* sources/ldap: add forward deletion option
* remove unnecessary `blank=True`
* clarify `validated_by` `help_text`
* add indices to `validated_by`
* factor out `get_identifier` everywhere and `get_attributes`
I don't know what that additional `in` check is for, but I'm not about
to find out.
* add tests for known good user and group
* fixup! add tests for known good user and group
* fixup! add tests for known good user and group
* web: Partial fix for issue where config is not consistently available.
* web: Fix issues surrounding controller readiness.
* web: Catch abort errors when originating when wrapped by OpenAPI or Sentry.
* web: Fix color on dark mode.
---------
Co-authored-by: Simonyi Gergő <gergo@goauthentik.io>
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit dddde09be5.
* web: remove Lit syntax from always true attributes
## What
Replaces instances of `?loading=${true}` and `?loading="${true}"` with `loading`
## Why
The Lit syntax is completely unnecessary when the attribute's state is constant, and it's a few
(just a few) extra CPU cycles for Lit to process that.
More to the point, it annoys me.
## How
```
$ perl -pi.bak -e 's/\?loading=\$\{true\}/loading/' $(rg -l '\?loading=\$\{true\}')
$ find . -name '*.bak' -exec rm {} \;
$ perl -pi.bak -e 's/\?loading="\$\{true\}"/loading/' $(rg -l '\?loading="\$\{true\}"')
$ find . -name '*.bak' -exec rm {} \;
```
* Prettier had opinions
* Trigger Build
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit dddde09be5.
* web: fix bug that was causing charts to be too tall
This removes the "aspect-ratio" declaration from the Charts CSS rules. That declaration
was interacting badly with the charts' own internal tools for manually setting the size
of the canvas, causing the chart to be too tall or take up too much space when one had
a particularly wide monitor.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* web: elements: SidebarBrand: prevent logo flashing in admin interface
When using a custom SVG file (or mabye other types, TBH I didn't check, I should) for a branded logo, the logo would flash the stock authentik logo for a moment before the custom logo appears on the Admin interface.
This was happening because the brand configuration was being loaded asynchronously through the context provider, causing a brief moment where the default logo was shown.
Closes https://github.com/goauthentik/authentik/issues/3228
Closes https://github.com/goauthentik/authentik/issues/13739
* use globalAK
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* add `InitialPermissions` model to RBAC
This is a powerful construct between Permission and Role to set initial
permissions for newly created objects.
* use safer `request.user`
* fixup! use safer `request.user`
* force all self-defined serializers to descend from our custom one
See https://github.com/goauthentik/authentik/pull/10139
* reorganize initial permission assignment
* fixup! reorganize initial permission assignment
* add limits to reputation score
* limit reputation score limits
Upper to non-negative, Lower to non-positive
* simplify tests
* "fix" bandit false-positives
* move magic numbers to constants
Is it too much to ask for a world in which I can just import these
straight from Python?
web: Clean up error handling. Prep for permission checks.
- Add clearer reporting for API and network errors.
- Tidy error checking.
- Partial type safety for events.
