introduce admin area

introduce admin area first poc for connecting the authentik api Co-authored-by: Philipp Rothmann <philipprothmann@posteo.de> Reviewed-on: #2
2022-11-08 16:36:16 +01:00 · 2022-11-08 16:36:16 +01:00 · 44e4e4eb42
commit 44e4e4eb42
parent 8d760e588f
35 changed files with 367 additions and 133 deletions
--- a/backend/areas/users/lit_user_service.py
+++ b/backend/areas/users/lit_user_service.py
@ -0,0 +1,39 @@
+from flask import current_app
+from helpers.authentik_api import AuthentikApi
+from .user_service import UserService
+from .models import User
+
+
+class UserService(UserService):
+    @staticmethod
+    def get_users():
+        user_list =  [User.from_authentik(u).to_dict() for u in AuthentikApi.get("/core/users")]
+        return user_list
+
+    @staticmethod
+    def get_user(id):
+        pass
+
+    @staticmethod
+    def post_user(data):
+        pass
+
+    @staticmethod
+    def __start_recovery_flow(email):
+        pass
+
+    @staticmethod
+    def put_user(id, user_editing_id, data):
+        pass
+
+    @staticmethod
+    def delete_user(id):
+        pass
+
+    @staticmethod
+    def post_multiple_users(data):
+        pass
+
+    @staticmethod
+    def __insertAppRoleToUser(userId, userRes):
+        pass
--- a/backend/areas/users/models.py
+++ b/backend/areas/users/models.py
@ -0,0 +1,37 @@
+
+
+class User:
+    id = None
+    uuid = None
+    traits = None
+    email = None
+    name = None
+    preferredUsername = None
+    state = None
+
+    def __init__(self):
+        pass
+
+    @staticmethod
+    def from_authentik(authentik_user):
+        u = User()
+        u.id = authentik_user["pk"]
+        u.uuid = authentik_user["uid"]
+        u.name = authentik_user["name"]
+        u.email = authentik_user["email"]
+        u.traits = {
+            "name": authentik_user["name"],
+            "email": authentik_user["email"],
+            "app_roles": []
+        }
+        u.preferredUsername = authentik_user["username"]
+        u.state = "active" if authentik_user["is_active"] else ""
+        return u
+
+    def to_dict(self):
+        return {
+            "id": self.id,
+            "traits": self.traits,
+            "preferredUsername": self.preferredUsername,
+            "state": self.state,
+        }
--- a/backend/areas/users/users.py
+++ b/backend/areas/users/users.py
@ -8,16 +8,15 @@ from helpers import KratosApi
 from helpers.auth_guard import admin_required

 from .validation import schema, schema_multiple
-from .user_service import UserService
+from .lit_user_service import UserService


@api_v1.route("/users", methods=["GET"])
@jwt_required()
@cross_origin()
-@admin_required()
+# @admin_required() TODO: not needed as authentik checks permissions?
 def get_users():
-    res = UserService.get_users()
-    return jsonify(res)
+    return  jsonify(UserService.get_users())


@api_v1.route("/users/<string:id>", methods=["GET"])