blacked

api/tacticalrmm/accounts/urls.py

@@ -6,7 +6,9 @@
     path("users/", views.GetAddUsers.as_view()),
     path("<int:pk>/users/", views.GetUpdateDeleteUser.as_view()),
     path("sessions/<str:pk>/", views.DeleteActiveLoginSession.as_view()),
-    path("users/<int:pk>/sessions/", views.GetDeleteActiveLoginSessionsPerUser.as_view()),
+    path(
+        "users/<int:pk>/sessions/", views.GetDeleteActiveLoginSessionsPerUser.as_view()
+    ),
     path("users/reset/", views.UserActions.as_view()),
     path("users/reset_totp/", views.UserActions.as_view()),
     path("users/setup_totp/", views.TOTPSetup.as_view()),

api/tacticalrmm/ee/sso/urls.py

@@ -4,7 +4,6 @@
 For details, see: https://license.tacticalrmm.com/ee
 """
 
-
 from django.urls import path
 from django.urls import include
 
@@ -16,4 +15,4 @@
     path("ssoproviders/<int:pk>/", views.GetUpdateDeleteSSOProvider.as_view()),
     path("ssoproviders/token/", views.GetAccessToken.as_view()),
     path("ssoproviders/settings/", views.GetUpdateSSOSettings.as_view()),
-]
+]

api/tacticalrmm/ee/sso/views.py

@@ -4,7 +4,6 @@
 For details, see: https://license.tacticalrmm.com/ee
 """
 
-
 import re
 from django.shortcuts import get_object_or_404
 
@@ -21,8 +20,10 @@
 from logs.models import AuditLog
 from tacticalrmm.utils import get_core_settings
 
+
 class SocialAppSerializer(ModelSerializer):
     server_url = ReadOnlyField(source="settings.server_url")
+
     class Meta:
         model = SocialApp
         fields = [
@@ -35,7 +36,7 @@ class Meta:
             "server_url",
             "settings",
         ]
-        
+
 
 class GetAddSSOProvider(APIView):
     permission_classes = [IsAuthenticated, AccountsPerms]
@@ -46,6 +47,7 @@ def get(self, request):
 
     class InputSerializer(ModelSerializer):
         server_url = ReadOnlyField()
+
         class Meta:
             model = SocialApp
             fields = [
@@ -55,13 +57,13 @@ class Meta:
                 "server_url",
                 "provider",
                 "provider_id",
-                "settings"
+                "settings",
             ]
 
     # removed any special characters and replaces spaces with a hyphen
     def generate_provider_id(self, string):
-        id = re.sub(r'[^A-Za-z0-9\s]', '', string)
-        id = id.replace(' ', '-')
+        id = re.sub(r"[^A-Za-z0-9\s]", "", string)
+        id = id.replace(" ", "-")
         return id
 
     def post(self, request):
@@ -88,14 +90,10 @@ class GetUpdateDeleteSSOProvider(APIView):
 
     class InputSerialzer(ModelSerializer):
         server_url = ReadOnlyField()
+
         class Meta:
             model = SocialApp
-            fields = [
-                "client_id",
-                "secret",
-                "server_url",
-                "settings"
-            ]   
+            fields = ["client_id", "secret", "server_url", "settings"]
 
     def put(self, request, pk):
         provider = get_object_or_404(SocialApp, pk=pk)
@@ -105,7 +103,9 @@ def put(self, request, pk):
         data["settings"] = {}
         data["settings"]["server_url"] = data["server_url"]
 
-        serializer = self.InputSerialzer(instance=provider, data=request.data, partial=True)
+        serializer = self.InputSerialzer(
+            instance=provider, data=request.data, partial=True
+        )
         serializer.is_valid(raise_exception=True)
         serializer.save()
         return Response("ok")
@@ -122,25 +122,32 @@ class GetAccessToken(KnoxLoginView):
 
     def post(self, request, format=None):
         # check for auth method before signing in
-        if "account_authentication_methods" in request.session and len(request.session["account_authentication_methods"]) > 0:
+        if (
+            "account_authentication_methods" in request.session
+            and len(request.session["account_authentication_methods"]) > 0
+        ):
             login_method = request.session["account_authentication_methods"][0]
 
             # get token
             response = super().post(request, format=None)
             response.data["username"] = request.user.username
             response.data["provider"] = login_method["provider"]
 
