From 657b0089b162490c6124e4d63abc12b27d612a43 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Mon, 29 Mar 2021 21:16:13 +0200
Subject: [PATCH] core: add set_icon operation to applications API to set icon

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/core/api/applications.py | 34 ++++++++++++++++++++++++++++-
 swagger.yaml                       | 35 ++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+), 1 deletion(-)

diff --git a/authentik/core/api/applications.py b/authentik/core/api/applications.py
index c9fbc8430..fd2e1f0c5 100644
--- a/authentik/core/api/applications.py
+++ b/authentik/core/api/applications.py
@@ -1,9 +1,12 @@
 """Application API Views"""
 from django.core.cache import cache
 from django.db.models import QuerySet
-from drf_yasg.utils import swagger_auto_schema
+from django.http.response import HttpResponseBadRequest
+from drf_yasg import openapi
+from drf_yasg.utils import no_body, swagger_auto_schema
 from rest_framework.decorators import action
 from rest_framework.fields import SerializerMethodField
+from rest_framework.parsers import MultiPartParser
 from rest_framework.request import Request
 from rest_framework.response import Response
 from rest_framework.serializers import ModelSerializer
@@ -107,6 +110,35 @@ class ApplicationViewSet(ModelViewSet):
         serializer = self.get_serializer(allowed_applications, many=True)
         return self.get_paginated_response(serializer.data)
 
+    @permission_required("authentik_core.change_application")
+    @swagger_auto_schema(
+        request_body=no_body,
+        manual_parameters=[
+            openapi.Parameter(
+                name="file",
+                in_=openapi.IN_FORM,
+                type=openapi.TYPE_FILE,
+                required=True,
+            )
+        ],
+    )
+    @action(detail=True, methods=["POST"], parser_classes=(MultiPartParser,))
+    # pylint: disable=unused-argument
+    def set_icon(self, request: Request, slug: str):
+        """Set application icon"""
+        app: Application = self.get_object()
+        icon = request.FILES.get("file", None)
+        if not icon:
+            return HttpResponseBadRequest()
+        app.meta_icon = icon
+        app.save()
+        return Response(
+            get_events_per_1h(
+                action=EventAction.AUTHORIZE_APPLICATION,
+                context__authorized_application__pk=app.pk.hex,
+            )
+        )
+
     @permission_required(
         "authentik_core.view_application", ["authentik_events.view_event"]
     )
diff --git a/swagger.yaml b/swagger.yaml
index 2ed98d16c..9d6640710 100755
--- a/swagger.yaml
+++ b/swagger.yaml
@@ -1330,6 +1330,41 @@ paths:
         type: string
         format: slug
         pattern: ^[-a-zA-Z0-9_]+$
+  /core/applications/{slug}/set_icon/:
+    post:
+      operationId: core_applications_set_icon
+      description: Set application icon
+      parameters:
+        - name: file
+          in: formData
+          required: true
+          type: file
+      responses:
+        '201':
+          description: ''
+          schema:
+            $ref: '#/definitions/Application'
+        '403':
+          description: Authentication credentials were invalid, absent or insufficient.
+          schema:
+            $ref: '#/definitions/GenericError'
+        '404':
+          description: Object does not exist or caller has insufficient permissions
+            to access it.
+          schema:
+            $ref: '#/definitions/APIException'
+      consumes:
+        - multipart/form-data
+      tags:
+        - core
+    parameters:
+      - name: slug
+        in: path
+        description: Internal application name, used in URLs.
+        required: true
+        type: string
+        format: slug
+        pattern: ^[-a-zA-Z0-9_]+$
   /core/groups/:
     get:
       operationId: core_groups_list