web/admin: add application bindings to the application wizard #11462
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…from the backend Provide an alternative, readonly, disabled, unindexed input object with the text "Loading...", to be replaced with the _real_ input element after the content is loaded. This provides the correct appearance and spacing so the content doesn't jiggle about between the start of loading and the SearchSelect element being finalized. It was visually distracting and unappealing.
…correct component under test.
- Add a unit test to ensure the "Loading..." element is displayed correctly before data arrives - Demo how to mock a `fetchObjects()` call in testing. Very cool. - Make distinguishing rule sets for code, tests, and scripts in nightmare mode - In SearchSelect, Move the `styles()` declaration to the top of the class for consistency. - To test for the FLOUC issue in SearchSelect. This is both an exercise in mocking @BeryJu's `fetchObjects()` protocol, and shows how we can unit test generic components that render API objects.
…select-table * web/bug/search-select-flouc-issue: web: test for flash of unstructured content web: comment on state management in API layer, move file to point to correct component under test. web: fix Flash of Unstructured Content while SearchSelect is loading from the backend
Mostly these tests assert that the table renders and that the content we give it is where we expect it to be after sorting. For select tables, it also asserts that the overall value of the table is what we expect it to be when we click on a single row, or on the "select all" button.
* main: website/docs: cve release notes (#11026) security: fix CVE-2024-42490 (#11022) web: bump API Client version (#11021) providers/scim: optimize sending all members within a group (#9968) providers/scim: add API endpoint to sync single user (#8486) web: bump chromedriver from 127.0.3 to 128.0.0 in /tests/wdio (#11017) web: dual-select uses, part 2: dual-select harder (#9377) web: fix flash of unstructured content, add tests for it (#11013) core: bump drf-orjson-renderer from 1.7.2 to 1.7.3 (#11015) core: bump github.com/gorilla/sessions from 1.3.0 to 1.4.0 (#11002) website/docs: Correct the forward authentication configuration template for Caddy (#11012)
Includes documentation updates and better tests for select-table.
…manipulate test DOMs directly in a browser.exec call so they run in the proper context and be await()ed properly
* main: (30 commits) website/docs: prepare release notes for 2024.8 (#11011) translate: Updates for file web/xliff/en.xlf in zh_CN (#11070) translate: Updates for file web/xliff/en.xlf in zh-Hans (#11071) web: bump mermaid from 10.9.1 to 11.0.2 in /web (#11066) core: bump github.com/jellydator/ttlcache/v3 from 3.2.0 to 3.2.1 (#11059) Fix incorrect size redefinition for Discord avatar acquisition code. (#11050) core, web: update translations (#11051) website: bump micromatch from 4.0.5 to 4.0.8 in /website (#11052) core: bump django-pglock from 1.5.1 to 1.6.0 (#11058) core: bump goauthentik.io/api/v3 from 3.2024063.13 to 3.2024064.1 (#11060) core: bump github.com/prometheus/client_golang from 1.20.1 to 1.20.2 (#11061) web: bump the swc group across 2 directories with 11 updates (#11062) web: bump tslib from 2.6.3 to 2.7.0 in /web (#11063) web: bump @eslint/js from 9.9.0 to 9.9.1 in /web (#11064) web: bump syncpack from 12.4.0 to 13.0.0 in /web (#11065) web: bump @goauthentik/api from 2024.6.3-1724337552 to 2024.6.3-1724414734 in /web/sfe (#11067) web: Provide tests for the aggregate cards, fix a few minor things (#9744) enterprise: fix license status progress bar (#11048) root: backport version bump (#11045) web/flows: update flow background (#11044) ...
…. Map does not do full tracking.
