0002-python3-migrate-authentic-40407.patch
hobo/agent/authentic2/provisionning.py | ||
---|---|---|
1 | 1 |
import json |
2 |
from urlparse import urljoin
|
|
2 |
from django.utils.six.moves.urllib.parse import urljoin
|
|
3 | 3 |
import threading |
4 | 4 |
import copy |
5 | 5 |
import logging |
... | ... | |
8 | 8 |
from django.db import connection |
9 | 9 |
from django.core.urlresolvers import reverse |
10 | 10 |
from django.conf import settings |
11 |
from django.utils.encoding import force_text |
|
11 | 12 | |
12 | 13 |
from django_rbac.utils import get_role_model, get_ou_model, get_role_parenting_model |
13 | 14 |
from hobo.agent.common import notify_agents |
... | ... | |
25 | 26 | |
26 | 27 |
class Provisionning(threading.local): |
27 | 28 |
__slots__ = ['threads'] |
28 |
threads = set() |
|
29 | 29 | |
30 | 30 |
def __init__(self): |
31 |
self.threads = set() |
|
31 | 32 |
self.stack = [] |
32 | 33 | |
33 | 34 |
def start(self): |
... | ... | |
100 | 101 |
def is_forbidden_technical_role(role): |
101 | 102 |
return role.slug.startswith('_') and not role.slug.startswith(tuple(allowed_technical_roles_prefixes)) |
102 | 103 | |
103 |
issuer = unicode(self.get_entity_id())
|
|
104 |
issuer = force_text(self.get_entity_id())
|
|
104 | 105 |
if mode == 'provision': |
105 | 106 | |
106 | 107 |
def user_to_json(ou, service, user, user_roles): |
... | ... | |
151 | 152 |
for rp in RoleParenting.objects.filter(child__in=all_roles): |
152 | 153 |
parents.setdefault(rp.child.id, []).append(rp.parent.id) |
153 | 154 |
Through = Role.members.through |
154 |
for u_id, r_id in Through.objects.filter(role__members__in=users).values_list('user_id',
|
|
155 |
'role_id'):
|
|
155 |
qs = Through.objects.filter(role__members__in=users).values_list('user_id', 'role_id')
|
|
156 |
for u_id, r_id in qs:
|
|
156 | 157 |
user_roles.setdefault(u_id, set()).add(roles[r_id]) |
157 | 158 |
for p_id in parents.get(r_id, []): |
158 | 159 |
user_roles[u_id].add(roles[p_id]) |
... | ... | |
163 | 164 |
ous.setdefault(r.ou, set()).add(user) |
164 | 165 | |
165 | 166 |
if roles_with_attributes: |
166 |
for ou, users in ous.iteritems():
|
|
167 |
for ou, users in ous.items(): |
|
167 | 168 |
for service, audience in self.get_audience(ou): |
168 | 169 |
for user in users: |
169 | 170 |
logger.info(u'provisionning user %s to %s', user, audience) |
... | ... | |
178 | 179 |
} |
179 | 180 |
}) |
180 | 181 |
else: |
181 |
for ou, users in ous.iteritems():
|
|
182 |
for ou, users in ous.items(): |
|
182 | 183 |
audience = [a for service, a in self.get_audience(ou)] |
183 | 184 |
if not audience: |
184 | 185 |
continue |
185 |
logger.info(u'provisionning users %s to %s', |
|
186 |
u', '.join(map(unicode, users)), u', '.join(audience))
|
|
186 |
logger.info(u'provisionning users %s to %s', u', '.join(
|
|
187 |
map(force_text, users)), u', '.join(audience))
|
|
187 | 188 |
notify_agents({ |
188 | 189 |
'@type': 'provision', |
189 | 190 |
'issuer': issuer, |
... | ... | |
197 | 198 |
elif users: |
198 | 199 |
audience = [audience for ou in OU.objects.all() |
199 | 200 |
for s, audience in self.get_audience(ou)] |
200 |
logger.info(u'deprovisionning users %s from %s', u', '.join(map(unicode, users)),
|
|
201 |
u', '.join(audience))
|
|
201 |
logger.info(u'deprovisionning users %s from %s', u', '.join( |
|
202 |
map(force_text, users)), u', '.join(audience))
|
|
202 | 203 |
notify_agents({ |
203 | 204 |
'@type': 'deprovision', |
204 | 205 |
'issuer': issuer, |
... | ... | |
263 | 264 |
}) |
264 | 265 | |
265 | 266 |
global_roles = set(ous.get(None, [])) |
266 |
for ou, ou_roles in ous.iteritems():
