From bb52765f5141f367c923655a673a4fb02dbcbda2 Mon Sep 17 00:00:00 2001
From: Ken Sternberg
 <133134217+kensternberg-authentik@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:24:59 -0800
Subject: [PATCH] web: refactor sidebar capabilities for categorical
 subsections (#7482)

* web: break circular dependency between AKElement & Interface.

This commit changes the way the root node of the web application shell is
discovered by child components, such that the base class shared by both
no longer results in a circular dependency between the two models.

I've run this in isolation and have seen no failures of discovery; the identity
token exists as soon as the Interface is constructed and is found by every item
on the page.

* web: fix broken typescript references

This built... and then it didn't?  Anyway, the current fix is to
provide type information the AkInterface for the data that consumers
require.

* web: rollback dependabot's upgrade of context

The most frustrating part of this is that I RAN THIS, dammit, with the updated
context and the current Wizard, and it finished the End-to-End tests without
complaint.

* Due for amendment

* Revert "Due for amendment"

This reverts commit 829ad5d3f214fa163958593636b28300d010da42.

* web: refactor sidebar capabilities for categorical subsections

The project "Change Admin UI lists to have sublists per type" requires some initial changes to the
UI to facilitate this request. The AdminSidebar is the principle target of this project, and it is
embedded in the AdminInterface. To facilitate editing the AdminSidebar as an independent entity,
AdminInterface has been moved into its own folder and the AdminSidebar extracted as a standalone Web
Component. This removes, oh, about half the code from AdminInterface. A little cleanup with
`classMap` was also committed.

The rollup config was adjusted to find the new AdminInterface location.

The Sidebar uses the global `config: Config` object to check for Enterprise capabilities. Rather
than plumb all the way down through the Interface => AdminInterface -> AdminSidebar, I chose to make
provide an alternative way of reaching the `config` object, as a *context*. Other configuration
objects (Me, UiConfig, Tenant) interfaces will be contextualized as demand warrants.

Demand will warrant.  Just not yet. <sup>1</sup>

The Sidebar has been refactored only slightly; the renderers are entirely the same as they were
prior to extraction. What has been changed is the source of information: when we retrieve the
current version we story *only* the information, and use type information to ensure that the version
we store is the version we care about. The same is true of `impersonation`; we care only about the
name of the person being impersonated being present, so we don't store anything else.

Fetches have been moved from `firstUpdated` to the constructor.  No reason to have the sidebar
render twice if the network returns before the render is scheduled.

Because the path used to identify the user being impersonated has changed, the `str()` references in
the XLIFF files had to be adjusted. **This change is to a variable only and does not require
translation.**

---
<sup>1</sup> The code is littered with checks to `me()?`, `uiConfig?`, `config?`, etc. In the
*context* of being logged in as an administrator those should never be in doubt. I intend to make
our interfaces not have any doubt.

* Function to help generate sizing solutions across Javascript and CSS.

* web: refactor sidebar capabilities for categorical subsections

Move open/close logic into the ak-admin-sidebar itself.

This commit removes the responsibility for opening/closing the sidebar from the interface parent
code and places it inside the sidebar entirely.  Since the Django invocation passes none of the
properties ak-interface-admin is capable of receiving, this seems like a safe operation.

The sidebar now assumes the responsibility for hooking up the window event listeners for open/close
and resize.

On connection to the DOM, and on resize, the sidebar checks to see if the viewport width meets the
criteria for a behavioral change (slide-overlay vs slide-push), and on slide-push automatically
opens the sidebar on the assumption that there's plenty of room. In order to support more dynamic
styling going forward, I've substituted the 1280px with 80rem, which is the same, but allows for
some better styling if someone with older eyes needs to "zoom in" on the whole thing with a larger
font size.

The hide/show code involves "reaching up" to touch the host's classList.  There's a comment
indicating that this is a slightly fragile thing to do, but in a well-known way.
---
 web/rollup.config.mjs                         |   2 +-
 web/src/admin/AdminInterface.ts               | 296 ------------------
 .../admin/AdminInterface/AdminInterface.ts    | 160 ++++++++++
 web/src/admin/AdminInterface/AdminSidebar.ts  | 214 +++++++++++++
 web/src/admin/AdminInterface/index.ts         |   5 +
 web/src/common/styles/authentik.css           |   3 +
 web/src/elements/AuthentikContexts.ts         |   7 +
 web/src/elements/Base.ts                      |  19 +-
 web/src/elements/sidebar/SidebarItem.ts       | 111 ++++---
 web/src/elements/utils/getRootStyle.ts        |   5 +
 web/xliff/de.xlf                              |   4 +-
 web/xliff/en.xlf                              |   4 +-
 web/xliff/es.xlf                              |   4 +-
 web/xliff/fr.xlf                              |   4 +-
 web/xliff/nl.xlf                              |   4 +-
 web/xliff/pl.xlf                              |   4 +-
 web/xliff/pseudo-LOCALE.xlf                   |   4 +-
 web/xliff/tr.xlf                              |   4 +-
 web/xliff/zh-Hans.xlf                         |   4 +-
 web/xliff/zh-Hant.xlf                         |   4 +-
 web/xliff/zh_CN.xlf                           |   4 +-
 web/xliff/zh_TW.xlf                           |   4 +-
 22 files changed, 511 insertions(+), 359 deletions(-)
 delete mode 100644 web/src/admin/AdminInterface.ts
 create mode 100644 web/src/admin/AdminInterface/AdminInterface.ts
 create mode 100644 web/src/admin/AdminInterface/AdminSidebar.ts
 create mode 100644 web/src/admin/AdminInterface/index.ts
 create mode 100644 web/src/elements/AuthentikContexts.ts
 create mode 100644 web/src/elements/utils/getRootStyle.ts

