add new "must_created" state to blueprints to prevent overwriting objects

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-08-04 00:03:58 +02:00
parent fb8b132de1
commit e13e7bfb8e
No known key found for this signature in database
7 changed files with 193 additions and 109 deletions

View file

@ -9,6 +9,7 @@ from rest_framework.fields import Field, JSONField, UUIDField
from rest_framework.serializers import Serializer
from structlog.stdlib import get_logger
from authentik.blueprints.v1.common import BlueprintEntryDesiredState
from authentik.blueprints.v1.importer import SERIALIZER_CONTEXT_BLUEPRINT, is_model_allowed
from authentik.blueprints.v1.meta.registry import BaseMetaModel, registry
from authentik.lib.models import SerializerModel
@ -110,7 +111,7 @@ class Command(BaseCommand):
"id": {"type": "string"},
"state": {
"type": "string",
"enum": ["absent", "present", "created"],
"enum": [s.value for s in BlueprintEntryDesiredState],
"default": "present",
},
"conditions": {"type": "array", "items": {"type": "boolean"}},

View file

@ -52,6 +52,7 @@ class BlueprintEntryDesiredState(Enum):
ABSENT = "absent"
PRESENT = "present"
CREATED = "created"
MUST_CREATED = "must_created"
@dataclass

View file

@ -202,6 +202,13 @@ class Importer:
)
serializer_kwargs["instance"] = model_instance
serializer_kwargs["partial"] = True
elif model_instance and entry.state == BlueprintEntryDesiredState.MUST_CREATED:
raise EntryInvalidError(
(
f"state is set to {BlueprintEntryDesiredState.MUST_CREATED}"
" and object exists already"
)
)
else:
self.logger.debug(
"initialised new serializer instance", model=model, **updated_identifiers
@ -269,7 +276,11 @@ class Importer:
continue
state = entry.get_state(self._import)
if state in [BlueprintEntryDesiredState.PRESENT, BlueprintEntryDesiredState.CREATED]:
if state in [
BlueprintEntryDesiredState.PRESENT,
BlueprintEntryDesiredState.CREATED,
BlueprintEntryDesiredState.MUST_CREATED,
]:
instance = serializer.instance
if (
instance

View file

@ -96,7 +96,7 @@ class TransactionalApplicationView(APIView):
blueprint.entries.append(
BlueprintEntry(
model=data.validated_data["provider_model"],
state=BlueprintEntryDesiredState.PRESENT,
state=BlueprintEntryDesiredState.MUST_CREATED,
identifiers={
"name": data.validated_data["provider"]["name"],
},
@ -109,7 +109,7 @@ class TransactionalApplicationView(APIView):
blueprint.entries.append(
BlueprintEntry(
model="authentik_core.application",
state=BlueprintEntryDesiredState.PRESENT,
state=BlueprintEntryDesiredState.MUST_CREATED,
identifiers={
"slug": data.validated_data["app"]["slug"],
},

View file

@ -59,7 +59,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -95,7 +96,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -131,7 +133,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -167,7 +170,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -203,7 +207,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -239,7 +244,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -275,7 +281,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -311,7 +318,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -347,7 +355,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -383,7 +392,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -419,7 +429,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -455,7 +466,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -491,7 +503,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -527,7 +540,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -563,7 +577,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -599,7 +614,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -635,7 +651,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -671,7 +688,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -707,7 +725,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -743,7 +762,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -779,7 +799,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -815,7 +836,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -851,7 +873,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -887,7 +910,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -923,7 +947,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -959,7 +984,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -995,7 +1021,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1031,7 +1058,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1067,7 +1095,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1103,7 +1132,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1139,7 +1169,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1175,7 +1206,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1211,7 +1243,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1247,7 +1280,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1283,7 +1317,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1319,7 +1354,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1355,7 +1391,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1391,7 +1428,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1427,7 +1465,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1463,7 +1502,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1499,7 +1539,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1535,7 +1576,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1571,7 +1613,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1607,7 +1650,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1643,7 +1687,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1679,7 +1724,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1715,7 +1761,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1751,7 +1798,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1787,7 +1835,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1823,7 +1872,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1859,7 +1909,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1895,7 +1946,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1931,7 +1983,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -1967,7 +2020,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2003,7 +2057,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2039,7 +2094,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2075,7 +2131,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2111,7 +2168,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2147,7 +2205,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2183,7 +2242,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2219,7 +2279,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2255,7 +2316,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2291,7 +2353,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2327,7 +2390,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2363,7 +2427,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2399,7 +2464,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2435,7 +2501,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2471,7 +2538,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2507,7 +2575,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2543,7 +2612,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},
@ -2579,7 +2649,8 @@
"enum": [
"absent",
"present",
"created"
"created",
"must_created"
],
"default": "present"
},

View file

@ -3088,39 +3088,6 @@ paths:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/applications/create_transactional/:
put:
operationId: core_applications_create_transactional_update
description: Convert data into a blueprint, validate it and apply it
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TransactionApplicationRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TransactionApplicationResponse'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/authenticated_sessions/:
get:
operationId: core_authenticated_sessions_list
@ -4382,6 +4349,39 @@ paths:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/transactional/applications/:
put:
operationId: core_transactional_applications_update
description: Convert data into a blueprint, validate it and apply it
tags:
- core
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/TransactionApplicationRequest'
required: true
security:
- authentik: []
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/TransactionApplicationResponse'
description: ''
'400':
content:
application/json:
schema:
$ref: '#/components/schemas/ValidationError'
description: ''
'403':
content:
application/json:
schema:
$ref: '#/components/schemas/GenericError'
description: ''
/core/user_consent/:
get:
operationId: core_user_consent_list

View file

@ -8,7 +8,7 @@ The most common types are:
- [**Procedural**](./procedural.md): these are How To docs, the HOW information, with step-by-step instructions for accomplishing a task. This is what most people are looking for when they open the docs... and best practice is to separate the procedural docs from long, lengthy conceptual or reference docs.
- **Conceptual**: these docs provide the WHY information, and explain when to use a feature (or when not to!), and general concepts behind the fature or functioanlity.
- **Conceptual**: these docs provide the WHY information, and explain when to use a feature (or when not to!), and general concepts behind the feature or functioanlity.
- **Reference**: this is typically tables or lists of reference information, such as configuration values, or most commmonly APIs.