* main: (92 commits) internal: fix go paginator not setting page correctly (#11253) core: bump google-api-python-client from 2.143.0 to 2.144.0 (#11241) core: bump twilio from 9.2.4 to 9.3.0 (#11242) core: bump github.com/prometheus/client_golang from 1.20.2 to 1.20.3 (#11243) core: bump ruff from 0.6.3 to 0.6.4 (#11244) core: bump pydantic from 2.8.2 to 2.9.0 (#11245) core: bump msgraph-sdk from 1.5.4 to 1.6.0 (#11246) web: bump the rollup group across 2 directories with 1 update (#11248) core: fix missing argument name escaping for property mapping (#11231) providers/ldap: rework search_group migration to work with read replicas (#11228) core, web: update translations (#11220) website: bump postcss from 8.4.44 to 8.4.45 in /website (#11221) core: bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (#11222) core: bump django-model-utils from 4.5.1 to 5.0.0 (#11223) web: bump @changesets/cli from 2.27.7 to 2.27.8 in /web (#11224) web: bump @types/node from 22.5.3 to 22.5.4 in /web (#11225) web/admin: improve error handling (#11212) providers/ldap: fix incorrect permission check for search access (#11217) web/admin: fix missing Sync object button SCIM Provider (#11211) website/docs: add note about terraform provider (#11206) ...
* main: (25 commits) web: bump rapidoc from 9.3.4 to 9.3.5 in /web (#11410) website: bump dompurify from 3.0.6 to 3.1.6 in /website (#11402) website: bump @types/react from 18.3.5 to 18.3.6 in /website (#11405) core: bump goauthentik.io/api/v3 from 3.2024081.1 to 3.2024082.1 (#11406) web: bump the storybook group across 1 directory with 7 updates (#11408) web: bump typescript-eslint from 8.5.0 to 8.6.0 in /tests/wdio (#11409) web: bump typescript-eslint from 8.5.0 to 8.6.0 in /web (#11411) web: bump mermaid from 11.2.0 to 11.2.1 in /web (#11412) website/docs: upgrade: fix helm command (#11403) web: bump API Client version (#11396) release: 2024.8.2 (#11395) website/docs: prepare release notes for 2024.8.2 (#11394) core: bump paramiko from 3.4.1 to 3.5.0 (#11388) stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#11383) core, web: update translations (#11375) core: bump django-pglock from 1.6.1 to 1.6.2 (#11389) website: bump postcss from 8.4.45 to 8.4.47 in /website (#11390) core: bump ruff from 0.6.4 to 0.6.5 (#11391) core: bump psycopg from 3.2.1 to 3.2.2 (#11392) web: bump @floating-ui/dom from 1.6.10 to 1.6.11 in /web (#11393) ...
Got the binding editor in. The tests complete. Removed sonarjs.
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #11462 +/- ##
==========================================
- Coverage 92.78% 92.77% -0.02%
==========================================
Files 770 770
Lines 38735 38735
==========================================
- Hits 35942 35937 -5
- Misses 2793 2798 +5
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-532bf5a2bfd2e2c465ab75fe57d2fe05af711b08
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sFor arm64, use these values: AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-532bf5a2bfd2e2c465ab75fe57d2fe05af711b08-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sAfterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-532bf5a2bfd2e2c465ab75fe57d2fe05af711b08For arm64, use these values: authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-532bf5a2bfd2e2c465ab75fe57d2fe05af711b08-arm64Afterwards, run the upgrade commands from the latest release notes. |
* web/element/ak-select-table: web: repeat is needed to make sure sub-elements move around correctly. Map does not do full tracking. Provide unit test accessibility to Firefox and Safari; wrap calls to manipulate test DOMs directly in a browser.exec call so they run in the proper context and be await()ed properly web: finalize testing for tables web: added basic unit testing to API-free tables web: interim commit of the basic sortable & selectable table. web: test for flash of unstructured content web: comment on state management in API layer, move file to point to correct component under test. web: fix Flash of Unstructured Content while SearchSelect is loading from the backend
…'delete'. TODO: Fix error reporting on home page, the edit button is ugly, and the height is off somehow, but I'm not yet sure how. I just know it bugs my eyes.
