crypto: make name field unique to prevent double certs (#5406)

* crypto: make name field unique to prevent double certs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-04-28 14:35:59 +03:00 · 2023-04-28 14:35:59 +03:00 · 967a38b7ac
parent 9d1ad104ec
commit 967a38b7ac
5 changed files with 46 additions and 4 deletions
--- a/authentik/blueprints/migrations/0003_alter_blueprintinstance_name.py
+++ b/authentik/blueprints/migrations/0003_alter_blueprintinstance_name.py
@ -0,0 +1,20 @@
+# Generated by Django 4.1.7 on 2023-04-28 10:49
+
+from django.db import migrations, models
+
+from authentik.lib.migrations import fallback_names
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentik_blueprints", "0002_blueprintinstance_content"),
+    ]
+
+    operations = [
+        migrations.RunPython(fallback_names("authentik_blueprints", "blueprintinstance", "name")),
+        migrations.AlterField(
+            model_name="blueprintinstance",
+            name="name",
+            field=models.TextField(unique=True),
+        ),
+    ]
--- a/authentik/blueprints/models.py
+++ b/authentik/blueprints/models.py
@ -57,7 +57,7 @@ class BlueprintInstance(SerializerModel, ManagedModel, CreatedUpdatedModel):

    instance_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4)

-    name = models.TextField()
+    name = models.TextField(unique=True)
    metadata = models.JSONField(default=dict)
    path = models.TextField(default="", blank=True)
    content = models.TextField(default="", blank=True)
--- a/authentik/crypto/migrations/0004_alter_certificatekeypair_name.py
+++ b/authentik/crypto/migrations/0004_alter_certificatekeypair_name.py
@ -0,0 +1,20 @@
+# Generated by Django 4.1.7 on 2023-04-28 10:49
+
+from django.db import migrations, models
+
+from authentik.lib.migrations import fallback_names
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentik_crypto", "0003_certificatekeypair_managed"),
+    ]
+
+    operations = [
+        migrations.RunPython(fallback_names("authentik_crypto", "certificatekeypair", "name")),
+        migrations.AlterField(
+            model_name="certificatekeypair",
+            name="name",
+            field=models.TextField(unique=True),
+        ),
+    ]
--- a/authentik/crypto/models.py
+++ b/authentik/crypto/models.py
@ -26,7 +26,7 @@ class CertificateKeyPair(SerializerModel, ManagedModel, CreatedUpdatedModel):

    kp_uuid = models.UUIDField(primary_key=True, editable=False, default=uuid4)

-    name = models.TextField()
+    name = models.TextField(unique=True)
    certificate_data = models.TextField(help_text=_("PEM-encoded Certificate data"))
    key_data = models.TextField(
        help_text=_(
--- a/authentik/crypto/tests.py
+++ b/authentik/crypto/tests.py
@ -37,20 +37,22 @@ class TestCrypto(APITestCase):
        keypair = create_test_cert()
        self.assertTrue(
            CertificateKeyPairSerializer(
+                instance=keypair,
                data={
                    "name": keypair.name,
                    "certificate_data": keypair.certificate_data,
                    "key_data": keypair.key_data,
-                }
+                },
            ).is_valid()
        )
        self.assertFalse(
            CertificateKeyPairSerializer(
+                instance=keypair,
                data={
                    "name": keypair.name,
                    "certificate_data": "test",
                    "key_data": "test",
-                }
+                },
            ).is_valid()
        )