|
|
267 |
for ou, ou_roles in ous.items(): |
|
267 | 268 |
sent_roles = set(ou_roles) | global_roles |
268 | 269 |
helper(ou, sent_roles) |
269 | 270 |
hobo/multitenant/settings_loaders.py | ||
---|---|---|
1 | 1 |
import os |
2 | 2 |
import json |
3 | 3 |
import hashlib |
4 |
from importlib import import_module |
|
5 | 4 | |
6 | 5 |
from django.conf import settings |
7 |
from django.utils.encoding import smart_bytes
|
|
6 |
from django.utils.encoding import force_bytes
|
|
8 | 7 |
from django.utils.http import urlencode |
9 | 8 |
from django.utils.six.moves.urllib import parse as urlparse |
10 | 9 | |
... | ... | |
277 | 276 |
return 0 |
278 | 277 | |
279 | 278 |
def update_settings(self, tenant_settings, tenant): |
280 |
domain_hash = hashlib.md5(smart_bytes(tenant.domain_url)).hexdigest()[:6]
|
|
279 |
domain_hash = hashlib.md5(force_bytes(tenant.domain_url)).hexdigest()[:6]
|
|
281 | 280 |
tenant_settings.CSRF_COOKIE_NAME = 'csrftoken-%s' % domain_hash |
282 | 281 |
tenant_settings.SESSION_COOKIE_NAME = 'sessionid-%s' % domain_hash |
283 | 282 |
# unique but common name for authentic opened session cookie name |
284 | 283 |
if getattr(tenant_settings, 'TEMPLATE_VARS', None): |
285 | 284 |
idp_url = tenant_settings.TEMPLATE_VARS.get('idp_url') |
286 | 285 |
if idp_url: |
287 |
idp_hash = hashlib.md5(smart_bytes(idp_url)).hexdigest()[:6]
|
|
286 |
idp_hash = hashlib.md5(force_bytes(idp_url)).hexdigest()[:6]
|
|
288 | 287 |
cookie_name = 'a2-opened-session-%s' % idp_hash |
289 | 288 |
tenant_settings.A2_OPENED_SESSION_COOKIE_NAME = cookie_name |
290 | 289 |
tenant_settings.MELLON_OPENED_SESSION_COOKIE_NAME = cookie_name |
... | ... | |
308 | 307 |
if not getattr(tenant_settings, 'A2_IDP_OIDC_JWKSET', None): |
309 | 308 |
from jwcrypto import jwk |
310 | 309 |
jwkkey = jwk.JWK.from_pem( |
311 |
tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY)
|
|
310 |
force_bytes(tenant_settings.A2_IDP_SAML2_SIGNATURE_PRIVATE_KEY))
|
|
312 | 311 |
jwkset = jwk.JWKSet() |
313 | 312 |
jwkset['keys'].add(jwkkey) |
314 | 313 |
tenant_settings.A2_IDP_OIDC_JWKSET = json.loads(jwkset.export()) |
tests_authentic/data_authentic_export_site.json | ||
---|---|---|
15 | 15 |
{ |
16 | 16 |
"attributes" : [ |
17 | 17 |
{ |
18 |
"kind" : "string", |
|
19 |
"name" : "is_superuser", |
|
20 |
"value" : "true" |
|
21 |
} |
|
22 |
], |
|
23 |
"description" : "", |
|
24 |
"external_id" : "", |
|
25 |
"name" : "Administrateur de Hobo", |
|
26 |
"ou" : { |
|
27 |
"name" : "Collectivité par défaut", |
|
28 |
"slug" : "default", |
|
29 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
30 |
}, |
|
31 |
"service" : { |
|
32 |
"ou" : { |
|
33 |
"name" : "Collectivité par défaut", |
|
34 |
"slug" : "default", |
|
35 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
18 |
"kind" : "json", |
|
19 |
"name" : "emails", |
|
20 |
"value" : "[]" |
|
36 | 21 |
}, |
37 |
"slug" : "hobo" |
|
38 |
}, |
|
39 |
"slug" : "_a2-hobo-superuser", |
|
40 |
"uuid" : "25f33158b7e2449b9a5b00dbc57bf416" |
|
41 |
}, |
|
42 |
{ |
|
43 |
"attributes" : [ |
|
44 | 22 |
{ |
45 |
"kind" : "string", |
|
46 |
"name" : "is_superuser", |
|
47 |
"value" : "true" |
|
48 |
} |
|
49 |
], |
|
50 |
"description" : "", |
|
51 |
"external_id" : "", |
|
52 |
"name" : "Administrateur de Compte citoyen", |
|
53 |
"ou" : { |
|
54 |
"name" : "Collectivité par défaut", |
|
55 |
"slug" : "default", |
|
56 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
57 |
}, |
|
58 |
"service" : { |
|
59 |
"ou" : { |
|
60 |
"name" : "Collectivité par défaut", |
|
61 |
"slug" : "default", |
|
62 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
