authentik

Author	SHA1	Message	Date
Ken Sternberg	a01bb551d0	web/standards: fix boolean attribute abuse (#14662 ) * web: Add InvalidationFlow to Radius Provider dialogues ## What - Bugfix: adds the InvalidationFlow to the Radius Provider dialogues - Repairs: `{"invalidation_flow":["This field is required."]}` message, which was not propagated to the Notification. - Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/` ## Note Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the Property Mappings to the wizard, and yes, I know I'm going to have pain with the new version of the wizard. But this is a serious bug; you can't make Radius servers with either of the current dialogues at the moment. * This (temporary) change is needed to prevent the unit tests from failing. \# What \# Why \# How \# Designs \# Test Steps \# Other Notes * Revert "This (temporary) change is needed to prevent the unit tests from failing." This reverts commit `dddde09be5`. * web/maintenance: correct the usage of boolean (false) attributes ## What Just cleaning up a bad habit; we have a lot of `?attribute=${true\|false}` (or, more alarmingly, `.attribute=${true\|false}`. These should just be `attribute` or be missing; anything else is unnecessary. Where the attribute is `true` by default, no changes have been made; there are only a few of them, and they require re-working of the logic to assist with the changes. Booleans should never be `true` by default, and if you absolutely cannot find an alternative phrasing that makes having them be `false` by default a valid choice, they should be `reflect: true` to make their presence visible to screen readers and debuggers. ## Why Removing non-standard HTML uses from web components matches our programming standards and is an important step toward the Authentik Elements NPM package, as well as the Schema-Driven Forms update. ## Boring excessive detail. Because there are literally hundreds of changes, I've documented the boring ones here. Changes that do not meet the basic criteria of "made the component comply with the standards" are commented in the PR. Here are all the Boolean property declarations in the system, delta the ones that declare `= true`; those are documented at the bottom of this commit, and are not addressed in this PR. This information is included to guide your decision making. The second block, below, documents the actual changes made to component declarations throughout our code. The third block, at the bottom, documents changes not made due to logic and effort constraints. ``` components/ak-switch-input.ts: @property({ type: Boolean }) checked: boolean = false; -- components/ak-switch-input.ts: @property({ type: Boolean }) required = false; -- components/ak-file-input.ts: @property({ type: Boolean }) required = false; -- components/HorizontalLightComponent.ts: @property({ type: Boolean }) required = false; -- components/ak-multi-select.ts: @property({ type: Boolean }) required = false; -- elements/TreeView.ts: @property({ type: Boolean }) open = false; -- components/ak-status-label.ts: @property({ type: Boolean }) good = false; -- components/ak-status-label.ts: @property({ type: Boolean }) compact = false; -- elements/CodeMirror.ts: @property({ type: Boolean }) readOnly = false; -- elements/buttons/ModalButton.ts: @property({ type: Boolean }) open = false; -- elements/EmptyState.ts: @property({ type: Boolean }) fullHeight = false; -- elements/Tabs.ts: @property({ type: Boolean }) vertical = false; -- elements/ak-checkbox-group/ak-checkbox-group.ts: @property({ type: Boolean }) required = false; -- elements/Label.ts: @property({ type: Boolean }) compact = false; -- elements/forms/FormGroup.ts: @property({ type: Boolean, reflect: true }) expanded = false; -- elements/Expand.ts: @property({ type: Boolean }) expanded = false; -- elements/forms/HorizontalFormElement.ts: @property({ type: Boolean }) required = false; -- elements/forms/HorizontalFormElement.ts: @property({ type: Boolean }) slugMode = false; -- elements/forms/SearchSelect/ak-portal.ts: @property({ type: Boolean, reflect: true }) open = false; -- elements/Alert.ts: @property({ type: Boolean }) inline = false; -- elements/forms/SearchSelect/ak-search-select-view.ts: @property({ type: Boolean, reflect: true }) open = false; -- elements/forms/SearchSelect/ak-search-select-view.ts: @property({ type: Boolean }) blankable = false; -- elements/sidebar/SidebarItem.ts: @property({ type: Boolean }) expanded = false; -- admin/stages/StageWizard.ts: @property({ type: Boolean }) showBindingPage = false; -- elements/forms/FormElement.ts: @property({ type: Boolean }) required = false; -- admin/common/ak-flow-search/FlowSearch.ts: @property({ type: Boolean }) required?: boolean = false; -- admin/applications/ProviderSelectModal.ts: @property({ type: Boolean }) backchannel = false; -- elements/forms/SearchSelect/SearchSelect.ts: @property({ type: Boolean }) blankable = false; -- admin/applications/components/ak-provider-search-input.ts: @property({ type: Boolean }) required = false; -- admin/applications/components/ak-provider-search-input.ts: @property({ type: Boolean }) blankable = false; -- admin/applications/components/ak-backchannel-input.ts: @property({ type: Boolean }) required = false; -- admin/policies/PolicyWizard.ts: @property({ type: Boolean }) showBindingPage = false; ``` The attribute 'required' is an HTML native, and is false by default. Here are all the change pairs around HTML attrbutes: ``` $ git diff \| rg -A 1 '\?(backchannel\|blankable\|checked\|compact\|expanded\|fullHeight\|good\|inline\|open\|readOnly\|required\|showBindingPage\|slugMode\|vertical)\b' - ?required=${true} + required - <ak-provider-select-table ?backchannel=${true} .confirm=${this.confirm}> + <ak-provider-select-table backchannel .confirm=${this.confirm}> - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${false} - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?blankable=${true} + blankable - ?required=${true} + required - ?blankable=${true} + blankable - ?blankable=${true} + blankable - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} name="name" ?required=${true}> + return html` <ak-form-element-horizontal label=${msg("Name")} name="name" required> - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?blankable=${true} + blankable - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Severity")} ?required=${true} name="severity"> + <ak-form-element-horizontal label=${msg("Severity")} required name="severity"> - ?showBindingPage=${true} + showBindingPage - ?showBindingPage=${true} + showBindingPage - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Title")} ?required=${true} name="title"> + <ak-form-element-horizontal label=${msg("Title")} required name="title"> - <ak-form-element-horizontal label=${msg("Slug")} ?required=${true} name="slug"> + <ak-form-element-horizontal label=${msg("Slug")} required name="slug"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Stage")} ?required=${true} name="stage"> + <ak-form-element-horizontal label=${msg("Stage")} required name="stage"> - <ak-form-element-horizontal label=${msg("Order")} ?required=${true} name="order"> + <ak-form-element-horizontal label=${msg("Order")} required name="order"> - ?required=${true} + required - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?blankable=${true} + blankable - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Type")} ?required=${true} name="type"> + <ak-form-element-horizontal label=${msg("Type")} required name="type"> - ?blankable=${true} + blankable - <ak-label color=${PFColor.Green} ?compact=${true}> + <ak-label color=${PFColor.Green} compact> - ? html`<ak-label color=${PFColor.Red} ?compact=${true} + ? html`<ak-label color=${PFColor.Red} compact - : html`<ak-label color=${PFColor.Green} ?compact=${true} + : html`<ak-label color=${PFColor.Green} compact - ? html`<ak-label color=${PFColor.Orange} ?compact=${true}> + ? html`<ak-label color=${PFColor.Orange} compact> - : html`<ak-label color=${PFColor.Green} ?compact=${true}> + : html`<ak-label color=${PFColor.Green} compact> - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Docker URL")} ?required=${true} name="url"> + <ak-form-element-horizontal label=${msg("Docker URL")} required name="url"> - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?showBindingPage=${true} + showBindingPage - ?showBindingPage=${true} + showBindingPage - ?blankable=${true} + blankable - ?blankable=${true} + blankable - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Order")} ?required=${true} name="order"> + <ak-form-element-horizontal label=${msg("Order")} required name="order"> - <ak-form-element-horizontal label=${msg("Timeout")} ?required=${true} name="timeout"> + <ak-form-element-horizontal label=${msg("Timeout")} required name="timeout"> - ? html`<ak-label color=${PFColor.Green} ?compact=${true}> + ? html`<ak-label color=${PFColor.Green} compact> - : html`<ak-label color=${PFColor.Orange} ?compact=${true}> + : html`<ak-label color=${PFColor.Orange} compact> - return html`<ak-form-element-horizontal label=${msg("User")} ?required=${true} name="user"> + return html`<ak-form-element-horizontal label=${msg("User")} required name="user"> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?blankable=${true} + blankable - ?blankable=${true} + blankable - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?readOnly=${true} + readOnly - return html`<ak-empty-state loading ?fullHeight=${true}></ak-empty-state>`; + return html`<ak-empty-state loading fullHeight></ak-empty-state>`; - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - ?blankable=${true} + blankable - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - ?blankable=${true} + blankable - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Name")} name="name" ?required=${true}> + <ak-form-element-horizontal label=${msg("Name")} name="name" required> - <ak-form-element-horizontal label=${msg("Protocol")} ?required=${true} name="protocol"> + <ak-form-element-horizontal label=${msg("Protocol")} required name="protocol"> - <ak-form-element-horizontal label=${msg("Host")} name="host" ?required=${true}> + <ak-form-element-horizontal label=${msg("Host")} name="host" required> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${false} - ?blankable=${true} + blankable - ?blankable=${true} + blankable - return html`<ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html`<ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?readOnly=${true} + readOnly - ?blankable=${true} + blankable - return html`<ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html`<ak-form-element-horizontal label=${msg("Name")} required name="name"> - : html`<ak-label color=${PFColor.Orange} ?compact=${true}> + : html`<ak-label color=${PFColor.Orange} compact> - <ak-label color=${PFColor.Grey} ?compact=${true}> ${msg("Built-in")}</ak-label> + <ak-label color=${PFColor.Grey} compact> ${msg("Built-in")}</ak-label> - return html`<ak-empty-state loading ?fullHeight=${true}></ak-empty-state>`; + return html`<ak-empty-state loading fullHeight></ak-empty-state>`; - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-group ?expanded=${false}> + <ak-form-group> - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Slug")} ?required=${true} name="slug"> + <ak-form-element-horizontal label=${msg("Slug")} required name="slug"> - ?required=${true} + required - ?required=${true} + required - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - ?blankable=${true} + blankable - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Slug")} ?required=${true} name="slug"> + <ak-form-element-horizontal label=${msg("Slug")} required name="slug"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Slug")} ?required=${true} name="slug"> + <ak-form-element-horizontal label=${msg("Slug")} required name="slug"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Slug")} ?required=${true} name="slug"> + <ak-form-element-horizontal label=${msg("Slug")} required name="slug"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - ?required=${true} + required - ?readOnly=${true} + readOnly - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Slug")} ?required=${true} name="slug"> + <ak-form-element-horizontal label=${msg("Slug")} required name="slug"> - <ak-form-group ?expanded=${true}> + <ak-form-group expanded> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("SMTP Host")} ?required=${true} name="host"> + <ak-form-element-horizontal label=${msg("SMTP Host")} required name="host"> - <ak-form-element-horizontal label=${msg("SMTP Port")} ?required=${true} name="port"> + <ak-form-element-horizontal label=${msg("SMTP Port")} required name="port"> - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-alert ?inline=${true}> + <ak-alert inline> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Mode")} ?required=${true} name="mode"> + <ak-form-element-horizontal label=${msg("Mode")} required name="mode"> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("SMTP Host")} ?required=${true} name="host"> + <ak-form-element-horizontal label=${msg("SMTP Host")} required name="host"> - <ak-form-element-horizontal label=${msg("SMTP Port")} ?required=${true} name="port"> + <ak-form-element-horizontal label=${msg("SMTP Port")} required name="port"> - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?slugMode=${true} + slugMode - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Expires")} ?required=${true} name="expires"> + <ak-form-element-horizontal label=${msg("Expires")} required name="expires"> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - ?required=${true} + required - ?blankable=${true} + blankable - ?required=${true} + required - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Field Key")} ?required=${true} name="fieldKey"> + <ak-form-element-horizontal label=${msg("Field Key")} required name="fieldKey"> - <ak-form-element-horizontal label=${msg("Label")} ?required=${true} name="label"> + <ak-form-element-horizontal label=${msg("Label")} required name="label"> - <ak-form-element-horizontal label=${msg("Type")} ?required=${true} name="type"> + <ak-form-element-horizontal label=${msg("Type")} required name="type"> - <ak-form-element-horizontal label=${msg("Order")} ?required=${true} name="order"> + <ak-form-element-horizontal label=${msg("Order")} required name="order"> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Source")} ?required=${true} name="source"> + <ak-form-element-horizontal label=${msg("Source")} required