stages/prompt: use policyenginemode all
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
6209714f87
commit
db316b59c5
|
@ -18,7 +18,7 @@ from authentik.flows.challenge import Challenge, ChallengeResponse, ChallengeTyp
|
||||||
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlan
|
from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlan
|
||||||
from authentik.flows.stage import ChallengeStageView
|
from authentik.flows.stage import ChallengeStageView
|
||||||
from authentik.policies.engine import PolicyEngine
|
from authentik.policies.engine import PolicyEngine
|
||||||
from authentik.policies.models import PolicyBinding, PolicyBindingModel
|
from authentik.policies.models import PolicyBinding, PolicyBindingModel, PolicyEngineMode
|
||||||
from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage
|
from authentik.stages.prompt.models import FieldTypes, Prompt, PromptStage
|
||||||
from authentik.stages.prompt.signals import password_validate
|
from authentik.stages.prompt.signals import password_validate
|
||||||
|
|
||||||
|
@ -110,6 +110,7 @@ class PromptChallengeResponse(ChallengeResponse):
|
||||||
|
|
||||||
user = self.plan.context.get(PLAN_CONTEXT_PENDING_USER, get_anonymous_user())
|
user = self.plan.context.get(PLAN_CONTEXT_PENDING_USER, get_anonymous_user())
|
||||||
engine = ListPolicyEngine(self.stage.validation_policies.all(), user, self.request)
|
engine = ListPolicyEngine(self.stage.validation_policies.all(), user, self.request)
|
||||||
|
engine.mode = PolicyEngineMode.MODE_ALL
|
||||||
engine.request.context[PLAN_CONTEXT_PROMPT] = attrs
|
engine.request.context[PLAN_CONTEXT_PROMPT] = attrs
|
||||||
engine.request.context.update(attrs)
|
engine.request.context.update(attrs)
|
||||||
engine.build()
|
engine.build()
|
||||||
|
|
|
@ -60,3 +60,5 @@ return False
|
||||||
This policy expects you to have two password fields with `field_key` set to `password` and `password_repeat`.
|
This policy expects you to have two password fields with `field_key` set to `password` and `password_repeat`.
|
||||||
|
|
||||||
Afterwards, bind this policy to the prompt stage you want to validate.
|
Afterwards, bind this policy to the prompt stage you want to validate.
|
||||||
|
|
||||||
|
Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.
|
||||||
|
|
|
@ -3,10 +3,14 @@ title: Release 2021.12
|
||||||
slug: "2021.12"
|
slug: "2021.12"
|
||||||
---
|
---
|
||||||
|
|
||||||
## Headline Changes
|
## Headline changes
|
||||||
|
|
||||||
This release does not have any headline features, and mostly fixes bugs.
|
This release does not have any headline features, and mostly fixes bugs.
|
||||||
|
|
||||||
|
## Breaking changes
|
||||||
|
|
||||||
|
- stages/prompt: Before 2021.12, any policy was required to pass for the result to be considered valid. This has been changed, and now all policies are required to be valid.
|
||||||
|
|
||||||
## Minor changes
|
## Minor changes
|
||||||
|
|
||||||
- core: make defaults for _change_email and _change_username configurable
|
- core: make defaults for _change_email and _change_username configurable
|
||||||
|
|
Reference in New Issue