mirror of
https://github.com/goauthentik/authentik.git
synced 2026-06-18 11:29:26 +03:00
cd75fe235deacad5341ae81b0b92fe5c6f94de7c
87 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Alexander Tereshkin
|
2f2488b326 |
enterprise/lifecycle: implement Object Lifecycle Management (#20015)
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Co-authored-by: Jens L. <jens@beryju.org> Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Dominic R <dominic@sdko.org> Co-authored-by: Dewi Roberts <dewi@goauthentik.io> Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> |
||
 Simonyi Gergő
|
68f70a0953 |
core: ask for token duration on recovery link/email by admin (#19875)
* add translations to `ValidationError`s in user api * deduplicate recovery buttons * refactor `recovery_email` * simplify request.brand call * ask for token duration on recovery link/email by admin * use `@validate` decorator for admin recovery * stylize if/else * return uniform error message on no `view_` permission * clarify wording on email success |
||
 Teffen Ellis
|
742472c60c |
web/admin: Register stage elements. Fix linter warnings (#19948)
* Register stage elements. * Clean up warnings. * Fix duplicate form actions. * Normalize attribute casing. * Fix permissions tab nesting. * Fix ARIA warnings, click handlers on menus. * Fix clipboard permissions on Safari. |
||
 Dominic R
|
5834f43a8b |
web: display custom attributes on admin view pages (#19720)
* web: display custom attributes on admin view pages
Overview:
Add a reusable ak-object-attributes-card component that displays custom attributes on User, Group, and Device admin view pages.
This allows admins to see custom attributes directly on the overview tab without needing to open the edit form.
The component:
- Filters out system attributes (goauthentik.io/* prefixed keys)
- Optionally excludes the notes attribute
- Renders values based on type: booleans as status labels, arrays as comma-separated lists, objects as formatted JSON
Testing:
1. Navigate to Admin > Identity > Users > [any user]
2. Verify "Custom Attributes" card appears below Changelog
3. Add custom attributes via Edit form:
```
{
"department": "Engineering",
"employee_id": 12345,
"is_contractor": false,
"is_manager": true,
"skills": ["Python", "TypeScript", "Go"],
"office_location": {
"building": "HQ",
"floor": 3,
"desk": "A-42"
},
"notes": "This should NOT appear in Custom Attributes card",
"goauthentik.io/user/sources": ["should-be-filtered"]
}
```
4. Confirm they appear in the card, system attributes are hidden
5. Repeat for Groups and Devices
Screenshot:
<!-- todo -->
Motivation:
Admins frequently need to view custom attributes on users, groups, and devices. Currently this requires clicking Edit and scrolling to the attributes field.
Closes: https://github.com/goauthentik/authentik/issues/18625
* web: Ken's suggestion
|
||
|
Teffen Ellis
|
7b0b787ed8 |
web: Form Modal Independence: Part 1 (#19395)
* Flesh out proxy form clean up. * Flesh out StrictUnsafe helper, slotted labels. * Clean up usage of proxy form. * Allow forms to render outside of modals. * Fix linter. |
||
 Ken Sternberg
|
08b07979ad |
web/elements: remove pfbase everywhere (#19623)
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit
|
||
 Connor Peshek
|
4ac01724a5 |
rbac: Add show all to roles tab, add role tab to groups (#19097)
* improve sort order and inherit visual * Update web/src/admin/groups/GroupViewPage.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/users/UserViewPage.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * Update web/src/admin/roles/RelatedRoleList.ts Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Signed-off-by: Connor Peshek <connor@connorpeshek.me> * setup include inherited roles and fix returning nothing * update api calls * fix rendering error * do not use set * change from exception handling * go off query param * fix wording * fix linting error for new group api structure --------- Signed-off-by: Connor Peshek <connor@connorpeshek.me> Co-authored-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> |
||
|
Ken Sternberg
|
d6bc5871fa |
web/maintenance: fix missing custom web component imports (#18942)
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit
|
||
|
Teffen Ellis
|
1f21d2e8e6 |
web: 2025.12 UI tidy (#18650)
* Fix box shadow, scrollbars. * Fix contrast. * Fix field alignment. * Fix class ordering. * Fix button colors while in nested table. * Fix background color on light mode. * Fix chip colors, spacing. * Fix overlap of switch during transition. |
||
|
Simonyi Gergő
|
f7e23295ed |
core: add digraph group hierarchy (#17050)
* move imports * core: add digraph group hierarchy * move to permissions from Group or User to Role * set group parents on frontend * do not serialize `GroupParentageNode` directly * core: enforce unique group name on database level Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use group parents in LDAP provider * add user-role relationship control to frontend * move materialized view to be more discoverable * add guardian to mypy exceptions * make `Role` a `ManagedModel` * fixup! make `Role` a `ManagedModel` * simplify `get_objects_for_user` * fix flaky unit test * rename `django-guardian` fork to `ak-guardian` * add tests around users/groups/roles * remove unused guardian config variable * simplify guardian file structure * clean up frontend * initial docs * remove `mode` from `InitialPermissions` This is no longer needed, since users no longer directly have permissions. * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * clean up docs for managing permissions * addendums from docs review * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * tweaks * dewi and tana edits to docs * tweak * truly final tweaks, for now * relabel Role Permissions table * clarify button label * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy * merge migrations * fixup! Merge branch 'main' into core/add-digraph-group-hierarchy --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Tana M Berry <tana@goauthentik.io> |
||
|
Teffen Ellis
|
05c30af790 |
web: Codemirror fixes (#18610)
* web: Dynamic Loading of Codemirror * Clarify error. * Fix labels, links * Fix key maps, tabbing * Remove dupe. * Update web/src/elements/codemirror/editor.ts Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com> Signed-off-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> * Fix inversion of opacity. * Format. * Fix import. * Fix imports. * Fix static styles using getters. - Seems to be a merge conflict from long ago. * Fix typo. * Fix capitalization. --------- Signed-off-by: Teffen Ellis <592134+GirlBossRush@users.noreply.github.com> Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com> |
||
|
Teffen Ellis
|
a8e765257e |
web: Update Deprecated NPM Packages (#18335)
* core: Bump packages. * Bump Live Reload dependencies. * Bump tsconfig. * Bum ESLint config deps. Fix formatting. * Bump Prettier deps. Fix ESlint config. * Bump live reload deps. Fix linter. * Bump website deps. * web: Update dependencies. Fix Playwright issues. * Fix deprecations. * Fix linter warnings. * Fix override, run audit. * Fix import path. * Tidy types. * Format. * Update ignore patterns. * Fix import path. * Update deps. Clean up workspace linting. * Update deps, options. * Hide icons in navbar. * Format. * Remove deprecated option. * Use relative packages. * Add scripts. Tidy. * Bump engines. * Clarify order. * Clarify order. Install base deps. * Format. * Fix stale user during tests. * Fix runtime errors. * Fix redirect during tests, UI change. * web: Fix danger button hover background color. * web: Adjust colors, padding. * web: Fix sidebar colors, padding. * Fix alignment. * Fix background contrast. |
||
|
Teffen Ellis
|
348e9b5625 |
web: Render Markdown in Blueprints descriptions (#17746)
* web: Render Markdown in Blueprints. * web: Add MDX rendering to user notes. |
||
 Jens L.
