-
-
Notifications
You must be signed in to change notification settings - Fork 874
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
web: replace multi-select with dual-select for all propertyMapping invocations #9359
web: replace multi-select with dual-select for all propertyMapping invocations #9359
Conversation
Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three *different* kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following **error** appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated.
* main: tenants: really ensure default tenant cannot be deleted (#8875) core: bump github.com/go-openapi/runtime from 0.27.2 to 0.28.0 (#8867) core: bump pytest from 8.0.2 to 8.1.1 (#8868) core: bump github.com/go-openapi/strfmt from 0.22.2 to 0.23.0 (#8869) core: bump bandit from 1.7.7 to 1.7.8 (#8870) core: bump packaging from 23.2 to 24.0 (#8871) core: bump ruff from 0.3.1 to 0.3.2 (#8873) web: bump the wdio group in /tests/wdio with 3 updates (#8865) core: bump requests-oauthlib from 1.3.1 to 1.4.0 (#8866) core: bump uvicorn from 0.27.1 to 0.28.0 (#8872) core: bump django-filter from 23.5 to 24.1 (#8874)
* main: web: fix esbuild issue with style sheets (#8856)
* main: web: upgrade to lit 3 (#8781)
* main: Update _envoy_istio.md (#8888) website/docs: new landing page for Providers (#8879) web: bump the sentry group in /web with 1 update (#8881) web: bump chromedriver from 122.0.4 to 122.0.5 in /tests/wdio (#8884) web: bump the eslint group in /tests/wdio with 2 updates (#8883) web: bump the eslint group in /web with 2 updates (#8885) website: bump @types/react from 18.2.64 to 18.2.65 in /website (#8886)
* main: (31 commits) root: support redis username (#8935) core: bump black from 24.2.0 to 24.3.0 (#8945) web: bump the wdio group in /tests/wdio with 2 updates (#8939) web: bump the sentry group in /web with 1 update (#8941) website: bump postcss from 8.4.35 to 8.4.36 in /website (#8940) core: bump twilio from 9.0.1 to 9.0.2 (#8942) core: bump ruff from 0.3.2 to 0.3.3 (#8943) events: discard notification if user has empty email (#8938) ci: always run ci-main on branch pushes (#8950) core: bump goauthentik.io/api/v3 from 3.2024022.2 to 3.2024022.3 (#8946) website/docs: add new name "Microsft Entra ID" for Azure AD (#8930) outposts: Enhance config options for k8s outposts (#7363) website/docs: add link to CRUD docs (#8925) web: bump API Client version (#8927) outpost: improved set secret answers for flow execution (#8013) stages/user_write: ensure user data is json-serializable (#8926) website/docs: update example ldapsearch commands (#8906) admin: Handle latest version unknown in admin dashboard (#8858) core: bump coverage from 7.4.3 to 7.4.4 (#8917) core: bump urllib3 from 1.26.18 to 2.2.1 (#8918) ...
* main: outposts/proxy: Fix invalid redirect on external hosts containing path components (#8915) core: cache user application list under policies (#8895) web: bump the eslint group in /web with 2 updates (#8959) web: bump core-js from 3.36.0 to 3.36.1 in /web (#8960) website: bump @types/react from 18.2.66 to 18.2.67 in /website (#8962) web: bump the eslint group in /tests/wdio with 2 updates (#8963)
* main: web: improve build speeds even moar!!!!!! (#8954)
* main: website/docs: config: remove options moved to tenants (#8976) web: bump @types/grecaptcha from 3.0.8 to 3.0.9 in /web (#8971) web: bump country-flag-icons from 1.5.9 to 1.5.10 in /web (#8970) web: bump the babel group in /web with 7 updates (#8969) core: bump uvicorn from 0.28.0 to 0.28.1 (#8968) website: bump postcss from 8.4.36 to 8.4.37 in /website (#8967) internal: cleanup static file serving setup code (#8965) website/integrations: portainer: match portainer settings order (#8974)
* main: website/docs: add example policy to enforce unique email address (#8955) web/admin: remove enterprise preview banner (#8991) core: bump uvicorn from 0.28.1 to 0.29.0 (#8980) core: bump sentry-sdk from 1.42.0 to 1.43.0 (#8981) web: bump the babel group in /web with 3 updates (#8983) web: bump typescript from 5.4.2 to 5.4.3 in /web (#8984) web: bump typescript from 5.4.2 to 5.4.3 in /tests/wdio (#8986) web: bump chromedriver from 122.0.6 to 123.0.0 in /tests/wdio (#8987) website: bump typescript from 5.4.2 to 5.4.3 in /website (#8989) core: bump importlib-metadata from 7.0.2 to 7.1.0 (#8982) web: bump the wdio group in /tests/wdio with 3 updates (#8985) website: bump postcss from 8.4.37 to 8.4.38 in /website (#8988)
