import { WithBrandConfig } from "#elements/mixins/branding"; import { CapabilitiesEnum, WithCapabilitiesConfig } from "#elements/mixins/capabilities"; import type { AdminInterface } from "@goauthentik/admin/AdminInterface/index.entrypoint.js"; import "@goauthentik/admin/users/ServiceAccountForm"; import "@goauthentik/admin/users/UserActiveForm"; import "@goauthentik/admin/users/UserForm"; import "@goauthentik/admin/users/UserImpersonateForm"; import "@goauthentik/admin/users/UserPasswordForm"; import "@goauthentik/admin/users/UserResetEmailForm"; import { DEFAULT_CONFIG } from "@goauthentik/common/api/config"; import { PFSize } from "@goauthentik/common/enums.js"; import { parseAPIResponseError } from "@goauthentik/common/errors/network"; import { userTypeToLabel } from "@goauthentik/common/labels"; import { MessageLevel } from "@goauthentik/common/messages"; import { formatElapsedTime } from "@goauthentik/common/temporal"; import { rootInterface } from "@goauthentik/common/theme"; import { DefaultUIConfig, uiConfig } from "@goauthentik/common/ui/config"; import { me } from "@goauthentik/common/users"; import "@goauthentik/components/ak-status-label"; import "@goauthentik/elements/TreeView"; import "@goauthentik/elements/buttons/ActionButton"; import "@goauthentik/elements/forms/DeleteBulkForm"; import "@goauthentik/elements/forms/ModalForm"; import { showAPIErrorMessage, showMessage } from "@goauthentik/elements/messages/MessageContainer"; import { getURLParam, updateURLParams } from "@goauthentik/elements/router/RouteMatch"; import { PaginatedResponse } from "@goauthentik/elements/table/Table"; import { TableColumn } from "@goauthentik/elements/table/Table"; import { TablePage } from "@goauthentik/elements/table/TablePage"; import { writeToClipboard } from "@goauthentik/elements/utils/writeToClipboard"; import "@patternfly/elements/pf-tooltip/pf-tooltip.js"; import { msg, str } from "@lit/localize"; import { CSSResult, TemplateResult, css, html } from "lit"; import { customElement, property, state } from "lit/decorators.js"; import PFAlert from "@patternfly/patternfly/components/Alert/alert.css"; import PFCard from "@patternfly/patternfly/components/Card/card.css"; import PFDescriptionList from "@patternfly/patternfly/components/DescriptionList/description-list.css"; import { CoreApi, SessionUser, User, UserPath } from "@goauthentik/api"; export const requestRecoveryLink = (user: User) => new CoreApi(DEFAULT_CONFIG) .coreUsersRecoveryCreate({ id: user.pk, }) .then((rec) => writeToClipboard(rec.link).then((wroteToClipboard) => showMessage({ level: MessageLevel.success, message: rec.link, description: wroteToClipboard ? msg("A copy of this recovery link has been placed in your clipboard") : "", }), ), ) .catch((error: unknown) => parseAPIResponseError(error).then(showAPIErrorMessage)); export const renderRecoveryEmailRequest = (user: User) => html` ${msg("Send link")} ${msg("Send recovery link to user")}

