0001-provisioning-only-send-user-s-roles-visible-by-the-s.patch
hobo/agent/authentic2/provisionning.py | ||
---|---|---|
101 | 101 |
def user_to_json(service, user, user_roles): |
102 | 102 |
from authentic2.api_views import BaseUserSerializer |
103 | 103 |
data = {} |
104 |
roles = user.roles_and_parents().prefetch_related('attributes') |
|
105 | 104 |
data.update({ |
106 | 105 |
'uuid': user.uuid, |
107 | 106 |
'username': user.username, |
... | ... | |
113 | 112 |
'uuid': role.uuid, |
114 | 113 |
'name': role.name, |
115 | 114 |
'slug': role.slug, |
116 |
} for role in roles],
|
|
115 |
} for role in user_roles.get(user.id, []) if role.ou_id is None or role.ou_id == service.ou_id],
|
|
117 | 116 |
}) |
118 | 117 |
data.update(BaseUserSerializer(user).data) |
119 | 118 |
# check if user is superuser through a role |
120 |
- |