0001-misc-provision-users-to-services-of-all-OUs-40518.patch
hobo/agent/authentic2/provisionning.py | ||
---|---|---|
95 | 95 |
self.resolve_ou(users, ous) |
96 | 96 | |
97 | 97 |
ous = {} |
98 |
for user in users: |
|
99 |
ous.setdefault(user.ou, set()).add(user) |
|
98 |
for ou in [None] + list(OU.objects.all()): |
|
99 |
for user in users: |
|
100 |
ous.setdefault(ou, set()).add(user) |
|
100 | 101 | |
101 | 102 |
def is_forbidden_technical_role(role): |
102 | 103 |
return role.slug.startswith('_') and not role.slug.startswith(tuple(allowed_technical_roles_prefixes)) |
tests_authentic/test_provisionning.py | ||
---|---|---|
15 | 15 |
from authentic2.a2_rbac.models import Role, RoleAttribute |
16 | 16 |
from authentic2.a2_rbac.utils import get_default_ou |
17 | 17 |
from authentic2.models import Attribute, AttributeValue |
18 |
from django_rbac.utils import get_ou_model |
|
18 | 19 |
from hobo.agent.authentic2.provisionning import provisionning |
19 | 20 | |
20 | 21 |
User = get_user_model() |
... | ... | |
216 | 217 |
assert o['code_postal'] is None or o['code_postal'] == '13400' |
217 | 218 |
assert o['is_superuser'] is user.is_superuser |
218 | 219 | |
220 |
# test a service in a second OU also get the provisionning message |
|
221 |
notify_agents.reset_mock() |
|
222 |
ou2 = get_ou_model().objects.create(name=u'ou2', slug=u'ou2') |
|
223 |
LibertyProvider.objects.create(ou=ou2, name='provider2', |
|
224 |
entity_id='http://provider2.com', |
|
225 |
protocol_conformance=lasso.PROTOCOL_SAML_2_0) |
|
226 |
attribute.set_value(user1, '13500') |
|
227 |
with provisionning: |
|
228 |
user1.save() |
|
229 |
user2.save() |
|
230 | ||
231 |
assert notify_agents.call_count == 2 |
|
232 |
assert set(notify_agents.mock_calls[0][1][0]['audience'] + |
|
233 |
notify_agents.mock_calls[1][1][0]['audience']) == set(['http://provider.com', 'http://provider2.com']) |
|
234 |
ou2.delete() |
|
235 | ||
219 | 236 |
notify_agents.reset_mock() |
220 | 237 |
with provisionning: |
221 | 238 |
AttributeValue.objects.get(attribute=attribute).delete() |
222 |
- |