policies/event_matcher: migrate to web
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
6a3e1da986
commit
415bb4cc88
|
@ -2,7 +2,6 @@
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
from guardian.shortcuts import get_anonymous_user
|
from guardian.shortcuts import get_anonymous_user
|
||||||
|
|
||||||
from authentik.policies.dummy.forms import DummyPolicyForm
|
|
||||||
from authentik.policies.dummy.models import DummyPolicy
|
from authentik.policies.dummy.models import DummyPolicy
|
||||||
from authentik.policies.engine import PolicyRequest
|
from authentik.policies.engine import PolicyRequest
|
||||||
|
|
||||||
|
@ -22,18 +21,3 @@ class TestDummyPolicy(TestCase):
|
||||||
result = policy.passes(self.request)
|
result = policy.passes(self.request)
|
||||||
self.assertFalse(result.passing)
|
self.assertFalse(result.passing)
|
||||||
self.assertEqual(result.messages, ("dummy",))
|
self.assertEqual(result.messages, ("dummy",))
|
||||||
|
|
||||||
def test_form(self):
|
|
||||||
"""test form"""
|
|
||||||
form = DummyPolicyForm(
|
|
||||||
data={
|
|
||||||
"name": "dummy",
|
|
||||||
"negate": False,
|
|
||||||
"order": 0,
|
|
||||||
"timeout": 1,
|
|
||||||
"result": True,
|
|
||||||
"wait_min": 1,
|
|
||||||
"wait_max": 2,
|
|
||||||
}
|
|
||||||
)
|
|
||||||
self.assertTrue(form.is_valid())
|
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
"""authentik Event Matcher Policy forms"""
|
|
||||||
|
|
||||||
from django import forms
|
|
||||||
from django.utils.translation import gettext_lazy as _
|
|
||||||
|
|
||||||
from authentik.policies.event_matcher.models import EventMatcherPolicy
|
|
||||||
from authentik.policies.forms import PolicyForm
|
|
||||||
|
|
||||||
|
|
||||||
class EventMatcherPolicyForm(PolicyForm):
|
|
||||||
"""EventMatcherPolicy Form"""
|
|
||||||
|
|
||||||
class Meta:
|
|
||||||
|
|
||||||
model = EventMatcherPolicy
|
|
||||||
fields = PolicyForm.Meta.fields + [
|
|
||||||
"action",
|
|
||||||
"client_ip",
|
|
||||||
"app",
|
|
||||||
]
|
|
||||||
widgets = {
|
|
||||||
"name": forms.TextInput(),
|
|
||||||
"client_ip": forms.TextInput(),
|
|
||||||
}
|
|
||||||
labels = {"client_ip": _("Client IP")}
|
|
|
@ -1,9 +1,6 @@
|
||||||
"""Event Matcher models"""
|
"""Event Matcher models"""
|
||||||
from typing import Type
|
|
||||||
|
|
||||||
from django.apps import apps
|
from django.apps import apps
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.forms import ModelForm
|
|
||||||
from django.utils.translation import gettext as _
|
from django.utils.translation import gettext as _
|
||||||
from rest_framework.serializers import BaseSerializer
|
from rest_framework.serializers import BaseSerializer
|
||||||
|
|
||||||
|
@ -63,10 +60,8 @@ class EventMatcherPolicy(Policy):
|
||||||
return EventMatcherPolicySerializer
|
return EventMatcherPolicySerializer
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def form(self) -> Type[ModelForm]:
|
def component(self) -> str:
|
||||||
from authentik.policies.event_matcher.forms import EventMatcherPolicyForm
|
return "ak-policy-event-matcher-form"
|
||||||
|
|
||||||
return EventMatcherPolicyForm
|
|
||||||
|
|
||||||
def passes(self, request: PolicyRequest) -> PolicyResult:
|
def passes(self, request: PolicyRequest) -> PolicyResult:
|
||||||
if "event" not in request.context:
|
if "event" not in request.context:
|
||||||
|
|
106
web/src/pages/policies/event_matcher/EventMatcherPolicyForm.ts
Normal file
106
web/src/pages/policies/event_matcher/EventMatcherPolicyForm.ts
Normal file
|
@ -0,0 +1,106 @@
|
||||||
|
import { AdminApi, EventMatcherPolicy, EventsApi, PoliciesApi } from "authentik-api";
|
||||||
|
import { gettext } from "django";
|
||||||
|
import { customElement, property } from "lit-element";
|
||||||
|
import { html, TemplateResult } from "lit-html";
|
||||||
|
import { DEFAULT_CONFIG } from "../../../api/Config";
|
||||||
|
import { Form } from "../../../elements/forms/Form";
|
||||||
|
import { ifDefined } from "lit-html/directives/if-defined";
|
||||||
|
import "../../../elements/forms/HorizontalFormElement";
|
||||||
|
import "../../../elements/forms/FormGroup";
|
||||||
|
import { until } from "lit-html/directives/until";
|
||||||
|
|
||||||
|