* main: web: bump API Client version (#9021) sources/ldap: add ability to disable password write on login (#8377) web: bump API Client version (#9020) lifecycle: migrate: ensure template schema exists before migrating (#8952) website/integrations: Update nextcloud Admin Group Expression (#7314) web/flow: general ux improvements (#8558) website: bump @types/react from 18.2.67 to 18.2.69 in /website (#9016) core: bump requests-oauthlib from 1.4.0 to 2.0.0 (#9018) web: bump the sentry group in /web with 2 updates (#9017) web/admin: small fixes (#9002) website: bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /website (#9001) core: bump ruff from 0.3.3 to 0.3.4 (#8998) website/docs: Upgrade nginx reverse porxy config (#8947) website/docs: improve flow inspector docs (#8993) website/deverlop-docs website/integrations: add links to integrations template (#8995)
* main: web: bump API Client version (#9035) website/docs: maintenance, re-add system settings (#9026) core: bump duo-client from 5.2.0 to 5.3.0 (#9029) website: bump express from 4.18.2 to 4.19.2 in /website (#9027) web: bump express from 4.18.3 to 4.19.2 in /web (#9028) web: bump the eslint group in /web with 2 updates (#9030) core: bump goauthentik.io/api/v3 from 3.2024022.3 to 3.2024022.5 (#9031) website: bump @types/react from 18.2.69 to 18.2.70 in /website (#9032) web: bump the eslint group in /tests/wdio with 2 updates (#9033) web: bump katex from 0.16.9 to 0.16.10 in /web (#9025) translate: Updates for file locale/en/LC_MESSAGES/django.po in fr (#9023) website/docs: include OS-specific docker-compose install instructions + minor fixes (#8975)
* main: web: a few minor bugfixes and lintfixes (#9044) website/integrations: add documentation for OIDC setup with Xen Orchestra (#9000) website: bump @types/react from 18.2.70 to 18.2.72 in /website (#9041) core: bump goauthentik.io/api/v3 from 3.2024022.5 to 3.2024022.6 (#9042) web: fix markdown rendering bug for alerts (#9037)
* main: (23 commits) providers/oauth2: fix interactive device flow (#9076) website/docs: fix transports example (#9074) events: fix log_capture (#9075) web: bump the sentry group in /web with 2 updates (#9065) core: bump goauthentik.io/api/v3 from 3.2024022.6 to 3.2024022.7 (#9064) web: bump @codemirror/lang-python from 6.1.4 to 6.1.5 in /web (#9068) web: bump the eslint group in /web with 1 update (#9066) web: bump glob from 10.3.10 to 10.3.12 in /web (#9069) web: bump the rollup group in /web with 3 updates (#9067) web: bump the eslint group in /tests/wdio with 1 update (#9071) core: bump webauthn from 2.0.0 to 2.1.0 (#9070) core: bump sentry-sdk from 1.43.0 to 1.44.0 (#9073) core: bump requests-mock from 1.12.0 to 1.12.1 (#9072) web: bump API Client version (#9061) events: rework log messages returned from API and their rendering (#8770) website/docs: update airgapped config (#9049) website: bump @types/react from 18.2.72 to 18.2.73 in /website (#9052) web: bump the rollup group in /web with 3 updates (#9053) core: bump django-filter from 24.1 to 24.2 (#9055) core: bump requests-mock from 1.11.0 to 1.12.0 (#9056) ...
* main: root: fix missing imports after #9081 (#9106) root: move database calls from ready() to dedicated startup signal (#9081) web: fix console log leftover (#9096) web: bump the eslint group in /web with 2 updates (#9098) core: bump twilio from 9.0.2 to 9.0.3 (#9103) web: bump the eslint group in /tests/wdio with 2 updates (#9099) core: bump drf-spectacular from 0.27.1 to 0.27.2 (#9100) core: bump django-model-utils from 4.4.0 to 4.5.0 (#9101) core: bump ruff from 0.3.4 to 0.3.5 (#9102) website/docs: update notes on SECRET_KEY (#9091) web: fix broken locale compile (#9095) website/integrations: add outline knowledge base (#8786) website/docs: fix typo (#9082) website/docs: email stage: fix example translation error (#9048)
* main: (22 commits) blueprints: fix default username field in user-settings flow (#9136) website/docs: add procedural docs for RAC (#9006) web: bump API Client version (#9133) ci: fix python client generator (#9134) root: generate python client (#9107) web: Bump vite from 5.1.4 to 5.2.8 in /web (#9120) core, web: update translations (#9124) core: Bump golang from 1.22.1-bookworm to 1.22.2-bookworm (#9125) web: Bump the babel group in /web with 2 updates (#9126) web: Bump the eslint group in /web with 1 update (#9127) web: Bump the eslint group in /tests/wdio with 1 update (#9129) core: Bump sentry-sdk from 1.44.0 to 1.44.1 (#9130) core: Bump channels from 4.0.0 to 4.1.0 (#9131) core: Bump django from 5.0.3 to 5.0.4 (#9132) web: Bump the rollup group in /web with 3 updates (#9128) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9110) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9109) translate: Updates for file web/xliff/en.xlf in zh_CN (#9111) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9112) web: Bump @fortawesome/fontawesome-free from 6.5.1 to 6.5.2 in /web (#9116) ...
