habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

all: implement black as code formatter

Browse Source
This commit is contained in:
Jens Langhammer
2019-12-31 12:51:16 +01:00
parent 8eb3f0f708
commit 3bd1eadd51
298 changed files with 4825 additions and 3145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
passbook/core/views/access.py
View File

@ -11,6 +11,7 @@ from passbook.policies.engine import PolicyEngine
LOGGER = get_logger()
class AccessMixin:
"""Mixin class for usage in Authorization views.
Provider functions to check application access, etc"""
@ -23,12 +24,18 @@ class AccessMixin:
try:
return provider.application
except Application.DoesNotExist as exc:
messages.error(self.request, _('Provider "%(name)s" has no application assigned' % {
'name': provider
}))
messages.error(
self.request,
_(
'Provider "%(name)s" has no application assigned'
% {"name": provider}
),
)
raise exc
def user_has_access(self, application: Application, user: User) -> Tuple[bool, List[str]]:
def user_has_access(
self, application: Application, user: User
) -> Tuple[bool, List[str]]:
"""Check if user has access to application."""
LOGGER.debug("Checking permissions", user=user, application=application)
policy_engine = PolicyEngine(application.policies.all(), user, self.request)

111
passbook/core/views/authentication.py
View File

@ -25,41 +25,41 @@ LOGGER = get_logger()
class LoginView(UserPassesTestMixin, FormView):
"""Allow users to sign in"""
template_name = 'login/form.html'
template_name = "login/form.html"
form_class = LoginForm
success_url = '.'
success_url = "."
# Allow only not authenticated users to login
def test_func(self):
return self.request.user.is_authenticated is False
def handle_no_permission(self):
if 'next' in self.request.GET:
return redirect(self.request.GET.get('next'))
return redirect(reverse('passbook_core:overview'))
if "next" in self.request.GET:
return redirect(self.request.GET.get("next"))
return redirect(reverse("passbook_core:overview"))
def get_context_data(self, **kwargs):
kwargs['config'] = CONFIG.y('passbook')
kwargs['is_login'] = True
kwargs['title'] = _('Log in to your account')
kwargs['primary_action'] = _('Log in')
kwargs['show_sign_up_notice'] = CONFIG.y('passbook.sign_up.enabled')
kwargs['sources'] = []
kwargs["config"] = CONFIG.y("passbook")
kwargs["is_login"] = True
kwargs["title"] = _("Log in to your account")
kwargs["primary_action"] = _("Log in")
kwargs["show_sign_up_notice"] = CONFIG.y("passbook.sign_up.enabled")
kwargs["sources"] = []
sources = Source.objects.filter(enabled=True).select_subclasses()
for source in sources:
login_button = source.login_button
if login_button:
kwargs['sources'].append(login_button)
if kwargs['sources']:
self.template_name = 'login/with_sources.html'
kwargs["sources"].append(login_button)
if kwargs["sources"]:
self.template_name = "login/with_sources.html"
return super().get_context_data(**kwargs)
def get_user(self, uid_value) -> Optional[User]:
"""Find user instance. Returns None if no user was found."""
for search_field in CONFIG.y('passbook.uid_fields'):
for search_field in CONFIG.y("passbook.uid_fields"):
# Workaround for E-Mail -> email
if search_field == 'e-mail':
search_field = 'email'
if search_field == "e-mail":
search_field = "email"
users = User.objects.filter(**{search_field: uid_value})
if users.exists():
LOGGER.debug("Found user", user=users.first(), uid_field=search_field)
@ -68,18 +68,20 @@ class LoginView(UserPassesTestMixin, FormView):
def form_valid(self, form: LoginForm) -> HttpResponse:
"""Form data is valid"""
pre_user = self.get_user(form.cleaned_data.get('uid_field'))
pre_user = self.get_user(form.cleaned_data.get("uid_field"))
if not pre_user:
# No user found
return self.invalid_login(self.request)
# self.request.session.flush()
self.request.session[AuthenticationView.SESSION_PENDING_USER] = pre_user.pk
return _redirect_with_qs('passbook_core:auth-process', self.request.GET)
return _redirect_with_qs("passbook_core:auth-process", self.request.GET)
def invalid_login(self, request: HttpRequest, disabled_user: User = None) -> HttpResponse:
def invalid_login(
self, request: HttpRequest, disabled_user: User = None
) -> HttpResponse:
"""Handle login for disabled users/invalid login attempts"""
LOGGER.debug("invalid_login", user=disabled_user)
messages.error(request, _('Failed to authenticate.'))
messages.error(request, _("Failed to authenticate."))
return self.render_to_response(self.get_context_data())
@ -90,15 +92,15 @@ class LogoutView(LoginRequiredMixin, View):
"""Log current user out"""
logout(request)
messages.success(request, _("You've successfully been logged out."))
return redirect(reverse('passbook_core:auth-login'))
return redirect(reverse("passbook_core:auth-login"))
class SignUpView(UserPassesTestMixin, FormView):
