diff --git a/authentik/lib/default.yml b/authentik/lib/default.yml index 7e279f7e5..47efe59ec 100644 --- a/authentik/lib/default.yml +++ b/authentik/lib/default.yml @@ -99,6 +99,9 @@ ldap: tls: ciphers: null +reputation: + expiry: 86400 + cookie_domain: null disable_update_check: false disable_startup_analytics: false diff --git a/authentik/policies/reputation/models.py b/authentik/policies/reputation/models.py index d3cf58bb3..723614f51 100644 --- a/authentik/policies/reputation/models.py +++ b/authentik/policies/reputation/models.py @@ -11,12 +11,11 @@ from rest_framework.serializers import BaseSerializer from structlog import get_logger from authentik.core.models import ExpiringModel +from authentik.lib.config import CONFIG from authentik.lib.models import SerializerModel from authentik.lib.utils.http import get_client_ip from authentik.policies.models import Policy from authentik.policies.types import PolicyRequest, PolicyResult -from authentik.tenants.models import Tenant -from authentik.tenants.utils import get_current_tenant LOGGER = get_logger() CACHE_KEY_PREFIX = "goauthentik.io/policies/reputation/scores/" @@ -24,8 +23,7 @@ CACHE_KEY_PREFIX = "goauthentik.io/policies/reputation/scores/" def reputation_expiry(): """Reputation expiry""" - tenant = get_current_tenant() or Tenant() # Needed if we are running in a migration - return now() + timedelta(seconds=tenant.reputation_expiry) + return now() + timedelta(seconds=CONFIG.get_int("reputation.expiry")) class ReputationPolicy(Policy): diff --git a/authentik/tenants/api.py b/authentik/tenants/api.py index d58e11621..1aacbc233 100644 --- a/authentik/tenants/api.py +++ b/authentik/tenants/api.py @@ -98,7 +98,6 @@ class SettingsSerializer(ModelSerializer): "gdpr_compliance", "impersonation", "footer_links", - "reputation_expiry", ] diff --git a/authentik/tenants/migrations/0001_initial.py b/authentik/tenants/migrations/0001_initial.py index b3a029678..0138494a5 100644 --- a/authentik/tenants/migrations/0001_initial.py +++ b/authentik/tenants/migrations/0001_initial.py @@ -24,7 +24,6 @@ def create_default_tenant(apps, schema_editor): gdpr_compliance=CONFIG.get_bool("gdpr_compliance", True), impersonation=CONFIG.get_bool("impersonation", True), footer_links=CONFIG.get("footer_links", default=[]), - reputation_expiry=CONFIG.get_int("reputation_expiry", default=86400), ) Domain = apps.get_model("authentik_tenants", "Domain") @@ -105,13 +104,6 @@ class Migration(migrations.Migration): help_text="The option configures the footer links on the flow executor pages.", ), ), - ( - "reputation_expiry", - models.PositiveBigIntegerField( - default=86400, - help_text="Configure how long reputation scores should be saved for in seconds.", - ), - ), ], options={ "verbose_name": "Tenant", diff --git a/authentik/tenants/models.py b/authentik/tenants/models.py index f727127c1..dc9ba507f 100644 --- a/authentik/tenants/models.py +++ b/authentik/tenants/models.py @@ -54,10 +54,6 @@ class Tenant(TenantMixin, SerializerModel): default=list, blank=True, ) - reputation_expiry = models.PositiveBigIntegerField( - help_text=_("Configure how long reputation scores should be saved for in seconds."), - default=86400, - ) def save(self, *args, **kwargs): if self.schema_name == "template": diff --git a/authentik/tenants/utils.py b/authentik/tenants/utils.py index c053c7470..d2385ed84 100644 --- a/authentik/tenants/utils.py +++ b/authentik/tenants/utils.py @@ -1,13 +1,9 @@ """Tenant utils""" from django.db import connection -from django.db.utils import ProgrammingError from authentik.tenants.models import Tenant def get_current_tenant() -> Tenant | None: """Get tenant for current request""" - try: - return Tenant.objects.filter(schema_name=connection.schema_name).first() - except ProgrammingError: # We're inside a migration and this table doesn't exist yet - return None + return Tenant.objects.get(schema_name=connection.schema_name) diff --git a/schema.yml b/schema.yml index 683a1f2d8..66b769f77 100644 --- a/schema.yml +++ b/schema.yml @@ -38447,13 +38447,6 @@ components: additionalProperties: {} description: The option configures the footer links on the flow executor pages. - reputation_expiry: - type: integer - maximum: 9223372036854775807 - minimum: 0 - format: int64 - description: Configure how long reputation scores should be saved for in - seconds. PatchedStaticDeviceRequest: type: object description: Serializer for static authenticator devices @@ -41362,13 +41355,6 @@ components: additionalProperties: {} description: The option configures the footer links on the flow executor pages. - reputation_expiry: - type: integer - maximum: 9223372036854775807 - minimum: 0 - format: int64 - description: Configure how long reputation scores should be saved for in - seconds. required: - domains - name @@ -41402,13 +41388,6 @@ components: additionalProperties: {} description: The option configures the footer links on the flow executor pages. - reputation_expiry: - type: integer - maximum: 9223372036854775807 - minimum: 0 - format: int64 - description: Configure how long reputation scores should be saved for in - seconds. SeverityEnum: enum: - notice