*: remove remaining default creation code in squashed migrations
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
30db3b543b
commit
3eb3a9eab9
|
@ -28,126 +28,6 @@ def convert_user_to_json(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
event.save()
|
event.save()
|
||||||
|
|
||||||
|
|
||||||
def notify_configuration_error(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
|
||||||
db_alias = schema_editor.connection.alias
|
|
||||||
Group = apps.get_model("authentik_core", "Group")
|
|
||||||
PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding")
|
|
||||||
EventMatcherPolicy = apps.get_model("authentik_policies_event_matcher", "EventMatcherPolicy")
|
|
||||||
NotificationRule = apps.get_model("authentik_events", "NotificationRule")
|
|
||||||
NotificationTransport = apps.get_model("authentik_events", "NotificationTransport")
|
|
||||||
|
|
||||||
admin_group = (
|
|
||||||
Group.objects.using(db_alias).filter(name="authentik Admins", is_superuser=True).first()
|
|
||||||
)
|
|
||||||
|
|
||||||
policy, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-match-configuration-error",
|
|
||||||
defaults={"action": EventAction.CONFIGURATION_ERROR},
|
|
||||||
)
|
|
||||||
trigger, _ = NotificationRule.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-notify-configuration-error",
|
|
||||||
defaults={"group": admin_group, "severity": NotificationSeverity.ALERT},
|
|
||||||
)
|
|
||||||
trigger.transports.set(
|
|
||||||
NotificationTransport.objects.using(db_alias).filter(name="default-email-transport")
|
|
||||||
)
|
|
||||||
trigger.save()
|
|
||||||
PolicyBinding.objects.using(db_alias).update_or_create(
|
|
||||||
target=trigger,
|
|
||||||
policy=policy,
|
|
||||||
defaults={
|
|
||||||
"order": 0,
|
|
||||||
},
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def notify_update(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
|
||||||
db_alias = schema_editor.connection.alias
|
|
||||||
Group = apps.get_model("authentik_core", "Group")
|
|
||||||
PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding")
|
|
||||||
EventMatcherPolicy = apps.get_model("authentik_policies_event_matcher", "EventMatcherPolicy")
|
|
||||||
NotificationRule = apps.get_model("authentik_events", "NotificationRule")
|
|
||||||
NotificationTransport = apps.get_model("authentik_events", "NotificationTransport")
|
|
||||||
|
|
||||||
admin_group = (
|
|
||||||
Group.objects.using(db_alias).filter(name="authentik Admins", is_superuser=True).first()
|
|
||||||
)
|
|
||||||
|
|
||||||
policy, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-match-update",
|
|
||||||
defaults={"action": EventAction.UPDATE_AVAILABLE},
|
|
||||||
)
|
|
||||||
trigger, _ = NotificationRule.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-notify-update",
|
|
||||||
defaults={"group": admin_group, "severity": NotificationSeverity.ALERT},
|
|
||||||
)
|
|
||||||
trigger.transports.set(
|
|
||||||
NotificationTransport.objects.using(db_alias).filter(name="default-email-transport")
|
|
||||||
)
|
|
||||||
trigger.save()
|
|
||||||
PolicyBinding.objects.using(db_alias).update_or_create(
|
|
||||||
target=trigger,
|
|
||||||
policy=policy,
|
|
||||||
defaults={
|
|
||||||
"order": 0,
|
|
||||||
},
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def notify_exception(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
|
||||||
db_alias = schema_editor.connection.alias
|
|
||||||
Group = apps.get_model("authentik_core", "Group")
|
|
||||||
PolicyBinding = apps.get_model("authentik_policies", "PolicyBinding")
|
|
||||||
EventMatcherPolicy = apps.get_model("authentik_policies_event_matcher", "EventMatcherPolicy")
|
|
||||||
NotificationRule = apps.get_model("authentik_events", "NotificationRule")
|
|
||||||
NotificationTransport = apps.get_model("authentik_events", "NotificationTransport")
|
|
||||||
|
|
||||||
admin_group = (
|
|
||||||
Group.objects.using(db_alias).filter(name="authentik Admins", is_superuser=True).first()
|
|
||||||
)
|
|
||||||
|
|
||||||
policy_policy_exc, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-match-policy-exception",
|
|
||||||
defaults={"action": EventAction.POLICY_EXCEPTION},
|
|
||||||
)
|
|
||||||
policy_pm_exc, _ = EventMatcherPolicy.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-match-property-mapping-exception",
|
|
||||||
defaults={"action": EventAction.PROPERTY_MAPPING_EXCEPTION},
|
|
||||||
)
|
|
||||||
trigger, _ = NotificationRule.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-notify-exception",
|
|
||||||
defaults={"group": admin_group, "severity": NotificationSeverity.ALERT},
|
|
||||||
)
|
|
||||||
trigger.transports.set(
|
|
||||||
NotificationTransport.objects.using(db_alias).filter(name="default-email-transport")
|
|
||||||
)
|
|
||||||
trigger.save()
|
|
||||||
PolicyBinding.objects.using(db_alias).update_or_create(
|
|
||||||
target=trigger,
|
|
||||||
policy=policy_policy_exc,
|
|
||||||
defaults={
|
|
||||||
"order": 0,
|
|
||||||
},
|
|
||||||
)
|
|
||||||
PolicyBinding.objects.using(db_alias).update_or_create(
|
|
||||||
target=trigger,
|
|
||||||
policy=policy_pm_exc,
|
|
||||||
defaults={
|
|
||||||
"order": 1,
|
|
||||||
},
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def transport_email_global(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
|
||||||
db_alias = schema_editor.connection.alias
|
|
||||||
NotificationTransport = apps.get_model("authentik_events", "NotificationTransport")
|
|
||||||
|
|
||||||
NotificationTransport.objects.using(db_alias).update_or_create(
|
|
||||||
name="default-email-transport",
|
|
||||||
defaults={"mode": TransportMode.EMAIL},
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def token_view_to_secret_view(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
def token_view_to_secret_view(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
||||||
from authentik.events.models import EventAction
|
from authentik.events.models import EventAction
|
||||||
|
|
||||||
|
@ -432,18 +312,6 @@ class Migration(migrations.Migration):
|
||||||
"verbose_name_plural": "Notifications",
|
"verbose_name_plural": "Notifications",
|
||||||
},
|
},
|
||||||
),
|
),
|
||||||
migrations.RunPython(
|
|
||||||
code=transport_email_global,
|
|
||||||
),
|
|
||||||
migrations.RunPython(
|
|
||||||
code=notify_configuration_error,
|
|
||||||
),
|
|
||||||
migrations.RunPython(
|
|
||||||
code=notify_update,
|
|
||||||
),
|
|
||||||
migrations.RunPython(
|
|
||||||
code=notify_exception,
|
|
||||||
),
|
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name="notificationtransport",
|
model_name="notificationtransport",
|
||||||
name="send_once",
|
name="send_once",
|
||||||
|
|
|
@ -19,25 +19,6 @@ def update_flow_designation(apps: Apps, schema_editor: BaseDatabaseSchemaEditor)
|
||||||
flow.save()
|
flow.save()
|
||||||
|
|
||||||
|
|
||||||
# First stage for default-source-enrollment flow (prompt stage)
|
|
||||||
# needs to have its policy re-evaluated
|
|
||||||
def update_default_source_enrollment_flow_binding(
|
|
||||||
apps: Apps, schema_editor: BaseDatabaseSchemaEditor
|
|
||||||
):
|
|
||||||
Flow = apps.get_model("authentik_flows", "Flow")
|
|
||||||
FlowStageBinding = apps.get_model("authentik_flows", "FlowStageBinding")
|
|
||||||
db_alias = schema_editor.connection.alias
|
|
||||||
|
|
||||||
flows = Flow.objects.using(db_alias).filter(slug="default-source-enrollment")
|
|
||||||
if not flows.exists():
|
|
||||||
return
|
|
||||||
flow = flows.first()
|
|
||||||
|
|
||||||
binding = FlowStageBinding.objects.get(target=flow, order=0)
|
|
||||||
binding.re_evaluate_policies = True
|
|
||||||
binding.save()
|
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
|
@ -101,9 +82,6 @@ class Migration(migrations.Migration):
|
||||||
help_text="When this option is enabled, the planner will re-evaluate policies bound to this binding.",
|
help_text="When this option is enabled, the planner will re-evaluate policies bound to this binding.",
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
migrations.RunPython(
|
|
||||||
code=update_default_source_enrollment_flow_binding,
|
|
||||||
),
|
|
||||||
migrations.AlterField(
|
migrations.AlterField(
|
||||||
model_name="flowstagebinding",
|
model_name="flowstagebinding",
|
||||||
name="re_evaluate_policies",
|
name="re_evaluate_policies",
|
||||||
|
|
|
@ -10,29 +10,6 @@ from django.db.backends.base.schema import BaseDatabaseSchemaEditor
|
||||||
import authentik.lib.utils.time
|
import authentik.lib.utils.time
|
||||||
|
|
||||||
|
|
||||||
def create_default_tenant(apps: Apps, schema_editor: BaseDatabaseSchemaEditor):
|
|
||||||
Flow = apps.get_model("authentik_flows", "Flow")
|
|
||||||
Tenant = apps.get_model("authentik_tenants", "Tenant")
|
|
||||||
|
|
||||||
db_alias = schema_editor.connection.alias
|
|
||||||
|
|
||||||
default_authentication = (
|
|
||||||
Flow.objects.using(db_alias).filter(slug="default-authentication-flow").first()
|
|
||||||
)
|
|
||||||
default_invalidation = (
|
|
||||||
Flow.objects.using(db_alias).filter(slug="default-invalidation-flow").first()
|
|
||||||
)
|
|
||||||
|
|
||||||
tenant, _ = Tenant.objects.using(db_alias).update_or_create(
|
|
||||||
domain="authentik-default",
|
|
||||||
default=True,
|
|
||||||
defaults={
|
|
||||||
"flow_authentication": default_authentication,
|
|
||||||
"flow_invalidation": default_invalidation,
|
|
||||||
},
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class Migration(migrations.Migration):
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
replaces = [
|
replaces = [
|
||||||
|
@ -46,8 +23,6 @@ class Migration(migrations.Migration):
|
||||||
initial = True
|
initial = True
|
||||||
|
|
||||||
dependencies = [
|
dependencies = [
|
||||||
("authentik_flows", "0018_oob_flows"),
|
|
||||||
("authentik_flows", "0008_default_flows"),
|
|
||||||
("authentik_crypto", "0003_certificatekeypair_managed"),
|
("authentik_crypto", "0003_certificatekeypair_managed"),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
@ -115,9 +90,6 @@ class Migration(migrations.Migration):
|
||||||
"verbose_name_plural": "Tenants",
|
"verbose_name_plural": "Tenants",
|
||||||
},
|
},
|
||||||
),
|
),
|
||||||
migrations.RunPython(
|
|
||||||
code=create_default_tenant,
|
|
||||||
),
|
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name="tenant",
|
model_name="tenant",
|
||||||
name="branding_favicon",
|
name="branding_favicon",
|
||||||
|
|
Reference in a new issue