name="source"> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required - <ak-alert ?inline=${true}> + <ak-alert inline> - ?required=${true} + required - ?required=${true} + required - ?required=${true} + required - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?blankable=${true} + blankable - ?required=${true} + required - <ak-form-element-horizontal label=${msg("User")} ?required=${true} name="user"> + <ak-form-element-horizontal label=${msg("User")} required name="user"> - <ak-form-element-horizontal label=${msg("Intent")} ?required=${true} name="intent"> + <ak-form-element-horizontal label=${msg("Intent")} required name="intent"> - ?required=${true} + required - <input class="pf-c-switch__input" type="checkbox" ?checked=${true} /> + <input class="pf-c-switch__input" type="checkbox" checked /> - <input class="pf-c-switch__input" type="checkbox" ?checked=${true} /> + <input class="pf-c-switch__input" type="checkbox" checked /> - ?required=${true} + required - <ak-form-element-horizontal label=${msg("User type")} ?required=${true} name="type"> + <ak-form-element-horizontal label=${msg("User type")} required name="type"> - <ak-form-element-horizontal label=${msg("Path")} ?required=${true} name="path"> + <ak-form-element-horizontal label=${msg("Path")} required name="path"> - ?required=${true} + required - ?required=${true} + required - <ak-tabs pageIdentifier="userCredentialsTokens" ?vertical=${true}> + <ak-tabs pageIdentifier="userCredentialsTokens" vertical> - <ak-status-label ?good=${true}></ak-status-label> + <ak-status-label good></ak-status-label> - ?open=${true} + open - ?blankable=${true} + blankable - <ak-tabs ?vertical="${true}"> + <ak-tabs vertical> - return html` <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name"> + return html` <ak-form-element-horizontal label=${msg("Name")} required name="name"> - ?required=${true} + required ``` The following issues are the `true` by default Booleans. As mentioned, these are not addressed by this PR. ``` elements/table/Table.ts:: @property({ type: Boolean }) paginated = true; elements/forms/ModalForm.ts:: @property({ type: Boolean }) closeAfterSuccessfulSubmit = true; elements/forms/ModalForm.ts:: @property({ type: Boolean }) showSubmitButton = true; elements/CodeMirror.ts:: @property({ type: Boolean }) parseValue = true; elements/LoadingOverlay.ts:: @property({ type: Boolean }) loading = true; admin/stages/authenticator_validate/AuthenticatorValidateStageForm.ts:: @property({ type: Boolean }) showConfigurationStages = true; elements/user/sources/SourceSettings.ts:: @property({ type: Boolean }) canConnect = true; admin/outposts/OutpostHealthSimple.ts:: @property({ attribute: false }) showVersion = true; elements/wizard/Wizard.ts:: @property({ type: Boolean }) canCancel = true; elements/wizard/Wizard.ts:: @property({ type: Boolean }) canBack = true; ``` * Prettier had opinions. * Caught during code review. * Merged incorrectly; not sure what went wrong, but this re-applies the removal of the syntax from the current LDAPSourceForm.ts from to this branch.	2025-06-06 23:06:25 +00:00
Jens L.	d24e2abe7f	rbac: rework API for terraform, add blueprint support (#10698 ) * rbac: rework API slightly to improve terraform compatibility Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sigh https://www.django-rest-framework.org/api-guide/filtering/#filtering-and-object-lookups Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permission support for users global permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add role support to blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix yaml tags Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add generated read-only role Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix web Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make permissions optional Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add object permission support to blueprints Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests kinda Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more tests and fix bugs Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2024-08-02 16:34:30 +02:00
Ken Sternberg	ee58cf0c1c	web: add HTMLTagNameElementMaps to everything to activate lit analyzer (#10217 ) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: add more linting * A reliable test for the extra code needed in analyzer, passing shellcheck * web: re-enable custom-element-manifest and enable component checking in Typescript This commit includes a monkeypatch to allow custom-element-manifest (CEM) to work correctly again despite our rich collection of mixins, reactive controllers, symbol-oriented event handlers, and the like. With that monkeypatch in place, we can now create the CEM manifest file and then exploit it so that IDEs and the Typescript compilation pass can tell when a component is being used incorrectly; when the wrong types are being passed to it, or when a required attribute is not initialized. * Added building the manifest to the build process, rather than storing it. It is not appreciably slow. * web: the most boring PR in the universe: Add HTMLTagNameElementMap to everyhing This commit adds HTMLTagNameElementMap entries to every web component in the front end. Activating and associating the HTMLTagNamElementMap with its class has enabled [LitAnalyzer](https://github.com/runem/lit-analyzer/tree/master/packages/lit-analyzer) to reveal a lot of basic problems within the UI, the most popular of which is "missing import." We usually get away with it because the object being imported was already registered with the browser elsewhere, but it still surprises me that we haven't gotten any complaints over things like: ``` ./src/flow/stages/base.ts Missing import for <ak-form-static> 96: <ak-form-static no-missing-import ``` Given how early and fundamental that seems to be in our code, I'd have expected to hear _something_ about it. I have not enabled most of the possible checks because, well, there are just a ton of warnings when I do. I'd like to get in and fix those. Aside from this, I have also _removed_ `customElement` declarations from anything declared as an `abstract class`. It makes no sense to try and instantiate something that cannot, by definition, be instantiated. If the class is capable of running on its own, it's not abstract, it just needs to be overridden in child classes. Before removing the declaration I did check to make sure no other piece of code was even trying to instantiate it, and so far I have detected no failures. Those elements were: - elements/forms/Form.ts - element-/wizard/WizardFormPage.ts The one that blows my mind, though, is this: ``` src/elements/forms/ProxyForm.ts 6-@customElement("ak-proxy-form") 7:export abstract class ProxyForm extends Form<unknown> { ``` Which, despite being `abstract`, is somehow instantiable? ``` src/admin/outposts/ServiceConnectionListPage.ts: <ak-proxy-form src/admin/providers/ProviderListPage.ts: <ak-proxy-form src/admin/sources/SourceWizard.ts: <ak-proxy-form src/admin/sources/SourceListPage.ts: <ak-proxy-form src/admin/providers/ProviderWizard.ts: <ak-proxy-form type=${type.component}></ak-proxy-form> src/admin/stages/StageListPage.ts: <ak-proxy-form ``` I've made a note to investigate. I've started a new folder where all of my one-off tools for how a certain PR was run. It has a README describing what it's for, and the first tool, `add-htmlelementtagnamemaps-to-everything`, is its first entry. That tool is also documented internally. ``` Gilbert & Sullivan I've got a little list, I've got a little list, Of all the code that would never be missed, The duplicate code of cute-and-paste, The weak abstractions that lead to waste, The embedded templates-- you get the gist, There ain't none of 'em that will ever be missed, And that's why I've got them on my list! ```	2024-07-15 10:54:22 -07:00
