authentik.sources.ldap.migrations.0001_squashed_0012_auto_20210812_1703
1# Generated by Django 3.2.8 on 2021-10-10 16:26 2 3import django.db.models.deletion 4from django.apps.registry import Apps 5from django.db import migrations, models 6 7import authentik.lib.models 8 9 10def set_managed_flag(apps: Apps, schema_editor): 11 LDAPPropertyMapping = apps.get_model("authentik_sources_ldap", "LDAPPropertyMapping") 12 db_alias = schema_editor.connection.alias 13 field_to_uid = { 14 "name": "goauthentik.io/sources/ldap/default-name", 15 "email": "goauthentik.io/sources/ldap/default-mail", 16 "username": "goauthentik.io/sources/ldap/ms-samaccountname", 17 "attributes.upn": "goauthentik.io/sources/ldap/ms-userprincipalname", 18 "first_name": "goauthentik.io/sources/ldap/ms-givenName", 19 "last_name": "goauthentik.io/sources/ldap/ms-sn", 20 } 21 for mapping in LDAPPropertyMapping.objects.using(db_alias).filter( 22 name__startswith="Autogenerated " 23 ): 24 mapping.managed = field_to_uid.get(mapping.object_field) 25 mapping.save() 26 27 28def set_default_group_mappings(apps: Apps, schema_editor): 29 LDAPPropertyMapping = apps.get_model("authentik_sources_ldap", "LDAPPropertyMapping") 30 LDAPSource = apps.get_model("authentik_sources_ldap", "LDAPSource") 31 db_alias = schema_editor.connection.alias 32 33 for source in LDAPSource.objects.using(db_alias).all(): 34 if source.property_mappings_group.using(db_alias).exists(): 35 continue 36 source.property_mappings_group.using(db_alias).set( 37 LDAPPropertyMapping.objects.using(db_alias).filter( 38 managed="goauthentik.io/sources/ldap/default-name" 39 ) 40 ) 41 source.save() 42 43 44class Migration(migrations.Migration): 45 replaces = [ 46 ("authentik_sources_ldap", "0001_initial"), 47 ("authentik_sources_ldap", "0002_ldapsource_sync_users"), 48 ("authentik_sources_ldap", "0003_default_ldap_property_mappings"), 49 ("authentik_sources_ldap", "0004_auto_20200524_1146"), 50 ("authentik_sources_ldap", "0005_auto_20200913_1947"), 51 ("authentik_sources_ldap", "0006_auto_20200915_1919"), 52 ("authentik_sources_ldap", "0007_ldapsource_sync_users_password"), 53 ("authentik_sources_ldap", "0008_managed"), 54 ("authentik_sources_ldap", "0009_auto_20210204_1834"), 55 ("authentik_sources_ldap", "0010_auto_20210205_1027"), 56 ("authentik_sources_ldap", "0011_ldapsource_property_mappings_group"), 57 ("authentik_sources_ldap", "0012_auto_20210812_1703"), 58 ] 59 60 initial = True 61 62 dependencies = [ 63 ("authentik_core", "0001_initial"), 64 ("authentik_core", "0017_managed"), 65 ] 66 67 operations = [ 68 migrations.CreateModel( 69 name="LDAPPropertyMapping", 70 fields=[ 71 ( 72 "propertymapping_ptr", 73 models.OneToOneField( 74 auto_created=True, 75 on_delete=django.db.models.deletion.CASCADE, 76 parent_link=True, 77 primary_key=True, 78 serialize=False, 79 to="authentik_core.propertymapping", 80 ), 81 ), 82 ("object_field", models.TextField()), 83 ], 84 options={ 85 "verbose_name": "LDAP Property Mapping", 86 "verbose_name_plural": "LDAP Property Mappings", 87 }, 88 bases=("authentik_core.propertymapping",), 89 ), 90 migrations.CreateModel( 91 name="LDAPSource", 92 fields=[ 93 ( 94 "source_ptr", 95 models.OneToOneField( 96 auto_created=True, 97 on_delete=django.db.models.deletion.CASCADE, 98 parent_link=True, 99 primary_key=True, 100 serialize=False, 101 to="authentik_core.source", 102 ), 103 ), 104 ( 105 "server_uri", 106 models.TextField( 107 validators=[ 108 authentik.lib.models.DomainlessURLValidator(schemes=["ldap", "ldaps"]) 109 ], 110 verbose_name="Server URI", 111 ), 112 ), 113 ("bind_cn", models.TextField(verbose_name="Bind CN")), 114 ("bind_password", models.TextField()), 115 ("start_tls", models.BooleanField(default=False, verbose_name="Enable Start TLS")), 116 ("base_dn", models.TextField(verbose_name="Base DN")), 117 ( 118 "additional_user_dn", 119 models.TextField( 120 blank=True, 121 help_text="Prepended to Base DN for User-queries.", 122 verbose_name="Addition User DN", 123 ), 124 ), 125 ( 126 "additional_group_dn", 127 models.TextField( 128 blank=True, 129 help_text="Prepended to Base DN for Group-queries.", 130 verbose_name="Addition Group DN", 131 ), 132 ), 133 ( 134 "user_object_filter", 135 models.TextField( 136 default="(objectCategory=Person)", 137 help_text="Consider Objects matching this filter to be Users.", 138 ), 139 ), 140 ( 141 "user_group_membership_field", 142 models.TextField( 143 default="memberOf", help_text="Field which contains Groups of user." 144 ), 145 ), 146 ( 147 "group_object_filter", 148 models.TextField( 149 default="(objectCategory=Group)", 150 help_text="Consider Objects matching this filter to be Groups.", 151 ), 152 ), 153 ( 154 "object_uniqueness_field", 155 models.TextField( 156 default="objectSid", help_text="Field which contains a unique Identifier." 157 ), 158 ), 159 ("sync_groups", models.BooleanField(default=True)), 160 ( 161 "sync_parent_group", 162 models.ForeignKey( 163 blank=True, 164 default=None, 165 null=True, 166 on_delete=django.db.models.deletion.SET_DEFAULT, 167 to="authentik_core.group", 168 ), 169 ), 170 ("sync_users", models.BooleanField(default=True)), 171 ( 172 "sync_users_password", 173 models.BooleanField( 174 default=True, 175 help_text=( 176 "When a user changes their password, sync it back to LDAP. This can" 177 " only be enabled on a single LDAP source." 178 ), 179 unique=True, 180 ), 181 ), 182 ], 183 options={ 184 "verbose_name": "LDAP Source", 185 "verbose_name_plural": "LDAP Sources", 186 }, 187 bases=("authentik_core.source",), 188 ), 189 migrations.RunPython( 190 code=set_managed_flag, 191 ), 192 migrations.RemoveField( 193 model_name="ldapsource", 194 name="user_group_membership_field", 195 ), 196 migrations.AddField( 197 model_name="ldapsource", 198 name="group_membership_field", 199 field=models.TextField( 200 default="member", help_text="Field which contains members of a group." 201 ), 202 ), 203 migrations.AlterField( 204 model_name="ldapsource", 205 name="group_object_filter", 206 field=models.TextField( 207 default="(objectClass=group)", 208 help_text="Consider Objects matching this filter to be Groups.", 209 ), 210 ), 211 migrations.AlterField( 212 model_name="ldapsource", 213 name="user_object_filter", 214 field=models.TextField( 215 default="(objectClass=person)", 216 help_text="Consider Objects matching this filter to be Users.", 217 ), 218 ), 219 migrations.AddField( 220 model_name="ldapsource", 221 name="property_mappings_group", 222 field=models.ManyToManyField( 223 blank=True, 224 default=None, 225 help_text="Property mappings used for group creation/updating.", 226 to="authentik_core.PropertyMapping", 227 ), 228 ), 229 migrations.RunPython( 230 code=set_default_group_mappings, 231 ), 232 migrations.AlterField( 233 model_name="ldapsource", 234 name="bind_cn", 235 field=models.TextField(blank=True, verbose_name="Bind CN"), 236 ), 237 migrations.AlterField( 238 model_name="ldapsource", 239 name="bind_password", 240 field=models.TextField(blank=True), 241 ), 242 migrations.AlterField( 243 model_name="ldapsource", 244 name="sync_users_password", 245 field=models.BooleanField( 246 default=True, 247 help_text=( 248 "When a user changes their password, sync it back to LDAP. This can only be" 249 " enabled on a single LDAP source." 250 ), 251 ), 252 ), 253 ]
def
set_managed_flag(apps: django.apps.registry.Apps, schema_editor):
11def set_managed_flag(apps: Apps, schema_editor): 12 LDAPPropertyMapping = apps.get_model("authentik_sources_ldap", "LDAPPropertyMapping") 13 db_alias = schema_editor.connection.alias 14 field_to_uid = { 15 "name": "goauthentik.io/sources/ldap/default-name", 16 "email": "goauthentik.io/sources/ldap/default-mail", 17 "username": "goauthentik.io/sources/ldap/ms-samaccountname", 18 "attributes.upn": "goauthentik.io/sources/ldap/ms-userprincipalname", 19 "first_name": "goauthentik.io/sources/ldap/ms-givenName", 20 "last_name": "goauthentik.io/sources/ldap/ms-sn", 21 } 22 for mapping in LDAPPropertyMapping.objects.using(db_alias).filter( 23 name__startswith="Autogenerated " 24 ): 25 mapping.managed = field_to_uid.get(mapping.object_field) 26 mapping.save()
def
set_default_group_mappings(apps: django.apps.registry.Apps, schema_editor):
29def set_default_group_mappings(apps: Apps, schema_editor): 30 LDAPPropertyMapping = apps.get_model("authentik_sources_ldap", "LDAPPropertyMapping") 31 LDAPSource = apps.get_model("authentik_sources_ldap", "LDAPSource") 32 db_alias = schema_editor.connection.alias 33 34 for source in LDAPSource.objects.using(db_alias).all(): 35 if source.property_mappings_group.using(db_alias).exists(): 36 continue 37 source.property_mappings_group.using(db_alias).set( 38 LDAPPropertyMapping.objects.using(db_alias).filter( 39 managed="goauthentik.io/sources/ldap/default-name" 40 ) 41 ) 42 source.save()
class
Migration(django.db.migrations.migration.Migration):
45class Migration(migrations.Migration): 46 replaces = [ 47 ("authentik_sources_ldap", "0001_initial"), 48 ("authentik_sources_ldap", "0002_ldapsource_sync_users"), 49 ("authentik_sources_ldap", "0003_default_ldap_property_mappings"), 50 ("authentik_sources_ldap", "0004_auto_20200524_1146"), 51 ("authentik_sources_ldap", "0005_auto_20200913_1947"), 52 ("authentik_sources_ldap", "0006_auto_20200915_1919"), 53 ("authentik_sources_ldap", "0007_ldapsource_sync_users_password"), 54 ("authentik_sources_ldap", "0008_managed"), 55 ("authentik_sources_ldap", "0009_auto_20210204_1834"), 56 ("authentik_sources_ldap", "0010_auto_20210205_1027"), 57 ("authentik_sources_ldap", "0011_ldapsource_property_mappings_group"), 58 ("authentik_sources_ldap", "0012_auto_20210812_1703"), 59 ] 60 61 initial = True 62 63 dependencies = [ 64 ("authentik_core", "0001_initial"), 65 ("authentik_core", "0017_managed"), 66 ] 67 68 operations = [ 69 migrations.CreateModel( 70 name="LDAPPropertyMapping", 71 fields=[ 72 ( 73 "propertymapping_ptr", 74 models.OneToOneField( 75 auto_created=True, 76 on_delete=django.db.models.deletion.CASCADE, 77 parent_link=True, 78 primary_key=True, 79 serialize=False, 80 to="authentik_core.propertymapping", 81 ), 82 ), 83 ("object_field", models.TextField()), 84 ], 85 options={ 86 "verbose_name": "LDAP Property Mapping", 87 "verbose_name_plural": "LDAP Property Mappings", 88 }, 89 bases=("authentik_core.propertymapping",), 90 ), 91 migrations.CreateModel( 92 name="LDAPSource", 93 fields=[ 94 ( 95 "source_ptr", 96 models.OneToOneField( 97 auto_created=True, 98 on_delete=django.db.models.deletion.CASCADE, 99 parent_link=True, 100 primary_key=True, 101 serialize=False, 102 to="authentik_core.source", 103 ), 104 ), 105 ( 106 "server_uri", 107 models.TextField( 108 validators=[ 109 authentik.lib.models.DomainlessURLValidator(schemes=["ldap", "ldaps"]) 110 ], 111 verbose_name="Server URI", 112 ), 113 ), 114 ("bind_cn", models.TextField(verbose_name="Bind CN")), 115 ("bind_password", models.TextField()), 116 ("start_tls", models.BooleanField(default=False, verbose_name="Enable Start TLS")), 117 ("base_dn", models.TextField(verbose_name="Base DN")), 118 ( 119 "additional_user_dn", 120 models.TextField( 121 blank=True, 122 help_text="Prepended to Base DN for User-queries.", 123 verbose_name="Addition User DN", 124 ), 125 ), 126 ( 127 "additional_group_dn", 128 models.TextField( 129 blank=True, 130 help_text="Prepended to Base DN for Group-queries.", 131 verbose_name="Addition Group DN", 132 ), 133 ), 134 ( 135 "user_object_filter", 136 models.TextField( 137 default="(objectCategory=Person)", 138 help_text="Consider Objects matching this filter to be Users.", 139 ), 140 ), 141 ( 142 "user_group_membership_field", 143 models.TextField( 144 default="memberOf", help_text="Field which contains Groups of user." 145 ), 146 ), 147 ( 148 "group_object_filter", 149 models.TextField( 150 default="(objectCategory=Group)", 151 help_text="Consider Objects matching this filter to be Groups.", 152 ), 153 ), 154 ( 155 "object_uniqueness_field", 156 models.TextField( 157 default="objectSid", help_text="Field which contains a unique Identifier." 158 ), 159 ), 160 ("sync_groups", models.BooleanField(default=True)), 161 ( 162 "sync_parent_group", 163 models.ForeignKey( 164 blank=True, 165 default=None, 166 null=True, 167 on_delete=django.db.models.deletion.SET_DEFAULT, 168 to="authentik_core.group", 169 ), 170 ), 171 ("sync_users", models.BooleanField(default=True)), 172 ( 173 "sync_users_password", 174 models.BooleanField( 175 default=True, 176 help_text=( 177 "When a user changes their password, sync it back to LDAP. This can" 178 " only be enabled on a single LDAP source." 179 ), 180 unique=True, 181 ), 182 ), 183 ], 184 options={ 185 "verbose_name": "LDAP Source", 186 "verbose_name_plural": "LDAP Sources", 187 }, 188 bases=("authentik_core.source",), 189 ), 190 migrations.RunPython( 191 code=set_managed_flag, 192 ), 193 migrations.RemoveField( 194 model_name="ldapsource", 195 name="user_group_membership_field", 196 ), 197 migrations.AddField( 198 model_name="ldapsource", 199 name="group_membership_field", 200 field=models.TextField( 201 default="member", help_text="Field which contains members of a group." 202 ), 203 ), 204 migrations.AlterField( 205 model_name="ldapsource", 206 name="group_object_filter", 207 field=models.TextField( 208 default="(objectClass=group)", 209 help_text="Consider Objects matching this filter to be Groups.", 210 ), 211 ), 212 migrations.AlterField( 213 model_name="ldapsource", 214 name="user_object_filter", 215 field=models.TextField( 216 default="(objectClass=person)", 217 help_text="Consider Objects matching this filter to be Users.", 218 ), 219 ), 220 migrations.AddField( 221 model_name="ldapsource", 222 name="property_mappings_group", 223 field=models.ManyToManyField( 224 blank=True, 225 default=None, 226 help_text="Property mappings used for group creation/updating.", 227 to="authentik_core.PropertyMapping", 228 ), 229 ), 230 migrations.RunPython( 231 code=set_default_group_mappings, 232 ), 233 migrations.AlterField( 234 model_name="ldapsource", 235 name="bind_cn", 236 field=models.TextField(blank=True, verbose_name="Bind CN"), 237 ), 238 migrations.AlterField( 239 model_name="ldapsource", 240 name="bind_password", 241 field=models.TextField(blank=True), 242 ), 243 migrations.AlterField( 244 model_name="ldapsource", 245 name="sync_users_password", 246 field=models.BooleanField( 247 default=True, 248 help_text=( 249 "When a user changes their password, sync it back to LDAP. This can only be" 250 " enabled on a single LDAP source." 251 ), 252 ), 253 ), 254 ]
The base class for all migrations.
