policies: sanitze_dict when returning log messages during tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

authentik/core/api/applications.py

@@ -26,6 +26,7 @@ from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import FilePathSerializer, FileUploadSerializer
 from authentik.core.models import Application, User
 from authentik.events.models import EventAction
+from authentik.events.utils import sanitize_dict
 from authentik.policies.api.exec import PolicyTestResultSerializer
 from authentik.policies.engine import PolicyEngine
 from authentik.policies.types import PolicyResult
@@ -144,11 +145,9 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
             for log in logs:
                 if log.get("process", "") == "PolicyProcess":
                     continue
-                log_messages.append(log)
+                log_messages.append(sanitize_dict(log))
             result.log_messages = log_messages
             response = PolicyTestResultSerializer(result)
-        # print(response.log_messages)
-        print(response.data)
         return Response(response.data)
 
     @extend_schema(

authentik/core/tests/test_applications_api.py

@@ -1,4 +1,6 @@
 """Test Applications API"""
+from json import loads
+
 from django.urls import reverse
 from rest_framework.test import APITestCase
 
@@ -46,7 +48,10 @@ class TestApplicationsAPI(APITestCase):
             )
         )
         self.assertEqual(response.status_code, 200)
-        self.assertJSONEqual(response.content.decode(), {"messages": [], "passing": True})
+        body = loads(response.content.decode())
+        self.assertEqual(body["passing"], True)
+        self.assertEqual(body["messages"], [])
+        self.assertEqual(len(body["log_messages"]), 0)
         response = self.client.get(
             reverse(
                 "authentik_api:application-check-access",
@@ -54,7 +59,10 @@ class TestApplicationsAPI(APITestCase):
             )
         )
         self.assertEqual(response.status_code, 200)
-        self.assertJSONEqual(response.content.decode(), {"messages": ["dummy"], "passing": False})
+        body = loads(response.content.decode())
+        self.assertEqual(body["passing"], False)
+        self.assertEqual(body["messages"], ["dummy"])
+        self.assertEqual(body["log_messages"][0]["event"], "Policy waiting")
 
     def test_list(self):
         """Test list operation without superuser_full_list"""

authentik/policies/api/policies.py

@@ -17,6 +17,7 @@ from authentik.api.decorators import permission_required
 from authentik.core.api.applications import user_app_cache_key
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import CacheSerializer, MetaNameSerializer, TypeCreateSerializer
+from authentik.events.utils import sanitize_dict
 from authentik.lib.utils.reflection import all_subclasses
 from authentik.policies.api.exec import PolicyTestResultSerializer, PolicyTestSerializer
 from authentik.policies.models import Policy, PolicyBinding
@@ -173,7 +174,7 @@ class PolicyViewSet(
         for log in logs:
             if log.get("process", "") == "PolicyProcess":
                 continue
-            log_messages.append(log)
+            log_messages.append(sanitize_dict(log))
         result.log_messages = log_messages
         response = PolicyTestResultSerializer(result)
         return Response(response.data)

authentik/policies/tests/test_policies_api.py

@@ -1,4 +1,6 @@
 """Test policies API"""
+from json import loads
+
 from django.urls import reverse
 from rest_framework.test import APITestCase
 
@@ -23,7 +25,10 @@ class TestPoliciesAPI(APITestCase):
                 "user": self.user.pk,
             },
         )
-        self.assertJSONEqual(response.content.decode(), {"passing": True, "messages": ["dummy"]})
+        body = loads(response.content.decode())
+        self.assertEqual(body["passing"], True)
+        self.assertEqual(body["messages"], ["dummy"])
+        self.assertEqual(body["log_messages"][0]["event"], ["Policy waiting"])
 
     def test_types(self):
         """Test Policy's types endpoint"""

authentik/stages/user_write/stage.py

@@ -98,7 +98,6 @@ class UserWriteStageView(StageView):
                     LOGGER.debug("discarding key", key=key)
                     continue
                 UserWriteStageView.write_attribute(user, key, value)
-        print(user.attributes)
         # Extra check to prevent flows from saving a user with a blank username
         if user.username == "":
             LOGGER.warning("Aborting write to empty username", user=user)