habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

policies/reputation: require either check to be enabled (#6764)

Browse Source 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L
2023-09-05 22:15:14 +02:00
committed by GitHub
parent e373bae189
commit 8c3f578187
3 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
authentik/policies/reputation/api.py
View File

@ -1,5 +1,7 @@
"""Reputation policy API Views""" """Reputation policy API Views"""
from django.utils.translation import gettext_lazy as _
from rest_framework import mixins from rest_framework import mixins
from rest_framework.exceptions import ValidationError
from rest_framework.serializers import ModelSerializer from rest_framework.serializers import ModelSerializer
from rest_framework.viewsets import GenericViewSet, ModelViewSet from rest_framework.viewsets import GenericViewSet, ModelViewSet
@ -11,6 +13,11 @@ from authentik.policies.reputation.models import Reputation, ReputationPolicy
class ReputationPolicySerializer(PolicySerializer): class ReputationPolicySerializer(PolicySerializer):
"""Reputation Policy Serializer""" """Reputation Policy Serializer"""
def validate(self, attrs: dict) -> dict:
if not attrs.get("check_ip", False) and not attrs.get("check_username", False):
raise ValidationError(_("Either IP or Username must be checked"))
return super().validate(attrs)
class Meta: class Meta:
model = ReputationPolicy model = ReputationPolicy
fields = PolicySerializer.Meta.fields + [ fields = PolicySerializer.Meta.fields + [

7
authentik/policies/reputation/tests.py
View File

@ -3,6 +3,8 @@ from django.core.cache import cache
from django.test import RequestFactory, TestCase from django.test import RequestFactory, TestCase
from authentik.core.models import User from authentik.core.models import User
from authentik.lib.generators import generate_id
from authentik.policies.reputation.api import ReputationPolicySerializer
from authentik.policies.reputation.models import CACHE_KEY_PREFIX, Reputation, ReputationPolicy from authentik.policies.reputation.models import CACHE_KEY_PREFIX, Reputation, ReputationPolicy
from authentik.policies.reputation.tasks import save_reputation from authentik.policies.reputation.tasks import save_reputation
from authentik.policies.types import PolicyRequest from authentik.policies.types import PolicyRequest
@ -61,3 +63,8 @@ class TestReputationPolicy(TestCase):
name="reputation-test", threshold=0 name="reputation-test", threshold=0
) )
self.assertTrue(policy.passes(request).passing) self.assertTrue(policy.passes(request).passing)
def test_api(self):
"""Test API Validation"""
no_toggle = ReputationPolicySerializer(data={"name": generate_id(), "threshold": -5})
self.assertFalse(no_toggle.is_valid())

2
web/src/admin/policies/reputation/ReputationPolicyForm.ts
View File

@ -93,7 +93,7 @@ doesn't pass when either or both of the selected options are equal or above the
<input <input
class="pf-c-switch__input" class="pf-c-switch__input"
type="checkbox" type="checkbox"
?checked=${first(this.instance?.checkIp, false)} ?checked=${first(this.instance?.checkIp, true)}
/> />
<span class="pf-c-switch__toggle"> <span class="pf-c-switch__toggle">
<span class="pf-c-switch__toggle-icon"> <span class="pf-c-switch__toggle-icon">