diff --git a/web/rollup.config.mjs b/web/rollup.config.mjs
index db9caf6ee..49825a29d 100644
--- a/web/rollup.config.mjs
+++ b/web/rollup.config.mjs
@@ -148,7 +148,7 @@ export default [
     },
     // Admin interface
     {
-        input: "./src/admin/AdminInterface.ts",
+        input: "./src/admin/AdminInterface/AdminInterface.ts",
         output: [
             {
                 format: "es",
diff --git a/web/src/admin/AdminInterface.ts b/web/src/admin/AdminInterface.ts
deleted file mode 100644
index e59793706..000000000
--- a/web/src/admin/AdminInterface.ts
+++ /dev/null
@@ -1,296 +0,0 @@
-import { ROUTES } from "@goauthentik/admin/Routes";
-import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
-import {
-    EVENT_API_DRAWER_TOGGLE,
-    EVENT_NOTIFICATION_DRAWER_TOGGLE,
-    EVENT_SIDEBAR_TOGGLE,
-    VERSION,
-} from "@goauthentik/common/constants";
-import { configureSentry } from "@goauthentik/common/sentry";
-import { me } from "@goauthentik/common/users";
-import { WebsocketClient } from "@goauthentik/common/ws";
-import { Interface } from "@goauthentik/elements/Base";
-import "@goauthentik/elements/ak-locale-context";
-import "@goauthentik/elements/enterprise/EnterpriseStatusBanner";
-import "@goauthentik/elements/messages/MessageContainer";
-import "@goauthentik/elements/messages/MessageContainer";
-import "@goauthentik/elements/notifications/APIDrawer";
-import "@goauthentik/elements/notifications/NotificationDrawer";
-import { ID_REGEX, SLUG_REGEX, UUID_REGEX } from "@goauthentik/elements/router/Route";
-import { getURLParam, updateURLParams } from "@goauthentik/elements/router/RouteMatch";
-import "@goauthentik/elements/router/RouterOutlet";
-import "@goauthentik/elements/sidebar/Sidebar";
-import "@goauthentik/elements/sidebar/SidebarItem";
-import { spread } from "@open-wc/lit-helpers";
-
-import { msg, str } from "@lit/localize";
-import { CSSResult, TemplateResult, css, html, nothing } from "lit";
-import { customElement, property, state } from "lit/decorators.js";
-import { map } from "lit/directives/map.js";
-
-import PFButton from "@patternfly/patternfly/components/Button/button.css";
-import PFDrawer from "@patternfly/patternfly/components/Drawer/drawer.css";
-import PFPage from "@patternfly/patternfly/components/Page/page.css";
-import PFBase from "@patternfly/patternfly/patternfly-base.css";
-
-import {
-    AdminApi,
-    CapabilitiesEnum,
-    CoreApi,
-    SessionUser,
-    UiThemeEnum,
-    Version,
-} from "@goauthentik/api";
-
-@customElement("ak-interface-admin")
-export class AdminInterface extends Interface {
-    @property({ type: Boolean })
-    sidebarOpen = true;
-
-    @property({ type: Boolean })
-    notificationDrawerOpen = getURLParam("notificationDrawerOpen", false);
-
-    @property({ type: Boolean })
-    apiDrawerOpen = getURLParam("apiDrawerOpen", false);
-
-    ws: WebsocketClient;
-
-    @state()
-    version?: Version;
-
-    @state()
-    user?: SessionUser;
-
-    static get styles(): CSSResult[] {
-        return [
-            PFBase,
-            PFPage,
-            PFButton,
-            PFDrawer,
-            css`
-                .pf-c-page__main,
-                .pf-c-drawer__content,
-                .pf-c-page__drawer {
-                    z-index: auto !important;
-                    background-color: transparent;
-                }
-                .display-none {
-                    display: none;
-                }
-                .pf-c-page {
-                    background-color: var(--pf-c-page--BackgroundColor) !important;
-                }
-                /* Global page background colour */
-                :host([theme="dark"]) .pf-c-page {
-                    --pf-c-page--BackgroundColor: var(--ak-dark-background);
-                }
-            `,
-        ];
-    }
-
-    constructor() {
-        super();
-        this.ws = new WebsocketClient();
-        this.sidebarOpen = window.innerWidth >= 1280;
-        window.addEventListener("resize", () => {
-            this.sidebarOpen = window.innerWidth >= 1280;
-        });
-        window.addEventListener(EVENT_SIDEBAR_TOGGLE, () => {
-            this.sidebarOpen = !this.sidebarOpen;
-        });
-        window.addEventListener(EVENT_NOTIFICATION_DRAWER_TOGGLE, () => {
-            this.notificationDrawerOpen = !this.notificationDrawerOpen;
-            updateURLParams({
-                notificationDrawerOpen: this.notificationDrawerOpen,
-            });
-        });
-        window.addEventListener(EVENT_API_DRAWER_TOGGLE, () => {
-            this.apiDrawerOpen = !this.apiDrawerOpen;
-            updateURLParams({
-                apiDrawerOpen: this.apiDrawerOpen,
-            });
-        });
-    }
-
-    async firstUpdated(): Promise<void> {
-        configureSentry(true);
-        this.version = await new AdminApi(DEFAULT_CONFIG).adminVersionRetrieve();
-        this.user = await me();
-        const canAccessAdmin =
-            this.user.user.isSuperuser ||
-            // TODO: somehow add `access_admin_interface` to the API schema
-            this.user.user.systemPermissions.includes("access_admin_interface");
-        if (!canAccessAdmin && this.user.user.pk > 0) {
-            window.location.assign("/if/user/");
-        }
-    }
-
-    render(): TemplateResult {
-        return html` <ak-locale-context>
-            <div class="pf-c-page">
-                <ak-sidebar
-                    class="pf-c-page__sidebar ${this.sidebarOpen
-                        ? "pf-m-expanded"
-                        : "pf-m-collapsed"} ${this.activeTheme === UiThemeEnum.Light
-                        ? "pf-m-light"
-                        : ""}"
-                >
-                    ${this.renderSidebarItems()}
-                </ak-sidebar>
-                <div class="pf-c-page__drawer">
-                    <div
-                        class="pf-c-drawer ${this.notificationDrawerOpen || this.apiDrawerOpen
-                            ? "pf-m-expanded"
-                            : "pf-m-collapsed"}"
-                    >
-                        <div class="pf-c-drawer__main">
-                            <div class="pf-c-drawer__content">
-                                <div class="pf-c-drawer__body">
-                                    <main class="pf-c-page__main">
-                                        <ak-router-outlet
-                                            role="main"
-                                            class="pf-c-page__main"
-                                            tabindex="-1"
-                                            id="main-content"
-                                            defaultUrl="/administration/overview"
-                                            .routes=${ROUTES}
-                                        >
-                                        </ak-router-outlet>
-                                    </main>
-                                </div>
-                            </div>
-                            <ak-notification-drawer
-                                class="pf-c-drawer__panel pf-m-width-33 ${this
-                                    .notificationDrawerOpen
-                                    ? ""
-                                    : "display-none"}"
-                                ?hidden=${!this.notificationDrawerOpen}
-                            ></ak-notification-drawer>
-                            <ak-api-drawer
-                                class="pf-c-drawer__panel pf-m-width-33 ${this.apiDrawerOpen
-                                    ? ""
-                                    : "display-none"}"
