0001-authentic-agent-mass-provision-roles-on-new-services.patch
| hobo/agent/authentic2/management/commands/hobo_deploy.py | ||
|---|---|---|
| 22 | 22 |
from tenant_schemas.utils import tenant_context |
| 23 | 23 | |
| 24 | 24 |
from hobo.agent.common.management.commands import hobo_deploy |
| 25 |
from hobo.agent.authentic2.provisionning import Provisionning |
|
| 25 | 26 | |
| 26 | 27 |
User = get_user_model() |
| 27 | 28 | |
| ... | ... | |
| 123 | 124 |
services = hobo_environment['services'] |
| 124 | 125 |
retries = 0 |
| 125 | 126 |
loaded = 0 |
| 127 |
provision_target_ous = {}
|
|
| 126 | 128 |
max_retries = 1 if self.redeploy else 5 |
| 127 | 129 |
while retries < max_retries: |
| 128 | 130 |
for service in services: |
| ... | ... | |
| 183 | 185 |
name=service['title']) |
| 184 | 186 |
if service_created or not provider.ou: |
| 185 | 187 |
provider.ou = ou |
| 188 |
provision_target_ous[provider.ou.id] = provider.ou |
|
| 186 | 189 |
provider.save() |
| 187 | 190 |
if service_created: |
| 188 | 191 |
service_provider = LibertyServiceProvider( |
| ... | ... | |
| 233 | 236 |
time.sleep(self.backoff_factor * (2 ** retries)) |
| 234 | 237 |
retries += 1 |
| 235 | 238 | |
| 239 |
if provision_target_ous: |
|
| 240 |
# mass provision roles on new created services |
|
| 241 |
engine = Provisionning() |
|
| 242 |
roles = get_role_model().objects.all() |
|
| 243 |
engine.notify_roles(provision_target_ous, roles, full=True) |
|
| 244 | ||
| 236 | 245 |
for service in services: |
| 237 | 246 |
if not service.get('$done'):
|
| 238 | 247 |
last_error = service['$last-error'] |
| tests_authentic/test_hobo_deploy.py | ||
|---|---|---|
| 56 | 56 |
}, |
| 57 | 57 |
], roles_json) |
| 58 | 58 | |
| 59 |
# As a user is created, notify_agents is called, as celery is not running |
|
| 60 |
# we just block it |
|
| 61 |
mocker.patch('hobo.agent.authentic2.provisionning.notify_agents')
|
|
| 62 | 59 |
requests_get = mocker.patch('requests.get')
|
| 63 | 60 |
meta1 = '''<?xml version="1.0"?> |
| 64 | 61 |
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" |
| ... | ... | |
| 314 | 311 |
hobo_json = tempfile.NamedTemporaryFile() |
| 315 | 312 |
hobo_json.write(hobo_json_content) |
| 316 | 313 |
hobo_json.flush() |
| 317 |
call_command('hobo_deploy', 'http://sso.example.net', hobo_json.name)
|
|
| 314 | ||
| 315 |
with mock.patch('hobo.agent.authentic2.provisionning.notify_agents') as mock_notify:
|
|
| 316 |
call_command('hobo_deploy', 'http://sso.example.net', hobo_json.name)
|
|
| 317 | ||
| 318 |
# check role mass provisionning to new services |
|
| 319 |
# two wcs => two ous => two audiences |
|
| 320 |
assert mock_notify.call_count == 2 |
|
| 321 |
audiences = sorted([arg[0][0]['audience'] for arg in mock_notify.call_args_list]) |
|
| 322 |
assert audiences == [['http://clapiers.example.net/saml/metadata'], |
|
| 323 |
['http://eservices.example.net/saml/metadata', 'http://passerelle.example.net/saml/metadata']] |
|
| 324 |
assert [arg[0][0]['@type'] for arg in mock_notify.call_args_list] == ['provision', 'provision'] |
|
| 325 |
assert [arg[0][0]['objects']['@type'] for arg in mock_notify.call_args_list] == ['role', 'role'] |
|
| 326 |
assert [arg[0][0]['full'] for arg in mock_notify.call_args_list] == [True, True] |
|
| 318 | 327 | |
| 319 | 328 |
from hobo.multitenant.middleware import TenantMiddleware |
| 320 | 329 |
tenants = list(TenantMiddleware.get_tenants()) |
| 321 |
- |
|