core: separate applications API

authentik/core/api/applications.py

@@ -214,11 +214,6 @@ def check_access(self, request: Request, slug: str) -> Response:
 
     @extend_schema(
         parameters=[
-            OpenApiParameter(
-                name="superuser_full_list",
-                location=OpenApiParameter.QUERY,
-                type=OpenApiTypes.BOOL,
-            ),
             OpenApiParameter(
                 name="for_user",
                 location=OpenApiParameter.QUERY,
@@ -229,18 +224,16 @@ def check_access(self, request: Request, slug: str) -> Response:
                 location=OpenApiParameter.QUERY,
                 type=OpenApiTypes.BOOL,
             ),
-        ]
+        ],
+        responses={
+            200: ApplicationSerializer(many=True),
+        }
     )
-    def list(self, request: Request) -> Response:
-        """Custom list method that checks Policy based access instead of guardian"""
+    @action(methods=["GET"], detail=False)
+    def accessible(self, request: Request) -> Response:
+        """Get applications accessible for user"""
         should_cache = request.query_params.get("search", "") == ""
 
-        superuser_full_list = (
-            str(request.query_params.get("superuser_full_list", "false")).lower() == "true"
-        )
-        if superuser_full_list and request.user.is_superuser:
-            return super().list(request)
-
         only_with_launch_url = str(
             request.query_params.get("only_with_launch_url", "false")
         ).lower()

schema.yml

@@ -2631,12 +2631,8 @@ paths:
   /core/applications/:
     get:
       operationId: core_applications_list
-      description: Custom list method that checks Policy based access instead of guardian
+      description: Application Viewset
       parameters:
-      - in: query
-        name: for_user
-        schema:
-          type: integer
       - in: query
         name: group
         schema:
@@ -2654,10 +2650,6 @@ paths:
         schema:
           type: string
       - $ref: '#/components/parameters/QueryName'
-      - in: query
-        name: only_with_launch_url
-        schema:
-          type: boolean
       - $ref: '#/components/parameters/QueryPaginationOrdering'
       - $ref: '#/components/parameters/QueryPaginationPage'
       - $ref: '#/components/parameters/QueryPaginationPageSize'
@@ -2666,10 +2658,6 @@ paths:
         name: slug
         schema:
           type: string
-      - in: query
-        name: superuser_full_list
-        schema:
-          type: boolean
       tags:
       - core
       security:
@@ -2930,6 +2918,59 @@ paths:
           $ref: '#/components/responses/ValidationErrorResponse'
         '403':
           $ref: '#/components/responses/GenericErrorResponse'
+  /core/applications/accessible/:
+    get:
+      operationId: core_applications_accessible_list
+      description: Get applications accessible for user
+      parameters:
+      - in: query
+        name: for_user
+        schema:
+          type: integer
+      - in: query
+        name: group
+        schema:
+          type: string
+      - in: query
+        name: meta_description
+        schema:
+          type: string
+      - in: query
+        name: meta_launch_url
+        schema:
+          type: string
+      - in: query
+        name: meta_publisher
+        schema:
+          type: string
+      - $ref: '#/components/parameters/QueryName'
+      - in: query
+        name: only_with_launch_url
+        schema:
+          type: boolean
+      - $ref: '#/components/parameters/QueryPaginationOrdering'
+      - $ref: '#/components/parameters/QueryPaginationPage'
+      - $ref: '#/components/parameters/QueryPaginationPageSize'
+      - $ref: '#/components/parameters/QuerySearch'
+      - in: query
+        name: slug
+        schema:
+          type: string
+      tags:
+      - core
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PaginatedApplicationList'
+          description: ''
+        '400':
+          $ref: '#/components/responses/ValidationErrorResponse'
+        '403':
+          $ref: '#/components/responses/GenericErrorResponse'
   /core/authenticated_sessions/:
     get:
       operationId: core_authenticated_sessions_list

web/src/admin/applications/ApplicationListPage.ts

@@ -62,7 +62,6 @@ export class ApplicationListPage extends WithBrandConfig(TablePage<Application>)
     async apiEndpoint(): Promise<PaginatedResponse<Application>> {
         return new CoreApi(DEFAULT_CONFIG).coreApplicationsList({
             ...(await this.defaultEndpointConfig()),
-            superuserFullList: true,
         });
     }
 

web/src/admin/brands/BrandForm.ts

@@ -164,7 +164,6 @@ export class BrandForm extends ModelForm<Brand, string> {
                             .fetchObjects=${async (query?: string): Promise<Application[]> => {
                                 const args: CoreApplicationsListRequest = {
                                     ordering: "name",
-                                    superuserFullList: true,
                                 };
                                 if (query !== undefined) {
                                     args.search = query;

web/src/admin/users/UserApplicationTable.ts

@@ -23,7 +23,7 @@ export class UserApplicationTable extends Table<Application> {
     static styles: CSSResult[] = [...super.styles, applicationListStyle];
 
     async apiEndpoint(): Promise<PaginatedResponse<Application>> {
-        return new CoreApi(DEFAULT_CONFIG).coreApplicationsList({
+        return new CoreApi(DEFAULT_CONFIG).coreApplicationsAccessibleList({
             ...(await this.defaultEndpointConfig()),
             forUser: this.user?.pk,
         });

web/src/user/LibraryPage/ak-library.ts

@@ -69,15 +69,15 @@ export class LibraryPage extends AKElement {
             onlyWithLaunchUrl: true,
         });
 
-        const applicationListFetch = await coreApi().coreApplicationsList(applicationListParams(1));
+        const applicationListFetch = await coreApi().coreApplicationsAccessibleList(applicationListParams(1));
         const pageCount = applicationListFetch.pagination.totalPages;
         if (pageCount === 1) {
             return applicationListFetch.results;
         }
 
         const applicationLaterPages = await Promise.allSettled(
             Array.from({ length: pageCount - 1 }).map((_a, idx) =>
-                coreApi().coreApplicationsList(applicationListParams(idx + 2)),
+                coreApi().coreApplicationsAccessibleList(applicationListParams(idx + 2)),
             ),
         );