`; const recoveryButtonStyles = css` #recovery-request-buttons { display: flex; flex-direction: row; flex-wrap: wrap; gap: 0.375rem; } #recovery-request-buttons > *, #update-password-request .pf-c-button { margin: 0; } `; @customElement("ak-user-list") export class UserListPage extends WithBrandConfig(WithCapabilitiesConfig(TablePage)) { expandable = true; checkbox = true; clearOnRefresh = true; searchEnabled(): boolean { return true; } pageTitle(): string { return msg("Users"); } pageDescription(): string { return ""; } pageIcon(): string { return "pf-icon pf-icon-user"; } @property() order = "last_login"; @property() activePath; @state() hideDeactivated = getURLParam("hideDeactivated", false); @state() userPaths?: UserPath; @state() me?: SessionUser; static get styles(): CSSResult[] { return [...TablePage.styles, PFDescriptionList, PFCard, PFAlert, recoveryButtonStyles]; } constructor() { super(); const defaultPath = new DefaultUIConfig().defaults.userPath; this.activePath = getURLParam("path", defaultPath); uiConfig().then((c) => { if (c.defaults.userPath !== defaultPath) { this.activePath = c.defaults.userPath; } }); } async apiEndpoint(): Promise> { const users = await new CoreApi(DEFAULT_CONFIG).coreUsersList({ ...(await this.defaultEndpointConfig()), pathStartswith: getURLParam("path", ""), isActive: this.hideDeactivated ? true : undefined, includeGroups: false, }); this.userPaths = await new CoreApi(DEFAULT_CONFIG).coreUsersPathsRetrieve({ search: this.search, }); this.me = await me(); return users; } columns(): TableColumn[] { return [ new TableColumn(msg("Name"), "username"), new TableColumn(msg("Active"), "is_active"), new TableColumn(msg("Last login"), "last_login"), new TableColumn(msg("Type"), "type"), new TableColumn(msg("Actions")), ]; } renderToolbarSelected(): TemplateResult { const disabled = this.selectedElements.length < 1; const currentUser = rootInterface()?.user; const shouldShowWarning = this.selectedElements.find((el) => { return el.pk === currentUser?.user.pk || el.pk === currentUser?.original?.pk; }); return html` { return [ { key: msg("Username"), value: item.username }, { key: msg("ID"), value: item.pk.toString() }, { key: msg("UID"), value: item.uid }, ]; }} .usedBy=${(item: User) => { return new CoreApi(DEFAULT_CONFIG).coreUsersUsedByList({ id: item.pk, }); }} .delete=${(item: User) => { return new CoreApi(DEFAULT_CONFIG).coreUsersDestroy({ id: item.pk, }); }} > ${shouldShowWarning ? html`

${msg( str`Warning: You're about to delete the user you're logged in as (${shouldShowWarning.username}). Proceed at your own risk.`, )}

` : html``} `; } renderToolbarAfter(): TemplateResult { return html` `; } row(item: User): TemplateResult[] { const canImpersonate = this.can(CapabilitiesEnum.CanImpersonate) && item.pk !== this.me?.user.pk; return [ html`

${item.username}

${item.name ? item.name : html`<${msg("No name set")}>`} `, html``, html`${item.lastLogin ? html`

${formatElapsedTime(item.lastLogin)}

${item.lastLogin.toLocaleString()}` : msg("-")}`, html`${userTypeToLabel(item.type)}`, html` ${msg("Update")} ${msg("Update User")}

${canImpersonate ? html` ${msg("Impersonate")} ${msg("Impersonate")} ${item.username}

` : html``}`, ]; } renderExpanded(item: User): TemplateResult { return html`

${msg("User status")}: ${item.isActive ? msg("Active") : msg("Inactive")}

${item.isSuperuser ? msg("Superuser") : msg("Regular user")}
${msg("Change status")}: { return new CoreApi( DEFAULT_CONFIG, ).coreUsersPartialUpdate({ id: item.pk, patchedUserRequest: { isActive: !item.isActive, }, }); }} >
${msg("Recovery")}: ${msg("Update password")} ${msg("Update password")} ${this.brand.flowRecovery ? html` requestRecoveryLink(item)} > ${msg("Create recovery link")} ${item.email ? renderRecoveryEmailRequest(item) : html`${msg( "Recovery link cannot be emailed, user has no email address saved.", )}`} ` : html`
${msg( "To let a user directly reset their password, configure a recovery flow on the currently active brand.", )}
`}

`; } renderObjectCreate(): TemplateResult { return html` ${msg("Create")} ${msg("Create User")}

${msg("Create")} ${msg("Create Service account")}

`; } renderSidebarBefore(): TemplateResult { return html`

${msg("User folders")}

) => { this.activePath = ev.detail.path; }} >

`; } } declare global { interface HTMLElementTagNameMap { "ak-user-list": UserListPage; } }