enterprise: allow deletion/modification of users when in read-only mode #12289
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
✅ Deploy Preview for authentik-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #12289 +/- ##
==========================================
- Coverage 92.69% 92.67% -0.02%
==========================================
Files 762 762
Lines 38152 38174 +22
==========================================
+ Hits 35365 35379 +14
- Misses 2787 2795 +8
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-19ca872d3684e5f5167fe8b380d415c129057039
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sFor arm64, use these values: AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-19ca872d3684e5f5167fe8b380d415c129057039-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)sAfterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-19ca872d3684e5f5167fe8b380d415c129057039For arm64, use these values: authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-19ca872d3684e5f5167fe8b380d415c129057039-arm64Afterwards, run the upgrade commands from the latest release notes. |
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
tanberry
reviewed
Dec 9, 2024
| @@ -101,7 +101,15 @@ The following events occur when a license expires or the internal/external user | |||
|
|
|||
| - After another 2 weeks, users get a warning banner | |||
|
|
|||
| - After another 2 weeks, the authentik Enterprise instance becomes “read-only” | |||
| - After another 2 weeks, the authentik Enterprise instance becomes "read-only" | |||
There was a problem hiding this comment.
Suggested change
| - After another 2 weeks, the authentik Enterprise instance becomes "read-only" | |
| - After another 2 weeks (six weeks after the initial violation), the authentik Enterprise instance becomes "read-only". |
tanberry
reviewed
Dec 9, 2024
tanberry
reviewed
Dec 9, 2024
| - Licenses can be modified | ||
| - Users can be modified/deleted <span class="badge badge--version">authentik 2024.10.5+</span> | ||
|
|
||
| Once the user count returns to be within the limits of the license, authentik will return to the standard read-write mode and the notification will disappear. |
There was a problem hiding this comment.
Oh. I thought the problem was that the license had expired, not the number of users...? This is a bit confusing... Do we mean both, that either the license has expired AND/OR the number of users has exceeded the licensed amount?
tanberry
approved these changes
Dec 9, 2024
tanberry
reviewed
Dec 9, 2024
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org>
|
/cherry-pick version-2024.10 |
|
Cherry-pick failed with |
BeryJu
added a commit
that referenced
this pull request
Dec 10, 2024
…de (#12289) * enterprise: allow deletion/modification of users when in read-only mode Signed-off-by: Jens Langhammer <jens@goauthentik.io> * actually 10.5+ Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Apply suggestions from code review Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> # Conflicts: # website/docs/enterprise/manage-enterprise.md
kensternberg-authentik
added a commit
that referenced
this pull request
Dec 10, 2024
* main: (93 commits) flows: better test stage's challenge responses (#12316) enterprise/stages/authenticator_endpoint_gdtc: don't set frame options globally (#12311) stages/identification: fix invalid challenge warning when no captcha stage is set (#12312) website/docs: prepare 2024.10.5 release notes (#12309) website: bump nanoid from 3.3.7 to 3.3.8 in /website (#12307) flows: silent authz flow (#12213) root: use healthcheck in depends_on for postgres and redis (#12301) ci: ensure mark jobs always run and reflect correct status (#12288) enterprise: allow deletion/modification of users when in read-only mode (#12289) web/flows: resize captcha iframes (#12260) website/docs: add page about the Cobalt pentest (#12249) core: bump aws-cdk-lib from 2.171.1 to 2.172.0 (#12296) website: bump aws-cdk from 2.171.1 to 2.172.0 in /website (#12295) core: bump sentry-sdk from 2.19.1 to 2.19.2 (#12297) core: bump coverage from 7.6.8 to 7.6.9 (#12299) core, web: update translations (#12290) root: fix override locale only if it is not empty (#12283) translate: Updates for file web/xliff/en.xlf in fr (#12276) core: bump twilio from 9.3.7 to 9.3.8 (#12282) website: bump path-to-regexp and express in /website (#12279) ... Integration of the change from jwksSources -> (jwtFederatedSources, jwtFederatedProviders) by hand, and necessitated an update of Wdio to 9.4. All tests passing (thank Gnu).
kensternberg-authentik
added a commit
that referenced
this pull request
Jan 8, 2025
* main: flows: better test stage's challenge responses (#12316) enterprise/stages/authenticator_endpoint_gdtc: don't set frame options globally (#12311) stages/identification: fix invalid challenge warning when no captcha stage is set (#12312) website/docs: prepare 2024.10.5 release notes (#12309) website: bump nanoid from 3.3.7 to 3.3.8 in /website (#12307) flows: silent authz flow (#12213) root: use healthcheck in depends_on for postgres and redis (#12301) ci: ensure mark jobs always run and reflect correct status (#12288) enterprise: allow deletion/modification of users when in read-only mode (#12289) web/flows: resize captcha iframes (#12260)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Details
REPLACE ME
Checklist
ak test authentik/)make lint-fix)If an API change has been made
make gen-build)If changes to the frontend have been made
make web)If applicable
make website)