authentik.policies.denied
policy http response
1"""policy http response""" 2 3from typing import Any 4 5from django.http.request import HttpRequest 6from django.template.response import TemplateResponse 7from django.urls import reverse 8from django.utils.translation import gettext as _ 9 10from authentik.core.models import USER_ATTRIBUTE_DEBUG 11from authentik.policies.types import PolicyResult 12 13 14class AccessDeniedResponse(TemplateResponse): 15 """Response used for access denied messages. Can optionally show an error message, 16 and if the user is a superuser or has user_debug enabled, shows a policy result.""" 17 18 title: str 19 20 error_message: str | None = None 21 policy_result: PolicyResult | None = None 22 23 def __init__(self, request: HttpRequest, template="policies/denied.html") -> None: 24 super().__init__(request, template) 25 self.title = _("Access denied") 26 27 def resolve_context(self, context: dict[str, Any] | None) -> dict[str, Any] | None: 28 if not context: 29 context = {} 30 context["title"] = self.title 31 if self.error_message: 32 context["error"] = self.error_message 33 # Only show policy result if user is authenticated and 34 # either superuser or has USER_ATTRIBUTE_DEBUG set 35 if self.policy_result: 36 if self._request.user and self._request.user.is_authenticated: 37 if self._request.user.is_superuser or self._request.user.group_attributes( 38 self._request 39 ).get(USER_ATTRIBUTE_DEBUG, False): 40 context["policy_result"] = self.policy_result 41 context["cancel"] = reverse("authentik_flows:cancel") 42 return context
class
AccessDeniedResponse(django.template.response.TemplateResponse):
15class AccessDeniedResponse(TemplateResponse): 16 """Response used for access denied messages. Can optionally show an error message, 17 and if the user is a superuser or has user_debug enabled, shows a policy result.""" 18 19 title: str 20 21 error_message: str | None = None 22 policy_result: PolicyResult | None = None 23 24 def __init__(self, request: HttpRequest, template="policies/denied.html") -> None: 25 super().__init__(request, template) 26 self.title = _("Access denied") 27 28 def resolve_context(self, context: dict[str, Any] | None) -> dict[str, Any] | None: 29 if not context: 30 context = {} 31 context["title"] = self.title 32 if self.error_message: 33 context["error"] = self.error_message 34 # Only show policy result if user is authenticated and 35 # either superuser or has USER_ATTRIBUTE_DEBUG set 36 if self.policy_result: 37 if self._request.user and self._request.user.is_authenticated: 38 if self._request.user.is_superuser or self._request.user.group_attributes( 39 self._request 40 ).get(USER_ATTRIBUTE_DEBUG, False): 41 context["policy_result"] = self.policy_result 42 context["cancel"] = reverse("authentik_flows:cancel") 43 return context
Response used for access denied messages. Can optionally show an error message, and if the user is a superuser or has user_debug enabled, shows a policy result.
def
resolve_context(self, context: dict[str, Any] | None) -> dict[str, Any] | None:
28 def resolve_context(self, context: dict[str, Any] | None) -> dict[str, Any] | None: 29 if not context: 30 context = {} 31 context["title"] = self.title 32 if self.error_message: 33 context["error"] = self.error_message 34 # Only show policy result if user is authenticated and 35 # either superuser or has USER_ATTRIBUTE_DEBUG set 36 if self.policy_result: 37 if self._request.user and self._request.user.is_authenticated: 38 if self._request.user.is_superuser or self._request.user.group_attributes( 39 self._request 40 ).get(USER_ATTRIBUTE_DEBUG, False): 41 context["policy_result"] = self.policy_result 42 context["cancel"] = reverse("authentik_flows:cancel") 43 return context