stages/prompt: use policyenginemode all
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
6209714f87
commit
db316b59c5
|
@ -18,7 +18,7 @@ from authentik.flows.challenge import Challenge, ChallengeResponse, ChallengeTyp
|
|||
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlan
|
||||
from authentik.flows.stage import ChallengeStageView
|
||||
from authentik.policies.engine import PolicyEngine
|
||||
from authentik.policies.models import PolicyBinding, PolicyBindingModel
|
||||
from authentik.policies.models import PolicyBinding, PolicyBindingModel, PolicyEngineMode
|
||||
from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage
|
||||
from authentik.stages.prompt.signals import password_validate
|
||||
|
||||
|
@ -110,6 +110,7 @@ class PromptChallengeResponse(ChallengeResponse):
|
|||
|
||||
user = self.plan.context.get(PLAN_CONTEXT_PENDING_USER, get_anonymous_user())
|
||||
engine = ListPolicyEngine(self.stage.validation_policies.all(), user, self.request)
|
||||
engine.mode = PolicyEngineMode.MODE_ALL
|
||||
engine.request.context[PLAN_CONTEXT_PROMPT] = attrs
|
||||
engine.request.context.update(attrs)
|
||||
engine.build()
|
||||
|
|
|
@ -60,3 +60,5 @@ return False
|
|||
This policy expects you to have two password fields with `field_key` set to `password` and `password_repeat`.
|
||||
|
||||
Afterwards, bind this policy to the prompt stage you want to validate.
|
||||
|
||||
Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.
|
||||
|
|
|
@ -3,10 +3,14 @@ title: Release 2021.12
|
|||
slug: "2021.12"
|
||||
---
|
||||
|
||||
## Headline Changes
|
||||
## Headline changes
|
||||
|
||||
This release does not have any headline features, and mostly fixes bugs.
|
||||
|
||||
## Breaking changes
|
||||
|
||||
- stages/prompt: Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.
|
||||
|
||||
## Minor changes
|
||||
|
||||
- core: make defaults for _change_email and _change_username configurable
|
||||
|
|
Reference in New Issue