|
dfef5d64ab |
core: add QL for groups (#17527)
* web/admin: allow ql in member select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add ql for groups Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> |
||
|
Teffen Ellis
|
f1d92bc4d4 |
web: Responsive toolbar flow (#17278)
* web: Allow toolbars to overflow. * web: Fix table toolbar wrapping. * web: Remove extra space. * web: Use consistent padding. |
||
|
Teffen Ellis
|
7e8492aecf | web: Fix nested table column span behavior. (#17177) | ||
|
Teffen Ellis
|
2e8a1d80a3 |
web: Fix numeric values in search select inputs, search input fixes (#16928)
* web: Fix numeric values in search select inputs. * web: Fix ARIA attributes on menu items. * web: Fix issues surrounding nested modal actions, selectors, labels. * web: Prepare group forms for testing, ARIA, etc. * web: Clarify when spinner buttons are busy. * web: Fix dark theme toggle input visibility. * web: Fix issue where tests complete before optional search inputs load. * web: Add user creation tests, group creation. Flesh out fixtures. |
||
|
Teffen Ellis
|
99b3daf46a |
web: Fix table child alignment (#17114)
* web: Reduce cut off. * web: Fix issue where inherited style causes modal issues. |
||
|
Ken Sternberg
|
7666ba1eb7 |
web: revise ak-page-navbar to use standard event handlers (#16898)
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit
|
||
|
Teffen Ellis
|
17da90df6c |
web: Fix docs links, a11y input descriptors (#16671)
* web: Clarify required marker when using screen reader. * web: Mark helper text as input descriptor. * web: Use next domain when in development. * web: Clean up constants. Fix attribute mapping. * web: use previous function name. * web: Fix sort. * web: Use constant. * web: Use prefix. * web: keep using current release for notes. |
||
|
Teffen Ellis
|
75d1771bb8 |
web/a11y: Flow Search (#15876)
* web: Flesh out flow search clean up. * web: Fix issues surrounding escape key in modals. Tidy properties. * web: Tidy properties, types. * web: Clean up types. * web: Clarify labels for screen readers. * web: Fix ARIA group behavior, labeling, input selectors. * web: Flesh out test prereqs. * web: Clean up usage of nullish attributes directive. * web: Add placeholder attribute. * web: touch up comment. * web: Fix role matching, test selectors, etc. * web: Fix typo. * web: Remove redundant clean up. * web: Normalize tab attributes. * web: Use main role wrapper. |
||
|
Teffen Ellis
|
5359318650 |
web/a11y: Tables -- labels, input handlers, selection and expanded state (#16207)
* web: Clean up types. * web: Flesh out a11y clean up. * web: Fix text selection. * Flesh out property. * web: Clean up stateful issues. Add labels. * web: Clean up column rendering. * web: Hide icons from screen reader. * web: Fix nesting of region base elements. * web: Add labels to hidden columns. * web: Add aria label to row actions. * web: Use common timestamp component. * web: Fix column text wrapping. * web: Add labels to all rows. * web: Fix icon alignment. * web: Fix mix of method properties, duplicate role assignments. * web: Fix alignment, labeling. * web: Fix `nothing` typing. |
||
|
Dominic R
|
f4c791a247 |
web: ak-status-label: add neutral status (#16064)
wip |
||
|
Dominic R
|
970ac44ff8 |
web: Do not mark Attributes as a mandatory field (#16004)
* web: Do not mark Attributes as a mandatory field * fix lint * Teffen's suggestion |
||
|
Teffen Ellis
|
370d5ff0c0 |
web: Fix form captcha submission (#15482)
* web: Validate Captcha during form submission. web: Clean up loading state. Remove outdated. Flesh out story. Adjust centering. * web: Fix issue where setting password warns of missing username. * web: Fix issue where private method triggers runtime error. |
||
|
Teffen Ellis
|
4335498ac5 |
web: Import organization (#14696)
* web: Clean up locale. * web: Clean ambiguous imports. * web: Clean up entrypoint imports. * web: Format imports. * web: Normalize extensions. * web: Tidy order. * web: Remove TS aliases. |
||
|
Teffen Ellis
|
3a07d5d829 |
web: Consistent use of static styles (#15510)
* web: Initial style clean up. * web: Clean up type 2 styles. * web: Clean up type 3 styles. * web: Add Prettier formatter. |
||
|
Ken Sternberg
|
a01bb551d0 |
web/standards: fix boolean attribute abuse (#14662)
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit
|
||
|
Teffen Ellis
|
c28b65a3f2 |
Web: Controllers cleanup (#14616)
* web: Fix issues surrounding availability of controllers during init. web: Fix edgecase where flow does not have brand. * web: Fix import path. * web: Clean up mixin/controller paths. * web: Prepare for consistent import styling. - Prep for Storybook fixes. * web: Update MDX types. * web: Fix issues surrounding async imports, MDX typing, relative paths. * web: Format. Clarify. * web: Group module types. |
||
|
Teffen Ellis
|
1c5e906a3e |
web/NPM Workspaces: ESbuild version cleanup (#14541)
* web: Check JS files. Add types. * web: Fix issues surrounding Vite/ESBuild types. * web: Clean up version constants. Tidy types * web: Clean up docs, types. * web: Clean up package paths. * web: (ESLint) no-lonely-if * web: Render slot before navbar. * web: Fix line-height alignment. * web: Truncate long headers. * web: Clean up page header declarations. Add story. Update paths. * web: Ignore out directory. * web: Lint Lit. * web: Use private alias. * web: Fix implicit CJS mode. * web: Update deps. * web: await all imports. |
||
|
Teffen Ellis
|
40f598f3f1 |
web: (ESLint) No else return (#14558)
web: (ESLint) no-else-return. |
||
|
Teffen Ellis
|
f70635c295 |
web: Clean up browser-only module imports that crash WebDriverIO. (#14330)
* web: Clean up browser-only module imports that crash WebDriverIO. * web: Clarify slug format output. |
||
|
Teffen Ellis
|
0e83de2697 | web: Tidy temporal utilities. (#13755) | ||
|
Teffen Ellis
|
220378b3f2 | web: Fix TypeScript compilation issues for mixins, events. (#13766) | ||
|
Teffen Ellis
|
363d655378 |
web: Normalize client-side error handling (#13595)
web: Clean up error handling. Prep for permission checks. - Add clearer reporting for API and network errors. - Tidy error checking. - Partial type safety for events. |
||
|
Ken Sternberg
|
319f2ef8d1 |
web/admin: allow user lists to show active only (#13403)
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit
|
||
|
Ken Sternberg
|
3253de73ec |
web: update gen-client-ts to OpenAPI 7.11.0 (#12756)
* web: Add InvalidationFlow to Radius Provider dialogues
## What
- Bugfix: adds the InvalidationFlow to the Radius Provider dialogues
- Repairs: `{"invalidation_flow":["This field is required."]}` message, which was *not* propagated
to the Notification.
