Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
Marc 'risson' Schmitt 2023-12-27 14:44:28 +01:00
parent 18d7395e7e
commit f7b6261745
No known key found for this signature in database
GPG key ID: 9C3FA22FABF1AA8D
3 changed files with 14 additions and 11 deletions

View file

@ -6,7 +6,6 @@ from textwrap import indent
from typing import Any, Iterable, Optional from typing import Any, Iterable, Optional
from cachetools import TLRUCache, cached from cachetools import TLRUCache, cached
from django.apps import apps
from django.core.exceptions import FieldError from django.core.exceptions import FieldError
from guardian.shortcuts import get_anonymous_user from guardian.shortcuts import get_anonymous_user
from rest_framework.serializers import ValidationError from rest_framework.serializers import ValidationError
@ -15,10 +14,16 @@ from sentry_sdk.hub import Hub
from sentry_sdk.tracing import Span from sentry_sdk.tracing import Span
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.core.models import User from authentik.core.models import (
USER_ATTRIBUTE_CHANGE_EMAIL,
USER_ATTRIBUTE_CHANGE_NAME,
USER_ATTRIBUTE_CHANGE_USERNAME,
User,
)
from authentik.events.models import Event from authentik.events.models import Event
from authentik.lib.config import CONFIG from authentik.lib.config import CONFIG
from authentik.lib.utils.http import get_http_session from authentik.lib.utils.http import get_http_session
from authentik.lib.utils.reflection import get_apps
from authentik.policies.models import Policy, PolicyBinding from authentik.policies.models import Policy, PolicyBinding
from authentik.policies.process import PolicyProcess from authentik.policies.process import PolicyProcess
from authentik.policies.types import PolicyRequest, PolicyResult from authentik.policies.types import PolicyRequest, PolicyResult
@ -57,8 +62,13 @@ class BaseEvaluator:
"requests": get_http_session(), "requests": get_http_session(),
"resolve_dns": BaseEvaluator.expr_resolve_dns, "resolve_dns": BaseEvaluator.expr_resolve_dns,
"reverse_dns": BaseEvaluator.expr_reverse_dns, "reverse_dns": BaseEvaluator.expr_reverse_dns,
# Temporary addition of config until #7590 is through and this is not needed anymore
"CONFIG": CONFIG,
"USER_ATTRIBUTE_CHANGE_EMAIL": USER_ATTRIBUTE_CHANGE_EMAIL,
"USER_ATTRIBUTE_CHANGE_NAME": USER_ATTRIBUTE_CHANGE_NAME,
"USER_ATTRIBUTE_CHANGE_USERNAME": USER_ATTRIBUTE_CHANGE_USERNAME,
} }
for app in apps.get_app_configs(): for app in get_apps():
# Load models from each app # Load models from each app
for model in app.get_models(): for model in app.get_models():
self._globals[model.__name__] = model self._globals[model.__name__] = model

View file

@ -85,12 +85,6 @@ entries:
model: authentik_stages_prompt.prompt model: authentik_stages_prompt.prompt
- attrs: - attrs:
expression: | expression: |
from authentik.lib.config import CONFIG
from authentik.core.models import (
USER_ATTRIBUTE_CHANGE_EMAIL,
USER_ATTRIBUTE_CHANGE_NAME,
USER_ATTRIBUTE_CHANGE_USERNAME
)
prompt_data = request.context.get("prompt_data") prompt_data = request.context.get("prompt_data")
if not request.user.group_attributes(request.http_request).get( if not request.user.group_attributes(request.http_request).get(

View file

@ -89,9 +89,8 @@ entries:
expression: | expression: |
# This policy ensures that the setup flow can only be # This policy ensures that the setup flow can only be
# used one time # used one time
from authentik.flows.models import Flow, FlowAuthenticationRequirement
Flow.objects.filter(slug="initial-setup").update( Flow.objects.filter(slug="initial-setup").update(
authentication=FlowAuthenticationRequirement.REQUIRE_SUPERUSER, authentication=Flow.authentication.field.default.__class__.REQUIRE_SUPERUSER,
) )
return True return True
id: policy-default-oobe-flow-set-authentication id: policy-default-oobe-flow-set-authentication