23 |
"kind" : "json", |
|
24 |
"name" : "details", |
|
25 |
"value" : "\"\"" |
|
63 | 26 |
}, |
64 |
"slug" : "portal" |
|
65 |
}, |
|
66 |
"slug" : "_a2-hobo-superuser", |
|
67 |
"uuid" : "84b3b1ba76e44bcdb4fd4437c448a981" |
|
68 |
}, |
|
69 |
{ |
|
70 |
"attributes" : [ |
|
71 | 27 |
{ |
72 |
"kind" : "string",
|
|
73 |
"name" : "is_superuser",
|
|
74 |
"value" : "true"
|
|
28 |
"kind" : "json",
|
|
29 |
"name" : "emails_to_members",
|
|
30 |
"value" : "false"
|
|
75 | 31 |
} |
76 | 32 |
], |
77 | 33 |
"description" : "", |
78 | 34 |
"external_id" : "", |
79 |
"name" : "Administrateur de Démarches",
|
|
35 |
"name" : "Debug eo",
|
|
80 | 36 |
"ou" : { |
81 | 37 |
"name" : "Collectivité par défaut", |
82 | 38 |
"slug" : "default", |
83 | 39 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
84 | 40 |
}, |
85 |
"service" : { |
|
86 |
"ou" : { |
|
87 |
"name" : "Collectivité par défaut", |
|
88 |
"slug" : "default", |
|
89 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
90 |
}, |
|
91 |
"slug" : "eservices" |
|
92 |
}, |
|
93 |
"slug" : "_a2-hobo-superuser", |
|
94 |
"uuid" : "9054a61ccf684396b38189f1ca1ec087" |
|
41 |
"service" : null, |
|
42 |
"slug" : "debug-eo", |
|
43 |
"uuid" : "18e7bf78dc9a432396a99f32060052ec" |
|
95 | 44 |
}, |
96 | 45 |
{ |
97 |
"attributes" : [ |
|
98 |
{ |
|
99 |
"kind" : "string", |
|
100 |
"name" : "is_superuser", |
|
101 |
"value" : "true" |
|
102 |
} |
|
103 |
], |
|
104 | 46 |
"description" : "", |
105 | 47 |
"external_id" : "", |
106 |
"name" : "Administrateur de Portail agent",
|
|
48 |
"name" : "Managers of role \"Debug eo\"",
|
|
107 | 49 |
"ou" : { |
108 | 50 |
"name" : "Collectivité par défaut", |
109 | 51 |
"slug" : "default", |
110 | 52 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
111 | 53 |
}, |
112 |
"service" : { |
|
113 |
"ou" : { |
|
114 |
"name" : "Collectivité par défaut", |
|
115 |
"slug" : "default", |
|
116 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
117 |
}, |
|
118 |
"slug" : "portal-agent" |
|
119 |
}, |
|
120 |
"slug" : "_a2-hobo-superuser", |
|
121 |
"uuid" : "e6e22e5c0ca04ac0bf3b50d88eafe6d5" |
|
122 |
}, |
|
123 |
{ |
|
124 |
"attributes" : [ |
|
54 |
"permissions" : [ |
|
125 | 55 |
{ |
126 |
"kind" : "string", |
|
127 |
"name" : "is_superuser", |
|
128 |
"value" : "true" |
|
129 |
} |
|
130 |
], |
|
131 |
"description" : "", |
|
132 |
"external_id" : "", |
|
133 |
"name" : "Administrateur de Passerelle", |
|
134 |
"ou" : { |
|
135 |
"name" : "Collectivité par défaut", |
|
136 |
"slug" : "default", |
|
137 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
138 |
}, |
|
139 |
"service" : { |
|
140 |
"ou" : { |
|
141 |
"name" : "Collectivité par défaut", |
|
142 |
"slug" : "default", |
|
143 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
56 |
"operation" : { |
|
57 |
"slug" : "change" |
|
58 |
}, |
|
59 |
"ou" : null, |
|
60 |
"target" : { |
|
61 |
"name" : "Managers of role \"Debug eo\"", |
|
62 |
"ou" : { |
|
63 |
"name" : "Collectivité par défaut", |
|
64 |
"slug" : "default", |
|
65 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
66 |
}, |
|
67 |
"service" : null, |
|
68 |
"slug" : "_a2-managers-of-role-debug-eo", |
|
69 |
"uuid" : "db1386c86701400f8f0b35af45079099" |
|
70 |
}, |
|
71 |
"target_ct" : { |
|
72 |
"app_label" : "a2_rbac", |
|
73 |
"model" : "role" |
|
74 |
} |
|
144 | 75 |
}, |
145 |
"slug" : "passerelle" |
|
146 |
}, |
|
147 |
"slug" : "_a2-hobo-superuser", |
|
148 |
"uuid" : "243f58712aa248e9b27aae669341c156" |
|
149 |
}, |
|
150 |
{ |
|
151 |
"description" : "", |
|
152 |
"external_id" : "", |
|
153 |
