This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/authentik/policies/expression/api.py
Jens Langhammer 9c9addb0ce *: ensure all resources can be filtered
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-08-07 16:34:14 +02:00

31 lines
1,020 B
Python

"""Expression Policy API"""
from rest_framework.viewsets import ModelViewSet
from authentik.core.api.used_by import UsedByMixin
from authentik.policies.api.policies import PolicySerializer
from authentik.policies.expression.evaluator import PolicyEvaluator
from authentik.policies.expression.models import ExpressionPolicy
class ExpressionPolicySerializer(PolicySerializer):
"""Group Membership Policy Serializer"""
def validate_expression(self, expr: str) -> str:
"""validate the syntax of the expression"""
name = "temp-policy" if not self.instance else self.instance.name
PolicyEvaluator(name).validate(expr)
return expr
class Meta:
model = ExpressionPolicy
fields = PolicySerializer.Meta.fields + ["expression"]
class ExpressionPolicyViewSet(UsedByMixin, ModelViewSet):
"""Source Viewset"""
queryset = ExpressionPolicy.objects.all()
serializer_class = ExpressionPolicySerializer
filterset_fields = "__all__"
ordering = ["name"]