misc: squash all migrations (#40685)
The process was: * unset settings.AUTH_USER_MODEL to prevent dependency from django.contrib.auth toward authentic2.custom_user, * run "makemigrations --replace-all --name replace", * remove old migrations, * reset settings.AUTH_USER_MODEL.
This commit is contained in:
parent
a69db02eec
commit
56eea91946
|
@ -0,0 +1,286 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.contrib.postgres.fields
|
||||
import django.core.validators
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2.a2_rbac.fields
|
||||
import authentic2.a2_rbac.utils
|
||||
import authentic2.validators
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('a2_rbac', '0001_initial'),
|
||||
('a2_rbac', '0002_role_external_id'),
|
||||
('a2_rbac', '0003_partial_unique_index_on_name_and_slug'),
|
||||
('a2_rbac', '0004_auto_20150523_0028'),
|
||||
('a2_rbac', '0005_auto_20150526_1406'),
|
||||
('a2_rbac', '0006_auto_20150619_1056'),
|
||||
('a2_rbac', '0007_auto_20150708_1337'),
|
||||
('a2_rbac', '0008_auto_20150810_1953'),
|
||||
('a2_rbac', '0009_partial_unique_index_on_permission'),
|
||||
('a2_rbac', '0010_auto_20160209_1417'),
|
||||
('a2_rbac', '0011_auto_20160209_1511'),
|
||||
('a2_rbac', '0013_auto_20170629_0007'),
|
||||
('a2_rbac', '0014_auto_20170711_1024'),
|
||||
('a2_rbac', '0015_organizationalunit_validate_emails'),
|
||||
('a2_rbac', '0016_auto_20171208_1429'),
|
||||
('a2_rbac', '0017_organizationalunit_user_can_reset_password'),
|
||||
('a2_rbac', '0018_organizationalunit_user_add_password_policy'),
|
||||
('a2_rbac', '0019_organizationalunit_show_username'),
|
||||
('a2_rbac', '0020_partial_unique_index_on_name'),
|
||||
('a2_rbac', '0021_auto_20200317_1514'),
|
||||
('a2_rbac', '0022_auto_20200402_1101'),
|
||||
('a2_rbac', '0023_role_can_manage_members'),
|
||||
('a2_rbac', '0024_fix_self_admin_perm'),
|
||||
('a2_rbac', '0025_auto_20210622_1132'),
|
||||
('a2_rbac', '0026_add_roleparenting_soft_delete'),
|
||||
('a2_rbac', '0026_organizationalunit_check_required_on_login_attributes'),
|
||||
('a2_rbac', '0027_auto_20211213_0949'),
|
||||
('a2_rbac', '0027_auto_20220331_1521'),
|
||||
('a2_rbac', '0028_ou_home_url'),
|
||||
('a2_rbac', '0029_use_unique_constraints'),
|
||||
('a2_rbac', '0030_organizationalunit_min_password_strength'),
|
||||
('a2_rbac', '0031_new_operation_model'),
|
||||
('a2_rbac', '0032_copy_operations_data'),
|
||||
('a2_rbac', '0033_remove_old_operation_fk'),
|
||||
('a2_rbac', '0034_new_role_fields'),
|
||||
('a2_rbac', '0035_populate_role_fields'),
|
||||
('a2_rbac', '0036_delete_roleattribute'),
|
||||
('a2_rbac', '0037_remove_organizationalunit_min_password_strength'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('contenttypes', '0002_remove_content_type_name'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='Operation',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('slug', models.CharField(max_length=32, unique=True, verbose_name='slug')),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='OrganizationalUnit',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'uuid',
|
||||
models.CharField(
|
||||
default=authentic2.a2_rbac.utils.get_hex_uuid,
|
||||
max_length=32,
|
||||
unique=True,
|
||||
verbose_name='uuid',
|
||||
),
|
||||
),
|
||||
('name', models.CharField(max_length=256, verbose_name='name')),
|
||||
('slug', models.SlugField(max_length=256, verbose_name='slug')),
|
||||
('description', models.TextField(blank=True, verbose_name='description')),
|
||||
(
|
||||
'username_is_unique',
|
||||
models.BooleanField(blank=True, default=False, verbose_name='Username is unique'),
|
||||
),
|
||||
(
|
||||
'email_is_unique',
|
||||
models.BooleanField(blank=True, default=False, verbose_name='Email is unique'),
|
||||
),
|
||||
(
|
||||
'default',
|
||||
authentic2.a2_rbac.fields.UniqueBooleanField(verbose_name='Default organizational unit'),
|
||||
),
|
||||
(
|
||||
'validate_emails',
|
||||
models.BooleanField(blank=True, default=False, verbose_name='Validate emails'),
|
||||
),
|
||||
(
|
||||
'show_username',
|
||||
models.BooleanField(blank=True, default=True, verbose_name='Show username'),
|
||||
),
|
||||
(
|
||||
'check_required_on_login_attributes',
|
||||
models.BooleanField(
|
||||
blank=True, default=True, verbose_name='Check required on login attributes'
|
||||
),
|
||||
),
|
||||
(
|
||||
'user_can_reset_password',
|
||||
models.BooleanField(
|
||||
blank=True,
|
||||
choices=[(None, 'System default'), (True, 'Yes'), (False, 'No')],
|
||||
default=None,
|
||||
null=True,
|
||||
verbose_name='Users can reset password',
|
||||
),
|
||||
),
|
||||
(
|
||||
'user_add_password_policy',
|
||||
models.IntegerField(
|
||||
choices=[(0, 'Send reset link'), (1, 'Manual password definition')],
|
||||
default=0,
|
||||
verbose_name='User creation password policy',
|
||||
),
|
||||
),
|
||||
(
|
||||
'clean_unused_accounts_alert',
|
||||
models.PositiveIntegerField(
|
||||
blank=True,
|
||||
default=730,
|
||||
null=True,
|
||||
validators=[
|
||||
django.core.validators.MinValueValidator(
|
||||
30,
|
||||
'Ensure that this value is greater than 30 days, or leave blank for deactivating.',
|
||||
)
|
||||
],
|
||||
verbose_name='Days after which the user receives an account deletion alert',
|
||||
),
|
||||
),
|
||||
(
|
||||
'clean_unused_accounts_deletion',
|
||||
models.PositiveIntegerField(
|
||||
blank=True,
|
||||
default=760,
|
||||
null=True,
|
||||
validators=[
|
||||
django.core.validators.MinValueValidator(
|
||||
30,
|
||||
'Ensure that this value is greater than 30 days, or leave blank for deactivating.',
|
||||
)
|
||||
],
|
||||
verbose_name='Delay in days before cleaning unused accounts',
|
||||
),
|
||||
),
|
||||
('home_url', models.URLField(blank=True, max_length=256, null=True, verbose_name='Home URL')),
|
||||
('logo', models.ImageField(blank=True, upload_to='services/logos', verbose_name='Logo')),
|
||||
(
|
||||
'colour',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
max_length=32,
|
||||
null=True,
|
||||
validators=[authentic2.validators.HexaColourValidator()],
|
||||
verbose_name='Colour',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'organizational unit',
|
||||
'verbose_name_plural': 'organizational units',
|
||||
'ordering': ('name',),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Permission',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('target_id', models.PositiveIntegerField()),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'permission',
|
||||
'verbose_name_plural': 'permissions',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Role',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'uuid',
|
||||
models.CharField(
|
||||
default=authentic2.a2_rbac.utils.get_hex_uuid,
|
||||
max_length=32,
|
||||
unique=True,
|
||||
verbose_name='uuid',
|
||||
),
|
||||
),
|
||||
('slug', models.SlugField(max_length=256, verbose_name='slug')),
|
||||
('description', models.TextField(blank=True, verbose_name='description')),
|
||||
('name', models.TextField(verbose_name='name')),
|
||||
('details', models.TextField(blank=True, verbose_name='Role details (frontoffice)')),
|
||||
(
|
||||
'emails',
|
||||
django.contrib.postgres.fields.ArrayField(
|
||||
base_field=models.EmailField(max_length=254), default=list, size=None
|
||||
),
|
||||
),
|
||||
('emails_to_members', models.BooleanField(default=True, verbose_name='Emails to members')),
|
||||
('is_superuser', models.BooleanField(default=False)),
|
||||
(
|
||||
'admin_scope_id',
|
||||
models.PositiveIntegerField(
|
||||
blank=True, null=True, verbose_name='administrative scope id'
|
||||
),
|
||||
),
|
||||
('external_id', models.TextField(blank=True, db_index=True, verbose_name='external id')),
|
||||
(
|
||||
'can_manage_members',
|
||||
models.BooleanField(default=True, verbose_name='Allow adding or deleting role members'),
|
||||
),
|
||||
(
|
||||
'admin_scope_ct',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='contenttypes.contenttype',
|
||||
verbose_name='administrative scope content type',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'role',
|
||||
'verbose_name_plural': 'roles',
|
||||
'ordering': ('ou', 'service', 'name'),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='RoleParenting',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('direct', models.BooleanField(blank=True, default=True)),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='Creation date')),
|
||||
('deleted', models.DateTimeField(null=True, verbose_name='Deletion date')),
|
||||
(
|
||||
'child',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='parent_relation',
|
||||
to='a2_rbac.role',
|
||||
),
|
||||
),
|
||||
(
|
||||
'parent',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='child_relation',
|
||||
to='a2_rbac.role',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'role parenting relation',
|
||||
'verbose_name_plural': 'role parenting relations',
|
||||
},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,209 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('a2_rbac', '0001_initial'),
|
||||
('a2_rbac', '0002_role_external_id'),
|
||||
('a2_rbac', '0003_partial_unique_index_on_name_and_slug'),
|
||||
('a2_rbac', '0004_auto_20150523_0028'),
|
||||
('a2_rbac', '0005_auto_20150526_1406'),
|
||||
('a2_rbac', '0006_auto_20150619_1056'),
|
||||
('a2_rbac', '0007_auto_20150708_1337'),
|
||||
('a2_rbac', '0008_auto_20150810_1953'),
|
||||
('a2_rbac', '0009_partial_unique_index_on_permission'),
|
||||
('a2_rbac', '0010_auto_20160209_1417'),
|
||||
('a2_rbac', '0011_auto_20160209_1511'),
|
||||
('a2_rbac', '0013_auto_20170629_0007'),
|
||||
('a2_rbac', '0014_auto_20170711_1024'),
|
||||
('a2_rbac', '0015_organizationalunit_validate_emails'),
|
||||
('a2_rbac', '0016_auto_20171208_1429'),
|
||||
('a2_rbac', '0017_organizationalunit_user_can_reset_password'),
|
||||
('a2_rbac', '0018_organizationalunit_user_add_password_policy'),
|
||||
('a2_rbac', '0019_organizationalunit_show_username'),
|
||||
('a2_rbac', '0020_partial_unique_index_on_name'),
|
||||
('a2_rbac', '0021_auto_20200317_1514'),
|
||||
('a2_rbac', '0022_auto_20200402_1101'),
|
||||
('a2_rbac', '0023_role_can_manage_members'),
|
||||
('a2_rbac', '0024_fix_self_admin_perm'),
|
||||
('a2_rbac', '0025_auto_20210622_1132'),
|
||||
('a2_rbac', '0026_add_roleparenting_soft_delete'),
|
||||
('a2_rbac', '0026_organizationalunit_check_required_on_login_attributes'),
|
||||
('a2_rbac', '0027_auto_20211213_0949'),
|
||||
('a2_rbac', '0027_auto_20220331_1521'),
|
||||
('a2_rbac', '0028_ou_home_url'),
|
||||
('a2_rbac', '0029_use_unique_constraints'),
|
||||
('a2_rbac', '0030_organizationalunit_min_password_strength'),
|
||||
('a2_rbac', '0031_new_operation_model'),
|
||||
('a2_rbac', '0032_copy_operations_data'),
|
||||
('a2_rbac', '0033_remove_old_operation_fk'),
|
||||
('a2_rbac', '0034_new_role_fields'),
|
||||
('a2_rbac', '0035_populate_role_fields'),
|
||||
('a2_rbac', '0036_delete_roleattribute'),
|
||||
('a2_rbac', '0037_remove_organizationalunit_min_password_strength'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('a2_rbac', '0038_replace'),
|
||||
('custom_user', '0037_replace'),
|
||||
('contenttypes', '0002_remove_content_type_name'),
|
||||
('authentic2', '0051_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='role',
|
||||
name='members',
|
||||
field=models.ManyToManyField(blank=True, related_name='roles', to='custom_user.User'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='role',
|
||||
name='ou',
|
||||
field=models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='a2_rbac.organizationalunit',
|
||||
verbose_name='organizational unit',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='role',
|
||||
name='permissions',
|
||||
field=models.ManyToManyField(blank=True, related_name='roles', to='a2_rbac.Permission'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='role',
|
||||
name='service',
|
||||
field=models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='roles',
|
||||
to='authentic2.service',
|
||||
verbose_name='service',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='permission',
|
||||
name='operation',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE, to='a2_rbac.operation', verbose_name='operation'
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='permission',
|
||||
name='ou',
|
||||
field=models.ForeignKey(
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='scoped_permission',
|
||||
to='a2_rbac.organizationalunit',
|
||||
verbose_name='organizational unit',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='permission',
|
||||
name='target_ct',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE, related_name='+', to='contenttypes.contenttype'
|
||||
),
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='organizationalunit',
|
||||
unique_together={('name',), ('slug',)},
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='roleparenting',
|
||||
unique_together={('parent', 'child', 'direct')},
|
||||
),
|
||||
migrations.AlterIndexTogether(
|
||||
name='roleparenting',
|
||||
index_together={('child', 'parent', 'direct')},
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('admin_scope_ct__isnull', True)),
|
||||
fields=('ou', 'service', 'slug'),
|
||||
name='slug_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('admin_scope_ct__isnull', True)),
|
||||
fields=('ou', 'service', 'name'),
|
||||
name='name_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('admin_scope_ct__isnull', True), ('service__isnull', True)),
|
||||
fields=('ou', 'slug'),
|
||||
name='null_service_slug_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('admin_scope_ct__isnull', True), ('ou__isnull', True)),
|
||||
fields=('service', 'slug'),
|
||||
name='null_ou_slug_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(
|
||||
