lib: fix regex_match result being inverted, add tests
closes #1073 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
e3f7185564
commit
2b98637ca5
|
@ -3,6 +3,7 @@ import re
|
||||||
from textwrap import indent
|
from textwrap import indent
|
||||||
from typing import Any, Iterable, Optional
|
from typing import Any, Iterable, Optional
|
||||||
|
|
||||||
|
from django.core.exceptions import FieldError
|
||||||
from requests import Session
|
from requests import Session
|
||||||
from rest_framework.serializers import ValidationError
|
from rest_framework.serializers import ValidationError
|
||||||
from sentry_sdk.hub import Hub
|
from sentry_sdk.hub import Hub
|
||||||
|
@ -29,10 +30,10 @@ class BaseEvaluator:
|
||||||
# update website/docs/expressions/_objects.md
|
# update website/docs/expressions/_objects.md
|
||||||
# update website/docs/expressions/_functions.md
|
# update website/docs/expressions/_functions.md
|
||||||
self._globals = {
|
self._globals = {
|
||||||
"regex_match": BaseEvaluator.expr_filter_regex_match,
|
"regex_match": BaseEvaluator.expr_regex_match,
|
||||||
"regex_replace": BaseEvaluator.expr_filter_regex_replace,
|
"regex_replace": BaseEvaluator.expr_regex_replace,
|
||||||
"ak_is_group_member": BaseEvaluator.expr_func_is_group_member,
|
"ak_is_group_member": BaseEvaluator.expr_is_group_member,
|
||||||
"ak_user_by": BaseEvaluator.expr_func_user_by,
|
"ak_user_by": BaseEvaluator.expr_user_by,
|
||||||
"ak_logger": get_logger(),
|
"ak_logger": get_logger(),
|
||||||
"requests": Session(),
|
"requests": Session(),
|
||||||
}
|
}
|
||||||
|
@ -40,25 +41,28 @@ class BaseEvaluator:
|
||||||
self._filename = "BaseEvalautor"
|
self._filename = "BaseEvalautor"
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def expr_filter_regex_match(value: Any, regex: str) -> bool:
|
def expr_regex_match(value: Any, regex: str) -> bool:
|
||||||
"""Expression Filter to run re.search"""
|
"""Expression Filter to run re.search"""
|
||||||
return re.search(regex, value) is None
|
return re.search(regex, value) is not None
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def expr_filter_regex_replace(value: Any, regex: str, repl: str) -> str:
|
def expr_regex_replace(value: Any, regex: str, repl: str) -> str:
|
||||||
"""Expression Filter to run re.sub"""
|
"""Expression Filter to run re.sub"""
|
||||||
return re.sub(regex, repl, value)
|
return re.sub(regex, repl, value)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def expr_func_user_by(**filters) -> Optional[User]:
|
def expr_user_by(**filters) -> Optional[User]:
|
||||||
"""Get user by filters"""
|
"""Get user by filters"""
|
||||||
users = User.objects.filter(**filters)
|
try:
|
||||||
if users:
|
users = User.objects.filter(**filters)
|
||||||
return users.first()
|
if users:
|
||||||
return None
|
return users.first()
|
||||||
|
return None
|
||||||
|
except FieldError:
|
||||||
|
return None
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def expr_func_is_group_member(user: User, **group_filters) -> bool:
|
def expr_is_group_member(user: User, **group_filters) -> bool:
|
||||||
"""Check if `user` is member of group with name `group_name`"""
|
"""Check if `user` is member of group with name `group_name`"""
|
||||||
return user.ak_groups.filter(**group_filters).exists()
|
return user.ak_groups.filter(**group_filters).exists()
|
||||||
|
|
||||||
|
|
32
authentik/lib/tests/test_evaluator.py
Normal file
32
authentik/lib/tests/test_evaluator.py
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
"""Test Evaluator base functions"""
|
||||||
|
from django.test import TestCase
|
||||||
|
|
||||||
|
from authentik.core.models import User
|
||||||
|
from authentik.lib.expression.evaluator import BaseEvaluator
|
||||||
|
|
||||||
|
|
||||||
|
class TestEvaluator(TestCase):
|
||||||
|
"""Test Evaluator base functions"""
|
||||||
|
|
||||||
|
def test_regex_match(self):
|
||||||
|
"""Test expr_regex_match"""
|
||||||
|
self.assertFalse(BaseEvaluator.expr_regex_match("foo", "bar"))
|
||||||
|
self.assertTrue(BaseEvaluator.expr_regex_match("foo", "foo"))
|
||||||
|
|
||||||
|
def test_regex_replace(self):
|
||||||
|
"""Test expr_regex_replace"""
|
||||||
|
self.assertEqual(BaseEvaluator.expr_regex_replace("foo", "o", "a"), "faa")
|
||||||
|
|
||||||
|
def test_user_by(self):
|
||||||
|
"""Test expr_user_by"""
|
||||||
|
self.assertIsNotNone(BaseEvaluator.expr_user_by(username="akadmin"))
|
||||||
|
self.assertIsNone(BaseEvaluator.expr_user_by(username="bar"))
|
||||||
|
self.assertIsNone(BaseEvaluator.expr_user_by(foo="bar"))
|
||||||
|
|
||||||
|
def test_is_group_member(self):
|
||||||
|
"""Test expr_is_group_member"""
|
||||||
|
self.assertFalse(
|
||||||
|
BaseEvaluator.expr_is_group_member(
|
||||||
|
User.objects.get(username="akadmin"), name="test"
|
||||||
|
)
|
||||||
|
)
|
|
@ -1,7 +1,7 @@
|
||||||
openapi: 3.0.3
|
openapi: 3.0.3
|
||||||
info:
|
info:
|
||||||
title: authentik
|
title: authentik
|
||||||
version: 2021.6.1
|
version: 2021.6.2
|
||||||
description: Making authentication simple.
|
description: Making authentication simple.
|
||||||
contact:
|
contact:
|
||||||
email: hello@beryju.org
|
email: hello@beryju.org
|
||||||
|
|
Reference in a new issue