- Nitpick: Pretties `?foo=${true}` expressions: `s/\?([^=]+)=\$\{true\}/\1/`
## Note
Yes, I know I'm going to have to do more magic when we harmonize the forms, and no, I didn't add the
Property Mappings to the wizard, and yes, I know I'm going to have pain with the *new* version of
the wizard. But this is a serious bug; you can't make Radius servers with *either* of the current
dialogues at the moment.
* This (temporary) change is needed to prevent the unit tests from failing.
\# What
\# Why
\# How
\# Designs
\# Test Steps
\# Other Notes
* Revert "This (temporary) change is needed to prevent the unit tests from failing."
This reverts commit
|
||
 Marc 'risson' Schmitt
|
0cffe0c953 |
core: add ability to provide reason for impersonation (#11951)
* core: add ability to provide reason for impersonation Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * tenants api things Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * add missing implem Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * A tooltip needs a DOM object to determine the coordinates where it should render. A solitary string is not enough; a is needed here. * web: user impersonation reason To determine where to render the Tooltip content, the object associated with the Tooltip must be a DOM object with an HTML tag. A naked string is not enough; a `<span>` will do nicely here. Also, fixed a build failure: PFSize was not defined in RelatedUserList. * add and fix tests Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * avoid migration change Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> * small fixes Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> --------- Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Co-authored-by: Ken Sternberg <ken@goauthentik.io> |
||
|
Ken Sternberg
|
3de78ebb09 |
web: dual-select uses, part 2: dual-select harder (#9377)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: replace multi-select with dual-select for all propertyMapping invocations
All of the uses of <select> to show propertyMappings have been replaced with an invocation to a
variant of dual select that allows for dynamic production of the "selected" list. Instead of giving
a "selected" list of elements, a "selector" function is passed that can, given the elements listed
by the provider, generated the "selected" list dynamically.
This feature is required for propertyMappings because many of the propertyMappings have an alternative
"default selected" feature whereby an object with no property mappings is automatically granted some
by the `.managed` field of the property mapping. The `DualSelectPair` type is now tragically
mis-named, as it it's now a 4-tuple, the fourth being whatever object or field is necessary to
figure out what the default value might be. For example, the Oauth2PropertyMappingsSelector looks
like this:
```
export function makeOAuth2PropertyMappingsSelector(instanceMappings: string[] | undefined) {
const localMappings = instanceMappings ? new Set(instanceMappings) : undefined;
return localMappings
? ([pk, _]: DualSelectPair) => localMappings.has(pk)
: ([_0, _1, _2, scope]: DualSelectPair<ScopeMapping>) =>
scope?.managed?.startsWith("goauthentik.io/providers/oauth2/scope-") &&
scope?.managed !== "goauthentik.io/providers/oauth2/scope-offline_access";
}
```
If there are instanceMappings, we create a Set of them and just look up the pk for "is this
selected" as we generate the component.
If there is not, we look at the `scope` object itself (Oauth2PropertyMappings were called "scopes"
in the original source) and perform a token analysis.
It works well, is reasonably fast, and reasonably memory-friendly.
In the case of RAC, OAuth2, and ProxyProviders, I've also provided external definitions of the
MappingProvider and MappingSelector, so that they can be shared between the Provider and the
ApplicationWizard.
The algorithm for finding the "alternative (default) selections" was *different* between the two
instances of both Oauth and Proxy. I'm not marking this as "ready" until Jens (@BeryJu) and I can go
over why that might have been so, and decide if using a common implementation for both is the
correct thing to do.
Also, a lot of this is (still) cut-and-paste; the dual-select invocation, and the definitions of
Providers and Selectors have a bit of boilerplate that it just didn't make sense to try and abstract
away; the code is DAMP (Descriptive and Meaningful Phrases), and I can live with it. Unfortunately,
that also points to the possibility of something being off; the wrong default token, or the wrong
phrase to describe the "Available" and "Selected" columns. So this is not (yet) ready for a full
pull review.
On the other hand, if this passes muster and we're happy with it, there are 11 more places to put
DualSelect, four of which are pure cut-and-paste lookups of the PaginatedOauthSourceList, plus a
miscellany of Prompts, Sources, Stages, Roles, EventTransports and Policies.
Despite the churn, the difference between the two implementations is 438 lines removed, 231 lines
added, 121 lines new. 86 LOC deleted. Could be better. :-)
* web: make the ...Selector semantics uniform across the definition set.
* web: fix proxy property mapping default criteria
* web: restoring dropped message to user.
* Completed one. Stashing momentarily.
* Ensuring the neccessary components are imported.
* I hate trying to coax MacOS into accepting case changes.
* Still trying to rename that thing.
* OAuth2 Sources multiple implementation completed.
* web: replace remaining multi-selects with dual-selects
This commit replaces the remaining multi-selects with their dual-select equivalents.
* web: fix problem with 'selector' overselecting
The 'selector' feature was overselecting, preventing items from
being removed from the "selected" list if they were part of the
host object. This has the shortcoming that `default` items *must*
be in the first page of options from the server, or they probably
won't be registered. Fortunately, that's currently the case.
