@goauthentik/api 2023.8.3-1696847703 → 2023.8.3-1697642041

package/src/apis/StagesApi.ts

@@ -653,6 +653,7 @@ export interface StagesDenyDestroyRequest {
 }
 
 export interface StagesDenyListRequest {
+    denyMessage?: string;
     name?: string;
     ordering?: string;
     page?: number;
@@ -3806,6 +3807,10 @@ export class StagesApi extends runtime.BaseAPI {
     async stagesDenyListRaw(requestParameters: StagesDenyListRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<PaginatedDenyStageList>> {
         const queryParameters: any = {};
 
+        if (requestParameters.denyMessage !== undefined) {
+            queryParameters['deny_message'] = requestParameters.denyMessage;
+        }
+
         if (requestParameters.name !== undefined) {
             queryParameters['name'] = requestParameters.name;
         }

package/src/apis/index.ts

@@ -13,6 +13,7 @@ export * from './OutpostsApi';
 export * from './PoliciesApi';
 export * from './PropertymappingsApi';
 export * from './ProvidersApi';
+export * from './RbacApi';
 export * from './RootApi';
 export * from './SchemaApi';
 export * from './SourcesApi';

package/src/models/AppEnum.ts

@@ -33,6 +33,7 @@
  * * `authentik.providers.radius` - authentik Providers.Radius
  * * `authentik.providers.saml` - authentik Providers.SAML
  * * `authentik.providers.scim` - authentik Providers.SCIM
+ * * `authentik.rbac` - authentik RBAC
  * * `authentik.recovery` - authentik Recovery
  * * `authentik.sources.ldap` - authentik Sources.LDAP
  * * `authentik.sources.oauth` - authentik Sources.OAuth
@@ -84,6 +85,7 @@ export const AppEnum = {
     ProvidersRadius: 'authentik.providers.radius',
     ProvidersSaml: 'authentik.providers.saml',
     ProvidersScim: 'authentik.providers.scim',
+    Rbac: 'authentik.rbac',
     Recovery: 'authentik.recovery',
     SourcesLdap: 'authentik.sources.ldap',
     SourcesOauth: 'authentik.sources.oauth',

package/src/models/ConsentChallenge.ts

@@ -19,6 +19,12 @@ import {
     ChallengeChoicesFromJSONTyped,
     ChallengeChoicesToJSON,
 } from './ChallengeChoices';
+import type { ConsentPermission } from './ConsentPermission';
+import {
+    ConsentPermissionFromJSON,
+    ConsentPermissionFromJSONTyped,
+    ConsentPermissionToJSON,
+} from './ConsentPermission';
 import type { ContextualFlowInfo } from './ContextualFlowInfo';
 import {
     ContextualFlowInfoFromJSON,
@@ -31,12 +37,6 @@ import {
     ErrorDetailFromJSONTyped,
     ErrorDetailToJSON,
 } from './ErrorDetail';
-import type { Permission } from './Permission';
-import {
-    PermissionFromJSON,
-    PermissionFromJSONTyped,
-    PermissionToJSON,
-} from './Permission';
 
 /**
  * Challenge info for consent screens
@@ -88,16 +88,16 @@ export interface ConsentChallenge {
     headerText?: string;
     /**
      * 
-     * @type {Array<Permission>}
+     * @type {Array<ConsentPermission>}
      * @memberof ConsentChallenge
      */
-    permissions: Array<Permission>;
+    permissions: Array<ConsentPermission>;
     /**
      * 
-     * @type {Array<Permission>}
+     * @type {Array<ConsentPermission>}
      * @memberof ConsentChallenge
      */
-    additionalPermissions: Array<Permission>;
+    additionalPermissions: Array<ConsentPermission>;
     /**
      * 
      * @type {string}
@@ -138,8 +138,8 @@ export function ConsentChallengeFromJSONTyped(json: any, ignoreDiscriminator: bo
         'pendingUser': json['pending_user'],
         'pendingUserAvatar': json['pending_user_avatar'],
         'headerText': !exists(json, 'header_text') ? undefined : json['header_text'],
-        'permissions': ((json['permissions'] as Array<any>).map(PermissionFromJSON)),
-        'additionalPermissions': ((json['additional_permissions'] as Array<any>).map(PermissionFromJSON)),
+        'permissions': ((json['permissions'] as Array<any>).map(ConsentPermissionFromJSON)),
+        'additionalPermissions': ((json['additional_permissions'] as Array<any>).map(ConsentPermissionFromJSON)),
         'token': json['token'],
     };
 }
@@ -160,8 +160,8 @@ export function ConsentChallengeToJSON(value?: ConsentChallenge | null): any {
         'pending_user': value.pendingUser,
         'pending_user_avatar': value.pendingUserAvatar,
         'header_text': value.headerText,
-        'permissions': ((value.permissions as Array<any>).map(PermissionToJSON)),
-        'additional_permissions': ((value.additionalPermissions as Array<any>).map(PermissionToJSON)),
+        'permissions': ((value.permissions as Array<any>).map(ConsentPermissionToJSON)),
+        'additional_permissions': ((value.additionalPermissions as Array<any>).map(ConsentPermissionToJSON)),
         'token': value.token,
     };
 }

package/src/models/ConsentPermission.ts

@@ -0,0 +1,75 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * authentik
+ * Making authentication simple.
+ *
+ * The version of the OpenAPI document: 2023.8.3
+ * Contact: hello@goauthentik.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { exists, mapValues } from '../runtime';
+/**
+ * Permission used for consent
+ * @export
+ * @interface ConsentPermission
+ */
+export interface ConsentPermission {
+    /**
+     * 
+     * @type {string}
+     * @memberof ConsentPermission
+     */
+    name: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ConsentPermission
+     */
+    id: string;
+}
+
+/**
+ * Check if a given object implements the ConsentPermission interface.
+ */
+export function instanceOfConsentPermission(value: object): boolean {
+    let isInstance = true;
+    isInstance = isInstance && "name" in value;
+    isInstance = isInstance && "id" in value;
+
+    return isInstance;
+}
+
+export function ConsentPermissionFromJSON(json: any): ConsentPermission {
+    return ConsentPermissionFromJSONTyped(json, false);
+}
+
+export function ConsentPermissionFromJSONTyped(json: any, ignoreDiscriminator: boolean): ConsentPermission {
+    if ((json === undefined) || (json === null)) {
+        return json;
+    }
+    return {
+        
+        'name': json['name'],
+        'id': json['id'],
+    };
+}
+
+export function ConsentPermissionToJSON(value?: ConsentPermission | null): any {
+    if (value === undefined) {
+        return undefined;
+    }
+    if (value === null) {
+        return null;
+    }
+    return {
+        
+        'name': value.name,
+        'id': value.id,
+    };
+}
+

package/src/models/DenyStage.ts

@@ -68,6 +68,12 @@ export interface DenyStage {
      * @memberof DenyStage
      */
     flowSet?: Array<FlowSet>;
+    /**
+     * 
+     * @type {string}
+     * @memberof DenyStage
+     */
+    denyMessage?: string;
 }
 
 /**
@@ -102,6 +108,7 @@ export function DenyStageFromJSONTyped(json: any, ignoreDiscriminator: boolean):
         'verboseNamePlural': json['verbose_name_plural'],
         'metaModelName': json['meta_model_name'],
         'flowSet': !exists(json, 'flow_set') ? undefined : ((json['flow_set'] as Array<any>).map(FlowSetFromJSON)),
+        'denyMessage': !exists(json, 'deny_message') ? undefined : json['deny_message'],
     };
 }
 
@@ -116,6 +123,7 @@ export function DenyStageToJSON(value?: DenyStage | null): any {
         
         'name': value.name,
         'flow_set': value.flowSet === undefined ? undefined : ((value.flowSet as Array<any>).map(FlowSetToJSON)),
+        'deny_message': value.denyMessage,
     };
 }
 

package/src/models/DenyStageRequest.ts

@@ -38,6 +38,12 @@ export interface DenyStageRequest {
      * @memberof DenyStageRequest
      */
     flowSet?: Array<FlowSetRequest>;
+    /**
+     * 
+     * @type {string}
+     * @memberof DenyStageRequest
+     */
+    denyMessage?: string;
 }
 
 /**
@@ -62,6 +68,7 @@ export function DenyStageRequestFromJSONTyped(json: any, ignoreDiscriminator: bo
         
         'name': json['name'],
         'flowSet': !exists(json, 'flow_set') ? undefined : ((json['flow_set'] as Array<any>).map(FlowSetRequestFromJSON)),
+        'denyMessage': !exists(json, 'deny_message') ? undefined : json['deny_message'],
     };
 }
 
@@ -76,6 +83,7 @@ export function DenyStageRequestToJSON(value?: DenyStageRequest | null): any {
         
         'name': value.name,
         'flow_set': value.flowSet === undefined ? undefined : ((value.flowSet as Array<any>).map(FlowSetRequestToJSON)),
+        'deny_message': value.denyMessage,
     };
 }
 

package/src/models/ExtraRoleObjectPermission.ts

@@ -0,0 +1,131 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * authentik
+ * Making authentication simple.
+ *
+ * The version of the OpenAPI document: 2023.8.3
+ * Contact: hello@goauthentik.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { exists, mapValues } from '../runtime';
+/**
+ * User permission with additional object-related data
+ * @export
+ * @interface ExtraRoleObjectPermission
+ */
+export interface ExtraRoleObjectPermission {
+    /**
+     * 
+     * @type {number}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly id: number;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly codename: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly model: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly appLabel: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly objectPk: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly name: string;
+    /**
+     * Get app label from permission's model
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly appLabelVerbose: string;
+    /**
+     * Get model label from permission's model
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly modelVerbose: string;
+    /**
+     * Get model description from attached model. This operation takes at least
+     * one additional query, and the description is only shown if the user/role has the
+     * view_ permission on the object
+     * @type {string}
+     * @memberof ExtraRoleObjectPermission
+     */
+    readonly objectDescription: string | null;
+}
+
+/**
+ * Check if a given object implements the ExtraRoleObjectPermission interface.
+ */
+export function instanceOfExtraRoleObjectPermission(value: object): boolean {
+    let isInstance = true;
+    isInstance = isInstance && "id" in value;
+    isInstance = isInstance && "codename" in value;
+    isInstance = isInstance && "model" in value;
+    isInstance = isInstance && "appLabel" in value;
+    isInstance = isInstance && "objectPk" in value;
+    isInstance = isInstance && "name" in value;
+    isInstance = isInstance && "appLabelVerbose" in value;
+    isInstance = isInstance && "modelVerbose" in value;
+    isInstance = isInstance && "objectDescription" in value;
+
+    return isInstance;
+}
+
+export function ExtraRoleObjectPermissionFromJSON(json: any): ExtraRoleObjectPermission {
+    return ExtraRoleObjectPermissionFromJSONTyped(json, false);
+}
+
+export function ExtraRoleObjectPermissionFromJSONTyped(json: any, ignoreDiscriminator: boolean): ExtraRoleObjectPermission {
+    if ((json === undefined) || (json === null)) {
+        return json;
+    }
+    return {
+        
+        'id': json['id'],
+        'codename': json['codename'],
+        'model': json['model'],
+        'appLabel': json['app_label'],
+        'objectPk': json['object_pk'],
+        'name': json['name'],
+        'appLabelVerbose': json['app_label_verbose'],
+        'modelVerbose': json['model_verbose'],
+        'objectDescription': json['object_description'],
+    };
+}
+
+export function ExtraRoleObjectPermissionToJSON(value?: ExtraRoleObjectPermission | null): any {
+    if (value === undefined) {
+        return undefined;
+    }
+    if (value === null) {
+        return null;
+    }
+    return {
+        
+    };
+}
+

