outposts: update outpost permissions on m2m change

closes #1105 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-07-04 19:13:59 +02:00 · 2021-07-04 19:13:59 +02:00 · df92111296
parent da8417a141
commit df92111296
3 changed files with 14 additions and 1 deletions
--- a/authentik/outposts/signals.py
+++ b/authentik/outposts/signals.py
@ -1,7 +1,7 @@
 """authentik outpost signals"""
 from django.core.cache import cache
 from django.db.models import Model
-from django.db.models.signals import post_save, pre_delete, pre_save
+from django.db.models.signals import m2m_changed, post_save, pre_delete, pre_save
 from django.dispatch import receiver
 from structlog.stdlib import get_logger

@ -46,6 +46,14 @@ def pre_save_outpost(sender, instance: Outpost, **_):
        outpost_controller.delay(instance.pk.hex, action="down", from_cache=True)


+@receiver(m2m_changed, sender=Outpost.providers.through)
+# pylint: disable=unused-argument
+def m2m_changed_update(sender, instance: Model, action: str, **_):
+    """Update outpost on m2m change, when providers are added or removed"""
+    if action in ["post_add", "post_remove", "post_clear"]:
+        outpost_post_save.delay(class_to_path(instance.__class__), instance.pk)
+
+
@receiver(post_save)
 # pylint: disable=unused-argument
 def post_save_update(sender, instance: Model, **_):
--- a/tests/e2e/test_provider_ldap.py
+++ b/tests/e2e/test_provider_ldap.py
@ -195,6 +195,8 @@ class TestProviderLDAP(SeleniumTestCase):
                            "goauthentik.io/ldap/user",
                        ],
                        "memberOf": [],
+                        "accountStatus": ["true"],
+                        "superuser": ["false"],
                        "goauthentik.io/ldap/active": ["true"],
                        "goauthentik.io/ldap/superuser": ["false"],
                        "goauthentik.io/user/override-ips": ["true"],
@ -218,6 +220,8 @@ class TestProviderLDAP(SeleniumTestCase):
                        "memberOf": [
                            "cn=authentik Admins,ou=groups,dc=ldap,dc=goauthentik,dc=io"
                        ],
+                        "accountStatus": ["true"],
+                        "superuser": ["true"],
                        "goauthentik.io/ldap/active": ["true"],
                        "goauthentik.io/ldap/superuser": ["true"],
                        "extraAttribute": ["bar"],
--- a/website/docs/releases/v2021.6.md
+++ b/website/docs/releases/v2021.6.md
@ -149,6 +149,7 @@ slug: "2021.6"
 - outposts: fix docker controller not checking env correctly
 - outposts: fix docker controller not checking ports correctly
 - outposts: fix empty message when docker outpost controller has changed nothing
+- outposts: fix permissions not being set correctly upon outpost creation
 - outposts/ldap: add support for boolean fields in ldap
 - outposts/proxy: always redirect to session-end interface on sign_out
 - providers/oauth2: add revoked field, create suspicious event when previous token is used