5b66dbe890
* add initial Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add web stage for session end Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate saml and tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * group flow settings when providers have multiple flows Signed-off-by: Jens Langhammer <jens@goauthentik.io> * adjust name for default provider invalidation Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-make migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add invalidation_flow to saml importer Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-do migrations again Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update web stuff to get rid of old libraries Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make unbind flow for ldap configurable Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix flow inspector Signed-off-by: Jens Langhammer <jens@goauthentik.io> * handle invalidation_flow as optional, as it should be Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also fix ldap outpost Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't generate URL in client Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually make it work??? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migration breaking things...? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * start fixing tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix fallback Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-migrate Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix duplicate flow setting Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix race condition with brand Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix oauth test Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix SAML tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add to wizard, fix required Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * make required, start release notes Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>
50 lines
1.6 KiB
Python
50 lines
1.6 KiB
Python
# Generated by Django 4.2.6 on 2023-10-28 14:24
|
|
|
|
from django.apps.registry import Apps
|
|
from django.db import migrations, models
|
|
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
|
|
|
|
|
|
def set_oobe_flow_authentication(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
|
from guardian.conf import settings as guardian_settings
|
|
|
|
Flow = apps.get_model("authentik_flows", "Flow")
|
|
User = apps.get_model("authentik_core", "User")
|
|
|
|
db_alias = schema_editor.connection.alias
|
|
|
|
users = (
|
|
User.objects.using(db_alias)
|
|
.exclude(username="akadmin")
|
|
.exclude(username=guardian_settings.ANONYMOUS_USER_NAME)
|
|
)
|
|
if users.exists():
|
|
Flow.objects.using(db_alias).filter(slug="initial-setup").update(
|
|
authentication="require_superuser"
|
|
)
|
|
|
|
|
|
class Migration(migrations.Migration):
|
|
dependencies = [
|
|
("authentik_flows", "0026_alter_flow_options"),
|
|
]
|
|
|
|
operations = [
|
|
migrations.RunPython(set_oobe_flow_authentication),
|
|
migrations.AlterField(
|
|
model_name="flow",
|
|
name="authentication",
|
|
field=models.TextField(
|
|
choices=[
|
|
("none", "None"),
|
|
("require_authenticated", "Require Authenticated"),
|
|
("require_unauthenticated", "Require Unauthenticated"),
|
|
("require_superuser", "Require Superuser"),
|
|
("require_outpost", "Require Outpost"),
|
|
],
|
|
default="none",
|
|
help_text="Required level of authentication and authorization to access a flow.",
|
|
),
|
|
),
|
|
]
|