Ken Sternberg	c846c8089a	web: lintpicking (#10212 ) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: remove some minor lint While working on other projects, a few small lint issues came up: - Duplicate imports of a web component - A switch statement with a single condition - Empty returns All of these made eslint complain, so I have edited the code to meet our standards. They are all quite small. * web: move rbac under .../admin (#10213) * admin: system api: fix FIPS status schema (cherry-pick #10110) (#10112) admin: system api: fix FIPS status schema (#10110) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * web: bump API Client version (cherry-pick #10113) (#10114) * website/docs: update 2024.6 release notes with latest changes (cherry-pick #10109) (#10115) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * release: 2024.6.0-rc1 * policies/reputation: fix existing reputation update (cherry-pick #10124) (#10125) policies/reputation: fix existing reputation update (#10124) * add failing test case * fix reputation update * lint --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * core: include version in built JS files (cherry-pick #9558) (#10148) core: include version in built JS files (#9558) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * core: include version in built JS files * add fallback * include build hash * format * fix stuff why does this even work locally * idk man node * just not use import assertions * web: add no-console, use proper dirname path * web: retarget to use the base package.json file. * web: encode path to root package.json using git This is the most authoritative way of finding the root of the git project. * use full version to match frontend * add fallback for missing .git folder --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io> Co-authored-by: Ken Sternberg <ken@goauthentik.io> * web: fix needed because recent upgrade to task breaks spinner button (cherry-pick #10142) (#10150) web: fix needed because recent upgrade to task breaks spinner button (#10142) web: fix broken Task plug-in rebase and fix package json Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io> * root: use custom model serializer that saves m2m without bulk (cherry-pick #10139) (#10151) root: use custom model serializer that saves m2m without bulk (#10139) * use custom model serializer that saves m2m without bulk * sigh --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io> * web: fix docker build for non-release versions (cherry-pick #10154) (#10155) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> fix docker build for non-release versions (#10154) * website/docs: update 2024.6 release notes with latest changes (cherry-pick #10167) (#10168) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * core: fix error when raising SkipObject in mapping (cherry-pick #10153) (#10173) core: fix error when raising SkipObject in mapping (#10153) * core: fix error when raising SkipObject in mapping * fix events not being saved thanks tests --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io> * website/docs: 2024.6 release notes: add note about group names (cherry-pick #10170) (#10171) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> * website/docs: update 2024.6 release notes with latest changes (cherry-pick #10174) (#10175) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * release: 2024.6.0-rc2 (#10176) * website/docs: Remove hyphen in read replica in Release Notes (cherry-pick #10178) (#10188) Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana M Berry <tana@goauthentik.com> * core: rework base for SkipObject exception to better support control flow exceptions (cherry-pick #10186) (#10187) core: rework base for SkipObject exception to better support control flow exceptions (#10186) Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io> * web/flows: update flow background (cherry-pick #10206) (#10207) web/flows: update flow background (#10206) * web/flows: update flow background * Optimised images with calibre/image-actions --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens L <jens@goauthentik.io> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> * web: move rbac under .../admin The RBAC code segment, while it is an aspect and not a vertical, is entirely used within the Admin interface, and references other components within the Admin interface. It is not used by nor references Flows or Users. It's placement in the `elements` folder breaks the DAG of foundational versus client code, (`common -> elements -> interfaces`), and I'd like to keep that DAG clean to facilitate future development. All this PR does is move `elements/rbac` to `admin/rbac`, and adjusts all of the import statements accordingly. The entirety of this PR is two commands: ```shell $ cd web/src $ git mv elements/rbac admin $ cd admin $ perl -pi -e 's{goauthentik/elements/rbac/}{goauthentik/admin/rbac/}' $(rg -l 'goauthentik/elements/rbac') ``` * website/docs: fix #9552 openssl rand base64 line wrap (#10211) * website/integrations: fix typo in documentation for OIDC setup with Paperless-ngx (#10218) Update index.md Missing " cost me more time than I'd like to admit. Paying it forward. Signed-off-by: Russ Harvey <53157589+rwh85@users.noreply.github.com> * security: fix CVE-2024-38371 (#10229) * security: fix CVE-2024-38371 (cherry-pick #10229) (#10234) Co-authored-by: Jens L <jens@goauthentik.io> fix CVE-2024-38371 (#10229) * security: fix CVE-2024-37905 (#10230) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * core: bump debugpy from 1.8.1 to 1.8.2 (#10225) Bumps [debugpy](https://github.com/microsoft/debugpy) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/microsoft/debugpy/releases) - [Commits](https://github.com/microsoft/debugpy/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: debugpy dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * web: bump @sentry/browser from 8.11.0 to 8.12.0 in /web in the sentry group (#10226) web: bump @sentry/browser in /web in the sentry group Bumps the sentry group in /web with 1 update: [@sentry/browser](https://github.com/getsentry/sentry-javascript). Updates `@sentry/browser` from 8.11.0 to 8.12.0 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/8.11.0...8.12.