Skip to content

Commit

Permalink
Update index.md
Browse files Browse the repository at this point in the history 
Replace user.ak_groups.all() with user.all_groups per 2023.8 release notes in Admin Group

Update Expression in Admin group to only pass groups that start with 'NC-' to NextCloud.  Add verbiage around naming for admin group.

Signed-off-by: Sean Dion <smdion@gmail.com>
  • Loading branch information
@smdion
smdion authored Oct 26, 2023
1 parent e086da6 commit 4865864
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions website/integrations/services/nextcloud/index.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,13 +98,14 @@ To give authentik users admin access to your Nextcloud instance, you need to cre
Create a custom SAML Property Mapping:

- Set the _SAML Attribute Name_ to `http://schemas.xmlsoap.org/claims/Group`.
- Set the _Expression_ to:
- Set group names that you want to passthrough to start with 'NC-'
- Set the admin group to 'NC-Admin'
- Set the _Expression_ to (the 'NC-' will be removed before sending to Nextcloud):

```python
for group in user.ak_groups.all():
yield group.name
if ak_is_group_member(request.user, name="<authentik nextcloud admin group's name>"):
yield "admin"
groups = [group.name for group in user.all_groups() if group.name.startswith("NC-")]
for group in groups:
yield group[3:]
```

Then, edit the Nextcloud SAML Provider, and replace the default Groups mapping with the one you've created above.

0 comments on commit 4865864

Please sign in to comment.