policies: make policy engine modes consistent with database values (#5462)

* policies: make policy engine modes consistent with database values

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix in ui

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix missing case

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-05-03 18:16:16 +03:00 committed by GitHub
parent da6e74a353
commit 3f607ee2c8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 992 additions and 1058 deletions

View file

@ -15,8 +15,8 @@ class Migration(migrations.Migration):
name="policy_engine_mode",
field=models.TextField(
choices=[
("all", "ALL, all policies must pass"),
("any", "ANY, any policy must pass"),
("all", "all, all policies must pass"),
("any", "any, any policy must pass"),
],
default="all",
),
@ -27,8 +27,8 @@ class Migration(migrations.Migration):
name="policy_engine_mode",
field=models.TextField(
choices=[
("all", "ALL, all policies must pass"),
("any", "ANY, any policy must pass"),
("all", "all, all policies must pass"),
("any", "any, any policy must pass"),
],
default="any",
),

View file

@ -19,8 +19,8 @@ from authentik.policies.types import PolicyRequest, PolicyResult
class PolicyEngineMode(models.TextChoices):
"""Decide how results of multiple policies should be combined."""
MODE_ALL = "all", _("ALL, all policies must pass") # type: "PolicyEngineMode"
MODE_ANY = "any", _("ANY, any policy must pass") # type: "PolicyEngineMode"
MODE_ALL = "all", _("all, all policies must pass") # type: "PolicyEngineMode"
MODE_ANY = "any", _("any, any policy must pass") # type: "PolicyEngineMode"
class PolicyBindingModel(models.Model):

View file

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-04-28 09:19+0000\n"
"POT-Creation-Date: 2023-05-03 14:41+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -31,11 +31,12 @@ msgstr ""
msgid "Validation Error"
msgstr ""
#: authentik/blueprints/api.py:52
msgid "Failed to validate blueprint"
#: authentik/blueprints/api.py:53
#, python-format
msgid "Failed to validate blueprint: %(logs)s"
msgstr ""
#: authentik/blueprints/api.py:57
#: authentik/blueprints/api.py:58
msgid "Either path or content must be set."
msgstr ""
@ -703,11 +704,11 @@ msgid "Expression Policies"
msgstr ""
#: authentik/policies/models.py:22
msgid "ALL, all policies must pass"
msgid "all, all policies must pass"
msgstr ""
#: authentik/policies/models.py:23
msgid "ANY, any policy must pass"
msgid "any, any policy must pass"
msgstr ""
#: authentik/policies/models.py:46
@ -1385,7 +1386,7 @@ msgstr ""
msgid "Failed to sync user due to remote error %(name)s: %(error)s"
msgstr ""
#: authentik/providers/scim/tasks.py:122
#: authentik/providers/scim/tasks.py:123
#, python-format
msgid "Failed to sync group due to remote error %(name)s: %(error)s"
msgstr ""
@ -1580,50 +1581,58 @@ msgid "Discord OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:171
msgid "Google OAuth Source"
msgid "Patreon OAuth Source"
msgstr ""
#: authentik/sources/oauth/models.py:172
msgid "Google OAuth Sources"
msgid "Patreon OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:180
msgid "Azure AD OAuth Source"
msgid "Google OAuth Source"
msgstr ""
#: authentik/sources/oauth/models.py:181
msgid "Azure AD OAuth Sources"
msgid "Google OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:189
msgid "OpenID OAuth Source"
msgid "Azure AD OAuth Source"
msgstr ""
#: authentik/sources/oauth/models.py:190
msgid "OpenID OAuth Sources"
msgid "Azure AD OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:198
msgid "Apple OAuth Source"
msgid "OpenID OAuth Source"
msgstr ""
#: authentik/sources/oauth/models.py:199
msgid "Apple OAuth Sources"
msgid "OpenID OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:207
msgid "Okta OAuth Source"
msgid "Apple OAuth Source"
msgstr ""
#: authentik/sources/oauth/models.py:208
msgid "Apple OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:216
msgid "Okta OAuth Source"
msgstr ""
#: authentik/sources/oauth/models.py:217
msgid "Okta OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:230
#: authentik/sources/oauth/models.py:239
msgid "User OAuth Source Connection"
msgstr ""
#: authentik/sources/oauth/models.py:231
#: authentik/sources/oauth/models.py:240
msgid "User OAuth Source Connections"
msgstr ""