* main: (25 commits) root: fix readme (#9178) enterprise: fix audit middleware import (#9177) web: bump @spotlightjs/spotlight from 1.2.16 to 1.2.17 in /web in the sentry group (#9162) web: bump API Client version (#9174) stages/authenticator_webauthn: add MDS support (#9114) website/integrations: Update Nextcloud OIDC secret size limitation (#9139) translate: Updates for file web/xliff/en.xlf in zh_CN (#9170) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9171) web: bump the rollup group in /web with 3 updates (#9164) web: bump @codemirror/legacy-modes from 6.3.3 to 6.4.0 in /web (#9166) web: bump ts-pattern from 5.1.0 to 5.1.1 in /web (#9167) core: bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.7 (#9168) core, web: update translations (#9156) root: fix redis username in lifecycle (#9158) web: ak-checkbox-group for short, static, multi-select events (#9138) root: fix startup (#9151) core: Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#9146) core: Bump twilio from 9.0.3 to 9.0.4 (#9143) web: Bump country-flag-icons from 1.5.10 to 1.5.11 in /web (#9144) web: Bump typescript from 5.4.3 to 5.4.4 in /web (#9145) ...
* main: web/admin: fix SAML Provider preview (#9192) core, web: update translations (#9183) web: bump chromedriver from 123.0.1 to 123.0.2 in /tests/wdio (#9188) website: bump @types/react from 18.2.74 to 18.2.75 in /website (#9185) website/docs: update Postgresql username (#9190) core: bump maxmind/geoipupdate from v6.1 to v7.0 (#9186) events: add context manager to ignore/modify audit events being written (#9181) web: fix application library list display length and capability (#9094)
* main: translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9194) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9197) translate: Updates for file web/xliff/en.xlf in zh_CN (#9196) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9198) web: preserve selected list when provider updates (#9200) web: bump API Client version (#9195) sources/oauth: make URLs not required, only check when no OIDC URLs are defined (#9182)
* main: website/docs: add note for flow compatibility mode (#9204)
* main: website/docs: add more info and links about enforciing unique email addresses (#9154) core: bump goauthentik.io/api/v3 from 3.2024022.7 to 3.2024022.8 (#9215) web: bump API Client version (#9214) stages/authenticator_validate: add ability to limit webauthn device types (#9180) web: bump API Client version (#9213) core: add user settable token durations (#7410) core, web: update translations (#9205) web: bump typescript from 5.4.4 to 5.4.5 in /tests/wdio (#9206) web: bump chromedriver from 123.0.2 to 123.0.3 in /tests/wdio (#9207) core: bump sentry-sdk from 1.44.1 to 1.45.0 (#9208) web: bump typescript from 5.4.4 to 5.4.5 in /web (#9209) website: bump typescript from 5.4.4 to 5.4.5 in /website (#9210) core: bump python from 3.12.2-slim-bookworm to 3.12.3-slim-bookworm (#9211)
* main: (21 commits) web: manage stacked modals with a stack (#9193) website/docs: ensure yaml code blocks have language tags (#9240) blueprints: only create default brand if no other default brand exists (#9222) web: bump API Client version (#9239) website/integrations: portainer: Fix Redirect URL mismatch (#9226) api: fix authentication schema (#9238) translate: Updates for file web/xliff/en.xlf in zh_CN (#9229) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9230) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9228) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9231) core: bump pydantic from 2.6.4 to 2.7.0 (#9232) core: bump ruff from 0.3.5 to 0.3.7 (#9233) web: bump @sentry/browser from 7.109.0 to 7.110.0 in /web in the sentry group (#9234) website: bump @types/react from 18.2.75 to 18.2.77 in /website (#9236) core, web: update translations (#9225) website/integrations: add pfSense search scope (#9221) core: bump idna from 3.6 to 3.7 (#9224) website/docs: add websocket support to nginx snippets (#9220) internal: add tests to go flow executor (#9219) website/integrations: nextcloud: add tip to solve hashed groups configuring OAuth2 (#9153) ...
* main: (34 commits) web: bump API Client version (#9299) core: fix api schema for users and groups (#9298) providers/oauth2: fix refresh_token grant returning incorrect id_token (#9275) web: bump @sentry/browser from 7.110.0 to 7.110.1 in /web in the sentry group (#9278) core, web: update translations (#9277) web: bump the rollup group in /web with 3 updates (#9280) web: bump lit from 3.1.2 to 3.1.3 in /web (#9282) web: bump @lit/context from 1.1.0 to 1.1.1 in /web (#9281) website: bump @types/react from 18.2.78 to 18.2.79 in /website (#9286) core: bump goauthentik.io/api/v3 from 3.2024022.10 to 3.2024022.11 (#9285) core: bump sqlparse from 0.4.4 to 0.5.0 (#9276) lifecycle: gunicorn: fix app preload (#9274) events: add indexes (#9272) web/flows: fix passwordless hidden without input (#9273) root: fix geoipupdate arguments (#9271) website/docs: cleanup more (#9249) web: bump API Client version (#9270) sources: add SCIM source (#3051) core: delegated group member management (#9254) web: bump API Client version (#9269) ...
* main: (23 commits) web: bump API Client version (#9316) release: 2024.2.3 website/docs: 2024.2.3 release notes (#9313) web/admin: fix log viewer empty state (#9315) website/docs: fix formatting for stage changes (#9314) core: bump github.com/go-ldap/ldap/v3 from 3.4.7 to 3.4.8 (#9310) core: bump goauthentik.io/api/v3 from 3.2024022.11 to 3.2024022.12 (#9311) web: bump core-js from 3.36.1 to 3.37.0 in /web (#9309) core: bump gunicorn from 21.2.0 to 22.0.0 (#9308) core, web: update translations (#9307) website/docs: system settings: add default token duration and length (#9306) web/flows: update flow background (#9305) web: fix locale loading being skipped (#9301) translate: Updates for file web/xliff/en.xlf in fr (#9304) translate: Updates for file locale/en/LC_MESSAGES/django.po in fr (#9303) core: replace authentik_signals_ignored_fields with audit_ignore (#9291) web/flow: fix form input rendering issue (#9297) events: fix incorrect user logged when using API token authentication (#9302) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh_CN (#9293) translate: Updates for file locale/en/LC_MESSAGES/django.po in zh-Hans (#9295) ...