* fix a
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix b
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* migrate new providers
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* remove old incorrect help message
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix incorrect copy paste
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* fix status label for gorups
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
|
||
|
Ken Sternberg
|
ee58cf0c1c |
web: add HTMLTagNameElementMaps to everything to activate lit analyzer (#10217)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: add more linting
* A reliable test for the extra code needed in analyzer, passing shellcheck
* web: re-enable custom-element-manifest and enable component checking in Typescript
This commit includes a monkeypatch to allow custom-element-manifest (CEM) to work correctly again
despite our rich collection of mixins, reactive controllers, symbol-oriented event handlers, and the
like. With that monkeypatch in place, we can now create the CEM manifest file and then exploit it so
that IDEs and the Typescript compilation pass can tell when a component is being used incorrectly;
when the wrong types are being passed to it, or when a required attribute is not initialized.
* Added building the manifest to the build process, rather than storing it. It is not appreciably slow.
* web: the most boring PR in the universe: Add HTMLTagNameElementMap to everyhing
This commit adds HTMLTagNameElementMap entries to every web component in the front end. Activating
and associating the HTMLTagNamElementMap with its class has enabled
[LitAnalyzer](https://github.com/runem/lit-analyzer/tree/master/packages/lit-analyzer) to reveal a
*lot* of basic problems within the UI, the most popular of which is "missing import." We usually get
away with it because the object being imported was already registered with the browser elsewhere,
but it still surprises me that we haven't gotten any complaints over things like:
```
./src/flow/stages/base.ts
Missing import for <ak-form-static>
96: <ak-form-static
no-missing-import
```
Given how early and fundamental that seems to be in our code, I'd have expected to hear _something_
about it.
I have not enabled most of the possible checks because, well, there are just a ton of warnings when
I do. I'd like to get in and fix those.
Aside from this, I have also _removed_ `customElement` declarations from anything declared as an
`abstract class`. It makes no sense to try and instantiate something that cannot, by definition, be
instantiated. If the class is capable of running on its own, it's not abstract, it just needs to be
overridden in child classes. Before removing the declaration I did check to make sure no other
piece of code was even *trying* to instantiate it, and so far I have detected no failures. Those
elements were:
- elements/forms/Form.ts
- element-/wizard/WizardFormPage.ts
The one that blows my mind, though, is this:
```
src/elements/forms/ProxyForm.ts
6-@customElement("ak-proxy-form")
7:export abstract class ProxyForm extends Form<unknown> {
```
Which, despite being `abstract`, is somehow instantiable?
```
src/admin/outposts/ServiceConnectionListPage.ts: <ak-proxy-form
src/admin/providers/ProviderListPage.ts: <ak-proxy-form
src/admin/sources/SourceWizard.ts: <ak-proxy-form
src/admin/sources/SourceListPage.ts: <ak-proxy-form
src/admin/providers/ProviderWizard.ts: <ak-proxy-form type=${type.component}></ak-proxy-form>
src/admin/stages/StageListPage.ts: <ak-proxy-form
```
I've made a note to investigate.
I've started a new folder where all of my one-off tools for *how* a certain PR was run. It has a
README describing what it's for, and the first tool, `add-htmlelementtagnamemaps-to-everything`, is
its first entry. That tool is also documented internally.
``` Gilbert & Sullivan
I've got a little list,
I've got a little list,
Of all the code that would never be missed,
The duplicate code of cute-and-paste,
The weak abstractions that lead to waste,
The embedded templates-- you get the gist,
There ain't none of 'em that will ever be missed,
And that's why I've got them on my list!
```
|
||
|
Ken Sternberg
|
c846c8089a |
web: lintpicking (#10212)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: remove some minor lint
While working on other projects, a few small lint issues came up:
- Duplicate imports of a web component
- A switch statement with a single condition
- Empty returns
All of these made eslint complain, so I have edited the code to meet our standards. They are all
quite small.
* web: move rbac under .../admin (#10213)
* admin: system api: fix FIPS status schema (cherry-pick #10110) (#10112)
admin: system api: fix FIPS status schema (#10110)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* web: bump API Client version (cherry-pick #10113) (#10114)
* website/docs: update 2024.6 release notes with latest changes (cherry-pick #10109) (#10115)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* release: 2024.6.0-rc1
* policies/reputation: fix existing reputation update (cherry-pick #10124) (#10125)
policies/reputation: fix existing reputation update (#10124)
* add failing test case
* fix reputation update
* lint
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* core: include version in built JS files (cherry-pick #9558) (#10148)
core: include version in built JS files (#9558)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* core: include version in built JS files
* add fallback
* include build hash
* format
* fix stuff
why does this even work locally
* idk man node
* just not use import assertions
* web: add no-console, use proper dirname path
* web: retarget to use the base package.json file.
* web: encode path to root package.json using git
This is the most authoritative way of finding the root of the git project.
* use full version to match frontend
* add fallback for missing .git folder
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
Co-authored-by: Ken Sternberg <ken@goauthentik.io>
* web: fix needed because recent upgrade to task breaks spinner button (cherry-pick #10142) (#10150)
web: fix needed because recent upgrade to task breaks spinner button (#10142)
web: fix broken Task plug-in
rebase and fix package json
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Ken Sternberg <133134217+kensternberg-authentik@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* root: use custom model serializer that saves m2m without bulk (cherry-pick #10139) (#10151)
root: use custom model serializer that saves m2m without bulk (#10139)
* use custom model serializer that saves m2m without bulk
* sigh
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
* web: fix docker build for non-release versions (cherry-pick #10154) (#10155)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
fix docker build for non-release versions (#10154)
* website/docs: update 2024.6 release notes with latest changes (cherry-pick #10167) (#10168)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* core: fix error when raising SkipObject in mapping (cherry-pick #10153) (#10173)
core: fix error when raising SkipObject in mapping (#10153)
* core: fix error when raising SkipObject in mapping
* fix events not being saved
thanks tests
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
* website/docs: 2024.6 release notes: add note about group names (cherry-pick #10170) (#10171)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
* website/docs: update 2024.6 release notes with latest changes (cherry-pick #10174) (#10175)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* release: 2024.6.0-rc2 (#10176)
* website/docs: Remove hyphen in read replica in Release Notes (cherry-pick #10178) (#10188)
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
* core: rework base for SkipObject exception to better support control flow exceptions (cherry-pick #10186) (#10187)
core: rework base for SkipObject exception to better support control flow exceptions (#10186)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
* web/flows: update flow background (cherry-pick #10206) (#10207)
web/flows: update flow background (#10206)
* web/flows: update flow background
* Optimised images with calibre/image-actions
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens L <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
* web: move rbac under .../admin
The RBAC code segment, while it is an aspect and not a vertical, is entirely used within the Admin
interface, and references other components within the Admin interface. It is not used by nor
references Flows or Users. It's placement in the `elements` folder breaks the DAG of foundational
versus client code, (`common -> elements -> interfaces`), and I'd like to keep that DAG clean to
facilitate future development.