@customElement("ak-policy-event-matcher-form")
|
||||||
|
export class EventMatcherPolicyForm extends Form<EventMatcherPolicy> {
|
||||||
|
|
||||||
|
set policyUUID(value: string) {
|
||||||
|
new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherRead({
|
||||||
|
policyUuid: value,
|
||||||
|
}).then(policy => {
|
||||||
|
this.policy = policy;
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
@property({attribute: false})
|
||||||
|
policy?: EventMatcherPolicy;
|
||||||
|
|
||||||
|
getSuccessMessage(): string {
|
||||||
|
if (this.policy) {
|
||||||
|
return gettext("Successfully updated policy.");
|
||||||
|
} else {
|
||||||
|
return gettext("Successfully created policy.");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
send = (data: EventMatcherPolicy): Promise<EventMatcherPolicy> => {
|
||||||
|
if (this.policy) {
|
||||||
|
return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherUpdate({
|
||||||
|
policyUuid: this.policy.pk || "",
|
||||||
|
data: data
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherCreate({
|
||||||
|
data: data
|
||||||
|
});
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
renderForm(): TemplateResult {
|
||||||
|
return html`<form class="pf-c-form pf-m-horizontal">
|
||||||
|
<ak-form-element-horizontal
|
||||||
|
label=${gettext("Name")}
|
||||||
|
?required=${true}
|
||||||
|
name="name">
|
||||||
|
<input type="text" value="${ifDefined(this.policy?.name || "")}" class="pf-c-form-control" required>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
<ak-form-element-horizontal name="executionLogging">
|
||||||
|
<div class="pf-c-check">
|
||||||
|
<input type="checkbox" class="pf-c-check__input" ?checked=${this.policy?.executionLogging || false}>
|
||||||
|
<label class="pf-c-check__label">
|
||||||
|
${gettext("Execution logging")}
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<p class="pf-c-form__helper-text">${gettext("When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.")}</p>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
<ak-form-group .expanded=${true}>
|
||||||
|
<span slot="header">
|
||||||
|
${gettext("Policy-specific settings")}
|
||||||
|
</span>
|
||||||
|
<div slot="body" class="pf-c-form">
|
||||||
|
<ak-form-element-horizontal
|
||||||
|
label=${gettext("Action")}
|
||||||
|
name="action">
|
||||||
|
<select class="pf-c-form-control">
|
||||||
|
<option value="" ?selected=${this.policy?.action === undefined}>---------</option>
|
||||||
|
${until(new EventsApi(DEFAULT_CONFIG).eventsEventsActions().then(actions => {
|
||||||
|
return actions.map(action => {
|
||||||
|
return html`<option value=${action.link} ?selected=${this.policy?.action === action.link}>${action.name}</option>`;
|
||||||
|
});
|
||||||
|
}))}
|
||||||
|
</select>
|
||||||
|
<p class="pf-c-form__helper-text">${gettext("Match created events with this action type. When left empty, all action types will be matched.")}</p>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
<ak-form-element-horizontal
|
||||||
|
label=${gettext("Client IP")}
|
||||||
|
name="clientIp">
|
||||||
|
<input type="text" value="${ifDefined(this.policy?.clientIp || "")}" class="pf-c-form-control">
|
||||||
|
<p class="pf-c-form__helper-text">${gettext("Matches Event's Client IP (strict matching, for network matching use an Expression Policy.")}</p>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
<ak-form-element-horizontal
|
||||||
|
label=${gettext("App")}
|
||||||
|
name="app">
|
||||||
|
<select class="pf-c-form-control">
|
||||||
|
<option value="" ?selected=${this.policy?.app === undefined}>---------</option>
|
||||||
|
${until(new AdminApi(DEFAULT_CONFIG).adminAppsList().then(apps => {
|
||||||
|
return apps.map(app => {
|
||||||
|
return html`<option value=${app.name} ?selected=${this.policy?.app === app.name}>${app.label}</option>`;
|
||||||
|
});
|
||||||
|
}))}
|
||||||
|
</select>
|
||||||
|
<p class="pf-c-form__helper-text">${gettext("Match events created by selected application. When left empty, all applications are matched.")}</p>
|
||||||
|
</ak-form-element-horizontal>
|
||||||
|
</div>
|
||||||
|
</ak-form-group>
|
||||||
|
</form>`;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Reference in a new issue