def assert_user(self, expected_user: User):
"""Check users/me API and assert it matches expected_user"""
self.driver.get(self.url("authentik_api:user-me") + "?format=json")
user_json = self.driver.find_element(By.CSS_SELECTOR, "pre").text
user = UserSerializer(data=json.loads(user_json)["user"])
user.is_valid()
self.assertEqual(user["username"].value, expected_user.username)
self.assertEqual(user["name"].value, expected_user.name)
self.assertEqual(user["email"].value, expected_user.email)
class TokenSerializer(ManagedSerializer, ModelSerializer):
"""Token Serializer"""
user_obj = UserSerializer(required=False, source="user")
def validate(self, attrs: dict[Any, str]) -> dict[Any, str]:
"""Ensure only API or App password tokens are created."""
request: Request = self.context["request"]
attrs.setdefault("user", request.user)
attrs.setdefault("intent", TokenIntents.INTENT_API)
if attrs.get("intent") not in [
TokenIntents.INTENT_API, TokenIntents.INTENT_APP_PASSWORD
]:
raise ValidationError(f"Invalid intent {attrs.get('intent')}")
return attrs
class Meta:
model = Token
fields = [
"pk",
"managed",
"identifier",
"intent",
"user",
"user_obj",
"description",
"expires",
"expiring",
]
extra_kwargs = {
"user": {
"required": False
},
}
class UserConsentSerializer(StageSerializer):
"""UserConsent Serializer"""
user = UserSerializer()
application = ApplicationSerializer()
class Meta:
model = UserConsent
fields = ["pk", "expires", "user", "application"]
class ExpiringBaseGrantModelSerializer(ModelSerializer, MetaNameSerializer):
"""Serializer for BaseGrantModel and ExpiringBaseGrant"""
user = UserSerializer()
provider = OAuth2ProviderSerializer()
scope = ListField(child=CharField())
class Meta:
model = AuthorizationCode
fields = ["pk", "provider", "user", "is_expired", "expires", "scope"]
depth = 2
class PolicyBindingSerializer(ModelSerializer):
"""PolicyBinding Serializer"""
# Because we're not interested in the PolicyBindingModel's PK but rather the subclasses PK,
# we have to manually declare this field
target = PolicyBindingModelForeignKey(
queryset=PolicyBindingModel.objects.select_subclasses(),
required=True,
)
policy_obj = PolicySerializer(required=False,
read_only=True,
source="policy")
group_obj = GroupSerializer(required=False, read_only=True, source="group")
user_obj = UserSerializer(required=False, read_only=True, source="user")
class Meta:
model = PolicyBinding
fields = [
"pk",
"policy",
"group",
"user",
"policy_obj",
"group_obj",
"user_obj",
"target",
"enabled",
"order",
"timeout",
]
def validate(self, data: OrderedDict) -> OrderedDict:
"""Check that either policy, group or user is set."""
count = sum([
bool(data.get("policy", None)),
bool(data.get("group", None)),
bool(data.get("user", None)),
])
invalid = count > 1
empty = count < 1
if invalid:
raise ValidationError(
"Only one of 'policy', 'group' or 'user' can be set.")
if empty:
raise ValidationError(
"One of 'policy', 'group' or 'user' must be set.")
return data
class InvitationSerializer(ModelSerializer):
"""Invitation Serializer"""
created_by = UserSerializer(read_only=True)
fixed_data = JSONField(validators=[is_dict], required=False)
class Meta:
model = Invitation
fields = [
"pk",
"expires",
"fixed_data",
"created_by",
"single_use",
]
class TokenSerializer(ManagedSerializer, ModelSerializer):
"""Token Serializer"""
user = UserSerializer(required=False)
class Meta:
model = Token
fields = [
"pk",
"managed",
"identifier",
"intent",
"user",
"description",
"expires",
"expiring",
]
depth = 2