View file

@ -6806,11 +6806,11 @@ paths:
- all
- any
description: |-
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
- in: query
name: re_evaluate_policies
schema:
@ -17552,11 +17552,11 @@ paths:
- all
- any
description: |-
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
- in: query
name: profile_url
schema:
@ -17921,11 +17921,11 @@ paths:
- all
- any
description: |-
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
- name: search
required: false
in: query
@ -18358,11 +18358,11 @@ paths:
- all
- any
description: |-
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
- in: query
name: pre_authentication_flow
schema:
@ -37980,8 +37980,8 @@ components:
- any
type: string
description: |-
* `all` - ALL, all policies must pass
* `any` - ANY, any policy must pass
* `all` - all, all policies must pass
* `any` - any, any policy must pass
PolicyRequest:
type: object
description: Policy Serializer
@ -38441,12 +38441,13 @@ components:
- facebook
- github
- google
- mailcow
- openidconnect
- okta
- patreon
- reddit
- twitter
- mailcow
- twitch
- twitter
type: string
description: |-
* `apple` - Apple
@ -38455,12 +38456,13 @@ components:
* `facebook` - Facebook
* `github` - GitHub
* `google` - Google
* `mailcow` - Mailcow
* `openidconnect` - OpenID Connect
* `okta` - Okta
* `patreon` - Patreon
* `reddit` - reddit
* `twitter` - Twitter
* `mailcow` - Mailcow
* `twitch` - Twitch
* `twitter` - Twitter
ProxyMode:
enum:
- proxy

View file

@ -151,13 +151,13 @@ export class ApplicationForm extends ModelForm<Application, string> {
<ak-radio
.options=${[
{
label: "ANY",
label: "any",
value: PolicyEngineMode.Any,
default: true,
description: html`${t`Any policy must match to grant access`}`,
},
{
label: "ALL",
label: "all",
value: PolicyEngineMode.All,
description: html`${t`All policies must match to grant access`}`,
},

View file

@ -263,13 +263,13 @@ export class FlowForm extends ModelForm<Flow, string> {
<ak-radio
.options=${[
{
label: "ANY",
label: "any",
value: PolicyEngineMode.Any,
default: true,
description: html`${t`Any policy must match to grant access`}`,
},
{
label: "ALL",
label: "all",
value: PolicyEngineMode.All,
description: html`${t`All policies must match to grant access`}`,
},

View file

@ -225,13 +225,13 @@ export class StageBindingForm extends ModelForm<FlowStageBinding, string> {
<ak-radio
.options=${[
{
label: "ANY",
label: "any",
value: PolicyEngineMode.Any,
default: true,
description: html`${t`Any policy must match to grant access`}`,
},
{
label: "ALL",
label: "all",
value: PolicyEngineMode.All,
description: html`${t`All policies must match to grant access`}`,
},

View file

@ -47,6 +47,8 @@ export function ProviderToLabel(provider?: ProviderTypeEnum): string {
return t`Generic OpenID Connect`;
case ProviderTypeEnum.Okta:
return "Okta";
case ProviderTypeEnum.Patreon:
return "Patreon";
case ProviderTypeEnum.Reddit:
return "Reddit";
case ProviderTypeEnum.Twitter:

View file

@ -2347,6 +2347,14 @@ msgstr "Richtlinie bearbeiten"
msgid "Edit Stage"
msgstr "Stufe bearbeiten"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "Benutzer bearbeiten"
@ -3113,6 +3121,10 @@ msgstr "Hilfetext"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "Versteckt: Verstecktes Feld, kann zum Einfügen von Daten in das Formular verwendet werden."
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "Verwaltete Zuordnungen ausblenden"
@ -4323,6 +4335,11 @@ msgstr "Von keinem anderen Objekt verwendet."
msgid "Not you?"
msgstr "Nicht Sie?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

View file

@ -2369,6 +2369,14 @@ msgstr "Edit Policy"
msgid "Edit Stage"
msgstr "Edit Stage"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr "Edit the notes attribute of this group to add notes here. Markdown is supported."
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr "Edit the notes attribute of this user to add notes here. Markdown is supported."
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "Edit User"
@ -3154,6 +3162,10 @@ msgstr "Help text"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "Hidden: Hidden field, can be used to insert data into form."
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr "Hide deactivated user"
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "Hide managed mappings"
@ -4385,6 +4397,11 @@ msgstr "Not used by any other object."
msgid "Not you?"
msgstr "Not you?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr "Notes"
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