All this PR does is move `elements/rbac` to `admin/rbac`, and adjusts all of the import statements
accordingly. The entirety of this PR is two commands:
```shell
$ cd web/src
$ git mv elements/rbac admin
$ cd admin
$ perl -pi -e 's{goauthentik/elements/rbac/}{goauthentik/admin/rbac/}' $(rg -l 'goauthentik/elements/rbac')
```
* website/docs: fix #9552 openssl rand base64 line wrap (#10211)
* website/integrations: fix typo in documentation for OIDC setup with Paperless-ngx (#10218)
Update index.md
Missing " cost me more time than I'd like to admit. Paying it forward.
Signed-off-by: Russ Harvey <53157589+rwh85@users.noreply.github.com>
* security: fix CVE-2024-38371 (#10229)
* security: fix CVE-2024-38371 (cherry-pick #10229) (#10234)
Co-authored-by: Jens L <jens@goauthentik.io>
fix CVE-2024-38371 (#10229)
* security: fix CVE-2024-37905 (#10230)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* core: bump debugpy from 1.8.1 to 1.8.2 (#10225)
Bumps [debugpy](https://github.com/microsoft/debugpy) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/microsoft/debugpy/releases)
- [Commits](https://github.com/microsoft/debugpy/compare/v1.8.1...v1.8.2)
---
updated-dependencies:
- dependency-name: debugpy
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: bump @sentry/browser from 8.11.0 to 8.12.0 in /web in the sentry group (#10226)
web: bump @sentry/browser in /web in the sentry group
Bumps the sentry group in /web with 1 update: [@sentry/browser](https://github.com/getsentry/sentry-javascript).
Updates `@sentry/browser` from 8.11.0 to 8.12.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/8.11.0...8.12.0)
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: sentry
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump webauthn from 2.1.0 to 2.2.0 (#10224)
Bumps [webauthn](https://github.com/duo-labs/py_webauthn) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/duo-labs/py_webauthn/releases)
- [Changelog](https://github.com/duo-labs/py_webauthn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/duo-labs/py_webauthn/compare/v2.1.0...v2.2.0)
---
updated-dependencies:
- dependency-name: webauthn
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: bump chromedriver from 126.0.3 to 126.0.4 in /tests/wdio (#10223)
Bumps [chromedriver](https://github.com/giggio/node-chromedriver) from 126.0.3 to 126.0.4.
- [Commits](https://github.com/giggio/node-chromedriver/compare/126.0.3...126.0.4)
---
updated-dependencies:
- dependency-name: chromedriver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump pdoc from 14.5.0 to 14.5.1 (#10221)
Bumps [pdoc](https://github.com/mitmproxy/pdoc) from 14.5.0 to 14.5.1.
- [Changelog](https://github.com/mitmproxy/pdoc/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mitmproxy/pdoc/compare/v14.5.0...v14.5.1)
---
updated-dependencies:
- dependency-name: pdoc
dependency-type: direct:development
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* security: fix CVE-2024-37905 (cherry-pick #10230) (#10237)
Co-authored-by: Jens L <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
fix CVE-2024-37905 (#10230)
* release: 2024.6.0
* website/docs: update 2024.6 release notes with latest changes (#10228)
* website/docs: update 2024.2 release notes with security fixes (#10232)
* website/docs: update 2024.4 release notes with latest changes (#10231)
* website/docs: update 2024.6 release notes with latest changes (cherry-pick #10228) (#10243)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* website/docs: remove RC disclaimer from 2024.6 release notes (#10245)
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* website/docs: remove RC disclaimer from 2024.6 release notes (cherry-pick #10245) (#10246)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* security: update supported versions (#10247)
* security: update supported versions (cherry-pick #10247) (#10248)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* website/docs: update geoip and asn example to use the proper syntax (#10249)
* website/docs: update the Welcome page (#10222)
* update to mention Enterprise
* moved sections
* tweaks
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com>
* website/docs: update geoip and asn example to use the proper syntax (cherry-pick #10249) (#10250)
website/docs: update geoip and asn example to use the proper syntax (#10249)
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* web: bump API Client version (#10252)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
* web/flows: remove continue button from AutoSubmit stage (#10253)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web: disable reading dark mode out of the UI by default (#10256)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: disable reading dark mode out of the UI by default
This patch disables "dark mode" as a browser preference. It still honors
the user preference, but it will always default to Light mode and will not
pay attention to the browser setting.
Thank GNU that dark mode availablity is not a requirement to sell to
governments: https://www.section508.gov/content/guide-accessible-web-design-development/#
* Prettier had opinions.
* Prettier having more opinions.
* Preserve knowledge.
* Updated eslint to stop warning us out about deprecated features.
* web: provide better feedback on Application Library page about search results (#9386)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: improve state management of Fuze application search
This commit rewrites a bit (just a bit, really!) of the relationship between
`ak-library-application-impl` and `ak-library-application-search`.
The "show only apps with launch URLs filter" has been moved up to the retrieval layer; there was no
reason for the renderer to repeatedly call a *required* filter; just call it on the list of
applications once and be done.
The search component exchanges the two-state guesswork and custom events for a concrete three-state
solution and *private* events. The search handler now sends the events "reset," "updated," and the
new "updated and empty," which we could not previously track.
By limiting the Impl layer to only those apps with launchUrls, we can now distinguish between "all
apps," and "filtered apps," and understand that when "all apps" is empty we have no apps, and when
"filtered apps" is empty the search has returned nothing.
I also tried to add a lot more comments.
In keeping with ES2020, I've put `.js` extensions on all the local imports.