('admin_scope_ct__isnull', True), ('ou__isnull', True), ('service__isnull', True)
|
||||
),
|
||||
fields=('slug',),
|
||||
name='null_ou_service_slug_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('admin_scope_ct__isnull', True), ('service__isnull', True)),
|
||||
fields=('ou', 'name'),
|
||||
name='null_service_name_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('admin_scope_ct__isnull', True), ('ou__isnull', True)),
|
||||
fields=('service', 'name'),
|
||||
name='null_ou_name_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='role',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(
|
||||
('admin_scope_ct__isnull', True), ('ou__isnull', True), ('service__isnull', True)
|
||||
),
|
||||
fields=('name',),
|
||||
name='null_ou_service_name_uniq_idx',
|
||||
),
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='role',
|
||||
unique_together={('admin_scope_ct', 'admin_scope_id')},
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='permission',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('ou__isnull', True)),
|
||||
fields=('operation', 'target_ct', 'target_id'),
|
||||
name='null_ou_uniq_idx',
|
||||
),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,317 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import uuid
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2.utils.evaluate
|
||||
import authentic2.utils.template
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authenticators', '0001_initial'),
|
||||
('authenticators', '0002_loginpasswordauthenticator'),
|
||||
('authenticators', '0003_auto_20220413_1504'),
|
||||
('authenticators', '0004_auto_20220726_1708'),
|
||||
('authenticators', '0005_addroleaction'),
|
||||
('authenticators', '0006_loginpasswordauthenticator_registration_open'),
|
||||
('authenticators', '0007_migrate_registration_open'),
|
||||
('authenticators', '0008_new_password_settings_fields'),
|
||||
('authenticators', '0009_migrate_new_password_settings'),
|
||||
('authenticators', '0010_auto_20230614_1017'),
|
||||
('authenticators', '0011_migrate_a2_accept_authentication_settings'),
|
||||
('authenticators', '0012_loginpasswordauthenticator_min_password_strength'),
|
||||
('authenticators', '0013_migrate_min_password_strength'),
|
||||
('authenticators', '0014_auto_20230801_1517'),
|
||||
('authenticators', '0015_alter_baseauthenticator_button_label'),
|
||||
('authenticators', '0016_alter_addroleaction_condition'),
|
||||
('authenticators', '0017_auto_20230927_1517'),
|
||||
('authenticators', '0018_auto_20230927_1519'),
|
||||
('authenticators', '0019_fix_addroleaction_condition'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('a2_rbac', '0038_replace'),
|
||||
('authentic2', '0051_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='BaseAuthenticator',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('uuid', models.CharField(default=uuid.uuid4, editable=False, max_length=255, unique=True)),
|
||||
('name', models.CharField(blank=True, max_length=128, verbose_name='Name')),
|
||||
('slug', models.SlugField(unique=True)),
|
||||
('order', models.IntegerField(default=0, editable=False, verbose_name='Order')),
|
||||
('enabled', models.BooleanField(default=False, editable=False)),
|
||||
(
|
||||
'show_condition',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
default='',
|
||||
help_text='Django template controlling authenticator display. For example, "\'backoffice\' in login_hint or '
|
||||
'remote_addr == \'1.2.3.4\'" would hide the authenticator from normal users except if they come from the specified IP '
|
||||
'address. Available variables include service_ou_slug, service_slug, remote_addr, login_hint and headers.',
|
||||
max_length=1024,
|
||||
validators=[authentic2.utils.evaluate.condition_validator],
|
||||
verbose_name='Show condition',
|
||||
),
|
||||
),
|
||||
(
|
||||
'button_description',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
help_text='Description will be shown at the top of login block (unless already set by theme).',
|
||||
max_length=256,
|
||||
verbose_name='Login block description',
|
||||
),
|
||||
),
|
||||
(
|
||||
'button_label',
|
||||
models.CharField(default='Login', max_length=256, verbose_name='Login button label'),
|
||||
),
|
||||
(
|
||||
'ou',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='a2_rbac.organizationalunit',
|
||||
verbose_name='organizational unit',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'ordering': ('-enabled', 'order', 'name', 'slug', 'ou'),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='AddRoleAction',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'mandatory',
|
||||
models.BooleanField(default=False, editable=False, verbose_name='Mandatory (unused)'),
|
||||
),
|
||||
(
|
||||
'condition',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
default='',
|
||||
help_text='Django template controlling role attribution. For example, "\'Admin\' in attributes.groups" will '
|
||||
'attribute the role if attributes has "groups" attribute containing the value "Admin". Variable "attributes" contains '
|
||||
'the attributes received from the identity provider.If condition is not satisfied the role will be removed.',
|
||||
max_length=1024,
|
||||
validators=[authentic2.utils.template.validate_condition_template],
|
||||
verbose_name='Condition',
|
||||
),
|
||||
),
|
||||
(
|
||||
'authenticator',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='add_role_actions',
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
(
|
||||
'role',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='add_role_actions',
|
||||
to='a2_rbac.role',
|
||||
verbose_name='Role',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'Add a role',
|
||||
'verbose_name_plural': 'Add roles',
|
||||
'default_related_name': 'add_role_actions',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LoginPasswordAuthenticator',
|
||||
fields=[
|
||||
(
|
||||
'baseauthenticator_ptr',
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
(
|
||||
'registration_open',
|
||||
models.BooleanField(
|
||||
default=True,
|
||||
help_text='Allow users to create accounts.',
|
||||
verbose_name='Registration open',
|
||||
),
|
||||
),
|
||||
(
|
||||
'remember_me',
|
||||
models.PositiveIntegerField(
|
||||
blank=True,
|
||||
help_text='Session duration as seconds when using the remember me checkbox. Leave blank to hide the checkbox.',
|
||||
null=True,
|
||||
verbose_name='Remember me duration',
|
||||
),
|
||||
),
|
||||
(
|
||||
'include_ou_selector',
|
||||
models.BooleanField(default=False, verbose_name='Include OU selector in login form'),
|
||||
),
|
||||
(
|
||||
'accept_email_authentication',
|
||||
models.BooleanField(
|
||||
default=True, verbose_name='Let the users identify with their email address'
|
||||
),
|
||||
),
|
||||
(
|
||||
'accept_phone_authentication',
|
||||
models.BooleanField(
|
||||
default=False, verbose_name='Let the users identify with their phone number'
|
||||
),
|
||||
),
|
||||
(
|
||||
'min_password_strength',
|
||||
models.IntegerField(
|
||||
blank=True,
|
||||
choices=[
|
||||
(None, 'Follow static checks'),
|
||||
(0, 'Very Weak'),
|
||||
(1, 'Weak'),
|
||||
(2, 'Fair'),
|
||||
(3, 'Good'),
|
||||
(4, 'Strong'),
|
||||
],
|
||||
default=3,
|
||||
help_text='Password strength, using dynamic indicators such as common names, dates and other popular patterns. Selecting '
|
||||
'"static checks" will instead validate that a password contains enough different kind of caracters. Password indicator on '
|
||||
'registration form will reflect the chosen policy.',
|
||||
null=True,
|
||||
verbose_name='Minimum password strength',
|
||||
),
|
||||
),
|
||||
(
|
||||
'password_min_length',
|
||||
models.PositiveIntegerField(default=8, null=True, verbose_name='Password minimum length'),
|
||||
),
|
||||
(
|
||||
'password_regex',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
default='',
|
||||
max_length=512,
|
||||
verbose_name='Regular expression for validating passwords',
|
||||
),
|
||||
),
|
||||
(
|
||||
'password_regex_error_msg',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
default='',
|
||||
max_length=1024,
|
||||
verbose_name='Error message to show when the password do not validate the regular expression',
|
||||
),
|
||||
),
|
||||
(
|
||||
'login_exponential_retry_timeout_duration',
|
||||
models.FloatField(
|
||||
default=1,
|
||||
help_text='Exponential backoff base factor duration as seconds until next try after a login failure.',
|
||||
verbose_name='Retry timeout duration',
|
||||
),
|
||||
),
|
||||
(
|
||||
'login_exponential_retry_timeout_factor',
|
||||
models.FloatField(
|
||||
default=1.8,
|
||||
help_text='Exponential backoff factor duration as seconds until next try after a login failure.',
|
||||
verbose_name='Retry timeout factor',
|
||||
),
|
||||
),
|
||||
(
|
||||
'login_exponential_retry_timeout_max_duration',
|
||||
models.PositiveIntegerField(
|
||||
default=3600,
|
||||
help_text='Maximum exponential backoff maximum duration as seconds until next try after a login failure.',
|
||||
verbose_name='Retry timeout max duration',
|
||||
),
|
||||
),
|
||||
(
|
||||
'login_exponential_retry_timeout_min_duration',
|
||||
models.PositiveIntegerField(
|
||||
default=10,
|
||||
help_text='Minimum exponential backoff maximum duration as seconds until next try after a login failure.',
|
||||
verbose_name='Retry timeout min duration',
|
||||
),
|
||||
),
|
||||
(
|
||||
'emails_ip_ratelimit',
|
||||
models.CharField(
|
||||
default='10/h',
|
||||
help_text='Maximum rate of email sendings triggered by the same IP address.',
|
||||
max_length=32,
|
||||
verbose_name='Emails IP ratelimit',
|
||||
),
|
||||
),
|
||||
(
|
||||
'sms_ip_ratelimit',
|
||||
models.CharField(
|
||||
default='10/h',
|
||||
help_text='Maximum rate of SMSs triggered by the same IP address.',
|
||||
max_length=32,
|
||||
verbose_name='SMS IP ratelimit',
|
||||
),
|
||||
),
|
||||
(
|
||||
'emails_address_ratelimit',
|
||||
models.CharField(
|
||||
default='3/d',
|
||||
help_text='Maximum rate of emails sent to the same email address.',
|
||||
max_length=32,
|
||||
verbose_name='Emails address ratelimit',
|
||||
),
|
||||
),
|
||||
(
|
||||
'sms_number_ratelimit',
|
||||
models.CharField(
|
||||
default='10/h',
|
||||
help_text='Maximum rate of SMSs sent to the same phone number.',
|
||||
max_length=32,
|
||||
verbose_name='SMS number ratelimit',
|
||||
),
|
||||
),
|
||||
(
|
||||
'phone_identifier_field',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.PROTECT,
|
||||
to='authentic2.attribute',
|
||||
verbose_name='Phone field used as user identifier',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'Password',
|
||||
},
|
||||
bases=('authenticators.baseauthenticator',),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,108 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.contrib.postgres.fields
|
||||
import django.db.models.deletion
|
||||
import django.utils.timezone
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [('journal', '0001_initial'), ('journal', '0002_event_api')]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('sessions', '0001_initial'),
|
||||
('custom_user', '0037_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='EventType',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('name', models.SlugField(max_length=256, unique=True, verbose_name='name')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'event type',
|
||||
'verbose_name_plural': 'event types',
|
||||
'ordering': ('name',),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Event',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'timestamp',
|
||||
models.DateTimeField(
|
||||
blank=True,
|
||||
default=django.utils.timezone.now,
|
||||
editable=False,
|
||||
verbose_name='timestamp',
|
||||
),
|
||||
),
|
||||
(
|
||||
'reference_ids',
|
||||
django.contrib.postgres.fields.ArrayField(
|
||||
base_field=models.BigIntegerField(),
|
||||
null=True,
|
||||
size=None,
|
||||
verbose_name='reference ids',
|
||||
),
|
||||
),
|
||||
(
|
||||
'reference_ct_ids',
|
||||
django.contrib.postgres.fields.ArrayField(
|
||||
base_field=models.IntegerField(),
|
||||
null=True,
|
||||
size=None,
|
||||
verbose_name='reference ct ids',
|
||||
),
|
||||
),
|
||||
('data', models.JSONField(null=True, verbose_name='data')),
|
||||
('api', models.BooleanField(default=False, verbose_name='API')),
|
||||
(
|
||||
'session',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
db_constraint=False,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.DO_NOTHING,
|
||||
to='sessions.session',
|
||||
verbose_name='session',
|
||||
),
|
||||
),
|
||||
(
|
||||
'type',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.PROTECT,
|
||||
to='journal.eventtype',
|
||||
verbose_name='type',
|
||||
),
|
||||
),
|
||||
(
|
||||
'user',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
db_constraint=False,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.DO_NOTHING,
|
||||
to='custom_user.user',
|
||||
verbose_name='user',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'event',
|
||||
'verbose_name_plural': 'events',
|
||||
'ordering': ('timestamp', 'id'),
|
||||
},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,342 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import uuid
|
||||
|
||||
import django.contrib.postgres.fields
|
||||
import django.db.models.deletion
|
||||
import django.utils.timezone
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2.utils.misc
|
||||
import authentic2.validators
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('custom_user', '0001_initial'),
|
||||
('custom_user', '0002_auto_20150410_1823'),
|
||||
('custom_user', '0003_auto_20150504_1410'),
|
||||
('custom_user', '0004_user_ou'),
|
||||
('custom_user', '0005_auto_20150522_1527'),
|
||||
('custom_user', '0006_auto_20150527_1212'),