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: sentry ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump webauthn from 2.1.0 to 2.2.0 (#10224) Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/duo-labs/py_webauthn/releases) - [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md) - [Commits](https://github.com/duo-labs/py_webauthn/compare/v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: webauthn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * web: bump chromedriver from 126.0.3 to 126.0.4 in /tests/wdio (#10223) Bumps [chromedriver](https://github.com/giggio/node-chromedriver) from 126.0.3 to 126.0.4. - [Commits](https://github.com/giggio/node-chromedriver/compare/126.0.3...126.0.4) --- updated-dependencies: - dependency-name: chromedriver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump pdoc from 14.5.0 to 14.5.1 (#10221) Bumps [pdoc](https://github.com/mitmproxy/pdoc) from 14.5.0 to 14.5.1. - [Changelog](https://github.com/mitmproxy/pdoc/blob/main/CHANGELOG.md) - [Commits](https://github.com/mitmproxy/pdoc/compare/v14.5.0...v14.5.1) --- updated-dependencies: - dependency-name: pdoc dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * security: fix CVE-2024-37905 (cherry-pick #10230) (#10237) Co-authored-by: Jens L <jens@goauthentik.io> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> fix CVE-2024-37905 (#10230) * release: 2024.6.0 * website/docs: update 2024.6 release notes with latest changes (#10228) * website/docs: update 2024.2 release notes with security fixes (#10232) * website/docs: update 2024.4 release notes with latest changes (#10231) * website/docs: update 2024.6 release notes with latest changes (cherry-pick #10228) (#10243) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * website/docs: remove RC disclaimer from 2024.6 release notes (#10245) Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * website/docs: remove RC disclaimer from 2024.6 release notes (cherry-pick #10245) (#10246) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * security: update supported versions (#10247) * security: update supported versions (cherry-pick #10247) (#10248) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * website/docs: update geoip and asn example to use the proper syntax (#10249) * website/docs: update the Welcome page (#10222) * update to mention Enterprise * moved sections * tweaks --------- Co-authored-by: Tana M Berry <tana@goauthentik.com> * website/docs: update geoip and asn example to use the proper syntax (cherry-pick #10249) (#10250) website/docs: update geoip and asn example to use the proper syntax (#10249) Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * web: bump API Client version (#10252) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> * web/flows: remove continue button from AutoSubmit stage (#10253) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * web: disable reading dark mode out of the UI by default (#10256) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: disable reading dark mode out of the UI by default This patch disables "dark mode" as a browser preference. It still honors the user preference, but it will always default to Light mode and will not pay attention to the browser setting. Thank GNU that dark mode availablity is not a requirement to sell to governments: https://www.section508.gov/content/guide-accessible-web-design-development/# * Prettier had opinions. * Prettier having more opinions. * Preserve knowledge. * Updated eslint to stop warning us out about deprecated features. * web: provide better feedback on Application Library page about search results (#9386) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: improve state management of Fuze application search This commit rewrites a bit (just a bit, really!) of the relationship between `ak-library-application-impl` and `ak-library-application-search`. The "show only apps with launch URLs filter" has been moved up to the retrieval layer; there was no reason for the renderer to repeatedly call a required filter; just call it on the list of applications once and be done. The search component exchanges the two-state guesswork and custom events for a concrete three-state solution and private events. The search handler now sends the events "reset," "updated," and the new "updated and empty," which we could not previously track. By limiting the Impl layer to only those apps with launchUrls, we can now distinguish between "all apps," and "filtered apps," and understand that when "all apps" is empty we have no apps, and when "filtered apps" is empty the search has returned nothing. I also tried to add a lot more comments. In keeping with ES2020, I've put `.js` extensions on all the local imports. In keeping with a variety of [best practice recommendations](https://webcomponents.today/best-practices/), I've renamed web component files to match the custom element they deploy: ``` ak-library-application-search-empty.ts 19:@customElement("ak-library-application-search-empty") ak-library-impl.ts 44:@customElement("ak-library-impl") ak-library.ts 30:@customElement("ak-library") ak-library-application-list.ts 34:@customElement("ak-library-application-list") ak-library-application-empty-list.ts 22:@customElement("ak-library-application-empty-list") ak-library-application-search.ts 46:@customElement("ak-library-application-search") ``` The only effect(s) external to the changes in this vertical is that the Route() had to be updated, and I have done that. * web: updated the improved search to Google's Lit standards for events. * website/docs: update geoip and asn documentation following field changes (#10265) Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> * core, web: update translations (#10259) Co-authored-by: rissson <18313093+rissson@users.noreply.github.com> * core: bump goauthentik.io/api/v3 from 3.2024042.13 to 3.2024060.1 (#10260) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#10268) Translate locale/en/LC_MESSAGES/django.po in ru 100% translated source file: 'locale/en/LC_MESSAGES/django.po' on 'ru'. Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> * core: bump drf-jsonschema-serializer from 2.0.0 to 3.0.0 (#10262) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * translate: Updates for file web/xliff/en.xlf in zh_CN (#10271) Translate web/xliff/en.xlf in zh_CN 100% translated source file: 'web/xliff/en.xlf' on 'zh_CN'. Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> * translate: Updates for file web/xliff/en.xlf in zh-Hans (#10272) Translate web/xliff/en.xlf in zh-Hans 100% translated source file: 'web/xliff/en.xlf' on 'zh-Hans'. Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> * web: provide a test framework (#9681) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: provide a test framework As is typical of a system where a new build engine is involved, this thing is sadly fragile. Use the wrong import style in wdio.conf.js and it breaks; there are several notes in tsconfig.test.conf and wdio.conf.ts to tell eslint or tsc not to complain, it's just a different build with different criteria, the native criteria don't apply. On the other hand, writing tests is easy and predictable. We can test behaviors at the unit and component scale in a straightforward manner, and validate our expectations that things work the way we believe they should. * Rolling back a reversion. * Adjusting paths to work with tests. * add ci to test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * web: patch spotlight on the fly to fix syntax issue that blocked storybook build This should be a temporary hack. I have an [open issue](https://github.com/getsentry/spotlight/issues/419) and [pull request](https://github.com/getsentry/spotlight/pull/420) with the Spotlight people already to fix the issue. * Somehow missed these in the merge. * Merge missed something. * Fixed an issue where npm install and npm ci had different shell script behaviors. * Removed debugging messages. --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io> * web: lint package-lock.json file (#10157) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: replace ad-hoc test for package-lock.json file with a tool Testing to see if a package-lock entry has a `resolved` field hasn't been a reliable test of that entry's validity for several years now. The best options we have now are to ensure that every download occurs over https, and that every download only happens from fully vetted sources such as NPM and Github. [Liran Tal's Lockfile-Lint tool](https://snyk.io/blog/why-npm-lockfiles-can-be-a-security-blindspot-for-injecting-malicious-modules/) does this for package-lock.json files made with NPM or Yarn. * web: update CI workflows to use `lockfile-lint` for validity checking * Still getting familiar with the workflows thing. * ci: refactor ci-web linting Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * ci fix Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * try again Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * and again Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * rework ci-website Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * events: associate login_failed events to a user if possible (#10270) Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * core: adjust styling to meet our standards (#10277) * core: adjust styling to meet our standards * Fix version correspondence bug in website (#10278) web: update lockfile to correspond to package.json, enabling npm-ci Looks like someone updated `package.json` to have the latest version of Typescript, but failed to update `package-lock.json` to get that version into the cache. `npm ci` won't work if the versions in the two files don't correspond, as that means, well, exactly that: no one has checked that the versioning is correct. The actual diff to `package-lock.json` is small enough it can be verified by eye, and it's fine. * web: bump @sentry/browser from 8.12.0 to 8.13.0 in /web in the sentry group (#10286) web: bump @sentry/browser in /web in the sentry group Bumps the sentry group in /web with 1 update: [@sentry/browser](https://github.com/getsentry/sentry-javascript). Updates `@sentry/browser` from 8.12.0 to 8.13.0 - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/8.12.0...8.13.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: sentry ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump ruff from 0.4.10 to 0.5.0 (#10285) Bumps [ruff](https://github.com/astral-sh/ruff) from 0.4.10 to 0.5.0. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/v0.4.10...0.5.0) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump swagger-spec-validator from 3.0.3 to 3.0.4 (#10284) Bumps [swagger-spec-validator](https://github.com/Yelp/swagger_spec_validator) from 3.0.3 to 3.0.4. - [Changelog](https://github.com/Yelp/swagger_spec_validator/blob/master/CHANGELOG.rst) - [Commits](https://github.com/Yelp/swagger_spec_validator/compare/v3.0.3...v3.0.4) --- updated-dependencies: - dependency-name: swagger-spec-validator dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump twilio from 9.2.1 to 9.2.2 (#10283) Bumps [twilio](https://github.com/twilio/twilio-python) from 9.2.1 to 9.2.2. - [Release notes](https://github.com/twilio/twilio-python/releases) - [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md) - [Commits](https://github.com/twilio/twilio-python/compare/9.2.1...9.2.2) --- updated-dependencies: - dependency-name: twilio dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump google-api-python-client from 2.134.0 to 2.135.0 (#10281) Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 2.134.0 to 2.135.0. - [Release notes](https://github.com/googleapis/google-api-python-client/releases) - [Commits](https://github.com/googleapis/google-api-python-client/compare/v2.134.0...v2.135.0) --- updated-dependencies: - dependency-name: google-api-python-client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump sentry-sdk from 2.5.1 to 2.7.1 (#10282) Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.5.1 to 2.7.1. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-python/compare/2.5.1...2.7.1) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core, web: update translations (#10279) Co-authored-by: rissson <18313093+rissson@users.noreply.github.com> * root: allow extra sentry settings (#10269) * core: fix URLValidator regex to allow single digit port (#10280) * root: fix web docker build (#10287) * tests/e2e: fix ldap tests following #10270 (#10288) * web/admin: show matching user reputation scores in user details (#10276) Co-authored-by: Jens Langhammer <jens@goauthentik.io> * web: bump API Client version (#10290) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> * web: restore hasLaunchUrl to client-side criteria for filtering apps (#10291) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: restore `hasLaunchUrl` to the The `filteredApps` criteria I misunderstood where this information was coming from. Sorry about that. * Use the most efficient operator here. * core: applications api: prefetch related policies (#10273) * stages/user_login: fix ?next parameter not carried through broken session binding (#10301) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * core: bump psycopg from 3.1.19 to 3.2.1 (#10313) Bumps [psycopg](https://github.com/psycopg/psycopg) from 3.1.19 to 3.2.1. - [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst) - [Commits](https://github.com/psycopg/psycopg/compare/3.1.19...3.2.1) --- updated-dependencies: - dependency-name: psycopg dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump goauthentik.io/api/v3 from 3.2024060.1 to 3.2024060.2 (#10311) Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2024060.1 to 3.2024060.2. - [Release notes](https://github.com/goauthentik/client-go/releases) - [Commits](https://github.com/goauthentik/client-go/compare/v3.2024060.1...v3.2024060.2) --- updated-dependencies: - dependency-name: goauthentik.io/api/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * website: bump postcss from 8.4.38 to 8.4.39 in /website (#10310) Bumps [postcss](https://github.com/postcss/postcss) from 8.4.38 to 8.4.39. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.4.38...8.4.39) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * web: bump esbuild from 0.21.5 to 0.22.0 in /web (#10309) Bumps [esbuild](https://github.com/evanw/esbuild) from 0.21.5 to 0.22.0. - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](https://github.com/evanw/esbuild/compare/v0.21.5...v0.22.0) --- updated-dependencies: - dependency-name: esbuild dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * web: bump the esbuild group in /web with 2 updates (#10308) Bumps the esbuild group in /web with 2 updates: [@esbuild/darwin-arm64](https://github.com/evanw/esbuild) and [@esbuild/linux-arm64](https://github.com/evanw/esbuild). Updates `@esbuild/darwin-arm64` from 0.21.5 to 0.22.0 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](https://github.com/evanw/esbuild/compare/v0.21.5...v0.22.0) Updates `@esbuild/linux-arm64` from 0.21.5 to 0.22.0 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](https://github.com/evanw/esbuild/compare/v0.21.5...v0.22.0) --- updated-dependencies: - dependency-name: "@esbuild/darwin-arm64" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: esbuild - dependency-name: "@esbuild/linux-arm64" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: esbuild ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#10306) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> * core, web: update translations (#10294) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: rissson <18313093+rissson@users.noreply.github.com> * web: fix package lock out of sync (#10314) * translate: Updates for file web/xliff/en.xlf in zh_CN (#10315) Translate web/xliff/en.xlf in zh_CN 100% translated source file: 'web/xliff/en.xlf' on 'zh_CN'. Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> * web/flows: remove background image link (#10318) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * core: remove transitionary old JS urls (#10317) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * web: set noopener and noreferrer on all external links (#10304) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * web: bump typescript from 5.5.2 to 5.5.3 in /web (#10332) Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.2 to 5.5.3. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/Microsoft/TypeScript/compare/v5.5.2...v5.5.3) --- updated-dependencies: - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * web: bump the esbuild group in /web with 2 updates (#10330) Bumps the esbuild group in /web with 2 updates: [@esbuild/darwin-arm64](https://github.com/evanw/esbuild) and [@esbuild/linux-arm64](https://github.com/evanw/esbuild). Updates `@esbuild/darwin-arm64` from 0.22.0 to 0.23.0 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](https://github.com/evanw/esbuild/compare/v0.22.0...v0.23.0) Updates `@esbuild/linux-arm64` from 0.22.0 to 0.23.0 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](https://github.com/evanw/esbuild/compare/v0.22.0...v0.23.0) --- updated-dependencies: - dependency-name: "@esbuild/darwin-arm64" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: esbuild - dependency-name: "@esbuild/linux-arm64" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: esbuild ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * web: bump typescript from 5.5.2 to 5.5.3 in /tests/wdio (#10327) Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.2 to 5.5.3. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/Microsoft/TypeScript/compare/v5.5.2...v5.5.3) --- updated-dependencies: - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core: bump pydantic from 2.7.4 to 2.8.0 (#10325) Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.7.4 to 2.8.0. - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md) - [Commits](https://github.com/pydantic/pydantic/compare/v2.7.4...v2.8.0) --- updated-dependencies: - dependency-name: pydantic dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * website: bump typescript from 5.5.2 to 5.5.3 in /website (#10326) Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.2 to 5.5.3. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/Microsoft/TypeScript/compare/v5.5.2...v5.5.3) --- updated-dependencies: - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * core, web: update translations (#10324) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: rissson <18313093+rissson@users.noreply.github.com> * web: fixed missed internationalized strings (#10323) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: you have no missed messages This commit uncovers a few places where a human-readable string was not property cast into the internationalized form and internationalizes them in order to conform to our policy of keeping the product viable outside of the English-speaking world. * Restored SAML spacing manually. Not sure why that was necessary. * Restored WS spacing manually. Not sure why that was necessary. * Restored RouteMatch spacing manually. Not sure why that was necessary. * Restored RAC spacing manually. Not sure why that was necessary. * web: bump esbuild from 0.22.0 to 0.23.0 in /web (#10331) Bumps [esbuild](https://github.com/evanw/esbuild) from 0.22.0 to 0.23.0. - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](https://github.com/evanw/esbuild/compare/v0.22.0...v0.23.0) --- updated-dependencies: - dependency-name: esbuild dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * translate: Updates for file web/xliff/en.xlf in zh-Hans (#10293) Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * translate: Updates for file web/xliff/en.xlf in fr (#10334) Translate web/xliff/en.xlf in fr 100% translated source file: 'web/xliff/en.xlf' on 'fr'. Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> * provider/scim: Fix exception handling for missing ServiceProviderConfig (#10322) * web: provide default endpoint api configuration (#10319) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three different kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following error appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * Intermediate; prepping for remove that may fail. * web: provide a default table endpoint configuration This commit finds 19 places where the exact same configuration is used to describe a table's API endpoint, and replaces that configuration with a provided default from a parent class. While examining the logs for our build, I noted that this particular sequence is duplicated multiple times throughout our code base, accounting for a bloat of 169 lines or so of the estimated 5552 lines of bloat. By providing a default endpoint configuration and substituting it (mechanically) wherever the default is required, we reduce our code duplication issue from 9.26% of the codesabe to 8.99%. ... which is a start. * Didn't need the duplication. * remove page argument while we're at it Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually use it everywhere Signed-off-by: Jens Langhammer <jens@goauthentik.io> * web: fix inconsistent method signature for LogViewer Removed the `_page` parameter from LogViewer's apiEndpoint() method. The `page: number` parameter is no longer a part of this method's signature. * web: restore reduced page size to Overview:Recent Events card --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Russ Harvey <53157589+rwh85@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: gcp-cherry-pick-bot[bot] <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Jens L <jens@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana M Berry <tana@goauthentik.com> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Jonathan Joewono <30559735+jogerj@users.noreply.github.com> Co-authored-by: Russ Harvey <53157589+rwh85@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: rissson <18313093+rissson@users.noreply.github.com> Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> Co-authored-by: ztelliot <1141480995@qq.com> Co-authored-by: Michael Poutre <m1kep.my.mail@gmail.com> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Russ Harvey <53157589+rwh85@users.noreply.github.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: gcp-cherry-pick-bot[bot] <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Jens L <jens@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Tana M Berry <tana@goauthentik.com> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Jonathan Joewono <30559735+jogerj@users.noreply.github.com> Co-authored-by: Russ Harvey <53157589+rwh85@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: rissson <18313093+rissson@users.noreply.github.com> Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com> Co-authored-by: ztelliot <1141480995@qq.com> Co-authored-by: Michael Poutre <m1kep.my.mail@gmail.com>	2024-07-02 17:44:48 +02:00
