0001-adapters-add-a-separate-method-to-remove-superuser-f.patch
mellon/adapters.py | ||
---|---|---|
185 | 185 |
superuser_mapping = utils.get_setting(idp, 'SUPERUSER_MAPPING') |
186 | 186 |
if not superuser_mapping: |
187 | 187 |
return |
188 |
attribute_set = False |
|
189 | 188 |
for key, values in superuser_mapping.items(): |
190 | 189 |
if key in saml_attributes: |
191 | 190 |
if not isinstance(values, (tuple, list)): |
... | ... | |
199 | 198 |
if not (user.is_staff and user.is_superuser): |
200 | 199 |
user.is_staff = True |
201 | 200 |
user.is_superuser = True |
202 |
attribute_set = True
|
|
201 |
user.save()
|
|
203 | 202 |
self.logger.info('flag is_staff and is_superuser added to user %s', user) |
204 | 203 |
break |
205 | 204 |
else: |
206 |
if user.is_superuser or user.is_staff: |
|
207 |
user.is_staff = False |
|
208 |
user.is_superuser = False |
|
209 |
self.logger.info('flag is_staff and is_superuser removed from user %s', user) |
|
210 |
attribute_set = True |
|
211 |
if attribute_set: |
|
205 |
self.remove_superuser(user) |
|
206 | ||
207 |
def remove_superuser(self, user): |
|
208 |
if user.is_superuser or user.is_staff: |
|
209 |
user.is_staff = False |
|
210 |
user.is_superuser = False |
|
211 |
self.logger.info('flag is_staff and is_superuser removed from user %s', user) |
|
212 | 212 |
user.save() |
213 | 213 | |
214 | 214 |
def provision_groups(self, user, idp, saml_attributes): |
215 |
- |