-                                ?hidden=${!this.apiDrawerOpen}
-                            ></ak-api-drawer>
-                        </div>
-                    </div>
-                </div></div
-        ></ak-locale-context>`;
-    }
-
-    renderSidebarItems(): TemplateResult {
-        // The second attribute type is of string[] to help with the 'activeWhen' control, which was
-        // commonplace and singular enough to merit its own handler.
-        type SidebarEntry = [
-            path: string | null,
-            label: string,
-            attributes?: Record<string, any> | string[] | null, // eslint-disable-line
-            children?: SidebarEntry[],
-        ];
-
-        // prettier-ignore
-        const sidebarContent: SidebarEntry[] = [
-            ["/if/user/", msg("User interface"), { "?isAbsoluteLink": true, "?highlight": true }],
-            [null, msg("Dashboards"), { "?expanded": true }, [
-                ["/administration/overview", msg("Overview")],
-                ["/administration/dashboard/users", msg("User Statistics")],
-                ["/administration/system-tasks", msg("System Tasks")]]],
-            [null, msg("Applications"), null, [
-                ["/core/providers", msg("Providers"), [`^/core/providers/(?<id>${ID_REGEX})$`]],
-                ["/core/applications", msg("Applications"), [`^/core/applications/(?<slug>${SLUG_REGEX})$`]],
-                ["/outpost/outposts", msg("Outposts")]]],
-            [null, msg("Events"), null, [
-                ["/events/log", msg("Logs"), [`^/events/log/(?<id>${UUID_REGEX})$`]],
-                ["/events/rules", msg("Notification Rules")],
-                ["/events/transports", msg("Notification Transports")]]],
-            [null, msg("Customisation"), null, [
-                ["/policy/policies", msg("Policies")],
-                ["/core/property-mappings", msg("Property Mappings")],
-                ["/blueprints/instances", msg("Blueprints")],
-                ["/policy/reputation", msg("Reputation scores")]]],
-            [null, msg("Flows and Stages"), null, [
-                ["/flow/flows", msg("Flows"), [`^/flow/flows/(?<slug>${SLUG_REGEX})$`]],
-                ["/flow/stages", msg("Stages")],
-                ["/flow/stages/prompts", msg("Prompts")]]],
-            [null, msg("Directory"), null, [
-                ["/identity/users", msg("Users"), [`^/identity/users/(?<id>${ID_REGEX})$`]],
-                ["/identity/groups", msg("Groups"), [`^/identity/groups/(?<id>${UUID_REGEX})$`]],
-                ["/identity/roles", msg("Roles"), [`^/identity/roles/(?<id>${UUID_REGEX})$`]],
-                ["/core/sources", msg("Federation and Social login"), [`^/core/sources/(?<slug>${SLUG_REGEX})$`]],
-                ["/core/tokens", msg("Tokens and App passwords")],
-                ["/flow/stages/invitations", msg("Invitations")]]],
-            [null, msg("System"), null, [
-                ["/core/tenants", msg("Tenants")],
-                ["/crypto/certificates", msg("Certificates")],
-                ["/outpost/integrations", msg("Outpost Integrations")]]]
-        ];
-
-        // Typescript requires the type here to correctly type the recursive path
-        type SidebarRenderer = (_: SidebarEntry) => TemplateResult;
-
-        const renderOneSidebarItem: SidebarRenderer = ([path, label, attributes, children]) => {
-            const properties = Array.isArray(attributes)
-                ? { ".activeWhen": attributes }
-                : attributes ?? {};
-            if (path) {
-                properties["path"] = path;
-            }
-            return html`<ak-sidebar-item ${spread(properties)}>
-                ${label ? html`<span slot="label">${label}</span>` : nothing}
-                ${map(children, renderOneSidebarItem)}
-            </ak-sidebar-item>`;
-        };
-
-        // prettier-ignore
-        return html`
-            ${this.renderNewVersionMessage()}
-            ${this.renderImpersonationMessage()}
-            ${map(sidebarContent, renderOneSidebarItem)}
-            ${this.renderEnterpriseMessage()}
-        `;
-    }
-
-    renderNewVersionMessage() {
-        return this.version && this.version.versionCurrent !== VERSION
-            ? html`
-                  <ak-sidebar-item ?highlight=${true}>
-                      <span slot="label"
-                          >${msg("A newer version of the frontend is available.")}</span
-                      >
-                  </ak-sidebar-item>
-              `
-            : nothing;
-    }
-
-    renderImpersonationMessage() {
-        return this.user?.original
-            ? html`<ak-sidebar-item
-                  ?highlight=${true}
-                  @click=${() => {
-                      new CoreApi(DEFAULT_CONFIG).coreUsersImpersonateEndRetrieve().then(() => {
-                          window.location.reload();
-                      });
-                  }}
-              >
-                  <span slot="label"
-                      >${msg(
-                          str`You're currently impersonating ${this.user.user.username}. Click to stop.`,
-                      )}</span
-                  >
-              </ak-sidebar-item>`
-            : nothing;
-    }
-
-    renderEnterpriseMessage() {
-        return this.config?.capabilities.includes(CapabilitiesEnum.IsEnterprise)
-            ? html`
-                  <ak-sidebar-item>
-                      <span slot="label">${msg("Enterprise")}</span>
-                      <ak-sidebar-item path="/enterprise/licenses">
-                          <span slot="label">${msg("Licenses")}</span>
-                      </ak-sidebar-item>
-                  </ak-sidebar-item>
-              `
-            : nothing;
-    }
-}
diff --git a/web/src/admin/AdminInterface/AdminInterface.ts b/web/src/admin/AdminInterface/AdminInterface.ts
new file mode 100644
index 000000000..834c98f37
--- /dev/null
+++ b/web/src/admin/AdminInterface/AdminInterface.ts
@@ -0,0 +1,160 @@
+import { ROUTES } from "@goauthentik/admin/Routes";
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import {
+    EVENT_API_DRAWER_TOGGLE,
+    EVENT_NOTIFICATION_DRAWER_TOGGLE,
+} from "@goauthentik/common/constants";
+import { configureSentry } from "@goauthentik/common/sentry";
+import { me } from "@goauthentik/common/users";
+import { WebsocketClient } from "@goauthentik/common/ws";
+import { Interface } from "@goauthentik/elements/Base";
+import "@goauthentik/elements/ak-locale-context";
+import "@goauthentik/elements/enterprise/EnterpriseStatusBanner";
+import "@goauthentik/elements/messages/MessageContainer";
+import "@goauthentik/elements/messages/MessageContainer";
+import "@goauthentik/elements/notifications/APIDrawer";
+import "@goauthentik/elements/notifications/NotificationDrawer";
+import { getURLParam, updateURLParams } from "@goauthentik/elements/router/RouteMatch";
+import "@goauthentik/elements/router/RouterOutlet";
+import "@goauthentik/elements/sidebar/Sidebar";
+import "@goauthentik/elements/sidebar/SidebarItem";
+
+import { CSSResult, TemplateResult, css, html } from "lit";
+import { customElement, property, state } from "lit/decorators.js";
+import { classMap } from "lit/directives/class-map.js";
+
+import PFButton from "@patternfly/patternfly/components/Button/button.css";
+import PFDrawer from "@patternfly/patternfly/components/Drawer/drawer.css";
+import PFPage from "@patternfly/patternfly/components/Page/page.css";
+import PFBase from "@patternfly/patternfly/patternfly-base.css";
+
+import { AdminApi, SessionUser, UiThemeEnum, Version } from "@goauthentik/api";
+
+import "./AdminSidebar";
+
