This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/passbook/core/views/access.py

41 lines
1.5 KiB
Python
Raw Normal View History

"""passbook access helper classes"""
from django.contrib import messages
from django.http import HttpRequest
from django.utils.translation import gettext as _
2019-10-01 08:24:10 +00:00
from structlog import get_logger
2018-12-09 20:07:38 +00:00
from passbook.core.models import Application, Provider, User
2019-10-07 14:33:48 +00:00
from passbook.policies.engine import PolicyEngine
Squashed commit of the following: commit 270739a45a14e9d994f95d805c9ee8be205bd40c Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Thu May 28 21:50:43 2020 +0200 admin: fix policy testing form not showing the correct result commit df8995deed1137cc95136786d6961624ccd73191 Author: Jens L <jens@beryju.org> Date: Thu May 28 21:45:54 2020 +0200 policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple commit fdfc6472d2eddfa93ddb408a926f14f58a592cc6 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Thu May 28 10:36:10 2020 +0200 admin: fixup some urls commit bc495828e7965e58864027269f39f991eccd417e Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu May 28 09:39:28 2020 +0200 build(deps): bump django-redis from 4.11.0 to 4.12.1 (#38) Bumps [django-redis](https://github.com/jazzband/django-redis) from 4.11.0 to 4.12.1. - [Release notes](https://github.com/jazzband/django-redis/releases) - [Changelog](https://github.com/jazzband/django-redis/blob/master/CHANGES.rst) - [Commits](https://github.com/jazzband/django-redis/compare/4.11.0...4.12.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> commit fa138a273f0882e5badd742094c862ad6b3cf6e4 Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu May 28 08:59:19 2020 +0200 build(deps): bump boto3 from 1.13.17 to 1.13.18 (#37) Bumps [boto3](https://github.com/boto/boto3) from 1.13.17 to 1.13.18. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.13.17...1.13.18) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 19:56:18 +00:00
from passbook.policies.types import PolicyResult
2018-12-09 20:07:38 +00:00
LOGGER = get_logger()
2019-12-31 11:51:16 +00:00
class AccessMixin:
"""Mixin class for usage in Authorization views.
Provider functions to check application access, etc"""
# request is set by view but since this Mixin has no base class
request: HttpRequest = None
def provider_to_application(self, provider: Provider) -> Application:
"""Lookup application assigned to provider, throw error if no application assigned"""
2018-12-09 20:07:38 +00:00
try:
return provider.application
except Application.DoesNotExist as exc:
2019-12-31 11:51:16 +00:00
messages.error(
self.request,
_(
'Provider "%(name)s" has no application assigned'
% {"name": provider}
),
)
raise exc
Squashed commit of the following: commit 270739a45a14e9d994f95d805c9ee8be205bd40c Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Thu May 28 21:50:43 2020 +0200 admin: fix policy testing form not showing the correct result commit df8995deed1137cc95136786d6961624ccd73191 Author: Jens L <jens@beryju.org> Date: Thu May 28 21:45:54 2020 +0200 policies/*: remove Policy.negate, order, timeout (#39) policies: rewrite engine to use PolicyBinding for order/negate/timeout policies: rewrite engine to use PolicyResult instead of tuple commit fdfc6472d2eddfa93ddb408a926f14f58a592cc6 Author: Jens Langhammer <jens.langhammer@beryju.org> Date: Thu May 28 10:36:10 2020 +0200 admin: fixup some urls commit bc495828e7965e58864027269f39f991eccd417e Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu May 28 09:39:28 2020 +0200 build(deps): bump django-redis from 4.11.0 to 4.12.1 (#38) Bumps [django-redis](https://github.com/jazzband/django-redis) from 4.11.0 to 4.12.1. - [Release notes](https://github.com/jazzband/django-redis/releases) - [Changelog](https://github.com/jazzband/django-redis/blob/master/CHANGES.rst) - [Commits](https://github.com/jazzband/django-redis/compare/4.11.0...4.12.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> commit fa138a273f0882e5badd742094c862ad6b3cf6e4 Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu May 28 08:59:19 2020 +0200 build(deps): bump boto3 from 1.13.17 to 1.13.18 (#37) Bumps [boto3](https://github.com/boto/boto3) from 1.13.17 to 1.13.18. - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](https://github.com/boto/boto3/compare/1.13.17...1.13.18) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-05-28 19:56:18 +00:00
def user_has_access(self, application: Application, user: User) -> PolicyResult:
"""Check if user has access to application."""
LOGGER.debug("Checking permissions", user=user, application=application)
policy_engine = PolicyEngine(application.policies.all(), user, self.request)
policy_engine.build()
2019-03-12 09:56:01 +00:00
return policy_engine.result