|
||||
('custom_user', '0007_auto_20150610_1527'),
|
||||
('custom_user', '0008_auto_20150617_1606'),
|
||||
('custom_user', '0009_auto_20150810_1953'),
|
||||
('custom_user', '0010_auto_20160307_1418'),
|
||||
('custom_user', '0011_manual_attribute_values_for_name_fields'),
|
||||
('custom_user', '0012_user_modified'),
|
||||
('custom_user', '0013_user_email_verified'),
|
||||
('custom_user', '0014_set_email_verified'),
|
||||
('custom_user', '0015_auto_20170707_1653'),
|
||||
('custom_user', '0016_auto_20180925_1107'),
|
||||
('custom_user', '0017_auto_20200305_1645'),
|
||||
('custom_user', '0018_user_last_account_deletion_alert'),
|
||||
('custom_user', '0019_add_user_deleted'),
|
||||
('custom_user', '0020_deleteduser'),
|
||||
('custom_user', '0021_set_unusable_password'),
|
||||
('custom_user', '0022_index_email'),
|
||||
('custom_user', '0023_index_username'),
|
||||
('custom_user', '0024_index_email_by_trigrams'),
|
||||
('custom_user', '0025_user_deactivation'),
|
||||
('custom_user', '0026_remove_user_deleted'),
|
||||
('custom_user', '0027_user_deactivation_reason'),
|
||||
('custom_user', '0028_user_email_verified_date'),
|
||||
('custom_user', '0029_profile_profiletype'),
|
||||
('custom_user', '0030_auto_20220304_1136'),
|
||||
('custom_user', '0031_profile_email'),
|
||||
('custom_user', '0032_auto_20220919_1230'),
|
||||
('custom_user', '0032_index_deleteduser_old_email'),
|
||||
('custom_user', '0032_index_deleteduser_old_uuid'),
|
||||
('custom_user', '0033_user_keepalive'),
|
||||
('custom_user', '0034_user_email_verified_sources'),
|
||||
('custom_user', '0035_alter_user_username'),
|
||||
('custom_user', '0036_remove_user_constraint_at_least_one_identifier'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('auth', '0012_alter_user_first_name_max_length'),
|
||||
('a2_rbac', '0038_replace'),
|
||||
('authentic2', '0051_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='DeletedUser',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('deleted', models.DateTimeField(auto_now_add=True, verbose_name='Deletion date')),
|
||||
('old_uuid', models.TextField(blank=True, db_index=True, null=True, verbose_name='Old UUID')),
|
||||
(
|
||||
'old_user_id',
|
||||
models.PositiveIntegerField(blank=True, null=True, verbose_name='Old user id'),
|
||||
),
|
||||
(
|
||||
'old_email',
|
||||
models.EmailField(
|
||||
blank=True, db_index=True, max_length=254, null=True, verbose_name='Old email adress'
|
||||
),
|
||||
),
|
||||
(
|
||||
'old_phone',
|
||||
models.CharField(blank=True, max_length=64, null=True, verbose_name='Old phone number'),
|
||||
),
|
||||
('old_data', models.JSONField(blank=True, null=True, verbose_name='Old data')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'deleted user',
|
||||
'verbose_name_plural': 'deleted users',
|
||||
'ordering': ('deleted', 'id'),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='ProfileType',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'uuid',
|
||||
models.UUIDField(default=uuid.uuid4, editable=False, unique=True, verbose_name='UUID'),
|
||||
),
|
||||
('name', models.CharField(max_length=64, verbose_name='name')),
|
||||
('slug', models.SlugField(max_length=64, unique=True, verbose_name='slug')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'profile type',
|
||||
'verbose_name_plural': 'profile types',
|
||||
'ordering': ('name', 'slug'),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='User',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('password', models.CharField(max_length=128, verbose_name='password')),
|
||||
('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
|
||||
(
|
||||
'uuid',
|
||||
models.CharField(
|
||||
default=authentic2.utils.misc.get_hex_uuid,
|
||||
editable=False,
|
||||
max_length=32,
|
||||
unique=True,
|
||||
verbose_name='uuid',
|
||||
),
|
||||
),
|
||||
(
|
||||
'username',
|
||||
models.CharField(
|
||||
blank=True, db_index=True, max_length=256, null=True, verbose_name='username'
|
||||
),
|
||||
),
|
||||
('first_name', models.CharField(blank=True, max_length=128, verbose_name='first name')),
|
||||
('last_name', models.CharField(blank=True, max_length=128, verbose_name='last name')),
|
||||
(
|
||||
'email',
|
||||
models.EmailField(
|
||||
blank=True,
|
||||
max_length=254,
|
||||
validators=[authentic2.validators.EmailValidator()],
|
||||
verbose_name='email address',
|
||||
),
|
||||
),
|
||||
('email_verified', models.BooleanField(default=False, verbose_name='email verified')),
|
||||
(
|
||||
'email_verified_date',
|
||||
models.DateTimeField(
|
||||
blank=True, default=None, null=True, verbose_name='email verified date'
|
||||
),
|
||||
),
|
||||
(
|
||||
'email_verified_sources',
|
||||
django.contrib.postgres.fields.ArrayField(
|
||||
base_field=models.CharField(max_length=63),
|
||||
blank=True,
|
||||
default=list,
|
||||
null=True,
|
||||
size=None,
|
||||
verbose_name='email verification sources',
|
||||
),
|
||||
),
|
||||
(
|
||||
'is_superuser',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
help_text='Designates that this user has all permissions without explicitly assigning them.',
|
||||
verbose_name='superuser status',
|
||||
),
|
||||
),
|
||||
(
|
||||
'phone',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
max_length=64,
|
||||
null=True,
|
||||
validators=[authentic2.validators.PhoneNumberValidator],
|
||||
verbose_name='phone number',
|
||||
),
|
||||
),
|
||||
(
|
||||
'phone_verified_on',
|
||||
models.DateTimeField(
|
||||
blank=True, default=None, null=True, verbose_name='phone verification date'
|
||||
),
|
||||
),
|
||||
(
|
||||
'is_staff',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
help_text='Designates whether the user can log into this admin site.',
|
||||
verbose_name='staff status',
|
||||
),
|
||||
),
|
||||
(
|
||||
'is_active',
|
||||
models.BooleanField(
|
||||
default=True,
|
||||
help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.',
|
||||
verbose_name='active',
|
||||
),
|
||||
),
|
||||
(
|
||||
'date_joined',
|
||||
models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined'),
|
||||
),
|
||||
(
|
||||
'modified',
|
||||
models.DateTimeField(auto_now=True, db_index=True, verbose_name='Last modification time'),
|
||||
),
|
||||
(
|
||||
'last_account_deletion_alert',
|
||||
models.DateTimeField(blank=True, null=True, verbose_name='Last account deletion alert'),
|
||||
),
|
||||
(
|
||||
'deactivation',
|
||||
models.DateTimeField(blank=True, null=True, verbose_name='Deactivation datetime'),
|
||||
),
|
||||
(
|
||||
'deactivation_reason',
|
||||
models.TextField(blank=True, null=True, verbose_name='Deactivation reason'),
|
||||
),
|
||||
(
|
||||
'keepalive',
|
||||
models.DateTimeField(blank=True, null=True, verbose_name='Keepalive timestamp'),
|
||||
),
|
||||
(
|
||||
'groups',
|
||||
models.ManyToManyField(
|
||||
blank=True,
|
||||
help_text='The groups this user belongs to. A user will get all permissions granted to each of his/her group.',
|
||||
related_name='user_set',
|
||||
related_query_name='user',
|
||||
to='auth.Group',
|
||||
verbose_name='groups',
|
||||
),
|
||||
),
|
||||
(
|
||||
'ou',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='a2_rbac.organizationalunit',
|
||||
verbose_name='organizational unit',
|
||||
),
|
||||
),
|
||||
(
|
||||
'user_permissions',
|
||||
models.ManyToManyField(
|
||||
blank=True,
|
||||
help_text='Specific permissions for this user.',
|
||||
related_name='user_set',
|
||||
related_query_name='user',
|
||||
to='auth.Permission',
|
||||
verbose_name='user permissions',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'user',
|
||||
'verbose_name_plural': 'users',
|
||||
'ordering': ('last_name', 'first_name', 'email', 'username'),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='ServiceProfileType',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'profile_type',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE, to='custom_user.profiletype'
|
||||
),
|
||||
),
|
||||
(
|
||||
'service',
|
||||
models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='authentic2.service'),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'unique_together': {('service', 'profile_type')},
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Profile',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('identifier', models.CharField(default='', max_length=256, verbose_name='identifier')),
|
||||
('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
|
||||
('data', models.JSONField(blank=True, null=True, verbose_name='data')),
|
||||
(
|
||||
'profile_type',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='profiles',
|
||||
to='custom_user.profiletype',
|
||||
verbose_name='profile type',
|
||||
),
|
||||
),
|
||||
(
|
||||
'user',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='profiles',
|
||||
to='custom_user.user',
|
||||
verbose_name='user',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'profile',
|
||||
'verbose_name_plural': 'profiles',
|
||||
'ordering': ('user', 'profile_type'),
|
||||
'unique_together': {('user', 'profile_type', 'identifier')},
|
||||
},
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='profiletype',
|
||||
name='services',
|
||||
field=models.ManyToManyField(
|
||||
blank=True,
|
||||
related_name='_custom_user_profiletype_services_+',
|
||||
through='custom_user.ServiceProfileType',
|
||||
to='authentic2.Service',
|
||||
verbose_name='allowed services for this profile type',
|
||||
),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,393 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import uuid
|
||||
|
||||
import django.contrib.postgres.fields
|
||||
import django.contrib.postgres.search
|
||||
import django.db.models.manager
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2.utils.sms
|
||||
import authentic2.validators
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2', '0001_initial'),
|
||||
('authentic2', '0002_auto_20150320_1418'),
|
||||
('authentic2', '0003_auto_20150409_1840'),
|
||||
('authentic2', '0004_service'),
|
||||
('authentic2', '0005_service_ou'),
|
||||
('authentic2', '0006_conditional_slug_index'),
|
||||
('authentic2', '0007_auto_20150523_0028'),
|
||||
('authentic2', '0008_auto_20160204_1415'),
|
||||
('authentic2', '0009_auto_20160211_2247'),
|
||||
('authentic2', '0010_attributevalue_multiple'),
|
||||
('authentic2', '0011_auto_20160211_2253'),
|
||||
('authentic2', '0012_auto_20160211_2255'),
|
||||
('authentic2', '0013_auto_20160211_2258'),
|
||||
('authentic2', '0014_attributevalue_verified'),
|
||||
('authentic2', '0015_auto_20160621_1711'),
|
||||
('authentic2', '0016_attribute_disabled'),
|
||||
('authentic2', '0017_modify_attribute_serialization'),
|
||||
('authentic2', '0018_auto_20170524_0842'),
|
||||
('authentic2', '0019_auto_20170309_1529'),
|
||||
('authentic2', '0020_delete_federatedid'),
|
||||
('authentic2', '0021_attribute_order'),
|
||||
('authentic2', '0022_attribute_scopes'),
|
||||
('authentic2', '0023_auto_20181031_0900'),
|
||||
('authentic2', '0024_auto_20190617_1113'),
|
||||
('authentic2', '0025_auto_20191009_1047'),
|
||||
('authentic2', '0026_token'),
|
||||
('authentic2', '0027_remove_deleteduser'),
|
||||
('authentic2', '0028_trigram_unaccent_index'),
|
||||
('authentic2', '0029_auto_20201013_1614'),
|
||||
('authentic2', '0030_clean_admin_tools_tables'),
|
||||
('authentic2', '0031_add_search_vector_to_attributes'),
|
||||
('authentic2', '0032_initialize_search_vectors'),
|
||||
('authentic2', '0033_recreate_immutable_unaccent'),
|
||||
('authentic2', '0034_attribute_required_on_login'),
|
||||
('authentic2', '0035_service_home_url'),
|
||||
('authentic2', '0036_service_profile_types'),
|
||||
('authentic2', '0037_auto_20220331_1513'),
|
||||
('authentic2', '0038_make_service_ou_non_null'),
|
||||
('authentic2', '0039_add_unique_attribute_constraint'),
|
||||
('authentic2', '0040_add_external_guid'),
|
||||
('authentic2', '0041_lock'),
|
||||
('authentic2', '0042_api_client'),
|
||||
('authentic2', '0043_api_client_description'),
|
||||
('authentic2', '0044_apiclient_ou'),
|
||||
('authentic2', '0044_auto_20220530_1426'),
|
||||
('authentic2', '0045_auto_20221222_1013'),
|
||||
('authentic2', '0045_auto_20230117_1513'),
|
||||
('authentic2', '0045_smscode'),
|
||||
('authentic2', '0046_runtimesetting'),
|
||||
('authentic2', '0047_initialize_services_runtime_settings'),
|
||||
('authentic2', '0048_rename_services_runtime_settings'),
|
||||
('authentic2', '0049_apiclient_allowed_user_attributes'),
|
||||
('authentic2', '0050_initialize_users_advanced_configuration'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = []
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='APIClient',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('name', models.CharField(max_length=128, verbose_name='Name')),
|
||||
('description', models.TextField(blank=True, verbose_name='Description')),
|
||||
('identifier', models.CharField(max_length=256, verbose_name='Identifier')),
|
||||
('password', models.CharField(max_length=256, verbose_name='Password')),
|
||||
(
|
||||
'restrict_to_anonymised_data',
|
||||
models.BooleanField(default=False, verbose_name='Restrict to anonymised data'),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'APIClient',
|
||||
'verbose_name_plural': 'APIClient',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Attribute',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('label', models.CharField(max_length=63, unique=True, verbose_name='label')),
|
||||
('description', models.TextField(blank=True, verbose_name='description')),
|
||||
('name', models.SlugField(max_length=256, unique=True, verbose_name='name')),
|
||||
('required', models.BooleanField(blank=True, default=False, verbose_name='required')),
|
||||
(
|
||||
'asked_on_registration',
|
||||