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
especially since we'll be using the wizard as default in the future, it shouldn't be superuser only Signed-off-by: Jens Langhammer <jens@goauthentik.io>
… into web/policy-wizard-3 * origin/core/app-transactional/bindings: (47 commits) improve permission checks core: add support to set policy bindings in transactional endpoint web/admin: fix Authentication flow being required (#11496) web: bump the wdio group across 2 directories with 5 updates (#11494) web: bump turnstile-types from 1.2.2 to 1.2.3 in /web (#11495) web: bump the swc group across 2 directories with 11 updates (#11493) web: bump the eslint group across 2 directories with 5 updates (#11492) web: bump the storybook group across 1 directory with 7 updates (#11491) core: bump bandit from 1.7.9 to 1.7.10 (#11485) web: bump the rollup group across 2 directories with 3 updates (#11487) web: bump @types/node from 22.5.5 to 22.6.1 in /web (#11490) website/docs: use a more consistent version requirement notice (#11400) website/docs: clarify API browser access (#11373) website/integrations: Glitchtip: update redirect URL (#11438) web: bump knip from 5.30.4 to 5.30.5 in /web (#11479) fix: proxy provider - docker traefik label (#11460) website: the requirements for Go and Node required updating. (#11419) web: bump the esbuild group across 1 directory with 3 updates (#11470) web: bump @sentry/browser from 8.30.0 to 8.31.0 in /web in the sentry group across 1 directory (#11478) web: bump the eslint group across 2 directories with 1 update (#11469) ...
* main: (146 commits) website: bump @types/react from 18.3.8 to 18.3.9 in /website (#11502) core: bump debugpy from 1.8.5 to 1.8.6 (#11503) core: bump google-api-python-client from 2.146.0 to 2.147.0 (#11504) web: bump @types/node from 22.6.1 to 22.7.0 in /web (#11505) core, web: update translations (#11500) sources/ldap: fix mapping check, fix debug endpoint (#11442) web/admin: fix Authentication flow being required (#11496) web: bump the wdio group across 2 directories with 5 updates (#11494) web: bump turnstile-types from 1.2.2 to 1.2.3 in /web (#11495) web: bump the swc group across 2 directories with 11 updates (#11493) web: bump the eslint group across 2 directories with 5 updates (#11492) web: bump the storybook group across 1 directory with 7 updates (#11491) core: bump bandit from 1.7.9 to 1.7.10 (#11485) web: bump the rollup group across 2 directories with 3 updates (#11487) web: bump @types/node from 22.5.5 to 22.6.1 in /web (#11490) website/docs: use a more consistent version requirement notice (#11400) website/docs: clarify API browser access (#11373) website/integrations: Glitchtip: update redirect URL (#11438) web: bump knip from 5.30.4 to 5.30.5 in /web (#11479) fix: proxy provider - docker traefik label (#11460) ...
- Replace `th` with `td` in `thead` components. Because Patternfly. - Add @BeryJu's styling to the tables, which make it much better looking
- Add policy bindings to the application wizard
- Restructures the Wizard base code.
- ak-wizard-steps holds the steps and listens for NavigationRequest events to move
from one step to the next.
- WizardStep is a base class (no component registration provided) that provides the *whole frame*,
not just the form. It receives the navigation content for the sidebar from ak-wizard-steps,
and provides the styling for the header, footer, sidebar, and main form. It has abstractions
for `buttons`, `renderMain()`, `handleButton()`, `handleEnable()`, in a section well-marked as
"Public API". Steps inherit from this class.
Conceptually:
- A wizard is a series of pages ("steps") with a distinct beginning and end, linked in a series,
to complete a task.
- Later steps in the series are inaccessible until an earlier steps has granted access to it.
- Access is predicated on the earlier step being complete and valid. The developer is responsible
for determining what "complete and valid" means.
- The series is visible, giving the customer a sense of how much effort is needed to complete the
task.
- A parent object maintains (and can modify as needed) the list of steps. It *can* maintain the
information being collected from the user. Alternatively, that information can be kept in each
step.
Details:
- Keeping with the Lit paradigm, "requests to change the system flow up, information changed by
valid requests flows down."
- The information flows up using events: WizardNavigation, WizardUpdate, WizardClose.
- The information flows down using properties.
- ak-application-wizard-main holds the list of steps, providing a unique slot name for each.
- It maintains the ApplicationWizardState object.
- ApplicationWizardStep inherits from WizardStep and provides:
- A means of extraction information from forms
- A convenience method for updating the ApplicationWizardState object, enabling future steps, and
navigating to a future step, in the correct order.
