policies/expression: expose python requests via expression, remove webhook policy
This commit is contained in:
parent
023423c6e7
commit
b907105f4a
|
@ -24,7 +24,6 @@ from passbook.policies.expression.api import ExpressionPolicyViewSet
|
|||
from passbook.policies.hibp.api import HaveIBeenPwendPolicyViewSet
|
||||
from passbook.policies.password.api import PasswordPolicyViewSet
|
||||
from passbook.policies.reputation.api import ReputationPolicyViewSet
|
||||
from passbook.policies.webhook.api import WebhookPolicyViewSet
|
||||
from passbook.providers.app_gw.api import ApplicationGatewayProviderViewSet
|
||||
from passbook.providers.oauth.api import OAuth2ProviderViewSet
|
||||
from passbook.providers.oidc.api import OpenIDProviderViewSet
|
||||
|
@ -69,7 +68,6 @@ router.register("policies/haveibeenpwned", HaveIBeenPwendPolicyViewSet)
|
|||
router.register("policies/password", PasswordPolicyViewSet)
|
||||
router.register("policies/passwordexpiry", PasswordExpiryPolicyViewSet)
|
||||
router.register("policies/reputation", ReputationPolicyViewSet)
|
||||
router.register("policies/webhook", WebhookPolicyViewSet)
|
||||
|
||||
router.register("providers/all", ProviderViewSet)
|
||||
router.register("providers/applicationgateway", ApplicationGatewayProviderViewSet)
|
||||
|
|
|
@ -6,6 +6,7 @@ from django.core.exceptions import ValidationError
|
|||
from jinja2 import Undefined
|
||||
from jinja2.exceptions import TemplateSyntaxError, UndefinedError
|
||||
from jinja2.nativetypes import NativeEnvironment
|
||||
from requests import Session
|
||||
from structlog import get_logger
|
||||
|
||||
from passbook.flows.planner import PLAN_CONTEXT_SSO
|
||||
|
@ -46,11 +47,6 @@ class Evaluator:
|
|||
"""Check if `user` is member of group with name `group_name`"""
|
||||
return user.groups.filter(name=group_name).exists()
|
||||
|
||||
@staticmethod
|
||||
def jinja2_log(message, **kwargs):
|
||||
"""Output debug log to console"""
|
||||
return LOGGER.debug("Expression log", _m=message, **kwargs)
|
||||
|
||||
def _get_expression_context(
|
||||
self, request: PolicyRequest, **kwargs
|
||||
) -> Dict[str, Any]:
|
||||
|
@ -58,8 +54,8 @@ class Evaluator:
|
|||
# update passbook/policies/expression/templates/policy/expression/form.html
|
||||
# update docs/policies/expression/index.md
|
||||
kwargs["pb_is_group_member"] = Evaluator.jinja2_func_is_group_member
|
||||
kwargs["pb_log"] = Evaluator.jinja2_log
|
||||
kwargs["pb_logger"] = get_logger()
|
||||
kwargs["requests"] = Session()
|
||||
if request.http_request:
|
||||
kwargs["pb_is_sso_flow"] = request.http_request.session.get(
|
||||
PLAN_CONTEXT_SSO, False
|
||||
|
|
|
@ -1,28 +0,0 @@
|
|||
"""Source API Views"""
|
||||
from rest_framework.serializers import ModelSerializer
|
||||
from rest_framework.viewsets import ModelViewSet
|
||||
|
||||
from passbook.policies.forms import GENERAL_SERIALIZER_FIELDS
|
||||
from passbook.policies.webhook.models import WebhookPolicy
|
||||
|
||||
|
||||
class WebhookPolicySerializer(ModelSerializer):
|
||||
"""Webhook Policy Serializer"""
|
||||
|
||||
class Meta:
|
||||
model = WebhookPolicy
|
||||
fields = GENERAL_SERIALIZER_FIELDS + [
|
||||
"url",
|
||||
"method",
|
||||
"json_body",
|
||||
"json_headers",
|
||||
"result_jsonpath",
|
||||
"result_json_value",
|
||||
]
|
||||
|
||||
|
||||
class WebhookPolicyViewSet(ModelViewSet):
|
||||
"""Source Viewset"""
|
||||
|
||||
queryset = WebhookPolicy.objects.all()
|
||||
serializer_class = WebhookPolicySerializer
|
|
@ -1,11 +0,0 @@
|
|||
"""passbook Webhook policy app config"""
|
||||
|
||||
from django.apps import AppConfig
|
||||
|
||||
|
||||
class PassbookPoliciesWebhookConfig(AppConfig):
|
||||
"""passbook Webhook policy app config"""
|
||||
|
||||
name = "passbook.policies.webhook"
|
||||
label = "passbook_policies_webhook"
|
||||
verbose_name = "passbook Policies.Webhook"
|
|
@ -1,29 +0,0 @@
|
|||
"""passbook Policy forms"""
|
||||
|
||||
from django import forms
|
||||
|
||||