-            AuditLog.audit_user_login_successful_sso(request.user.username, login_method["provider"], login_method)
+            AuditLog.audit_user_login_successful_sso(
+                request.user.username, login_method["provider"], login_method
+            )
 
-            #invalid user session since we have an access token now
+            # invalid user session since we have an access token now
             logout(request)
-        
+
             return Response(response.data)
         else:
             AuditLog.audit_user_login_failed_sso(request.user.username)
             logout(request)
-            return Response("The credentials supplied were invalid", status.HTTP_403_FORBIDDEN)
-
+            return Response(
+                "The credentials supplied were invalid", status.HTTP_403_FORBIDDEN
+            )
+
 
 class GetUpdateSSOSettings(APIView):
     permission_classes = [IsAuthenticated, AccountsPerms]
@@ -150,14 +157,14 @@ def get(self, request):
         settings = get_core_settings()
 
         return Response({"block_local_user_logon": settings.block_local_user_logon})
-    
+
     def post(self, request):
 
         data = request.data
-        
+
         settings = get_core_settings()
 
         settings.block_local_user_logon = data["block_local_user_logon"]
         settings.save(update_fields=["block_local_user_logon"])
 
-        return Response("ok")
+        return Response("ok")

api/tacticalrmm/tacticalrmm/middleware.py

@@ -29,7 +29,7 @@ def get_debug_info() -> Dict[str, Any]:
     "/api/schema",
     "/accounts/ssoproviders/token",
     "/_allauth/browser/v1/config",
-    "/_allauth/browser/v1/auth/provider/redirect"
+    "/_allauth/browser/v1/auth/provider/redirect",
 )
 
 DEMO_EXCLUDE_PATHS = (
@@ -75,7 +75,9 @@ def process_view(self, request, view_func, view_args, view_kwargs):
                     # gather and save debug info
                     debug_info["url"] = request.path
                     debug_info["method"] = request.method
-                    debug_info["view_class"] = view_func.cls.__name__ if hasattr(view_func, "cls") else None
+                    debug_info["view_class"] = (
+                        view_func.cls.__name__ if hasattr(view_func, "cls") else None
+                    )
                     debug_info["view_func"] = view_Name
                     debug_info["view_args"] = view_args
                     debug_info["view_kwargs"] = view_kwargs

api/tacticalrmm/tacticalrmm/settings.py

@@ -184,7 +184,7 @@
     "scripts",
     "alerts",
     "ee.reporting",
-    "ee.sso"
+    "ee.sso",
 ]
 
 CHANNEL_LAYERS = {
@@ -200,16 +200,12 @@
 HEADLESS_ONLY = True
 SOCIALACCOUNT_ONLY = True
 ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
-ACCOUNT_EMAIL_VERIFICATION = 'none'
+ACCOUNT_EMAIL_VERIFICATION = "none"
 SOCIALACCOUNT_EMAIL_AUTHENTICATION = True
 SOCIALACCOUNT_EMAIL_AUTHENTICATION_AUTO_CONNECT = True
 SOCIALACCOUNT_EMAIL_VERIFICATION = True
 
-SOCIALACCOUNT_PROVIDERS = {
-    "openid_connect": {
-        "OAUTH_PKCE_ENABLED": True
-    }
-}
+SOCIALACCOUNT_PROVIDERS = {"openid_connect": {"OAUTH_PKCE_ENABLED": True}}
 
 AUTHENTICATION_BACKENDS = ("allauth.account.auth_backends.AuthenticationBackend",)
 SESSION_COOKIE_SECURE = True
@@ -258,9 +254,7 @@
     MIDDLEWARE.insert(0, "silk.middleware.SilkyMiddleware")
 
 if ADMIN_ENABLED:
-    INSTALLED_APPS += (
-        "django.contrib.admin",
-    )
+    INSTALLED_APPS += ("django.contrib.admin",)
 
 if DEMO:
     MIDDLEWARE += ("tacticalrmm.middleware.DemoMiddleware",)

api/tacticalrmm/tacticalrmm/urls.py

@@ -23,10 +23,8 @@ def to_url(self, value):
 
 urlpatterns = [
     path("", home),
-
     # all auth urls
     path("_allauth/", include("allauth.headless.urls")),
-
     path("v2/checkcreds/", CheckCredsV2.as_view()),
     path("v2/login/", LoginViewV2.as_view()),
     path("checkcreds/", CheckCreds.as_view()),  # DEPRECATED AS OF 0.19.0