release: 2021.2.5-stable

root: fix request_id not being logged for actual asgi requests
web: fix SiteShell breaking links when handlers are updated twice
2021-02-24 09:54:06 +01:00 · 2021-02-24 09:45:52 +01:00 · 2021-02-24 09:45:08 +01:00 · 2021-02-24 09:44:55 +01:00 · 2021-02-24 09:44:39 +01:00 · 2021-02-24 09:44:24 +01:00
29 changed files with 111 additions and 59 deletions
--- a/.bumpversion.cfg
+++ b/.bumpversion.cfg
@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 2021.2.4-stable
+current_version = 2021.2.5-stable
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -18,11 +18,11 @@ jobs:
      - name: Building Docker Image
        run: docker build
          --no-cache
-          -t beryju/authentik:2021.2.4-stable
+          -t beryju/authentik:2021.2.5-stable
          -t beryju/authentik:latest
          -f Dockerfile .
      - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/authentik:2021.2.4-stable
+        run: docker push beryju/authentik:2021.2.5-stable
      - name: Push Docker Container to Registry (latest)
        run: docker push beryju/authentik:latest
  build-proxy:
@ -48,11 +48,11 @@ jobs:
          cd outpost/
          docker build \
          --no-cache \
-          -t beryju/authentik-proxy:2021.2.4-stable \
+          -t beryju/authentik-proxy:2021.2.5-stable \
          -t beryju/authentik-proxy:latest \
          -f proxy.Dockerfile .
      - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/authentik-proxy:2021.2.4-stable
+        run: docker push beryju/authentik-proxy:2021.2.5-stable
      - name: Push Docker Container to Registry (latest)
        run: docker push beryju/authentik-proxy:latest
  build-static:
@ -69,11 +69,11 @@ jobs:
          cd web/
          docker build \
          --no-cache \
-          -t beryju/authentik-static:2021.2.4-stable \
+          -t beryju/authentik-static:2021.2.5-stable \
          -t beryju/authentik-static:latest \
          -f Dockerfile .
      - name: Push Docker Container to Registry (versioned)
-        run: docker push beryju/authentik-static:2021.2.4-stable
+        run: docker push beryju/authentik-static:2021.2.5-stable
      - name: Push Docker Container to Registry (latest)
        run: docker push beryju/authentik-static:latest
  test-release:
@ -107,5 +107,5 @@ jobs:
          SENTRY_PROJECT: authentik
          SENTRY_URL: https://sentry.beryju.org
        with:
-          tagName: 2021.2.4-stable
+          tagName: 2021.2.5-stable
          environment: beryjuorg-prod
--- a/authentik/init.py
+++ b/authentik/init.py
@ -1,2 +1,2 @@
 """authentik"""
-__version__ = "2021.2.4-stable"
+__version__ = "2021.2.5-stable"
--- a/authentik/admin/templates/administration/policy/list.html
+++ b/authentik/admin/templates/administration/policy/list.html
@ -41,6 +41,9 @@
                            {% endfor %}
                        </ul>
                    </ak-dropdown>
+                    <button role="ak-refresh" class="pf-c-button pf-m-primary">
+                        {% trans 'Refresh' %}
+                    </button>
                </div>
                {% include 'partials/pagination.html' %}
            </div>
--- a/authentik/core/middleware.py
+++ b/authentik/core/middleware.py
@ -9,6 +9,7 @@ from django.http import HttpRequest, HttpResponse
 SESSION_IMPERSONATE_USER = "authentik_impersonate_user"
 SESSION_IMPERSONATE_ORIGINAL_USER = "authentik_impersonate_original_user"
 LOCAL = local()
+RESPONSE_HEADER_ID = "X-authentik-id"


 class ImpersonateMiddleware:
@ -43,7 +44,7 @@ class RequestIDMiddleware:
            setattr(request, "request_id", request_id)
            LOCAL.authentik = {"request_id": request_id}
        response = self.get_response(request)
-        response["X-authentik-id"] = request.request_id
+        response[RESPONSE_HEADER_ID] = request.request_id
        del LOCAL.authentik["request_id"]
        return response

--- a/authentik/events/tasks.py
+++ b/authentik/events/tasks.py
@ -2,6 +2,7 @@
 from guardian.shortcuts import get_anonymous_user
 from structlog import get_logger

+from authentik.core.models import User
 from authentik.events.models import (
    Event,
    Notification,
@ -53,7 +54,8 @@ def event_trigger_handler(event_uuid: str, trigger_name: str):
        return

    LOGGER.debug("e(trigger): checking if trigger applies", trigger=trigger)
-    policy_engine = PolicyEngine(trigger, get_anonymous_user())
+    user = User.objects.filter(pk=event.user.get("pk")).first() or get_anonymous_user()
+    policy_engine = PolicyEngine(trigger, user)
    policy_engine.mode = PolicyEngineMode.MODE_OR
    policy_engine.empty_result = False
    policy_engine.use_cache = False
--- a/authentik/root/asgi.py
+++ b/authentik/root/asgi.py
@ -18,6 +18,8 @@ from django.core.asgi import get_asgi_application
 from sentry_sdk.integrations.asgi import SentryAsgiMiddleware
 from structlog.stdlib import get_logger

+from authentik.core.middleware import RESPONSE_HEADER_ID
+
 # DJANGO_SETTINGS_MODULE is set in gunicorn.conf.py

 defuse_stdlib()
@ -67,6 +69,7 @@ class ASGILogger:
    status_code: int
    start: float
    content_length: int
+    request_id: str

    def __init__(self, app: ASGIApp):
        self.app = app
@ -75,23 +78,29 @@ class ASGILogger:
        self.scope = scope
        self.content_length = 0
        self.headers = dict(scope.get("headers", []))
+        self.request_id = ""

        async def send_hooked(message: Message) -> None:
            """Hooked send method, which records status code and content-length, and for the final
            requests logs it"""
            headers = dict(message.get("headers", []))
-
            if "status" in message:
                self.status_code = message["status"]

            if b"Content-Length" in headers:
                self.content_length += int(headers.get(b"Content-Length", b"0"))

+            if message["type"] == "http.response.start":
+                response_headers = dict(message["headers"])
+                self.request_id = response_headers.get(
+                    RESPONSE_HEADER_ID.encode(), b""
+                ).decode()
+
            if message["type"] == "http.response.body" and not message.get(
-                "more_body", None
+                "more_body", True
            ):
                runtime = int((time() - self.start) * 1000)
-                self.log(runtime)
+                self.log(runtime, request_id=self.request_id)
            await send(message)

        self.start = time()
@ -111,7 +120,7 @@ class ASGILogger:
        # Check if header has multiple values, and use the first one
        return client_ip.split(", ")[0]

-    def log(self, runtime: float):
+    def log(self, runtime: float, **kwargs):
        """Outpot access logs in a structured format"""
        host = self._get_ip()
        query_string = ""
@ -125,6 +134,7 @@ class ASGILogger:
            status=self.status_code,
            size=self.content_length / 1000 if self.content_length > 0 else 0,
            runtime=runtime,
+            **kwargs,
        )


