policies/reputation: require either check to be enabled (#6764)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
e373bae189
commit
8c3f578187
|
@ -1,5 +1,7 @@
|
||||||
"""Reputation policy API Views"""
|
"""Reputation policy API Views"""
|
||||||
|
from django.utils.translation import gettext_lazy as _
|
||||||
from rest_framework import mixins
|
from rest_framework import mixins
|
||||||
|
from rest_framework.exceptions import ValidationError
|
||||||
from rest_framework.serializers import ModelSerializer
|
from rest_framework.serializers import ModelSerializer
|
||||||
from rest_framework.viewsets import GenericViewSet, ModelViewSet
|
from rest_framework.viewsets import GenericViewSet, ModelViewSet
|
||||||
|
|
||||||
|
@ -11,6 +13,11 @@ from authentik.policies.reputation.models import Reputation, ReputationPolicy
|
||||||
class ReputationPolicySerializer(PolicySerializer):
|
class ReputationPolicySerializer(PolicySerializer):
|
||||||
"""Reputation Policy Serializer"""
|
"""Reputation Policy Serializer"""
|
||||||
|
|
||||||
|
def validate(self, attrs: dict) -> dict:
|
||||||
|
if not attrs.get("check_ip", False) and not attrs.get("check_username", False):
|
||||||
|
raise ValidationError(_("Either IP or Username must be checked"))
|
||||||
|
return super().validate(attrs)
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
model = ReputationPolicy
|
model = ReputationPolicy
|
||||||
fields = PolicySerializer.Meta.fields + [
|
fields = PolicySerializer.Meta.fields + [
|
||||||
|
|
|
@ -3,6 +3,8 @@ from django.core.cache import cache
|
||||||
from django.test import RequestFactory, TestCase
|
from django.test import RequestFactory, TestCase
|
||||||
|
|
||||||
from authentik.core.models import User
|
from authentik.core.models import User
|
||||||
|
from authentik.lib.generators import generate_id
|
||||||
|
from authentik.policies.reputation.api import ReputationPolicySerializer
|
||||||
from authentik.policies.reputation.models import CACHE_KEY_PREFIX, Reputation, ReputationPolicy
|
from authentik.policies.reputation.models import CACHE_KEY_PREFIX, Reputation, ReputationPolicy
|
||||||
from authentik.policies.reputation.tasks import save_reputation
|
from authentik.policies.reputation.tasks import save_reputation
|
||||||
from authentik.policies.types import PolicyRequest
|
from authentik.policies.types import PolicyRequest
|
||||||
|
@ -61,3 +63,8 @@ class TestReputationPolicy(TestCase):
|
||||||
name="reputation-test", threshold=0
|
name="reputation-test", threshold=0
|
||||||
)
|
)
|
||||||
self.assertTrue(policy.passes(request).passing)
|
self.assertTrue(policy.passes(request).passing)
|
||||||
|
|
||||||
|
def test_api(self):
|
||||||
|
"""Test API Validation"""
|
||||||
|
no_toggle = ReputationPolicySerializer(data={"name": generate_id(), "threshold": -5})
|
||||||
|
self.assertFalse(no_toggle.is_valid())
|
||||||
|
|
|
@ -93,7 +93,7 @@ doesn't pass when either or both of the selected options are equal or above the
|
||||||
<input
|
<input
|
||||||
class="pf-c-switch__input"
|
class="pf-c-switch__input"
|
||||||
type="checkbox"
|
type="checkbox"
|
||||||
?checked=${first(this.instance?.checkIp, false)}
|
?checked=${first(this.instance?.checkIp, true)}
|
||||||
/>
|
/>
|
||||||
<span class="pf-c-switch__toggle">
|
<span class="pf-c-switch__toggle">
|
||||||
<span class="pf-c-switch__toggle-icon">
|
<span class="pf-c-switch__toggle-icon">
|
||||||
|
|
Reference in a new issue