* main: stages/prompt: fix username field throwing error with existing user (#9342) root: expose session storage configuration (#9337) website/integrations: fix typo (#9340) root: fix go.mod for codeql checking (#9338) root: make redis settings more consistent (#9335) web/admin: fix error in admin interface due to un-hydrated context (#9336) web: bump API Client version (#9334) stages/authenticator_webauthn: fix attestation value (#9333) website/docs: fix SECRET_KEY length (#9328) website/docs: fix email template formatting (#9330) core, web: update translations (#9323) web: bump @patternfly/elements from 3.0.0 to 3.0.1 in /web (#9324) core: bump celery from 5.3.6 to 5.4.0 (#9325) core: bump goauthentik.io/api/v3 from 3.2024022.12 to 3.2024023.1 (#9327) sources/scim: service account should be internal (#9321) web: bump the storybook group in /web with 8 updates (#9266) sources/scim: cleanup service account when source is deleted (#9319)
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-70ca833a56e59fa951da848e0b0da71c29864550
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s For arm64, use these values: AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-ghcr.io/goauthentik/dev-server:gh-70ca833a56e59fa951da848e0b0da71c29864550-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s Afterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-ghcr.io/goauthentik/dev-server:gh-70ca833a56e59fa951da848e0b0da71c29864550 For arm64, use these values: authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-ghcr.io/goauthentik/dev-server:gh-70ca833a56e59fa951da848e0b0da71c29864550-arm64 Afterwards, run the upgrade commands from the latest release notes. |
@@ -35,7 +35,7 @@ const eslintConfig = { | |||
"quotes": ["error", "double", { avoidEscape: true }], | |||
"semi": ["error", "always"], | |||
"@typescript-eslint/ban-ts-comment": "off", | |||
"sonarjs/cognitive-complexity": ["error", 9], | |||
"sonarjs/cognitive-complexity": ["warn", 9], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Too many of the large HTML objects I hit had embedded ifs
that drove the complexity way above 9. For the time being, I'll have to make this a warning.
<p class="pf-c-form__helper-text"> | ||
${msg("Hold control/command to select multiple items.")} | ||
${msg("Property mappings for user creation.")} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, I tightened up the language a bit. "Property mappings used to user creation" was not grammatical, and "used for user creation" felt redundant. "Property mappings for user creation" seems about right. @tanberry, does this seem right to you?
* main: (24 commits) web: bump the wdio group in /tests/wdio with 4 updates (#9374) web: bump the rollup group in /web with 3 updates (#9371) core: bump ruff from 0.4.0 to 0.4.1 (#9372) core, web: update translations (#9366) web/admin: fix document title for admin interface (#9362) translate: Updates for file web/xliff/en.xlf in zh_CN (#9363) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9364) core, web: update translations (#9360) website/docs: release notes 2024.4: add performance improvements values (#9356) translate: Updates for file web/xliff/en.xlf in zh_CN (#9317) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9318) website/docs: 2024.4 release notes (#9267) sources/ldap: fix default blueprint for mapping user DN to path (#9355) web/admin: group form dual select (#9354) core: bump golang.org/x/net from 0.22.0 to 0.23.0 (#9351) core: bump goauthentik.io/api/v3 from 3.2024023.1 to 3.2024023.2 (#9345) web: bump chromedriver from 123.0.3 to 123.0.4 in /tests/wdio (#9348) core: bump twilio from 9.0.4 to 9.0.5 (#9346) core: bump ruff from 0.3.7 to 0.4.0 (#9347) web: bump @sentry/browser from 7.110.1 to 7.111.0 in /web in the sentry group (#9349) ...
* dev: (23 commits) web: bump the wdio group in /tests/wdio with 4 updates (#9374) web: bump the rollup group in /web with 3 updates (#9371) core: bump ruff from 0.4.0 to 0.4.1 (#9372) core, web: update translations (#9366) web/admin: fix document title for admin interface (#9362) translate: Updates for file web/xliff/en.xlf in zh_CN (#9363) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9364) core, web: update translations (#9360) website/docs: release notes 2024.4: add performance improvements values (#9356) translate: Updates for file web/xliff/en.xlf in zh_CN (#9317) translate: Updates for file web/xliff/en.xlf in zh-Hans (#9318) website/docs: 2024.4 release notes (#9267) sources/ldap: fix default blueprint for mapping user DN to path (#9355) web/admin: group form dual select (#9354) core: bump golang.org/x/net from 0.22.0 to 0.23.0 (#9351) core: bump goauthentik.io/api/v3 from 3.2024023.1 to 3.2024023.2 (#9345) web: bump chromedriver from 123.0.3 to 123.0.4 in /tests/wdio (#9348) core: bump twilio from 9.0.4 to 9.0.5 (#9346) core: bump ruff from 0.3.7 to 0.4.0 (#9347) web: bump @sentry/browser from 7.110.1 to 7.111.0 in /web in the sentry group (#9349) ...
