From 2a4679e3900b895fee700f0a6b5ff061266d6ba4 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 6 Sep 2022 10:24:10 +0200 Subject: [PATCH] flows: fix incorrect diagram for policies bound to flows closes #3534 Signed-off-by: Jens Langhammer --- authentik/flows/api/flows.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/authentik/flows/api/flows.py b/authentik/flows/api/flows.py index bd0a32b32..45bb01492 100644 --- a/authentik/flows/api/flows.py +++ b/authentik/flows/api/flows.py @@ -277,11 +277,16 @@ class FlowViewSet(UsedByMixin, ModelViewSet): if element.type == "condition": # Policy passes, link policy yes to next stage footer.append(f"{element.identifier}(yes, right)->{body[index + 1].identifier}") - # Policy doesn't pass, go to stage after next stage - no_element = body[index + 1] - if no_element.type != "end": - no_element = body[index + 2] - footer.append(f"{element.identifier}(no, bottom)->{no_element.identifier}") + # For policies bound to the flow itself, if they deny, + # the flow doesn't get executed, hence directly to the end + if element.identifier.startswith("flow_policy_"): + footer.append(f"{element.identifier}(no, bottom)->e") + else: + # Policy doesn't pass, go to stage after next stage + no_element = body[index + 1] + if no_element.type != "end": + no_element = body[index + 2] + footer.append(f"{element.identifier}(no, bottom)->{no_element.identifier}") elif element.type == "operation": footer.append(f"{element.identifier}(bottom)->{body[index + 1].identifier}") diagram = "\n".join([str(x) for x in header + body + footer])