ -6,217 +6,281 @@ metadata:
 entries:
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-uid
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: uid"
-      object_field: "username"
       expression: |
-        return ldap.get('uid')
+        return {
+          "username": ldap.get("uid"),
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-googleuid
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: googleUid"
-      object_field: "attributes.googleUid"
       expression: |
-        return ldap.get('googleUid')
+        return {
+          "attributes": {
+            "googleUid": ldap.get("googleUid"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-posixuid
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: posixUid"
-      object_field: "attributes.posixUid"
       expression: |
-        return ldap.get('posixUid')
+        return {
+          "attributes": {
+            "posixUid": ldap.get("posixUid"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-cn
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: cn"
-      object_field: "name"
       expression: |
-        return ldap.get('cn')
+        return {
+          "name": ldap.get("cn"),
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-sn
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: sn"
-      object_field: "attributes.sn"
       expression: |
-        return list_flatten(ldap.get('sn'))
+        return {
+          "attributes": {
+            "sn": list_flatten(ldap.get("sn")),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-givenname
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: givenName"
-      object_field: "attributes.givenName"
       expression: |
-        return list_flatten(ldap.get('givenName'))
+        return {
+          "attributes": {
+            "givenName": list_flatten(ldap.get("givenName")),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-displayname
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: displayName"
-      object_field: "attributes.displayName"
       expression: |
-        return ldap.get('displayName')
+        return {
+          "attributes": {
+            "displayName": ldap.get("displayName"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-mail
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: mail"
-      object_field: "email"
       expression: |
-        return ldap.get('mail')
+        return {
+          "email": ldap.get("mail"),
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-memberof
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: memberOf"
-      object_field: "attributes.memberOf"
       expression: |
-        return ldap.get('memberOf')
+        return {
+          "attributes": {
+            "memberOf": ldap.get("memberOf"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-title
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: title"
-      object_field: "attributes.title"
       expression: |
-        return ldap.get('title')
+        return {
+          "attributes": {
+            "title": ldap.get("title"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-employeenumber
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: employeeNumber"
-      object_field: "attributes.employeeNumber"
       expression: |
-        return ldap.get('employeeNumber')
+        return {
+          "attributes": {
+            "employeeNumber": ldap.get("employeeNumber"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-employeetype
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: employeeType"
-      object_field: "attributes.employeeType"
       expression: |
-        return ldap.get('employeeType')
+        return {
+          "attributes": {
+            "employeeType": ldap.get("employeeType"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-departmentnumber
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: departmentNumber"
-      object_field: "attributes.departmentNumber"
       expression: |
-        return ldap.get('departmentNumber')
+        return {
+          "attributes": {
+            "departmentNumber": ldap.get("departmentNumber"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-physicaldeliveryofficename
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: physicalDeliveryOfficeName"
-      object_field: "attributes.physicalDeliveryOfficeName"
       expression: |
-        return ldap.get('physicalDeliveryOfficeName')
+        return {
+          "attributes": {
+            "physicalDeliveryOfficeName": ldap.get("physicalDeliveryOfficeName"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-jpegphoto
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: jpegPhoto"
-      object_field: "attributes.jpegPhoto"
       expression: |
-        return ldap.get('jpegPhoto')
+        return {
+          "attributes": {
+            "jpegPhoto": ldap.get("jpegPhoto"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-entryuuid
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: entryUuid"
-      object_field: "attributes.entryUuid"
       expression: |
-        return ldap.get('entryUuid')
+        return {
+          "attributes": {
+            "entryUuid": ldap.get("entryUuid"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-objectsid
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: objectSid"
-      object_field: "attributes.objectSid"
       expression: |
-        return ldap.get('objectSid')
+        return {
+          "attributes": {
+            "objectSid": ldap.get("objectSid"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-uidnumber
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: uidNumber"
-      object_field: "attributes.uidNumber"
       expression: |
-        return ldap.get('uidNumber')
+        return {
+          "attributes": {
+            "uidNumber": ldap.get("uidNumber"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-gidnumber
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: gidNumber"
-      object_field: "attributes.gidNumber"
       expression: |
-        return ldap.get('gidNumber')
+        return {
+          "attributes": {
+            "gidNumber": ldap.get("gidNumber"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-homedirectory
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: homeDirectory"
-      object_field: "attributes.homeDirectory"
       expression: |
-        return ldap.get('homeDirectory')
+        return {
+          "attributes": {
+            "homeDirectoy": ldap.get("homeDirectory"),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-loginshell
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: loginShell"
-      object_field: "attributes.loginShell"
       expression: |
-        return ldap.get('loginShell')
+        return {
-  - identifiers:
+          "attributes": {
-      managed: goauthentik.io/sources/ldap/google-gidnumber
+            "loginShell": ldap.get("loginShell"),
-    model: authentik_sources_ldap.ldappropertymapping
+          },
-    attrs:
+        }
-      name: "Google Secure LDAP Mapping: gidNumber"
-      object_field: "attributes.gidNumber"
-      expression: |
-        return ldap.get('gidNumber')
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-sshpublickey
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: sshPublicKey"
-      object_field: "attributes.sshPublicKey"
       expression: |
-        return list_flatten(ldap.get('sshPublicKey'))
+        return {
+          "attributes": {
+            "sshPublicKey": list_flatten(ldap.get("sshPublicKey")),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-description
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: description"
-      object_field: "attributes.description"
       expression: |
-        return list_flatten(ldap.get('description'))
+        return {
+          "attributes": {
+            "description": list_flatten(ldap.get("description")),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-member
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: member"
-      object_field: "attributes.member"
       expression: |
-        return list_flatten(ldap.get('member'))
+        return {
+          "attributes": {
+            "member": list_flatten(ldap.get("member")),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-memberuid
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: memberUid"
-      object_field: "attributes.memberUid"
       expression: |
-        return list_flatten(ldap.get('memberUid'))
+        return {
+          "attributes": {
+            "memberUid": list_flatten(ldap.get("memberUid")),
+          },
+        }
   - identifiers:
       managed: goauthentik.io/sources/ldap/google-googleadmincreated
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "Google Secure LDAP Mapping: googleAdminCreated"
-      object_field: "attributes.googleAdminCreated"
       expression: |
-        return list_flatten(ldap.get('googleAdminCreated'))
+        return {
+          "attributes": {
+            "googleAdminCreated": list_flatten(ldap.get("googleAdminCreated")),
+          },
+        }

blueprints/schema.json

@@ -974,7 +974,7 @@
                         ],
                         "properties": {
                             "model": {
-                                "const": "authentik_sources_ldap.ldappropertymapping"
+                                "const": "authentik_sources_ldap.ldapsourcepropertymapping"
                             },
                             "id": {
                                 "type": "string"
@@ -996,10 +996,10 @@
                                 }
                             },
                             "attrs": {
-                                "$ref": "#/$defs/model_authentik_sources_ldap.ldappropertymapping"
+                                "$ref": "#/$defs/model_authentik_sources_ldap.ldapsourcepropertymapping"
                             },
                             "identifiers": {
-                                "$ref": "#/$defs/model_authentik_sources_ldap.ldappropertymapping"
+                                "$ref": "#/$defs/model_authentik_sources_ldap.ldapsourcepropertymapping"
                             }
                         }
                     },
@@ -3526,7 +3526,7 @@
                         "authentik_providers_scim.scimmapping",
                         "authentik_rbac.role",
                         "authentik_sources_ldap.ldapsource",
-                        "authentik_sources_ldap.ldappropertymapping",
+                        "authentik_sources_ldap.ldapsourcepropertymapping",
                         "authentik_sources_oauth.oauthsource",
                         "authentik_sources_oauth.useroauthsourceconnection",
                         "authentik_sources_plex.plexsource",
@@ -4623,7 +4623,7 @@
             },
             "required": []
         },
-        "model_authentik_sources_ldap.ldappropertymapping": {
+        "model_authentik_sources_ldap.ldapsourcepropertymapping": {
             "type": "object",
             "properties": {
                 "managed": {

blueprints/system/sources-ldap.yaml

@@ -6,7 +6,7 @@ metadata:
 entries:
   - identifiers:
       managed: goauthentik.io/sources/ldap/default-dn-path
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default LDAP Mapping: DN to User Path"
       expression: |
@@ -27,82 +27,82 @@ entries:
         }
   - identifiers:
       managed: goauthentik.io/sources/ldap/default-name
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default LDAP Mapping: Name"
       expression: |
         return {
-            "name": ldap.get('name'),
+            "name": ldap.get("name"),
         }
   - identifiers:
       managed: goauthentik.io/sources/ldap/default-mail
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default LDAP Mapping: mail"
       expression: |
         return {
-            "email": ldap.get('mail'),
+            "email": ldap.get("mail"),
         }
   # ActiveDirectory-specific mappings
   - identifiers:
       managed: goauthentik.io/sources/ldap/ms-samaccountname
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default Active Directory Mapping: sAMAccountName"
       expression: |
         return {
-            "username": ldap.get('sAMAccountName'),
+            "username": ldap.get("sAMAccountName"),
         }
   - identifiers:
       managed: goauthentik.io/sources/ldap/ms-userprincipalname
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default Active Directory Mapping: userPrincipalName"
       object_field: "attributes.upn"
       expression: |
         return {
             "attributes": {
-                "upn": list_flatten(ldap.get('userPrincipalName')),
+                "upn": list_flatten(ldap.get("userPrincipalName")),
             },
         }
   - identifiers:
       managed: goauthentik.io/sources/ldap/ms-givenName
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default Active Directory Mapping: givenName"
       expression: |
         return {
             "attributes": {
-                "givenName": list_flatten(ldap.get('givenName')),
+                "givenName": list_flatten(ldap.get("givenName")),
             },
         }
   - identifiers:
       managed: goauthentik.io/sources/ldap/ms-sn
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default Active Directory Mapping: sn"
       expression: |
         return {
             "attributes": {
-                "sn": list_flatten(ldap.get('sn')),
+                "sn": list_flatten(ldap.get("sn")),
             },
         }
   # OpenLDAP specific mappings
   - identifiers:
       managed: goauthentik.io/sources/ldap/openldap-uid
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default OpenLDAP Mapping: uid"
       expression: |
         return {
-            "username": ldap.get('uid'),
+            "username": ldap.get("uid"),
         }
   - identifiers:
       managed: goauthentik.io/sources/ldap/openldap-cn
-    model: authentik_sources_ldap.ldappropertymapping
+    model: authentik_sources_ldap.ldapsourcepropertymapping
     attrs:
       name: "authentik default OpenLDAP Mapping: cn"
       expression: |
         return {
-            "name": ldap.get('cn'),
+            "name": ldap.get("cn"),
         }

schema.yml

@@ -13473,292 +13473,6 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /propertymappings/ldap/:
-    get:
-      operationId: propertymappings_ldap_list
-      description: LDAP PropertyMapping Viewset
-      parameters:
-      - in: query
-        name: expression
-        schema:
-          type: string
-      - in: query
-        name: managed
-        schema:
-          type: array
-          items:
-            type: string
-        explode: true
-        style: form
-      - in: query
-        name: name
-        schema:
-          type: string
-      - name: ordering
-        required: false
-        in: query
-        description: Which field to use when ordering the results.
-        schema:
-          type: string
-      - name: page
-        required: false
-        in: query
-        description: A page number within the paginated result set.
-        schema:
-          type: integer
-      - name: page_size
-        required: false
-        in: query
-        description: Number of results to return per page.
-        schema:
-          type: integer
-      - in: query
-        name: pm_uuid
-        schema:
-          type: string
-          format: uuid
-      - name: search
-        required: false
-        in: query
-        description: A search term.
-        schema:
-          type: string
-      tags:
-      - propertymappings
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/PaginatedLDAPPropertyMappingList'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-    post:
-      operationId: propertymappings_ldap_create
-      description: LDAP PropertyMapping Viewset
-      tags:
-      - propertymappings
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/LDAPPropertyMappingRequest'
-        required: true
-      security:
-      - authentik: []
-      responses:
-        '201':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/LDAPPropertyMapping'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-  /propertymappings/ldap/{pm_uuid}/:
-    get:
-      operationId: propertymappings_ldap_retrieve
-      description: LDAP PropertyMapping Viewset
-      parameters:
-      - in: path
-        name: pm_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this LDAP Property Mapping.
-        required: true
-      tags:
-      - propertymappings
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/LDAPPropertyMapping'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-    put:
-      operationId: propertymappings_ldap_update
-      description: LDAP PropertyMapping Viewset
-      parameters:
-      - in: path
-        name: pm_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this LDAP Property Mapping.
-        required: true
-      tags:
-      - propertymappings
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/LDAPPropertyMappingRequest'
-        required: true
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/LDAPPropertyMapping'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-    patch:
-      operationId: propertymappings_ldap_partial_update
-      description: LDAP PropertyMapping Viewset
-      parameters:
-      - in: path
-        name: pm_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this LDAP Property Mapping.
-        required: true
-      tags:
-      - propertymappings
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest'
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/LDAPPropertyMapping'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-    delete:
-      operationId: propertymappings_ldap_destroy
-      description: LDAP PropertyMapping Viewset
-      parameters:
-      - in: path
-        name: pm_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this LDAP Property Mapping.
-        required: true
-      tags:
-      - propertymappings
-      security:
-      - authentik: []
-      responses:
-        '204':
-          description: No response body
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-  /propertymappings/ldap/{pm_uuid}/used_by/:
-    get:
-      operationId: propertymappings_ldap_used_by_list
-      description: Get a list of all objects that use this object
-      parameters:
-      - in: path
-        name: pm_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this LDAP Property Mapping.
-        required: true
-      tags:
-      - propertymappings
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/UsedBy'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
   /propertymappings/notification/:
     get:
       operationId: propertymappings_notification_list
@@ -15738,6 +15452,292 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
+  /propertymappings/source/ldap/:
+    get:
+      operationId: propertymappings_source_ldap_list
+      description: LDAP PropertyMapping Viewset
+      parameters:
+      - in: query
+        name: expression
+        schema:
+          type: string
+      - in: query
+        name: managed
+        schema:
+          type: array
+          items:
+            type: string
+        explode: true
+        style: form
+      - in: query
+        name: name
+        schema:
+          type: string
+      - name: ordering
+        required: false
+        in: query
+        description: Which field to use when ordering the results.
+        schema:
+          type: string
+      - name: page
+        required: false
+        in: query
+        description: A page number within the paginated result set.
+        schema:
+          type: integer
+      - name: page_size
+        required: false
+        in: query
+        description: Number of results to return per page.
+        schema:
+          type: integer
+      - in: query
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+      - name: search
+        required: false
+        in: query
+        description: A search term.
+        schema:
+          type: string
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PaginatedLDAPSourcePropertyMappingList'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    post:
+      operationId: propertymappings_source_ldap_create
+      description: LDAP PropertyMapping Viewset
+      tags:
+      - propertymappings
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/LDAPSourcePropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /propertymappings/source/ldap/{pm_uuid}/:
+    get:
+      operationId: propertymappings_source_ldap_retrieve
+      description: LDAP PropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this LDAP Source Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/LDAPSourcePropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    put:
+      operationId: propertymappings_source_ldap_update
+      description: LDAP PropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this LDAP Source Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/LDAPSourcePropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    patch:
+      operationId: propertymappings_source_ldap_partial_update
+      description: LDAP PropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this LDAP Source Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PatchedLDAPSourcePropertyMappingRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/LDAPSourcePropertyMapping'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    delete:
+      operationId: propertymappings_source_ldap_destroy
+      description: LDAP PropertyMapping Viewset
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this LDAP Source Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: No response body
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /propertymappings/source/ldap/{pm_uuid}/used_by/:
+    get:
+      operationId: propertymappings_source_ldap_used_by_list
+      description: Get a list of all objects that use this object
+      parameters:
+      - in: path
+        name: pm_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this LDAP Source Property Mapping.
+        required: true
+      tags:
+      - propertymappings
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
   /providers/all/:
     get:
       operationId: providers_all_list
@@ -20803,8 +20803,8 @@ paths:
           - authentik_providers_scim.scimmapping
           - authentik_providers_scim.scimprovider
           - authentik_rbac.role
-          - authentik_sources_ldap.ldappropertymapping
           - authentik_sources_ldap.ldapsource
+          - authentik_sources_ldap.ldapsourcepropertymapping
           - authentik_sources_oauth.oauthsource
           - authentik_sources_oauth.useroauthsourceconnection
           - authentik_sources_plex.plexsource
@@ -21022,8 +21022,8 @@ paths:
           - authentik_providers_scim.scimmapping
           - authentik_providers_scim.scimprovider
           - authentik_rbac.role
-          - authentik_sources_ldap.ldappropertymapping
           - authentik_sources_ldap.ldapsource
+          - authentik_sources_ldap.ldapsourcepropertymapping
           - authentik_sources_oauth.oauthsource
           - authentik_sources_oauth.useroauthsourceconnection
           - authentik_sources_plex.plexsource
@@ -37596,73 +37596,6 @@ components:
       - bind_flow_slug
       - name
       - pk
-    LDAPPropertyMapping:
-      type: object
-      description: LDAP PropertyMapping Serializer
-      properties:
-        pk:
-          type: string
-          format: uuid
-          readOnly: true
-          title: Pm uuid
-        managed:
-          type: string
-          nullable: true
-          title: Managed by authentik
-          description: Objects that are managed by authentik. These objects are created
-            and updated automatically. This flag only indicates that an object can
-            be overwritten by migrations. You can still modify the objects via the
-            API, but expect changes to be overwritten in a later update.
-        name:
-          type: string
-        expression:
-          type: string
-        component:
-          type: string
-          description: Get object's component so that we know how to edit the object
-          readOnly: true
-        verbose_name:
-          type: string
-          description: Return object's verbose_name
-          readOnly: true
-        verbose_name_plural:
-          type: string
-          description: Return object's plural verbose_name
-          readOnly: true
-        meta_model_name:
-          type: string
-          description: Return internal model name
-          readOnly: true
-      required:
-      - component
-      - expression
-      - meta_model_name
-      - name
-      - pk
-      - verbose_name
-      - verbose_name_plural
-    LDAPPropertyMappingRequest:
-      type: object
-      description: LDAP PropertyMapping Serializer
-      properties:
-        managed:
-          type: string
-          nullable: true
-          minLength: 1
-          title: Managed by authentik
-          description: Objects that are managed by authentik. These objects are created
-            and updated automatically. This flag only indicates that an object can
-            be overwritten by migrations. You can still modify the objects via the
-            API, but expect changes to be overwritten in a later update.
-        name:
-          type: string
-          minLength: 1
-        expression:
-          type: string
-          minLength: 1
-      required:
-      - expression
-      - name
     LDAPProvider:
       type: object
       description: LDAPProvider Serializer
@@ -38005,6 +37938,73 @@ components:
       - slug
       - verbose_name
       - verbose_name_plural
+    LDAPSourcePropertyMapping:
+      type: object
+      description: LDAP PropertyMapping Serializer
+      properties:
+        pk:
+          type: string
+          format: uuid
+          readOnly: true
+          title: Pm uuid
+        managed:
+          type: string
+          nullable: true
+          title: Managed by authentik
+          description: Objects that are managed by authentik. These objects are created
+            and updated automatically. This flag only indicates that an object can
+            be overwritten by migrations. You can still modify the objects via the
+            API, but expect changes to be overwritten in a later update.
+        name:
+          type: string
+        expression:
+          type: string
+        component:
+          type: string
+          description: Get object's component so that we know how to edit the object
+          readOnly: true
+        verbose_name:
+          type: string
+          description: Return object's verbose_name
+          readOnly: true
+        verbose_name_plural:
+          type: string
+          description: Return object's plural verbose_name
+          readOnly: true
+        meta_model_name:
+          type: string
+          description: Return internal model name
+          readOnly: true
+      required:
+      - component
+      - expression
+      - meta_model_name
+      - name
+      - pk
+      - verbose_name
+      - verbose_name_plural
+    LDAPSourcePropertyMappingRequest:
+      type: object
+      description: LDAP PropertyMapping Serializer
+      properties:
+        managed:
+          type: string
+          nullable: true
+          minLength: 1
+          title: Managed by authentik
+          description: Objects that are managed by authentik. These objects are created
+            and updated automatically. This flag only indicates that an object can
+            be overwritten by migrations. You can still modify the objects via the
+            API, but expect changes to be overwritten in a later update.
+        name:
+          type: string
+          minLength: 1
+        expression:
+          type: string
+          minLength: 1
+      required:
+      - expression
+      - name
     LDAPSourceRequest:
       type: object
       description: LDAP Source Serializer
@@ -38608,7 +38608,7 @@ components:
       - authentik_providers_scim.scimmapping
       - authentik_rbac.role
       - authentik_sources_ldap.ldapsource
-      - authentik_sources_ldap.ldappropertymapping
+      - authentik_sources_ldap.ldapsourcepropertymapping
       - authentik_sources_oauth.oauthsource
       - authentik_sources_oauth.useroauthsourceconnection
       - authentik_sources_plex.plexsource
@@ -40097,18 +40097,6 @@ components:
       required:
       - pagination
       - results
-    PaginatedLDAPPropertyMappingList:
-      type: object
-      properties:
-        pagination:
-          $ref: '#/components/schemas/Pagination'
-        results:
-          type: array
-          items:
-            $ref: '#/components/schemas/LDAPPropertyMapping'
-      required:
-      - pagination
-      - results
     PaginatedLDAPProviderList:
       type: object
       properties:
@@ -40133,6 +40121,18 @@ components:
       required:
       - pagination
       - results
+    PaginatedLDAPSourcePropertyMappingList:
+      type: object
+      properties:
+        pagination:
+          $ref: '#/components/schemas/Pagination'
+        results:
+          type: array
+          items:
+            $ref: '#/components/schemas/LDAPSourcePropertyMapping'
+      required:
+      - pagination
+      - results
     PaginatedLicenseList:
       type: object
       properties:
@@ -42247,25 +42247,6 @@ components:
         verify_ssl:
           type: boolean
           description: Verify SSL Certificates of the Kubernetes API endpoint
-    PatchedLDAPPropertyMappingRequest:
-      type: object
-      description: LDAP PropertyMapping Serializer
-      properties:
-        managed:
-          type: string
-          nullable: true
-          minLength: 1
-          title: Managed by authentik
-          description: Objects that are managed by authentik. These objects are created
-            and updated automatically. This flag only indicates that an object can
-            be overwritten by migrations. You can still modify the objects via the
-            API, but expect changes to be overwritten in a later update.
-        name:
-          type: string
-          minLength: 1
-        expression:
-          type: string
-          minLength: 1
     PatchedLDAPProviderRequest:
       type: object
       description: LDAPProvider Serializer
@@ -42330,6 +42311,25 @@ components:
             should only be enabled if all users that will bind to this provider have
             a TOTP device configured, as otherwise a password may incorrectly be rejected
             if it contains a semicolon.
+    PatchedLDAPSourcePropertyMappingRequest:
+      type: object
+      description: LDAP PropertyMapping Serializer
+      properties:
+        managed:
+          type: string
+          nullable: true
+          minLength: 1
+          title: Managed by authentik
+          description: Objects that are managed by authentik. These objects are created
+            and updated automatically. This flag only indicates that an object can
+            be overwritten by migrations. You can still modify the objects via the
+            API, but expect changes to be overwritten in a later update.
+        name:
+          type: string
+          minLength: 1
+        expression:
+          type: string
+          minLength: 1
     PatchedLDAPSourceRequest:
       type: object
       description: LDAP Source Serializer