The 'selector' feature was overselecting, preventing items from being removed from the "selected" list if they were part of the host object. This has the shortcoming that `default` items *must* be in the first page of options from the server, or they probably won't be registered. Fortunately, that's currently the case.
* main: web: bump API Client version (#9400) release: 2024.4.0 release: 2024.4.0-rc1 root: bump blueprint schema version lifecycle: fix ak test-all command website/docs: finalize 2024.4 release notes (#9396) web: bump @sentry/browser from 7.111.0 to 7.112.1 in /web in the sentry group (#9387) web: bump the rollup group in /web with 3 updates (#9388) ci: bump helm/kind-action from 1.9.0 to 1.10.0 (#9389) website: bump clsx from 2.1.0 to 2.1.1 in /website (#9390) core: bump pydantic from 2.7.0 to 2.7.1 (#9391) core: bump freezegun from 1.4.0 to 1.5.0 (#9393) core: bump coverage from 7.4.4 to 7.5.0 (#9392) web: bump the storybook group in /web with 7 updates (#9380) web: bump the rollup group in /web with 3 updates (#9381)
* main: web: clean up some repetitive types (#9241) core: fix logic for token expiration (#9426) ci: fix ci pipeline (#9427) translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#9424) web: Add resolved and integrity fields back to package-lock.json (#9419) translate: Updates for file locale/en/LC_MESSAGES/django.po in ru (#9407) stages/identification: don't check source component (#9410) core: bump selenium from 4.19.0 to 4.20.0 (#9411) core: bump black from 24.4.0 to 24.4.1 (#9412) ci: bump golangci/golangci-lint-action from 4 to 5 (#9413) core: bump goauthentik.io/api/v3 from 3.2024023.2 to 3.2024040.1 (#9414) web: bump @sentry/browser from 7.112.1 to 7.112.2 in /web in the sentry group (#9416) sources/oauth: ensure all UI sources return a valid source (#9401) web: markdown: display markdown even when frontmatter is missing (#9404)
* main: (43 commits) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#9535) web: bump the rollup group across 1 directory with 3 updates (#9532) website/developer-docs: Add note for custom YAML tags in an IDE (#9528) lifecycle: close database connection after migrating (#9516) web: bump the babel group in /web with 3 updates (#9520) core: bump node from 21 to 22 (#9521) web: bump @codemirror/lang-python from 6.1.5 to 6.1.6 in /web (#9523) providers/rac: bump guacd to 1.5.5 (#9514) core: only prefetch related objects when required (#9476) website/integrations: move Fortimanager to Networking (#9505) website: bump react-tooltip from 5.26.3 to 5.26.4 in /website (#9494) web: bump the rollup group in /web with 3 updates (#9497) web: bump yaml from 2.4.1 to 2.4.2 in /web (#9499) core: bump goauthentik.io/api/v3 from 3.2024040.1 to 3.2024041.1 (#9503) core: bump pytest from 8.1.1 to 8.2.0 (#9501) website: bump react-dom from 18.3.0 to 18.3.1 in /website (#9495) website: bump react and @types/react in /website (#9496) web: bump react-dom from 18.3.0 to 18.3.1 in /web (#9498) core: bump sentry-sdk from 2.0.0 to 2.0.1 (#9502) web/flows: fix missing fallback for flow logo (#9487) ...
* main: website/docs: fix openssl rand commands (#9554) web: bump @sentry/browser from 7.112.2 to 7.113.0 in /web in the sentry group (#9549) core, web: update translations (#9548) core: bump goauthentik.io/api/v3 from 3.2024041.1 to 3.2024041.2 (#9551) core: bump django-model-utils from 4.5.0 to 4.5.1 (#9550) providers/scim: fix time_limit not set correctly (#9546)
* dev: (83 commits) website/docs: fix openssl rand commands (#9554) web: bump @sentry/browser from 7.112.2 to 7.113.0 in /web in the sentry group (#9549) core, web: update translations (#9548) core: bump goauthentik.io/api/v3 from 3.2024041.1 to 3.2024041.2 (#9551) core: bump django-model-utils from 4.5.0 to 4.5.1 (#9550) providers/scim: fix time_limit not set correctly (#9546) web/flows: fix error when enrolling multiple WebAuthn devices consecutively (#9545) web: bump ejs from 3.1.9 to 3.1.10 in /tests/wdio (#9542) web: bump API Client version (#9543) providers/saml: fix ecdsa support (#9537) website/integrations: nextcloud: connect to existing user (#9155) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#9535) web: bump the rollup group across 1 directory with 3 updates (#9532) website/developer-docs: Add note for custom YAML tags in an IDE (#9528) lifecycle: close database connection after migrating (#9516) web: bump the babel group in /web with 3 updates (#9520) core: bump node from 21 to 22 (#9521) web: bump @codemirror/lang-python from 6.1.5 to 6.1.6 in /web (#9523) providers/rac: bump guacd to 1.5.5 (#9514) core: only prefetch related objects when required (#9476) ...