- A method for cleaning error from the error reporting mechanism as the user navigates from an
error-handling state.
- The title, description, and cancelability of the wizard.
- Steps:
- step: Handles the application. A good starting point for understanding the point of
the Wizard. Check the `handleButton()` method to understand how we enable or disable access to
future steps.
- provider-choice: Just a list. Shows validation without the form.
- provider: Uses a *very* esoteric Lit feature, `unsafeStaticTag`, which enables
the display to show anything that conforms to the expectations of ApplicationWizardProviderForm.
- ApplicationWizardProviderForm repeats some of the base of ApplicationWizardStep, but allows us
to provide multiple variants on a single form without having to create separate steps for each
form.
- The forms (`provider-for-ldap`, `provider-for-radius`) are therefore *just* the form and any
fetchers needed to populate it.
- bindings: Shows the table of bindings. Has a custom display for "This table is empty."
- edit-binding: Showcase for the `SearchSelectEZ` configuration format. Has an override on the
`handleButton` feature to figure out which binding is about to be overridden. Is also a
`.hidden` page; it doesn't show up on the navigation sidebar, as is only navigable-to by buttons
not associated with the button bar at the bottom.
- submit: Has a lot of machinery of state: Reviewing with errors, reviewing without errors,
running submission, and success. Uses `ts-pattern` a lot to make sure the state/request pairs
make sense.
The key insight is that, even though a wizard is a series in order, that order can't be simply
maintained in a list. The parent needs various strategies for swapping pages in and out of the
sequence, while still maintaining a coherent idea of "flow" and providing the visual cues the user
needs to feel confident that the work can be completed and completed quickly. The entire mechanism
for using an array and index to navigate, with index numbering, blocked the implementation of the
bindings pages.
One thing led to another. *Sigh* Really wish this hadn't been as much of a mess as it turned out.
The end result is pretty good, though. Definitely re-usable.
One important feature to note is that the wizard is *not* tied to the ModalButton object; it's
simply embedded in a modal as-needed. This allows us to use wizards in other places, such as just
being in a DIV, or just a page on its own.
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
|
Btw, this PR won't work with |
* main: (55 commits) web: bump API Client version (#11997) sources/kerberos: use new python-kadmin implementation (#11932) core: add ability to provide reason for impersonation (#11951) website/integrations: update vcenter integration docs (#11768) core, web: update translations (#11995) website: bump postcss from 8.4.48 to 8.4.49 in /website (#11996) web: bump API Client version (#11992) blueprints: add default Password policy (#11793) stages/captcha: Run interactive captcha in Frame (#11857) core, web: update translations (#11979) core: bump packaging from 24.1 to 24.2 (#11985) core: bump ruff from 0.7.2 to 0.7.3 (#11986) core: bump msgraph-sdk from 1.11.0 to 1.12.0 (#11987) website: bump the docusaurus group in /website with 9 updates (#11988) website: bump postcss from 8.4.47 to 8.4.48 in /website (#11989) stages/password: use recovery flow from brand (#11953) core: bump golang.org/x/sync from 0.8.0 to 0.9.0 (#11962) web: bump cookie, swagger-client and express in /web (#11966) core, web: update translations (#11959) core: bump debugpy from 1.8.7 to 1.8.8 (#11961) ...
…itle display don't affect the wiard header.
…ndicators in nav bar.
* main: (88 commits) ci: mirror repo to internal repo (#12160) core: bump goauthentik.io/api/v3 from 3.2024102.2 to 3.2024104.1 (#12149) core: bump debugpy from 1.8.8 to 1.8.9 (#12150) core: bump webauthn from 2.2.0 to 2.3.0 (#12151) core: bump pydantic from 2.10.0 to 2.10.1 (#12152) translate: Updates for file web/xliff/en.xlf in zh_CN (#12156) translate: Updates for file web/xliff/en.xlf in zh-Hans (#12157) core: bump sentry-sdk from 2.18.0 to 2.19.0 (#12153) web: bump API Client version (#12147) root: Backport version change (#12146) website/docs: update info about footer links to match new UI (#12120) website/docs: prepare release notes (#12142) providers/oauth2: fix migration (#12138) providers/oauth2: fix migration dependencies (#12123) web: bump API Client version (#12129) providers/oauth2: fix redirect uri input (#12122) providers/proxy: fix redirect_uri (#12121) website/docs: prepare release notes (#12119) web: bump API Client version (#12118) security: fix CVE 2024 52289 (#12113) ...