"name" : "Administrateur du rôle « Debug eo »", |
|
154 |
"ou" : { |
|
155 |
"name" : "Collectivité par défaut", |
|
156 |
"slug" : "default", |
|
157 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
158 |
}, |
|
159 |
"permissions" : [ |
|
160 | 76 |
{ |
161 | 77 |
"operation" : { |
162 | 78 |
"slug" : "view" |
... | ... | |
195 | 111 |
"app_label" : "a2_rbac", |
196 | 112 |
"model" : "role" |
197 | 113 |
} |
114 |
} |
|
115 |
], |
|
116 |
"service" : null, |
|
117 |
"slug" : "_a2-managers-of-role-debug-eo", |
|
118 |
"uuid" : "db1386c86701400f8f0b35af45079099" |
|
119 |
}, |
|
120 |
{ |
|
121 |
"description" : "", |
|
122 |
"external_id" : "", |
|
123 |
"name" : "Roles - Collectivité par défaut", |
|
124 |
"ou" : { |
|
125 |
"name" : "Collectivité par défaut", |
|
126 |
"slug" : "default", |
|
127 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
128 |
}, |
|
129 |
"permissions" : [ |
|
130 |
{ |
|
131 |
"operation" : { |
|
132 |
"slug" : "admin" |
|
133 |
}, |
|
134 |
"ou" : { |
|
135 |
"name" : "Collectivité par défaut", |
|
136 |
"slug" : "default", |
|
137 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
138 |
}, |
|
139 |
"target" : { |
|
140 |
"app_label" : "a2_rbac", |
|
141 |
"model" : "role" |
|
142 |
}, |
|
143 |
"target_ct" : { |
|
144 |
"app_label" : "contenttypes", |
|
145 |
"model" : "contenttype" |
|
146 |
} |
|
198 | 147 |
}, |
199 | 148 |
{ |
200 | 149 |
"operation" : { |
201 |
"slug" : "change" |
|
150 |
"slug" : "view" |
|
151 |
}, |
|
152 |
"ou" : { |
|
153 |
"name" : "Collectivité par défaut", |
|
154 |
"slug" : "default", |
|
155 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
156 |
}, |
|
157 |
"target" : { |
|
158 |
"app_label" : "custom_user", |
|
159 |
"model" : "user" |
|
160 |
}, |
|
161 |
"target_ct" : { |
|
162 |
"app_label" : "contenttypes", |
|
163 |
"model" : "contenttype" |
|
164 |
} |
|
165 |
}, |
|
166 |
{ |
|
167 |
"operation" : { |
|
168 |
"slug" : "search" |
|
202 | 169 |
}, |
203 | 170 |
"ou" : null, |
204 | 171 |
"target" : { |
205 |
"name" : "Administrateur du rôle « Debug eo »", |
|
206 |
"ou" : { |
|
207 |
"name" : "Collectivité par défaut", |
|
208 |
"slug" : "default", |
|
209 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
210 |
}, |
|
211 |
"service" : null, |
|
212 |
"slug" : "_a2-managers-of-role-debug-eo", |
|
213 |
"uuid" : "3049444b35874b3b9a8377ad2f10b8b6" |
|
172 |
"name" : "Collectivité par défaut", |
|
173 |
"slug" : "default", |
|
174 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
214 | 175 |
}, |
215 | 176 |
"target_ct" : { |
216 | 177 |
"app_label" : "a2_rbac", |
217 |
"model" : "role"
|
|
178 |
"model" : "organizationalunit"
|
|
218 | 179 |
} |
219 | 180 |
} |
220 | 181 |
], |
221 | 182 |
"service" : null, |
222 |
"slug" : "_a2-managers-of-role-debug-eo",
|
|
223 |
"uuid" : "3049444b35874b3b9a8377ad2f10b8b6"
|
|
183 |
"slug" : "_a2-manager-of-roles-default",
|
|
184 |
"uuid" : "74b1f374133d426a8045f43e92ae5565"
|
|
224 | 185 |
}, |
225 | 186 |
{ |
226 |
"attributes" : [ |
|
227 |
{ |
|
228 |
"kind" : "json", |
|
229 |
"name" : "emails_to_members", |
|
230 |
"value" : "false" |
|
231 |
}, |
|
187 |
"description" : "", |
|
188 |
"external_id" : "", |
|
189 |
"name" : "Services - Collectivité par défaut", |
|
190 |
"ou" : { |
|
191 |
"name" : "Collectivité par défaut", |
|
192 |
"slug" : "default", |
|
193 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
194 |
}, |
|
195 |
"permissions" : [ |
|
232 | 196 |
{ |
233 |
"kind" : "json", |
|
234 |
"name" : "details", |
|
235 |
"value" : "\"\"" |
|
197 |
"operation" : { |
|
198 |
"slug" : "admin" |
|
199 |
}, |
|
200 |
"ou" : { |
|
201 |
"name" : "Collectivité par défaut", |
|
202 |
"slug" : "default", |
|
203 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
204 |
}, |
|
205 |
"target" : { |
|
206 |
"app_label" : "authentic2", |
|
207 |
"model" : "service" |
|
208 |
}, |
|
209 |
"target_ct" : { |
|
210 |
"app_label" : "contenttypes", |
|
211 |
"model" : "contenttype" |
|
212 |
} |
|
236 | 213 |
}, |
237 | 214 |
{ |
238 |
"kind" : "json", |
|
239 |
"name" : "emails", |
|
240 |
"value" : "[]" |
|
215 |
"operation" : { |
|
216 |
"slug" : "search" |
|
217 |
}, |
|
218 |
"ou" : null, |
|
219 |
"target" : { |
|
220 |
"name" : "Collectivité par défaut", |
|
221 |
"slug" : "default", |
|
222 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
223 |
}, |
|
224 |
"target_ct" : { |
|
225 |
"app_label" : "a2_rbac", |
|
226 |
"model" : "organizationalunit" |
|
227 |
} |
|
241 | 228 |
} |
242 | 229 |
], |
230 |
"service" : null, |
|
231 |
"slug" : "_a2-manager-of-services-default", |
|
232 |
"uuid" : "56b97b27cacd4b53a9b2c30304c23226" |
|
233 |
}, |
|
234 |
{ |
|
243 | 235 |
"description" : "", |
244 | 236 |
"external_id" : "", |
245 |
"name" : "Debug eo",
|
|
237 |
"name" : "Users - Collectivité par défaut",
|
|
246 | 238 |
"ou" : { |
247 | 239 |
"name" : "Collectivité par défaut", |
248 | 240 |
"slug" : "default", |
249 | 241 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
250 | 242 |
}, |
243 |
"permissions" : [ |
|
244 |
{ |
|
245 |
"operation" : { |
|
246 |
"slug" : "admin" |
|
247 |
}, |
|
248 |
"ou" : { |
|
249 |
"name" : "Collectivité par défaut", |
|
250 |
"slug" : "default", |
|
251 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
252 |
}, |
|
253 |
"target" : { |
|
254 |
"app_label" : "custom_user", |
|
255 |
"model" : "user" |
|
256 |
}, |
|
257 |
"target_ct" : { |
|
258 |
"app_label" : "contenttypes", |
|
259 |
"model" : "contenttype" |
|
260 |
} |
|
261 |
}, |
|
262 |
{ |
|
263 |
"operation" : { |
|
264 |
"slug" : "search" |
|
265 |
}, |
|
266 |
"ou" : null, |
|
267 |
"target" : { |
|
268 |
"name" : "Collectivité par défaut", |
|
269 |
"slug" : "default", |
|
270 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
271 |
}, |
|
272 |
"target_ct" : { |
|
273 |
"app_label" : "a2_rbac", |
|
274 |
"model" : "organizationalunit" |
|
275 |
} |
|
276 |
} |
|
277 |
], |
|
251 | 278 |
"service" : null, |
252 |
"slug" : "debug-eo",
|
|
253 |
"uuid" : "18e7bf78dc9a432396a99f32060052ec"
|
|
279 |
"slug" : "_a2-manager-of-users-default",
|
|
280 |
"uuid" : "81a20ddf235c41a49097cc25d82bcd23"
|
|
254 | 281 |
}, |
255 | 282 |
{ |
256 | 283 |
"description" : "", |
257 | 284 |
"external_id" : "", |
258 |
"name" : "Administrateur",
|
|
285 |
"name" : "Manager",
|
|
259 | 286 |
"ou" : null, |
260 | 287 |
"parents" : [ |
261 | 288 |
{ |
262 |
"name" : "Administrateur des entités",
|
|
289 |
"name" : "Manager of users",
|
|
263 | 290 |
"ou" : null, |
264 | 291 |
"service" : null, |
265 |
"slug" : "_a2-administrateur-des-entites",
|
|
266 |
"uuid" : "a1ff1b3da88f47cea91e344998dfdfbf"
|
|
292 |
"slug" : "_a2-manager-of-users",
|
|
293 |
"uuid" : "8cab8f8406694a688fa178f434a82d95"
|
|
267 | 294 |
}, |
268 | 295 |
{ |
269 |
"name" : "Administrateur des rôles",
|
|
296 |
"name" : "Manager of services",
|
|
270 | 297 |
"ou" : null, |
271 | 298 |
"service" : null, |
272 |
"slug" : "_a2-administrateur-des-roles",
|
|
273 |
"uuid" : "8dd625b74cff40aa8531d7d72616550e"
|
|
299 |
"slug" : "_a2-manager-of-services",
|
|
300 |
"uuid" : "d769527e686b486ca61c9d3ffa2505bb"
|
|
274 | 301 |
}, |
275 | 302 |
{ |
276 |
"name" : "Administrateur des utilisateurs",
|
|
303 |