* main: (320 commits) website/developer-docs: add a baby Style Guide (#9900) website/integrations: gitlab: update certificate key pair location and specify sha (#9925) root: handle asgi exception (#10085) website: bump prettier from 3.3.1 to 3.3.2 in /website (#10082) web: bump prettier from 3.3.1 to 3.3.2 in /web (#10081) core: bump google-api-python-client from 2.132.0 to 2.133.0 (#10083) web: bump prettier from 3.3.1 to 3.3.2 in /tests/wdio (#10079) web: bump chromedriver from 125.0.3 to 126.0.0 in /tests/wdio (#10078) web: bump @sentry/browser from 8.8.0 to 8.9.1 in /web in the sentry group (#10080) web: bump braces from 3.0.2 to 3.0.3 in /web (#10077) website: bump braces from 3.0.2 to 3.0.3 in /website (#10076) web: bump braces from 3.0.2 to 3.0.3 in /tests/wdio (#10075) core: bump azure-identity from 1.16.0 to 1.16.1 (#10071) rbac: filters: fix missing attribute for unauthenticated requests (#10061) tests/e2e: docker-compose.yml: remove version element forgotten last time (#10067) providers/microsoft_entra: fix error when updating connection attributes (#10039) website/integrations: aws: fix about service link (#10062) translate: Updates for file locale/en/LC_MESSAGES/django.po in it (#10060) core: bump github.com/redis/go-redis/v9 from 9.5.2 to 9.5.3 (#10046) core: bump github.com/gorilla/websocket from 1.5.1 to 1.5.2 (#10047) ...
* main: (267 commits) website/docs: configuration: fix typo in kubectl command (#10492) website/integrations: fix typo in minio instructions (#10500) web: bump @typescript-eslint/eslint-plugin from 7.5.0 to 7.16.0 in /tests/wdio (#10496) website: bump prettier from 3.3.2 to 3.3.3 in /website (#10493) core: bump ruff from 0.5.1 to 0.5.2 (#10494) web: bump @typescript-eslint/parser from 7.5.0 to 7.16.0 in /tests/wdio (#10495) web: bump eslint-plugin-sonarjs from 0.25.1 to 1.0.3 in /tests/wdio (#10498) web: bump prettier from 3.3.2 to 3.3.3 in /tests/wdio (#10497) web: bump pseudolocale from 2.0.0 to 2.1.0 in /web (#10499) core: bump goauthentik.io/api/v3 from 3.2024061.1 to 3.2024061.2 (#10491) web: bump API Client version (#10488) flows: remove stage challenge type (#10476) core: bump github.com/redis/go-redis/v9 from 9.5.3 to 9.5.4 (#10469) core: bump goauthentik.io/api/v3 from 3.2024060.6 to 3.2024061.1 (#10470) web: bump the babel group across 1 directory with 2 updates (#10471) web: bump the storybook group across 1 directory with 7 updates (#10472) core: bump coverage from 7.5.4 to 7.6.0 (#10473) website/docs: air gapped: clarify .env usage at the top for Kubernetes installations (#10447) website/docs: air gapped: update "see configuration" wording (#10448) website/docs: Add Kubernetes Bootstrap Instructions (#9541) ...
* main: (199 commits) core: bump setuptools from 69.5.1 to 70.0.0 (#10503) web: replace multi-select with dual-select for all propertyMapping invocations (#9359) web: enable custom-element-manifest and DOM/JS integration checking. (#10177) website/docs: configuration: fix typo in kubectl command (#10492) website/integrations: fix typo in minio instructions (#10500) web: bump @typescript-eslint/eslint-plugin from 7.5.0 to 7.16.0 in /tests/wdio (#10496) website: bump prettier from 3.3.2 to 3.3.3 in /website (#10493) core: bump ruff from 0.5.1 to 0.5.2 (#10494) web: bump @typescript-eslint/parser from 7.5.0 to 7.16.0 in /tests/wdio (#10495) web: bump eslint-plugin-sonarjs from 0.25.1 to 1.0.3 in /tests/wdio (#10498) web: bump prettier from 3.3.2 to 3.3.3 in /tests/wdio (#10497) web: bump pseudolocale from 2.0.0 to 2.1.0 in /web (#10499) core: bump goauthentik.io/api/v3 from 3.2024061.1 to 3.2024061.2 (#10491) web: bump API Client version (#10488) flows: remove stage challenge type (#10476) core: bump github.com/redis/go-redis/v9 from 9.5.3 to 9.5.4 (#10469) core: bump goauthentik.io/api/v3 from 3.2024060.6 to 3.2024061.1 (#10470) web: bump the babel group across 1 directory with 2 updates (#10471) web: bump the storybook group across 1 directory with 7 updates (#10472) core: bump coverage from 7.5.4 to 7.6.0 (#10473) ...
