# Generated by Django 3.0.6 on 2020-05-23 15:47 from django.apps.registry import Apps from django.db import migrations from django.db.backends.base.schema import BaseDatabaseSchemaEditor from passbook.flows.models import FlowDesignation from passbook.stages.prompt.models import FieldTypes FLOW_POLICY_EXPRESSION = """{{ pb_is_sso_flow }}""" PROMPT_POLICY_EXPRESSION = """ {% if pb_flow_plan.context.prompt_data.username %} False {% else %} True {% endif %} """ def create_default_source_enrollment_flow( apps: Apps, schema_editor: BaseDatabaseSchemaEditor ): Flow = apps.get_model("passbook_flows", "Flow") FlowStageBinding = apps.get_model("passbook_flows", "FlowStageBinding") PolicyBinding = apps.get_model("passbook_policies", "PolicyBinding") ExpressionPolicy = apps.get_model( "passbook_policies_expression", "ExpressionPolicy" ) PromptStage = apps.get_model("passbook_stages_prompt", "PromptStage") Prompt = apps.get_model("passbook_stages_prompt", "Prompt") UserWriteStage = apps.get_model("passbook_stages_user_write", "UserWriteStage") UserLoginStage = apps.get_model("passbook_stages_user_login", "UserLoginStage") db_alias = schema_editor.connection.alias # Create a policy that only allows this flow when doing an SSO Request flow_policy = ExpressionPolicy.objects.create( name="default-source-enrollment-if-sso", expression=FLOW_POLICY_EXPRESSION ) # This creates a Flow used by sources to enroll users # It makes sure that a username is set, and if not, prompts the user for a Username flow = Flow.objects.create( name="default-source-enrollment", slug="default-source-enrollment", designation=FlowDesignation.ENROLLMENT, ) PolicyBinding.objects.create(policy=flow_policy, target=flow, order=0) # PromptStage to ask user for their username prompt_stage = PromptStage.objects.create( name="default-source-enrollment-username-prompt", ) prompt_stage.fields.add( Prompt.objects.create( field_key="username", label="Username", type=FieldTypes.TEXT, required=True, placeholder="Username", ) ) # Policy to only trigger prompt when no username is given prompt_policy = ExpressionPolicy.objects.create( name="default-source-enrollment-if-username", expression=PROMPT_POLICY_EXPRESSION, ) # UserWrite stage to create the user, and login stage to log user in user_write = UserWriteStage.objects.create(name="default-source-enrollment-write") user_login = UserLoginStage.objects.create(name="default-source-enrollment-login") binding = FlowStageBinding.objects.create(flow=flow, stage=prompt_stage, order=0) PolicyBinding.objects.create(policy=prompt_policy, target=binding) FlowStageBinding.objects.create(flow=flow, stage=user_write, order=1) FlowStageBinding.objects.create(flow=flow, stage=user_login, order=2) def create_default_source_authentication_flow( apps: Apps, schema_editor: BaseDatabaseSchemaEditor ): Flow = apps.get_model("passbook_flows", "Flow") FlowStageBinding = apps.get_model("passbook_flows", "FlowStageBinding") PolicyBinding = apps.get_model("passbook_policies", "PolicyBinding") ExpressionPolicy = apps.get_model( "passbook_policies_expression", "ExpressionPolicy" ) UserLoginStage = apps.get_model("passbook_stages_user_login", "UserLoginStage") db_alias = schema_editor.connection.alias # Create a policy that only allows this flow when doing an SSO Request flow_policy = ExpressionPolicy.objects.create( name="default-source-authentication-if-sso", expression=FLOW_POLICY_EXPRESSION ) # This creates a Flow used by sources to authenticate users flow = Flow.objects.create( name="default-source-authentication", slug="default-source-authentication", designation=FlowDesignation.AUTHENTICATION, ) PolicyBinding.objects.create(policy=flow_policy, target=flow, order=0) user_login = UserLoginStage.objects.create( name="default-source-authentication-login" ) FlowStageBinding.objects.create(flow=flow, stage=user_login, order=0) class Migration(migrations.Migration): dependencies = [ ("passbook_flows", "0003_auto_20200523_1133"), ("passbook_policies", "0001_initial"), ("passbook_policies_expression", "0001_initial"), ("passbook_stages_prompt", "0001_initial"), ("passbook_stages_user_write", "0001_initial"), ("passbook_stages_user_login", "0001_initial"), ] operations = [ migrations.RunPython(create_default_source_enrollment_flow), migrations.RunPython(create_default_source_authentication_flow), ]