+@customElement("ak-interface-admin")
+export class AdminInterface extends Interface {
+    @property({ type: Boolean })
+    notificationDrawerOpen = getURLParam("notificationDrawerOpen", false);
+
+    @property({ type: Boolean })
+    apiDrawerOpen = getURLParam("apiDrawerOpen", false);
+
+    ws: WebsocketClient;
+
+    @state()
+    version?: Version;
+
+    @state()
+    user?: SessionUser;
+
+    static get styles(): CSSResult[] {
+        return [
+            PFBase,
+            PFPage,
+            PFButton,
+            PFDrawer,
+            css`
+                .pf-c-page__main,
+                .pf-c-drawer__content,
+                .pf-c-page__drawer {
+                    z-index: auto !important;
+                    background-color: transparent;
+                }
+                .display-none {
+                    display: none;
+                }
+                .pf-c-page {
+                    background-color: var(--pf-c-page--BackgroundColor) !important;
+                }
+                /* Global page background colour */
+                :host([theme="dark"]) .pf-c-page {
+                    --pf-c-page--BackgroundColor: var(--ak-dark-background);
+                }
+            `,
+        ];
+    }
+
+    constructor() {
+        super();
+        this.ws = new WebsocketClient();
+        window.addEventListener(EVENT_NOTIFICATION_DRAWER_TOGGLE, () => {
+            this.notificationDrawerOpen = !this.notificationDrawerOpen;
+            updateURLParams({
+                notificationDrawerOpen: this.notificationDrawerOpen,
+            });
+        });
+        window.addEventListener(EVENT_API_DRAWER_TOGGLE, () => {
+            this.apiDrawerOpen = !this.apiDrawerOpen;
+            updateURLParams({
+                apiDrawerOpen: this.apiDrawerOpen,
+            });
+        });
+    }
+
+    async firstUpdated(): Promise<void> {
+        configureSentry(true);
+        this.version = await new AdminApi(DEFAULT_CONFIG).adminVersionRetrieve();
+        this.user = await me();
+        const canAccessAdmin =
+            this.user.user.isSuperuser ||
+            // TODO: somehow add `access_admin_interface` to the API schema
+            this.user.user.systemPermissions.includes("access_admin_interface");
+        if (!canAccessAdmin && this.user.user.pk > 0) {
+            window.location.assign("/if/user/");
+        }
+    }
+
+    render(): TemplateResult {
+        const sidebarClasses = {
+            "pf-m-light": this.activeTheme === UiThemeEnum.Light,
+        };
+
+        const drawerOpen = this.notificationDrawerOpen || this.apiDrawerOpen;
+        const drawerClasses = {
+            "pf-m-expanded": drawerOpen,
+            "pf-m-collapsed": !drawerOpen,
+        };
+
+        return html` <ak-locale-context>
+            <div class="pf-c-page">
+                <ak-admin-sidebar
+                    class="pf-c-page__sidebar ${classMap(sidebarClasses)}"
+                ></ak-admin-sidebar>
+                <div class="pf-c-page__drawer">
+                    <div class="pf-c-drawer ${classMap(drawerClasses)}">
+                        <div class="pf-c-drawer__main">
+                            <div class="pf-c-drawer__content">
+                                <div class="pf-c-drawer__body">
+                                    <main class="pf-c-page__main">
+                                        <ak-router-outlet
+                                            role="main"
+                                            class="pf-c-page__main"
+                                            tabindex="-1"
+                                            id="main-content"
+                                            defaultUrl="/administration/overview"
+                                            .routes=${ROUTES}
+                                        >
+                                        </ak-router-outlet>
+                                    </main>
+                                </div>
+                            </div>
+                            <ak-notification-drawer
+                                class="pf-c-drawer__panel pf-m-width-33 ${this
+                                    .notificationDrawerOpen
+                                    ? ""
+                                    : "display-none"}"
+                                ?hidden=${!this.notificationDrawerOpen}
+                            ></ak-notification-drawer>
+                            <ak-api-drawer
+                                class="pf-c-drawer__panel pf-m-width-33 ${this.apiDrawerOpen
+                                    ? ""
+                                    : "display-none"}"
+                                ?hidden=${!this.apiDrawerOpen}
+                            ></ak-api-drawer>
+                        </div>
+                    </div>
+                </div></div
+        ></ak-locale-context>`;
+    }
+}
diff --git a/web/src/admin/AdminInterface/AdminSidebar.ts b/web/src/admin/AdminInterface/AdminSidebar.ts
new file mode 100644
index 000000000..2f973ca7e
--- /dev/null
+++ b/web/src/admin/AdminInterface/AdminSidebar.ts
@@ -0,0 +1,214 @@
+import { DEFAULT_CONFIG } from "@goauthentik/common/api/config";
+import { EVENT_SIDEBAR_TOGGLE, VERSION } from "@goauthentik/common/constants";
+import { me } from "@goauthentik/common/users";
+import { authentikConfigContext } from "@goauthentik/elements/AuthentikContexts";
+import { AKElement } from "@goauthentik/elements/Base";
+import { ID_REGEX, SLUG_REGEX, UUID_REGEX } from "@goauthentik/elements/router/Route";
+import { getRootStyle } from "@goauthentik/elements/utils/getRootStyle";
+import { spread } from "@open-wc/lit-helpers";
+
+import { consume } from "@lit-labs/context";
+import { msg, str } from "@lit/localize";
+import { TemplateResult, html, nothing } from "lit";
+import { customElement, property, state } from "lit/decorators.js";
+import { map } from "lit/directives/map.js";
+
+import { AdminApi, CapabilitiesEnum, CoreApi, UiThemeEnum, Version } from "@goauthentik/api";
+import type { Config, SessionUser, UserSelf } from "@goauthentik/api";
+
+@customElement("ak-admin-sidebar")
+export class AkAdminSidebar extends AKElement {
+    @property({ type: Boolean, reflect: true })
+    open = true;
+
+    @state()
+    version: Version["versionCurrent"] | null = null;
+
+    @state()
+    impersonation: UserSelf["username"] | null = null;
+
+    @consume({ context: authentikConfigContext })
+    public config!: Config;
+
+    constructor() {
+        super();
+        new AdminApi(DEFAULT_CONFIG).adminVersionRetrieve().then((version) => {
+            this.version = version.versionCurrent;
+        });
+        me().then((user: SessionUser) => {
+            this.impersonation = user.original ? user.user.username : null;
+        });
+        this.toggleOpen = this.toggleOpen.bind(this);
+        this.checkWidth = this.checkWidth.bind(this);
+    }
+
+    // This has to be a bound method so the event listener can be removed on disconnection as
+    // needed.
+    toggleOpen() {
+        this.open = !this.open;
+    }
+
+    checkWidth() {
+        // This works just fine, but it assumes that the `--ak-sidebar--minimum-auto-width` is in
+        // REMs. If that changes, this code will have to be adjusted as well.
+        const minWidth =
+            parseFloat(getRootStyle("--ak-sidebar--minimum-auto-width")) *
+            parseFloat(getRootStyle("font-size"));
+        this.open = window.innerWidth >= minWidth;
+    }
+
+    connectedCallback() {
+        super.connectedCallback();
+        window.addEventListener(EVENT_SIDEBAR_TOGGLE, this.toggleOpen);