package/src/models/ExtraUserObjectPermission.ts

@@ -0,0 +1,131 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * authentik
+ * Making authentication simple.
+ *
+ * The version of the OpenAPI document: 2023.8.3
+ * Contact: hello@goauthentik.io
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { exists, mapValues } from '../runtime';
+/**
+ * User permission with additional object-related data
+ * @export
+ * @interface ExtraUserObjectPermission
+ */
+export interface ExtraUserObjectPermission {
+    /**
+     * 
+     * @type {number}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly id: number;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly codename: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly model: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly appLabel: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly objectPk: string;
+    /**
+     * 
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly name: string;
+    /**
+     * Get app label from permission's model
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly appLabelVerbose: string;
+    /**
+     * Get model label from permission's model
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly modelVerbose: string;
+    /**
+     * Get model description from attached model. This operation takes at least
+     * one additional query, and the description is only shown if the user/role has the
+     * view_ permission on the object
+     * @type {string}
+     * @memberof ExtraUserObjectPermission
+     */
+    readonly objectDescription: string | null;
+}
+
+/**
+ * Check if a given object implements the ExtraUserObjectPermission interface.
+ */
+export function instanceOfExtraUserObjectPermission(value: object): boolean {
+    let isInstance = true;
+    isInstance = isInstance && "id" in value;
+    isInstance = isInstance && "codename" in value;
+    isInstance = isInstance && "model" in value;
+    isInstance = isInstance && "appLabel" in value;
+    isInstance = isInstance && "objectPk" in value;
+    isInstance = isInstance && "name" in value;
+    isInstance = isInstance && "appLabelVerbose" in value;
+    isInstance = isInstance && "modelVerbose" in value;
+    isInstance = isInstance && "objectDescription" in value;
+
+    return isInstance;
+}
+
+export function ExtraUserObjectPermissionFromJSON(json: any): ExtraUserObjectPermission {
+    return ExtraUserObjectPermissionFromJSONTyped(json, false);
+}
+
+export function ExtraUserObjectPermissionFromJSONTyped(json: any, ignoreDiscriminator: boolean): ExtraUserObjectPermission {
+    if ((json === undefined) || (json === null)) {
+        return json;
+    }
+    return {
+        
+        'id': json['id'],
+        'codename': json['codename'],
+        'model': json['model'],
+        'appLabel': json['app_label'],
+        'objectPk': json['object_pk'],
+        'name': json['name'],
+        'appLabelVerbose': json['app_label_verbose'],
+        'modelVerbose': json['model_verbose'],
+        'objectDescription': json['object_description'],
+    };
+}
+
+export function ExtraUserObjectPermissionToJSON(value?: ExtraUserObjectPermission | null): any {
+    if (value === undefined) {
+        return undefined;
+    }
+    if (value === null) {
+        return null;
+    }
+    return {
+        
+    };
+}
+

package/src/models/Group.ts

@@ -19,6 +19,12 @@ import {
     GroupMemberFromJSONTyped,
     GroupMemberToJSON,
 } from './GroupMember';
+import type { Role } from './Role';
+import {
+    RoleFromJSON,
+    RoleFromJSONTyped,
+    RoleToJSON,
+} from './Role';
 
 /**
  * Group Serializer
@@ -68,6 +74,12 @@ export interface Group {
      * @memberof Group
      */
     users?: Array<number>;
+    /**
+     * 
+     * @type {Array<GroupMember>}
+     * @memberof Group
+     */
+    readonly usersObj: Array<GroupMember>;
     /**
      * 
      * @type {{ [key: string]: any; }}
@@ -76,10 +88,16 @@ export interface Group {
     attributes?: { [key: string]: any; };
     /**
      * 
-     * @type {Array<GroupMember>}
+     * @type {Array<string>}
      * @memberof Group
      */
-    readonly usersObj: Array<GroupMember>;
+    roles?: Array<string>;
+    /**
+     * 
+     * @type {Array<Role>}
+     * @memberof Group
+     */
+    readonly rolesObj: Array<Role>;
 }
 
 /**
@@ -92,6 +110,7 @@ export function instanceOfGroup(value: object): boolean {
     isInstance = isInstance && "name" in value;
     isInstance = isInstance && "parentName" in value;
     isInstance = isInstance && "usersObj" in value;
+    isInstance = isInstance && "rolesObj" in value;
 
     return isInstance;
 }
@@ -113,8 +132,10 @@ export function GroupFromJSONTyped(json: any, ignoreDiscriminator: boolean): Gro
         'parent': !exists(json, 'parent') ? undefined : json['parent'],
         'parentName': json['parent_name'],
         'users': !exists(json, 'users') ? undefined : json['users'],
-        'attributes': !exists(json, 'attributes') ? undefined : json['attributes'],
         'usersObj': ((json['users_obj'] as Array<any>).map(GroupMemberFromJSON)),
+        'attributes': !exists(json, 'attributes') ? undefined : json['attributes'],
+        'roles': !exists(json, 'roles') ? undefined : json['roles'],
+        'rolesObj': ((json['roles_obj'] as Array<any>).map(RoleFromJSON)),
     };
 }
 