Jens L	e28babb0b8	core: Initial RBAC (#6806 ) * rename consent permission Signed-off-by: Jens Langhammer <jens@goauthentik.io> * the user version Signed-off-by: Jens Langhammer <jens@goauthentik.io> t Signed-off-by: Jens Langhammer <jens@goauthentik.io> * initial role Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start form Signed-off-by: Jens Langhammer <jens@goauthentik.io> * some minor table refactoring Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix user, add assign Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add roles ui Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix backend Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add assign API for roles Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start adding toggle buttons Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start view page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude add_ permission for per-object perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * small cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permission list for roles Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make sidebar update Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix page header not re-rendering? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fixup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add search Signed-off-by: Jens Langhammer <jens@goauthentik.io> * show first category in table groupBy except when its empty Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make model and object PK optional but required together Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow for setting global perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude non-authentik permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * exclude models which aren't allowed (base models etc) Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ensure all models have verbose_name set, exclude some more internal objects Signed-off-by: Jens Langhammer <jens@goauthentik.io> * lint fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix role perm assign Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add unasign for global perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add meta changes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clear modal state after submit Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add roles to our group Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate url names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make recursive group query more usable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add name field to role itself and move group creation to signal Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start sync Signed-off-by: Jens Langhammer <jens@goauthentik.io> * move rbac stuff to separate django app Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint and such Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix go Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start API changes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more API tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make admin interface not require superuser for now, improve error handling Signed-off-by: Jens Langhammer <jens@goauthentik.io> * replace some IsAdminUser where applicable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate flow inspector perms to actual permission Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix license not being a serializermodel Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permission modal to models without view page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add additional permissions to assign/unassign permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add action to unassign user permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add permissions tab to remaining view pages Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix flow inspector permission check Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix codecov config? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more API tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ensure viewsets have an order set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * hopefully the last api name change Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make perm modal less confusing Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start user view permission page Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only make delete bulk form expandable if usedBy is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * expand permission tables Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add more things Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add user global permission table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix lint Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests' url names Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests for assign perms Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add unassign tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rebuild permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * prevent assigning/unassigning permissions to internal service accounts Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only enable default api browser in debug Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix role object permissions showing duplicate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix role link on role object permissions table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix object permission modal having duplicate close buttons Signed-off-by: Jens Langhammer <jens@goauthentik.io> * return error if user has no global perm and no object perms also improve error display on table Signed-off-by: Jens Langhammer <jens@goauthentik.io> * small optimisation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * optimise even more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update locale Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add system permission for non-object permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow access to admin interface based on perm Signed-off-by: Jens Langhammer <jens@goauthentik.io> * clean Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't exclude base models Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>	2023-10-16 17:31:50 +02:00

5 Commits