core: overwrite user on token creation

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-03-30 22:46:19 +02:00
parent 7a583cb7e6
commit 64fa04306c
7 changed files with 5 additions and 102 deletions

View file

@ -1,5 +0,0 @@
{% load static %}
{% load i18n %}
{% block content %}
{% endblock %}

View file

@ -1,5 +1,3 @@
{% extends container_template|default:"administration/base.html" %}
{% load i18n %}
{% load authentik_utils %}
{% load static %}

View file

@ -18,7 +18,7 @@ from authentik.events.models import Event, EventAction
class TokenSerializer(ModelSerializer):
"""Token Serializer"""
user = UserSerializer()
user = UserSerializer(required=False)
class Meta:
@ -61,6 +61,9 @@ class TokenViewSet(ModelViewSet):
]
ordering = ["expires"]
def perform_create(self, serializer: TokenSerializer):
serializer.save(user=self.request.user)
@permission_required("authentik_core.view_token_key")
@swagger_auto_schema(responses={200: TokenViewSerializer(many=False)})
@action(detail=True)

View file

@ -1,22 +0,0 @@
"""Core user token form"""
from django import forms
from authentik.core.models import Token
class UserTokenForm(forms.ModelForm):
"""Token form, for tokens created by endusers"""
class Meta:
model = Token
fields = [
"identifier",
"expires",
"expiring",
"description",
]
widgets = {
"identifier": forms.TextInput(),
"description": forms.TextInput(),
}

View file

@ -5,7 +5,7 @@ from django.views.decorators.csrf import ensure_csrf_cookie
from django.views.generic import RedirectView
from django.views.generic.base import TemplateView
from authentik.core.views import impersonate, user
from authentik.core.views import impersonate
urlpatterns = [
path(
@ -13,17 +13,6 @@ urlpatterns = [
login_required(RedirectView.as_view(pattern_name="authentik_core:if-admin")),
name="root-redirect",
),
# User views
path(
"-/user/tokens/create/",
user.TokenCreateView.as_view(),
name="user-tokens-create",
),
path(
"-/user/tokens/<slug:identifier>/update/",
user.TokenUpdateView.as_view(),
name="user-tokens-update",
),
# Impersonation
path(
"-/impersonation/<int:user_id>/",

View file

@ -1,60 +0,0 @@
"""authentik core user views"""
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.mixins import (
PermissionRequiredMixin as DjangoPermissionRequiredMixin,
)
from django.contrib.messages.views import SuccessMessageMixin
from django.http.response import HttpResponse
from django.utils.translation import gettext as _
from django.views.generic import UpdateView
from guardian.mixins import PermissionRequiredMixin
from guardian.shortcuts import get_objects_for_user
from authentik.core.forms.token import UserTokenForm
from authentik.core.models import Token, TokenIntents
from authentik.lib.views import CreateAssignPermView
class TokenCreateView(
SuccessMessageMixin,
LoginRequiredMixin,
DjangoPermissionRequiredMixin,
CreateAssignPermView,
):
"""Create new Token"""
model = Token
form_class = UserTokenForm
permission_required = "authentik_core.add_token"
template_name = "generic/create.html"
success_url = "/"
success_message = _("Successfully created Token")
def form_valid(self, form: UserTokenForm) -> HttpResponse:
form.instance.user = self.request.user
form.instance.intent = TokenIntents.INTENT_API
return super().form_valid(form)
class TokenUpdateView(
SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, UpdateView
):
"""Update token"""
model = Token
form_class = UserTokenForm
permission_required = "authentik_core.change_token"
template_name = "generic/update.html"
success_url = "/"
success_message = _("Successfully updated Token")
def get_object(self) -> Token:
identifier = self.kwargs.get("identifier")
return (
get_objects_for_user(
self.request.user, self.permission_required, self.model
)
.filter(intent=TokenIntents.INTENT_API, identifier=identifier)
.first()
)