In keeping with a variety of [best practice
recommendations](https://webcomponents.today/best-practices/), I've renamed web component files to
match the custom element they deploy:
```
ak-library-application-search-empty.ts
19:@customElement("ak-library-application-search-empty")
ak-library-impl.ts
44:@customElement("ak-library-impl")
ak-library.ts
30:@customElement("ak-library")
ak-library-application-list.ts
34:@customElement("ak-library-application-list")
ak-library-application-empty-list.ts
22:@customElement("ak-library-application-empty-list")
ak-library-application-search.ts
46:@customElement("ak-library-application-search")
```
The only effect(s) external to the changes in this vertical is that the Route() had to be updated,
and I have done that.
* web: updated the improved search to Google's Lit standards for events.
* website/docs: update geoip and asn documentation following field changes (#10265)
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
* core, web: update translations (#10259)
Co-authored-by: rissson <18313093+rissson@users.noreply.github.com>
* core: bump goauthentik.io/api/v3 from 3.2024042.13 to 3.2024060.1 (#10260)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#10268)
Translate locale/en/LC_MESSAGES/django.po in ru
100% translated source file: 'locale/en/LC_MESSAGES/django.po'
on 'ru'.
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
* core: bump drf-jsonschema-serializer from 2.0.0 to 3.0.0 (#10262)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* translate: Updates for file web/xliff/en.xlf in zh_CN (#10271)
Translate web/xliff/en.xlf in zh_CN
100% translated source file: 'web/xliff/en.xlf'
on 'zh_CN'.
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
* translate: Updates for file web/xliff/en.xlf in zh-Hans (#10272)
Translate web/xliff/en.xlf in zh-Hans
100% translated source file: 'web/xliff/en.xlf'
on 'zh-Hans'.
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
* web: provide a test framework (#9681)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: provide a test framework
As is typical of a system where a new build engine is involved, this thing is sadly fragile. Use the
wrong import style in wdio.conf.js and it breaks; there are several notes in tsconfig.test.conf and
wdio.conf.ts to tell eslint or tsc not to complain, it's just a different build with different
criteria, the native criteria don't apply.
On the other hand, writing tests is easy and predictable. We can test behaviors at the unit and
component scale in a straightforward manner, and validate our expectations that things work the way
we believe they should.
* Rolling back a reversion.
* Adjusting paths to work with tests.
* add ci to test
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web: patch spotlight on the fly to fix syntax issue that blocked storybook build
This should be a temporary hack. I have an [open
issue](https://github.com/getsentry/spotlight/issues/419) and [pull
request](https://github.com/getsentry/spotlight/pull/420) with the
Spotlight people already to fix the issue.
* Somehow missed these in the merge.
* Merge missed something.
* Fixed an issue where npm install and npm ci had different shell script behaviors.
* Removed debugging messages.
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* web: lint package-lock.json file (#10157)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: replace ad-hoc test for package-lock.json file with a tool
Testing to see if a package-lock entry has a `resolved` field hasn't
been a reliable test of that entry's validity for several years
now. The best options we have now are to ensure that every download
occurs over https, and that every download only happens from fully
vetted sources such as NPM and Github. [Liran Tal's Lockfile-Lint
tool](https://snyk.io/blog/why-npm-lockfiles-can-be-a-security-blindspot-for-injecting-malicious-modules/)
does this for package-lock.json files made with NPM or Yarn.
* web: update CI workflows to use `lockfile-lint` for validity checking
* Still getting familiar with the workflows thing.
* ci: refactor ci-web linting
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* ci fix
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* try again
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* and again
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* rework ci-website
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* events: associate login_failed events to a user if possible (#10270)
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* core: adjust styling to meet our standards (#10277)
* core: adjust styling to meet our standards
* Fix version correspondence bug in website (#10278)
web: update lockfile to correspond to package.json, enabling npm-ci
Looks like someone updated `package.json` to have the latest version
of Typescript, but failed to update `package-lock.json` to get that
version into the cache. `npm ci` won't work if the versions in the
two files don't correspond, as that means, well, exactly that: no
one has checked that the versioning is correct.
The actual diff to `package-lock.json` is small enough it can be
verified by eye, and it's fine.
* web: bump @sentry/browser from 8.12.0 to 8.13.0 in /web in the sentry group (#10286)
web: bump @sentry/browser in /web in the sentry group
Bumps the sentry group in /web with 1 update: [@sentry/browser](https://github.com/getsentry/sentry-javascript).
Updates `@sentry/browser` from 8.12.0 to 8.13.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/8.12.0...8.13.0)
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: sentry
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump ruff from 0.4.10 to 0.5.0 (#10285)
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.4.10 to 0.5.0.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.10...0.5.0)
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump swagger-spec-validator from 3.0.3 to 3.0.4 (#10284)
Bumps [swagger-spec-validator](https://github.com/Yelp/swagger_spec_validator) from 3.0.3 to 3.0.4.
- [Changelog](https://github.com/Yelp/swagger_spec_validator/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/Yelp/swagger_spec_validator/compare/v3.0.3...v3.0.4)
---
updated-dependencies:
- dependency-name: swagger-spec-validator
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump twilio from 9.2.1 to 9.2.2 (#10283)
Bumps [twilio](https://github.com/twilio/twilio-python) from 9.2.1 to 9.2.2.
- [Release notes](https://github.com/twilio/twilio-python/releases)
- [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md)
- [Commits](https://github.com/twilio/twilio-python/compare/9.2.1...9.2.2)
---
updated-dependencies:
- dependency-name: twilio
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump google-api-python-client from 2.134.0 to 2.135.0 (#10281)
Bumps [google-api-python-client](https://github.com/googleapis/google-api-python-client) from 2.134.0 to 2.135.0.
- [Release notes](https://github.com/googleapis/google-api-python-client/releases)
- [Commits](https://github.com/googleapis/google-api-python-client/compare/v2.134.0...v2.135.0)
---
updated-dependencies:
- dependency-name: google-api-python-client
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump sentry-sdk from 2.5.1 to 2.7.1 (#10282)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.5.1 to 2.7.1.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-python/compare/2.5.1...2.7.1)
---
updated-dependencies:
- dependency-name: sentry-sdk
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core, web: update translations (#10279)
Co-authored-by: rissson <18313093+rissson@users.noreply.github.com>
* root: allow extra sentry settings (#10269)
* core: fix URLValidator regex to allow single digit port (#10280)
* root: fix web docker build (#10287)
* tests/e2e: fix ldap tests following #10270 (#10288)
* web/admin: show matching user reputation scores in user details (#10276)
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* web: bump API Client version (#10290)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
* web: restore hasLaunchUrl to client-side criteria for filtering apps (#10291)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: restore `hasLaunchUrl` to the The `filteredApps` criteria
I misunderstood where this information was coming from. Sorry about that.
