Commit Graph

10453 Commits

Author SHA1 Message Date
github-actions[bot] 62aa4336a8
web: bump API Client version (#4294)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-12-28 11:02:02 +01:00
Jens Langhammer b16d1134ea
core: add endpoints to add/remove users from group atomically
closes #4252

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-28 10:50:30 +01:00
Jens Langhammer 78f7eb4345
web/elements: fix wizard form page changing state before being active
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 20:21:58 +01:00
Jens Langhammer 1615723f10
website/docs: update release notes for 2022.12
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 14:10:38 +01:00
sev f9b46145de
website/docs: Clarify request.user and add link to Django docs (#4287)
* Clarify request.user and add link to doc

Signed-off-by: sev <git@sev.monster>

* rephrase a bit

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: sev <git@sev.monster>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 14:10:30 +01:00
Jens Langhammer 20a4dfd13d
stages/invitation: fix incorrect pk check for invitation's flow
closes #4278

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 13:55:51 +01:00
Jens Langhammer 4a6f8d2ef2
web/flows: update flow background
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-27 13:47:16 +01:00
dependabot[bot] ffdc1aa9c2
web: bump @typescript-eslint/eslint-plugin from 5.47.0 to 5.47.1 in /web (#4290)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.47.0 to 5.47.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.47.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-27 09:43:32 +01:00
dependabot[bot] 138801c18b
web: bump @typescript-eslint/parser from 5.47.0 to 5.47.1 in /web (#4291)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.47.0 to 5.47.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.47.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-27 09:42:15 +01:00
sdimovv 8f3579ba45
blueprints: add `!If` tag (#4264)
* Added \!If tag

* Fix typo

* Removed trailing whitespace

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>

* format blueprint fixtures

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: sdimovv <36302090+sdimovv@users.noreply.github.com>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-26 16:20:22 +01:00
Jens Langhammer 3eecc76717
web/admin: fix linting
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-26 15:35:08 +01:00
dependabot[bot] 0488d36257
web: bump @codemirror/lang-python from 6.1.0 to 6.1.1 in /web (#4284) 2022-12-26 12:57:54 +01:00
dependabot[bot] 340bf54315
core: bump goauthentik.io/api/v3 from 3.2022113.3 to 3.2022114.2 (#4285) 2022-12-26 12:57:43 +01:00
dependabot[bot] b33f3d9cc8
core: bump coverage from 7.0.0 to 7.0.1 (#4286) 2022-12-26 12:57:21 +01:00
Jens Langhammer dbaf03430e
web/admin: show stage binding form when creating stage in bound list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 15:09:22 +01:00
github-actions[bot] f5738804ff
web: bump API Client version (#4282)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-12-25 15:00:55 +01:00
Jens Langhammer bfa0360764
web/admin: show policy binding form when creating policy in bound list
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:59:45 +01:00
Jens Langhammer ae13fc3b92
policies: make name required
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:46:48 +01:00
Jens Langhammer 7046944bf6
website: link CVE and attribute reporter
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:17:17 +01:00
Jens Langhammer 0423023d2e
web/elements: fix table select-all checkbox being checked with no elements
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:10:02 +01:00
Jens Langhammer 5132f0f876
web/admin: more consistent label usage, use compact labels
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 14:06:29 +01:00
Jens Langhammer 7e44de2da9
web: ignore d3 circular deps warning, treat unresolved import as error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 13:44:09 +01:00
Jens Langhammer 08b0075335
web/admin: fix import error
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-25 13:18:56 +01:00
Jens Langhammer efbab9e37f
web: remove @types/mermaid
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 22:32:21 +01:00
Jens L 8195e6d4ff
website/integrations: add hcp docs (#4281)
add hcp docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 22:27:33 +01:00
Jens Langhammer 700a4cb72c
web/admin: fix application to provider links
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 21:55:29 +01:00
Jens Langhammer 94b9ebb0bb
blueprints: add Env tag
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 20:41:51 +01:00
Jens Langhammer fe1e2aa8af
website: fix missing integrations in sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-24 00:50:12 +01:00
Jens Langhammer 7835f3d873
root: update supported versions
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 16:08:50 +01:00
github-actions[bot] 4a50c65cad
web: bump API Client version (#4277)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-12-23 15:30:38 +01:00
Jens Langhammer 283c93c57b
website: copy static files instead of linking them to prevent cache issues
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 15:18:21 +01:00
Jens Langhammer 1b86a3d5d6
Merge branch 'version-2022.11' 2022-12-23 14:39:52 +01:00
Jens Langhammer 8b710b57a5
root: don't send traces in testing
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:37:58 +01:00
Jens Langhammer 716584bbae
website: update release notes for CVEs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:21:02 +01:00
Jens Langhammer 9dc0bb2a77
release: 2022.11.4 2022-12-23 14:17:48 +01:00
Jens Langhammer debbcb125b
web: backport API update
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:17:32 +01:00
Jens L 2d827eaae1
security: fix CVE 2022 23555 (#4274)
* add flow to invitation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* show warning on invitation page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add security advisory