"""Sign up new user, optionally consume one-use invitation link."""
template_name = 'login/form.html'
template_name = "login/form.html"
form_class = SignUpForm
success_url = '.'
success_url = "."
# Invitation instance, if invitation link was used
_invitation = None
# Instance of newly created user
@ -109,38 +111,38 @@ class SignUpView(UserPassesTestMixin, FormView):
return self.request.user.is_authenticated is False
def handle_no_permission(self):
return redirect(reverse('passbook_core:overview'))
return redirect(reverse("passbook_core:overview"))
def dispatch(self, request, *args, **kwargs):
"""Check if sign-up is enabled or invitation link given"""
allowed = False
if 'invitation' in request.GET:
invitations = Invitation.objects.filter(uuid=request.GET.get('invitation'))
if "invitation" in request.GET:
invitations = Invitation.objects.filter(uuid=request.GET.get("invitation"))
allowed = invitations.exists()
if allowed:
self._invitation = invitations.first()
if CONFIG.y('passbook.sign_up.enabled'):
if CONFIG.y("passbook.sign_up.enabled"):
allowed = True
if not allowed:
messages.error(request, _('Sign-ups are currently disabled.'))
return redirect(reverse('passbook_core:auth-login'))
messages.error(request, _("Sign-ups are currently disabled."))
return redirect(reverse("passbook_core:auth-login"))
return super().dispatch(request, *args, **kwargs)
def get_initial(self):
if self._invitation:
initial = {}
if self._invitation.fixed_username:
initial['username'] = self._invitation.fixed_username
initial["username"] = self._invitation.fixed_username
if self._invitation.fixed_email:
initial['email'] = self._invitation.fixed_email
initial["email"] = self._invitation.fixed_email
return initial
return super().get_initial()
def get_context_data(self, **kwargs):
kwargs['config'] = CONFIG.y('passbook')
kwargs['is_login'] = True
kwargs['title'] = _('Sign Up')
kwargs['primary_action'] = _('Sign up')
kwargs["config"] = CONFIG.y("passbook")
kwargs["is_login"] = True
kwargs["title"] = _("Sign Up")
kwargs["primary_action"] = _("Sign up")
return super().get_context_data(**kwargs)
def form_valid(self, form: SignUpForm) -> HttpResponse:
@ -173,9 +175,8 @@ class SignUpView(UserPassesTestMixin, FormView):
# self._user.save()
self.consume_invitation()
messages.success(self.request, _("Successfully signed up!"))
LOGGER.debug("Successfully signed up %s",
form.cleaned_data.get('email'))
return redirect(reverse('passbook_core:auth-login'))
LOGGER.debug("Successfully signed up %s", form.cleaned_data.get("email"))
return redirect(reverse("passbook_core:auth-login"))
def consume_invitation(self):
"""Consume invitation if an invitation was used"""
@ -184,7 +185,8 @@ class SignUpView(UserPassesTestMixin, FormView):
sender=self,
request=self.request,
invitation=self._invitation,
user=self._user)
user=self._user,
)
self._invitation.delete()
@staticmethod
@ -204,20 +206,17 @@ class SignUpView(UserPassesTestMixin, FormView):
"""
# Create user
new_user = User.objects.create(
username=data.get('username'),
email=data.get('email'),
name=data.get('name'),
username=data.get("username"),
email=data.get("email"),
name=data.get("name"),
)
new_user.is_active = True
try:
new_user.set_password(data.get('password'))
new_user.set_password(data.get("password"))
new_user.save()
request.user = new_user
# Send signal for other auth sources
user_signed_up.send(
sender=SignUpView,
user=new_user,
request=request)
user_signed_up.send(sender=SignUpView, user=new_user, request=request)
return new_user
except PasswordPolicyInvalid as exc:
new_user.delete()
@ -233,11 +232,11 @@ class SignUpConfirmView(View):
nonce.user.is_active = True
nonce.user.save()
# Workaround: hardcoded reference to ModelBackend, needs testing
nonce.user.backend = 'django.contrib.auth.backends.ModelBackend'
nonce.user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, nonce.user)
nonce.delete()
messages.success(request, _('Successfully confirmed registration.'))
return redirect('passbook_core:overview')
messages.success(request, _("Successfully confirmed registration."))
return redirect("passbook_core:overview")
class PasswordResetView(View):
@ -248,9 +247,11 @@ class PasswordResetView(View):
# 3. (Optional) Trap user in password change view
nonce = get_object_or_404(Nonce, uuid=nonce)
# Workaround: hardcoded reference to ModelBackend, needs testing
nonce.user.backend = 'django.contrib.auth.backends.ModelBackend'
nonce.user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, nonce.user)
nonce.delete()
messages.success(request, _(('Temporarily authenticated with Nonce, '
'please change your password')))
return redirect('passbook_core:user-change-password')
messages.success(
request,
_(("Temporarily authenticated with Nonce, " "please change your password")),
)
return redirect("passbook_core:user-change-password")

