From 42c74d674846545333cd29220419891e749ef169 Mon Sep 17 00:00:00 2001 From: Valentin Deniaud Date: Thu, 11 Aug 2022 18:12:09 +0200 Subject: [PATCH] authenticators: use validator instead of form mixin (#68177) --- src/authentic2/apps/authenticators/forms.py | 14 +------------- .../apps/authenticators/migrations/0001_initial.py | 3 +++ src/authentic2/apps/authenticators/models.py | 3 ++- src/authentic2/utils/evaluate.py | 8 ++++++++ src/authentic2_auth_fc/forms.py | 4 +--- src/authentic2_auth_oidc/forms.py | 4 +--- src/authentic2_auth_saml/forms.py | 4 +--- 7 files changed, 17 insertions(+), 23 deletions(-) diff --git a/src/authentic2/apps/authenticators/forms.py b/src/authentic2/apps/authenticators/forms.py index c57af967..a13da33b 100644 --- a/src/authentic2/apps/authenticators/forms.py +++ b/src/authentic2/apps/authenticators/forms.py @@ -20,22 +20,10 @@ from django.db.models import Max from django.utils.translation import ugettext as _ from authentic2.forms.mixins import SlugMixin -from authentic2.utils.evaluate import ExpressionError, validate_condition from .models import BaseAuthenticator, LoginPasswordAuthenticator -class AuthenticatorFormMixin: - def clean_show_condition(self): - condition = self.cleaned_data['show_condition'] - if condition: - try: - validate_condition(condition) - except ExpressionError as e: - raise ValidationError(e.message) - return condition - - class AuthenticatorsOrderForm(forms.Form): order = forms.CharField(widget=forms.HiddenInput) @@ -67,7 +55,7 @@ class AuthenticatorAddForm(SlugMixin, forms.ModelForm): return super().save() -class LoginPasswordAuthenticatorEditForm(AuthenticatorFormMixin, forms.ModelForm): +class LoginPasswordAuthenticatorEditForm(forms.ModelForm): class Meta: model = LoginPasswordAuthenticator exclude = ('name', 'slug', 'ou', 'button_label') diff --git a/src/authentic2/apps/authenticators/migrations/0001_initial.py b/src/authentic2/apps/authenticators/migrations/0001_initial.py index 3be40e3a..5d859082 100644 --- a/src/authentic2/apps/authenticators/migrations/0001_initial.py +++ b/src/authentic2/apps/authenticators/migrations/0001_initial.py @@ -6,6 +6,8 @@ import django.db.models.deletion from django.conf import settings from django.db import migrations, models +import authentic2.utils.evaluate + class Migration(migrations.Migration): @@ -42,6 +44,7 @@ class Migration(migrations.Migration): ), max_length=1024, verbose_name='Show condition', + validators=[authentic2.utils.evaluate.condition_validator], ), ), ( diff --git a/src/authentic2/apps/authenticators/models.py b/src/authentic2/apps/authenticators/models.py index afaff697..95f9fe49 100644 --- a/src/authentic2/apps/authenticators/models.py +++ b/src/authentic2/apps/authenticators/models.py @@ -26,7 +26,7 @@ from django.utils.text import capfirst from django.utils.translation import ugettext_lazy as _ from authentic2 import views -from authentic2.utils.evaluate import evaluate_condition +from authentic2.utils.evaluate import condition_validator, evaluate_condition from .query import AuthenticatorManager @@ -57,6 +57,7 @@ class BaseAuthenticator(models.Model): 'except if they come from the specified IP address. Available variables include ' 'service_ou_slug, service_slug, remote_addr, login_hint and headers.' ), + validators=[condition_validator], ) button_description = models.CharField( _('Login button description'), diff --git a/src/authentic2/utils/evaluate.py b/src/authentic2/utils/evaluate.py index f12bbe62..75ad3900 100644 --- a/src/authentic2/utils/evaluate.py +++ b/src/authentic2/utils/evaluate.py @@ -281,6 +281,14 @@ class ConditionValidator(BaseExpressionValidator): validate_condition = ConditionValidator() + +def condition_validator(value): + try: + validate_condition(value) + except ExpressionError as e: + raise ValidationError(e.message) + + condition_safe_globals = { '__builtins__': { 'True': True, diff --git a/src/authentic2_auth_fc/forms.py b/src/authentic2_auth_fc/forms.py index b941cab6..1550f299 100644 --- a/src/authentic2_auth_fc/forms.py +++ b/src/authentic2_auth_fc/forms.py @@ -17,12 +17,10 @@ from django import forms from django.utils.translation import ugettext_lazy as _ -from authentic2.apps.authenticators.forms import AuthenticatorFormMixin - from .models import SCOPE_CHOICES, FcAuthenticator -class FcAuthenticatorForm(AuthenticatorFormMixin, forms.ModelForm): +class FcAuthenticatorForm(forms.ModelForm): scopes = forms.MultipleChoiceField( label=_('Scopes'), choices=SCOPE_CHOICES, diff --git a/src/authentic2_auth_oidc/forms.py b/src/authentic2_auth_oidc/forms.py index ec752f23..d43bd036 100644 --- a/src/authentic2_auth_oidc/forms.py +++ b/src/authentic2_auth_oidc/forms.py @@ -16,12 +16,10 @@ from django import forms -from authentic2.apps.authenticators.forms import AuthenticatorFormMixin - from .models import OIDCProvider -class OIDCProviderEditForm(AuthenticatorFormMixin, forms.ModelForm): +class OIDCProviderEditForm(forms.ModelForm): class Meta: model = OIDCProvider fields = '__all__' diff --git a/src/authentic2_auth_saml/forms.py b/src/authentic2_auth_saml/forms.py index 9b26cb67..5831d33c 100644 --- a/src/authentic2_auth_saml/forms.py +++ b/src/authentic2_auth_saml/forms.py @@ -16,12 +16,10 @@ from django import forms -from authentic2.apps.authenticators.forms import AuthenticatorFormMixin - from .models import SAMLAuthenticator -class SAMLAuthenticatorForm(AuthenticatorFormMixin, forms.ModelForm): +class SAMLAuthenticatorForm(forms.ModelForm): class Meta: model = SAMLAuthenticator exclude = ('ou',) -- 2.30.2