policy(major): fix error when policy.negate is enabled
This commit is contained in:
parent
358e39ced0
commit
f1c4a62612
|
@ -194,9 +194,7 @@ class Policy(UUIDModel, CreatedUpdatedModel):
|
||||||
objects = InheritanceManager()
|
objects = InheritanceManager()
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
if self.name:
|
return f"Policy {self.name}"
|
||||||
return self.name
|
|
||||||
return f"{self.name} action {self.action}"
|
|
||||||
|
|
||||||
def passes(self, request: PolicyRequest) -> PolicyResult:
|
def passes(self, request: PolicyRequest) -> PolicyResult:
|
||||||
"""Check if user instance passes this policy"""
|
"""Check if user instance passes this policy"""
|
||||||
|
|
|
@ -13,12 +13,13 @@ from passbook.policies.struct import PolicyRequest, PolicyResult
|
||||||
|
|
||||||
LOGGER = get_logger()
|
LOGGER = get_logger()
|
||||||
|
|
||||||
|
|
||||||
class PolicyProcessInfo:
|
class PolicyProcessInfo:
|
||||||
"""Dataclass to hold all information and communication channels to a process"""
|
"""Dataclass to hold all information and communication channels to a process"""
|
||||||
|
|
||||||
process: PolicyProcess
|
process: PolicyProcess
|
||||||
connection: Connection
|
connection: Connection
|
||||||
result: PolicyResult = None
|
result: PolicyResult
|
||||||
policy: Policy
|
policy: Policy
|
||||||
|
|
||||||
def __init__(self, process: PolicyProcess, connection: Connection, policy: Policy):
|
def __init__(self, process: PolicyProcess, connection: Connection, policy: Policy):
|
||||||
|
@ -91,9 +92,7 @@ class PolicyEngine:
|
||||||
"""Get policy-checking result"""
|
"""Get policy-checking result"""
|
||||||
messages: List[str] = []
|
messages: List[str] = []
|
||||||
for proc_info in self.__processes:
|
for proc_info in self.__processes:
|
||||||
# passing = (policy_action == Policy.ACTION_ALLOW and policy_result) or \
|
LOGGER.debug("Result", policy=proc_info.policy, passing=proc_info.result.passing)
|
||||||
# (policy_action == Policy.ACTION_DENY and not policy_result)
|
|
||||||
LOGGER.debug("Result", passing=proc_info.result.passing)
|
|
||||||
if proc_info.result.messages:
|
if proc_info.result.messages:
|
||||||
messages += proc_info.result.messages
|
messages += proc_info.result.messages
|
||||||
if not proc_info.result.passing:
|
if not proc_info.result.passing:
|
||||||
|
|
|
@ -40,7 +40,7 @@ class PolicyProcess(Process):
|
||||||
policy_result = PolicyResult(False, str(exc))
|
policy_result = PolicyResult(False, str(exc))
|
||||||
# Invert result if policy.negate is set
|
# Invert result if policy.negate is set
|
||||||
if self.policy.negate:
|
if self.policy.negate:
|
||||||
policy_result = not policy_result
|
policy_result.passing = not policy_result.passing
|
||||||
LOGGER.debug("Got result", policy=self.policy, result=policy_result,
|
LOGGER.debug("Got result", policy=self.policy, result=policy_result,
|
||||||
process="PolicyProcess")
|
process="PolicyProcess")
|
||||||
key = cache_key(self.policy, self.request.user)
|
key = cache_key(self.policy, self.request.user)
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
"""passbook reputation request forms"""
|
"""passbook reputation request forms"""
|
||||||
from django import forms
|
from django import forms
|
||||||
|
from django.utils.translation import gettext_lazy as _
|
||||||
|
|
||||||
from passbook.core.forms.policies import GENERAL_FIELDS
|
from passbook.core.forms.policies import GENERAL_FIELDS
|
||||||
from passbook.policies.reputation.models import ReputationPolicy
|
from passbook.policies.reputation.models import ReputationPolicy
|
||||||
|
@ -16,3 +17,6 @@ class ReputationPolicyForm(forms.ModelForm):
|
||||||
'name': forms.TextInput(),
|
'name': forms.TextInput(),
|
||||||
'value': forms.TextInput(),
|
'value': forms.TextInput(),
|
||||||
}
|
}
|
||||||
|
labels = {
|
||||||
|
'check_ip': _('Check IP'),
|
||||||
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
"""policy structs"""
|
"""policy structures"""
|
||||||
from __future__ import annotations
|
from __future__ import annotations
|
||||||
|
|
||||||
from typing import TYPE_CHECKING, List
|
from typing import TYPE_CHECKING, List
|
||||||
|
|
|
@ -118,7 +118,7 @@ CACHES = {
|
||||||
}
|
}
|
||||||
DJANGO_REDIS_IGNORE_EXCEPTIONS = True
|
DJANGO_REDIS_IGNORE_EXCEPTIONS = True
|
||||||
DJANGO_REDIS_LOG_IGNORED_EXCEPTIONS = True
|
DJANGO_REDIS_LOG_IGNORED_EXCEPTIONS = True
|
||||||
SESSION_ENGINE = "django.contrib.sessions.backends.cached_db"
|
SESSION_ENGINE = "django.contrib.sessions.backends.cache"
|
||||||
SESSION_CACHE_ALIAS = "default"
|
SESSION_CACHE_ALIAS = "default"
|
||||||
|
|
||||||
MIDDLEWARE = [
|
MIDDLEWARE = [
|
||||||
|
|
Reference in a new issue