switch to PolicyEngine everywhere
This commit is contained in:
parent
2ce6f5a714
commit
5584f5bda8
|
@ -8,6 +8,7 @@ from django.utils.http import urlencode
|
|||
from django.views.generic import View
|
||||
|
||||
from passbook.core.models import Factor, User
|
||||
from passbook.core.policies import PolicyEngine
|
||||
from passbook.core.views.utils import PermissionDeniedView
|
||||
from passbook.lib.utils.reflection import class_to_path, path_to_class
|
||||
from passbook.lib.utils.urls import is_url_absolute
|
||||
|
@ -63,7 +64,9 @@ class AuthenticationView(UserPassesTestMixin, View):
|
|||
_all_factors = Factor.objects.filter(enabled=True).order_by('order').select_subclasses()
|
||||
self.pending_factors = []
|
||||
for factor in _all_factors:
|
||||
if factor.passes(self.pending_user):
|
||||
policy_engine = PolicyEngine(factor.policies.all())
|
||||
policy_engine.for_user(self.pending_user)
|
||||
if policy_engine.result[0]:
|
||||
self.pending_factors.append((factor.uuid.hex, factor.type))
|
||||
# Read and instantiate factor from session
|
||||
factor_uuid, factor_class = None, None
|
||||
|
|
|
@ -73,14 +73,6 @@ class PolicyModel(UUIDModel, CreatedUpdatedModel):
|
|||
|
||||
policies = models.ManyToManyField('Policy', blank=True)
|
||||
|
||||
def passes(self, user: User) -> Union[bool, Tuple[bool, str]]:
|
||||
"""Return False, str if a user fails where str is a
|
||||
reasons shown to the user. Return True if user succeeds."""
|
||||
for policy in self.policies.all():
|
||||
if not policy.passes(user):
|
||||
return False
|
||||
return True
|
||||
|
||||
class Factor(PolicyModel):
|
||||
"""Authentication factor, multiple instances of the same Factor can be used"""
|
||||
|
||||
|
|
|
@ -19,9 +19,8 @@ def password_policy_checker(sender, password, **kwargs):
|
|||
setattr(sender, '__password__', password)
|
||||
_all_factors = PasswordFactor.objects.filter(enabled=True).order_by('order')
|
||||
for factor in _all_factors:
|
||||
if factor.passes(sender):
|
||||
policy_engine = PolicyEngine(factor.password_policies.all().select_subclasses())
|
||||
policy_engine.for_user(sender)
|
||||
passing, messages = policy_engine.result
|
||||
if not passing:
|
||||
raise PasswordPolicyInvalid(*messages)
|
||||
policy_engine = PolicyEngine(factor.password_policies.all().select_subclasses())
|
||||
policy_engine.for_user(sender)
|
||||
passing, messages = policy_engine.result
|
||||
if not passing:
|
||||
raise PasswordPolicyInvalid(*messages)
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
from django import template
|
||||
|
||||
from passbook.core.models import Factor
|
||||
from passbook.core.policies import PolicyEngine
|
||||
|
||||
register = template.Library()
|
||||
|
||||
|
@ -14,6 +15,8 @@ def user_factors(context):
|
|||
matching_factors = []
|
||||
for factor in _all_factors:
|
||||
_link = factor.has_user_settings()
|
||||
if factor.passes(user) and _link:
|
||||
policy_engine = PolicyEngine(factor.policies.all())
|
||||
policy_engine.for_user(user)
|
||||
if policy_engine.result[0] and _link:
|
||||
matching_factors.append(_link)
|
||||
return matching_factors
|
||||
|
|
Reference in a new issue