models.BooleanField(blank=True, default=False, verbose_name='asked on registration'),
|
||||
),
|
||||
(
|
||||
'user_editable',
|
||||
models.BooleanField(blank=True, default=False, verbose_name='user editable'),
|
||||
),
|
||||
('user_visible', models.BooleanField(blank=True, default=False, verbose_name='user visible')),
|
||||
('multiple', models.BooleanField(blank=True, default=False, verbose_name='multiple')),
|
||||
('kind', models.CharField(max_length=16, verbose_name='kind')),
|
||||
('disabled', models.BooleanField(blank=True, default=False, verbose_name='disabled')),
|
||||
('searchable', models.BooleanField(blank=True, default=False, verbose_name='searchable')),
|
||||
(
|
||||
'required_on_login',
|
||||
models.BooleanField(blank=True, default=False, verbose_name='required on login'),
|
||||
),
|
||||
(
|
||||
'scopes',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
default='',
|
||||
help_text='scopes separated by spaces',
|
||||
max_length=256,
|
||||
verbose_name='scopes',
|
||||
),
|
||||
),
|
||||
('order', models.PositiveIntegerField(default=0, verbose_name='order')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'attribute definition',
|
||||
'verbose_name_plural': 'attribute definitions',
|
||||
'ordering': ('order', 'id'),
|
||||
'base_manager_name': 'all_objects',
|
||||
},
|
||||
managers=[
|
||||
('all_objects', django.db.models.manager.Manager()),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='AttributeValue',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('object_id', models.PositiveIntegerField(db_index=True, verbose_name='object identifier')),
|
||||
('multiple', models.BooleanField(default=False, null=True)),
|
||||
('content', models.TextField(db_index=True, verbose_name='content')),
|
||||
(
|
||||
'search_vector',
|
||||
django.contrib.postgres.search.SearchVectorField(editable=False, null=True),
|
||||
),
|
||||
('verified', models.BooleanField(default=False)),
|
||||
(
|
||||
'verification_sources',
|
||||
django.contrib.postgres.fields.ArrayField(
|
||||
base_field=models.CharField(max_length=63),
|
||||
null=True,
|
||||
size=None,
|
||||
verbose_name='verification sources',
|
||||
),
|
||||
),
|
||||
(
|
||||
'last_verified_on',
|
||||
models.DateTimeField(null=True, verbose_name='last verification timestamp'),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'attribute value',
|
||||
'verbose_name_plural': 'attribute values',
|
||||
'ordering': ('attribute__order', 'id'),
|
||||
},
|
||||
managers=[
|
||||
('all_objects', django.db.models.manager.Manager()),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='AuthenticationEvent',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('when', models.DateTimeField(auto_now=True, verbose_name='when')),
|
||||
('who', models.CharField(max_length=80, verbose_name='who')),
|
||||
('how', models.CharField(max_length=32, verbose_name='how')),
|
||||
('nonce', models.CharField(max_length=255, verbose_name='nonce')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'authentication log',
|
||||
'verbose_name_plural': 'authentication logs',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='AuthorizedRole',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Lock',
|
||||
fields=[
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='Creation date')),
|
||||
('name', models.TextField(primary_key=True, serialize=False, verbose_name='Name')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'Lock',
|
||||
'verbose_name_plural': 'Lock',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LogoutUrl',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'logout_url',
|
||||
models.URLField(
|
||||
blank=True,
|
||||
help_text='you can use a {} to pass the URL of the success icon, ex.: http://example.com/logout?next={}',
|
||||
max_length=255,
|
||||
null=True,
|
||||
verbose_name='url',
|
||||
),
|
||||
),
|
||||
(
|
||||
'logout_use_iframe',
|
||||
models.BooleanField(
|
||||
default=False, verbose_name='use an iframe instead of an img tag for logout'
|
||||
),
|
||||
),
|
||||
(
|
||||
'logout_use_iframe_timeout',
|
||||
models.PositiveIntegerField(
|
||||
default=300,
|
||||
help_text="if iframe logout is used, it's the time between the onload event for this iframe and the moment we "
|
||||
'consider its loading to be really finished',
|
||||
verbose_name='iframe logout timeout (ms)',
|
||||
),
|
||||
),
|
||||
('object_id', models.PositiveIntegerField(verbose_name='object identifier')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'logout URL',
|
||||
'verbose_name_plural': 'logout URL',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='PasswordReset',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'password reset',
|
||||
'verbose_name_plural': 'password reset',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Service',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('name', models.CharField(max_length=128, verbose_name='name')),
|
||||
('slug', models.SlugField(max_length=128, verbose_name='slug')),
|
||||
(
|
||||
'unauthorized_url',
|
||||
models.URLField(
|
||||
blank=True, max_length=256, null=True, verbose_name='callback url when unauthorized'
|
||||
),
|
||||
),
|
||||
('home_url', models.URLField(blank=True, max_length=256, null=True, verbose_name='Home URL')),
|
||||
('logo', models.ImageField(blank=True, upload_to='services/logos', verbose_name='Logo')),
|
||||
(
|
||||
'colour',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
max_length=32,
|
||||
null=True,
|
||||
validators=[authentic2.validators.HexaColourValidator()],
|
||||
verbose_name='Colour',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'base service model',
|
||||
'verbose_name_plural': 'base service models',
|
||||
'base_manager_name': 'objects',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Setting',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('key', models.CharField(max_length=128, unique=True, verbose_name='key')),
|
||||
('value', models.JSONField(blank=True, verbose_name='value')),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='SMSCode',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'value',
|
||||
models.CharField(
|
||||
default=authentic2.utils.sms.create_sms_code,
|
||||
editable=False,
|
||||
max_length=32,
|
||||
verbose_name='Identifier',
|
||||
),
|
||||
),
|
||||
('kind', models.CharField(max_length=32, verbose_name='Kind')),
|
||||
(
|
||||
'phone',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
max_length=64,
|
||||
null=True,
|
||||
validators=[authentic2.validators.PhoneNumberValidator],
|
||||
verbose_name='phone number',
|
||||
),
|
||||
),
|
||||
('url_token', models.UUIDField(default=uuid.uuid4, verbose_name='URL token')),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='Creation date')),
|
||||
('expires', models.DateTimeField(verbose_name='Expires')),
|
||||
('sent', models.BooleanField(default=False, verbose_name='SMS code sent')),
|
||||
('fake', models.BooleanField(default=False, verbose_name='Is a fake code')),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Token',
|
||||
fields=[
|
||||
(
|
||||
'uuid',
|
||||
models.UUIDField(
|
||||
default=uuid.uuid4,
|
||||
editable=False,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
verbose_name='Identifier',
|
||||
),
|
||||
),
|
||||
('kind', models.CharField(max_length=32, verbose_name='Kind')),
|
||||
('content', models.JSONField(blank=True, verbose_name='Content')),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='Creation date')),
|
||||
('expires', models.DateTimeField(verbose_name='Expires')),
|
||||
],
|
||||
options={
|
||||
'ordering': ('-expires', 'kind', 'uuid'),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='UserExternalId',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('source', models.CharField(max_length=256, verbose_name='source')),
|
||||
('external_id', models.CharField(max_length=256, null=True, verbose_name='external id')),
|
||||
('external_guid', models.UUIDField(null=True, verbose_name='External GUID')),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='creation date')),
|
||||
('updated', models.DateTimeField(auto_now=True, verbose_name='last update date')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'user external id',
|
||||
'verbose_name_plural': 'user external ids',
|
||||
},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,244 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.contrib.postgres.indexes
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2.a2_rbac.utils
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2', '0001_initial'),
|
||||
('authentic2', '0002_auto_20150320_1418'),
|
||||
('authentic2', '0003_auto_20150409_1840'),
|
||||
('authentic2', '0004_service'),
|
||||
('authentic2', '0005_service_ou'),
|
||||
('authentic2', '0006_conditional_slug_index'),
|
||||
('authentic2', '0007_auto_20150523_0028'),
|
||||
('authentic2', '0008_auto_20160204_1415'),
|
||||
('authentic2', '0009_auto_20160211_2247'),
|
||||
('authentic2', '0010_attributevalue_multiple'),
|
||||
('authentic2', '0011_auto_20160211_2253'),
|
||||
('authentic2', '0012_auto_20160211_2255'),
|
||||
('authentic2', '0013_auto_20160211_2258'),
|
||||
('authentic2', '0014_attributevalue_verified'),
|
||||
('authentic2', '0015_auto_20160621_1711'),
|
||||
('authentic2', '0016_attribute_disabled'),
|
||||
('authentic2', '0017_modify_attribute_serialization'),
|
||||
('authentic2', '0018_auto_20170524_0842'),
|
||||
('authentic2', '0019_auto_20170309_1529'),
|
||||
('authentic2', '0020_delete_federatedid'),
|
||||
('authentic2', '0021_attribute_order'),
|
||||
('authentic2', '0022_attribute_scopes'),
|
||||
('authentic2', '0023_auto_20181031_0900'),
|
||||
('authentic2', '0024_auto_20190617_1113'),
|
||||
('authentic2', '0025_auto_20191009_1047'),
|
||||
('authentic2', '0026_token'),
|
||||
('authentic2', '0027_remove_deleteduser'),
|
||||
('authentic2', '0028_trigram_unaccent_index'),
|
||||
('authentic2', '0029_auto_20201013_1614'),
|
||||
('authentic2', '0030_clean_admin_tools_tables'),
|
||||
('authentic2', '0031_add_search_vector_to_attributes'),
|
||||
('authentic2', '0032_initialize_search_vectors'),
|
||||
('authentic2', '0033_recreate_immutable_unaccent'),
|
||||
('authentic2', '0034_attribute_required_on_login'),
|
||||
('authentic2', '0035_service_home_url'),
|
||||
('authentic2', '0036_service_profile_types'),
|
||||
('authentic2', '0037_auto_20220331_1513'),
|
||||
('authentic2', '0038_make_service_ou_non_null'),
|
||||
('authentic2', '0039_add_unique_attribute_constraint'),
|
||||
('authentic2', '0040_add_external_guid'),
|
||||
('authentic2', '0041_lock'),
|
||||
('authentic2', '0042_api_client'),
|
||||
('authentic2', '0043_api_client_description'),
|
||||
('authentic2', '0044_apiclient_ou'),
|
||||
('authentic2', '0044_auto_20220530_1426'),
|
||||
('authentic2', '0045_auto_20221222_1013'),
|
||||
('authentic2', '0045_auto_20230117_1513'),
|
||||
('authentic2', '0045_smscode'),
|
||||
('authentic2', '0046_runtimesetting'),
|
||||
('authentic2', '0047_initialize_services_runtime_settings'),
|
||||
('authentic2', '0048_rename_services_runtime_settings'),
|
||||
('authentic2', '0049_apiclient_allowed_user_attributes'),
|
||||
('authentic2', '0050_initialize_users_advanced_configuration'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('a2_rbac', '0039_replace'),
|
||||
('custom_user', '0037_replace'),
|
||||
('contenttypes', '0002_remove_content_type_name'),
|
||||
('authentic2', '0051_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='LDAPUser',
|
||||
fields=[],
|
||||
options={
|
||||
'proxy': True,
|
||||
'indexes': [],
|
||||
'constraints': [],
|
||||
},
|
||||
bases=('custom_user.user',),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='userexternalid',
|
||||
name='user',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE, to='custom_user.user', verbose_name='user'
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='smscode',
|
||||
name='user',
|
||||
field=models.ForeignKey(
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='custom_user.user',
|
||||
verbose_name='user',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='service',
|
||||
name='authorized_roles',
|
||||
field=models.ManyToManyField(
|
||||
blank=True,
|
||||
related_name='allowed_services',
|
||||
through='authentic2.AuthorizedRole',
|
||||
to='a2_rbac.Role',
|
||||
verbose_name='authorized services',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='service',
|
||||
name='ou',
|
||||
field=models.ForeignKey(
|
||||
default=authentic2.a2_rbac.utils.get_default_ou_pk,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='a2_rbac.organizationalunit',
|
||||
verbose_name='organizational unit',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='service',
|
||||
name='profile_types',
|
||||
field=models.ManyToManyField(
|
||||
blank=True,
|
||||
related_name='_authentic2_service_profile_types_+',
|
||||
through='custom_user.ServiceProfileType',
|
||||
to='custom_user.ProfileType',
|
||||
verbose_name='allowed services for this profile type',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='passwordreset',
|
||||
name='user',
|
||||
field=models.OneToOneField(
|
||||
on_delete=django.db.models.deletion.CASCADE, to='custom_user.user', verbose_name='user'
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='logouturl',
|
||||
name='content_type',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='contenttypes.contenttype',
|
||||
verbose_name='content type',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='authorizedrole',
|
||||
name='role',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='a2_rbac.role'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='authorizedrole',
|
||||
name='service',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='authentic2.service'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='attributevalue',
