authentik/passbook/admin/views/policies.py

"""passbook Policy administration"""
from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.mixins import (
    PermissionRequiredMixin as DjangoPermissionRequiredMixin,
)
from django.contrib.messages.views import SuccessMessageMixin
from django.http import Http404
from django.urls import reverse_lazy
from django.utils.translation import ugettext as _
from django.views.generic import DeleteView, FormView, ListView, UpdateView
from django.views.generic.detail import DetailView
from guardian.mixins import PermissionListMixin, PermissionRequiredMixin

from passbook.admin.forms.policies import PolicyTestForm
from passbook.lib.utils.reflection import all_subclasses, path_to_class
from passbook.lib.views import CreateAssignPermView
from passbook.policies.engine import PolicyEngine
from passbook.policies.models import Policy


class PolicyListView(LoginRequiredMixin, PermissionListMixin, ListView):
    """Show list of all policies"""

    model = Policy
    permission_required = "passbook_policies.view_policy"
    paginate_by = 10
    ordering = "order"
    template_name = "administration/policy/list.html"

    def get_context_data(self, **kwargs):
        kwargs["types"] = {x.__name__: x for x in all_subclasses(Policy)}
        return super().get_context_data(**kwargs)

    def get_queryset(self):
        return super().get_queryset().select_subclasses()


class PolicyCreateView(
    SuccessMessageMixin,
    LoginRequiredMixin,
    DjangoPermissionRequiredMixin,
    CreateAssignPermView,
):
    """Create new Policy"""

    model = Policy
    permission_required = "passbook_policies.add_policy"

    template_name = "generic/create.html"
    success_url = reverse_lazy("passbook_admin:policies")
    success_message = _("Successfully created Policy")

    def get_context_data(self, **kwargs):
        kwargs = super().get_context_data(**kwargs)
        form_cls = self.get_form_class()
        if hasattr(form_cls, "template_name"):
            kwargs["base_template"] = form_cls.template_name
        return kwargs

    def get_form_class(self):
        policy_type = self.request.GET.get("type")
        try:
            model = next(x for x in all_subclasses(Policy) if x.__name__ == policy_type)
        except StopIteration as exc:
            raise Http404 from exc
        return path_to_class(model.form)


class PolicyUpdateView(
    SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, UpdateView
):
    """Update policy"""

    model = Policy
    permission_required = "passbook_policies.change_policy"

    template_name = "generic/update.html"
    success_url = reverse_lazy("passbook_admin:policies")
    success_message = _("Successfully updated Policy")

    def get_context_data(self, **kwargs):
        kwargs = super().get_context_data(**kwargs)
        form_cls = self.get_form_class()
        if hasattr(form_cls, "template_name"):
            kwargs["base_template"] = form_cls.template_name
        return kwargs

    def get_form_class(self):
        form_class_path = self.get_object().form
        form_class = path_to_class(form_class_path)
        return form_class

    def get_object(self, queryset=None):
        return (
            Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()
        )


class PolicyDeleteView(
    SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, DeleteView
):
    """Delete policy"""

    model = Policy
    permission_required = "passbook_policies.delete_policy"

    template_name = "generic/delete.html"
    success_url = reverse_lazy("passbook_admin:policies")
    success_message = _("Successfully deleted Policy")

    def get_object(self, queryset=None):
        return (
            Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()
        )

    def delete(self, request, *args, **kwargs):
        messages.success(self.request, self.success_message)
        return super().delete(request, *args, **kwargs)


class PolicyTestView(LoginRequiredMixin, DetailView, PermissionRequiredMixin, FormView):
    """View to test policy(s)"""

    model = Policy
    form_class = PolicyTestForm
    permission_required = "passbook_policies.view_policy"
    template_name = "administration/policy/test.html"
    object = None

    def get_object(self, queryset=None):
        return (
            Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()
        )

    def get_context_data(self, **kwargs):
        kwargs["policy"] = self.get_object()
        return super().get_context_data(**kwargs)

    def post(self, *args, **kwargs):
        self.object = self.get_object()
        return super().post(*args, **kwargs)

    def form_valid(self, form):
        policy = self.get_object()
        user = form.cleaned_data.get("user")
        policy_engine = PolicyEngine([policy], user, self.request)
        policy_engine.use_cache = False
        policy_engine.build()
        result = policy_engine.passing
        if result:
            messages.success(self.request, _("User successfully passed policy."))
        else:
            messages.error(self.request, _("User didn't pass policy."))
        return self.render_to_response(self.get_context_data(form=form, result=result))
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""passbook Policy administration"""`
			`from django.contrib import messages`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from django.contrib.auth.mixins import LoginRequiredMixin`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`from django.contrib.auth.mixins import (`
			`PermissionRequiredMixin as DjangoPermissionRequiredMixin,`
			`)`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`from django.contrib.messages.views import SuccessMessageMixin`
			`from django.http import Http404`
			`from django.urls import reverse_lazy`
			`from django.utils.translation import ugettext as _`
admin(minor): fix linting 2019-10-10 11:05:03 +00:00			`from django.views.generic import DeleteView, FormView, ListView, UpdateView`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`from django.views.generic.detail import DetailView`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from guardian.mixins import PermissionListMixin, PermissionRequiredMixin`
Rule -> Policies 2019-02-16 09:24:31 +00:00
			`from passbook.admin.forms.policies import PolicyTestForm`
admin: remove more duplicate code 2020-05-13 11:45:57 +00:00			`from passbook.lib.utils.reflection import all_subclasses, path_to_class`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`from passbook.lib.views import CreateAssignPermView`
*(minor): small refactor 2019-10-07 14:33:48 +00:00			`from passbook.policies.engine import PolicyEngine`
*: migrate from PolicyModel to PolicyBindingModel, move Policy to passbook_policies 2020-05-16 16:07:00 +00:00			`from passbook.policies.models import Policy`
Rule -> Policies 2019-02-16 09:24:31 +00:00

admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`class PolicyListView(LoginRequiredMixin, PermissionListMixin, ListView):`
fix inconsistent naming again 2019-02-16 10:13:00 +00:00			`"""Show list of all policies"""`
Rule -> Policies 2019-02-16 09:24:31 +00:00
			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.view_policy"`
admin: fix some models not being paginated 2020-02-27 14:30:28 +00:00			`paginate_by = 10`
helm: change static healthcheck and port 2020-02-21 20:50:16 +00:00			`ordering = "order"`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "administration/policy/list.html"`
Rule -> Policies 2019-02-16 09:24:31 +00:00
			`def get_context_data(self, **kwargs):`
admin: fix linting 2020-05-20 11:59:56 +00:00			`kwargs["types"] = {x.__name__: x for x in all_subclasses(Policy)}`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`return super().get_context_data(**kwargs)`

			`def get_queryset(self):`
helm: change static healthcheck and port 2020-02-21 20:50:16 +00:00			`return super().get_queryset().select_subclasses()`
Rule -> Policies 2019-02-16 09:24:31 +00:00

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`class PolicyCreateView(`
			`SuccessMessageMixin,`
			`LoginRequiredMixin,`
			`DjangoPermissionRequiredMixin,`
			`CreateAssignPermView,`
			`):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""Create new Policy"""`

admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.add_policy"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/create.html"`
			`success_url = reverse_lazy("passbook_admin:policies")`
			`success_message = _("Successfully created Policy")`
Rule -> Policies 2019-02-16 09:24:31 +00:00
admin: load custom policy templates 2020-02-18 20:35:21 +00:00			`def get_context_data(self, **kwargs):`
			`kwargs = super().get_context_data(**kwargs)`
			`form_cls = self.get_form_class()`
			`if hasattr(form_cls, "template_name"):`
			`kwargs["base_template"] = form_cls.template_name`
			`return kwargs`

Rule -> Policies 2019-02-16 09:24:31 +00:00			`def get_form_class(self):`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`policy_type = self.request.GET.get("type")`
admin: add generic tests 2020-05-19 18:59:43 +00:00			`try:`
			`model = next(x for x in all_subclasses(Policy) if x.__name__ == policy_type)`
			`except StopIteration as exc:`
			`raise Http404 from exc`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`return path_to_class(model.form)`


all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`class PolicyUpdateView(`
			`SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, UpdateView`
			`):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""Update policy"""`

			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.change_policy"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/update.html"`
			`success_url = reverse_lazy("passbook_admin:policies")`
			`success_message = _("Successfully updated Policy")`
Rule -> Policies 2019-02-16 09:24:31 +00:00
admin: load custom policy templates 2020-02-18 20:35:21 +00:00			`def get_context_data(self, **kwargs):`
			`kwargs = super().get_context_data(**kwargs)`
			`form_cls = self.get_form_class()`
			`if hasattr(form_cls, "template_name"):`
			`kwargs["base_template"] = form_cls.template_name`
			`return kwargs`

Rule -> Policies 2019-02-16 09:24:31 +00:00			`def get_form_class(self):`
			`form_class_path = self.get_object().form`
			`form_class = path_to_class(form_class_path)`
			`return form_class`

			`def get_object(self, queryset=None):`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`return (`
			`Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()`
			`)`
Rule -> Policies 2019-02-16 09:24:31 +00:00

all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`class PolicyDeleteView(`
			`SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, DeleteView`
			`):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""Delete policy"""`

			`model = Policy`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.delete_policy"`
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "generic/delete.html"`
			`success_url = reverse_lazy("passbook_admin:policies")`
			`success_message = _("Successfully deleted Policy")`
Rule -> Policies 2019-02-16 09:24:31 +00:00
			`def get_object(self, queryset=None):`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`return (`
			`Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()`
			`)`
Rule -> Policies 2019-02-16 09:24:31 +00:00
Improve partially broken Delete Views, show success message on deletion 2019-02-26 08:46:44 +00:00			`def delete(self, request, args, *kwargs):`
			`messages.success(self.request, self.success_message)`
			`return super().delete(request, args, *kwargs)`

Rule -> Policies 2019-02-16 09:24:31 +00:00
admin(major): rewrite all views to use guardian mixins 2019-10-10 11:01:49 +00:00			`class PolicyTestView(LoginRequiredMixin, DetailView, PermissionRequiredMixin, FormView):`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`"""View to test policy(s)"""`

			`model = Policy`
			`form_class = PolicyTestForm`
admin: add flow-stage-bindings, add policy-bindings, add prompts 2020-05-16 17:55:59 +00:00			`permission_required = "passbook_policies.view_policy"`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`template_name = "administration/policy/test.html"`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`object = None`

			`def get_object(self, queryset=None):`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`return (`
			`Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()`
			`)`
Rule -> Policies 2019-02-16 09:24:31 +00:00
			`def get_context_data(self, **kwargs):`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`kwargs["policy"] = self.get_object()`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`return super().get_context_data(**kwargs)`

			`def post(self, args, *kwargs):`
			`self.object = self.get_object()`
			`return super().post(args, *kwargs)`

			`def form_valid(self, form):`
			`policy = self.get_object()`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`user = form.cleaned_data.get("user")`
policy(major): simplify PolicyEngine API, add flag to ignore cache for debug purposes 2019-10-15 13:44:59 +00:00			`policy_engine = PolicyEngine([policy], user, self.request)`
			`policy_engine.use_cache = False`
			`policy_engine.build()`
consistently using PolicyEngine 2019-03-10 01:07:18 +00:00			`result = policy_engine.passing`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`if result:`
all: implement black as code formatter 2019-12-31 11:51:16 +00:00			`messages.success(self.request, _("User successfully passed policy."))`
Rule -> Policies 2019-02-16 09:24:31 +00:00			`else:`
			`messages.error(self.request, _("User didn't pass policy."))`
			`return self.render_to_response(self.get_context_data(form=form, result=result))`