Migration files will import this from django.db.migrations.Migration and subclass it as a class called Migration. It will have one or more of the following attributes:
- operations: A list of Operation instances, probably from django.db.migrations.operations
- dependencies: A list of tuples of (app_path, migration_name)
- run_before: A list of tuples of (app_path, migration_name)
- replaces: A list of migration_names
Note that all migrations come out of migrations and into the Loader or Graph as instances, having been initialized with their app label and name.
replaces =
[('authentik_sources_ldap', '0001_initial'), ('authentik_sources_ldap', '0002_ldapsource_sync_users'), ('authentik_sources_ldap', '0003_default_ldap_property_mappings'), ('authentik_sources_ldap', '0004_auto_20200524_1146'), ('authentik_sources_ldap', '0005_auto_20200913_1947'), ('authentik_sources_ldap', '0006_auto_20200915_1919'), ('authentik_sources_ldap', '0007_ldapsource_sync_users_password'), ('authentik_sources_ldap', '0008_managed'), ('authentik_sources_ldap', '0009_auto_20210204_1834'), ('authentik_sources_ldap', '0010_auto_20210205_1027'), ('authentik_sources_ldap', '0011_ldapsource_property_mappings_group'), ('authentik_sources_ldap', '0012_auto_20210812_1703')]
operations =
[<CreateModel name='LDAPPropertyMapping', fields=[('propertymapping_ptr', <django.db.models.fields.related.OneToOneField>), ('object_field', <django.db.models.fields.TextField>)], options={'verbose_name': 'LDAP Property Mapping', 'verbose_name_plural': 'LDAP Property Mappings'}, bases=('authentik_core.propertymapping',)>, <CreateModel name='LDAPSource', fields=[('source_ptr', <django.db.models.fields.related.OneToOneField>), ('server_uri', <django.db.models.fields.TextField>), ('bind_cn', <django.db.models.fields.TextField>), ('bind_password', <django.db.models.fields.TextField>), ('start_tls', <django.db.models.fields.BooleanField>), ('base_dn', <django.db.models.fields.TextField>), ('additional_user_dn', <django.db.models.fields.TextField>), ('additional_group_dn', <django.db.models.fields.TextField>), ('user_object_filter', <django.db.models.fields.TextField>), ('user_group_membership_field', <django.db.models.fields.TextField>), ('group_object_filter', <django.db.models.fields.TextField>), ('object_uniqueness_field', <django.db.models.fields.TextField>), ('sync_groups', <django.db.models.fields.BooleanField>), ('sync_parent_group', <django.db.models.fields.related.ForeignKey>), ('sync_users', <django.db.models.fields.BooleanField>), ('sync_users_password', <django.db.models.fields.BooleanField>)], options={'verbose_name': 'LDAP Source', 'verbose_name_plural': 'LDAP Sources'}, bases=('authentik_core.source',)>, <RunPython code=<function set_managed_flag>>, <RemoveField model_name='ldapsource', name='user_group_membership_field'>, <AddField model_name='ldapsource', name='group_membership_field', field=<django.db.models.fields.TextField>>, <AlterField model_name='ldapsource', name='group_object_filter', field=<django.db.models.fields.TextField>>, <AlterField model_name='ldapsource', name='user_object_filter', field=<django.db.models.fields.TextField>>, <AddField model_name='ldapsource', name='property_mappings_group', field=<django.db.models.fields.related.ManyToManyField>>, <RunPython code=<function set_default_group_mappings>>, <AlterField model_name='ldapsource', name='bind_cn', field=<django.db.models.fields.TextField>>, <AlterField model_name='ldapsource', name='bind_password', field=<django.db.models.fields.TextField>>, <AlterField model_name='ldapsource', name='sync_users_password', field=<django.db.models.fields.BooleanField>>]