0001-authentic-allow-provisionning-some-technical-roles-3.patch

Benjamin Dauvergne, 24 septembre 2019 11:44

Voir les différences: en ligne côte à côte

Subject: [PATCH] authentic: allow provisionning some technical roles (#36398)

 hobo/agent/authentic2/provisionning.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

                     instance.ou = ous[instance.ou_id]
         def notify_users(self, ous, users, mode='provision'):
             allowed_technical_roles_prefixes = getattr(settings, 'HOBO_PROVISION_ROLE_PREFIXES', []) or []
             if mode == 'provision':
                 users = (User.objects.filter(id__in=[u.id for u in users])
                          .select_related('ou').prefetch_related('attribute_values__attribute'))
-...
             for user in users:
                 ous.setdefault(user.ou, set()).add(user)
             def is_technical_role(role):
                 return role.slug.startswith('_') and not role.slug.startswith(tuple(allowed_technical_roles_prefixes))
             issuer = unicode(self.get_entity_id())
             if mode == 'provision':
-...
                     data = {}
                     # filter user's roles visible by the service's ou
                     roles = [role for role in user_roles.get(user.id, [])
                              if (not role.slug.startswith('_')
                              if (not is_technical_role(role)
                                  and (role.ou_id is None or (ou and role.ou_id == ou.id)))]
                     data.update({
                         'uuid': user.uuid,
+    -

Produits Entr'ouvert » Hobo