From b907105f4aa88e1a32d2d6d6ecad9915b96c93e8 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Fri, 15 May 2020 12:02:41 +0200 Subject: [PATCH] policies/expression: expose python requests via expression, remove webhook policy --- passbook/api/v2/urls.py | 2 - passbook/policies/expression/evaluator.py | 8 +- passbook/policies/webhook/__init__.py | 0 passbook/policies/webhook/api.py | 28 --- passbook/policies/webhook/apps.py | 11 - passbook/policies/webhook/forms.py | 29 --- .../webhook/migrations/0001_initial.py | 55 ----- .../policies/webhook/migrations/__init__.py | 0 passbook/policies/webhook/models.py | 42 ---- passbook/root/settings.py | 1 - swagger.yaml | 190 ------------------ 11 files changed, 2 insertions(+), 364 deletions(-) delete mode 100644 passbook/policies/webhook/__init__.py delete mode 100644 passbook/policies/webhook/api.py delete mode 100644 passbook/policies/webhook/apps.py delete mode 100644 passbook/policies/webhook/forms.py delete mode 100644 passbook/policies/webhook/migrations/0001_initial.py delete mode 100644 passbook/policies/webhook/migrations/__init__.py delete mode 100644 passbook/policies/webhook/models.py diff --git a/passbook/api/v2/urls.py b/passbook/api/v2/urls.py index c9482cfff..9e5c8604c 100644 --- a/passbook/api/v2/urls.py +++ b/passbook/api/v2/urls.py @@ -24,7 +24,6 @@ from passbook.policies.expression.api import ExpressionPolicyViewSet from passbook.policies.hibp.api import HaveIBeenPwendPolicyViewSet from passbook.policies.password.api import PasswordPolicyViewSet from passbook.policies.reputation.api import ReputationPolicyViewSet -from passbook.policies.webhook.api import WebhookPolicyViewSet from passbook.providers.app_gw.api import ApplicationGatewayProviderViewSet from passbook.providers.oauth.api import OAuth2ProviderViewSet from passbook.providers.oidc.api import OpenIDProviderViewSet @@ -69,7 +68,6 @@ router.register("policies/haveibeenpwned", HaveIBeenPwendPolicyViewSet) router.register("policies/password", PasswordPolicyViewSet) router.register("policies/passwordexpiry", PasswordExpiryPolicyViewSet) router.register("policies/reputation", ReputationPolicyViewSet) -router.register("policies/webhook", WebhookPolicyViewSet) router.register("providers/all", ProviderViewSet) router.register("providers/applicationgateway", ApplicationGatewayProviderViewSet) diff --git a/passbook/policies/expression/evaluator.py b/passbook/policies/expression/evaluator.py index 38c730c55..afecd9dc0 100644 --- a/passbook/policies/expression/evaluator.py +++ b/passbook/policies/expression/evaluator.py @@ -6,6 +6,7 @@ from django.core.exceptions import ValidationError from jinja2 import Undefined from jinja2.exceptions import TemplateSyntaxError, UndefinedError from jinja2.nativetypes import NativeEnvironment +from requests import Session from structlog import get_logger from passbook.flows.planner import PLAN_CONTEXT_SSO @@ -46,11 +47,6 @@ class Evaluator: """Check if `user` is member of group with name `group_name`""" return user.groups.filter(name=group_name).exists() - @staticmethod - def jinja2_log(message, **kwargs): - """Output debug log to console""" - return LOGGER.debug("Expression log", _m=message, **kwargs) - def _get_expression_context( self, request: PolicyRequest, **kwargs ) -> Dict[str, Any]: @@ -58,8 +54,8 @@ class Evaluator: # update passbook/policies/expression/templates/policy/expression/form.html # update docs/policies/expression/index.md kwargs["pb_is_group_member"] = Evaluator.jinja2_func_is_group_member - kwargs["pb_log"] = Evaluator.jinja2_log kwargs["pb_logger"] = get_logger() + kwargs["requests"] = Session() if request.http_request: kwargs["pb_is_sso_flow"] = request.http_request.session.get( PLAN_CONTEXT_SSO, False diff --git a/passbook/policies/webhook/__init__.py b/passbook/policies/webhook/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/passbook/policies/webhook/api.py b/passbook/policies/webhook/api.py deleted file mode 100644 index 02a84f125..000000000 --- a/passbook/policies/webhook/api.py +++ /dev/null @@ -1,28 +0,0 @@ -"""Source API Views""" -from rest_framework.serializers import ModelSerializer -from rest_framework.viewsets import ModelViewSet - -from passbook.policies.forms import GENERAL_SERIALIZER_FIELDS -from passbook.policies.webhook.models import WebhookPolicy - - -class