"name" : "Manager of organizational units",
|
|
277 | 304 |
"ou" : null, |
278 | 305 |
"service" : null, |
279 |
"slug" : "_a2-administrateur-des-utilisateurs", |
|
280 |
"uuid" : "4ab5effedc404fb1bcba4d21ee89b719" |
|
306 |
"slug" : "_a2-manager-of-organizational-units", |
|
307 |
"uuid" : "65e1bd46c67d45e394a065505dfe512c" |
|
308 |
}, |
|
309 |
{ |
|
310 |
"name" : "Manager of roles", |
|
311 |
"ou" : null, |
|
312 |
"service" : null, |
|
313 |
"slug" : "_a2-manager-of-roles", |
|
314 |
"uuid" : "19effa77518a406bb3ea3afe0fe223c6" |
|
281 | 315 |
} |
282 | 316 |
], |
283 | 317 |
"permissions" : [ |
... | ... | |
287 | 321 |
}, |
288 | 322 |
"ou" : null, |
289 | 323 |
"target" : { |
290 |
"name" : "Administrateur",
|
|
324 |
"name" : "Manager",
|
|
291 | 325 |
"ou" : null, |
292 | 326 |
"service" : null, |
293 | 327 |
"slug" : "_a2-manager", |
294 |
"uuid" : "81a8708382bb4e8ea12ed0e172aa48b9"
|
|
328 |
"uuid" : "c4814eac3cab4187be5a44efe7c87568"
|
|
295 | 329 |
}, |
296 | 330 |
"target_ct" : { |
297 | 331 |
"app_label" : "a2_rbac", |
... | ... | |
301 | 335 |
], |
302 | 336 |
"service" : null, |
303 | 337 |
"slug" : "_a2-manager", |
304 |
"uuid" : "81a8708382bb4e8ea12ed0e172aa48b9"
|
|
338 |
"uuid" : "c4814eac3cab4187be5a44efe7c87568"
|
|
305 | 339 |
}, |
306 | 340 |
{ |
307 | 341 |
"description" : "", |
308 | 342 |
"external_id" : "", |
309 |
"name" : "Administrateur des entités",
|
|
343 |
"name" : "Manager of organizational units",
|
|
310 | 344 |
"ou" : null, |
311 | 345 |
"permissions" : [ |
312 |
{ |
|
313 |
"operation" : { |
|
314 |
"slug" : "view" |
|
315 |
}, |
|
316 |
"ou" : null, |
|
317 |
"target" : { |
|
318 |
"app_label" : "a2_rbac", |
|
319 |
"model" : "organizationalunit" |
|
320 |
}, |
|
321 |
"target_ct" : { |
|
322 |
"app_label" : "contenttypes", |
|
323 |
"model" : "contenttype" |
|
324 |
} |
|
325 |
}, |
|
326 | 346 |
{ |
327 | 347 |
"operation" : { |
328 | 348 |
"slug" : "admin" |
... | ... | |
353 | 373 |
} |
354 | 374 |
], |
355 | 375 |
"service" : null, |
356 |
"slug" : "_a2-administrateur-des-entites",
|
|
357 |
"uuid" : "a1ff1b3da88f47cea91e344998dfdfbf"
|
|
376 |
"slug" : "_a2-manager-of-organizational-units",
|
|
377 |
"uuid" : "65e1bd46c67d45e394a065505dfe512c"
|
|
358 | 378 |
}, |
359 | 379 |
{ |
360 | 380 |
"description" : "", |
361 | 381 |
"external_id" : "", |
362 |
"name" : "Administrateur des rôles",
|
|
382 |
"name" : "Manager of roles",
|
|
363 | 383 |
"ou" : null, |
364 | 384 |
"permissions" : [ |
385 |
{ |
|
386 |
"operation" : { |
|
387 |
"slug" : "admin" |
|
388 |
}, |
|
389 |
"ou" : null, |
|
390 |
"target" : { |
|
391 |
"app_label" : "a2_rbac", |
|
392 |
"model" : "role" |
|
393 |
}, |
|
394 |
"target_ct" : { |
|
395 |
"app_label" : "contenttypes", |
|
396 |
"model" : "contenttype" |
|
397 |
} |
|
398 |
}, |
|
365 | 399 |
{ |
366 | 400 |
"operation" : { |
367 | 401 |
"slug" : "view" |
... | ... | |
378 | 412 |
}, |
379 | 413 |
{ |
380 | 414 |
"operation" : { |
381 |
"slug" : "view"
|
|
415 |
"slug" : "search"
|
|
382 | 416 |
}, |
383 | 417 |
"ou" : null, |
384 | 418 |
"target" : { |
... | ... | |
389 | 423 |
"app_label" : "contenttypes", |
390 | 424 |
"model" : "contenttype" |
391 | 425 |
} |
392 |
}, |
|
426 |
} |
|
427 |
], |
|
428 |
"service" : null, |
|
429 |
"slug" : "_a2-manager-of-roles", |
|
430 |
"uuid" : "19effa77518a406bb3ea3afe0fe223c6" |
|
431 |
}, |
|
432 |
{ |
|
433 |
"description" : "", |
|
434 |
"external_id" : "", |
|
435 |
"name" : "Manager of services", |
|
436 |
"ou" : null, |
|
437 |
"permissions" : [ |
|
393 | 438 |
{ |
394 | 439 |
"operation" : { |
395 | 440 |
"slug" : "admin" |
396 | 441 |
}, |
397 | 442 |
