From 5584f5bda84e75f8da0609b7c6874c744ef89b70 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@haufe-lexware.com>
Date: Wed, 27 Feb 2019 15:49:20 +0100
Subject: [PATCH] switch to PolicyEngine everywhere

---
 passbook/core/auth/view.py                           |  5 ++++-
 passbook/core/models.py                              |  8 --------
 passbook/core/signals.py                             | 11 +++++------
 passbook/core/templatetags/passbook_user_settings.py |  5 ++++-
 4 files changed, 13 insertions(+), 16 deletions(-)

diff --git a/passbook/core/auth/view.py b/passbook/core/auth/view.py
index 6696f808f..672063cd1 100644
--- a/passbook/core/auth/view.py
+++ b/passbook/core/auth/view.py
@@ -8,6 +8,7 @@ from django.utils.http import urlencode
 from django.views.generic import View
 
 from passbook.core.models import Factor, User
+from passbook.core.policies import PolicyEngine
 from passbook.core.views.utils import PermissionDeniedView
 from passbook.lib.utils.reflection import class_to_path, path_to_class
 from passbook.lib.utils.urls import is_url_absolute
@@ -63,7 +64,9 @@ class AuthenticationView(UserPassesTestMixin, View):
             _all_factors = Factor.objects.filter(enabled=True).order_by('order').select_subclasses()
             self.pending_factors = []
             for factor in _all_factors:
-                if factor.passes(self.pending_user):
+                policy_engine = PolicyEngine(factor.policies.all())
+                policy_engine.for_user(self.pending_user)
+                if policy_engine.result[0]:
                     self.pending_factors.append((factor.uuid.hex, factor.type))
         # Read and instantiate factor from session
         factor_uuid, factor_class = None, None
diff --git a/passbook/core/models.py b/passbook/core/models.py
index d7f2a9c70..33e93d5b4 100644
--- a/passbook/core/models.py
+++ b/passbook/core/models.py
@@ -73,14 +73,6 @@ class PolicyModel(UUIDModel, CreatedUpdatedModel):
 
     policies = models.ManyToManyField('Policy', blank=True)
 
-    def passes(self, user: User) -> Union[bool, Tuple[bool, str]]:
-        """Return False, str if a user fails where str is a
-        reasons shown to the user. Return True if user succeeds."""
-        for policy in self.policies.all():
-            if not policy.passes(user):
-                return False
-        return True
-
 class Factor(PolicyModel):
     """Authentication factor, multiple instances of the same Factor can be used"""
 
diff --git a/passbook/core/signals.py b/passbook/core/signals.py
index 4df1d0716..7a35f1418 100644
--- a/passbook/core/signals.py
+++ b/passbook/core/signals.py
@@ -19,9 +19,8 @@ def password_policy_checker(sender, password, **kwargs):
     setattr(sender, '__password__', password)
     _all_factors = PasswordFactor.objects.filter(enabled=True).order_by('order')
     for factor in _all_factors:
-        if factor.passes(sender):
-            policy_engine = PolicyEngine(factor.password_policies.all().select_subclasses())
-            policy_engine.for_user(sender)
-            passing, messages = policy_engine.result
-            if not passing:
-                raise PasswordPolicyInvalid(*messages)
+        policy_engine = PolicyEngine(factor.password_policies.all().select_subclasses())
+        policy_engine.for_user(sender)
+        passing, messages = policy_engine.result
+        if not passing:
+            raise PasswordPolicyInvalid(*messages)
diff --git a/passbook/core/templatetags/passbook_user_settings.py b/passbook/core/templatetags/passbook_user_settings.py
index 9b5ac5372..137cd000f 100644
--- a/passbook/core/templatetags/passbook_user_settings.py
+++ b/passbook/core/templatetags/passbook_user_settings.py
@@ -3,6 +3,7 @@
 from django import template
 
 from passbook.core.models import Factor
+from passbook.core.policies import PolicyEngine
 
 register = template.Library()
 
@@ -14,6 +15,8 @@ def user_factors(context):
     matching_factors = []
     for factor in _all_factors:
         _link = factor.has_user_settings()
-        if factor.passes(user) and _link:
+        policy_engine = PolicyEngine(factor.policies.all())
+        policy_engine.for_user(user)
+        if policy_engine.result[0] and _link:
             matching_factors.append(_link)
     return matching_factors