0001-manager-always-check-role-s-name-uniqueness-33944.patch
src/authentic2/a2_rbac/models.py | ||
---|---|---|
215 | 215 | |
216 | 216 |
def clean(self): |
217 | 217 |
super(Role, self).clean() |
218 |
if not self.service and not self.admin_scope_ct_id: |
|
219 |
if not self.id and self.__class__.objects.filter( |
|
220 |
name=self.name, ou=self.ou): |
|
221 |
raise ValidationError( |
|
222 |
{'name': _('This name is not unique over this ' |
|
223 |
'organizational unit.')}) |
|
218 |
qs = self.__class__.objects.filter(name=self.name, ou=self.ou) |
|
219 |
if self.pk: |
|
220 |
qs = qs.exclude(pk=self.pk) |
|
221 |
if qs.exists(): |
|
222 |
raise ValidationError({'name': _('Name already used')}) |
|
224 | 223 | |
225 | 224 |
def save(self, *args, **kwargs): |
226 | 225 |
# Service roles can only be part of the same ou as the service |
src/authentic2/manager/forms.py | ||
---|---|---|
436 | 436 |
if utils.get_ou_count() < 2: |
437 | 437 |
del self.fields['ou'] |
438 | 438 | |
439 |
def save(self, *args, **kwargs):
|
|
439 |
def clean(self):
|
|
440 | 440 |
if 'ou' not in self.fields: |
441 | 441 |
self.instance.ou = get_default_ou() |
442 |
return super(HideOUFieldMixin, self).save(*args, **kwargs) |
|
443 | 442 | |
444 | 443 | |
445 | 444 |
class OUSearchForm(FormWithRequest): |
... | ... | |
649 | 648 |
ou = forms.ModelChoiceField(queryset=get_ou_model().objects, |
650 | 649 |
required=True, label=_('Organizational unit')) |
651 | 650 | |
652 |
def clean_name(self): |
|
653 |
qs = get_role_model().objects.all() |
|
654 |
if self.instance and self.instance.pk: |
|
655 |
qs = qs.exclude(pk=self.instance.pk) |
|
656 |
ou = self.cleaned_data.get('ou') |
|
657 |
# Test unicity of name for an OU and globally if no OU is present |
|
658 |
name = self.cleaned_data.get('name') |
|
659 |
if name and ou: |
|
660 |
query = Q(name=name) & (Q(ou__isnull=True) | Q(ou=ou)) |
|
661 |
if qs.filter(query).exists(): |
|
662 |
raise ValidationError( |
|
663 |
{'name': _('This name is not unique over this organizational unit.')}) |
|
664 |
return name |
|
665 | ||
666 | 651 |
class Meta: |
667 | 652 |
model = get_role_model() |
668 | 653 |
fields = ('name', 'ou', 'description') |
src/authentic2/manager/locale/fr/LC_MESSAGES/django.po | ||
---|---|---|
133 | 133 |
msgid "Free text" |
134 | 134 |
msgstr "Recherche libre" |
135 | 135 | |
136 |
#: src/authentic2/manager/forms.py:646 |
|
137 |
msgid "This name is not unique over this organizational unit." |
|
138 |
msgstr "Ce nom n'est pas unique pour cette collectivité" |
|
139 | ||
140 | 136 |
#: src/authentic2/manager/forms.py:657 src/authentic2/manager/tables.py:62 |
141 | 137 |
#: src/authentic2/manager/tables.py:86 src/authentic2/manager/tables.py:114 |
142 | 138 |
#: src/authentic2/manager/tables.py:132 |
tests/test_role_manager.py | ||
---|---|---|
35 | 35 |
assert export.keys() == ['roles'] |
36 | 36 |
assert len(export['roles']) == 1 |
37 | 37 |
assert export['roles'][0]['slug'] == 'role_ou1' |
38 | ||
39 | ||
40 |
def test_manager_role_name_uniqueness_single_ou(app, admin): |
|
41 |
response = login(app, admin, 'a2-manager-roles') |
|
42 | ||
43 |
response = response.click('Add') |
|
44 |
response.form.set('name', 'Role1') |
|
45 |
response = response.form.submit('Save').follow() |
|
46 |
response = response.click('Roles') |
|
47 |
assert response.pyquery('td.name').text() == 'Role1' |
|
48 | ||
49 |
response = response.click('Add') |
|
50 |
response.form.set('name', 'Role1') |
|
51 |
response = response.form.submit('Save') |
|
52 |
assert response.pyquery('.errorlist').eq(1).text() == 'Name already used' |
|
53 | ||
54 | ||
55 |
def test_manager_role_name_uniqueness_multiple_ou(app, admin, ou1): |
|
56 |
response = login(app, admin, 'a2-manager-roles') |
|
57 | ||
58 |
response = response.click('Add') |
|
59 |
response.form.set('ou', str(ou1.id)) |
|
60 |
response.form.set('name', 'Role1') |
|
61 |
response = response.form.submit('Save').follow() |
|
62 |
response = response.click('Roles') |
|
63 |
assert response.pyquery('td.name').text() == 'Role1' |
|
64 | ||
65 |
response = response.click('Add') |
|
66 |
response.form.set('ou', str(ou1.id)) |
|
67 |
response.form.set('name', 'Role1') |
|
68 |
response = response.form.submit('Save') |
|
69 |
assert response.pyquery('.errorlist').eq(1).text() == 'Name already used' |
|
38 |
- |