"ou" : null, |
398 | 443 |
"target" : { |
399 |
"app_label" : "a2_rbac",
|
|
400 |
"model" : "role"
|
|
444 |
"app_label" : "authentic2",
|
|
445 |
"model" : "service"
|
|
401 | 446 |
}, |
402 | 447 |
"target_ct" : { |
403 | 448 |
"app_label" : "contenttypes", |
... | ... | |
420 | 465 |
} |
421 | 466 |
], |
422 | 467 |
"service" : null, |
423 |
"slug" : "_a2-administrateur-des-roles",
|
|
424 |
"uuid" : "8dd625b74cff40aa8531d7d72616550e"
|
|
468 |
"slug" : "_a2-manager-of-services",
|
|
469 |
"uuid" : "d769527e686b486ca61c9d3ffa2505bb"
|
|
425 | 470 |
}, |
426 | 471 |
{ |
427 | 472 |
"description" : "", |
428 | 473 |
"external_id" : "", |
429 |
"name" : "Administrateur des utilisateurs",
|
|
474 |
"name" : "Manager of users",
|
|
430 | 475 |
"ou" : null, |
431 | 476 |
"permissions" : [ |
432 | 477 |
{ |
433 | 478 |
"operation" : { |
434 |
"slug" : "view"
|
|
479 |
"slug" : "admin"
|
|
435 | 480 |
}, |
436 | 481 |
"ou" : null, |
437 | 482 |
"target" : { |
438 |
"app_label" : "a2_rbac",
|
|
439 |
"model" : "organizationalunit"
|
|
483 |
"app_label" : "custom_user",
|
|
484 |
"model" : "user"
|
|
440 | 485 |
}, |
441 | 486 |
"target_ct" : { |
442 | 487 |
"app_label" : "contenttypes", |
... | ... | |
445 | 490 |
}, |
446 | 491 |
{ |
447 | 492 |
"operation" : { |
448 |
"slug" : "admin"
|
|
493 |
"slug" : "search"
|
|
449 | 494 |
}, |
450 | 495 |
"ou" : null, |
451 | 496 |
"target" : { |
452 |
"app_label" : "custom_user",
|
|
453 |
"model" : "user"
|
|
497 |
"app_label" : "a2_rbac",
|
|
498 |
"model" : "organizationalunit"
|
|
454 | 499 |
}, |
455 | 500 |
"target_ct" : { |
456 | 501 |
"app_label" : "contenttypes", |
457 | 502 |
"model" : "contenttype" |
458 | 503 |
} |
504 |
} |
|
505 |
], |
|
506 |
"service" : null, |
|
507 |
"slug" : "_a2-manager-of-users", |
|
508 |
"uuid" : "8cab8f8406694a688fa178f434a82d95" |
|
509 |
}, |
|
510 |
{ |
|
511 |
"description" : "", |
|
512 |
"external_id" : "", |
|
513 |
"name" : "Managers of \"Collectivité par défaut\"", |
|
514 |
"ou" : null, |
|
515 |
"parents" : [ |
|
516 |
{ |
|
517 |
"name" : "Roles - Collectivité par défaut", |
|
518 |
"ou" : { |
|
519 |
"name" : "Collectivité par défaut", |
|
520 |
"slug" : "default", |
|
521 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
522 |
}, |
|
523 |
"service" : null, |
|
524 |
"slug" : "_a2-manager-of-roles-default", |
|
525 |
"uuid" : "74b1f374133d426a8045f43e92ae5565" |
|
526 |
}, |
|
527 |
{ |
|
528 |
"name" : "Users - Collectivité par défaut", |
|
529 |
"ou" : { |
|
530 |
"name" : "Collectivité par défaut", |
|
531 |
"slug" : "default", |
|
532 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
533 |
}, |
|
534 |
"service" : null, |
|
535 |
"slug" : "_a2-manager-of-users-default", |
|
536 |
"uuid" : "81a20ddf235c41a49097cc25d82bcd23" |
|
459 | 537 |
}, |
538 |
{ |
|
539 |
"name" : "Services - Collectivité par défaut", |
|
540 |
"ou" : { |
|
541 |
"name" : "Collectivité par défaut", |
|
542 |
"slug" : "default", |
|
543 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
544 |
}, |
|
545 |
"service" : null, |
|
546 |
"slug" : "_a2-manager-of-services-default", |
|
547 |
"uuid" : "56b97b27cacd4b53a9b2c30304c23226" |
|
548 |
} |
|
549 |
], |
|
550 |
"permissions" : [ |
|
460 | 551 |
{ |
461 | 552 |
"operation" : { |
462 |
"slug" : "search"
|
|
553 |
"slug" : "view"
|
|
463 | 554 |
}, |
464 | 555 |
"ou" : null, |
465 | 556 |
"target" : { |
466 |
"app_label" : "a2_rbac", |
|
467 |
"model" : "organizationalunit" |
|
557 |
"name" : "Collectivité par défaut", |
|
558 |
"slug" : "default", |
|
559 |
"uuid" : "69b0a02cf58a4c71b1ae548f1375baff" |
|
468 | 560 |
}, |