tests/e2e/test_source_ldap_samba.py

@@ -9,7 +9,7 @@ from authentik.blueprints.tests import apply_blueprint
 from authentik.core.models import Group, User
 from authentik.lib.generators import generate_id, generate_key
 from authentik.sources.ldap.auth import LDAPBackend
-from authentik.sources.ldap.models import LDAPPropertyMapping, LDAPSource
+from authentik.sources.ldap.models import LDAPSource, LDAPSourcePropertyMapping
 from authentik.sources.ldap.sync.groups import GroupLDAPSynchronizer
 from authentik.sources.ldap.sync.membership import MembershipLDAPSynchronizer
 from authentik.sources.ldap.sync.users import UserLDAPSynchronizer
@@ -56,13 +56,15 @@ class TestSourceLDAPSamba(SeleniumTestCase):
             additional_group_dn="ou=groups",
         )
         source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default-")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms-")
             )
         )
         source.group_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(name="goauthentik.io/sources/ldap/default-name")
+            LDAPSourcePropertyMapping.objects.filter(
+                name="goauthentik.io/sources/ldap/default-name"
+            )
         )
         UserLDAPSynchronizer(source).sync_full()
         self.assertTrue(User.objects.filter(username="bob").exists())
@@ -87,13 +89,15 @@ class TestSourceLDAPSamba(SeleniumTestCase):
             additional_group_dn="ou=groups",
         )
         source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default-")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms-")
             )
         )
         source.group_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(managed="goauthentik.io/sources/ldap/default-name")
+            LDAPSourcePropertyMapping.objects.filter(
+                managed="goauthentik.io/sources/ldap/default-name"
+            )
         )
         GroupLDAPSynchronizer(source).sync_full()
         UserLDAPSynchronizer(source).sync_full()
@@ -131,13 +135,15 @@ class TestSourceLDAPSamba(SeleniumTestCase):
             password_login_update_internal_password=True,
         )
         source.user_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(
+            LDAPSourcePropertyMapping.objects.filter(
                 Q(managed__startswith="goauthentik.io/sources/ldap/default-")
                 | Q(managed__startswith="goauthentik.io/sources/ldap/ms-")
             )
         )
         source.group_property_mappings.set(
-            LDAPPropertyMapping.objects.filter(name="goauthentik.io/sources/ldap/default-name")
+            LDAPSourcePropertyMapping.objects.filter(
+                name="goauthentik.io/sources/ldap/default-name"
+            )
         )
         UserLDAPSynchronizer(source).sync_full()
         username = "bob"

web/src/admin/property-mappings/PropertyMappingLDAPSourceForm.ts

@@ -10,25 +10,25 @@ import { TemplateResult, html } from "lit";
 import { customElement } from "lit/decorators.js";
 import { ifDefined } from "lit/directives/if-defined.js";
 
-import { LDAPPropertyMapping, PropertymappingsApi } from "@goauthentik/api";
+import { LDAPSourcePropertyMapping, PropertymappingsApi } from "@goauthentik/api";
 
-@customElement("ak-property-mapping-ldap-form")
+@customElement("ak-property-mapping-ldap-source-form")
-export class PropertyMappingLDAPForm extends BasePropertyMappingForm<LDAPPropertyMapping> {
+export class PropertyMappingLDAPSourceForm extends BasePropertyMappingForm<LDAPSourcePropertyMapping> {
-    loadInstance(pk: string): Promise<LDAPPropertyMapping> {
+    loadInstance(pk: string): Promise<LDAPSourcePropertyMapping> {
-        return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapRetrieve({
+        return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSourceLdapRetrieve({
             pmUuid: pk,
         });
     }
 