40
passbook/core/views/error.py
View File

@ -1,8 +1,11 @@
"""passbook core error views"""
from django.http.response import (HttpResponseBadRequest,
HttpResponseForbidden, HttpResponseNotFound,
HttpResponseServerError)
from django.http.response import (
HttpResponseBadRequest,
HttpResponseForbidden,
HttpResponseNotFound,
HttpResponseServerError,
)
from django.template.response import TemplateResponse
from django.views.generic import TemplateView
@ -10,54 +13,53 @@ from django.views.generic import TemplateView
class BadRequestTemplateResponse(TemplateResponse, HttpResponseBadRequest):
"""Combine Template response with Http Code 400"""
class ForbiddenTemplateResponse(TemplateResponse, HttpResponseForbidden):
"""Combine Template response with Http Code 403"""
class NotFoundTemplateResponse(TemplateResponse, HttpResponseNotFound):
"""Combine Template response with Http Code 404"""
class ServerErrorTemplateResponse(TemplateResponse, HttpResponseServerError):
"""Combine Template response with Http Code 500"""
class BadRequestView(TemplateView):
"""Show Bad Request message"""
response_class = BadRequestTemplateResponse
template_name = 'error/400.html'
template_name = "error/400.html"
extra_context = {"is_login": True}
extra_context = {
'is_login': True
}
class ForbiddenView(TemplateView):
"""Show Forbidden message"""
response_class = ForbiddenTemplateResponse
template_name = 'error/403.html'
template_name = "error/403.html"
extra_context = {"is_login": True}
extra_context = {
'is_login': True
}
class NotFoundView(TemplateView):
"""Show Not Found message"""
response_class = NotFoundTemplateResponse
template_name = 'error/404.html'
template_name = "error/404.html"
extra_context = {"is_login": True}
extra_context = {
'is_login': True
}
class ServerErrorView(TemplateView):
"""Show Server Error message"""
response_class = ServerErrorTemplateResponse
template_name = 'error/500.html'
template_name = "error/500.html"
extra_context = {
'is_login': True
}
extra_context = {"is_login": True}
# pylint: disable=useless-super-delegation
def dispatch(self, *args, **kwargs):

10
passbook/core/views/overview.py
View File

@ -11,13 +11,15 @@ class OverviewView(LoginRequiredMixin, TemplateView):
"""Overview for logged in user, incase user opens passbook directly
and is not being forwarded"""
template_name = 'overview/index.html'
template_name = "overview/index.html"
def get_context_data(self, **kwargs):
kwargs['applications'] = []
kwargs["applications"] = []
for application in Application.objects.all():
engine = PolicyEngine(application.policies.all(), self.request.user, self.request)
engine = PolicyEngine(
application.policies.all(), self.request.user, self.request
)
engine.build()
if engine.passing:
kwargs['applications'].append(application)
kwargs["applications"].append(application)
return super().get_context_data(**kwargs)

