rbac: rework API for terraform, add blueprint support (#10698)

* rbac: rework API slightly to improve terraform compatibility Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sigh https://www.django-rest-framework.org/api-guide/filtering/#filtering-and-object-lookups Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permission support for users global permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add role support to blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix yaml tags Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add generated read-only role Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make permissions optional Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add object permission support to blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests kinda Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more tests and fix bugs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-08-02 16:34:30 +02:00
parent 3541ec467c
commit d24e2abe7f
31 changed files with 4117 additions and 77 deletions
--- a/web/src/admin/rbac/RoleObjectPermissionForm.ts
+++ b/web/src/admin/rbac/RoleObjectPermissionForm.ts
@ -53,7 +53,7 @@ export class RoleObjectPermissionForm extends ModelForm<RoleAssignData, number>
    }

    send(data: RoleAssignData): Promise<unknown> {
-        return new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByRolesAssignCreate({
+        return new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByRolesAssign({
            uuid: data.role,
            permissionAssignRequest: {
                permissions: Object.keys(data.permissions).filter((key) => data.permissions[key]),
--- a/web/src/admin/rbac/UserObjectPermissionForm.ts
+++ b/web/src/admin/rbac/UserObjectPermissionForm.ts
@ -54,7 +54,7 @@ export class UserObjectPermissionForm extends ModelForm<UserAssignData, number>
    }

    send(data: UserAssignData): Promise<unknown> {
-        return new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByUsersAssignCreate({
+        return new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByUsersAssign({
            id: data.user,
            permissionAssignRequest: {
                permissions: Object.keys(data.permissions).filter((key) => data.permissions[key]),
--- a/web/src/admin/roles/RolePermissionForm.ts
+++ b/web/src/admin/roles/RolePermissionForm.ts
@ -37,7 +37,7 @@ export class RolePermissionForm extends ModelForm<RolePermissionAssign, number>
    }

    async send(data: RolePermissionAssign) {
-        await new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByRolesAssignCreate({
+        await new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByRolesAssign({
            uuid: this.roleUuid || "",
            permissionAssignRequest: {
                permissions: data.permissions,
--- a/web/src/admin/users/UserPermissionForm.ts
+++ b/web/src/admin/users/UserPermissionForm.ts
@ -37,7 +37,7 @@ export class UserPermissionForm extends ModelForm<UserPermissionAssign, number>
    }

    async send(data: UserPermissionAssign) {
-        await new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByUsersAssignCreate({
+        await new RbacApi(DEFAULT_CONFIG).rbacPermissionsAssignedByUsersAssign({
            id: this.userId || 0,
            permissionAssignRequest: {
                permissions: data.permissions,