+        window.addEventListener("resize", this.checkWidth);
+        // After connecting to the DOM, we can now perform this check to see if the sidebar should
+        // be open by default.
+        this.checkWidth();
+    }
+
+    // The symmetry (☟, ☝) here is critical in that you want to start adding these handlers after
+    // connection, and removing them before disconnection.
+
+    disconnectedCallback() {
+        window.removeEventListener(EVENT_SIDEBAR_TOGGLE, this.toggleOpen);
+        window.removeEventListener("resize", this.checkWidth);
+        super.disconnectedCallback();
+    }
+
+    render() {
+        return html`
+            <ak-sidebar
+                class="pf-c-page__sidebar ${this.open ? "pf-m-expanded" : "pf-m-collapsed"} ${this
+                    .activeTheme === UiThemeEnum.Light
+                    ? "pf-m-light"
+                    : ""}"
+            >
+                ${this.renderSidebarItems()}
+            </ak-sidebar>
+        `;
+    }
+
+    updated() {
+        // This is permissible as`:host.classList` is not one of the properties Lit uses as a
+        // scheduling trigger. This sort of shenanigans can trigger an loop, in that it will trigger
+        // a browser reflow, which may trigger some other styling the application is monitoring,
+        // triggering a re-render which triggers a browser reflow, ad infinitum. But we've been
+        // living with that since jQuery, and it's both well-known and fortunately rare.
+        this.classList.remove("pf-m-expanded", "pf-m-collapsed");
+        this.classList.add(this.open ? "pf-m-expanded" : "pf-m-collapsed");
+    }
+
+    renderSidebarItems(): TemplateResult {
+        // The second attribute type is of string[] to help with the 'activeWhen' control, which was
+        // commonplace and singular enough to merit its own handler.
+        type SidebarEntry = [
+            path: string | null,
+            label: string,
+            attributes?: Record<string, any> | string[] | null, // eslint-disable-line
+            children?: SidebarEntry[],
+        ];
+
+        // prettier-ignore
+        const sidebarContent: SidebarEntry[] = [
+            ["/if/user/", msg("User interface"), { "?isAbsoluteLink": true, "?highlight": true }],
+            [null, msg("Dashboards"), { "?expanded": true }, [
+                ["/administration/overview", msg("Overview")],
+                ["/administration/dashboard/users", msg("User Statistics")],
+                ["/administration/system-tasks", msg("System Tasks")]]],
+            [null, msg("Applications"), null, [
+                ["/core/applications", msg("Applications"), [`^/core/applications/(?<slug>${SLUG_REGEX})$`]],
+                ["/core/providers", msg("Providers"), [`^/core/providers/(?<id>${ID_REGEX})$`]],
+                ["/outpost/outposts", msg("Outposts")]]],
+            [null, msg("Events"), null, [
+                ["/events/log", msg("Logs"), [`^/events/log/(?<id>${UUID_REGEX})$`]],
+                ["/events/rules", msg("Notification Rules")],
+                ["/events/transports", msg("Notification Transports")]]],
+            [null, msg("Customisation"), null, [
+                ["/policy/policies", msg("Policies")],
+                ["/core/property-mappings", msg("Property Mappings")],
+                ["/blueprints/instances", msg("Blueprints")],
+                ["/policy/reputation", msg("Reputation scores")]]],
+            [null, msg("Flows and Stages"), null, [
+                ["/flow/flows", msg("Flows"), [`^/flow/flows/(?<slug>${SLUG_REGEX})$`]],
+                ["/flow/stages", msg("Stages")],
+                ["/flow/stages/prompts", msg("Prompts")]]],
+            [null, msg("Directory"), null, [
+                ["/identity/users", msg("Users"), [`^/identity/users/(?<id>${ID_REGEX})$`]],
+                ["/identity/groups", msg("Groups"), [`^/identity/groups/(?<id>${UUID_REGEX})$`]],
+                ["/identity/roles", msg("Roles"), [`^/identity/roles/(?<id>${UUID_REGEX})$`]],
+                ["/core/sources", msg("Federation and Social login"), [`^/core/sources/(?<slug>${SLUG_REGEX})$`]],
+                ["/core/tokens", msg("Tokens and App passwords")],
+                ["/flow/stages/invitations", msg("Invitations")]]],
+            [null, msg("System"), null, [
+                ["/core/tenants", msg("Tenants")],
+                ["/crypto/certificates", msg("Certificates")],
+                ["/outpost/integrations", msg("Outpost Integrations")]]]
+        ];
+
+        // Typescript requires the type here to correctly type the recursive path
+        type SidebarRenderer = (_: SidebarEntry) => TemplateResult;
+
+        const renderOneSidebarItem: SidebarRenderer = ([path, label, attributes, children]) => {
+            const properties = Array.isArray(attributes)
+                ? { ".activeWhen": attributes }
+                : attributes ?? {};
+            if (path) {
+                properties["path"] = path;
+            }
+            return html`<ak-sidebar-item ${spread(properties)}>
+                ${label ? html`<span slot="label">${label}</span>` : nothing}
+                ${map(children, renderOneSidebarItem)}
+            </ak-sidebar-item>`;
+        };
+
+        // prettier-ignore
+        return html`
+            ${this.renderNewVersionMessage()}
+            ${this.renderImpersonationMessage()}
+            ${map(sidebarContent, renderOneSidebarItem)}
+            ${this.renderEnterpriseMessage()}
+        `;
+    }
+
+    renderNewVersionMessage() {
+        return this.version && this.version !== VERSION
+            ? html`
+                  <ak-sidebar-item ?highlight=${true}>
+                      <span slot="label"
+                          >${msg("A newer version of the frontend is available.")}</span
+                      >
+                  </ak-sidebar-item>
+              `
+            : nothing;
+    }
+
+    renderImpersonationMessage() {
+        const reload = () =>
+            new CoreApi(DEFAULT_CONFIG).coreUsersImpersonateEndRetrieve().then(() => {
+                window.location.reload();
+            });
+
+        return this.impersonation
+            ? html`<ak-sidebar-item ?highlight=${true} @click=${reload}>
+                  <span slot="label"
+                      >${msg(
+                          str`You're currently impersonating ${this.impersonation}. Click to stop.`,
+                      )}</span
+                  >
+              </ak-sidebar-item>`
+            : nothing;
+    }
+
+    renderEnterpriseMessage() {
+        return this.config?.capabilities.includes(CapabilitiesEnum.IsEnterprise)
+            ? html`
+                  <ak-sidebar-item>
+                      <span slot="label">${msg("Enterprise")}</span>
+                      <ak-sidebar-item path="/enterprise/licenses">
+                          <span slot="label">${msg("Licenses")}</span>
+                      </ak-sidebar-item>
+                  </ak-sidebar-item>
+              `
+            : nothing;
+    }
+}
diff --git a/web/src/admin/AdminInterface/index.ts b/web/src/admin/AdminInterface/index.ts
new file mode 100644
index 000000000..570b87e3b
--- /dev/null
+++ b/web/src/admin/AdminInterface/index.ts
@@ -0,0 +1,5 @@
+import { AdminInterface } from "./AdminInterface";
+import "./AdminInterface";
+
+export { AdminInterface };
+export default AdminInterface;
diff --git a/web/src/common/styles/authentik.css b/web/src/common/styles/authentik.css
index a46ec8eb1..6a0000e4e 100644
--- a/web/src/common/styles/authentik.css
+++ b/web/src/common/styles/authentik.css
@@ -12,6 +12,9 @@
 
