authentik.enterprise.policy

Enterprise license policies

View Source

 1"""Enterprise license policies"""
 2
 3from django.utils.translation import gettext_lazy as _
 4
 5from authentik.core.models import User, UserTypes
 6from authentik.enterprise.license import LicenseKey
 7from authentik.policies.types import PolicyResult
 8from authentik.policies.views import PolicyAccessView
 9
10
11class EnterprisePolicyAccessView(PolicyAccessView):
12    """PolicyAccessView which also checks enterprise licensing"""
13
14    def check_license(self):
15        """Check license"""
16        if not LicenseKey.get_total().status().is_valid:
17            return PolicyResult(False, _("Enterprise required to access this feature."))
18        if self.request.user.type != UserTypes.INTERNAL:
19            return PolicyResult(False, _("Feature only accessible for internal users."))
20        return PolicyResult(True)
21
22    def user_has_access(self, user: User | None = None) -> PolicyResult:
23        user = user or self.request.user
24        result = super().user_has_access(user)
25        enterprise_result = self.check_license()
26        if not enterprise_result.passing:
27            return enterprise_result
28        return result
29
30    def resolve_provider_application(self):
31        raise NotImplementedError

class EnterprisePolicyAccessView(authentik.policies.views.PolicyAccessView): View Source

12class EnterprisePolicyAccessView(PolicyAccessView):
13    """PolicyAccessView which also checks enterprise licensing"""
14
15    def check_license(self):
16        """Check license"""
17        if not LicenseKey.get_total().status().is_valid:
18            return PolicyResult(False, _("Enterprise required to access this feature."))
19        if self.request.user.type != UserTypes.INTERNAL:
20            return PolicyResult(False, _("Feature only accessible for internal users."))
21        return PolicyResult(True)
22
23    def user_has_access(self, user: User | None = None) -> PolicyResult:
24        user = user or self.request.user
25        result = super().user_has_access(user)
26        enterprise_result = self.check_license()
27        if not enterprise_result.passing:
28            return enterprise_result
29        return result
30
31    def resolve_provider_application(self):
32        raise NotImplementedError

PolicyAccessView which also checks enterprise licensing

def check_license(self): View Source

15    def check_license(self):
16        """Check license"""
17        if not LicenseKey.get_total().status().is_valid:
18            return PolicyResult(False, _("Enterprise required to access this feature."))
19        if self.request.user.type != UserTypes.INTERNAL:
20            return PolicyResult(False, _("Feature only accessible for internal users."))
21        return PolicyResult(True)

Check license

def user_has_access( self, user: authentik.core.models.User | None = None) -> authentik.policies.types.PolicyResult: View Source

23    def user_has_access(self, user: User | None = None) -> PolicyResult:
24        user = user or self.request.user
25        result = super().user_has_access(user)
26        enterprise_result = self.check_license()
27        if not enterprise_result.passing:
28            return enterprise_result
29        return result

Check if user has access to application.

def resolve_provider_application(self): View Source

31    def resolve_provider_application(self):
32        raise NotImplementedError

Resolve self.provider and self.application. *.DoesNotExist Exceptions cause a normal AccessDenied view to be shown. An Http404 exception is not caught, and will return directly

Inherited Members

authentik.policies.views.PolicyAccessView: provider; application; pre_permission_check; dispatch; handle_no_permission; handle_no_permission_authenticated; modify_policy_request; modify_flow_context