authentik/passbook/admin/views/policy.py

142 lines
4.6 KiB
Python
Raw Normal View History

2019-02-16 09:24:31 +00:00
"""passbook Policy administration"""
from django.contrib import messages
from django.contrib.auth.mixins import LoginRequiredMixin
2019-12-31 11:51:16 +00:00
from django.contrib.auth.mixins import (
PermissionRequiredMixin as DjangoPermissionRequiredMixin,
)
2019-02-16 09:24:31 +00:00
from django.contrib.messages.views import SuccessMessageMixin
from django.http import Http404
from django.urls import reverse_lazy
from django.utils.translation import ugettext as _
2019-10-10 12:05:03 +01:00
from django.views.generic import DeleteView, FormView, ListView, UpdateView
2019-02-16 09:24:31 +00:00
from django.views.generic.detail import DetailView
from guardian.mixins import PermissionListMixin, PermissionRequiredMixin
2019-02-16 09:24:31 +00:00
from passbook.admin.forms.policies import PolicyTestForm
from passbook.core.models import Policy
from passbook.lib.utils.reflection import path_to_class
from passbook.lib.views import CreateAssignPermView
2019-10-07 15:33:48 +01:00
from passbook.policies.engine import PolicyEngine
2019-02-16 09:24:31 +00:00
class PolicyListView(LoginRequiredMixin, PermissionListMixin, ListView):
2019-02-16 10:13:00 +00:00
"""Show list of all policies"""
2019-02-16 09:24:31 +00:00
model = Policy
2019-12-31 11:51:16 +00:00
permission_required = "passbook_core.view_policy"
2019-12-31 11:51:16 +00:00
template_name = "administration/policy/list.html"
2019-02-16 09:24:31 +00:00
def get_context_data(self, **kwargs):
2019-12-31 11:51:16 +00:00
kwargs["types"] = {
x.__name__: x._meta.verbose_name for x in Policy.__subclasses__()
}
2019-02-16 09:24:31 +00:00
return super().get_context_data(**kwargs)
def get_queryset(self):
2019-12-31 11:51:16 +00:00
return super().get_queryset().order_by("order").select_subclasses()
2019-02-16 09:24:31 +00:00
2019-12-31 11:51:16 +00:00
class PolicyCreateView(
SuccessMessageMixin,
LoginRequiredMixin,
DjangoPermissionRequiredMixin,
CreateAssignPermView,
):
2019-02-16 09:24:31 +00:00
"""Create new Policy"""
model = Policy
2019-12-31 11:51:16 +00:00
permission_required = "passbook_core.add_policy"
2019-12-31 11:51:16 +00:00
template_name = "generic/create.html"
success_url = reverse_lazy("passbook_admin:policies")
success_message = _("Successfully created Policy")
2019-02-16 09:24:31 +00:00
def get_form_class(self):
2019-12-31 11:51:16 +00:00
policy_type = self.request.GET.get("type")
model = next(x for x in Policy.__subclasses__() if x.__name__ == policy_type)
2019-02-16 09:24:31 +00:00
if not model:
raise Http404
return path_to_class(model.form)
2019-12-31 11:51:16 +00:00
class PolicyUpdateView(
SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, UpdateView
):
2019-02-16 09:24:31 +00:00
"""Update policy"""
model = Policy
2019-12-31 11:51:16 +00:00
permission_required = "passbook_core.change_policy"
2019-12-31 11:51:16 +00:00
template_name = "generic/update.html"
success_url = reverse_lazy("passbook_admin:policies")
success_message = _("Successfully updated Policy")
2019-02-16 09:24:31 +00:00
def get_form_class(self):
form_class_path = self.get_object().form
form_class = path_to_class(form_class_path)
return form_class
def get_object(self, queryset=None):
2019-12-31 11:51:16 +00:00
return (
Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()
)
2019-02-16 09:24:31 +00:00
2019-12-31 11:51:16 +00:00
class PolicyDeleteView(
SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, DeleteView
):
2019-02-16 09:24:31 +00:00
"""Delete policy"""
model = Policy
2019-12-31 11:51:16 +00:00
permission_required = "passbook_core.delete_policy"
2019-12-31 11:51:16 +00:00
template_name = "generic/delete.html"
success_url = reverse_lazy("passbook_admin:policies")
success_message = _("Successfully deleted Policy")
2019-02-16 09:24:31 +00:00
def get_object(self, queryset=None):
2019-12-31 11:51:16 +00:00
return (
Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()
)
2019-02-16 09:24:31 +00:00
def delete(self, request, *args, **kwargs):
messages.success(self.request, self.success_message)
return super().delete(request, *args, **kwargs)
2019-02-16 09:24:31 +00:00
class PolicyTestView(LoginRequiredMixin, DetailView, PermissionRequiredMixin, FormView):
2019-02-16 09:24:31 +00:00
"""View to test policy(s)"""
model = Policy
form_class = PolicyTestForm
2019-12-31 11:51:16 +00:00
permission_required = "passbook_core.view_policy"
template_name = "administration/policy/test.html"
2019-02-16 09:24:31 +00:00
object = None
def get_object(self, queryset=None):
2019-12-31 11:51:16 +00:00
return (
Policy.objects.filter(pk=self.kwargs.get("pk")).select_subclasses().first()
)
2019-02-16 09:24:31 +00:00
def get_context_data(self, **kwargs):
2019-12-31 11:51:16 +00:00
kwargs["policy"] = self.get_object()
2019-02-16 09:24:31 +00:00
return super().get_context_data(**kwargs)
def post(self, *args, **kwargs):
self.object = self.get_object()
return super().post(*args, **kwargs)
def form_valid(self, form):
policy = self.get_object()
2019-12-31 11:51:16 +00:00
user = form.cleaned_data.get("user")
policy_engine = PolicyEngine([policy], user, self.request)
policy_engine.use_cache = False
policy_engine.build()
2019-03-10 01:07:18 +00:00
result = policy_engine.passing
2019-02-16 09:24:31 +00:00
if result:
2019-12-31 11:51:16 +00:00
messages.success(self.request, _("User successfully passed policy."))
2019-02-16 09:24:31 +00:00
else:
messages.error(self.request, _("User didn't pass policy."))
return self.render_to_response(self.get_context_data(form=form, result=result))