* Use the most efficient operator here.
* core: applications api: prefetch related policies (#10273)
* stages/user_login: fix ?next parameter not carried through broken session binding (#10301)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* core: bump psycopg from 3.1.19 to 3.2.1 (#10313)
Bumps [psycopg](https://github.com/psycopg/psycopg) from 3.1.19 to 3.2.1.
- [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst)
- [Commits](https://github.com/psycopg/psycopg/compare/3.1.19...3.2.1)
---
updated-dependencies:
- dependency-name: psycopg
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump goauthentik.io/api/v3 from 3.2024060.1 to 3.2024060.2 (#10311)
Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2024060.1 to 3.2024060.2.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2024060.1...v3.2024060.2)
---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* website: bump postcss from 8.4.38 to 8.4.39 in /website (#10310)
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.38 to 8.4.39.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.38...8.4.39)
---
updated-dependencies:
- dependency-name: postcss
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: bump esbuild from 0.21.5 to 0.22.0 in /web (#10309)
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.21.5 to 0.22.0.
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.21.5...v0.22.0)
---
updated-dependencies:
- dependency-name: esbuild
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: bump the esbuild group in /web with 2 updates (#10308)
Bumps the esbuild group in /web with 2 updates: [@esbuild/darwin-arm64](https://github.com/evanw/esbuild) and [@esbuild/linux-arm64](https://github.com/evanw/esbuild).
Updates `@esbuild/darwin-arm64` from 0.21.5 to 0.22.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.21.5...v0.22.0)
Updates `@esbuild/linux-arm64` from 0.21.5 to 0.22.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.21.5...v0.22.0)
---
updated-dependencies:
- dependency-name: "@esbuild/darwin-arm64"
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: esbuild
- dependency-name: "@esbuild/linux-arm64"
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: esbuild
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#10306)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
* core, web: update translations (#10294)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: rissson <18313093+rissson@users.noreply.github.com>
* web: fix package lock out of sync (#10314)
* translate: Updates for file web/xliff/en.xlf in zh_CN (#10315)
Translate web/xliff/en.xlf in zh_CN
100% translated source file: 'web/xliff/en.xlf'
on 'zh_CN'.
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
* web/flows: remove background image link (#10318)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* core: remove transitionary old JS urls (#10317)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web: set noopener and noreferrer on all external links (#10304)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web: bump typescript from 5.5.2 to 5.5.3 in /web (#10332)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.2 to 5.5.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.5.2...v5.5.3)
---
updated-dependencies:
- dependency-name: typescript
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: bump the esbuild group in /web with 2 updates (#10330)
Bumps the esbuild group in /web with 2 updates: [@esbuild/darwin-arm64](https://github.com/evanw/esbuild) and [@esbuild/linux-arm64](https://github.com/evanw/esbuild).
Updates `@esbuild/darwin-arm64` from 0.22.0 to 0.23.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.22.0...v0.23.0)
Updates `@esbuild/linux-arm64` from 0.22.0 to 0.23.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.22.0...v0.23.0)
---
updated-dependencies:
- dependency-name: "@esbuild/darwin-arm64"
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: esbuild
- dependency-name: "@esbuild/linux-arm64"
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: esbuild
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* web: bump typescript from 5.5.2 to 5.5.3 in /tests/wdio (#10327)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.2 to 5.5.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.5.2...v5.5.3)
---
updated-dependencies:
- dependency-name: typescript
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core: bump pydantic from 2.7.4 to 2.8.0 (#10325)
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.7.4 to 2.8.0.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](https://github.com/pydantic/pydantic/compare/v2.7.4...v2.8.0)
---
updated-dependencies:
- dependency-name: pydantic
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* website: bump typescript from 5.5.2 to 5.5.3 in /website (#10326)
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.2 to 5.5.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.5.2...v5.5.3)
---
updated-dependencies:
- dependency-name: typescript
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* core, web: update translations (#10324)
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: rissson <18313093+rissson@users.noreply.github.com>
* web: fixed missed internationalized strings (#10323)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: you have no missed messages
This commit uncovers a few places where a human-readable string was not property cast into the
internationalized form and internationalizes them in order to conform to our policy of keeping the
product viable outside of the English-speaking world.
* Restored SAML spacing manually. Not sure why that was necessary.
* Restored WS spacing manually. Not sure why that was necessary.
* Restored RouteMatch spacing manually. Not sure why that was necessary.
* Restored RAC spacing manually. Not sure why that was necessary.
* web: bump esbuild from 0.22.0 to 0.23.0 in /web (#10331)
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.22.0...v0.23.0)
---
updated-dependencies:
- dependency-name: esbuild
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* translate: Updates for file web/xliff/en.xlf in zh-Hans (#10293)
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
* translate: Updates for file web/xliff/en.xlf in fr (#10334)
Translate web/xliff/en.xlf in fr
100% translated source file: 'web/xliff/en.xlf'
on 'fr'.
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
* provider/scim: Fix exception handling for missing ServiceProviderConfig (#10322)
* web: provide default endpoint api configuration (#10319)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* Intermediate; prepping for remove that may fail.
* web: provide a default table endpoint configuration
This commit finds 19 places where the exact same configuration is
used to describe a table's API endpoint, and replaces that configuration
with a provided default from a parent class.
While examining the logs for our build, I noted that this particular
sequence is duplicated multiple times throughout our code base,
accounting for a bloat of 169 lines or so of the estimated 5552
lines of bloat. By providing a default endpoint configuration and
substituting it (mechanically) wherever the default is required,
we reduce our code duplication issue from 9.26% of the codesabe
to 8.99%.
... which is a start.
* Didn't need the duplication.
* remove page argument while we're at it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually use it everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web: fix inconsistent method signature for LogViewer
Removed the `_page` parameter from LogViewer's apiEndpoint() method.
The `page: number` parameter is no longer a part of this method's signature.