kensternberg-authentik
changed the base branch from
web/update-provider-forms-for-invalidation
to
main
* main: (93 commits) flows: better test stage's challenge responses (#12316) enterprise/stages/authenticator_endpoint_gdtc: don't set frame options globally (#12311) stages/identification: fix invalid challenge warning when no captcha stage is set (#12312) website/docs: prepare 2024.10.5 release notes (#12309) website: bump nanoid from 3.3.7 to 3.3.8 in /website (#12307) flows: silent authz flow (#12213) root: use healthcheck in depends_on for postgres and redis (#12301) ci: ensure mark jobs always run and reflect correct status (#12288) enterprise: allow deletion/modification of users when in read-only mode (#12289) web/flows: resize captcha iframes (#12260) website/docs: add page about the Cobalt pentest (#12249) core: bump aws-cdk-lib from 2.171.1 to 2.172.0 (#12296) website: bump aws-cdk from 2.171.1 to 2.172.0 in /website (#12295) core: bump sentry-sdk from 2.19.1 to 2.19.2 (#12297) core: bump coverage from 7.6.8 to 7.6.9 (#12299) core, web: update translations (#12290) root: fix override locale only if it is not empty (#12283) translate: Updates for file web/xliff/en.xlf in fr (#12276) core: bump twilio from 9.3.7 to 9.3.8 (#12282) website: bump path-to-regexp and express in /website (#12279) ... Integration of the change from jwksSources -> (jwtFederatedSources, jwtFederatedProviders) by hand, and necessitated an update of Wdio to 9.4. All tests passing (thank Gnu).
As requested by reviewers: - Fixed the height to 75% of the viewport - Put 1rem of whitespace between the hint label and the Wizard startup button.
rissson
added
deploy_me
rissson
requested changes
Dec 13, 2024
web/src/admin/applications/wizard/steps/ak-application-wizard-edit-binding-step.ts
Outdated
Show resolved
Hide resolved
web/src/admin/applications/wizard/steps/ak-application-wizard-bindings-step.ts
Outdated
Show resolved
Hide resolved
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: Jens L. <jens@beryju.org>
BeryJu
approved these changes
Dec 17, 2024
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
web: wizard for applications, now with bindings!
What
Purpose
The Wizard Base:
buttons,renderMain(),handleButton(),handleEnable(), in a section well-marked as “Public API”. Steps inherit from this class.Conceptually:
Details:
The Application Wizard
handleButton()method to understand how we enable or disable access to future steps.unsafeStaticTag, which enables the display to show anything that conforms to the expectations of ApplicationWizardProviderForm.provider-for-ldap,provider-for-radius) are therefore just the form and any fetchers needed to populate it.SearchSelectEZconfiguration format. Has an override on thehandleButtonfeature to figure out which binding is about to be overridden. Is also a.hiddenpage; it doesn’t show up on the navigation sidebar, as is only navigable-to by buttons not associated with the button bar at the bottom.ts-patterna lot to make sure the state/request pairs make sense.Why !?!?!?
The key insight is that, even though a wizard is a series in order, that order can’t be simply maintained in a list. The parent needs various strategies for swapping pages in and out of the sequence, while still maintaining a coherent idea of “flow” and providing the visual cues the user needs to feel confident that the work can be completed and completed quickly. The entire mechanism for using an array and index to navigate, with index numbering, blocked the implementation of the bindings pages.
One thing led to another. Sigh Really wish this hadn’t been as much of a mess as it turned out. The end result is pretty good, though. Definitely re-usable.
One important feature to note is that the wizard is not tied to the ModalButton object; it’s simply embedded in a modal as-needed. This allows us to use wizards in other places, such as just being in a DIV, or just a page on its own.
Checklist
make web)