policies/expression: add pb_flow_plan variable
This commit is contained in:
Jens Langhammer
@ -10,6 +10,7 @@ The following objects are passed into the variable:
|
||||
- `request.user`: The current User, which the Policy is applied against. ([ref](../../property-mappings/reference/user-object.md))
|
||||
- `request.http_request`: The Django HTTP Request, as documented [here](https://docs.djangoproject.com/en/3.0/ref/request-response/#httprequest-objects).
|
||||
- `request.obj`: A Django Model instance. This is only set if the Policy is ran against an object.
|
||||
- `pb_flow_plan`: Current Plan if Policy is called while a flow is active.
|
||||
- `pb_is_sso_flow`: Boolean which is true if request was initiated by authenticating through an external Provider.
|
||||
- `pb_is_group_member(user, group_name)`: Function which checks if `user` is member of a Group with Name `gorup_name`.
|
||||
- `pb_logger`: Standard Python Logger Object, which can be used to debug expressions.
|
||||
|
||||
@ -23,7 +23,6 @@ def user_stages(context: RequestContext) -> List[UIUserSettings]:
|
||||
if not user_settings:
|
||||
continue
|
||||
matching_stages.append(user_settings)
|
||||
print(matching_stages)
|
||||
return matching_stages
|
||||
|
||||
|
||||
|
||||
@ -17,6 +17,7 @@ class TestFlowsMisc(TestCase):
|
||||
"""Test that stage serializer returns the correct type"""
|
||||
obj = DummyStage()
|
||||
self.assertEqual(StageSerializer().get_type(obj), "dummy")
|
||||
self.assertEqual(StageSerializer().get_verbose_name(obj), "Dummy Stage")
|
||||
|
||||
def test_api_viewset(self):
|
||||
"""Test that stage serializer returns the correct type"""
|
||||
|
||||
@ -9,6 +9,7 @@ from jinja2.nativetypes import NativeEnvironment
|
||||
from structlog import get_logger
|
||||
|
||||
from passbook.flows.planner import PLAN_CONTEXT_SSO
|
||||
from passbook.flows.views import SESSION_KEY_PLAN
|
||||
from passbook.lib.utils.http import get_client_ip
|
||||
from passbook.policies.types import PolicyRequest, PolicyResult
|
||||
|
||||
@ -54,13 +55,14 @@ class Evaluator:
|
||||
kwargs["pb_is_group_member"] = Evaluator.jinja2_func_is_group_member
|
||||
kwargs["pb_logger"] = get_logger()
|
||||
if request.http_request:
|
||||
# TODO: Get access to current plan
|
||||
kwargs["pb_is_sso_flow"] = request.http_request.session.get(
|
||||
PLAN_CONTEXT_SSO, False
|
||||
)
|
||||
kwargs["pb_client_ip"] = (
|
||||
get_client_ip(request.http_request) or "255.255.255.255"
|
||||
)
|
||||
if SESSION_KEY_PLAN in request.http_request.session:
|
||||
kwargs["pb_flow_plan"] = request.http_request.session[SESSION_KEY_PLAN]
|
||||
return kwargs
|
||||
|
||||
def evaluate(self, expression_source: str, request: PolicyRequest) -> PolicyResult:
|
||||
|
||||
@ -13,6 +13,7 @@
|
||||
<li><code>request.user</code>: Passbook User Object (<a href="https://beryju.github.io/passbook/property-mappings/reference/user-object/">Reference</a>)</li>
|
||||
<li><code>request.http_request</code>: Django HTTP Request Object (<a href="https://docs.djangoproject.com/en/3.0/ref/request-response/#httprequest-objects">Reference</a>) </li>
|
||||
<li><code>request.obj</code>: Model the Policy is run against. </li>
|
||||
<li><code>pb_flow_plan</code>: Current Plan if Policy is called while a flow is active.</li>
|
||||
<li><code>pb_is_sso_flow</code>: Boolean which is true if request was initiated by authenticating through an external Provider.</li>
|
||||
<li><code>pb_is_group_member(user, group_name)</code>: Function which checks if <code>user</code> is member of a Group with Name <code>group_name</code>.</li>
|
||||
<li><code>pb_logger</code>: Standard Python Logger Object, which can be used to debug expressions.</li>
|
||||
|
||||
@ -13,4 +13,3 @@ def on_application_save(sender, instance: Application, **_):
|
||||
if isinstance(instance.provider, OpenIDProvider):
|
||||
instance.provider.oidc_client.require_consent = not instance.skip_authorization
|
||||
instance.provider.oidc_client.save()
|
||||
print("updating skip_authz")
|
||||
|
||||
Reference in New Issue
Block a user