authentik/passbook/admin/views/policies.py

"""passbook Policy administration"""
from typing import Any, Dict

from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.mixins import (
    PermissionRequiredMixin as DjangoPermissionRequiredMixin,
)
from django.contrib.messages.views import SuccessMessageMixin
from django.db.models import QuerySet
from django.http import HttpResponse
from django.urls import reverse_lazy
from django.utils.translation import gettext as _
from django.views.generic import FormView
from django.views.generic.detail import DetailView
from guardian.mixins import PermissionListMixin, PermissionRequiredMixin

from passbook.admin.forms.policies import PolicyTestForm
from passbook.admin.views.utils import (
    BackSuccessUrlMixin,
    DeleteMessageView,
    InheritanceCreateView,
    InheritanceListView,
    InheritanceUpdateView,
    UserPaginateListMixin,
)
from passbook.policies.models import Policy, PolicyBinding
from passbook.policies.process import PolicyProcess, PolicyRequest


class PolicyListView(
    LoginRequiredMixin, PermissionListMixin, UserPaginateListMixin, InheritanceListView
):
    """Show list of all policies"""

    model = Policy
    permission_required = "passbook_policies.view_policy"
    ordering = "name"
    template_name = "administration/policy/list.html"


class PolicyCreateView(
    SuccessMessageMixin,
    BackSuccessUrlMixin,
    LoginRequiredMixin,
    DjangoPermissionRequiredMixin,
    InheritanceCreateView,
):
    """Create new Policy"""

    model = Policy
    permission_required = "passbook_policies.add_policy"

    template_name = "generic/create.html"
    success_url = reverse_lazy("passbook_admin:policies")
    success_message = _("Successfully created Policy")


class PolicyUpdateView(
    SuccessMessageMixin,
    BackSuccessUrlMixin,
    LoginRequiredMixin,
    PermissionRequiredMixin,
    InheritanceUpdateView,
):
    """Update policy"""

    model = Policy
    permission_required = "passbook_policies.change_policy"

    template_name = "generic/update.html"
    success_url = reverse_lazy("passbook_admin:policies")
    success_message = _("Successfully updated Policy")


class PolicyDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageView):
    """Delete policy"""

    model = Policy
    permission_required = "passbook_policies.delete_policy"

    template_name = "generic/delete.html"
    success_url = reverse_lazy("passbook_admin:policies")
    success_message = _("Successfully deleted Policy")


class PolicyTestView(LoginRequiredMixin, DetailView, PermissionRequiredMixin, FormView):
    """View to test policy(s)"""

    model = Policy
    form_class = PolicyTestForm
    permission_required = "passbook_policies.view_policy"
    template_name = "administration/policy/test.html"
    object = None

    def get_object(self, queryset=None) -> QuerySet:
        return (
            Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()
        )

    def get_context_data(self, **kwargs: Any) -> Dict[str, Any]:
        kwargs["policy"] = self.get_object()
        return super().get_context_data(**kwargs)

    def post(self, *args, **kwargs) -> HttpResponse:
        self.object = self.get_object()
        return super().post(*args, **kwargs)

    def form_valid(self, form: PolicyTestForm) -> HttpResponse:
        policy = self.get_object()
        user = form.cleaned_data.get("user")

        p_request = PolicyRequest(user)
        p_request.http_request = self.request
        p_request.context = form.cleaned_data

        proc = PolicyProcess(PolicyBinding(policy=policy), p_request, None)
        result = proc.execute()
        if result.passing:
            messages.success(self.request, _("User successfully passed policy."))
        else:
            messages.error(self.request, _("User didn't pass policy."))
        return self.render_to_response(self.get_context_data(form=form, result=result))
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""passbook Policy administration"""`
policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`from typing import Any, Dict`