-    async send(data: LDAPPropertyMapping): Promise<LDAPPropertyMapping> {
+    async send(data: LDAPSourcePropertyMapping): Promise<LDAPSourcePropertyMapping> {
         if (this.instance) {
-            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapUpdate({
+            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSourceLdapUpdate({
                 pmUuid: this.instance.pk,
-                lDAPPropertyMappingRequest: data,
+                lDAPSourcePropertyMappingRequest: data,
             });
         } else {
-            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapCreate({
+            return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSourceLdapCreate({
-                lDAPPropertyMappingRequest: data,
+                lDAPSourcePropertyMappingRequest: data,
             });
         }
     }
@@ -68,6 +68,6 @@ export class PropertyMappingLDAPForm extends BasePropertyMappingForm<LDAPPropert
 
 declare global {
     interface HTMLElementTagNameMap {
-        "ak-property-mapping-ldap-form": PropertyMappingLDAPForm;
+        "ak-property-mapping-ldap-source-form": PropertyMappingLDAPSourceForm;
     }
 }

web/src/admin/property-mappings/PropertyMappingListPage.ts

@@ -1,5 +1,5 @@
 import "@goauthentik/admin/property-mappings/PropertyMappingGoogleWorkspaceForm";
-import "@goauthentik/admin/property-mappings/PropertyMappingLDAPForm";
+import "@goauthentik/admin/property-mappings/PropertyMappingLDAPSourceForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingMicrosoftEntraForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingNotification";
 import "@goauthentik/admin/property-mappings/PropertyMappingRACForm";

web/src/admin/property-mappings/PropertyMappingRACForm.ts

@@ -33,7 +33,7 @@ export const staticSettingOptions: RadioOption<string | undefined>[] = [
 ];
 
 @customElement("ak-property-mapping-rac-form")
-export class PropertyMappingLDAPForm extends ModelForm<RACPropertyMapping, string> {
+export class PropertyMappingRACForm extends ModelForm<RACPropertyMapping, string> {
     loadInstance(pk: string): Promise<RACPropertyMapping> {
         return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsRacRetrieve({
             pmUuid: pk,
@@ -177,6 +177,6 @@ export class PropertyMappingLDAPForm extends ModelForm<RACPropertyMapping, strin
 
 declare global {
     interface HTMLElementTagNameMap {
-        "ak-property-mapping-rac-form": PropertyMappingLDAPForm;
+        "ak-property-mapping-rac-form": PropertyMappingRACForm;
     }
 }

web/src/admin/property-mappings/PropertyMappingWizard.ts

@@ -1,4 +1,4 @@
-import "@goauthentik/admin/property-mappings/PropertyMappingLDAPForm";
+import "@goauthentik/admin/property-mappings/PropertyMappingLDAPSourceForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingNotification";
 import "@goauthentik/admin/property-mappings/PropertyMappingRACForm";
 import "@goauthentik/admin/property-mappings/PropertyMappingSAMLForm";

web/src/admin/sources/ldap/LDAPSourceForm.ts

@@ -18,22 +18,22 @@ import {
     CoreApi,
     CoreGroupsListRequest,
     Group,
-    LDAPPropertyMapping,
     LDAPSource,
+    LDAPSourcePropertyMapping,
     LDAPSourceRequest,
     PropertymappingsApi,
     SourcesApi,
 } from "@goauthentik/api";
 
 async function propertyMappingsProvider(page = 1, search = "") {
-    const propertyMappings = await new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapList(
+    const propertyMappings = await new PropertymappingsApi(
-        {
+        DEFAULT_CONFIG,
-            ordering: "managed",
+    ).propertymappingsSourceLdapList({
-            pageSize: 20,
+        ordering: "managed",
-            search: search.trim(),
+        pageSize: 20,
-            page,
+        search: search.trim(),
-        },
+        page,
-    );
+    });
     return {
         pagination: propertyMappings.pagination,
         options: propertyMappings.results.map((m) => [m.pk, m.name, m.name, m]),
@@ -44,7 +44,7 @@ function makePropertyMappingsSelector(instanceMappings?: string[]) {
     const localMappings = instanceMappings ? new Set(instanceMappings) : undefined;
     return localMappings
         ? ([pk, _]: DualSelectPair) => localMappings.has(pk)
-        : ([_0, _1, _2, mapping]: DualSelectPair<LDAPPropertyMapping>) =>
+        : ([_0, _1, _2, mapping]: DualSelectPair<LDAPSourcePropertyMapping>) =>
               mapping?.managed?.startsWith("goauthentik.io/sources/ldap/default") ||
               mapping?.managed?.startsWith("goauthentik.io/sources/ldap/ms");
 }