--- a/authentik/sources/oauth/templates/oauth_client/user.html
+++ b/authentik/sources/oauth/templates/oauth_client/user.html
@ -9,13 +9,13 @@
    <div class="pf-c-card__body">
        {% if connections.exists %}
        <p>{% trans 'Connected.' %}</p>
-        <a class="pf-c-button pf-m-danger"
+        <a class="pf-c-button pf-m-danger ak-root-link"
            href="{% url 'authentik_sources_oauth:oauth-client-disconnect' source_slug=source.slug %}">
            {% trans 'Disconnect' %}
        </a>
        {% else %}
        <p>Not connected.</p>
-        <a class="pf-c-button pf-m-primary"
+        <a class="pf-c-button pf-m-primary ak-root-link"
            href="{% url 'authentik_sources_oauth:oauth-client-login' source_slug=source.slug %}">
            {% trans 'Connect' %}
        </a>
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -19,7 +19,7 @@ services:
    networks:
      - internal
  server:
-    image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.4-stable}
+    image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.5-stable}
    command: server
    environment:
      AUTHENTIK_REDIS__HOST: redis
@ -45,7 +45,7 @@ services:
    env_file:
      - .env
  worker:
-    image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.4-stable}
+    image: beryju/authentik:${AUTHENTIK_TAG:-2021.2.5-stable}
    command: worker
    networks:
      - internal
@ -62,7 +62,7 @@ services:
    env_file:
      - .env
  static:
-    image: beryju/authentik-static:${AUTHENTIK_TAG:-2021.2.4-stable}
+    image: beryju/authentik-static:${AUTHENTIK_TAG:-2021.2.5-stable}
    networks:
      - internal
    labels:
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@ -4,7 +4,7 @@ name: authentik
 home: https://goauthentik.io
 sources:
  - https://github.com/BeryJu/authentik
-version: "2021.2.4-stable"
+version: "2021.2.5-stable"
 icon: https://raw.githubusercontent.com/BeryJu/authentik/master/web/icons/icon.svg
 dependencies:
  - name: postgresql
--- a/helm/README.md
+++ b/helm/README.md
@ -4,7 +4,7 @@
 |-----------------------------------|-------------------------|-------------|
 | image.name                        | beryju/authentik        | Image used to run the authentik server and worker |
 | image.name_static                 | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
-| image.tag                         | 2021.2.4-stable           | Image tag |
+| image.tag                         | 2021.2.5-stable           | Image tag |
 | image.pullPolicy                  | IfNotPresent            | Image Pull Policy used for all deployments |
 | serverReplicas                    | 1                       | Replicas for the Server deployment |
 | workerReplicas                    | 1                       | Replicas for the Worker deployment |
--- a/helm/templates/web-deployment.yaml
+++ b/helm/templates/web-deployment.yaml
@ -99,10 +99,12 @@ spec:
            httpGet:
              path: /-/health/live/
              port: http
+              initialDelaySeconds: 15
          readinessProbe:
            httpGet:
              path: /-/health/ready/
              port: http
+              initialDelaySeconds: 15
          resources:
            requests:
              cpu: 100m
--- a/helm/values.yaml
+++ b/helm/values.yaml
@ -5,7 +5,7 @@ image:
  name: beryju/authentik
  name_static: beryju/authentik-static
  name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
-  tag: 2021.2.4-stable
+  tag: 2021.2.5-stable
  pullPolicy: IfNotPresent

 serverReplicas: 1
--- a/outpost/pkg/ak/api.go
+++ b/outpost/pkg/ak/api.go
@ -49,12 +49,14 @@ func NewAPIController(pbURL url.URL, token string) *APIController {
 	// create the API client, with the transport
 	apiClient := client.New(transport, strfmt.Default)

+	log := log.WithField("logger", "authentik.outpost.ak-api-controller")
+
 	// Because we don't know the outpost UUID, we simply do a list and pick the first
 	// The service account this token belongs to should only have access to a single outpost
 	outposts, err := apiClient.Outposts.OutpostsOutpostsList(outposts.NewOutpostsOutpostsListParams(), auth)

 	if err != nil {
-		panic(err)
+		log.WithError(err).Panic("Failed to fetch configuration")
 	}
 	outpost := outposts.Payload.Results[0]
 	doGlobalSetup(outpost.Config.(map[string]interface{}))
@ -64,7 +66,7 @@ func NewAPIController(pbURL url.URL, token string) *APIController {
 		Auth:   auth,
 		token:  token,

-		logger: log.WithField("component", "ak-api-controller"),
+		logger: log,

 		reloadOffset: time.Duration(rand.Intn(10)) * time.Second,

--- a/outpost/pkg/ak/api_ws.go
+++ b/outpost/pkg/ak/api_ws.go
@ -40,7 +40,7 @@ func (ac *APIController) initWS(pbURL url.URL, outpostUUID strfmt.UUID) {
 	}
 	ws.Dial(fmt.Sprintf(pathTemplate, scheme, pbURL.Host, outpostUUID.String()), header)

-	ac.logger.WithField("component", "ak-ws").WithField("outpost", outpostUUID.String()).Debug("connecting to authentik")
+	ac.logger.WithField("logger", "authentik.outpost.ak-ws").WithField("outpost", outpostUUID.String()).Debug("connecting to authentik")

 	ac.wsConn = ws
 	// Send hello message with our version
@ -52,7 +52,7 @@ func (ac *APIController) initWS(pbURL url.URL, outpostUUID strfmt.UUID) {
 	}
 	err := ws.WriteJSON(msg)
 	if err != nil {
-		ac.logger.WithField("component", "ak-ws").WithError(err).Warning("Failed to hello to authentik")
+		ac.logger.WithField("logger", "authentik.outpost.ak-ws").WithError(err).Warning("Failed to hello to authentik")
 	}
 }

--- a/outpost/pkg/ak/global.go
+++ b/outpost/pkg/ak/global.go
@ -13,7 +13,12 @@ import (
 )

 func doGlobalSetup(config map[string]interface{}) {
-	log.SetFormatter(&log.JSONFormatter{})
+	log.SetFormatter(&log.JSONFormatter{
+		FieldMap: log.FieldMap{
+			log.FieldKeyMsg:  "event",
+			log.FieldKeyTime: "timestamp",
+		},
+	})
 	switch config[ConfigLogLevel].(string) {
 	case "debug":
 		log.SetLevel(log.DebugLevel)
--- a/outpost/pkg/proxy/api.go
+++ b/outpost/pkg/proxy/api.go
@ -31,7 +31,7 @@ func (s *Server) bundleProviders(providers []*models.ProxyOutpostConfig) []*prov
 		bundles[idx] = &providerBundle{
 			s:    s,
 			Host: externalHost.Host,
-			log:  log.WithField("component", "proxy-bundle").WithField("provider", provider.Name),
+			log:  log.WithField("logger", "authentik.outpost.proxy-bundle").WithField("provider", provider.Name),
 		}
 		bundles[idx].Build(provider)
 	}
--- a/outpost/pkg/proxy/api_bundle.go
+++ b/outpost/pkg/proxy/api_bundle.go
@ -129,7 +129,7 @@ func (pb *providerBundle) Build(provider *models.ProxyOutpostConfig) {
 		log.Printf("%s", err)
 		os.Exit(1)
 	}
-	oauthproxy, err := NewOAuthProxy(opts)
+	oauthproxy, err := NewOAuthProxy(opts, provider)
 	if err != nil {
 		log.Errorf("ERROR: Failed to initialise OAuth2 Proxy: %v", err)
 		os.Exit(1)
--- a/outpost/pkg/proxy/middleware.go
+++ b/outpost/pkg/proxy/middleware.go
@ -95,7 +95,7 @@ type loggingHandler struct {
 func LoggingHandler(h http.Handler) http.Handler {
 	return loggingHandler{
 		handler: h,
-		logger:  log.WithField("component", "proxy-http-server"),
+		logger:  log.WithField("logger", "authentik.outpost.proxy-http-server"),
 	}
 }

@ -104,19 +104,17 @@ func (h loggingHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	url := *req.URL
 	responseLogger := &responseLogger{w: w}
 	h.handler.ServeHTTP(responseLogger, req)
-	duration := float64(time.Since(t)) / float64(time.Second)
+	duration := float64(time.Since(t)) / float64(time.Millisecond)
 	h.logger.WithFields(log.Fields{
-		"Client":          req.RemoteAddr,
-		"Host":            req.Host,
-		"Protocol":        req.Proto,
-		"RequestDuration": fmt.Sprintf("%0.3f", duration),
-		"RequestMethod":   req.Method,
-		"ResponseSize":    responseLogger.Size(),
-		"StatusCode":      responseLogger.Status(),
-		"Timestamp":       t,
-		"Upstream":        responseLogger.upstream,
-		"UserAgent":       req.UserAgent(),
-		"Username":        responseLogger.authInfo,
+		"host":              req.RemoteAddr,
+		"vhost":             req.Host,
+		"request_protocol":  req.Proto,
+		"runtime":           fmt.Sprintf("%0.3f", duration),
+		"method":            req.Method,
+		"size":              responseLogger.Size(),
+		"status":            responseLogger.Status(),
+		"upstream":          responseLogger.upstream,
+		"request_useragent": req.UserAgent(),
+		"request_username":  responseLogger.authInfo,
 	}).Info(url.RequestURI())
-	// logger.PrintReq(responseLogger.authInfo, responseLogger.upstream, req, url, t, , )
 }
--- a/outpost/pkg/proxy/proxy.go
+++ b/outpost/pkg/proxy/proxy.go
@ -21,6 +21,7 @@ import (
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/sessions"
 	"github.com/oauth2-proxy/oauth2-proxy/pkg/upstream"
 	"github.com/oauth2-proxy/oauth2-proxy/providers"
+	"goauthentik.io/outpost/pkg/models"

