habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

*: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies

Browse Source
This commit is contained in:
Jens Langhammer
2020-05-16 18:07:00 +02:00
parent 227966e727
commit 7bd65120b9
34 changed files with 187 additions and 161 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
passbook/policies/dummy/migrations/0001_initial.py
View File

@ -9,8 +9,7 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_policies", "0003_auto_20200508_1642"),
("passbook_core", "0013_delete_debugpolicy"),
("passbook_policies", "0001_initial"),
]
operations = [
@ -25,7 +24,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
("result", models.BooleanField(default=False)),
@ -36,6 +35,6 @@ class Migration(migrations.Migration):
"verbose_name": "Dummy Policy",
"verbose_name_plural": "Dummy Policies",
},
bases=("passbook_core.policy",),
bases=("passbook_policies.policy",),
),
]

2
passbook/policies/dummy/models.py
View File

@ -6,7 +6,7 @@ from django.db import models
from django.utils.translation import gettext_lazy as _
from structlog import get_logger
from passbook.core.models import Policy
from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult
LOGGER = get_logger()

3
passbook/policies/engine.py
View File

@ -7,7 +7,8 @@ from django.core.cache import cache
from django.http import HttpRequest
from structlog import get_logger
from passbook.core.models import Policy, User
from passbook.core.models import User
from passbook.policies.models import Policy
from passbook.policies.process import PolicyProcess, cache_key
from passbook.policies.types import PolicyRequest, PolicyResult

6
passbook/policies/expiry/migrations/0001_initial.py
View File

@ -9,7 +9,7 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_core", "0001_initial"),
("passbook_policies", "0001_initial"),
]
operations = [
@ -24,7 +24,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
("deny_only", models.BooleanField(default=False)),
@ -34,6 +34,6 @@ class Migration(migrations.Migration):
"verbose_name": "Password Expiry Policy",
"verbose_name_plural": "Password Expiry Policies",
},
bases=("passbook_core.policy",),
bases=("passbook_policies.policy",),
),
]

2
passbook/policies/expiry/models.py
View File

@ -6,7 +6,7 @@ from django.utils.timezone import now
from django.utils.translation import gettext as _
from structlog import get_logger
from passbook.core.models import Policy
from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult
LOGGER = get_logger()

6
passbook/policies/expression/migrations/0001_initial.py
View File

@ -9,7 +9,7 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_core", "0007_auto_20200217_1934"),
("passbook_policies", "0001_initial"),
]
operations = [
@ -24,7 +24,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
("expression", models.TextField()),
@ -33,6 +33,6 @@ class Migration(migrations.Migration):
"verbose_name": "Expression Policy",
"verbose_name_plural": "Expression Policies",
},
bases=("passbook_core.policy",),
bases=("passbook_policies.policy",),
),
]

2
passbook/policies/expression/models.py
View File

@ -2,8 +2,8 @@
from django.db import models
from django.utils.translation import gettext as _
from passbook.core.models import Policy
from passbook.policies.expression.evaluator import Evaluator
from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult

6
passbook/policies/hibp/migrations/0001_initial.py
View File

@ -9,7 +9,7 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_core", "0001_initial"),
("passbook_policies", "0001_initial"),
]
operations = [
@ -24,7 +24,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
("allowed_count", models.IntegerField(default=0)),
@ -33,6 +33,6 @@ class Migration(migrations.Migration):
"verbose_name": "Have I Been Pwned Policy",
"verbose_name_plural": "Have I Been Pwned Policies",
},
bases=("passbook_core.policy",),
bases=("passbook_policies.policy",),
),
]

3
passbook/policies/hibp/models.py
View File

@ -6,7 +6,8 @@ from django.utils.translation import gettext as _
from requests import get
from structlog import get_logger
from passbook.core.models import Policy, PolicyResult, User
from passbook.core.models import User
from passbook.policies.models import Policy, PolicyResult
LOGGER = get_logger()

29
passbook/policies/migrations/0001_initial.py
View File

@ -10,11 +10,28 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_core", "0011_auto_20200222_1822"),
]
operations = [
migrations.CreateModel(
name="Policy",
fields=[
("created", models.DateTimeField(auto_now_add=True)),
("last_updated", models.DateTimeField(auto_now=True)),
(
"uuid",
models.UUIDField(
default=uuid.uuid4,
editable=False,
primary_key=True,
serialize=False,
),
),
("name", models.TextField(blank=True, null=True)),
("negate", models.BooleanField(default=False)),
("order", models.IntegerField(default=0)),
("timeout", models.IntegerField(default=30)),
],
options={"abstract": False,},
),
migrations.CreateModel(
name="PolicyBinding",
fields=[
@ -34,7 +51,7 @@ class Migration(migrations.Migration):
models.ForeignKey(
on_delete=django.db.models.deletion.CASCADE,
related_name="+",
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
],
@ -60,7 +77,7 @@ class Migration(migrations.Migration):
models.ManyToManyField(
related_name="_policybindingmodel_policies_+",
through="passbook_policies.PolicyBinding",
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
],

5
passbook/policies/migrations/0003_auto_20200508_1642.py → passbook/policies/migrations/0003_auto_20200516_1516.py
View File