|
||||
name='attribute',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='authentic2.attribute',
|
||||
verbose_name='attribute',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='attributevalue',
|
||||
name='content_type',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='contenttypes.contenttype',
|
||||
verbose_name='content type',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='apiclient',
|
||||
name='allowed_user_attributes',
|
||||
field=models.ManyToManyField(
|
||||
blank=True,
|
||||
related_name='apiclients',
|
||||
to='authentic2.Attribute',
|
||||
verbose_name='allowed user attributes',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='apiclient',
|
||||
name='apiclient_roles',
|
||||
field=models.ManyToManyField(
|
||||
blank=True, related_name='apiclients', to='a2_rbac.Role', verbose_name='roles'
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='apiclient',
|
||||
name='ou',
|
||||
field=models.ForeignKey(
|
||||
blank=True,
|
||||
default=authentic2.a2_rbac.utils.get_default_ou_pk,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='a2_rbac.organizationalunit',
|
||||
verbose_name='organizational unit',
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='userexternalid',
|
||||
constraint=models.CheckConstraint(
|
||||
check=models.Q(
|
||||
('external_id__isnull', False), ('external_guid__isnull', False), _connector='OR'
|
||||
),
|
||||
name='at_least_one_id',
|
||||
),
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='userexternalid',
|
||||
unique_together={('source', 'external_id'), ('source', 'external_guid')},
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='service',
|
||||
unique_together={('slug', 'ou')},
|
||||
),
|
||||
migrations.AddIndex(
|
||||
model_name='attributevalue',
|
||||
index=django.contrib.postgres.indexes.GinIndex(
|
||||
fields=['search_vector'], name='authentic2_atv_tsvector_idx'
|
||||
),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='attributevalue',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('multiple', False)),
|
||||
fields=('content_type', 'object_id', 'attribute'),
|
||||
name='unique_attribute_idx',
|
||||
),
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='attributevalue',
|
||||
unique_together={('content_type', 'object_id', 'attribute', 'multiple', 'content')},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,417 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2.saml.fields
|
||||
import authentic2.saml.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('saml', '0001_initial'),
|
||||
('saml', '0002_auto_20150320_1245'),
|
||||
('saml', '0002_ease_federation_migration'),
|
||||
('saml', '0003_merge'),
|
||||
('saml', '0004_auto_20150410_1438'),
|
||||
('saml', '0005_make_liberty_provider_inherit_from_service'),
|
||||
('saml', '0006_restore_foreign_keys'),
|
||||
('saml', '0007_copy_service_ptr_id_to_old_id'),
|
||||
('saml', '0008_alter_foreign_keys'),
|
||||
('saml', '0009_auto'),
|
||||
('saml', '0010_auto'),
|
||||
('saml', '0011_auto'),
|
||||
('saml', '0012_auto_20150526_2239'),
|
||||
('saml', '0013_auto_20150617_1004'),
|
||||
('saml', '0014_auto_20150617_1216'),
|
||||
('saml', '0015_auto_20150915_2032'),
|
||||
('saml', '0016_auto_20150915_2041'),
|
||||
('saml', '0017_auto_20170710_1738'),
|
||||
('saml', '0018_truncate_saml_keyvalue'),
|
||||
('saml', '0019_auto_20200621_1558'),
|
||||
('saml', '0020_libertysession_saml_libert_provide_39bb6c_idx'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authentic2', '0052_replace'),
|
||||
('custom_user', '0037_replace'),
|
||||
('contenttypes', '0002_remove_content_type_name'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='KeyValue',
|
||||
fields=[
|
||||
('key', models.CharField(max_length=128, primary_key=True, serialize=False)),
|
||||
('value', authentic2.saml.fields.PickledObjectField()),
|
||||
('created', models.DateTimeField(auto_now_add=True)),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'key value association',
|
||||
'verbose_name_plural': 'key value associations',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LibertyArtifact',
|
||||
fields=[
|
||||
('creation', models.DateTimeField(auto_now_add=True)),
|
||||
('artifact', models.CharField(max_length=128, primary_key=True, serialize=False)),
|
||||
('content', models.TextField()),
|
||||
('provider_id', models.CharField(max_length=256)),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'SAML artifact',
|
||||
'verbose_name_plural': 'SAML artifacts',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LibertyFederation',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'name_id_format',
|
||||
models.CharField(blank=True, max_length=100, null=True, verbose_name='NameIDFormat'),
|
||||
),
|
||||
('name_id_content', models.CharField(max_length=100, verbose_name='NameID')),
|
||||
(
|
||||
'name_id_qualifier',
|
||||
models.CharField(blank=True, max_length=256, null=True, verbose_name='NameQualifier'),
|
||||
),
|
||||
(
|
||||
'name_id_sp_name_qualifier',
|
||||
models.CharField(blank=True, max_length=256, null=True, verbose_name='SPNameQualifier'),
|
||||
),
|
||||
('termination_notified', models.BooleanField(blank=True, default=False)),
|
||||
('creation', models.DateTimeField(auto_now_add=True)),
|
||||
('last_modification', models.DateTimeField(auto_now=True)),
|
||||
(
|
||||
'user',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.SET_NULL,
|
||||
to='custom_user.user',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'SAML federation',
|
||||
'verbose_name_plural': 'SAML federations',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LibertyProvider',
|
||||
fields=[
|
||||
(
|
||||
'service_ptr',
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to='authentic2.service',
|
||||
),
|
||||
),
|
||||
('entity_id', models.URLField(max_length=256, unique=True, verbose_name='Entity ID')),
|
||||
(
|
||||
'entity_id_sha1',
|
||||
models.CharField(blank=True, max_length=40, verbose_name='Entity ID SHA1'),
|
||||
),
|
||||
('metadata_url', models.URLField(blank=True, max_length=256, verbose_name='Metadata URL')),
|
||||
(
|
||||
'protocol_conformance',
|
||||
models.IntegerField(choices=[(3, 'SAML 2.0')], verbose_name='Protocol conformance'),
|
||||
),
|
||||
('metadata', models.TextField(validators=[authentic2.saml.models.metadata_validator])),
|
||||
(
|
||||
'federation_source',
|
||||
models.CharField(blank=True, max_length=64, null=True, verbose_name='Federation source'),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'SAML provider',
|
||||
'verbose_name_plural': 'SAML providers',
|
||||
'ordering': ('service_ptr__name',),
|
||||
},
|
||||
bases=('authentic2.service',),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='SPOptionsIdPPolicy',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('name', models.CharField(max_length=80, unique=True, verbose_name='name')),
|
||||
('enabled', models.BooleanField(db_index=True, default=False, verbose_name='Enabled')),
|
||||
(
|
||||
'prefered_assertion_consumer_binding',
|
||||
models.CharField(
|
||||
choices=[
|
||||
('meta', 'Use the default from the metadata file'),
|
||||
('art', 'Artifact binding'),
|
||||
('post', 'POST binding'),
|
||||
],
|
||||
default='meta',
|
||||
max_length=4,
|
||||
verbose_name='Prefered assertion consumer binding',
|
||||
),
|
||||
),
|
||||
('encrypt_nameid', models.BooleanField(default=False, verbose_name='Encrypt NameID')),
|
||||
('encrypt_assertion', models.BooleanField(default=False, verbose_name='Encrypt Assertion')),
|
||||
(
|
||||
'authn_request_signed',
|
||||
models.BooleanField(default=False, verbose_name='Authentication request signed'),
|
||||
),
|
||||
(
|
||||
'idp_initiated_sso',
|
||||
models.BooleanField(db_index=True, default=False, verbose_name='Allow IdP initiated SSO'),
|
||||
),
|
||||
(
|
||||
'default_name_id_format',
|
||||
models.CharField(
|
||||
choices=[
|
||||
('none', 'None'),
|
||||
('persistent', 'Persistent'),
|
||||
('transient', 'Transient'),
|
||||
('email', 'Email'),
|
||||
('username', 'Username (use with Google Apps)'),
|
||||
('uuid', 'UUID'),
|
||||
('edupersontargetedid', 'Use eduPersonTargetedID attribute'),
|
||||
],
|
||||
default='none',
|
||||
max_length=256,
|
||||
),
|
||||
),
|
||||
(
|
||||
'accepted_name_id_format',
|
||||
authentic2.saml.fields.MultiSelectField(
|
||||
blank=True,
|
||||
choices=[
|
||||
('none', 'None'),
|
||||
('persistent', 'Persistent'),
|
||||
('transient', 'Transient'),
|
||||
('email', 'Email'),
|
||||
('username', 'Username (use with Google Apps)'),
|
||||
('uuid', 'UUID'),
|
||||
('edupersontargetedid', 'Use eduPersonTargetedID attribute'),
|
||||
],
|
||||
max_length=1024,
|
||||
verbose_name='NameID formats accepted',
|
||||
),
|
||||
),
|
||||
(
|
||||
'ask_user_consent',
|
||||
models.BooleanField(
|
||||
default=False, verbose_name='Ask user for consent when creating a federation'
|
||||
),
|
||||
),
|
||||
(
|
||||
'accept_slo',
|
||||
models.BooleanField(
|
||||
db_index=True, default=True, verbose_name='Accept to receive Single Logout requests'
|
||||
),
|
||||
),
|
||||
(
|
||||
'forward_slo',
|
||||
models.BooleanField(default=True, verbose_name='Forward Single Logout requests'),
|
||||
),
|
||||
(
|
||||
'needs_iframe_logout',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
help_text='logout URL are normally loaded inside an <img> HTML tag, some service provider need to use an iframe',
|
||||
verbose_name='needs iframe logout',
|
||||
),
|
||||
),
|
||||
(
|
||||
'iframe_logout_timeout',
|
||||
models.PositiveIntegerField(
|
||||
default=300,
|
||||
help_text="if iframe logout is used, it's the time between the onload event for this iframe and the moment we "
|
||||
'consider its loading to be really finished',
|
||||
verbose_name='iframe logout timeout',
|
||||
),
|
||||
),
|
||||
(
|
||||
'http_method_for_slo_request',
|
||||
models.IntegerField(
|
||||
choices=[(4, 'Redirect binding'), (5, 'SOAP binding')],
|
||||
default=4,
|
||||
verbose_name='HTTP binding for the SLO requests',
|
||||
),
|
||||
),
|
||||
(
|
||||
'federation_mode',
|
||||
models.PositiveIntegerField(
|
||||
choices=[(0, 'explicit'), (1, 'implicit')], default=0, verbose_name='federation mode'
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'service provider options policy',
|
||||
'verbose_name_plural': 'service provider options policies',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LibertyServiceProvider',
|
||||
fields=[
|
||||
(
|
||||
'liberty_provider',
|
||||
models.OneToOneField(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
primary_key=True,
|
||||
related_name='service_provider',
|
||||
serialize=False,
|
||||
to='saml.libertyprovider',
|
||||
),
|
||||
),
|
||||
('enabled', models.BooleanField(db_index=True, default=False, verbose_name='Enabled')),
|
||||
(
|
||||
'enable_following_sp_options_policy',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
verbose_name='The following options policy will apply except if a policy for all service provider is defined.',
|
||||
),
|
||||
),
|
||||
(
|
||||
'users_can_manage_federations',
|
||||
models.BooleanField(
|
||||
blank=True, db_index=True, default=True, verbose_name='users can manage federation'
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'SAML service provider',
|
||||
'verbose_name_plural': 'SAML service providers',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LibertySessionDump',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('django_session_key', models.CharField(max_length=128)),
|
||||
('session_dump', models.TextField(blank=True)),
|
||||
('kind', models.IntegerField(choices=[(0, 'sp'), (1, 'idp')])),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'SAML session dump',
|
||||
'verbose_name_plural': 'SAML session dumps',
|
||||
'unique_together': {('django_session_key', 'kind')},
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='LibertySession',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('django_session_key', models.CharField(max_length=128)),
|
||||
('session_index', models.CharField(max_length=80)),
|
||||
('provider_id', models.CharField(max_length=256)),
|
||||
('name_id_qualifier', models.CharField(max_length=256, null=True, verbose_name='Qualifier')),
|
||||
('name_id_format', models.CharField(max_length=100, null=True, verbose_name='NameIDFormat')),
|
||||
('name_id_content', models.CharField(max_length=100, verbose_name='NameID')),
|
||||
(
|
||||
'name_id_sp_name_qualifier',
|
||||
models.CharField(max_length=256, null=True, verbose_name='SPNameQualifier'),
|
||||
),
|
||||
('creation', models.DateTimeField(auto_now_add=True)),
|
||||
(
|
||||
'federation',
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='saml.libertyfederation',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'SAML session',
|
||||
'verbose_name_plural': 'SAML sessions',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='SAMLAttribute',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('object_id', models.PositiveIntegerField(verbose_name='object identifier')),
|
||||
(
|
||||
'name_format',
|
||||
models.CharField(
|
||||
choices=[('basic', 'Basic'), ('uri', 'URI'), ('unspecified', 'Unspecified')],
|
||||
default='basic',
|
||||
max_length=64,
|
||||
verbose_name='name format',
|
||||
),
|
||||
),
|
||||
(
|
||||
'name',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
help_text='the local attribute name is used if left blank',
|
||||
max_length=128,
|
||||
verbose_name='name',
|
||||
),
|
||||
),
|
||||
('friendly_name', models.CharField(blank=True, max_length=64, verbose_name='friendly name')),
|
||||
('attribute_name', models.CharField(max_length=64, verbose_name='attribute name')),
|
||||
('enabled', models.BooleanField(blank=True, default=True, verbose_name='enabled')),
|
||||
(
|
||||
'content_type',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='contenttypes.contenttype',
|
||||
verbose_name='content type',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'unique_together': {
|
||||
('content_type', 'object_id', 'name_format', 'name', 'friendly_name', 'attribute_name')
|
||||
},
|
||||
},
|
||||
),
|
||||
migrations.AddIndex(
|
||||
model_name='libertysession',
|
||||
index=models.Index(
|
||||
fields=['provider_id', 'django_session_key'], name='saml_libert_provide_39bb6c_idx'
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='libertyserviceprovider',
|
||||
name='sp_options_policy',
|
||||
field=models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.SET_NULL,
|
||||
related_name='sp_options_policy',
|
||||
to='saml.spoptionsidppolicy',
|
||||
verbose_name='service provider options policy',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='libertyfederation',
|
||||
name='sp',
|
||||
field=models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='saml.libertyserviceprovider',
|
||||
),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,108 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.contrib.postgres.fields
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2_auth_fc.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_auth_fc', '0001_initial'),
|
||||
('authentic2_auth_fc', '0002_auto_20200416_1439'),
|
||||
('authentic2_auth_fc', '0003_fcaccount_order1'),
|
||||
('authentic2_auth_fc', '0004_fcaccount_order2'),
|
||||
('authentic2_auth_fc', '0005_fcauthenticator'),
|
||||
('authentic2_auth_fc', '0006_auto_20220525_1409'),
|
||||
('authentic2_auth_fc', '0007_auto_20220615_1002'),
|
||||
('authentic2_auth_fc', '0008_fcauthenticator_link_by_email'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authenticators', '0020_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='FcAccount',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='created')),
|
||||
('modified', models.DateTimeField(auto_now=True, verbose_name='modified')),
|
||||
('sub', models.TextField(db_index=True, verbose_name='sub')),
|
||||
('order', models.PositiveIntegerField(default=0, verbose_name='order')),
|
||||
('token', models.TextField(default='{}', verbose_name='access token')),
|
||||
('user_info', models.TextField(default='{}', null=True, verbose_name='access token')),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='FcAuthenticator',
|
||||
fields=[
|
||||
(
|
||||
'baseauthenticator_ptr',
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
(
|
||||
'platform',
|
||||
models.CharField(
|
||||
choices=[('prod', 'Production'), ('test', 'Integration')],
|
||||
default='test',
|
||||
max_length=4,
|
||||
verbose_name='Platform',
|
||||
),
|
||||
),
|
||||
(
|
||||
'client_id',
|
||||
models.CharField(
|
||||
help_text='See <a href="https://partenaires.franceconnect.gouv.fr/fcp/fournisseur-service">FranceConnect partners site</a> '
|
||||
'for getting client ID and secret.',
|
||||
max_length=256,
|
||||
verbose_name='Client ID',
|
||||
),
|
||||
),
|
||||
('client_secret', models.CharField(max_length=256, verbose_name='Client Secret')),
|
||||
(
|
||||
'scopes',
|
||||
django.contrib.postgres.fields.ArrayField(
|
||||
base_field=models.CharField(
|
||||
choices=[
|
||||
('given_name', 'given name (given_name)'),
|
||||
('gender', 'gender (gender)'),
|
||||
('birthdate', 'birthdate (birthdate)'),
|
||||
('birthcountry', 'birthcountry (birthcountry)'),
|
||||
('birthplace', 'birthplace (birthplace)'),
|
||||
('family_name', 'family name (family_name)'),
|
||||
('email', 'email (email)'),
|
||||
('preferred_username', 'usual family name (preferred_username)'),
|
||||
('identite_pivot', 'core id (identite_pivot)'),
|
||||
('profile', 'profile (profile)'),
|
||||
('birth', 'birth profile (birth)'),
|
||||
],
|
||||
max_length=32,
|
||||
),
|
||||
default=authentic2_auth_fc.models.get_default_scopes,
|
||||
size=None,
|
||||
verbose_name='Scopes',
|
||||
),
|
||||
),
|
||||
('link_by_email', models.BooleanField(default=True, verbose_name='Link by email address')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'FranceConnect',
|
||||
},
|
||||
bases=('authenticators.baseauthenticator',),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,41 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_auth_fc', '0001_initial'),
|
||||
('authentic2_auth_fc', '0002_auto_20200416_1439'),
|
||||
('authentic2_auth_fc', '0003_fcaccount_order1'),
|
||||
('authentic2_auth_fc', '0004_fcaccount_order2'),
|
||||
('authentic2_auth_fc', '0005_fcauthenticator'),
|
||||
('authentic2_auth_fc', '0006_auto_20220525_1409'),
|
||||
('authentic2_auth_fc', '0007_auto_20220615_1002'),
|
||||
('authentic2_auth_fc', '0008_fcauthenticator_link_by_email'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authentic2_auth_fc', '0009_replace'),
|
||||
('custom_user', '0037_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='fcaccount',
|
||||
name='user',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='fc_accounts',
|
||||
to='custom_user.user',
|
||||
verbose_name='user',
|
||||
),
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='fcaccount',
|
||||
unique_together={('sub', 'order'), ('user', 'order')},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,220 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2.utils.template
|
||||
import authentic2_auth_oidc.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_auth_oidc', '0001_initial'),
|
||||
('authentic2_auth_oidc', '0002_oidcprovider_token_revocation_endpoint'),
|
||||
('authentic2_auth_oidc', '0003_oidcprovider_show'),
|
||||
('authentic2_auth_oidc', '0004_auto_20171017_1522'),
|
||||
('authentic2_auth_oidc', '0005_oidcprovider_slug'),
|
||||
('authentic2_auth_oidc', '0006_oidcprovider_claims_parameter_supported'),
|
||||
('authentic2_auth_oidc', '0007_auto_20200317_1732'),
|
||||
('authentic2_auth_oidc', '0008_auto_20201102_1142'),
|
||||
('authentic2_auth_oidc', '0009_oidcprovider_baseauthenticator_ptr'),
|
||||
('authentic2_auth_oidc', '0010_auto_20220413_1622'),
|
||||
('authentic2_auth_oidc', '0011_auto_20220413_1632'),
|
||||
('authentic2_auth_oidc', '0012_auto_20220524_1147'),
|
||||
('authentic2_auth_oidc', '0013_auto_20220726_1714'),
|
||||
('authentic2_auth_oidc', '0013_synchronization_fields'),
|
||||
('authentic2_auth_oidc', '0014_auto_20220920_1614'),
|
||||
('authentic2_auth_oidc', '0014_oidcprovider_passive_authn_supported'),
|
||||
('authentic2_auth_oidc', '0015_auto_20220922_1152'),
|
||||
('authentic2_auth_oidc', '0016_auto_20221019_1148'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authenticators', '0020_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='OIDCAccount',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='creation date')),
|
||||
('modified', models.DateTimeField(auto_now=True, verbose_name='last modification date')),
|
||||
('sub', models.CharField(max_length=256, verbose_name='sub')),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='OIDCClaimMapping',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'claim',
|
||||
models.CharField(
|
||||
max_length=128,
|
||||
validators=[authentic2.utils.template.validate_template],
|
||||
verbose_name='claim',
|
||||
),
|
||||
),
|
||||
('attribute', models.CharField(max_length=64, verbose_name='attribute')),
|
||||
(
|
||||
'verified',
|
||||
models.PositiveIntegerField(
|
||||
choices=[(0, 'not verified'), (1, 'verified claim'), (2, 'always verified')],
|
||||
default=0,
|
||||
verbose_name='verified',
|
||||
),
|
||||
),
|
||||
('required', models.BooleanField(blank=True, default=False, verbose_name='required')),
|
||||
(
|
||||
'idtoken_claim',
|
||||
models.BooleanField(blank=True, default=False, verbose_name='idtoken claim'),
|
||||
),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='creation date')),
|
||||
('modified', models.DateTimeField(auto_now=True, verbose_name='last modification date')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'Claim',
|
||||
'verbose_name_plural': 'Claims',
|
||||
'default_related_name': 'claim_mappings',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='OIDCProvider',
|
||||
fields=[
|
||||
(
|
||||
'baseauthenticator_ptr',
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
('issuer', models.CharField(db_index=True, max_length=256, verbose_name='issuer')),
|
||||
('client_id', models.CharField(max_length=128, verbose_name='client id')),
|
||||
('client_secret', models.CharField(max_length=128, verbose_name='client secret')),
|
||||
(
|
||||
'authorization_endpoint',
|
||||
models.URLField(max_length=128, verbose_name='authorization endpoint'),
|
||||
),
|
||||
('token_endpoint', models.URLField(max_length=128, verbose_name='token endpoint')),
|
||||
('userinfo_endpoint', models.URLField(max_length=128, verbose_name='userinfo endpoint')),
|
||||
(
|
||||
'end_session_endpoint',
|
||||
models.URLField(
|
||||
blank=True, max_length=128, null=True, verbose_name='end session endpoint'
|
||||
),
|
||||
),
|
||||
(
|
||||
'token_revocation_endpoint',
|
||||
models.URLField(
|
||||
blank=True, max_length=128, null=True, verbose_name='token revocation endpoint'
|
||||
),
|
||||
),
|
||||
('scopes', models.CharField(blank=True, max_length=128, verbose_name='scopes')),
|
||||
(
|
||||
'jwkset_json',
|
||||
models.JSONField(
|
||||
blank=True,
|
||||
null=True,
|
||||
validators=[authentic2_auth_oidc.models.validate_jwkset],
|
||||
verbose_name='JSON WebKey set',
|
||||
),
|
||||
),
|
||||
(
|
||||
'idtoken_algo',
|
||||
models.PositiveIntegerField(
|
||||
choices=[(0, 'none'), (1, 'RSA'), (2, 'HMAC'), (3, 'EC')],
|
||||
default=1,
|
||||
verbose_name='IDToken signature algorithm',
|
||||
),
|
||||
),
|
||||
(
|
||||
'claims_parameter_supported',
|
||||
models.BooleanField(default=False, verbose_name='Claims parameter supported'),
|
||||
),
|
||||
(
|
||||
'strategy',
|
||||
models.CharField(
|
||||
choices=[
|
||||
(
|
||||
'create',
|
||||
'create if account matching on email address failed (matching '
|
||||
"will fail if global and provider's ou-wise email uniqueness is deactivated)",
|
||||
),
|
||||
('find-uuid', 'use sub to find existing user through UUID'),
|
||||
('find-username', 'use sub to find existing user through username'),
|
||||
(
|
||||
'find-email',
|
||||
'use email claim (or sub if claim is absent) to find existing user through email',
|
||||
),
|
||||
('none', 'none'),
|
||||
],
|
||||
max_length=32,
|
||||
verbose_name='strategy',
|
||||
),
|
||||
),
|
||||
(
|
||||
'max_auth_age',
|
||||
models.PositiveIntegerField(blank=True, null=True, verbose_name='max authentication age'),
|
||||
),
|
||||
(
|
||||
'a2_synchronization_supported',
|
||||
models.BooleanField(default=False, verbose_name='Authentic2 synchronization supported'),
|
||||
),
|
||||
(
|
||||
'last_sync_time',
|
||||
models.DateTimeField(
|
||||
blank=True, editable=False, null=True, verbose_name='Last synchronization time'
|
||||
),
|
||||
),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='creation date')),
|
||||
('modified', models.DateTimeField(auto_now=True, verbose_name='last modification date')),
|
||||
(
|
||||
'passive_authn_supported',
|
||||
models.BooleanField(default=True, verbose_name='Supports passive authentication'),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'OpenID Connect',
|
||||
},
|
||||
bases=('authenticators.baseauthenticator',),
|
||||
),
|
||||
migrations.AddConstraint(
|
||||
model_name='oidcprovider',
|
||||
constraint=models.UniqueConstraint(
|
||||
condition=models.Q(('issuer', ''), _negated=True),
|
||||
fields=('issuer',),
|
||||
name='unique_issuer_if_not_empty',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcclaimmapping',
|
||||
name='authenticator',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='claim_mappings',
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcaccount',
|
||||
name='provider',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='accounts',
|
||||
to='authentic2_auth_oidc.oidcprovider',
|
||||
verbose_name='provider',
|
||||
),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,51 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_auth_oidc', '0001_initial'),
|
||||
('authentic2_auth_oidc', '0002_oidcprovider_token_revocation_endpoint'),
|
||||
('authentic2_auth_oidc', '0003_oidcprovider_show'),
|
||||
('authentic2_auth_oidc', '0004_auto_20171017_1522'),
|
||||
('authentic2_auth_oidc', '0005_oidcprovider_slug'),
|
||||
('authentic2_auth_oidc', '0006_oidcprovider_claims_parameter_supported'),
|
||||
('authentic2_auth_oidc', '0007_auto_20200317_1732'),
|
||||
('authentic2_auth_oidc', '0008_auto_20201102_1142'),
|
||||
('authentic2_auth_oidc', '0009_oidcprovider_baseauthenticator_ptr'),
|
||||
('authentic2_auth_oidc', '0010_auto_20220413_1622'),
|
||||
('authentic2_auth_oidc', '0011_auto_20220413_1632'),
|
||||
('authentic2_auth_oidc', '0012_auto_20220524_1147'),
|
||||
('authentic2_auth_oidc', '0013_auto_20220726_1714'),
|
||||
('authentic2_auth_oidc', '0013_synchronization_fields'),
|
||||
('authentic2_auth_oidc', '0014_auto_20220920_1614'),
|
||||
('authentic2_auth_oidc', '0014_oidcprovider_passive_authn_supported'),
|
||||
('authentic2_auth_oidc', '0015_auto_20220922_1152'),
|
||||
('authentic2_auth_oidc', '0016_auto_20221019_1148'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authentic2_auth_oidc', '0015_replace'),
|
||||
('custom_user', '0037_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='oidcaccount',
|
||||
name='user',
|
||||
field=models.OneToOneField(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='oidc_account',
|
||||
to='custom_user.user',
|
||||
verbose_name='user',
|
||||
),
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='oidcaccount',
|
||||
unique_together={('provider', 'sub')},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,284 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2_auth_saml.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_auth_saml', '0001_initial'),
|
||||
('authentic2_auth_saml', '0002_auto_20220608_1559'),
|
||||
('authentic2_auth_saml', '0003_auto_20220726_1713'),
|
||||
('authentic2_auth_saml', '0004_remove_samlauthenticator_login_hints'),
|
||||
(
|
||||
'authentic2_auth_saml',
|
||||
'0005_addroleaction_renameattributeaction_samlattributelookup_setattributeaction',
|
||||
),
|
||||
('authentic2_auth_saml', '0006_migrate_jsonfields'),
|
||||
('authentic2_auth_saml', '0007_remove_jsonfields'),
|
||||
('authentic2_auth_saml', '0008_auto_20220913_1105'),
|
||||
('authentic2_auth_saml', '0009_statically_rename_attributes'),
|
||||
('authentic2_auth_saml', '0010_delete_renameattributeaction'),
|
||||
('authentic2_auth_saml', '0011_alter_authenticator_foreign_key'),
|
||||
('authentic2_auth_saml', '0012_move_add_role_action'),
|
||||
('authentic2_auth_saml', '0013_metadata_file_to_db'),
|
||||
('authentic2_auth_saml', '0014_remove_samlauthenticator_metadata_path'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authenticators', '0020_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='SAMLAuthenticator',
|
||||
fields=[
|
||||
(
|
||||
'baseauthenticator_ptr',
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
('metadata_url', models.URLField(blank=True, max_length=300, verbose_name='Metadata URL')),
|
||||
(
|
||||
'metadata_cache_time',
|
||||
models.PositiveSmallIntegerField(default=3600, verbose_name='Metadata cache time'),
|
||||
),
|
||||
(
|
||||
'metadata_http_timeout',
|
||||
models.PositiveSmallIntegerField(default=10, verbose_name='Metadata HTTP timeout'),
|
||||
),
|
||||
(
|
||||
'metadata',
|
||||
models.TextField(
|
||||
blank=True,
|
||||
validators=[authentic2_auth_saml.models.validate_metadata],
|
||||
verbose_name='Metadata (XML)',
|
||||
),
|
||||
),
|
||||
(
|
||||
'provision',
|
||||
models.BooleanField(
|
||||
default=True, verbose_name='Create user if their username does not already exists'
|
||||
),
|
||||
),
|
||||
(
|
||||
'verify_ssl_certificate',
|
||||
models.BooleanField(
|
||||
default=True,
|
||||
help_text='Verify SSL certificate when doing HTTP requests, used when resolving artifacts.',
|
||||
verbose_name='Verify SSL certificate',
|
||||
),
|
||||
),
|
||||
(
|
||||
'transient_federation_attribute',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
help_text='Name of an attribute to use in replacement of the NameID content when the NameID format is transient.',
|
||||
max_length=64,
|
||||
verbose_name='Transient federation attribute',
|
||||
),
|
||||
),
|
||||
(
|
||||
'realm',
|
||||
models.CharField(
|
||||
default='saml',
|
||||
help_text='The default realm to associate to user, can be used in username template.',
|
||||
max_length=32,
|
||||
verbose_name='Realm (realm)',
|
||||
),
|
||||
),
|
||||
(
|
||||
'username_template',
|
||||
models.CharField(
|
||||
default='{attributes[name_id_content]}@{realm}',
|
||||
help_text='The template to build and/or retrieve a user from its username based on received attributes, the syntax is '
|
||||
'the one from the str.format() method of Python. Available variables are realm, idp (current settings for the idp issuing '
|
||||
'the assertion), attributes. The default value is {attributes[name_id_content]}@{realm}. Another example could be '
|
||||
'{atttributes[uid][0]} to set the passed username as the username of the newly created user.',
|
||||
max_length=128,
|
||||
verbose_name='Username template',
|
||||
),
|
||||
),
|
||||
(
|
||||
'name_id_policy_format',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
choices=[
|
||||
('', 'None'),
|
||||
(
|
||||
'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
|
||||
'Persistent (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent)',
|
||||
),
|
||||
(
|
||||
'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
|
||||
'Transient (urn:oasis:names:tc:SAML:2.0:nameid-format:transient)',
|
||||
),
|
||||
(
|
||||
'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
|
||||
'Email (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress)',
|
||||
),
|
||||
(
|
||||
'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
|
||||
'Unspecified (urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified)',
|
||||
),
|
||||
],
|
||||
help_text='The NameID format to request.',
|
||||
max_length=64,
|
||||
verbose_name='NameID policy format',
|
||||
),
|
||||
),
|
||||
(
|
||||
'name_id_policy_allow_create',
|
||||
models.BooleanField(default=True, verbose_name='NameID policy allow create'),
|
||||
),
|
||||
(
|
||||
'force_authn',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
help_text='Force authentication on each authentication request.',
|
||||
verbose_name='Force authn',
|
||||
),
|
||||
),
|
||||
(
|
||||
'add_authnrequest_next_url_extension',
|
||||
models.BooleanField(default=False, verbose_name='Add authnrequest next url extension'),
|
||||
),
|
||||
(
|
||||
'group_attribute',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
help_text='Name of the SAML attribute to map to Django group names (for example "role").',
|
||||
max_length=32,
|
||||
verbose_name='Group attribute',
|
||||
),
|
||||
),
|
||||
(
|
||||
'create_group',
|
||||
models.BooleanField(
|
||||
default=True,
|
||||
help_text='Create group or only assign existing groups.',
|
||||
verbose_name='Create group',
|
||||
),
|
||||
),
|
||||
(
|
||||
'error_url',
|
||||
models.URLField(
|
||||
blank=True,
|
||||
help_text='URL for the continue link when authentication fails. If not set, the RelayState is used. If there is no '
|
||||
'RelayState, application default login redirect URL is used.',
|
||||
verbose_name='Error URL',
|
||||
),
|
||||
),
|
||||
(
|
||||
'error_redirect_after_timeout',
|
||||
models.PositiveSmallIntegerField(
|
||||
default=120,
|
||||
help_text='Timeout in seconds before automatically redirecting the user to the continue URL when authentication has failed.',
|
||||
verbose_name='Error redirect after timeout',
|
||||
),
|
||||
),
|
||||
(
|
||||
'authn_classref',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
help_text='Authorized authentication class references, separated by commas. Empty value means everything is authorized. '
|
||||
'Authentication class reference must be obtained from the identity provider but should come from the SAML 2.0 '
|
||||
'specification.',
|
||||
max_length=512,
|
||||
verbose_name='Authn classref',
|
||||
),
|
||||
),
|
||||
(
|
||||
'attribute_mapping',
|
||||
models.JSONField(
|
||||
blank=True,
|
||||
default=dict,
|
||||
help_text='Maps templates based on SAML attributes to field of the user model, for '
|
||||
'example {"email": "attributes[mail][0]"}.',
|
||||
verbose_name='Attribute mapping (deprecated)',
|
||||
),
|
||||
),
|
||||
(
|
||||
'superuser_mapping',
|
||||
models.JSONField(
|
||||
blank=True,
|
||||
default=dict,
|
||||
editable=False,
|
||||
help_text='Gives superuser flags to user if a SAML attribute contains a given value, for example {"roles": "Admin"}.',
|
||||
verbose_name='Superuser mapping',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'SAML',
|
||||
},
|
||||
bases=('authenticators.baseauthenticator',),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='SetAttributeAction',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('user_field', models.CharField(max_length=256, verbose_name='User field')),
|
||||
('saml_attribute', models.CharField(max_length=1024, verbose_name='SAML attribute name')),
|
||||
(
|
||||
'mandatory',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
help_text='Login will also be denied if attribute has more than one value.',
|
||||
verbose_name='Deny login if attribute is missing',
|
||||
),
|
||||
),
|
||||
(
|
||||
'authenticator',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='set_attribute_actions',
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'Set an attribute',
|
||||
'verbose_name_plural': 'Set attributes',
|
||||
'default_related_name': 'set_attribute_actions',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='SAMLAttributeLookup',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('user_field', models.CharField(max_length=256, verbose_name='User field')),
|
||||
('saml_attribute', models.CharField(max_length=1024, verbose_name='SAML attribute')),
|
||||
('ignore_case', models.BooleanField(default=False, verbose_name='Ignore case')),
|
||||
(
|
||||
'authenticator',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name='attribute_lookups',
|
||||
to='authenticators.baseauthenticator',
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'Attribute lookup',
|
||||
'verbose_name_plural': 'Lookup by attributes',
|
||||
'default_related_name': 'attribute_lookups',
|
||||
},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,141 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2_idp_cas.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_idp_cas', '0001_initial'),
|
||||
('authentic2_idp_cas', '0002_auto_20150410_1438'),
|
||||
('authentic2_idp_cas', '0003_auto_20150415_2223'),
|
||||
('authentic2_idp_cas', '0004_create_services'),
|
||||
('authentic2_idp_cas', '0005_alter_field_service_ptr'),
|
||||
('authentic2_idp_cas', '0006_copy_proxy_m2m'),
|
||||
('authentic2_idp_cas', '0007_alter_service'),
|
||||
('authentic2_idp_cas', '0008_alter_foreign_keys'),
|
||||
('authentic2_idp_cas', '0009_alter_related_models'),
|
||||
('authentic2_idp_cas', '0010_copy_service_ptr_id_to_old_id'),
|
||||
('authentic2_idp_cas', '0011_remove_old_id_restore_proxy'),
|
||||
('authentic2_idp_cas', '0012_copy_service_proxy_to_m2m'),
|
||||
('authentic2_idp_cas', '0013_delete_model_service_proxy2'),
|
||||
('authentic2_idp_cas', '0014_auto_20151204_1606'),
|
||||
('authentic2_idp_cas', '0015_auto_20170406_1825'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authentic2', '0051_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='Attribute',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('slug', models.SlugField(verbose_name='slug')),
|
||||
('attribute_name', models.CharField(max_length=64, verbose_name='attribute name')),
|
||||
('enabled', models.BooleanField(default=True, verbose_name='enabled')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'CAS attribute',
|
||||
'verbose_name_plural': 'CAS attributes',
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Service',
|
||||
fields=[
|
||||
(
|
||||
'service_ptr',
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to='authentic2.service',
|
||||
),
|
||||
),
|
||||
(
|
||||
'logout_url',
|
||||
models.URLField(
|
||||
blank=True,
|
||||
help_text='you can use a {} to pass the URL of the success icon, ex.: http://example.com/logout?next={}',
|
||||
max_length=255,
|
||||
null=True,
|
||||
verbose_name='url',
|
||||
),
|
||||
),
|
||||
(
|
||||
'logout_use_iframe',
|
||||
models.BooleanField(
|
||||
default=False, verbose_name='use an iframe instead of an img tag for logout'
|
||||
),
|
||||
),
|
||||
(
|
||||
'logout_use_iframe_timeout',
|
||||
models.PositiveIntegerField(
|
||||
default=300,
|
||||
help_text="if iframe logout is used, it's the time between the onload event "
|
||||
'for this iframe and the moment we consider its loading to be really finished',
|
||||
verbose_name='iframe logout timeout (ms)',
|
||||
),
|
||||
),
|
||||
('urls', models.TextField(verbose_name='urls')),
|
||||
('identifier_attribute', models.CharField(max_length=64, verbose_name='attribute name')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'service',
|
||||
'verbose_name_plural': 'services',
|
||||
},
|
||||
bases=('authentic2.service', models.Model),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='Ticket',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'ticket_id',
|
||||
models.CharField(
|
||||
default=authentic2_idp_cas.models.make_uuid,
|
||||
max_length=64,
|
||||
unique=True,
|
||||
verbose_name='ticket id',
|
||||
),
|
||||
),
|
||||
('renew', models.BooleanField(default=False, verbose_name='fresh authentication')),
|
||||
('validity', models.BooleanField(default=False, verbose_name='valid')),
|
||||
('service_url', models.TextField(blank=True, default='', verbose_name='service URL')),
|
||||
('creation', models.DateTimeField(auto_now_add=True, verbose_name='creation')),
|
||||
('expire', models.DateTimeField(blank=True, null=True, verbose_name='expire')),
|
||||
(
|
||||
'session_key',
|
||||
models.CharField(
|
||||
blank=True,
|
||||
db_index=True,
|
||||
default='',
|
||||
max_length=64,
|
||||
verbose_name='django session key',
|
||||
),
|
||||
),
|
||||
('proxies', models.TextField(blank=True, default='', verbose_name='proxies')),
|
||||
(
|
||||
'service',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='authentic2_idp_cas.service',
|
||||
verbose_name='service',
|
||||
),
|
||||
),
|
||||
],
|
||||
),
|
||||
]
|
|
@ -0,0 +1,70 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_idp_cas', '0001_initial'),
|
||||
('authentic2_idp_cas', '0002_auto_20150410_1438'),
|
||||
('authentic2_idp_cas', '0003_auto_20150415_2223'),
|
||||
('authentic2_idp_cas', '0004_create_services'),
|
||||
('authentic2_idp_cas', '0005_alter_field_service_ptr'),
|
||||
('authentic2_idp_cas', '0006_copy_proxy_m2m'),
|
||||
('authentic2_idp_cas', '0007_alter_service'),
|
||||
('authentic2_idp_cas', '0008_alter_foreign_keys'),
|
||||
('authentic2_idp_cas', '0009_alter_related_models'),
|
||||
('authentic2_idp_cas', '0010_copy_service_ptr_id_to_old_id'),
|
||||
('authentic2_idp_cas', '0011_remove_old_id_restore_proxy'),
|
||||
('authentic2_idp_cas', '0012_copy_service_proxy_to_m2m'),
|
||||
('authentic2_idp_cas', '0013_delete_model_service_proxy2'),
|
||||
('authentic2_idp_cas', '0014_auto_20151204_1606'),
|
||||