@@ -132,6 +153,7 @@ export function GroupToJSON(value?: Group | null): any {
         'parent': value.parent,
         'users': value.users,
         'attributes': value.attributes,
+        'roles': value.roles,
     };
 }
 

package/src/models/GroupRequest.ts

@@ -49,6 +49,12 @@ export interface GroupRequest {
      * @memberof GroupRequest
      */
     attributes?: { [key: string]: any; };
+    /**
+     * 
+     * @type {Array<string>}
+     * @memberof GroupRequest
+     */
+    roles?: Array<string>;
 }
 
 /**
@@ -76,6 +82,7 @@ export function GroupRequestFromJSONTyped(json: any, ignoreDiscriminator: boolea
         'parent': !exists(json, 'parent') ? undefined : json['parent'],
         'users': !exists(json, 'users') ? undefined : json['users'],
         'attributes': !exists(json, 'attributes') ? undefined : json['attributes'],
+        'roles': !exists(json, 'roles') ? undefined : json['roles'],
     };
 }
 
@@ -93,6 +100,7 @@ export function GroupRequestToJSON(value?: GroupRequest | null): any {
         'parent': value.parent,
         'users': value.users,
         'attributes': value.attributes,
+        'roles': value.roles,
     };
 }
 

package/src/models/ModelEnum.ts

@@ -24,7 +24,7 @@
  * * `authentik_flows.flowstagebinding` - Flow Stage Binding
  * * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection
  * * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection
- * * `authentik_outposts.outpost` - outpost
+ * * `authentik_outposts.outpost` - Outpost
  * * `authentik_policies_dummy.dummypolicy` - Dummy Policy
  * * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy
  * * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy
@@ -45,6 +45,7 @@
  * * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping
  * * `authentik_providers_scim.scimprovider` - SCIM Provider
  * * `authentik_providers_scim.scimmapping` - SCIM Mapping
+ * * `authentik_rbac.role` - Role
  * * `authentik_sources_ldap.ldapsource` - LDAP Source
  * * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping
  * * `authentik_sources_oauth.oauthsource` - OAuth Source
@@ -58,9 +59,9 @@
  * * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage
  * * `authentik_stages_authenticator_sms.smsdevice` - SMS Device
  * * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage
- * * `authentik_stages_authenticator_static.staticdevice` - Static device
+ * * `authentik_stages_authenticator_static.staticdevice` - Static Device
  * * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage
- * * `authentik_stages_authenticator_totp.totpdevice` - TOTP device
+ * * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device
  * * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage
  * * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage
  * * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device
@@ -82,10 +83,11 @@
  * * `authentik_stages_user_write.userwritestage` - User Write Stage
  * * `authentik_tenants.tenant` - Tenant
  * * `authentik_blueprints.blueprintinstance` - Blueprint Instance
- * * `authentik_core.group` - group
+ * * `authentik_core.group` - Group
  * * `authentik_core.user` - User
  * * `authentik_core.application` - Application
  * * `authentik_core.token` - Token
+ * * `authentik_enterprise.license` - License
  * @export
  */
 export const ModelEnum = {
@@ -120,6 +122,7 @@ export const ModelEnum = {
     ProvidersSamlSamlpropertymapping: 'authentik_providers_saml.samlpropertymapping',
     ProvidersScimScimprovider: 'authentik_providers_scim.scimprovider',
     ProvidersScimScimmapping: 'authentik_providers_scim.scimmapping',
+    RbacRole: 'authentik_rbac.role',
     SourcesLdapLdapsource: 'authentik_sources_ldap.ldapsource',
     SourcesLdapLdappropertymapping: 'authentik_sources_ldap.ldappropertymapping',
     SourcesOauthOauthsource: 'authentik_sources_oauth.oauthsource',
@@ -161,6 +164,7 @@ export const ModelEnum = {
     CoreUser: 'authentik_core.user',
     CoreApplication: 'authentik_core.application',
     CoreToken: 'authentik_core.token',
+    EnterpriseLicense: 'authentik_enterprise.license',
     UnknownDefaultOpenApi: '11184809'
 } as const;
 export type ModelEnum = typeof ModelEnum[keyof typeof ModelEnum];