469 | 561 |
"target_ct" : { |
470 |
"app_label" : "contenttypes",
|
|
471 |
"model" : "contenttype"
|
|
562 |
"app_label" : "a2_rbac",
|
|
563 |
"model" : "organizationalunit"
|
|
472 | 564 |
} |
473 | 565 |
} |
474 | 566 |
], |
475 | 567 |
"service" : null, |
476 |
"slug" : "_a2-administrateur-des-utilisateurs",
|
|
477 |
"uuid" : "4ab5effedc404fb1bcba4d21ee89b719"
|
|
568 |
"slug" : "_a2-managers-of-default",
|
|
569 |
"uuid" : "88b309df04f0447ba08be8e197fa9d2d"
|
|
478 | 570 |
} |
479 | 571 |
] |
480 | 572 |
} |
tests_authentic/settings.py | ||
---|---|---|
44 | 44 | |
45 | 45 |
SESSION_COOKIE_SECURE = False |
46 | 46 |
CSRF_COOKIE_SECURE = False |
47 | ||
48 |
LANGUAGE_CODE = 'en' |
tests_authentic/test_hobo_deploy.py | ||
---|---|---|
308 | 308 |
] |
309 | 309 |
} |
310 | 310 |
hobo_json_content = json.dumps(env) |
311 |
hobo_json = tempfile.NamedTemporaryFile() |
|
311 |
hobo_json = tempfile.NamedTemporaryFile(mode='w')
|
|
312 | 312 |
hobo_json.write(hobo_json_content) |
313 | 313 |
hobo_json.flush() |
314 | 314 | |
... | ... | |
463 | 463 | |
464 | 464 | |
465 | 465 |
def test_import_template(db, tenant_base): |
466 |
def with_uuid_removed(input): |
|
467 |
if isinstance(input, dict): |
|
468 |
for key in input.keys(): |
|
469 |
if key == 'uuid': |
|
470 |
input.pop('uuid') |
|
471 |
return {k: with_uuid_removed(v) for k, v in input.iteritems()} |
|
472 |
elif isinstance(input, list): |
|
473 |
return [with_uuid_removed(e) for e in input] |
|
474 |
else: |
|
475 |
return input |
|
466 |
def listify(value): |
|
467 |
if isinstance(value, dict): |
|
468 |
value = list((k, listify(v)) for k, v in value.items()) |
|
469 |
value.sort() |
|
470 |
if isinstance(value, list): |
|
471 |
value = list(listify(x) for x in value) |
|
472 |
value.sort() |
|
473 |
return value |
|
476 | 474 | |
477 |
def with_lists_sorted(input): |
|
478 |
if isinstance(input, dict): |
|
479 |
return {k: with_lists_sorted(v) for k, v in input.iteritems()} |
|
480 |
if isinstance(input, list): |
|
481 |
return with_lists_sorted(input.sort()) |
|
482 |
else: |
|
483 |
return input |
|
475 |
def sort_and_remove_uuid(value): |
|
476 |
if isinstance(value, dict): |
|
477 |
if 'uuid' in value: |
|
478 |
value.pop('uuid') |
|
479 |
value = {k: sort_and_remove_uuid(v) for k, v in value.items()} |
|
480 |
if isinstance(value, list): |
|
481 |
value = [sort_and_remove_uuid(elt) for elt in value] |
|
482 |
value.sort(key=lambda elt: listify(elt)) |
|
483 |
return value |
|
484 | 484 | |
485 | 485 |
call_command('create_tenant', 'authentic.example.net') |
486 | 486 |
tenant = TenantMiddleware.get_tenant_by_hostname('authentic.example.net') |
487 | 487 |
connection.set_tenant(tenant) |
488 | 488 |
call_command('import_template', '--basepath=%s' % os.path.dirname(__file__), 'data_authentic_export_site') |
489 | 489 |
content = open('%s/data_authentic_export_site.json' % os.path.dirname(__file__)).read() |
490 |
assert byteify(with_lists_sorted(with_uuid_removed(export_site()))) == byteify(with_lists_sorted(with_uuid_removed(json.loads(content)))) |
|
490 | ||
491 |
with open('/tmp/export.json', 'w') as fd: |
|
492 |
fd.write(json.dumps(export_site(), indent=4)) |
|
493 |
export_ref = sort_and_remove_uuid(export_site()) |
|
494 |
file_ref = sort_and_remove_uuid(json.loads(content)) |
|
495 |
assert export_ref == file_ref |
tests_authentic/test_rest_authentication.py | ||
---|---|---|
1 | 1 |
import pytest |
2 |
import urllib
|
|
2 |
from django.utils.six.moves.urllib import parse as urllib
|
|
3 | 3 | |
4 | 4 |
from rest_framework.exceptions import AuthenticationFailed |
5 | 5 | |
6 |
- |