@ -1,4 +1,4 @@
# Generated by Django 3.0.3 on 2020-05-08 16:42
# Generated by Django 3.0.5 on 2020-05-16 15:16
from django.db import migrations, models
@ -6,7 +6,6 @@ from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("passbook_core", "0011_auto_20200222_1822"),
("passbook_policies", "0002_auto_20200508_1230"),
]
@ -18,7 +17,7 @@ class Migration(migrations.Migration):
blank=True,
related_name="_policybindingmodel_policies_+",
through="passbook_policies.PolicyBinding",
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
]

29
passbook/policies/models.py
View File

@ -1,16 +1,18 @@
"""Policy base models"""
from django.db import models
from django.utils.translation import gettext_lazy as _
from model_utils.managers import InheritanceManager
from passbook.core.models import Policy
from passbook.lib.models import UUIDModel
from passbook.lib.models import CreatedUpdatedModel, UUIDModel
from passbook.policies.exceptions import PolicyException
from passbook.policies.types import PolicyRequest, PolicyResult
class PolicyBindingModel(models.Model):
"""Base Model for objects that have policies applied to them."""
policies = models.ManyToManyField(
Policy, through="PolicyBinding", related_name="+", blank=True
"Policy", through="PolicyBinding", related_name="+", blank=True
)
class Meta:
@ -24,7 +26,7 @@ class PolicyBinding(UUIDModel):
enabled = models.BooleanField(default=True)
policy = models.ForeignKey(Policy, on_delete=models.CASCADE, related_name="+")
policy = models.ForeignKey("Policy", on_delete=models.CASCADE, related_name="+")
target = models.ForeignKey(
PolicyBindingModel, on_delete=models.CASCADE, related_name="+"
)
@ -39,3 +41,22 @@ class PolicyBinding(UUIDModel):
verbose_name = _("Policy Binding")
verbose_name_plural = _("Policy Bindings")
class Policy(UUIDModel, CreatedUpdatedModel):
"""Policies which specify if a user is authorized to use an Application. Can be overridden by
other types to add other fields, more logic, etc."""
name = models.TextField(blank=True, null=True)
negate = models.BooleanField(default=False)
order = models.IntegerField(default=0)
timeout = models.IntegerField(default=30)
objects = InheritanceManager()
def __str__(self):
return f"Policy {self.name}"
def passes(self, request: PolicyRequest) -> PolicyResult:
"""Check if user instance passes this policy"""
raise PolicyException()

6
passbook/policies/password/migrations/0001_initial.py
View File

@ -9,7 +9,7 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_core", "0001_initial"),
("passbook_policies", "0001_initial"),
]
operations = [
@ -24,7 +24,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
("amount_uppercase", models.IntegerField(default=0)),
@ -41,6 +41,6 @@ class Migration(migrations.Migration):
"verbose_name": "Password Policy",
"verbose_name_plural": "Password Policies",
},
bases=("passbook_core.policy",),
bases=("passbook_policies.policy",),
),
]

2
passbook/policies/password/models.py
View File

@ -5,7 +5,7 @@ from django.db import models
from django.utils.translation import gettext as _
from structlog import get_logger
from passbook.core.models import Policy
from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult
LOGGER = get_logger()

3
passbook/policies/process.py
View File

@ -6,8 +6,9 @@ from typing import Optional
from django.core.cache import cache
from structlog import get_logger
from passbook.core.models import Policy, User
from passbook.core.models import User
from passbook.policies.exceptions import PolicyException
from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult
LOGGER = get_logger()

6
passbook/policies/reputation/migrations/0001_initial.py
View File

@ -10,7 +10,7 @@ class Migration(migrations.Migration):
initial = True
dependencies = [
("passbook_core", "0001_initial"),
("passbook_policies", "0001_initial"),
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
]
@ -43,7 +43,7 @@ class Migration(migrations.Migration):
parent_link=True,
primary_key=True,
serialize=False,
to="passbook_core.Policy",
to="passbook_policies.Policy",
),
),
("check_ip", models.BooleanField(default=True)),
@ -54,7 +54,7 @@ class Migration(migrations.Migration):
"verbose_name": "Reputation Policy",
"verbose_name_plural": "Reputation Policies",
},
bases=("passbook_core.policy",),
bases=("passbook_policies.policy",),
),
migrations.CreateModel(
name="UserReputation",

3
passbook/policies/reputation/models.py
View File

@ -2,8 +2,9 @@
from django.db import models
from django.utils.translation import gettext as _
from passbook.core.models import Policy, User
from passbook.core.models import User
from passbook.lib.utils.http import get_client_ip
from passbook.policies.models import Policy
from passbook.policies.types import PolicyRequest, PolicyResult

3
passbook/policies/tests/test_engine.py
View File

@ -2,9 +2,10 @@
from django.core.cache import cache
from django.test import TestCase
from passbook.core.models import Policy, User
from passbook.core.models import User
from passbook.policies.dummy.models import DummyPolicy
from passbook.policies.engine import PolicyEngine
from passbook.policies.models import Policy
class PolicyTestEngine(TestCase):