View file

@ -2323,6 +2323,14 @@ msgstr "Editar política"
msgid "Edit Stage"
msgstr "Editar etapa"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "Editar usuario"
@ -3089,6 +3097,10 @@ msgstr "Texto de ayuda"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "Oculto: campo oculto, se puede utilizar para insertar datos en el formulario."
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "Ocultar mapeos gestionados"
@ -4299,6 +4311,11 @@ msgstr "No lo usa ningún otro objeto."
msgid "Not you?"
msgstr "¿No eres tú?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

View file

@ -2326,6 +2326,14 @@ msgstr "Éditer la politique"
msgid "Edit Stage"
msgstr "Éditer l'étap"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "Éditer l'utilisateur"
@ -3092,6 +3100,10 @@ msgstr "Texte d'aide"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "Caché : champ caché, peut être utilisé pour insérer des données dans le formulaire."
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "Cacher les mapping gérés"
@ -4300,6 +4312,11 @@ msgstr "Pas utilisé par un autre objet."
msgid "Not you?"
msgstr "Pas vous ?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

View file

@ -2329,6 +2329,14 @@ msgstr "Edytuj zasady"
msgid "Edit Stage"
msgstr "Edytuj etap"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "Edytuj użytkownika"
@ -3095,6 +3103,10 @@ msgstr "Tekst pomocy"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "Ukryte: Ukryte pole, może służyć do wstawiania danych do formularza."
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "Ukryj zarządzane mapowania"
@ -4307,6 +4319,11 @@ msgstr "Nie używany przez żaden inny obiekt."
msgid "Not you?"
msgstr "Nie ty?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

View file

@ -2355,6 +2355,14 @@ msgstr ""
msgid "Edit Stage"
msgstr ""
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr ""
@ -3140,6 +3148,10 @@ msgstr ""
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr ""
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr ""
@ -4364,6 +4376,11 @@ msgstr ""
msgid "Not you?"
msgstr ""
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

View file

@ -2323,6 +2323,14 @@ msgstr "İlkeyi Düzenle"
msgid "Edit Stage"
msgstr "Aşama Alanını Düzenle"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "Kullanıcı Düzenle"
@ -3089,6 +3097,10 @@ msgstr "Yardım metni"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "Gizli: Gizli alan, form içine veri eklemek için kullanılabilir."
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "Yönetilen eşlemeleri gizle"
@ -4299,6 +4311,11 @@ msgstr "Başka bir nesne tarafından kullanılmaz."
msgid "Not you?"
msgstr "Sen değil mi?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

File diff suppressed because it is too large Load diff

View file

@ -2331,6 +2331,14 @@ msgstr "编辑策略"
msgid "Edit Stage"
msgstr "编辑 Stage"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "编辑用户"
@ -3097,6 +3105,10 @@ msgstr "帮助文本"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "隐藏:隐藏字段,可用于将数据插入表单。"
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "隐藏托管映射"
@ -4307,6 +4319,11 @@ msgstr "不被任何其他对象使用。"
msgid "Not you?"
msgstr "不是你?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"

View file

@ -2331,6 +2331,14 @@ msgstr "编辑策略"
msgid "Edit Stage"
msgstr "编辑 Stage"
#: src/admin/groups/GroupViewPage.ts
msgid "Edit the notes attribute of this group to add notes here. Markdown is supported."
msgstr ""
#: src/admin/users/UserViewPage.ts
msgid "Edit the notes attribute of this user to add notes here. Markdown is supported."
msgstr ""
#: src/admin/policies/BoundPoliciesList.ts
msgid "Edit User"
msgstr "编辑用户"
@ -3097,6 +3105,10 @@ msgstr "帮助文本"
msgid "Hidden: Hidden field, can be used to insert data into form."
msgstr "隐藏:隐藏字段,可用于将数据插入表单。"
#: src/admin/users/UserListPage.ts
msgid "Hide deactivated user"
msgstr ""
#: src/admin/property-mappings/PropertyMappingListPage.ts
msgid "Hide managed mappings"
msgstr "隐藏托管映射"
@ -4307,6 +4319,11 @@ msgstr "不被任何其他对象使用。"
msgid "Not you?"
msgstr "不是你?"
#: src/admin/groups/GroupViewPage.ts
#: src/admin/users/UserViewPage.ts
msgid "Notes"
msgstr ""
#: src/admin/events/RuleForm.ts
#: src/admin/events/RuleListPage.ts
msgid "Notice"