Rule -> Policies 2019-02-16 09:24:31 +00:00			`from django.contrib import messages`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from django.contrib.auth.mixins import LoginRequiredMixin`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`from django.contrib.auth.mixins import (`
			`PermissionRequiredMixin as DjangoPermissionRequiredMixin,`
			`)`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`from django.contrib.messages.views import SuccessMessageMixin`
policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`from django.db.models import QuerySet`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`from django.http import HttpResponse`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`from django.urls import reverse_lazy`
pytest (#209) 2020-09-11 21:21:11 +00:00			`from django.utils.translation import gettext as _`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`from django.views.generic import FormView`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`from django.views.generic.detail import DetailView`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from guardian.mixins import PermissionListMixin, PermissionRequiredMixin`
Rule -> Policies 2019-02-16 09:24:31 +00:00
			`from passbook.admin.forms.policies import PolicyTestForm`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`from passbook.admin.views.utils import (`
admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`BackSuccessUrlMixin,`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`DeleteMessageView,`
			`InheritanceCreateView,`
			`InheritanceListView,`
admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`InheritanceUpdateView,`
			`UserPaginateListMixin,`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`)`
policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`from passbook.policies.models import Policy, PolicyBinding`
			`from passbook.policies.process import PolicyProcess, PolicyRequest`
Rule -> Policies 2019-02-16 09:24:31 +00:00

admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`class PolicyListView(`
			`LoginRequiredMixin, PermissionListMixin, UserPaginateListMixin, InheritanceListView`
			`):`
fix inconsistent naming again 2019-02-16 10:13:00 +00:00			`"""Show list of all policies"""`
Rule -> Policies 2019-02-16 09:24:31 +00:00
			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.view_policy"`
policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`ordering = "name"`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "administration/policy/list.html"`
Rule -> Policies 2019-02-16 09:24:31 +00:00

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`class PolicyCreateView(`
			`SuccessMessageMixin,`
admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`BackSuccessUrlMixin,`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`LoginRequiredMixin,`
			`DjangoPermissionRequiredMixin,`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`InheritanceCreateView,`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""Create new Policy"""`

admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.add_policy"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/create.html"`
			`success_url = reverse_lazy("passbook_admin:policies")`
			`success_message = _("Successfully created Policy")`
Rule -> Policies 2019-02-16 09:24:31 +00:00

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`class PolicyUpdateView(`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`SuccessMessageMixin,`
admin: add BackSuccessUrlMixin to redirect to correct url after form edit 2020-09-25 23:56:28 +00:00			`BackSuccessUrlMixin,`
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`LoginRequiredMixin,`
			`PermissionRequiredMixin,`
			`InheritanceUpdateView,`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""Update policy"""`

			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.change_policy"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/update.html"`
			`success_url = reverse_lazy("passbook_admin:policies")`
			`success_message = _("Successfully updated Policy")`
Rule -> Policies 2019-02-16 09:24:31 +00:00
admin: load custom policy templates 2020-02-18 20:35:21 +00:00
admin: remove duplicate code into new base classes 2020-07-01 22:13:33 +00:00			`class PolicyDeleteView(LoginRequiredMixin, PermissionRequiredMixin, DeleteMessageView):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""Delete policy"""`

			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.delete_policy"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/delete.html"`
			`success_url = reverse_lazy("passbook_admin:policies")`
			`success_message = _("Successfully deleted Policy")`
Rule -> Policies 2019-02-16 09:24:31 +00:00

admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`class PolicyTestView(LoginRequiredMixin, DetailView, PermissionRequiredMixin, FormView):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""View to test policy(s)"""`

			`model = Policy`
			`form_class = PolicyTestForm`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.view_policy"`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "administration/policy/test.html"`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`object = None`

policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`def get_object(self, queryset=None) -> QuerySet:`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`return (`
			`Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()`
			`)`
Rule -> Policies 2019-02-16 09:24:31 +00:00
policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`def get_context_data(self, **kwargs: Any) -> Dict[str, Any]:`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`kwargs["policy"] = self.get_object()`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`return super().get_context_data(**kwargs)`

policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`def post(self, args, *kwargs) -> HttpResponse:`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`self.object = self.get_object()`
			`return super().post(args, *kwargs)`

policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00			`def form_valid(self, form: PolicyTestForm) -> HttpResponse:`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`policy = self.get_object()`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`user = form.cleaned_data.get("user")`
policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple 2020-05-28 19:45:54 +00:00
			`p_request = PolicyRequest(user)`
			`p_request.http_request = self.request`
			`p_request.context = form.cleaned_data`

			`proc = PolicyProcess(PolicyBinding(policy=policy), p_request, None)`
			`result = proc.execute()`
admin: fix policy testing form not showing the correct result 2020-05-28 19:50:43 +00:00			`if result.passing:`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`messages.success(self.request, _("User successfully passed policy."))`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`else:`
			`messages.error(self.request, _("User didn't pass policy."))`
			`return self.render_to_response(self.get_context_data(form=form, result=result))`