blueprints: add generic export next to flow exporter (#3439)

authentik/blueprints/management/commands/export_blueprint.py

@@ -0,0 +1,17 @@
+"""Export blueprint of current authentik install"""
+from django.core.management.base import BaseCommand, no_translations
+from structlog.stdlib import get_logger
+
+from authentik.blueprints.v1.exporter import Exporter
+
+LOGGER = get_logger()
+
+
+class Command(BaseCommand):
+    """Export blueprint of current authentik install"""
+
+    @no_translations
+    def handle(self, *args, **options):
+        """Export blueprint of current authentik install"""
+        exporter = Exporter()
+        self.stdout.write(exporter.export_to_string())

authentik/blueprints/tests/test_bundled.py

@@ -1,10 +1,8 @@
 """test packaged blueprints"""
-from glob import glob
 from pathlib import Path
 from typing import Callable
 
 from django.test import TransactionTestCase
-from django.utils.text import slugify
 
 from authentik.blueprints.tests import apply_blueprint
 from authentik.blueprints.v1.importer import Importer
@@ -24,14 +22,13 @@ def blueprint_tester(file_name: str) -> Callable:
     """This is used instead of subTest for better visibility"""
 
     def tester(self: TestBundled):
-        with open(file_name, "r", encoding="utf8") as flow_yaml:
+        with open(file_name, "r", encoding="utf8") as blueprint:
-            importer = Importer(flow_yaml.read())
+            importer = Importer(blueprint.read())
         self.assertTrue(importer.validate()[0])
         self.assertTrue(importer.apply())
 
     return tester
 
 
-for flow_file in glob("blueprints/**/*.yaml", recursive=True):
+for blueprint_file in Path("blueprints/").glob("**/*.yaml"):
-    method_name = slugify(Path(flow_file).stem).replace("-", "_").replace(".", "_")
+    setattr(TestBundled, f"test_blueprint_{blueprint_file}", blueprint_tester(blueprint_file))
-    setattr(TestBundled, f"test_flow_{method_name}", blueprint_tester(flow_file))

authentik/blueprints/tests/test_v1.py

@@ -1,7 +1,7 @@
 """Test blueprints v1"""
 from django.test import TransactionTestCase
 
-from authentik.blueprints.v1.exporter import Exporter
+from authentik.blueprints.v1.exporter import FlowExporter
 from authentik.blueprints.v1.importer import Importer, transaction_rollback
 from authentik.flows.models import Flow, FlowDesignation, FlowStageBinding
 from authentik.lib.generators import generate_id
@@ -70,7 +70,7 @@ class TestBlueprintsV1(TransactionTestCase):
                 order=0,
             )
 
-            exporter = Exporter(flow)
+            exporter = FlowExporter(flow)
             export = exporter.export()
             self.assertEqual(len(export.entries), 3)
             export_yaml = exporter.export_to_string()
@@ -126,7 +126,7 @@ class TestBlueprintsV1(TransactionTestCase):
             fsb = FlowStageBinding.objects.create(target=flow, stage=user_login, order=0)
             PolicyBinding.objects.create(policy=flow_policy, target=fsb, order=0)
 
-            exporter = Exporter(flow)
+            exporter = FlowExporter(flow)
             export_yaml = exporter.export_to_string()
 
         importer = Importer(export_yaml)
@@ -169,7 +169,7 @@ class TestBlueprintsV1(TransactionTestCase):
 
             FlowStageBinding.objects.create(target=flow, stage=first_stage, order=0)
 
-            exporter = Exporter(flow)
+            exporter = FlowExporter(flow)
             export_yaml = exporter.export_to_string()
 
         importer = Importer(export_yaml)

authentik/blueprints/v1/exporter.py

@@ -1,11 +1,21 @@
-"""Flow exporter"""
+"""Blueprint exporter"""
 from typing import Iterator
 from uuid import UUID
 
+from django.apps import apps
 from django.db.models import Q
+from django.utils.timezone import now
+from django.utils.translation import gettext as _
 from yaml import dump
 
-from authentik.blueprints.v1.common import Blueprint, BlueprintDumper, BlueprintEntry
+from authentik.blueprints.v1.common import (
+    Blueprint,
+    BlueprintDumper,
+    BlueprintEntry,
+    BlueprintMetadata,
+)
+from authentik.blueprints.v1.importer import is_model_allowed
+from authentik.blueprints.v1.labels import LABEL_AUTHENTIK_GENERATED
 from authentik.flows.models import Flow, FlowStageBinding, Stage
 from authentik.policies.models import Policy, PolicyBinding
 from authentik.stages.prompt.models import PromptStage
@@ -14,6 +24,46 @@ from authentik.stages.prompt.models import PromptStage
 class Exporter:
     """Export flow with attached stages into yaml"""
 