from passbook.policies.forms import GENERAL_FIELDS
|
||||
from passbook.policies.webhook.models import WebhookPolicy
|
||||
|
||||
|
||||
class WebhookPolicyForm(forms.ModelForm):
|
||||
"""WebhookPolicyForm Form"""
|
||||
|
||||
class Meta:
|
||||
|
||||
model = WebhookPolicy
|
||||
fields = GENERAL_FIELDS + [
|
||||
"url",
|
||||
"method",
|
||||
"json_body",
|
||||
"json_headers",
|
||||
"result_jsonpath",
|
||||
"result_json_value",
|
||||
]
|
||||
widgets = {
|
||||
"name": forms.TextInput(),
|
||||
"json_body": forms.TextInput(),
|
||||
"json_headers": forms.TextInput(),
|
||||
"result_jsonpath": forms.TextInput(),
|
||||
"result_json_value": forms.TextInput(),
|
||||
}
|
|
@ -1,55 +0,0 @@
|
|||
# Generated by Django 2.2.6 on 2019-10-07 14:07
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
("passbook_core", "0001_initial"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name="WebhookPolicy",
|
||||
fields=[
|
||||
(
|
||||
"policy_ptr",
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to="passbook_core.Policy",
|
||||
),
|
||||
),
|
||||
("url", models.URLField()),
|
||||
(
|
||||
"method",
|
||||
models.CharField(
|
||||
choices=[
|
||||
("GET", "GET"),
|
||||
("POST", "POST"),
|
||||
("PATCH", "PATCH"),
|
||||
("DELETE", "DELETE"),
|
||||
("PUT", "PUT"),
|
||||
],
|
||||
max_length=10,
|
||||
),
|
||||
),
|
||||
("json_body", models.TextField()),
|
||||
("json_headers", models.TextField()),
|
||||
("result_jsonpath", models.TextField()),
|
||||
("result_json_value", models.TextField()),
|
||||
],
|
||||
options={
|
||||
"verbose_name": "Webhook Policy",
|
||||
"verbose_name_plural": "Webhook Policies",
|
||||
},
|
||||
bases=("passbook_core.policy",),
|
||||
),
|
||||
]
|
|
@ -1,42 +0,0 @@
|
|||
"""webhook models"""
|
||||
from django.db import models
|
||||
from django.utils.translation import gettext as _
|
||||
|
||||
from passbook.core.models import Policy
|
||||
from passbook.policies.types import PolicyRequest, PolicyResult
|
||||
|
||||
|
||||
class WebhookPolicy(Policy):
|
||||
"""Policy that asks webhook"""
|
||||
|
||||
METHOD_GET = "GET"
|
||||
METHOD_POST = "POST"
|
||||
METHOD_PATCH = "PATCH"
|
||||
METHOD_DELETE = "DELETE"
|
||||
METHOD_PUT = "PUT"
|
||||
|
||||
METHODS = (
|
||||
(METHOD_GET, METHOD_GET),
|
||||
(METHOD_POST, METHOD_POST),
|
||||
(METHOD_PATCH, METHOD_PATCH),
|
||||
(METHOD_DELETE, METHOD_DELETE),
|
||||
(METHOD_PUT, METHOD_PUT),
|
||||
)
|
||||
|
||||
url = models.URLField()
|
||||
method = models.CharField(max_length=10, choices=METHODS)
|
||||
json_body = models.TextField()
|
||||
json_headers = models.TextField()
|
||||
result_jsonpath = models.TextField()
|
||||
result_json_value = models.TextField()
|
||||
|
||||
form = "passbook.policies.webhook.forms.WebhookPolicyForm"
|
||||
|
||||
def passes(self, request: PolicyRequest) -> PolicyResult:
|
||||
"""Call webhook asynchronously and report back"""
|
||||
raise NotImplementedError()
|
||||
|
||||
class Meta:
|
||||
|
||||
verbose_name = _("Webhook Policy")
|
||||
verbose_name_plural = _("Webhook Policies")
|
|
@ -89,7 +89,6 @@ INSTALLED_APPS = [
|
|||
"passbook.policies.hibp.apps.PassbookPolicyHIBPConfig",
|
||||
"passbook.policies.password.apps.PassbookPoliciesPasswordConfig",
|
||||
"passbook.policies.reputation.apps.PassbookPolicyReputationConfig",
|
||||
"passbook.policies.webhook.apps.PassbookPoliciesWebhookConfig",
|
||||
"passbook.providers.app_gw.apps.PassbookApplicationApplicationGatewayConfig",
|
||||
"passbook.providers.oauth.apps.PassbookProviderOAuthConfig",
|
||||
"passbook.providers.oidc.apps.PassbookProviderOIDCConfig",
|
||||
|
|
190
swagger.yaml
190
swagger.yaml
|
@ -1710,133 +1710,6 @@ paths:
|
|||
required: true
|
||||
type: string
|
||||
format: uuid
|
||||
/policies/webhook/:
|
||||
get:
|
||||
operationId: policies_webhook_list
|
||||
description: Source Viewset
|
||||
parameters:
|
||||
- name: ordering
|
||||
in: query
|
||||
description: Which field to use when ordering the results.
|
||||
required: false
|
||||
type: string
|
||||
- name: search
|
||||
in: query
|
||||
description: A search term.
|
||||
required: false
|
||||
type: string
|
||||
- name: limit
|
||||
in: query
|
||||
description: Number of results to return per page.
|
||||
required: false
|
||||
type: integer
|
||||
- name: offset
|
||||
in: query
|
||||
description: The initial index from which to return the results.
|
||||
required: false
|
||||
type: integer
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
required:
|
||||
- count
|
||||
- results
|
||||
type: object
|
||||
properties:
|
||||
count:
|
||||
type: integer
|
||||
next:
|
||||
type: string
|
||||
format: uri
|
||||
x-nullable: true
|
||||
previous:
|
||||
type: string
|
||||
format: uri
|
||||
x-nullable: true
|
||||
results:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
tags:
|
||||
- policies
|
||||
post:
|
||||
operationId: policies_webhook_create
|
||||
description: Source Viewset
|
||||
parameters:
|
||||
- name: data
|
||||
in: body
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
responses:
|
||||
'201':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
tags:
|
||||
- policies
|
||||
parameters: []
|
||||
/policies/webhook/{uuid}/:
|
||||
get:
|
||||
operationId: policies_webhook_read
|
||||
description: Source Viewset
|
||||
parameters: []
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
tags:
|
||||
- policies
|
||||
put:
|
||||
operationId: policies_webhook_update
|
||||
description: Source Viewset
|
||||
parameters:
|
||||
- name: data
|
||||
in: body
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
tags:
|
||||
- policies
|
||||
patch:
|
||||
operationId: policies_webhook_partial_update
|
||||
description: Source Viewset
|
||||
parameters:
|
||||
- name: data
|
||||
in: body
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
responses:
|
||||
'200':
|
||||
description: ''
|
||||
schema:
|
||||
$ref: '#/definitions/WebhookPolicy'
|
||||
tags:
|
||||
- policies
|
||||
delete:
|
||||
operationId: policies_webhook_delete
|
||||
description: Source Viewset
|
||||
parameters: []
|
||||
responses:
|
||||
'204':
|
||||
description: ''
|
||||
tags:
|
||||
- policies
|
||||
parameters:
|
||||
- name: uuid
|
||||
in: path
|
||||
description: A UUID string identifying this Webhook Policy.
|
||||
required: true
|
||||
type: string
|
||||
format: uuid
|
||||
/propertymappings/all/:
|
||||
get:
|
||||
operationId: propertymappings_all_list
|
||||
|
@ -5422,69 +5295,6 @@ definitions:
|
|||
type: integer
|
||||
maximum: 2147483647
|
||||
minimum: -2147483648
|
||||
WebhookPolicy:
|
||||
required:
|
||||
- url
|
||||
- method
|
||||
- json_body
|
||||
- json_headers
|
||||
- result_jsonpath
|
||||
- result_json_value
|
||||
type: object
|
||||
properties:
|
||||
pk:
|
||||
title: Uuid
|
||||
type: string
|
||||
format: uuid
|
||||
readOnly: true
|
||||
name:
|
||||
title: Name
|
||||
type: string
|
||||
x-nullable: true
|
||||
negate:
|
||||
title: Negate
|
||||
type: boolean
|
||||
order:
|
||||
title: Order
|
||||
type: integer
|
||||
maximum: 2147483647
|
||||
minimum: -2147483648
|
||||
timeout:
|
||||
title: Timeout
|
||||
type: integer
|
||||
maximum: 2147483647
|
||||
minimum: -2147483648
|
||||
url:
|
||||
title: Url
|
||||
type: string
|
||||
format: uri
|
||||
maxLength: 200
|
||||
minLength: 1
|
||||
method:
|
||||
title: Method
|
||||
type: string
|
||||
enum:
|
||||
- GET
|
||||
- POST
|
||||
- PATCH
|
||||
- DELETE
|
||||
- PUT
|
||||
json_body:
|
||||
title: Json body
|
||||
type: string
|
||||
minLength: 1
|
||||
json_headers:
|
||||
title: Json headers
|
||||
type: string
|
||||
minLength: 1
|
||||
result_jsonpath:
|
||||
title: Result jsonpath
|
||||
type: string
|
||||
minLength: 1
|
||||
result_json_value:
|
||||
title: Result json value
|
||||
type: string
|
||||
minLength: 1
|
||||
PropertyMapping:
|
||||
required:
|
||||
- name
|
||||
|
|
Reference in a new issue