stages/reputation: add API for user and IP Score

This commit is contained in:
Jens Langhammer 2021-03-01 20:22:37 +01:00
parent 2ae5a81c15
commit c65b2944b3
3 changed files with 358 additions and 9 deletions

View File

@ -41,7 +41,11 @@ from authentik.policies.expression.api import ExpressionPolicyViewSet
from authentik.policies.group_membership.api import GroupMembershipPolicyViewSet from authentik.policies.group_membership.api import GroupMembershipPolicyViewSet
from authentik.policies.hibp.api import HaveIBeenPwendPolicyViewSet from authentik.policies.hibp.api import HaveIBeenPwendPolicyViewSet
from authentik.policies.password.api import PasswordPolicyViewSet from authentik.policies.password.api import PasswordPolicyViewSet
from authentik.policies.reputation.api import ReputationPolicyViewSet from authentik.policies.reputation.api import (
IPReputationViewSet,
ReputationPolicyViewSet,
UserReputationViewSet,
)
from authentik.providers.oauth2.api import OAuth2ProviderViewSet, ScopeMappingViewSet from authentik.providers.oauth2.api import OAuth2ProviderViewSet, ScopeMappingViewSet
from authentik.providers.proxy.api import ( from authentik.providers.proxy.api import (
ProxyOutpostConfigViewSet, ProxyOutpostConfigViewSet,
@ -117,6 +121,8 @@ router.register("policies/group_membership", GroupMembershipPolicyViewSet)
router.register("policies/haveibeenpwned", HaveIBeenPwendPolicyViewSet) router.register("policies/haveibeenpwned", HaveIBeenPwendPolicyViewSet)
router.register("policies/password_expiry", PasswordExpiryPolicyViewSet) router.register("policies/password_expiry", PasswordExpiryPolicyViewSet)
router.register("policies/password", PasswordPolicyViewSet) router.register("policies/password", PasswordPolicyViewSet)
router.register("policies/reputation/users", UserReputationViewSet)
router.register("policies/reputation/ips", IPReputationViewSet)
router.register("policies/reputation", ReputationPolicyViewSet) router.register("policies/reputation", ReputationPolicyViewSet)
router.register("providers/all", ProviderViewSet) router.register("providers/all", ProviderViewSet)

View File

@ -2,7 +2,11 @@
from rest_framework.viewsets import ModelViewSet from rest_framework.viewsets import ModelViewSet
from authentik.policies.api import PolicySerializer from authentik.policies.api import PolicySerializer
from authentik.policies.reputation.models import ReputationPolicy from authentik.policies.reputation.models import (
IPReputation,
ReputationPolicy,
UserReputation,
)
class ReputationPolicySerializer(PolicySerializer): class ReputationPolicySerializer(PolicySerializer):
@ -18,7 +22,47 @@ class ReputationPolicySerializer(PolicySerializer):
class ReputationPolicyViewSet(ModelViewSet): class ReputationPolicyViewSet(ModelViewSet):
"""Source Viewset""" """Reputation Policy Viewset"""
queryset = ReputationPolicy.objects.all() queryset = ReputationPolicy.objects.all()
serializer_class = ReputationPolicySerializer serializer_class = ReputationPolicySerializer
class IPReputationSerializer(PolicySerializer):
"""IPReputation Serializer"""
class Meta:
model = IPReputation
fields = [
"pk",
"ip",
"score",
"updated",
]
class IPReputationViewSet(ModelViewSet):
"""IPReputation Viewset"""
queryset = IPReputation.objects.all()
serializer_class = IPReputationSerializer
class UserReputationSerializer(PolicySerializer):
"""UserReputation Serializer"""
class Meta:
model = UserReputation
fields = [
"pk",
"user",
"score",
"updated",
]
class UserReputationViewSet(ModelViewSet):
"""UserReputation Viewset"""
queryset = UserReputation.objects.all()
serializer_class = UserReputationSerializer

View File

@ -3821,7 +3821,7 @@ paths:
/policies/reputation/: /policies/reputation/:
get: get:
operationId: policies_reputation_list operationId: policies_reputation_list
description: Source Viewset description: Reputation Policy Viewset
parameters: parameters:
- name: ordering - name: ordering
in: query in: query
@ -3870,7 +3870,7 @@ paths:
- policies - policies
post: post:
operationId: policies_reputation_create operationId: policies_reputation_create
description: Source Viewset description: Reputation Policy Viewset
parameters: parameters:
- name: data - name: data
in: body in: body
@ -3885,10 +3885,262 @@ paths:
tags: tags:
- policies - policies
parameters: [] parameters: []
/policies/reputation/ips/:
get:
operationId: policies_reputation_ips_list
description: IPReputation Viewset
parameters:
- name: ordering
in: query
description: Which field to use when ordering the results.
required: false
type: string
- name: search
in: query
description: A search term.
required: false
type: string
- name: page
in: query
description: A page number within the paginated result set.
required: false
type: integer
- name: page_size
in: query
description: Number of results to return per page.
required: false
type: integer
responses:
'200':
description: ''
schema:
required:
- count
- results
type: object
properties:
count:
type: integer
next:
type: string
format: uri
x-nullable: true
previous:
type: string
format: uri
x-nullable: true
results:
type: array
items:
$ref: '#/definitions/IPReputation'
tags:
- policies
post:
operationId: policies_reputation_ips_create
description: IPReputation Viewset
parameters:
- name: data
in: body
required: true
schema:
$ref: '#/definitions/IPReputation'
responses:
'201':
description: ''
schema:
$ref: '#/definitions/IPReputation'
tags:
- policies
parameters: []
/policies/reputation/ips/{id}/:
get:
operationId: policies_reputation_ips_read
description: IPReputation Viewset
parameters: []
responses:
'200':
description: ''
schema:
$ref: '#/definitions/IPReputation'
tags:
- policies
put:
operationId: policies_reputation_ips_update
description: IPReputation Viewset
parameters:
- name: data
in: body
required: true
schema:
$ref: '#/definitions/IPReputation'
responses:
'200':
description: ''
schema:
$ref: '#/definitions/IPReputation'
tags:
- policies
patch:
operationId: policies_reputation_ips_partial_update
description: IPReputation Viewset
parameters:
- name: data
in: body
required: true
schema:
$ref: '#/definitions/IPReputation'
responses:
'200':
description: ''
schema:
$ref: '#/definitions/IPReputation'
tags:
- policies
delete:
operationId: policies_reputation_ips_delete
description: IPReputation Viewset
parameters: []
responses:
'204':
description: ''
tags:
- policies
parameters:
- name: id
in: path
description: A unique integer value identifying this ip reputation.
required: true
type: integer
/policies/reputation/users/:
get:
operationId: policies_reputation_users_list
description: UserReputation Viewset
parameters:
- name: ordering
in: query
description: Which field to use when ordering the results.
required: false
type: string
- name: search
in: query
description: A search term.
required: false
type: string
- name: page
in: query
description: A page number within the paginated result set.
required: false
type: integer
- name: page_size
in: query
description: Number of results to return per page.
required: false
type: integer
responses:
'200':
description: ''
schema:
required:
- count
- results
type: object
properties:
count:
type: integer
next:
type: string
format: uri
x-nullable: true
previous:
type: string
format: uri
x-nullable: true
results:
type: array
items:
$ref: '#/definitions/UserReputation'
tags:
- policies
post:
operationId: policies_reputation_users_create
description: UserReputation Viewset
parameters:
- name: data
in: body
required: true
schema:
$ref: '#/definitions/UserReputation'
responses:
'201':
description: ''
schema:
$ref: '#/definitions/UserReputation'
tags:
- policies
parameters: []
/policies/reputation/users/{id}/:
get:
operationId: policies_reputation_users_read
description: UserReputation Viewset
parameters: []
responses:
'200':
description: ''
schema:
$ref: '#/definitions/UserReputation'
tags:
- policies
put:
operationId: policies_reputation_users_update
description: UserReputation Viewset
parameters:
- name: data
in: body
required: true
schema:
$ref: '#/definitions/UserReputation'
responses:
'200':
description: ''
schema:
$ref: '#/definitions/UserReputation'
tags:
- policies
patch:
operationId: policies_reputation_users_partial_update
description: UserReputation Viewset
parameters:
- name: data
in: body
required: true
schema:
$ref: '#/definitions/UserReputation'
responses:
'200':
description: ''
schema:
$ref: '#/definitions/UserReputation'
tags:
- policies
delete:
operationId: policies_reputation_users_delete
description: UserReputation Viewset
parameters: []
responses:
'204':
description: ''
tags:
- policies
parameters:
- name: id
in: path
description: A unique integer value identifying this user reputation.
required: true
type: integer
/policies/reputation/{policy_uuid}/: /policies/reputation/{policy_uuid}/:
get: get:
operationId: policies_reputation_read operationId: policies_reputation_read
description: Source Viewset description: Reputation Policy Viewset
parameters: [] parameters: []
responses: responses:
'200': '200':
@ -3899,7 +4151,7 @@ paths:
- policies - policies
put: put:
operationId: policies_reputation_update operationId: policies_reputation_update
description: Source Viewset description: Reputation Policy Viewset
parameters: parameters:
- name: data - name: data
in: body in: body
@ -3915,7 +4167,7 @@ paths:
- policies - policies
patch: patch:
operationId: policies_reputation_partial_update operationId: policies_reputation_partial_update
description: Source Viewset description: Reputation Policy Viewset
parameters: parameters:
- name: data - name: data
in: body in: body
@ -3931,7 +4183,7 @@ paths:
- policies - policies
delete: delete:
operationId: policies_reputation_delete operationId: policies_reputation_delete
description: Source Viewset description: Reputation Policy Viewset
parameters: [] parameters: []
responses: responses:
'204': '204':
@ -10105,6 +10357,53 @@ definitions:
type: integer type: integer
maximum: 2147483647 maximum: 2147483647
minimum: -2147483648 minimum: -2147483648
IPReputation:
description: IPReputation Serializer
required:
- ip
type: object
properties:
pk:
title: ID
type: integer
readOnly: true
ip:
title: Ip
type: string
minLength: 1
score:
title: Score
type: integer
maximum: 2147483647
minimum: -2147483648
updated:
title: Updated
type: string
format: date-time
readOnly: true
UserReputation:
description: UserReputation Serializer
required:
- user
type: object
properties:
pk:
title: ID
type: integer
readOnly: true
user:
title: User
type: integer
score:
title: Score
type: integer
maximum: 2147483647
minimum: -2147483648
updated:
title: Updated
type: string
format: date-time
readOnly: true
PropertyMapping: PropertyMapping:
description: PropertyMapping Serializer description: PropertyMapping Serializer
required: required: