core: fix tokens using wrong lookup

This commit is contained in:
Jens Langhammer 2021-02-10 20:30:19 +01:00
parent e6c75ed173
commit d2df426489
5 changed files with 16 additions and 14 deletions

View File

@ -6,10 +6,7 @@ from rest_framework.decorators import action
from rest_framework.fields import ReadOnlyField
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import (
ModelSerializer,
SerializerMethodField,
)
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import ModelViewSet
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer

View File

@ -1,17 +1,16 @@
"""Source API Views"""
from authentik.lib.templatetags.authentik_utils import verbose_name
from authentik.lib.utils.reflection import all_subclasses
from django.shortcuts import reverse
from drf_yasg2.utils import swagger_auto_schema
from rest_framework.decorators import action
from rest_framework.request import Request
from rest_framework.response import Response
from rest_framework.serializers import ModelSerializer, SerializerMethodField
from rest_framework.viewsets import ReadOnlyModelViewSet
from django.shortcuts import reverse
from django.utils.translation import gettext_lazy as _
from authentik.core.api.utils import MetaNameSerializer, TypeCreateSerializer
from authentik.core.models import Source
from authentik.lib.templatetags.authentik_utils import verbose_name
from authentik.lib.utils.reflection import all_subclasses
class SourceSerializer(ModelSerializer, MetaNameSerializer):

View File

@ -43,12 +43,12 @@ class TokenViewSet(ModelViewSet):
@swagger_auto_schema(responses={200: TokenViewSerializer(many=False)})
@action(detail=True)
# pylint: disable=unused-argument
def view_key(self, request: Request, identifier: str) -> Response:
"""Return token key and log access"""
tokens = Token.filter_not_expired(identifier=identifier)
if not tokens.exists():
token: Token = self.get_object()
if token.is_expired:
raise Http404
token = tokens.first()
Event.new(EventAction.SECRET_VIEW, secret=token).from_http( # noqa # nosec
request
)

View File

@ -31,3 +31,9 @@ class TypeCreateSerializer(Serializer):
name = CharField(read_only=True)
description = CharField(read_only=True)
link = CharField(read_only=True)
def create(self, validated_data: dict) -> Model:
raise NotImplementedError
def update(self, instance: Model, validated_data: dict) -> Model:
raise NotImplementedError

View File

@ -4344,7 +4344,7 @@ paths:
type: integer
responses:
'200':
description: ''
description: Types of an object that can be created
schema:
description: ''
type: array
@ -4936,7 +4936,7 @@ paths:
type: integer
responses:
'200':
description: ''
description: Types of an object that can be created
schema:
description: ''
type: array
@ -9083,7 +9083,7 @@ definitions:
type: string
readOnly: true
TypeCreate:
description: ''
description: Types of an object that can be created
type: object
properties:
name: