Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
Marc 'risson' Schmitt 2023-12-27 14:44:28 +01:00
parent 18d7395e7e
commit f7b6261745
No known key found for this signature in database
GPG key ID: 9C3FA22FABF1AA8D
3 changed files with 14 additions and 11 deletions

View file

@ -6,7 +6,6 @@ from textwrap import indent
from typing import Any, Iterable, Optional
from cachetools import TLRUCache, cached
from django.apps import apps
from django.core.exceptions import FieldError
from guardian.shortcuts import get_anonymous_user
from rest_framework.serializers import ValidationError
@ -15,10 +14,16 @@ from sentry_sdk.hub import Hub
from sentry_sdk.tracing import Span
from structlog.stdlib import get_logger
from authentik.core.models import User
from authentik.core.models import (
USER_ATTRIBUTE_CHANGE_EMAIL,
USER_ATTRIBUTE_CHANGE_NAME,
USER_ATTRIBUTE_CHANGE_USERNAME,
User,
)
from authentik.events.models import Event
from authentik.lib.config import CONFIG
from authentik.lib.utils.http import get_http_session
from authentik.lib.utils.reflection import get_apps
from authentik.policies.models import Policy, PolicyBinding
from authentik.policies.process import PolicyProcess
from authentik.policies.types import PolicyRequest, PolicyResult
@ -57,8 +62,13 @@ class BaseEvaluator:
"requests": get_http_session(),
"resolve_dns": BaseEvaluator.expr_resolve_dns,
"reverse_dns": BaseEvaluator.expr_reverse_dns,
# Temporary addition of config until #7590 is through and this is not needed anymore
"CONFIG": CONFIG,
"USER_ATTRIBUTE_CHANGE_EMAIL": USER_ATTRIBUTE_CHANGE_EMAIL,
"USER_ATTRIBUTE_CHANGE_NAME": USER_ATTRIBUTE_CHANGE_NAME,
"USER_ATTRIBUTE_CHANGE_USERNAME": USER_ATTRIBUTE_CHANGE_USERNAME,
}
for app in apps.get_app_configs():
for app in get_apps():
# Load models from each app
for model in app.get_models():
self._globals[model.__name__] = model

View file

@ -85,12 +85,6 @@ entries:
model: authentik_stages_prompt.prompt
- attrs:
expression: |
from authentik.lib.config import CONFIG
from authentik.core.models import (
USER_ATTRIBUTE_CHANGE_EMAIL,
USER_ATTRIBUTE_CHANGE_NAME,
USER_ATTRIBUTE_CHANGE_USERNAME
)
prompt_data = request.context.get("prompt_data")
if not request.user.group_attributes(request.http_request).get(

View file

@ -89,9 +89,8 @@ entries:
expression: |
# This policy ensures that the setup flow can only be
# used one time
from authentik.flows.models import Flow, FlowAuthenticationRequirement
Flow.objects.filter(slug="initial-setup").update(
authentication=FlowAuthenticationRequirement.REQUIRE_SUPERUSER,
authentication=Flow.authentication.field.default.__class__.REQUIRE_SUPERUSER,
)
return True
id: policy-default-oobe-flow-set-authentication