* main: web: add HTMLTagNameElementMaps to everything to activate lit analyzer (#10217) web: replace handmade list in Admin Overview with generator, storybook generator, fix storybook, fix bug in list's parent component (#9726) core: bump setuptools from 69.5.1 to 70.0.0 (#10503) web: replace multi-select with dual-select for all propertyMapping invocations (#9359) web: enable custom-element-manifest and DOM/JS integration checking. (#10177)
* main: web: all aboard the anti-if bus, according to tooling (#10220) web: fix bad name target that's breaking build (#10506) web: add HTMLTagNameElementMaps to everything to activate lit analyzer (#10217) web: replace handmade list in Admin Overview with generator, storybook generator, fix storybook, fix bug in list's parent component (#9726) core: bump setuptools from 69.5.1 to 70.0.0 (#10503) web: replace multi-select with dual-select for all propertyMapping invocations (#9359) web: enable custom-element-manifest and DOM/JS integration checking. (#10177)
…vocations (goauthentik#9359) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three *different* kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following **error** appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: replace multi-select with dual-select for all propertyMapping invocations All of the uses of <select> to show propertyMappings have been replaced with an invocation to a variant of dual select that allows for dynamic production of the "selected" list. Instead of giving a "selected" list of elements, a "selector" function is passed that can, given the elements listed by the provider, generated the "selected" list dynamically. This feature is required for propertyMappings because many of the propertyMappings have an alternative "default selected" feature whereby an object with no property mappings is automatically granted some by the `.managed` field of the property mapping. The `DualSelectPair` type is now tragically mis-named, as it it's now a 4-tuple, the fourth being whatever object or field is necessary to figure out what the default value might be. For example, the Oauth2PropertyMappingsSelector looks like this: ``` export function makeOAuth2PropertyMappingsSelector(instanceMappings: string[] | undefined) { const localMappings = instanceMappings ? new Set(instanceMappings) : undefined; return localMappings ? ([pk, _]: DualSelectPair) => localMappings.has(pk) : ([_0, _1, _2, scope]: DualSelectPair<ScopeMapping>) => scope?.managed?.startsWith("goauthentik.io/providers/oauth2/scope-") && scope?.managed !== "goauthentik.io/providers/oauth2/scope-offline_access"; } ``` If there are instanceMappings, we create a Set of them and just look up the pk for "is this selected" as we generate the component. If there is not, we look at the `scope` object itself (Oauth2PropertyMappings were called "scopes" in the original source) and perform a token analysis. It works well, is reasonably fast, and reasonably memory-friendly. In the case of RAC, OAuth2, and ProxyProviders, I've also provided external definitions of the MappingProvider and MappingSelector, so that they can be shared between the Provider and the ApplicationWizard. The algorithm for finding the "alternative (default) selections" was *different* between the two instances of both Oauth and Proxy. I'm not marking this as "ready" until Jens (@BeryJu) and I can go over why that might have been so, and decide if using a common implementation for both is the correct thing to do. Also, a lot of this is (still) cut-and-paste; the dual-select invocation, and the definitions of Providers and Selectors have a bit of boilerplate that it just didn't make sense to try and abstract away; the code is DAMP (Descriptive and Meaningful Phrases), and I can live with it. Unfortunately, that also points to the possibility of something being off; the wrong default token, or the wrong phrase to describe the "Available" and "Selected" columns. So this is not (yet) ready for a full pull review. On the other hand, if this passes muster and we're happy with it, there are 11 more places to put DualSelect, four of which are pure cut-and-paste lookups of the PaginatedOauthSourceList, plus a miscellany of Prompts, Sources, Stages, Roles, EventTransports and Policies. Despite the churn, the difference between the two implementations is 438 lines removed, 231 lines added, 121 lines new. 86 LOC deleted. Could be better. :-) * web: make the ...Selector semantics uniform across the definition set. * web: fix proxy property mapping default criteria * web: restoring dropped message to user. * Ensuring the neccessary components are imported. * web: fix problem with 'selector' overselecting The 'selector' feature was overselecting, preventing items from being removed from the "selected" list if they were part of the host object. This has the shortcoming that `default` items *must* be in the first page of options from the server, or they probably won't be registered. Fortunately, that's currently the case.
…vocations (goauthentik#9359) * web: fix esbuild issue with style sheets Getting ESBuild, Lit, and Storybook to all agree on how to read and parse stylesheets is a serious pain. This fix better identifies the value types (instances) being passed from various sources in the repo to the three *different* kinds of style processors we're using (the native one, the polyfill one, and whatever the heck Storybook does internally). Falling back to using older CSS instantiating techniques one era at a time seems to do the trick. It's ugly, but in the face of the aggressive styling we use to avoid Flashes of Unstyled Content (FLoUC), it's the logic with which we're left. In standard mode, the following warning appears on the console when running a Flow: ``` Autofocus processing was blocked because a document already has a focused element. ``` In compatibility mode, the following **error** appears on the console when running a Flow: ``` crawler-inject.js:1106 Uncaught TypeError: Failed to execute 'observe' on 'MutationObserver': parameter 1 is not of type 'Node'. at initDomMutationObservers (crawler-inject.js:1106:18) at crawler-inject.js:1114:24 at Array.forEach (<anonymous>) at initDomMutationObservers (crawler-inject.js:1114:10) at crawler-inject.js:1549:1 initDomMutationObservers @ crawler-inject.js:1106 (anonymous) @ crawler-inject.js:1114 initDomMutationObservers @ crawler-inject.js:1114 (anonymous) @ crawler-inject.js:1549 ``` Despite this error, nothing seems to be broken and flows work as anticipated. * web: replace multi-select with dual-select for all propertyMapping invocations All of the uses of <select> to show propertyMappings have been replaced with an invocation to a variant of dual select that allows for dynamic production of the "selected" list. Instead of giving a "selected" list of elements, a "selector" function is passed that can, given the elements listed by the provider, generated the "selected" list dynamically. This feature is required for propertyMappings because many of the propertyMappings have an alternative "default selected" feature whereby an object with no property mappings is automatically granted some by the `.managed` field of the property mapping. The `DualSelectPair` type is now tragically mis-named, as it it's now a 4-tuple, the fourth being whatever object or field is necessary to figure out what the default value might be. For example, the Oauth2PropertyMappingsSelector looks like this: ``` export function makeOAuth2PropertyMappingsSelector(instanceMappings: string[] | undefined) { const localMappings = instanceMappings ? new Set(instanceMappings) : undefined; return localMappings ? ([pk, _]: DualSelectPair) => localMappings.has(pk) : ([_0, _1, _2, scope]: DualSelectPair<ScopeMapping>) => scope?.managed?.startsWith("goauthentik.io/providers/oauth2/scope-") && scope?.managed !== "goauthentik.io/providers/oauth2/scope-offline_access"; } ``` If there are instanceMappings, we create a Set of them and just look up the pk for "is this selected" as we generate the component. If there is not, we look at the `scope` object itself (Oauth2PropertyMappings were called "scopes" in the original source) and perform a token analysis. It works well, is reasonably fast, and reasonably memory-friendly. In the case of RAC, OAuth2, and ProxyProviders, I've also provided external definitions of the MappingProvider and MappingSelector, so that they can be shared between the Provider and the ApplicationWizard. The algorithm for finding the "alternative (default) selections" was *different* between the two instances of both Oauth and Proxy. I'm not marking this as "ready" until Jens (@BeryJu) and I can go over why that might have been so, and decide if using a common implementation for both is the correct thing to do. Also, a lot of this is (still) cut-and-paste; the dual-select invocation, and the definitions of Providers and Selectors have a bit of boilerplate that it just didn't make sense to try and abstract away; the code is DAMP (Descriptive and Meaningful Phrases), and I can live with it. Unfortunately, that also points to the possibility of something being off; the wrong default token, or the wrong phrase to describe the "Available" and "Selected" columns. So this is not (yet) ready for a full pull review. On the other hand, if this passes muster and we're happy with it, there are 11 more places to put DualSelect, four of which are pure cut-and-paste lookups of the PaginatedOauthSourceList, plus a miscellany of Prompts, Sources, Stages, Roles, EventTransports and Policies. Despite the churn, the difference between the two implementations is 438 lines removed, 231 lines added, 121 lines new. 86 LOC deleted. Could be better. :-) * web: make the ...Selector semantics uniform across the definition set. * web: fix proxy property mapping default criteria * web: restoring dropped message to user. * Ensuring the neccessary components are imported. * web: fix problem with 'selector' overselecting The 'selector' feature was overselecting, preventing items from being removed from the "selected" list if they were part of the host object. This has the shortcoming that `default` items *must* be in the first page of options from the server, or they probably won't be registered. Fortunately, that's currently the case.
web: replace multi-select with dual-select for all propertyMapping invocations
All of the uses of <select> to show propertyMappings have been replaced with an invocation to a variant of dual select that allows for dynamic production of the “selected” list. Instead of giving a “selected” list of elements, a “selector” function is passed that can, given the elements listed by the provider, generated the “selected” list dynamically.
This feature is required for propertyMappings because many of the propertyMappings have an alternative “default selected” feature whereby an object with no property mappings is automatically granted some by the
.managed
field of the property mapping. TheDualSelectPair
type is now tragically mis-named, as it it’s now a 4-tuple, the fourth being whatever object or field is necessary to figure out what the default value might be. For example, the Oauth2PropertyMappingsSelector looks like this:If there are instanceMappings, we create a Set of them and just look up the pk for “is this selected” as we generate the component.
If there is not, we look at the
scope
object itself (Oauth2PropertyMappings were called “scopes” in the original source) and perform a token analysis.It works well, is reasonably fast, and reasonably memory-friendly.
In the case of RAC, OAuth2, and ProxyProviders, I’ve also provided external definitions of the MappingProvider and MappingSelector, so that they can be shared between the Provider and the ApplicationWizard.
A Fine-Toothed Comb
The algorithm for finding the “alternative (default) selections” was different between the two instances of both Oauth and Proxy. I’m not marking this as “ready” until Jens (@BeryJu) and I can go over why that might have been so, and decide if using a common implementation for both is the correct thing to do.
Also, a lot of this is (still) cut-and-paste; the dual-select invocation, and the definitions of Providers and Selectors have a bit of boilerplate that it just didn’t make sense to try and abstract away; the code is DAMP (Descriptive and Meaningful Phrases), and I can live with it. Unfortunately, that also points to the possibility of something being off; the wrong default token, or the wrong phrase to describe the “Available” and “Selected” columns. So this is not (yet) ready for a full pull review.
On the other hand, if this passes muster and we’re happy with it, there are 11 more places to put DualSelect, four of which are pure cut-and-paste lookups of the PaginatedOauthSourceList, plus a miscellany of Prompts, Sources, Stages, Roles, EventTransports and Policies.
Savings
Despite the churn, the difference between the two implementations is 438 lines removed, 231 lines added, 121 lines new. 86 LOC deleted. Could be better. :-)
Checklist
make web
)