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:16:30 +01:00
Jens L 47d79ac28c
security: fix CVE 2022 46172 (#4275)
* fallback to current user in user_write, add flag to disable user creation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update api and web ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add cve post to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:16:26 +01:00
github-actions[bot] 61f2b73255
web: bump API Client version (#4276)
Signed-off-by: GitHub <noreply@github.com>

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-12-23 14:15:57 +01:00
Jens L 9f846d94be
security: fix CVE 2022 23555 (#4274)
* add flow to invitation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* show warning on invitation page

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add security advisory

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:13:49 +01:00
Jens L 84fbeb5721
security: fix CVE 2022 46172 (#4275)
* fallback to current user in user_write, add flag to disable user creation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update api and web ui

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* update default flows

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add cve post to website

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:12:58 +01:00
Jens Langhammer 01da8e1792
providers/oauth2: optimise and cache signing key, prevent key being loaded multiple times
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 12:04:31 +01:00
Jens Langhammer 6a3a3e5f8d
website: fix duplicate platforms in sidebar
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:23:41 +01:00
Jens Langhammer 42c278b4f8
root: migrate to hosted sentry with rate-limited DSN
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 11:18:26 +01:00
dependabot[bot] e49bc83266
web: bump @sentry/browser from 7.28.0 to 7.28.1 in /web (#4267)
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.28.0 to 7.28.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.28.0...7.28.1)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:29:03 +01:00
dependabot[bot] 98b7ebec74
web: bump @sentry/tracing from 7.28.0 to 7.28.1 in /web (#4268)
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript) from 7.28.0 to 7.28.1.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.28.0...7.28.1)

---
updated-dependencies:
- dependency-name: "@sentry/tracing"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:26:45 +01:00
dependabot[bot] ccb43a3dfb
web: bump @babel/plugin-proposal-decorators from 7.20.5 to 7.20.7 in /web (#4270)
web: bump @babel/plugin-proposal-decorators in /web

Bumps [@babel/plugin-proposal-decorators](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-proposal-decorators) from 7.20.5 to 7.20.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.7/packages/babel-plugin-proposal-decorators)

---
updated-dependencies:
- dependency-name: "@babel/plugin-proposal-decorators"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:26:32 +01:00
dependabot[bot] c92b2620f5
web: bump @babel/core from 7.20.5 to 7.20.7 in /web (#4269)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.20.5 to 7.20.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.7/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:25:20 +01:00
dependabot[bot] e2bfeefc8b
core: bump dacite from 1.6.0 to 1.7.0 (#4271)
Bumps [dacite](https://github.com/konradhalas/dacite) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/konradhalas/dacite/releases)
- [Changelog](https://github.com/konradhalas/dacite/blob/master/CHANGELOG.md)
- [Commits](https://github.com/konradhalas/dacite/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: dacite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-23 10:19:57 +01:00
Jens Langhammer e52c964354
flows: fix redirect from plan context "redirect" not being wrapped in flow response
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-22 23:28:26 +01:00