chore: publish 4.3.0+2023.10.7 release

compose.yml

@@ -76,7 +76,7 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
-        - "coop-cloud.${STACK_NAME}.version=4.2.0+2023.10.7"
+        - "coop-cloud.${STACK_NAME}.version=4.3.0+2023.10.7"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
 
   worker:

flow_invitation.yaml.tmpl

@@ -26,22 +26,16 @@ entries:
 
 ### POLICIES
 - attrs:
-    expression: "if not regex_match(request.context.get('prompt_data').get('username'),\
+    expression: |
-      \ '\\s'):\n    return True\n\nak_message(\"Username must not contain\
+      if not regex_match(request.context.get('prompt_data').get('username'), '\s'):
-      \ whitespace!\")\nreturn False"
+          return True
-    name: username-without-spaces-policy
+      ak_message("Username must not contain any whitespace!")
+      return False
   id: username-without-spaces-policy
   identifiers:
     name: username-without-spaces-policy
   model: authentik_policies_expression.expressionpolicy
 
-### POLICY BINDINGS
-- identifiers:
-    policy: !KeyOf username-without-spaces-policy
-    target: !KeyOf prompt-stage-binding
-    order: 10
-  model: authentik_policies.policybinding
-
 ### STAGES
 - identifiers:
     name: invitation-stage
@@ -59,6 +53,8 @@ entries:
       - !Find [authentik_stages_prompt.prompt, [name, default-user-settings-field-email]]
       - !Find [authentik_stages_prompt.prompt, [name, default-password-change-field-password]]
       - !Find [authentik_stages_prompt.prompt, [name, default-password-change-field-password-repeat]]
+    validation_policies:
+      - !Find [ authentik_policies_expression.expressionpolicy, [name, username-without-spaces-policy]]
 
 ### STAGE BINDINGS
 - identifiers:
@@ -71,7 +67,6 @@ entries:
     stage: !KeyOf enrollment-prompt-userdata
     target: !KeyOf invitation-enrollment-flow
   model: authentik_flows.flowstagebinding
-  id: prompt-stage-binding
 - identifiers:
     order: 20
     stage: !Find [authentik_stages_user_write.userwritestage, [name,  default-source-enrollment-write]]

flow_translation.yaml.tmpl

@@ -69,16 +69,3 @@ entries:
   attrs:
     label: !Context transl_username
     placeholder: !Context transl_username
-
-### POLICIES
-- model: authentik_policies_expression.expressionpolicy
-  identifiers:
-    name: username-without-spaces-policy
-  attrs:
-    expression: "if not regex_match(request.context.get('prompt_data').get('username'),\
-      \ '\\s'):\n    return True\n\nak_message(\"Benutzername darf kein Leerzeichen\
-      \ enthalten\")\nreturn False"
-      name: username-without-spaces-policy
-  id: username-without-spaces-policy
-
-Benutzername darf kein Leerzeichen enthalten\")\n