 ee6edec1d8
			
		
	
	ee6edec1d8
	
	
	
		
			
			* Added initial_value to model * Added initial_value to admin panel * Added initial_value support to flows; updated tests * Updated default blueprints * update docs * Fix test * Fix another test * Fix yet another test * Add placeholder migration * Remove unused import
		
			
				
	
	
		
			150 lines
		
	
	
		
			4.2 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			150 lines
		
	
	
		
			4.2 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| version: 1
 | |
| metadata:
 | |
|   name: Default - User settings flow
 | |
| entries:
 | |
| - attrs:
 | |
|     designation: stage_configuration
 | |
|     name: User settings
 | |
|     title: Update your info
 | |
|     authentication: require_authenticated
 | |
|   identifiers:
 | |
|     slug: default-user-settings-flow
 | |
|   model: authentik_flows.flow
 | |
|   id: flow
 | |
| - attrs:
 | |
|     order: 200
 | |
|     placeholder: Username
 | |
|     placeholder_expression: false
 | |
|     initial_value: |
 | |
|       try:
 | |
|           return user.username
 | |
|       except:
 | |
|           return ''
 | |
|     initial_value_expression: true
 | |
|     required: true
 | |
|     type: text
 | |
|     field_key: username
 | |
|     label: Username
 | |
|   identifiers:
 | |
|     name: default-user-settings-field-username
 | |
|   id: prompt-field-username
 | |
|   model: authentik_stages_prompt.prompt
 | |
| - attrs:
 | |
|     order: 201
 | |
|     placeholder: Name
 | |
|     placeholder_expression: false
 | |
|     initial_value: |
 | |
|       try:
 | |
|           return user.name
 | |
|       except:
 | |
|           return ''
 | |
|     initial_value_expression: true
 | |
|     required: true
 | |
|     type: text
 | |
|     field_key: name
 | |
|     label: Name
 | |
|   identifiers:
 | |
|     name: default-user-settings-field-name
 | |
|   id: prompt-field-name
 | |
|   model: authentik_stages_prompt.prompt
 | |
| - attrs:
 | |
|     order: 202
 | |
|     placeholder: Email
 | |
|     placeholder_expression: false
 | |
|     initial_value: |
 | |
|       try:
 | |
|           return user.email
 | |
|       except:
 | |
|           return ''
 | |
|     initial_value_expression: true
 | |
|     required: true
 | |
|     type: email
 | |
|     field_key: email
 | |
|     label: Email
 | |
|   identifiers:
 | |
|     name: default-user-settings-field-email
 | |
|   id: prompt-field-email
 | |
|   model: authentik_stages_prompt.prompt
 | |
| - attrs:
 | |
|     order: 203
 | |
|     placeholder: Locale
 | |
|     placeholder_expression: false
 | |
|     initial_value: |
 | |
|       try:
 | |
|           return user.attributes.get("settings", {}).get("locale", "")
 | |
|       except:
 | |
|           return ''
 | |
|     initial_value_expression: true
 | |
|     required: true
 | |
|     type: ak-locale
 | |
|     field_key: attributes.settings.locale
 | |
|     label: Locale
 | |
|   identifiers:
 | |
|     name: default-user-settings-field-locale
 | |
|   id: prompt-field-locale
 | |
|   model: authentik_stages_prompt.prompt
 | |
| - attrs:
 | |
|     expression:  |
 | |
|       from authentik.lib.config import CONFIG
 | |
|       from authentik.core.models import (
 | |
|           USER_ATTRIBUTE_CHANGE_EMAIL,
 | |
|           USER_ATTRIBUTE_CHANGE_NAME,
 | |
|           USER_ATTRIBUTE_CHANGE_USERNAME
 | |
|       )
 | |
|       prompt_data = request.context.get("prompt_data")
 | |
| 
 | |
|       if not request.user.group_attributes(request.http_request).get(
 | |
|           USER_ATTRIBUTE_CHANGE_EMAIL, CONFIG.y_bool("default_user_change_email", True)
 | |
|       ):
 | |
|           if prompt_data.get("email") != request.user.email:
 | |
|               ak_message("Not allowed to change email address.")
 | |
|               return False
 | |
| 
 | |
|       if not request.user.group_attributes(request.http_request).get(
 | |
|           USER_ATTRIBUTE_CHANGE_NAME, CONFIG.y_bool("default_user_change_name", True)
 | |
|       ):
 | |
|           if prompt_data.get("name") != request.user.name:
 | |
|               ak_message("Not allowed to change name.")
 | |
|               return False
 | |
| 
 | |
|       if not request.user.group_attributes(request.http_request).get(
 | |
|           USER_ATTRIBUTE_CHANGE_USERNAME, CONFIG.y_bool("default_user_change_username", True)
 | |
|       ):
 | |
|           if prompt_data.get("username") != request.user.username:
 | |
|               ak_message("Not allowed to change username.")
 | |
|               return False
 | |
| 
 | |
|       return True
 | |
|   identifiers:
 | |
|     name: default-user-settings-authorization
 | |
|   id: default-user-settings-authorization
 | |
|   model: authentik_policies_expression.expressionpolicy
 | |
| - identifiers:
 | |
|     name: default-user-settings-write
 | |
|   attrs:
 | |
|     user_creation_mode: never_create
 | |
|   id: default-user-settings-write
 | |
|   model: authentik_stages_user_write.userwritestage
 | |
| - attrs:
 | |
|     fields:
 | |
|     - !KeyOf prompt-field-username
 | |
|     - !KeyOf prompt-field-name
 | |
|     - !KeyOf prompt-field-email
 | |
|     - !KeyOf prompt-field-locale
 | |
|     validation_policies:
 | |
|     - !KeyOf default-user-settings-authorization
 | |
|   identifiers:
 | |
|     name: default-user-settings
 | |
|   id: default-user-settings
 | |
|   model: authentik_stages_prompt.promptstage
 | |
| - identifiers:
 | |
|     order: 20
 | |
|     stage: !KeyOf default-user-settings
 | |
|     target: !KeyOf flow
 | |
|   model: authentik_flows.flowstagebinding
 | |
| - identifiers:
 | |
|     order: 100
 | |
|     stage: !KeyOf default-user-settings-write
 | |
|     target: !KeyOf flow
 | |
|   model: authentik_flows.flowstagebinding
 |