events: rename token_view to secret_view

This commit is contained in:
Jens Langhammer 2021-02-09 18:18:36 +01:00
parent f8bcdb26b3
commit 71c9108f89
6 changed files with 137 additions and 9 deletions

View file

@ -1,9 +1,12 @@
"""Tokens API Viewset"""
from django.db.models.base import Model
from django.http.response import Http404
from drf_yasg2.utils import swagger_auto_schema
from rest_framework.decorators import action
from rest_framework.fields import CharField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer
from rest_framework.serializers import ModelSerializer, Serializer
from rest_framework.viewsets import ModelViewSet
from authentik.core.models import Token
@ -19,6 +22,18 @@ class TokenSerializer(ModelSerializer):
fields = ["pk", "identifier", "intent", "user", "description"]
class TokenViewSerializer(Serializer):
"""Show token's current key"""
key = CharField(read_only=True)
def create(self, validated_data: dict) -> Model:
raise NotImplementedError
def update(self, instance: Model, validated_data: dict) -> Model:
raise NotImplementedError
class TokenViewSet(ModelViewSet):
"""Token Viewset"""
@ -26,6 +41,7 @@ class TokenViewSet(ModelViewSet):
queryset = Token.filter_not_expired()
serializer_class = TokenSerializer
@swagger_auto_schema(responses={200: TokenViewSerializer(many=False)})
@action(detail=True)
def view_key(self, request: Request, identifier: str) -> Response:
"""Return token key and log access"""
@ -33,5 +49,5 @@ class TokenViewSet(ModelViewSet):
if not tokens.exists():
raise Http404
token = tokens.first()
Event.new(EventAction.TOKEN_VIEW, token=token).from_http(request)
return Response({"key": token.key})
Event.new(EventAction.SECRET_VIEW, token=token).from_http(request)
return Response(TokenViewSerializer({"key": token.key}).data)

View file

@ -0,0 +1,57 @@
# Generated by Django 3.1.6 on 2021-02-09 16:57
from django.apps.registry import Apps
from django.db import migrations, models
from django.db.backends.base.schema import BaseDatabaseSchemaEditor
def token_view_to_secret_view(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
from authentik.events.models import EventAction
db_alias = schema_editor.connection.alias
Event = apps.get_model("authentik_events", "Event")
Event.objects.using(db_alias).filter(action="token_view").update(
action=EventAction.SECRET_VIEW
)
class Migration(migrations.Migration):
dependencies = [
("authentik_events", "0012_auto_20210202_1821"),
]
operations = [
migrations.AlterField(
model_name="event",
name="action",
field=models.TextField(
choices=[
("login", "Login"),
("login_failed", "Login Failed"),
("logout", "Logout"),
("user_write", "User Write"),
("suspicious_request", "Suspicious Request"),
("password_set", "Password Set"),
("secret_view", "Secret View"),
("invitation_used", "Invite Used"),
("authorize_application", "Authorize Application"),
("source_linked", "Source Linked"),
("impersonation_started", "Impersonation Started"),
("impersonation_ended", "Impersonation Ended"),
("policy_execution", "Policy Execution"),
("policy_exception", "Policy Exception"),
("property_mapping_exception", "Property Mapping Exception"),
("system_task_execution", "System Task Execution"),
("system_task_exception", "System Task Exception"),
("configuration_error", "Configuration Error"),
("model_created", "Model Created"),
("model_updated", "Model Updated"),
("model_deleted", "Model Deleted"),
("update_available", "Update Available"),
("custom_", "Custom Prefix"),
]
),
),
migrations.RunPython(token_view_to_secret_view),
]

View file

@ -42,7 +42,7 @@ class EventAction(models.TextChoices):
SUSPICIOUS_REQUEST = "suspicious_request"
PASSWORD_SET = "password_set" # noqa # nosec
TOKEN_VIEW = "token_view" # nosec
SECRET_VIEW = "secret_view" # noqa # nosec
INVITE_USED = "invitation_used"

View file

@ -0,0 +1,46 @@
# Generated by Django 3.1.6 on 2021-02-09 16:57
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
("authentik_policies_event_matcher", "0006_auto_20210203_1134"),
]
operations = [
migrations.AlterField(
model_name="eventmatcherpolicy",
name="action",
field=models.TextField(
blank=True,
choices=[
("login", "Login"),
("login_failed", "Login Failed"),
("logout", "Logout"),
("user_write", "User Write"),
("suspicious_request", "Suspicious Request"),
("password_set", "Password Set"),
("secret_view", "Secret View"),
("invitation_used", "Invite Used"),
("authorize_application", "Authorize Application"),
("source_linked", "Source Linked"),
("impersonation_started", "Impersonation Started"),
("impersonation_ended", "Impersonation Ended"),
("policy_execution", "Policy Execution"),
("policy_exception", "Policy Exception"),
("property_mapping_exception", "Property Mapping Exception"),
("system_task_execution", "System Task Execution"),
("system_task_exception", "System Task Exception"),
("configuration_error", "Configuration Error"),
("model_created", "Model Created"),
("model_updated", "Model Updated"),
("model_deleted", "Model Deleted"),
("update_available", "Update Available"),
("custom_", "Custom Prefix"),
],
help_text="Match created events with this action type. When left empty, all action types will be matched.",
),
),
]

View file

@ -565,9 +565,9 @@ paths:
parameters: []
responses:
'200':
description: ''
description: Show token's current key
schema:
$ref: '#/definitions/Token'
$ref: '#/definitions/TokenView'
tags:
- core
parameters:
@ -7713,6 +7713,15 @@ definitions:
description:
title: Description
type: string
TokenView:
description: Show token's current key
type: object
properties:
key:
title: Key
type: string
readOnly: true
minLength: 1
User:
description: User Serializer
required:
@ -7801,7 +7810,7 @@ definitions:
- user_write
- suspicious_request
- password_set
- token_view
- secret_view
- invitation_used
- authorize_application
- source_linked
@ -8572,7 +8581,7 @@ definitions:
- user_write
- suspicious_request
- password_set
- token_view
- secret_view
- invitation_used
- authorize_application
- source_linked

View file

@ -89,7 +89,7 @@ export class EventInfo extends LitElement {
return html`
<h3>${gettext(`Attempted to log in as ${this.event.context.username}`)}</h3>
<ak-expand>${this.defaultResponse()}</ak-expand>`;
case "token_view":
case "secret_view":
return html`
<h3>${gettext("Token:")}</h3>
${this.getModelInfo(this.event.context.token as EventContext)}`;