     /* PatternFly likes to override global variables for some reason */
     --ak-global--Color--100: var(--pf-global--Color--100);
+
+    /* Minimum width after which the sidebar becomes automatic */
+    --ak-sidebar--minimum-auto-width: 80rem;
 }
 
 ::-webkit-scrollbar {
diff --git a/web/src/elements/AuthentikContexts.ts b/web/src/elements/AuthentikContexts.ts
new file mode 100644
index 000000000..97a89a881
--- /dev/null
+++ b/web/src/elements/AuthentikContexts.ts
@@ -0,0 +1,7 @@
+import { createContext } from "@lit-labs/context";
+
+import { type Config } from "@goauthentik/api";
+
+export const authentikConfigContext = createContext<Config>(Symbol("authentik-config-context"));
+
+export default authentikConfigContext;
diff --git a/web/src/elements/Base.ts b/web/src/elements/Base.ts
index 7b2420454..46c983aad 100644
--- a/web/src/elements/Base.ts
+++ b/web/src/elements/Base.ts
@@ -2,7 +2,9 @@ import { config, tenant } from "@goauthentik/common/api/config";
 import { EVENT_THEME_CHANGE } from "@goauthentik/common/constants";
 import { UIConfig, uiConfig } from "@goauthentik/common/ui/config";
 import { adaptCSS } from "@goauthentik/common/utils";
+import { authentikConfigContext } from "@goauthentik/elements/AuthentikContexts";
 