WebhookPolicySerializer(ModelSerializer): - """Webhook Policy Serializer""" - - class Meta: - model = WebhookPolicy - fields = GENERAL_SERIALIZER_FIELDS + [ - "url", - "method", - "json_body", - "json_headers", - "result_jsonpath", - "result_json_value", - ] - - -class WebhookPolicyViewSet(ModelViewSet): - """Source Viewset""" - - queryset = WebhookPolicy.objects.all() - serializer_class = WebhookPolicySerializer diff --git a/passbook/policies/webhook/apps.py b/passbook/policies/webhook/apps.py deleted file mode 100644 index 7d0ec7b1a..000000000 --- a/passbook/policies/webhook/apps.py +++ /dev/null @@ -1,11 +0,0 @@ -"""passbook Webhook policy app config""" - -from django.apps import AppConfig - - -class PassbookPoliciesWebhookConfig(AppConfig): - """passbook Webhook policy app config""" - - name = "passbook.policies.webhook" - label = "passbook_policies_webhook" - verbose_name = "passbook Policies.Webhook" diff --git a/passbook/policies/webhook/forms.py b/passbook/policies/webhook/forms.py deleted file mode 100644 index 427c1700c..000000000 --- a/passbook/policies/webhook/forms.py +++ /dev/null @@ -1,29 +0,0 @@ -"""passbook Policy forms""" - -from django import forms - -from passbook.policies.forms import GENERAL_FIELDS -from passbook.policies.webhook.models import WebhookPolicy - - -class WebhookPolicyForm(forms.ModelForm): - """WebhookPolicyForm Form""" - - class Meta: - - model = WebhookPolicy - fields = GENERAL_FIELDS + [ - "url", - "method", - "json_body", - "json_headers", - "result_jsonpath", - "result_json_value", - ] - widgets = { - "name": forms.TextInput(), - "json_body": forms.TextInput(), - "json_headers": forms.TextInput(), - "result_jsonpath": forms.TextInput(), - "result_json_value": forms.TextInput(), - } diff --git a/passbook/policies/webhook/migrations/0001_initial.py b/passbook/policies/webhook/migrations/0001_initial.py deleted file mode 100644 index 762766264..000000000 --- a/passbook/policies/webhook/migrations/0001_initial.py +++ /dev/null @@ -1,55 +0,0 @@ -# Generated by Django 2.2.6 on 2019-10-07 14:07 - -import django.db.models.deletion -from django.db import migrations, models - - -class Migration(migrations.Migration): - - initial = True - - dependencies = [ - ("passbook_core", "0001_initial"), - ] - - operations = [ - migrations.CreateModel( - name="WebhookPolicy", - fields=[ - ( - "policy_ptr", - models.OneToOneField( - auto_created=True, - on_delete=django.db.models.deletion.CASCADE, - parent_link=True, - primary_key=True, - serialize=False, - to="passbook_core.Policy", - ), - ), - ("url", models.URLField()), - ( - "method", - models.CharField( - choices=[ - ("GET", "GET"), - ("POST", "POST"), - ("PATCH", "PATCH"), - ("DELETE", "DELETE"), - ("PUT", "PUT"), - ], - max_length=10, - ), - ), - ("json_body", models.TextField()), - ("json_headers", models.TextField()), - ("result_jsonpath", models.TextField()), - ("result_json_value", models.TextField()), - ], - options={ - "verbose_name": "Webhook Policy", - "verbose_name_plural": "Webhook Policies", - }, - bases=("passbook_core.policy",), - ), - ] diff --git a/passbook/policies/webhook/migrations/__init__.py b/passbook/policies/webhook/migrations/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/passbook/policies/webhook/models.py b/passbook/policies/webhook/models.py deleted file mode 100644 index 9e1f29296..000000000 --- a/passbook/policies/webhook/models.py +++ /dev/null @@ -1,42 +0,0 @@ -"""webhook models""" -from django.db import models -from django.utils.translation import gettext as _ - -from passbook.core.models import Policy -from passbook.policies.types import PolicyRequest, PolicyResult - - -class WebhookPolicy(Policy): - """Policy that asks webhook""" - - METHOD_GET = "GET" - METHOD_POST = "POST" - METHOD_PATCH = "PATCH" - METHOD_DELETE = "DELETE" - METHOD_PUT = "PUT" - - METHODS = ( - (METHOD_GET, METHOD_GET), - (METHOD_POST, METHOD_POST), - (METHOD_PATCH, METHOD_PATCH), - (METHOD_DELETE, METHOD_DELETE), - (METHOD_PUT, METHOD_PUT), - ) - - url = models.URLField() - method = models.CharField(max_length=10, choices=METHODS) - json_body = models.TextField() - json_headers = models.TextField() - result_jsonpath = models.TextField() - result_json_value = models.TextField() - - form = "passbook.policies.webhook.forms.WebhookPolicyForm" - - def passes(self, request: PolicyRequest) -> PolicyResult: - """Call webhook asynchronously and report back""" - raise NotImplementedError() - - class Meta: - - verbose_name = _("Webhook Policy") - verbose_name_plural = _("Webhook Policies") diff --git a/passbook/root/settings.py b/passbook/root/settings.py index 4378fdbd8..e3ac2eeec 100644 --- a/passbook/root/settings.py +++ b/passbook/root/settings.py @@ -89,7 +89,6 @@ INSTALLED_APPS = [ "passbook.policies.hibp.apps.PassbookPolicyHIBPConfig", "passbook.policies.password.apps.PassbookPoliciesPasswordConfig", "passbook.policies.reputation.apps.PassbookPolicyReputationConfig", - "passbook.policies.webhook.apps.PassbookPoliciesWebhookConfig", "passbook.providers.app_gw.apps.PassbookApplicationApplicationGatewayConfig", "passbook.providers.oauth.apps.PassbookProviderOAuthConfig", "passbook.providers.oidc.apps.PassbookProviderOIDCConfig", diff --git a/swagger.yaml b/swagger.yaml index 7681d5484..df6c6f150 100755 --- a/swagger.yaml +++ b/swagger.yaml @@ -1710,133 +1710,6 @@ paths: required: true type: string format: uuid - /policies/webhook/: - get: - operationId: policies_webhook_list - description: Source Viewset - parameters: - - name: ordering - in: query - description: Which field to use when ordering the results. - required: false - type: string - - name: search - in: query - description: A search term. - required: false - type: string - - name: limit - in: query - description: Number of results to return per page. - required: false - type: integer - - name: offset - in: query - description: The initial index from which to return the results. - required: false - type: integer - responses: - '200': - description: '' - schema: - required: - - count - - results - type: object - properties: - count: - type: integer - next: - type: string - format: uri - x-nullable: true - previous: - type: string - format: uri - x-nullable: true - results: - type: array - items: - $ref: '#/definitions/WebhookPolicy' - tags: - - policies - post: - operationId: policies_webhook_create - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/WebhookPolicy' - responses: - '201': - description: '' - schema: - $ref: '#/definitions/WebhookPolicy' - tags: - - policies - parameters: [] - /policies/webhook/{uuid}/: - get: - operationId: policies_webhook_read - description: Source Viewset - parameters: [] - responses: - '200': - description: '' - schema: - $ref: '#/definitions/WebhookPolicy' - tags: - - policies - put: - operationId: policies_webhook_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/WebhookPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/WebhookPolicy' - tags: - - policies - patch: - operationId: policies_webhook_partial_update - description: Source Viewset - parameters: - - name: data - in: body - required: true - schema: - $ref: '#/definitions/WebhookPolicy' - responses: - '200': - description: '' - schema: - $ref: '#/definitions/WebhookPolicy' - tags: - - policies - delete: - operationId: policies_webhook_delete - description: Source Viewset - parameters: [] - responses: - '204': - description: '' - tags: - - policies - parameters: - - name: uuid - in: path - description: A UUID string identifying this Webhook Policy. - required: true - type: string - format: uuid /propertymappings/all/: get: operationId: propertymappings_all_list @@ -5422,69 +5295,6 @@ definitions: type: integer maximum: 2147483647 minimum: -2147483648 - WebhookPolicy: - required: - - url - - method - - json_body - - json_headers - - result_jsonpath - - result_json_value - type: object - properties: - pk: - title: Uuid - type: string - format: uuid - readOnly: true - name: - title: Name - type: string - x-nullable: true - negate: - title: Negate - type: boolean - order: - title: Order - type: integer - maximum: 2147483647 - minimum: -2147483648 - timeout: - title: Timeout - type: integer - maximum: 2147483647 - minimum: -2147483648 - url: - title: Url - type: string - format: uri - maxLength: 200 - minLength: 1 - method: - title: Method - type: string - enum: - - GET - - POST - - PATCH - - DELETE - - PUT - json_body: - title: Json body - type: string - minLength: 1 - json_headers: - title: Json headers - type: string - minLength: 1 - result_jsonpath: - title: Result jsonpath - type: string - minLength: 1 - result_json_value: - title: Result json value - type: string - minLength: 1 PropertyMapping: required: - name