policies: sanitze_dict when returning log messages during tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-04-02 17:13:21 +02:00 · 2022-04-02 17:13:21 +02:00 · 86a8d00b3f
parent 5fe8c1f3d7
commit 86a8d00b3f
5 changed files with 20 additions and 8 deletions
--- a/authentik/core/api/applications.py
+++ b/authentik/core/api/applications.py
@ -26,6 +26,7 @@ from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import FilePathSerializer, FileUploadSerializer
 from authentik.core.models import Application, User
 from authentik.events.models import EventAction
+from authentik.events.utils import sanitize_dict
 from authentik.policies.api.exec import PolicyTestResultSerializer
 from authentik.policies.engine import PolicyEngine
 from authentik.policies.types import PolicyResult
@ -144,11 +145,9 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
            for log in logs:
                if log.get("process", "") == "PolicyProcess":
                    continue
-                log_messages.append(log)
+                log_messages.append(sanitize_dict(log))
            result.log_messages = log_messages
            response = PolicyTestResultSerializer(result)
-        # print(response.log_messages)
-        print(response.data)
        return Response(response.data)

    @extend_schema(
--- a/authentik/core/tests/test_applications_api.py
+++ b/authentik/core/tests/test_applications_api.py
@ -1,4 +1,6 @@
 """Test Applications API"""
+from json import loads
+
 from django.urls import reverse
 from rest_framework.test import APITestCase

@ -46,7 +48,10 @@ class TestApplicationsAPI(APITestCase):
            )
        )
        self.assertEqual(response.status_code, 200)
-        self.assertJSONEqual(response.content.decode(), {"messages": [], "passing": True})
+        body = loads(response.content.decode())
+        self.assertEqual(body["passing"], True)
+        self.assertEqual(body["messages"], [])
+        self.assertEqual(len(body["log_messages"]), 0)
        response = self.client.get(
            reverse(
                "authentik_api:application-check-access",
@ -54,7 +59,10 @@ class TestApplicationsAPI(APITestCase):
            )
        )
        self.assertEqual(response.status_code, 200)
-        self.assertJSONEqual(response.content.decode(), {"messages": ["dummy"], "passing": False})
+        body = loads(response.content.decode())
+        self.assertEqual(body["passing"], False)
+        self.assertEqual(body["messages"], ["dummy"])
+        self.assertEqual(body["log_messages"][0]["event"], "Policy waiting")

    def test_list(self):
        """Test list operation without superuser_full_list"""
--- a/authentik/policies/api/policies.py
+++ b/authentik/policies/api/policies.py
@ -17,6 +17,7 @@ from authentik.api.decorators import permission_required
 from authentik.core.api.applications import user_app_cache_key
 from authentik.core.api.used_by import UsedByMixin
 from authentik.core.api.utils import CacheSerializer, MetaNameSerializer, TypeCreateSerializer
+from authentik.events.utils import sanitize_dict
 from authentik.lib.utils.reflection import all_subclasses
 from authentik.policies.api.exec import PolicyTestResultSerializer, PolicyTestSerializer
 from authentik.policies.models import Policy, PolicyBinding
@ -173,7 +174,7 @@ class PolicyViewSet(
        for log in logs:
            if log.get("process", "") == "PolicyProcess":
                continue
-            log_messages.append(log)
+            log_messages.append(sanitize_dict(log))
        result.log_messages = log_messages
        response = PolicyTestResultSerializer(result)
        return Response(response.data)
--- a/authentik/policies/tests/test_policies_api.py
+++ b/authentik/policies/tests/test_policies_api.py
@ -1,4 +1,6 @@
 """Test policies API"""
+from json import loads
+
 from django.urls import reverse
 from rest_framework.test import APITestCase

@ -23,7 +25,10 @@ class TestPoliciesAPI(APITestCase):
                "user": self.user.pk,
            },
        )
-        self.assertJSONEqual(response.content.decode(), {"passing": True, "messages": ["dummy"]})
+        body = loads(response.content.decode())
+        self.assertEqual(body["passing"], True)
+        self.assertEqual(body["messages"], ["dummy"])
+        self.assertEqual(body["log_messages"][0]["event"], ["Policy waiting"])

    def test_types(self):
        """Test Policy's types endpoint"""
--- a/authentik/stages/user_write/stage.py
+++ b/authentik/stages/user_write/stage.py
@ -98,7 +98,6 @@ class UserWriteStageView(StageView):
                    LOGGER.debug("discarding key", key=key)
                    continue
                UserWriteStageView.write_attribute(user, key, value)
-        print(user.attributes)
        # Extra check to prevent flows from saving a user with a blank username
        if user.username == "":
            LOGGER.warning("Aborting write to empty username", user=user)