providers/saml: migrate saml property mappings to web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-03-31 23:31:24 +02:00
parent 221e6190c8
commit d3f2f987e0
12 changed files with 119 additions and 87 deletions
--- a/authentik/core/api/propertymappings.py
+++ b/authentik/core/api/propertymappings.py
@ -1,7 +1,6 @@
 """PropertyMapping API Views"""
 from json import dumps

-from django.urls import reverse
 from drf_yasg.utils import swagger_auto_schema
 from guardian.shortcuts import get_objects_for_user
 from rest_framework import mixins
@ -19,6 +18,7 @@ from authentik.core.api.utils import (
    PassiveSerializer,
    TypeCreateSerializer,
 )
+from authentik.core.expression import PropertyMappingEvaluator
 from authentik.core.models import PropertyMapping
 from authentik.lib.templatetags.authentik_utils import verbose_name
 from authentik.lib.utils.reflection import all_subclasses
@ -41,6 +41,12 @@ class PropertyMappingSerializer(ModelSerializer, MetaNameSerializer):
        """Get object type so that we know which API Endpoint to use to get the full object"""
        return obj._meta.object_name.lower().replace("propertymapping", "")

+    def validate_expression(self, expression: str) -> str:
+        """Test Syntax"""
+        evaluator = PropertyMappingEvaluator()
+        evaluator.validate(expression)
+        return expression
+
    class Meta:

        model = PropertyMapping
@ -109,7 +115,7 @@ class PropertyMappingViewSet(
        if not users.exists():
            raise PermissionDenied()

-        response_data = {"successful": True}
+        response_data = {"successful": True, "result": ""}
        try:
            result = mapping.evaluate(
                users.first(),
--- a/authentik/core/tests/test_property_mapping_api.py
+++ b/authentik/core/tests/test_property_mapping_api.py
@ -2,8 +2,10 @@
 from json import dumps

 from django.urls import reverse
+from rest_framework.serializers import ValidationError
 from rest_framework.test import APITestCase

+from authentik.core.api.propertymappings import PropertyMappingSerializer
 from authentik.core.models import PropertyMapping, User


@ -19,7 +21,7 @@ class TestPropertyMappingAPI(APITestCase):
        self.client.force_login(self.user)

    def test_test_call(self):
-        """Test Policy's test endpoint"""
+        """Test PropertMappings's test endpoint"""
        response = self.client.post(
            reverse(
                "authentik_api:propertymapping-test", kwargs={"pk": self.mapping.pk}
@ -32,3 +34,12 @@ class TestPropertyMappingAPI(APITestCase):
            response.content.decode(),
            {"result": dumps({"foo": "bar"}), "successful": True},
        )
+
+    def test_validate(self):
+        """Test PropertyMappings's validation"""
+        # Because the root property-mapping has no write operation, we just instantiate
+        # a serializer and test inline
+        expr = "return True"
+        self.assertEqual(PropertyMappingSerializer().validate_expression(expr), expr)
+        with self.assertRaises(ValidationError):
+            print(PropertyMappingSerializer().validate_expression("/"))