 	log "github.com/sirupsen/logrus"
 )
@ -92,8 +93,8 @@ type OAuthProxy struct {
 }

 // NewOAuthProxy creates a new instance of OAuthProxy from the options provided
-func NewOAuthProxy(opts *options.Options) (*OAuthProxy, error) {
-	logger := log.WithField("component", "proxy").WithField("client-id", opts.ClientID)
+func NewOAuthProxy(opts *options.Options, provider *models.ProxyOutpostConfig) (*OAuthProxy, error) {
+	logger := log.WithField("logger", "authentik.outpost.proxy").WithField("provider", provider.Name)
 	sessionStore, err := sessions.NewSessionStore(&opts.Session, &opts.Cookie)
 	if err != nil {
 		return nil, fmt.Errorf("error initialising session store: %v", err)
@ -434,6 +435,7 @@ func (p *OAuthProxy) addHeadersForProxying(rw http.ResponseWriter, req *http.Req
 		authVal := b64.StdEncoding.EncodeToString([]byte(username + ":" + password))
 		req.Header["Authorization"] = []string{fmt.Sprintf("Basic %s", authVal)}
 	}
+	rw.Header().Set("GAP-Auth", session.PreferredUsername)
 	// Check if user has additional headers set that we should sent
 	if additionalHeaders, ok := userAttributes["additionalHeaders"].(map[string]string); ok {
 		if additionalHeaders == nil {
--- a/outpost/pkg/proxy/server.go
+++ b/outpost/pkg/proxy/server.go
@ -6,6 +6,7 @@ import (
 	"errors"
 	"net"
 	"net/http"
+	"strings"
 	"time"

 	log "github.com/sirupsen/logrus"
@ -30,7 +31,7 @@ func NewServer(ac *ak.APIController) *Server {
 	}
 	return &Server{
 		Handlers:    make(map[string]*providerBundle),
-		logger:      log.WithField("component", "proxy-http-server"),
+		logger:      log.WithField("logger", "authentik.outpost.proxy-http-server"),
 		defaultCert: defaultCert,
 		ak:          ac,
 	}
@ -50,12 +51,15 @@ func (s *Server) handler(w http.ResponseWriter, r *http.Request) {
 				return
 			}
 		}
-		s.logger.WithField("host", r.Host).Debug("Host header does not match any we know of")
-		s.logger.Printf("%v+\n", s.Handlers)
-		w.WriteHeader(400)
+		// Get a list of all host keys we know
+		hostKeys := make([]string, 0, len(s.Handlers))
+		for k := range s.Handlers {
+			hostKeys = append(hostKeys, k)
+		}
+		s.logger.WithField("host", r.Host).WithField("known-hosts", strings.Join(hostKeys, ", ")).Debug("Host header does not match any we know of")
+		w.WriteHeader(404)
 		return
 	}
-	s.logger.WithField("host", r.Host).Debug("passing request from host head")
 	handler.ServeHTTP(w, r)
 }

--- a/outpost/pkg/version.go
+++ b/outpost/pkg/version.go
@ -1,3 +1,3 @@
 package pkg

-const VERSION = "2021.2.4-stable"
+const VERSION = "2021.2.5-stable"
--- a/web/src/constants.ts
+++ b/web/src/constants.ts
@ -28,4 +28,4 @@ export const ColorStyles = css`
        background-color: var(--pf-global--danger-color--100);
    }
 `;
-export const VERSION = "2021.2.4-stable";
+export const VERSION = "2021.2.5-stable";
--- a/web/src/pages/LibraryPage.ts
+++ b/web/src/pages/LibraryPage.ts
@ -55,7 +55,12 @@ export class LibraryPage extends LitElement {
    apps?: AKResponse<Application>;

    static get styles(): CSSResult[] {
-        return COMMON_STYLES;
+        return COMMON_STYLES.concat(css`
+            :host,
+            main {
+                height: 100%;
+            }
+        `);
    }

