trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stages/prompt: use policyenginemode all 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-12-09 09:39:37 +01:00
parent 6209714f87
commit db316b59c5
3 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
authentik/stages/prompt/stage.py
View File

@ -18,7 +18,7 @@ from authentik.flows.challenge import Challenge, ChallengeResponse, ChallengeTyp
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlan
from authentik.flows.stage import ChallengeStageView
from authentik.policies.engine import PolicyEngine
from authentik.policies.models import PolicyBinding, PolicyBindingModel
from authentik.policies.models import PolicyBinding, PolicyBindingModel, PolicyEngineMode
from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage
from authentik.stages.prompt.signals import password_validate
@ -110,6 +110,7 @@ class PromptChallengeResponse(ChallengeResponse):
user = self.plan.context.get(PLAN_CONTEXT_PENDING_USER, get_anonymous_user())
engine = ListPolicyEngine(self.stage.validation_policies.all(), user, self.request)
engine.mode = PolicyEngineMode.MODE_ALL
engine.request.context[PLAN_CONTEXT_PROMPT] = attrs
engine.request.context.update(attrs)
engine.build()

2
website/docs/flow/stages/prompt/index.md
View File

@ -60,3 +60,5 @@ return False
This policy expects you to have two password fields with `field_key` set to `password` and `password_repeat`.
Afterwards, bind this policy to the prompt stage you want to validate.
Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.

6
website/docs/releases/v2021.12.md
View File

@ -3,10 +3,14 @@ title: Release 2021.12
slug: "2021.12"
---
## Headline Changes
## Headline changes
This release does not have any headline features, and mostly fixes bugs.
## Breaking changes
- stages/prompt: Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.
## Minor changes
- core: make defaults for _change_email and _change_username configurable