* web: restore reduced page size to Overview:Recent Events card
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Russ Harvey <53157589+rwh85@users.noreply.github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: gcp-cherry-pick-bot[bot] <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Jens L <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jonathan Joewono <30559735+jogerj@users.noreply.github.com>
Co-authored-by: Russ Harvey <53157589+rwh85@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: rissson <18313093+rissson@users.noreply.github.com>
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
Co-authored-by: ztelliot <1141480995@qq.com>
Co-authored-by: Michael Poutre <m1kep.my.mail@gmail.com>
---------
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Russ Harvey <53157589+rwh85@users.noreply.github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: gcp-cherry-pick-bot[bot] <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Jens L <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Jonathan Joewono <30559735+jogerj@users.noreply.github.com>
Co-authored-by: Russ Harvey <53157589+rwh85@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: rissson <18313093+rissson@users.noreply.github.com>
Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
Co-authored-by: ztelliot <1141480995@qq.com>
Co-authored-by: Michael Poutre <m1kep.my.mail@gmail.com>
|
||
|
Ken Sternberg
|
453f7b8641 |
web: provide default endpoint api configuration (#10319)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* Intermediate; prepping for remove that may fail.
* web: provide a default table endpoint configuration
This commit finds 19 places where the exact same configuration is
used to describe a table's API endpoint, and replaces that configuration
with a provided default from a parent class.
While examining the logs for our build, I noted that this particular
sequence is duplicated multiple times throughout our code base,
accounting for a bloat of 169 lines or so of the estimated 5552
lines of bloat. By providing a default endpoint configuration and
substituting it (mechanically) wherever the default is required,
we reduce our code duplication issue from 9.26% of the codesabe
to 8.99%.
... which is a start.
* Didn't need the duplication.
* remove page argument while we're at it
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* actually use it everywhere
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* web: fix inconsistent method signature for LogViewer
Removed the `_page` parameter from LogViewer's apiEndpoint() method.
The `page: number` parameter is no longer a part of this method's signature.
* web: restore reduced page size to Overview:Recent Events card
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
|
||
 authentik-automation[bot]
|
2e91b9d035 |
web: bump API Client version (#9785)
* web: bump API Client version Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * don't include users in group calls Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io> |
||
|
Jens L
|
567ed07fe8 |
web/admin: group form dual select (#9354)
* web/admin: migrate group form to dual-select Signed-off-by: Jens Langhammer <jens@goauthentik.io> * unrelated: fix missing return in sidebar item non-link render Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> |
||
|
Jens L
|
4a9c95b44e |
core: delegated group member management (#9254)
* fix API permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix group member remove notification label Signed-off-by: Jens Langhammer <jens@goauthentik.io> * consistent naming assign vs grant Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only set table search query when searching is enabled Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix hidden object permissions Signed-off-by: Jens Langhammer <jens@goauthentik.io> * replace checkmark/cross with fa icons Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update website Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix tests and fix permission bug Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> |
||
|
Jens L
|
85fedec2f6 |
core: optionally don't return groups' users and users' groups by default (#9179)
* core: don't return groups' users and users' groups by default Signed-off-by: Jens Langhammer <jens@goauthentik.io> * explicitly fetch users and groups in LDAP Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add indicies Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> |
||
|
Ken Sternberg
|
5805ac83f7 |
web: clean up and remove redundant alias '@goauthentik/app' (#8889)
* web: fix esbuild issue with style sheets
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious
pain. This fix better identifies the value types (instances) being passed from various sources in
the repo to the three *different* kinds of style processors we're using (the native one, the
polyfill one, and whatever the heck Storybook does internally).
Falling back to using older CSS instantiating techniques one era at a time seems to do the trick.
It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content
(FLoUC), it's the logic with which we're left.
In standard mode, the following warning appears on the console when running a Flow:
```
Autofocus processing was blocked because a document already has a focused element.
```
In compatibility mode, the following **error** appears on the console when running a Flow:
```
crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'.
at initDomMutationObservers (crawler-inject.js:1106:18)
at crawler-inject.js:1114:24
at Array.forEach (<anonymous>)
at initDomMutationObservers (crawler-inject.js:1114:10)
at crawler-inject.js:1549:1
initDomMutationObservers @ crawler-inject.js:1106
(anonymous) @ crawler-inject.js:1114
initDomMutationObservers @ crawler-inject.js:1114
(anonymous) @ crawler-inject.js:1549
```
Despite this error, nothing seems to be broken and flows work as anticipated.
* web: clean up and remove redundant alias '@goauthentik/app'
The path alias `@goauthentik/app` has been a thorn in our side for a long time, as it conflicts with
or is redundant with all the *other* aliases in `tsconfig.json`, such as `@goauthentik/elements` and
`@goauthentik/locales`.
This commit *replaces* `@goauthentik/app` with `@goauthentik/authentik` for a single use case: the
locale codes file in the project root. That also helps reserve the subproject name `authentik` in
case we ever do go the monorepo root.
Other than that, all the rest have been removed with the following mechanical refactor:
```
perl -pi.bak -e 's{\@goauthentik/app/}{\@goauthentik/}' $(rg -l '@goauthentik/app/' ./src/)
```
* web: separate the sizing enum from a specific component implementation (#8890)
The PFSizes enum is used by more than just the Spinner, but has been left inside the Spinner for all
this time, making refactoring the Spinner for Patternfly 5 a little harder (okay, an annoying amount
harder) than it should be.
This commit moves this UI-specific, widely-use enum into its own folder in `common`, and refactors
everything else to use it. As is often the case, the refactor is mechanical:
```
perl -pi.bak -e 's{import \{ PFSize \} from "\@goauthentik/elements/Spinner";}{import \{ PFSize \}
from "\@goauthentik/common/enums.js";}' \\
$(rg -l 'import.*PFSize')
```
**Note:** This commit is dependent upon the ["clean up and remove redundant alias `@goauthentik/app`" PR](https://github.com/goauthentik/authentik/pull/8889)
|
||
|
Jens L
|
f740ba0ffe |
core: rework recovery API to return better error messages (#8655)
Signed-off-by: Jens Langhammer <jens@goauthentik.io> |
||
|
Ken Sternberg
|
6ede552292 | web: change "delete" verb to "remove" for one-to-many relationships (#8535) | ||
|
Jens L
|
07ed5e1cd9 |
core: show all applications a user can access in admin interface (#8343)
* core: show all applications a user can access in admin interface Signed-off-by: Jens Langhammer <jens@goauthentik.io> * minor adjustments Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add relative time Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use relative time in most places Signed-off-by: Jens Langhammer <jens@goauthentik.io> * improve admin dashboard scaling Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> |