policies/event_matcher: migrate to web

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-04-02 16:32:03 +02:00
parent 6a3e1da986
commit 415bb4cc88
4 changed files with 108 additions and 48 deletions

View file

@ -2,7 +2,6 @@
from django.test import TestCase from django.test import TestCase
from guardian.shortcuts import get_anonymous_user from guardian.shortcuts import get_anonymous_user
from authentik.policies.dummy.forms import DummyPolicyForm
from authentik.policies.dummy.models import DummyPolicy from authentik.policies.dummy.models import DummyPolicy
from authentik.policies.engine import PolicyRequest from authentik.policies.engine import PolicyRequest
@ -22,18 +21,3 @@ class TestDummyPolicy(TestCase):
result = policy.passes(self.request) result = policy.passes(self.request)
self.assertFalse(result.passing) self.assertFalse(result.passing)
self.assertEqual(result.messages, ("dummy",)) self.assertEqual(result.messages, ("dummy",))
def test_form(self):
"""test form"""
form = DummyPolicyForm(
data={
"name": "dummy",
"negate": False,
"order": 0,
"timeout": 1,
"result": True,
"wait_min": 1,
"wait_max": 2,
}
)
self.assertTrue(form.is_valid())

View file

@ -1,25 +0,0 @@
"""authentik Event Matcher Policy forms"""
from django import forms
from django.utils.translation import gettext_lazy as _
from authentik.policies.event_matcher.models import EventMatcherPolicy
from authentik.policies.forms import PolicyForm
class EventMatcherPolicyForm(PolicyForm):
"""EventMatcherPolicy Form"""
class Meta:
model = EventMatcherPolicy
fields = PolicyForm.Meta.fields + [
"action",
"client_ip",
"app",
]
widgets = {
"name": forms.TextInput(),
"client_ip": forms.TextInput(),
}
labels = {"client_ip": _("Client IP")}

View file

@ -1,9 +1,6 @@
"""Event Matcher models""" """Event Matcher models"""
from typing import Type
from django.apps import apps from django.apps import apps
from django.db import models from django.db import models
from django.forms import ModelForm
from django.utils.translation import gettext as _ from django.utils.translation import gettext as _
from rest_framework.serializers import BaseSerializer from rest_framework.serializers import BaseSerializer
@ -63,10 +60,8 @@ class EventMatcherPolicy(Policy):
return EventMatcherPolicySerializer return EventMatcherPolicySerializer
@property @property
def form(self) -> Type[ModelForm]: def component(self) -> str:
from authentik.policies.event_matcher.forms import EventMatcherPolicyForm return "ak-policy-event-matcher-form"
return EventMatcherPolicyForm
def passes(self, request: PolicyRequest) -> PolicyResult: def passes(self, request: PolicyRequest) -> PolicyResult:
if "event" not in request.context: if "event" not in request.context:

View file

@ -0,0 +1,106 @@
import { AdminApi, EventMatcherPolicy, EventsApi, PoliciesApi } from "authentik-api";
import { gettext } from "django";
import { customElement, property } from "lit-element";
import { html, TemplateResult } from "lit-html";
import { DEFAULT_CONFIG } from "../../../api/Config";
import { Form } from "../../../elements/forms/Form";
import { ifDefined } from "lit-html/directives/if-defined";
import "../../../elements/forms/HorizontalFormElement";
import "../../../elements/forms/FormGroup";
import { until } from "lit-html/directives/until";
@customElement("ak-policy-event-matcher-form")
export class EventMatcherPolicyForm extends Form<EventMatcherPolicy> {
set policyUUID(value: string) {
new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherRead({
policyUuid: value,
}).then(policy => {
this.policy = policy;
});
}
@property({attribute: false})
policy?: EventMatcherPolicy;
getSuccessMessage(): string {
if (this.policy) {
return gettext("Successfully updated policy.");
} else {
return gettext("Successfully created policy.");
}
}
send = (data: EventMatcherPolicy): Promise<EventMatcherPolicy> => {
if (this.policy) {
return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherUpdate({
policyUuid: this.policy.pk || "",
data: data
});
} else {
return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherCreate({
data: data
});
}
};
renderForm(): TemplateResult {
return html`<form class="pf-c-form pf-m-horizontal">
<ak-form-element-horizontal
label=${gettext("Name")}
?required=${true}
name="name">
<input type="text" value="${ifDefined(this.policy?.name || "")}" class="pf-c-form-control" required>
</ak-form-element-horizontal>
<ak-form-element-horizontal name="executionLogging">
<div class="pf-c-check">
<input type="checkbox" class="pf-c-check__input" ?checked=${this.policy?.executionLogging || false}>
<label class="pf-c-check__label">
${gettext("Execution logging")}
</label>
</div>
<p class="pf-c-form__helper-text">${gettext("When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.")}</p>
</ak-form-element-horizontal>
<ak-form-group .expanded=${true}>
<span slot="header">
${gettext("Policy-specific settings")}
</span>
<div slot="body" class="pf-c-form">
<ak-form-element-horizontal
label=${gettext("Action")}
name="action">
<select class="pf-c-form-control">
<option value="" ?selected=${this.policy?.action === undefined}>---------</option>
${until(new EventsApi(DEFAULT_CONFIG).eventsEventsActions().then(actions => {
return actions.map(action => {
return html`<option value=${action.link} ?selected=${this.policy?.action === action.link}>${action.name}</option>`;
});
}))}
</select>
<p class="pf-c-form__helper-text">${gettext("Match created events with this action type. When left empty, all action types will be matched.")}</p>
</ak-form-element-horizontal>
<ak-form-element-horizontal
label=${gettext("Client IP")}
name="clientIp">
<input type="text" value="${ifDefined(this.policy?.clientIp || "")}" class="pf-c-form-control">
<p class="pf-c-form__helper-text">${gettext("Matches Event's Client IP (strict matching, for network matching use an Expression Policy.")}</p>
</ak-form-element-horizontal>
<ak-form-element-horizontal
label=${gettext("App")}
name="app">
<select class="pf-c-form-control">
<option value="" ?selected=${this.policy?.app === undefined}>---------</option>
${until(new AdminApi(DEFAULT_CONFIG).adminAppsList().then(apps => {
return apps.map(app => {
return html`<option value=${app.name} ?selected=${this.policy?.app === app.name}>${app.label}</option>`;
});
}))}
</select>
<p class="pf-c-form__helper-text">${gettext("Match events created by selected application. When left empty, all applications are matched.")}</p>
</ak-form-element-horizontal>
</div>
</ak-form-group>
</form>`;
}
}