The application might need a unique id for a group to uniquely identify it. It can help in various cases like detecting group renames and more.
We should document `group_uuid` field of the group object to make users aware that it can be used in custom property mappings.
Signed-off-by: Shiv Tyagi <67995771+shiv-tyagi@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* new first steps docs
* moved email config up to match Docker
* first draft
* moved sections and retitled some
* more content, tweaks
* dewis edits
* added Dewi ideas, more content, tweaks
* more content, green tips, other fixes
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* Optimised images with calibre/image-actions
* conflicts?
* dominic's eedits, more content
* another fine Dominic edit
* more dewi and dominic edits, links
* a bunch of things
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* tweaks
* thanks Teffen
* new styles, more content
* few more dominic edits, tweaks
* formatting fights on tips
* fix some alignments
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* changes from Jens
* work on bindings docs that was needed for the first steps docs
* links, more tweaks
* more edits, more TODOs done
* add mermaid diagram, more links, more content
* fix sidebar, tweaks
* tweak
* more link fixing
* fix heading size
* more dewi and dominic edits
* more dewi and dominic edits
* teffen enhancements yay and more bindings rearchitecting
* added note about stage bindings being the only type of binding that you can bind to yeehaw
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
* move imports
* core: add digraph group hierarchy
* move to permissions from Group or User to Role
* set group parents on frontend
* do not serialize `GroupParentageNode` directly
* core: enforce unique group name on database level
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
* use group parents in LDAP provider
* add user-role relationship control to frontend
* move materialized view to be more discoverable
* add guardian to mypy exceptions
* make `Role` a `ManagedModel`
* fixup! make `Role` a `ManagedModel`
* simplify `get_objects_for_user`
* fix flaky unit test
* rename `django-guardian` fork to `ak-guardian`
* add tests around users/groups/roles
* remove unused guardian config variable
* simplify guardian file structure
* clean up frontend
* initial docs
* remove `mode` from `InitialPermissions`
This is no longer needed, since users no longer directly have permissions.
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* clean up docs for managing permissions
* addendums from docs review
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* tweaks
* dewi and tana edits to docs
* tweak
* truly final tweaks, for now
* relabel Role Permissions table
* clarify button label
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
* merge migrations
* fixup! Merge branch 'main' into core/add-digraph-group-hierarchy
---------
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
* basic procedural steps
* more questions, more typos
* more typos
* tweaks
* more content, new links
* fixed link
* tweak
* fix things
* more fixes
* yet more fixes
* Apply suggestions from code review
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* Update website/docs/users-sources/access-control/initial_permissions.mdx
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
* dewi's edits
* dominic's edits
* gergo edits and more dominic edits
* one more
* yet one more fix
* final gergo observation
* tweak
---------
Signed-off-by: Tana M Berry <tanamarieberry@yahoo.com>
Co-authored-by: Tana M Berry <tana@goauthentik.io>
Co-authored-by: Dewi Roberts <dewi@goauthentik.io>
* Added example of how to get user objects fro a group object
* Updated wording
* Updated wording, added titles to examples, capitalised group, added explanation of examples
* Update website/docs/users-sources/groups/group_ref.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/users-sources/groups/group_ref.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/users-sources/groups/group_ref.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/users-sources/groups/group_ref.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/users-sources/groups/group_ref.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/users-sources/groups/group_ref.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Update website/docs/users-sources/groups/group_ref.md
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
* Changes based on Tana's feedback
* Word
* Capitalization
---------
Signed-off-by: Dewi Roberts <dewi@goauthentik.io>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
* first pass at removing wizard
* missed one
* Replaced the word modal wth the word box or simply rewrote to avoid saying modal.
* typo
---------
Co-authored-by: Tana M Berry <tana@goauthentik.com>
While for role memberships, it is true that they are only applied for _direct_ memberships, this does not appear to be the case for attributes (which is good as this also follows the "Hierarchy" system documented in the same file).
In terms of the implementation, this is the case due to the call to `all_groups()` in 3d5a189fa7/authentik/core/models.py (L312-L313), introduced in https://github.com/goauthentik/authentik/pull/6017. Looking through the files in there, it is clear that this line in the documentation is from before that point: 95e60a035d/website/docs/user-group/group.md (L15).
tl;dr: the documentation was correct before #6017, but is now out of date. This change fixes that.
Signed-off-by: Zuri Klaschka <pklaschka@users.noreply.github.com>