30
passbook/core/views/user.py
View File

@ -17,11 +17,11 @@ from passbook.lib.config import CONFIG
class UserSettingsView(SuccessMessageMixin, LoginRequiredMixin, UpdateView):
"""Update User settings"""
template_name = 'user/settings.html'
template_name = "user/settings.html"
form_class = UserDetailForm
success_message = _('Successfully updated user.')
success_url = reverse_lazy('passbook_core:user-settings')
success_message = _("Successfully updated user.")
success_url = reverse_lazy("passbook_core:user-settings")
def get_object(self):
return self.request.user
@ -30,44 +30,44 @@ class UserSettingsView(SuccessMessageMixin, LoginRequiredMixin, UpdateView):
class UserDeleteView(LoginRequiredMixin, DeleteView):
"""Delete user account"""
template_name = 'generic/delete.html'
template_name = "generic/delete.html"
def get_object(self):
return self.request.user
def get_success_url(self):
messages.success(self.request, _('Successfully deleted user.'))
messages.success(self.request, _("Successfully deleted user."))
logout(self.request)
return reverse('passbook_core:auth-login')
return reverse("passbook_core:auth-login")
class UserChangePasswordView(LoginRequiredMixin, FormView):
"""View for users to update their password"""
form_class = PasswordChangeForm
template_name = 'login/form_with_user.html'
template_name = "login/form_with_user.html"
def form_valid(self, form: PasswordChangeForm):
try:
# user.set_password checks against Policies so we don't need to manually do it here
self.request.user.set_password(form.cleaned_data.get('password'))
self.request.user.set_password(form.cleaned_data.get("password"))
self.request.user.save()
update_session_auth_hash(self.request, self.request.user)
messages.success(self.request, _('Successfully changed password'))
messages.success(self.request, _("Successfully changed password"))
except PasswordPolicyInvalid as exc:
# Manually inject error into form
# pylint: disable=protected-access
errors = form._errors.setdefault("password_repeat", ErrorList(''))
errors = form._errors.setdefault("password_repeat", ErrorList(""))
# pylint: disable=protected-access
errors = form._errors.setdefault("password", ErrorList())
for error in exc.messages:
errors.append(error)
return self.form_invalid(form)
return redirect('passbook_core:overview')
return redirect("passbook_core:overview")
def get_context_data(self, **kwargs):
kwargs['config'] = CONFIG.y('passbook')
kwargs['is_login'] = True
kwargs['title'] = _('Change Password')
kwargs['primary_action'] = _('Change')
kwargs["config"] = CONFIG.y("passbook")
kwargs["is_login"] = True
kwargs["title"] = _("Change Password")
kwargs["primary_action"] = _("Change")
return super().get_context_data(**kwargs)

19
passbook/core/views/utils.py
View File

@ -6,8 +6,8 @@ from django.views.generic import TemplateView
class LoadingView(TemplateView):
"""View showing a loading template, and forwarding to real view using html forwarding."""
template_name = 'login/loading.html'
title = _('Loading')
template_name = "login/loading.html"
title = _("Loading")
target_url = None
def get_url(self):
@ -15,18 +15,19 @@ class LoadingView(TemplateView):
return self.target_url
def get_context_data(self, **kwargs):
kwargs['is_login'] = True
kwargs['title'] = self.title
kwargs['target_url'] = self.get_url()
kwargs["is_login"] = True
kwargs["title"] = self.title
kwargs["target_url"] = self.get_url()
return super().get_context_data(**kwargs)
class PermissionDeniedView(TemplateView):
"""Generic Permission denied view"""
template_name = 'login/denied.html'
title = _('Permission denied.')
template_name = "login/denied.html"
title = _("Permission denied.")
def get_context_data(self, **kwargs):
kwargs['is_login'] = True
kwargs['title'] = self.title
kwargs["is_login"] = True
kwargs["title"] = self.title
return super().get_context_data(**kwargs)