('authentic2_idp_cas', '0015_auto_20170406_1825'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authentic2_idp_cas', '0016_replace'),
|
||||
('custom_user', '0037_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='ticket',
|
||||
name='user',
|
||||
field=models.ForeignKey(
|
||||
blank=True,
|
||||
max_length=128,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='custom_user.user',
|
||||
verbose_name='user',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='service',
|
||||
name='proxy',
|
||||
field=models.ManyToManyField(
|
||||
blank=True,
|
||||
help_text='services who can request proxy tickets for this service',
|
||||
related_name='_authentic2_idp_cas_service_proxy_+',
|
||||
to='authentic2_idp_cas.Service',
|
||||
verbose_name='proxy',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='attribute',
|
||||
name='service',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='authentic2_idp_cas.service',
|
||||
verbose_name='service',
|
||||
),
|
||||
),
|
||||
migrations.AlterUniqueTogether(
|
||||
name='attribute',
|
||||
unique_together={('service', 'slug', 'attribute_name')},
|
||||
),
|
||||
]
|
|
@ -0,0 +1,299 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.core.validators
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
import authentic2_idp_oidc.models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_idp_oidc', '0001_initial'),
|
||||
('authentic2_idp_oidc', '0002_auto_20170121_2346'),
|
||||
('authentic2_idp_oidc', '0003_auto_20170329_1259'),
|
||||
('authentic2_idp_oidc', '0004_auto_20170324_1426'),
|
||||
('authentic2_idp_oidc', '0005_authorization_mode'),
|
||||
('authentic2_idp_oidc', '0006_auto_20170720_1054'),
|
||||
('authentic2_idp_oidc', '0007_oidcclient_has_api_access'),
|
||||
('authentic2_idp_oidc', '0008_oidcclient_idtoken_duration'),
|
||||
('authentic2_idp_oidc', '0009_auto_20180313_1156'),
|
||||
('authentic2_idp_oidc', '0010_oidcclaim'),
|
||||
('authentic2_idp_oidc', '0011_auto_20180808_1546'),
|
||||
('authentic2_idp_oidc', '0012_auto_20200122_2258'),
|
||||
('authentic2_idp_oidc', '0013_auto_20200630_1007'),
|
||||
('authentic2_idp_oidc', '0014_auto_20201126_1812'),
|
||||
('authentic2_idp_oidc', '0015_auto_20220304_0738'),
|
||||
('authentic2_idp_oidc', '0016_remove_oidcclient_perform_sub_profile_substitution'),
|
||||
('authentic2_idp_oidc', '0017_oidcaccesstoken_profile'),
|
||||
('authentic2_idp_oidc', '0018_alter_oidcaccesstoken_uuid'),
|
||||
('authentic2_idp_oidc', '0019_always_save_authorization'),
|
||||
('authentic2_idp_oidc', '0020_add_pkce_fields'),
|
||||
('authentic2_idp_oidc', '0021_oidcclient_pkce_code_challenge'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authentic2', '0051_replace'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='OIDCAccessToken',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'uuid',
|
||||
models.CharField(
|
||||
db_index=True,
|
||||
default=authentic2_idp_oidc.models.generate_uuid,
|
||||
max_length=128,
|
||||
verbose_name='uuid',
|
||||
),
|
||||
),
|
||||
('scopes', models.TextField(verbose_name='scopes')),
|
||||
('session_key', models.CharField(blank=True, max_length=128, verbose_name='session key')),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='created')),
|
||||
('expired', models.DateTimeField(null=True, verbose_name='expire')),
|
||||
],
|
||||
bases=(authentic2_idp_oidc.models.SessionMixin, models.Model),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='OIDCAuthorization',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('client_id', models.PositiveIntegerField(verbose_name='client id')),
|
||||
('scopes', models.TextField(verbose_name='scopes')),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='created')),
|
||||
('expired', models.DateTimeField(verbose_name='expire')),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='OIDCClaim',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
('name', models.CharField(blank=True, max_length=128, verbose_name='attribute name')),
|
||||
('value', models.CharField(blank=True, max_length=128, verbose_name='value of attribute')),
|
||||
('scopes', models.CharField(blank=True, max_length=128, verbose_name='attribute scopes')),
|
||||
],
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='OIDCClient',
|
||||
fields=[
|
||||
(
|
||||
'service_ptr',
|
||||
models.OneToOneField(
|
||||
auto_created=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
parent_link=True,
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
to='authentic2.service',
|
||||
),
|
||||
),
|
||||
(
|
||||
'client_id',
|
||||
models.CharField(
|
||||
default=authentic2_idp_oidc.models.generate_uuid,
|
||||
max_length=255,
|
||||
unique=True,
|
||||
verbose_name='client id',
|
||||
),
|
||||
),
|
||||
(
|
||||
'client_secret',
|
||||
models.CharField(
|
||||
default=authentic2_idp_oidc.models.generate_uuid,
|
||||
max_length=255,
|
||||
verbose_name='client secret',
|
||||
),
|
||||
),
|
||||
(
|
||||
'idtoken_duration',
|
||||
models.DurationField(
|
||||
blank=True,
|
||||
default=None,
|
||||
null=True,
|
||||
verbose_name='time during which the token is valid',
|
||||
),
|
||||
),
|
||||
(
|
||||
'access_token_duration',
|
||||
models.DurationField(
|
||||
blank=True,
|
||||
default=None,
|
||||
null=True,
|
||||
verbose_name='time during which the access token is valid',
|
||||
),
|
||||
),
|
||||
(
|
||||
'authorization_mode',
|
||||
models.PositiveIntegerField(
|
||||
choices=[(1, 'authorization by service'), (2, 'authorization by ou'), (3, 'none')],
|
||||
default=1,
|
||||
verbose_name='authorization mode',
|
||||
),
|
||||
),
|
||||
(
|
||||
'authorization_flow',
|
||||
models.PositiveIntegerField(
|
||||
choices=[
|
||||
(1, 'authorization code'),
|
||||
(2, 'implicit/native'),
|
||||
(3, 'resource owner password credentials'),
|
||||
],
|
||||
default=1,
|
||||
verbose_name='authorization flow',
|
||||
),
|
||||
),
|
||||
(
|
||||
'always_save_authorization',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
help_text='do not display the “do not ask again” choice',
|
||||
verbose_name='always save authorization',
|
||||
),
|
||||
),
|
||||
(
|
||||
'authorization_default_duration',
|
||||
models.PositiveIntegerField(
|
||||
default=0,
|
||||
help_text='0 for default value (one year)',
|
||||
verbose_name='duration of saved authorization (in days)',
|
||||
),
|
||||
),
|
||||
(
|
||||
'redirect_uris',
|
||||
models.TextField(
|
||||
validators=[authentic2_idp_oidc.models.validate_https_url],
|
||||
verbose_name='redirect URIs',
|
||||
),
|
||||
),
|
||||
(
|
||||
'post_logout_redirect_uris',
|
||||
models.TextField(
|
||||
blank=True,
|
||||
default='',
|
||||
validators=[authentic2_idp_oidc.models.validate_https_url],
|
||||
verbose_name='post logout redirect URIs',
|
||||
),
|
||||
),
|
||||
('sector_identifier_uri', models.URLField(blank=True, verbose_name='sector identifier URI')),
|
||||
(
|
||||
'identifier_policy',
|
||||
models.PositiveIntegerField(
|
||||
choices=[
|
||||
(1, 'uuid'),
|
||||
(2, 'pairwise unreversible'),
|
||||
(4, 'pairwise reversible'),
|
||||
(3, 'email'),
|
||||
],
|
||||
default=2,
|
||||
verbose_name='identifier policy',
|
||||
),
|
||||
),
|
||||
(
|
||||
'scope',
|
||||
models.TextField(
|
||||
blank=True,
|
||||
default='',
|
||||
help_text='Permitted or default scopes (for credentials grant)',
|
||||
verbose_name='resource owner credentials grant scope',
|
||||
),
|
||||
),
|
||||
(
|
||||
'idtoken_algo',
|
||||
models.PositiveIntegerField(
|
||||
choices=[(2, 'HMAC'), (1, 'RSA'), (3, 'EC')],
|
||||
default=2,
|
||||
verbose_name='IDToken signature algorithm',
|
||||
),
|
||||
),
|
||||
('has_api_access', models.BooleanField(default=False, verbose_name='has API access')),
|
||||
(
|
||||
'activate_user_profiles',
|
||||
models.BooleanField(
|
||||
blank=True,
|
||||
default=False,
|
||||
verbose_name="activate users' juridical entity profiles management",
|
||||
),
|
||||
),
|
||||
(
|
||||
'frontchannel_logout_uri',
|
||||
models.URLField(blank=True, verbose_name='frontchannel logout URI'),
|
||||
),
|
||||
(
|
||||
'frontchannel_timeout',
|
||||
models.PositiveIntegerField(blank=True, null=True, verbose_name='frontchannel timeout'),
|
||||
),
|
||||
(
|
||||
'pkce_code_challenge',
|
||||
models.BooleanField(
|
||||
default=False,
|
||||
help_text='If PKCE is mandatory, the only method accepted will be S256.',
|
||||
verbose_name='Client MUST provide a PKCE code_challenge',
|
||||
),
|
||||
),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='created')),
|
||||
('modified', models.DateTimeField(auto_now=True, verbose_name='modified')),
|
||||
],
|
||||
bases=('authentic2.service',),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='OIDCCode',
|
||||
fields=[
|
||||
(
|
||||
'id',
|
||||
models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
|
||||
),
|
||||
(
|
||||
'uuid',
|
||||
models.CharField(
|
||||
default=authentic2_idp_oidc.models.generate_uuid, max_length=128, verbose_name='uuid'
|
||||
),
|
||||
),
|
||||
('scopes', models.TextField(verbose_name='scopes')),
|
||||
('state', models.TextField(null=True, verbose_name='state')),
|
||||
('nonce', models.TextField(null=True, verbose_name='nonce')),
|
||||
(
|
||||
'redirect_uri',
|
||||
models.TextField(
|
||||
validators=[django.core.validators.URLValidator()], verbose_name='redirect URI'
|
||||
),
|
||||
),
|
||||
('session_key', models.CharField(max_length=128, verbose_name='session key')),
|
||||
('auth_time', models.DateTimeField(verbose_name='auth time')),
|
||||
('code_challenge', models.TextField(null=True, verbose_name='Code challenge')),
|
||||
(
|
||||
'code_challenge_method',
|
||||
models.IntegerField(
|
||||
choices=[(1, 'plain'), (2, 'S256')],
|
||||
default=1,
|
||||
null=True,
|
||||
verbose_name='Code challenge method',
|
||||
),
|
||||
),
|
||||
('created', models.DateTimeField(auto_now_add=True, verbose_name='created')),
|
||||
('expired', models.DateTimeField(verbose_name='expire')),
|
||||
(
|
||||
'client',
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='authentic2_idp_oidc.oidcclient',
|
||||
verbose_name='client',
|
||||
),
|
||||
),
|
||||
],
|
||||
bases=(authentic2_idp_oidc.models.SessionMixin, models.Model),
|
||||
),
|
||||
]
|
|
@ -0,0 +1,119 @@
|
|||
# Generated by Django 3.2.23 on 2023-12-14 21:01
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
replaces = [
|
||||
('authentic2_idp_oidc', '0001_initial'),
|
||||
('authentic2_idp_oidc', '0002_auto_20170121_2346'),
|
||||
('authentic2_idp_oidc', '0003_auto_20170329_1259'),
|
||||
('authentic2_idp_oidc', '0004_auto_20170324_1426'),
|
||||
('authentic2_idp_oidc', '0005_authorization_mode'),
|
||||
('authentic2_idp_oidc', '0006_auto_20170720_1054'),
|
||||
('authentic2_idp_oidc', '0007_oidcclient_has_api_access'),
|
||||
('authentic2_idp_oidc', '0008_oidcclient_idtoken_duration'),
|
||||
('authentic2_idp_oidc', '0009_auto_20180313_1156'),
|
||||
('authentic2_idp_oidc', '0010_oidcclaim'),
|
||||
('authentic2_idp_oidc', '0011_auto_20180808_1546'),
|
||||
('authentic2_idp_oidc', '0012_auto_20200122_2258'),
|
||||
('authentic2_idp_oidc', '0013_auto_20200630_1007'),
|
||||
('authentic2_idp_oidc', '0014_auto_20201126_1812'),
|
||||
('authentic2_idp_oidc', '0015_auto_20220304_0738'),
|
||||
('authentic2_idp_oidc', '0016_remove_oidcclient_perform_sub_profile_substitution'),
|
||||
('authentic2_idp_oidc', '0017_oidcaccesstoken_profile'),
|
||||
('authentic2_idp_oidc', '0018_alter_oidcaccesstoken_uuid'),
|
||||
('authentic2_idp_oidc', '0019_always_save_authorization'),
|
||||
('authentic2_idp_oidc', '0020_add_pkce_fields'),
|
||||
('authentic2_idp_oidc', '0021_oidcclient_pkce_code_challenge'),
|
||||
]
|
||||
|
||||
initial = True
|
||||
|
||||
dependencies = [
|
||||
('authentic2_idp_oidc', '0022_replace'),
|
||||
('custom_user', '0037_replace'),
|
||||
('contenttypes', '0002_remove_content_type_name'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='oidccode',
|
||||
name='profile',
|
||||
field=models.ForeignKey(
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='custom_user.profile',
|
||||
verbose_name='user selected profile',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidccode',
|
||||
name='user',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE, to='custom_user.user', verbose_name='user'
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcclaim',
|
||||
name='client',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='authentic2_idp_oidc.oidcclient',
|
||||
verbose_name='client',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcauthorization',
|
||||
name='client_ct',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='contenttypes.contenttype',
|
||||
verbose_name='client ct',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcauthorization',
|
||||
name='profile',
|
||||
field=models.ForeignKey(
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='custom_user.profile',
|
||||
verbose_name='profile',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcauthorization',
|
||||
name='user',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE, to='custom_user.user', verbose_name='user'
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcaccesstoken',
|
||||
name='client',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='authentic2_idp_oidc.oidcclient',
|
||||
verbose_name='client',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcaccesstoken',
|
||||
name='profile',
|
||||
field=models.ForeignKey(
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
to='custom_user.profile',
|
||||
verbose_name='profile',
|
||||
),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='oidcaccesstoken',
|
||||
name='user',
|
||||
field=models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE, to='custom_user.user', verbose_name='user'
|
||||
),
|
||||
),
|
||||
]
|
Loading…
Reference in New Issue