+    excluded_models = []
+
+    def __init__(self):
+        self.excluded_models = []
+
+    def get_entries(self) -> Iterator[BlueprintEntry]:
+        """Get blueprint entries"""
+        for model in apps.get_models():
+            if not is_model_allowed(model):
+                continue
+            if model in self.excluded_models:
+                continue
+            for obj in model.objects.all():
+                yield BlueprintEntry.from_model(obj)
+
+    def _pre_export(self, blueprint: Blueprint):
+        """Hook to run anything pre-export"""
+
+    def export(self) -> Blueprint:
+        """Create a list of all objects and create a blueprint"""
+        blueprint = Blueprint()
+        self._pre_export(blueprint)
+        blueprint.metadata = BlueprintMetadata(
+            name=_("authentik Export - %(date)s" % {"date": str(now())}),
+            labels={
+                LABEL_AUTHENTIK_GENERATED: "true",
+            },
+        )
+        blueprint.entries = list(self.get_entries())
+        return blueprint
+
+    def export_to_string(self) -> str:
+        """Call export and convert it to yaml"""
+        blueprint = self.export()
+        return dump(blueprint, Dumper=BlueprintDumper)
+
+
+class FlowExporter(Exporter):
+    """Exporter customised to only return objects related to `flow`"""
+
     flow: Flow
     with_policies: bool
     with_stage_prompts: bool
@@ -21,11 +71,14 @@ class Exporter:
     pbm_uuids: list[UUID]
 
     def __init__(self, flow: Flow):
+        super().__init__()
         self.flow = flow
         self.with_policies = True
         self.with_stage_prompts = True
 
-    def _prepare_pbm(self):
+    def _pre_export(self, blueprint: Blueprint):
+        if not self.with_policies:
+            return
         self.pbm_uuids = [self.flow.pbm_uuid]
         self.pbm_uuids += FlowStageBinding.objects.filter(target=self.flow).values_list(
             "pbm_uuid", flat=True
@@ -70,23 +123,15 @@ class Exporter:
             for prompt in stage.fields.all():
                 yield BlueprintEntry.from_model(prompt)
 
-    def export(self) -> Blueprint:
+    def get_entries(self) -> Iterator[BlueprintEntry]:
-        """Create a list of all objects including the flow"""
+        entries = []
-        if self.with_policies:
+        entries.append(BlueprintEntry.from_model(self.flow, "slug"))
-            self._prepare_pbm()
-        bundle = Blueprint()
-        bundle.entries.append(BlueprintEntry.from_model(self.flow, "slug"))
         if self.with_stage_prompts:
-            bundle.entries.extend(self.walk_stage_prompts())
+            entries.extend(self.walk_stage_prompts())
         if self.with_policies:
-            bundle.entries.extend(self.walk_policies())
+            entries.extend(self.walk_policies())
-        bundle.entries.extend(self.walk_stages())
+        entries.extend(self.walk_stages())
-        bundle.entries.extend(self.walk_stage_bindings())
+        entries.extend(self.walk_stage_bindings())
         if self.with_policies:
-            bundle.entries.extend(self.walk_policy_bindings())
+            entries.extend(self.walk_policy_bindings())
-        return bundle
+        return entries
-
-    def export_to_string(self) -> str:
-        """Call export and convert it to yaml"""
-        bundle = self.export()
-        return dump(bundle, Dumper=BlueprintDumper)

authentik/blueprints/v1/labels.py

@@ -2,3 +2,4 @@
 
 LABEL_AUTHENTIK_SYSTEM = "blueprints.goauthentik.io/system"
 LABEL_AUTHENTIK_INSTANTIATE = "blueprints.goauthentik.io/instantiate"
+LABEL_AUTHENTIK_GENERATED = "blueprints.goauthentik.io/generated"

authentik/flows/api/flows.py

@@ -20,7 +20,7 @@ from rest_framework.viewsets import ModelViewSet
 from structlog.stdlib import get_logger
 
 from authentik.api.decorators import permission_required
-from authentik.blueprints.v1.exporter import Exporter
+from authentik.blueprints.v1.exporter import FlowExporter
 from authentik.blueprints.v1.importer import Importer
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import (
@@ -198,7 +198,7 @@ class FlowViewSet(UsedByMixin, ModelViewSet):
     def export(self, request: Request, slug: str) -> Response:
         """Export flow to .yaml file"""
         flow = self.get_object()
-        exporter = Exporter(flow)
+        exporter = FlowExporter(flow)
         response = HttpResponse(content=exporter.export_to_string())
         response["Content-Disposition"] = f'attachment; filename="{flow.slug}.yaml"'
         return response