trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

policies/hibp: migrate to web 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-04-02 16:57:55 +02:00
parent ac136ec5f6
commit 0c92f4a74d
4 changed files with 92 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
authentik/policies/hibp/forms.py
View File

@ -1,19 +0,0 @@
"""authentik HaveIBeenPwned Policy forms"""
from django import forms
from authentik.policies.forms import PolicyForm
from authentik.policies.hibp.models import HaveIBeenPwendPolicy
class HaveIBeenPwnedPolicyForm(PolicyForm):
"""Edit HaveIBeenPwendPolicy instances"""
class Meta:
model = HaveIBeenPwendPolicy
fields = PolicyForm.Meta.fields + ["password_field", "allowed_count"]
widgets = {
"name": forms.TextInput(),
"password_field": forms.TextInput(),
}

6
authentik/policies/hibp/models.py
View File

@ -35,10 +35,8 @@ class HaveIBeenPwendPolicy(Policy):
return HaveIBeenPwendPolicySerializer return HaveIBeenPwendPolicySerializer
@property @property
def form(self) -> Type[ModelForm]: def component(self) -> str:
from authentik.policies.hibp.forms import HaveIBeenPwnedPolicyForm return "ak-policy-hibp-form"
return HaveIBeenPwnedPolicyForm
def passes(self, request: PolicyRequest) -> PolicyResult: def passes(self, request: PolicyRequest) -> PolicyResult:
"""Check if password is in HIBP DB. Hashes given Password with SHA1, uses the first 5 """Check if password is in HIBP DB. Hashes given Password with SHA1, uses the first 5

4
web/src/pages/policies/PolicyListPage.ts
View File

@ -19,6 +19,7 @@ import "./dummy/DummyPolicyForm";
import "./event_matcher/EventMatcherPolicyForm"; import "./event_matcher/EventMatcherPolicyForm";
import "./expression/ExpressionPolicyForm"; import "./expression/ExpressionPolicyForm";
import "./expiry/ExpiryPolicyForm"; import "./expiry/ExpiryPolicyForm";
import "./hibp/HaveIBeenPwnedPolicyForm";
@customElement("ak-policy-list") @customElement("ak-policy-list")
export class PolicyListPage extends TablePage<Policy> { export class PolicyListPage extends TablePage<Policy> {
@ -86,7 +87,8 @@ export class PolicyListPage extends TablePage<Policy> {
"dummy": "ak-policy-dummy-form", "dummy": "ak-policy-dummy-form",
"eventmatcher": "ak-policy-event-matcher-form", "eventmatcher": "ak-policy-event-matcher-form",
"expression": "ak-policy-expression-form", "expression": "ak-policy-expression-form",
"expiry": "ak-policy-password-expiry-form", "passwordexpiry": "ak-policy-password-expiry-form",
"haveibeenpwend": "ak-policy-hibp-form",
}}> }}>
</ak-proxy-form> </ak-proxy-form>
<button slot="trigger" class="pf-c-button pf-m-secondary"> <button slot="trigger" class="pf-c-button pf-m-secondary">

87
web/src/pages/policies/hibp/HaveIBeenPwnedPolicyForm.ts Normal file
View File

@ -0,0 +1,87 @@
import { HaveIBeenPwendPolicy, PoliciesApi } from "authentik-api";
import { gettext } from "django";
import { customElement, property } from "lit-element";
import { html, TemplateResult } from "lit-html";
import { DEFAULT_CONFIG } from "../../../api/Config";
import { Form } from "../../../elements/forms/Form";
import { ifDefined } from "lit-html/directives/if-defined";
import "../../../elements/forms/HorizontalFormElement";
import "../../../elements/forms/FormGroup";
@customElement("ak-policy-hibp-form")
export class HaveIBeenPwnedPolicyForm extends Form<HaveIBeenPwendPolicy> {
set policyUUID(value: string) {
new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedRead({
policyUuid: value,
}).then(policy => {
this.policy = policy;
});
}
@property({attribute: false})
policy?: HaveIBeenPwendPolicy;
getSuccessMessage(): string {
if (this.policy) {
return gettext("Successfully updated policy.");
} else {
return gettext("Successfully created policy.");
}
}
send = (data: HaveIBeenPwendPolicy): Promise<HaveIBeenPwendPolicy> => {
if (this.policy) {
return new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedUpdate({
policyUuid: this.policy.pk || "",
data: data
});
} else {
return new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedCreate({
data: data
});
}
};
renderForm(): TemplateResult {
return html`<form class="pf-c-form pf-m-horizontal">
<ak-form-element-horizontal
label=${gettext("Name")}
?required=${true}
name="name">
<input type="text" value="${ifDefined(this.policy?.name || "")}" class="pf-c-form-control" required>
</ak-form-element-horizontal>
<ak-form-element-horizontal name="executionLogging">
<div class="pf-c-check">
<input type="checkbox" class="pf-c-check__input" ?checked=${this.policy?.executionLogging || false}>
<label class="pf-c-check__label">
${gettext("Execution logging")}
</label>
</div>
<p class="pf-c-form__helper-text">${gettext("When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.")}</p>
</ak-form-element-horizontal>
<ak-form-group .expanded=${true}>
<span slot="header">
${gettext("Policy-specific settings")}
</span>
<div slot="body" class="pf-c-form">
<ak-form-element-horizontal
label=${gettext("Password field")}
?required=${true}
name="passwordField">
<input type="text" value="${ifDefined(this.policy?.passwordField || "password")}" class="pf-c-form-control" required>
<p class="pf-c-form__helper-text">${gettext("Field key to check, field keys defined in Prompt stages are available.")}</p>
</ak-form-element-horizontal>
<ak-form-element-horizontal
label=${gettext("Allowed count")}
?required=${true}
name="allowedCount">
<input type="number" value="${ifDefined(this.policy?.allowedCount || 0)}" class="pf-c-form-control" required>
<p class="pf-c-form__helper-text">${gettext("Allow up to N occurrences in the HIBP database.")}</p>
</ak-form-element-horizontal>
</div>
</ak-form-group>
</form>`;
}
}