New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Global python functions/vars for expression policies #4842
Comments
You can already achieve this... Well sort of. Option 1:
Then:
Option 2:
Then:
Option 3 Hope that helps. |
Hey @sdimovv, thanks for the detailed information. I will try Option 2 and report back with my results. Do you think this approach should become the recommended approach for authentik or is it worth to add a seperate Feature/Model for this? Both sides have their pros/cons. Seperate Model: "Helper" Expression Policys: No matter which way is choosen, we should document how to share code/variables and present a recommended approach in the docs. |
Ny recommendation would also be the 2nd option, basically using polices as functions and then calling them via It would be a bit clunky to call |
This does not seem to work, that call will always return a PolicyResult object, that does not seem to have the output result. Only the methods Is this something that is not implemented yet or am I doing something wrong? |
Return does not work. Even in the PolicyResult object there is not field for the return value. |
Another downsite of the workaround no. 2 is that the policies used by |
I found another challange: Where to store secrets like API Tokens? From a security perspective it wouldn't be great to store them in the policy which is saved as plain-text in the DB. Maybe a K8 Secret + volume mount works, however i haven't tested it yet. |
With the latest changes to prompts (#4822) we can create dynamic prompts.
|
Thanks @BeryJu |
Add an option to globaly define some variables and functions to reuse python code in expression policys.
Currently i find myself having similar code and variables chaotically distributed in policies.
The text was updated successfully, but these errors were encountered: