From 64fa04306c48529cf1cbc9b499782b629fbab23b Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 30 Mar 2021 22:46:19 +0200 Subject: [PATCH] core: overwrite user on token creation Signed-off-by: Jens Langhammer --- .../admin/templates/administration/base.html | 5 -- authentik/admin/templates/generic/form.html | 2 - authentik/core/api/tokens.py | 5 +- authentik/core/forms/__init__.py | 0 authentik/core/forms/token.py | 22 ------- authentik/core/urls.py | 13 +--- authentik/core/views/user.py | 60 ------------------- 7 files changed, 5 insertions(+), 102 deletions(-) delete mode 100644 authentik/admin/templates/administration/base.html delete mode 100644 authentik/core/forms/__init__.py delete mode 100644 authentik/core/forms/token.py delete mode 100644 authentik/core/views/user.py diff --git a/authentik/admin/templates/administration/base.html b/authentik/admin/templates/administration/base.html deleted file mode 100644 index ee466a3fc..000000000 --- a/authentik/admin/templates/administration/base.html +++ /dev/null @@ -1,5 +0,0 @@ -{% load static %} -{% load i18n %} - -{% block content %} -{% endblock %} diff --git a/authentik/admin/templates/generic/form.html b/authentik/admin/templates/generic/form.html index 2ef3e09e9..0dd1c2ad1 100644 --- a/authentik/admin/templates/generic/form.html +++ b/authentik/admin/templates/generic/form.html @@ -1,5 +1,3 @@ -{% extends container_template|default:"administration/base.html" %} - {% load i18n %} {% load authentik_utils %} {% load static %} diff --git a/authentik/core/api/tokens.py b/authentik/core/api/tokens.py index 3a2bb4911..f4ee86451 100644 --- a/authentik/core/api/tokens.py +++ b/authentik/core/api/tokens.py @@ -18,7 +18,7 @@ from authentik.events.models import Event, EventAction class TokenSerializer(ModelSerializer): """Token Serializer""" - user = UserSerializer() + user = UserSerializer(required=False) class Meta: @@ -61,6 +61,9 @@ class TokenViewSet(ModelViewSet): ] ordering = ["expires"] + def perform_create(self, serializer: TokenSerializer): + serializer.save(user=self.request.user) + @permission_required("authentik_core.view_token_key") @swagger_auto_schema(responses={200: TokenViewSerializer(many=False)}) @action(detail=True) diff --git a/authentik/core/forms/__init__.py b/authentik/core/forms/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/authentik/core/forms/token.py b/authentik/core/forms/token.py deleted file mode 100644 index 9bc43aa8f..000000000 --- a/authentik/core/forms/token.py +++ /dev/null @@ -1,22 +0,0 @@ -"""Core user token form""" -from django import forms - -from authentik.core.models import Token - - -class UserTokenForm(forms.ModelForm): - """Token form, for tokens created by endusers""" - - class Meta: - - model = Token - fields = [ - "identifier", - "expires", - "expiring", - "description", - ] - widgets = { - "identifier": forms.TextInput(), - "description": forms.TextInput(), - } diff --git a/authentik/core/urls.py b/authentik/core/urls.py index a8f2d91b6..181f8918f 100644 --- a/authentik/core/urls.py +++ b/authentik/core/urls.py @@ -5,7 +5,7 @@ from django.views.decorators.csrf import ensure_csrf_cookie from django.views.generic import RedirectView from django.views.generic.base import TemplateView -from authentik.core.views import impersonate, user +from authentik.core.views import impersonate urlpatterns = [ path( @@ -13,17 +13,6 @@ urlpatterns = [ login_required(RedirectView.as_view(pattern_name="authentik_core:if-admin")), name="root-redirect", ), - # User views - path( - "-/user/tokens/create/", - user.TokenCreateView.as_view(), - name="user-tokens-create", - ), - path( - "-/user/tokens//update/", - user.TokenUpdateView.as_view(), - name="user-tokens-update", - ), # Impersonation path( "-/impersonation//", diff --git a/authentik/core/views/user.py b/authentik/core/views/user.py deleted file mode 100644 index 968547434..000000000 --- a/authentik/core/views/user.py +++ /dev/null @@ -1,60 +0,0 @@ -"""authentik core user views""" -from django.contrib.auth.mixins import LoginRequiredMixin -from django.contrib.auth.mixins import ( - PermissionRequiredMixin as DjangoPermissionRequiredMixin, -) -from django.contrib.messages.views import SuccessMessageMixin -from django.http.response import HttpResponse -from django.utils.translation import gettext as _ -from django.views.generic import UpdateView -from guardian.mixins import PermissionRequiredMixin -from guardian.shortcuts import get_objects_for_user - -from authentik.core.forms.token import UserTokenForm -from authentik.core.models import Token, TokenIntents -from authentik.lib.views import CreateAssignPermView - - -class TokenCreateView( - SuccessMessageMixin, - LoginRequiredMixin, - DjangoPermissionRequiredMixin, - CreateAssignPermView, -): - """Create new Token""" - - model = Token - form_class = UserTokenForm - permission_required = "authentik_core.add_token" - - template_name = "generic/create.html" - success_url = "/" - success_message = _("Successfully created Token") - - def form_valid(self, form: UserTokenForm) -> HttpResponse: - form.instance.user = self.request.user - form.instance.intent = TokenIntents.INTENT_API - return super().form_valid(form) - - -class TokenUpdateView( - SuccessMessageMixin, LoginRequiredMixin, PermissionRequiredMixin, UpdateView -): - """Update token""" - - model = Token - form_class = UserTokenForm - permission_required = "authentik_core.change_token" - template_name = "generic/update.html" - success_url = "/" - success_message = _("Successfully updated Token") - - def get_object(self) -> Token: - identifier = self.kwargs.get("identifier") - return ( - get_objects_for_user( - self.request.user, self.permission_required, self.model - ) - .filter(intent=TokenIntents.INTENT_API, identifier=identifier) - .first() - )