    firstUpdated(): void {
--- a/web/src/pages/generic/SiteShell.ts
+++ b/web/src/pages/generic/SiteShell.ts
@ -89,10 +89,14 @@ export class SiteShell extends LitElement {
            if (a.href === "") {
                return;
            }
+            if (a.href.startsWith("#")) {
+                return;
+            }
            try {
                const url = new URL(a.href);
                const qs = url.search || "";
-                a.href = `#${url.pathname}${qs}`;
+                const hash = (url.hash || "#").substring(2, Infinity);
+                a.href = `#${url.pathname}${qs}${hash}`;
            } catch (e) {
                console.debug(`authentik/site-shell: error ${e}`);
                a.href = `#${a.href}`;
--- a/web/src/pages/outposts/OutpostListPage.ts
+++ b/web/src/pages/outposts/OutpostListPage.ts
@ -52,13 +52,13 @@ export class OutpostListPage extends TablePage<Outpost> {
            })}</ul>`,
            html`<ak-outpost-health outpostId=${item.pk}></ak-outpost-health>`,
            html`
-            <ak-modal-button href="${Outpost.adminUrl(`${item.pk}/update`)}">
+            <ak-modal-button href="${Outpost.adminUrl(`${item.pk}/update/`)}">
                <ak-spinner-button slot="trigger" class="pf-m-secondary">
                    ${gettext("Edit")}
                </ak-spinner-button>
                <div slot="modal"></div>
            </ak-modal-button>&nbsp;
-            <ak-modal-button href="${Outpost.adminUrl(`${item.pk}/delete`)}">
+            <ak-modal-button href="${Outpost.adminUrl(`${item.pk}/delete/`)}">
                <ak-spinner-button slot="trigger" class="pf-m-danger">
                    ${gettext("Delete")}
                </ak-spinner-button>
--- a/website/docs/installation/docker-compose.md
+++ b/website/docs/installation/docker-compose.md
@ -15,7 +15,7 @@ Download the latest `docker-compose.yml` from [here](https://raw.githubuserconte

 To optionally enable error-reporting, run `echo AUTHENTIK_ERROR_REPORTING__ENABLED=true >> .env`

-To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.2.4-stable >> .env`
+To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.2.5-stable >> .env`

 If this is a fresh authentik install run the following commands to generate a password:

--- a/website/docs/installation/kubernetes.md
+++ b/website/docs/installation/kubernetes.md
@ -24,7 +24,7 @@ image:
    name: beryju/authentik
    name_static: beryju/authentik-static
    name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
-    tag: 2021.2.4-stable
+    tag: 2021.2.5-stable

 serverReplicas: 1
 workerReplicas: 1
--- a/website/docs/releases/next.md
+++ b/website/docs/releases/next.md
@ -0,0 +1,14 @@
+---
+title: Next release
+---
+
+## Headline Changes
+
+- Simplify role-based access
+
+    Instead of having to create a Group Membership policy for every group you want to use, you can now select a Group and even a User directly in a binding.
+
+    When a group is selected, the binding behaves the same as if a Group Membership policy exists.
+
+    When a user is selected, the binding checks the user of the request, and denies the request when the user doesn't match.
+
Author	SHA1	Message	Date
Jens Langhammer	e81d3dad3e	release: 2021.2.5-stable	2021-02-24 09:54:06 +01:00
Jens Langhammer	5aabaebd96	root: fix request_id not being logged for actual asgi requests	2021-02-24 09:45:52 +01:00
Jens Langhammer	7b60bca297	web: fix SiteShell breaking links when handlers are updated twice	2021-02-24 09:45:08 +01:00
Jens Langhammer	a07d7456c8	web: fix outpost edit/delete buttons	2021-02-24 09:44:55 +01:00
Jens Langhammer	f33369bf0c	helm: add initial wait for healthcheck	2021-02-24 09:44:39 +01:00
Jens Langhammer	1abcff39c7	outpost: improve logging output, ensure fields match api server	2021-02-24 09:44:24 +01:00
Jens Langhammer	c1caf84d92	events: fix user QuerySet being passed	2021-02-24 09:44:05 +01:00
Jens Langhammer	86c069fe64	admin: fix policy list not having a refresh button	2021-02-24 09:43:57 +01:00
Jens Langhammer	ce0140ef67	events: pass Event's user to Notification policy engine when present	2021-02-24 09:43:50 +01:00
Jens Langhammer	bba43c5109	sources/oauth: fix buttons not being ak-root-link	2021-02-24 09:23:44 +01:00
Jens Langhammer	d99a415502	web: fix library not being full height, again	2021-02-24 09:23:40 +01:00