new release: 0.6.9-beta

.bumpversion.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 0.6.8-beta
+current_version = 0.6.9-beta
 tag = True
 commit = True
 parse = (?P<major>\d+)\.(?P<minor>\d+)\.(?P<patch>\d+)\-(?P<release>.*)

.gitlab-ci.yml

@@ -96,7 +96,7 @@ build-passbook-server:
   before_script:
     - echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
   script:
-    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.beryju.org/passbook/server:latest --destination docker.beryju.org/passbook/server:0.6.8-beta
+    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination docker.beryju.org/passbook/server:latest --destination docker.beryju.org/passbook/server:0.6.9-beta
   only:
     - tags
     - /^version/.*$/
@@ -108,7 +108,7 @@ build-passbook-static:
   before_script:
     - echo "{\"auths\":{\"docker.beryju.org\":{\"auth\":\"$DOCKER_AUTH\"}}}" > /kaniko/.docker/config.json
   script:
-    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/static.Dockerfile --destination docker.beryju.org/passbook/static:latest --destination docker.beryju.org/passbook/static:0.6.8-beta
+    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/static.Dockerfile --destination docker.beryju.org/passbook/static:latest --destination docker.beryju.org/passbook/static:0.6.9-beta
   only:
     - tags
     - /^version/.*$/
@@ -136,12 +136,17 @@ package-helm:
     - /^version/.*$/
 
 notify-sentry:
-  image: alpine
+  image: getsentry/sentry-cli
   stage: post-release
+  variables:
+    SENTRY_URL: https://sentry.beryju.org
+    SENTRY_ORG: beryjuorg
+    SENTRY_PROJECT: passbook
   before_script:
     - apk add curl
   script:
-    - "curl $SENTRY_RELEASE -X POST -H 'Content-Type: application/json' -d '{\"version\": \"passbook@0.6.8-beta\"}'"
+    - sentry-cli releases new passbook@0.6.9-beta
+    - sentry-cli releases set-commits --auto passbook@0.6.9-beta
   only:
     - tags
     - /^version/.*$/

docker/nginx.conf

@@ -39,7 +39,7 @@ http {
         gzip on;
         gzip_types application/javascript image/* text/css;
         gunzip on;
-        add_header X-passbook-Version 0.6.8-beta;
+        add_header X-passbook-Version 0.6.9-beta;
         add_header Vary X-passbook-Version;
         root /data/;
 

helm/passbook/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v1
-appVersion: "0.6.8-beta"
+appVersion: "0.6.9-beta"
 description: A Helm chart for passbook.
 name: passbook
-version: "0.6.8-beta"
+version: "0.6.9-beta"
 icon: https://git.beryju.org/uploads/-/system/project/avatar/108/logo.png

helm/passbook/templates/configmap.yaml

@@ -13,4 +13,4 @@ data:
       cache_db: 0
       message_queue_db: 1
     error_report_enabled: {{ .Values.config.error_reporting }}
-    domain: ".{{ .Values.ingress.hosts[0] }}"
+    domain: ".{{ index .Values.ingress.hosts 0 }}"

helm/passbook/values.yaml

@@ -2,7 +2,7 @@
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 image:
-  tag: 0.6.8-beta
+  tag: 0.6.9-beta
 
 nameOverride: ""
 

passbook/__init__.py

@@ -1,2 +1,2 @@
 """passbook"""
-__version__ = '0.6.8-beta'
+__version__ = '0.6.9-beta'

passbook/core/migrations/0004_remove_policy_action.py

@@ -0,0 +1,17 @@
+# Generated by Django 2.2.6 on 2019-10-14 11:56
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('passbook_core', '0003_auto_20191011_0914'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='policy',
+            name='action',
+        ),
+    ]

passbook/core/models.py

@@ -186,15 +186,7 @@ class Policy(UUIDModel, CreatedUpdatedModel):
     """Policies which specify if a user is authorized to use an Application. Can be overridden by
     other types to add other fields, more logic, etc."""
 
-    ACTION_ALLOW = 'allow'
-    ACTION_DENY = 'deny'
-    ACTIONS = (
-        (ACTION_ALLOW, ACTION_ALLOW),
-        (ACTION_DENY, ACTION_DENY),
-    )
-
     name = models.TextField(blank=True, null=True)
-    action = models.CharField(max_length=20, choices=ACTIONS)
     negate = models.BooleanField(default=False)
     order = models.IntegerField(default=0)
     timeout = models.IntegerField(default=30)
@@ -202,9 +194,7 @@ class Policy(UUIDModel, CreatedUpdatedModel):
     objects = InheritanceManager()
 
     def __str__(self):
-        if self.name:
-            return self.name
-        return f"{self.name} action {self.action}"
+        return f"Policy {self.name}"
 
     def passes(self, request: PolicyRequest) -> PolicyResult:
         """Check if user instance passes this policy"""

passbook/policies/engine.py

@@ -13,12 +13,13 @@ from passbook.policies.struct import PolicyRequest, PolicyResult
 
 LOGGER = get_logger()
 
+
 class PolicyProcessInfo:
     """Dataclass to hold all information and communication channels to a process"""
 
     process: PolicyProcess
     connection: Connection
-    result: PolicyResult = None
+    result: PolicyResult
     policy: Policy
 
     def __init__(self, process: PolicyProcess, connection: Connection, policy: Policy):
@@ -91,9 +92,7 @@ class PolicyEngine:
         """Get policy-checking result"""
         messages: List[str] = []
         for proc_info in self.__processes:
-            # passing = (policy_action == Policy.ACTION_ALLOW and policy_result) or \
-            #           (policy_action == Policy.ACTION_DENY and not policy_result)
-            LOGGER.debug("Result", passing=proc_info.result.passing)
+            LOGGER.debug("Result", policy=proc_info.policy, passing=proc_info.result.passing)
             if proc_info.result.messages:
                 messages += proc_info.result.messages
             if not proc_info.result.passing:

passbook/policies/forms.py

@@ -1,3 +1,3 @@
 """General fields"""
 
-GENERAL_FIELDS = ['name', 'action', 'negate', 'order', 'timeout']
+GENERAL_FIELDS = ['name', 'negate', 'order', 'timeout']

passbook/policies/process.py

@@ -40,7 +40,7 @@ class PolicyProcess(Process):
             policy_result = PolicyResult(False, str(exc))
         # Invert result if policy.negate is set
         if self.policy.negate:
-            policy_result = not policy_result
+            policy_result.passing = not policy_result.passing
         LOGGER.debug("Got result", policy=self.policy, result=policy_result,
                      process="PolicyProcess")
         key = cache_key(self.policy, self.request.user)

passbook/policies/reputation/forms.py

@@ -1,5 +1,6 @@
 """passbook reputation request forms"""
 from django import forms
+from django.utils.translation import gettext_lazy as _
 
 from passbook.core.forms.policies import GENERAL_FIELDS
 from passbook.policies.reputation.models import ReputationPolicy
@@ -16,3 +17,6 @@ class ReputationPolicyForm(forms.ModelForm):
             'name': forms.TextInput(),
             'value': forms.TextInput(),
         }
+        labels = {
+            'check_ip': _('Check IP'),
+        }

passbook/policies/struct.py

@@ -1,4 +1,4 @@
-"""policy structs"""
+"""policy structures"""
 from __future__ import annotations
 
 from typing import TYPE_CHECKING, List

passbook/root/settings.py

@@ -118,7 +118,7 @@ CACHES = {
 }
 DJANGO_REDIS_IGNORE_EXCEPTIONS = True
 DJANGO_REDIS_LOG_IGNORED_EXCEPTIONS = True
-SESSION_ENGINE = "django.contrib.sessions.backends.cached_db"
+SESSION_ENGINE = "django.contrib.sessions.backends.cache"
 SESSION_CACHE_ALIAS = "default"
 
 MIDDLEWARE = [