+import { ContextProvider } from "@lit-labs/context";
 import { localized } from "@lit/localize";
 import { CSSResult, LitElement } from "lit";
 import { state } from "lit/decorators.js";
@@ -181,8 +183,23 @@ export class Interface extends AKElement implements AkInterface {
     @state()
     uiConfig?: UIConfig;
 
+    _configContext = new ContextProvider(this, {
+        context: authentikConfigContext,
+        initialValue: undefined,
+    });
+
+    _config?: Config;
+
     @state()
-    config?: Config;
+    set config(c: Config) {
+        this._config = c;
+        this._configContext.setValue(c);
+        this.requestUpdate();
+    }
+
+    get config(): Config | undefined {
+        return this._config;
+    }
 
     constructor() {
         super();
diff --git a/web/src/elements/sidebar/SidebarItem.ts b/web/src/elements/sidebar/SidebarItem.ts
index 9d5374736..26cdb975e 100644
--- a/web/src/elements/sidebar/SidebarItem.ts
+++ b/web/src/elements/sidebar/SidebarItem.ts
@@ -144,47 +144,84 @@ export class SidebarItem extends AKElement {
         return this.renderInner();
     }
 
-    renderInner(): TemplateResult {
-        if (this.childItems.length > 0) {
-            return html`<li
-                class="pf-c-nav__item ${this.expanded ? "pf-m-expandable pf-m-expanded" : ""}"
+    renderWithChildren() {
+        return html`<li
+            class="pf-c-nav__item ${this.expanded ? "pf-m-expandable pf-m-expanded" : ""}"
+        >
+            <button
+                class="pf-c-nav__link"
+                aria-expanded="true"
+                @click=${() => {
+                    this.expanded = !this.expanded;
+                }}
             >
-                <button
-                    class="pf-c-nav__link"
-                    aria-expanded="true"
-                    @click=${() => {
-                        this.expanded = !this.expanded;
-                    }}
-                >
-                    <slot name="label"></slot>
-                    <span class="pf-c-nav__toggle">
-                        <span class="pf-c-nav__toggle-icon">
-                            <i class="fas fa-angle-right" aria-hidden="true"></i>
-                        </span>
+                <slot name="label"></slot>
+                <span class="pf-c-nav__toggle">
+                    <span class="pf-c-nav__toggle-icon">
+                        <i class="fas fa-angle-right" aria-hidden="true"></i>
                     </span>
-                </button>
-                <section class="pf-c-nav__subnav" ?hidden=${!this.expanded}>
-                    <ul class="pf-c-nav__list">
-                        <slot></slot>
-                    </ul>
-                </section>
-            </li>`;
+                </span>
+            </button>
+            <section class="pf-c-nav__subnav" ?hidden=${!this.expanded}>
+                <ul class="pf-c-nav__list">
+                    <slot></slot>
+                </ul>
+            </section>
+        </li>`;
+    }
+
+    renderWithPathAndChildren() {
+        return html`<li
+            class="pf-c-nav__item ${this.expanded ? "pf-m-expandable pf-m-expanded" : ""}"
+        >
+            <slot name="label"></slot>
+            <button
+                class="pf-c-nav__link"
+                aria-expanded="true"
+                @click=${() => {
+                    this.expanded = !this.expanded;
+                }}
+            >
+                <span class="pf-c-nav__toggle">
+                    <span class="pf-c-nav__toggle-icon">
+                        <i class="fas fa-angle-right" aria-hidden="true"></i>
+                    </span>
+                </span>
+            </button>
+            <section class="pf-c-nav__subnav" ?hidden=${!this.expanded}>
+                <ul class="pf-c-nav__list">
+                    <slot></slot>
+                </ul>
+            </section>
+        </li>`;
+    }
+
+    renderWithPath() {
+        return html`
+            <a
+                href="${this.isAbsoluteLink ? "" : "#"}${this.path}"
+                class="pf-c-nav__link ${this.isActive ? "pf-m-current" : ""}"
+            >
+                <slot name="label"></slot>
+            </a>
+        `;
+    }
+
+    renderWithLabel() {
+        html`
+            <span class="pf-c-nav__link">
+                <slot name="label"></slot>
+            </span>
+        `;
+    }
+
+    renderInner() {
+        if (this.childItems.length > 0) {
+            return this.path ? this.renderWithPathAndChildren() : this.renderWithChildren();
         }
+
         return html`<li class="pf-c-nav__item">
-            ${this.path
-                ? html`
-                      <a
-                          href="${this.isAbsoluteLink ? "" : "#"}${this.path}"
-                          class="pf-c-nav__link ${this.isActive ? "pf-m-current" : ""}"
-                      >
-                          <slot name="label"></slot>
-                      </a>
-                  `
-                : html`
-                      <span class="pf-c-nav__link">
-                          <slot name="label"></slot>
-                      </span>
-                  `}
+            ${this.path ? this.renderWithPath() : this.renderWithLabel()}
         </li>`;
     }
 }
diff --git a/web/src/elements/utils/getRootStyle.ts b/web/src/elements/utils/getRootStyle.ts
new file mode 100644
index 000000000..f91d63e5f
--- /dev/null
+++ b/web/src/elements/utils/getRootStyle.ts
@@ -0,0 +1,5 @@
+export function getRootStyle(selector: string, element: HTMLElement = document.documentElement) {
+    return getComputedStyle(element, null).getPropertyValue(selector);
+}
+
+export default getRootStyle;
diff --git a/web/xliff/de.xlf b/web/xliff/de.xlf
index 38ac63d46..cacf5580c 100644
--- a/web/xliff/de.xlf
+++ b/web/xliff/de.xlf
@@ -4989,9 +4989,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         <target>Eine neuere Version des Frontends ist verfügbar.</target>
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>Sie geben sich gerade als 
-        <x id="0" equiv-text="${this.user.user.username}"/>aus. Klicken Sie zum Stoppen.</target>
+        <x id="0" equiv-text="${this.impersonation}"/>aus. Klicken Sie zum Stoppen.</target>
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
         <source>User interface</source>
diff --git a/web/xliff/en.xlf b/web/xliff/en.xlf
index fd6274b44..11d8ee1a5 100644
--- a/web/xliff/en.xlf
+++ b/web/xliff/en.xlf
@@ -5248,9 +5248,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         <target>A newer version of the frontend is available.</target>
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>You're currently impersonating 
-        <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</target>
+        <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</target>
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
         <source>User interface</source>
diff --git a/web/xliff/es.xlf b/web/xliff/es.xlf
index e6f6fc899..b5708c7ac 100644
--- a/web/xliff/es.xlf
+++ b/web/xliff/es.xlf
@@ -4914,9 +4914,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         <target>Está disponible una versión más reciente de la interfaz.</target>
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>Estás suplantando a 
-        <x id="0" equiv-text="${this.user.user.username}"/>. Haga clic para parar.</target>
+        <x id="0" equiv-text="${this.impersonation}"/>. Haga clic para parar.</target>
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
         <source>User interface</source>
diff --git a/web/xliff/fr.xlf b/web/xliff/fr.xlf
index 4343e0ab3..eb5cbb2f1 100644
--- a/web/xliff/fr.xlf
+++ b/web/xliff/fr.xlf
@@ -6558,9 +6558,9 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
         
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>Vous vous faites actuellement passer pour 
-        <x id="0" equiv-text="${this.user.user.username}"/>. Cliquer pour arrêter.</target>
+        <x id="0" equiv-text="${this.impersonation}"/>. Cliquer pour arrêter.</target>
         
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
diff --git a/web/xliff/nl.xlf b/web/xliff/nl.xlf
index c6ac85543..f2ceeb89c 100644
--- a/web/xliff/nl.xlf
+++ b/web/xliff/nl.xlf
@@ -6797,8 +6797,8 @@ Bindingen naar groepen/gebruikers worden gecontroleerd tegen de gebruiker van de
         
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
-        <target>Je doet momenteel alsof je <x id="0" equiv-text="${this.user.user.username}"/> bent. Klik om te stoppen.</target>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
+        <target>Je doet momenteel alsof je <x id="0" equiv-text="${this.impersonation}"/> bent. Klik om te stoppen.</target>
         
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
diff --git a/web/xliff/pl.xlf b/web/xliff/pl.xlf
index d50ab62c2..0c8118ae8 100644
--- a/web/xliff/pl.xlf
+++ b/web/xliff/pl.xlf
@@ -5104,9 +5104,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         <target>Dostępna jest nowsza wersja frontendu.</target>
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>Obecnie podszywasz się pod 
-        <x id="0" equiv-text="${this.user.user.username}"/>. Kliknij, aby zatrzymać.</target>
+        <x id="0" equiv-text="${this.impersonation}"/>. Kliknij, aby zatrzymać.</target>
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
         <source>User interface</source>
diff --git a/web/xliff/pseudo-LOCALE.xlf b/web/xliff/pseudo-LOCALE.xlf
index bd038e1be..78b560613 100644
--- a/web/xliff/pseudo-LOCALE.xlf
+++ b/web/xliff/pseudo-LOCALE.xlf
@@ -6515,8 +6515,8 @@ Bindings to groups/users are checked against the user of the event.</source>
         
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
-  <target>Ŷōũ'ŕē ćũŕŕēńţĺŷ ĩmƥēŕśōńàţĩńĝ <x id="0" equiv-text="${this.user.user.username}"/>. Ćĺĩćķ ţō śţōƥ.</target>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
+  <target>Ŷōũ'ŕē ćũŕŕēńţĺŷ ĩmƥēŕśōńàţĩńĝ <x id="0" equiv-text="${this.impersonation}"/>. Ćĺĩćķ ţō śţōƥ.</target>
         
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
diff --git a/web/xliff/tr.xlf b/web/xliff/tr.xlf
index dd82e3e39..f2eb13ba5 100644
--- a/web/xliff/tr.xlf
+++ b/web/xliff/tr.xlf
@@ -4907,9 +4907,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         <target>Ön yüzün daha yeni bir sürümü mevcuttur.</target>
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>Şu anda 
-        <x id="0" equiv-text="${this.user.user.username}"/>kimliğine bürünüyorsunuz. Durdurmak için tıklayın.</target>
+        <x id="0" equiv-text="${this.impersonation}"/>kimliğine bürünüyorsunuz. Durdurmak için tıklayın.</target>
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
         <source>User interface</source>
diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf
index aa8d0b510..f314f44a2 100644
--- a/web/xliff/zh-Hans.xlf
+++ b/web/xliff/zh-Hans.xlf
@@ -6560,9 +6560,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>您目前正在模拟 
-        <x id="0" equiv-text="${this.user.user.username}"/>的身份。点击以停止。</target>
+        <x id="0" equiv-text="${this.impersonation}"/>的身份。点击以停止。</target>
         
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
diff --git a/web/xliff/zh-Hant.xlf b/web/xliff/zh-Hant.xlf
index b19eae4ca..e836104f2 100644
--- a/web/xliff/zh-Hant.xlf
+++ b/web/xliff/zh-Hant.xlf
@@ -4951,9 +4951,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         <target>有较新版本的前端可用。</target>
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>你目前正在模拟 
-        <x id="0" equiv-text="${this.user.user.username}"/>。单击停止。</target>
+        <x id="0" equiv-text="${this.impersonation}"/>。单击停止。</target>
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
         <source>User interface</source>
diff --git a/web/xliff/zh_CN.xlf b/web/xliff/zh_CN.xlf
index e11e7e4ad..e661cbaa4 100644
--- a/web/xliff/zh_CN.xlf
+++ b/web/xliff/zh_CN.xlf
@@ -6560,9 +6560,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>您目前正在模拟 
-        <x id="0" equiv-text="${this.user.user.username}"/>的身份。点击以停止。</target>
+        <x id="0" equiv-text="${this.impersonation}"/>的身份。点击以停止。</target>
         
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
diff --git a/web/xliff/zh_TW.xlf b/web/xliff/zh_TW.xlf
index 2367c4581..bc39005a9 100644
--- a/web/xliff/zh_TW.xlf
+++ b/web/xliff/zh_TW.xlf
@@ -4950,9 +4950,9 @@ Bindings to groups/users are checked against the user of the event.</source>
         <target>有较新版本的前端可用。</target>
       </trans-unit>
       <trans-unit id="s96b3cddf33e1c853">
-        <source>You're currently impersonating <x id="0" equiv-text="${this.user.user.username}"/>. Click to stop.</source>
+        <source>You're currently impersonating <x id="0" equiv-text="${this.impersonation}"/>. Click to stop.</source>
         <target>你目前正在模拟 
-        <x id="0" equiv-text="${this.user.user.username}"/>。单击停止。</target>
+        <x id="0" equiv-text="${this.impersonation}"/>。单击停止。</target>
       </trans-unit>
       <trans-unit id="s7031e6928c44cedd">
         <source>User interface</source>