0001-data_transfer-validate-uniqueness-of-roles-41342.patch

     # You should have received a copy of the GNU Affero General Public License
     # along with this program.  If not, see <http://www.gnu.org/licenses/>.
     from functools import wraps
     from django.core.exceptions import ValidationError, NON_FIELD_ERRORS
     from django.contrib.contenttypes.models import ContentType
     from django.utils.translation import ugettext_lazy as _
     from django.utils.text import format_lazy
     from django_rbac.models import Operation
     from django_rbac.utils import (
         get_ou_model, get_role_model, get_role_parenting_model, get_permission_model)
     from authentic2.decorators import errorcollector
     from authentic2.a2_rbac.models import RoleAttribute
     from authentic2.utils.lazy import lazy_join
     def update_model(obj, d):
         for attr, value in d.items():
             setattr(obj, attr, value)
         errors = {}
         with errorcollector(errors):
             if hasattr(obj, 'validate'):
                 obj.validate()
         with errorcollector(errors):
             if hasattr(obj, 'validate_unique'):
                 obj.validate_unique()
         if errors:
             errorlist = []
             for key, messages in list(errors.items()):
                 if key == NON_FIELD_ERRORS:
                     errorlist.extend(messages)
                 else:
                     value = getattr(obj, key)
                     def error_list(messages):
                         for message in messages:
                             if isinstance(message, ValidationError):
                                 yield message.message
                             else:
                                 yield message
                     for message in error_list(messages):
                         errorlist.append(format_lazy(u'{}="{}": {}', obj.__class__._meta.get_field(key).verbose_name, value, message))
             raise ValidationError(errorlist)
         obj.save()
-...
             self.role_attributes_update = role_attributes_update
     class DataImportError(Exception):
         pass
     class RoleDeserializer(object):
         def __init__(self, d, import_context):
             self._import_context = import_context
-...
                 else:
                     self._role_d[key] = value
         def wraps_validationerror(func):
             @wraps(func)
             def f(self, *args, **kwargs):
                 try:
                     return func(self, *args, **kwargs)
                 except ValidationError as e:
                     raise ValidationError(_('Role "%s": %s') % (
                         self._role_d.get('name', self._role_d.get('slug')),
                         lazy_join(', ', [v.message for v in e.error_list])))
             return f
         @wraps_validationerror
         def deserialize(self):
             ou_d = self._role_d['ou']
             has_ou = bool(ou_d)
             ou = None if not has_ou else search_ou(ou_d)
             if has_ou and not ou:
                 raise DataImportError(
                     "Can't import role because missing Organizational Unit: %s" % ou_d)
                 raise ValidationError(_("Can't import role because missing Organizational Unit: %s") % ou_d)
             kwargs = self._role_d.copy()
             kwargs.pop('ou', None)
-...
                 update_model(self._obj, kwargs)
             else:  # Create role
                 if 'uuid' in kwargs and not kwargs['uuid']:
                     raise DataImportError("Cannot import role '%s' with empty uuid"
                                           % kwargs.get('name'))
                     raise ValidationError(_("Cannot import role '%s' with empty uuid") % kwargs.get('name'))
                 self._obj = get_role_model().objects.create(**kwargs)
                 status = 'created'
-...
             self._obj.get_admin_role()
             return self._obj, status
         @wraps_validationerror
         def attributes(self):
             """ Update attributes (delete everything then create)
             """
-...
             return created, deleted
         @wraps_validationerror
         def parentings(self):
             """ Update parentings (delete everything then create)
             """
-...
                 for parent_d in self._parents:
                     parent = search_role(parent_d)
                     if not parent:
                         raise DataImportError("Could not find role: %s" % parent_d)
                         raise ValidationError(_("Could not find parent role: %s") % parent_d)
                     created.append(Parenting.objects.create(
                         child=self._obj, direct=True, parent=parent))
             return created, deleted
         @wraps_validationerror
         def permissions(self):
             """ Update permissions (delete everything then create)
             """
-...
         result = ImportResult()
         if not isinstance(json_d, dict):
             raise DataImportError('Export file is invalid: not a dictionnary')
             raise ValidationError(_('Import file is invalid: not a dictionnary'))
         if import_context.import_ous:
             for ou_d in json_d.get('ous', []):
                 result.update_ous(*import_ou(ou_d))
         if import_context.import_roles:
             roles_ds = [RoleDeserializer(role_d, import_context) for role_d in json_d.get('roles', [])
                         if not role_d['slug'].startswith('_')]
             roles_ds = []
             for role_d in json_d.get('roles', []):
                 # ignore internal roles
                 if role_d['slug'].startswith('_'):
                     continue
                 roles_ds.append(RoleDeserializer(role_d, import_context))
             for ds in roles_ds:
                 result.update_roles(*ds.deserialize())
-...
                     result.update_permissions(*ds.permissions())
             if import_context.ou_delete_orphans:
                 raise DataImportError(
                     "Unsupported context value for ou_delete_orphans : %s" % (
                         import_context.ou_delete_orphans))
                 raise ValidationError(_("Unsupported context value for ou_delete_orphans : %s") % (
                     import_context.ou_delete_orphans))
             if import_context.role_delete_orphans:
                 # FIXME : delete each role that is in DB but not in the export
                 raise DataImportError(
                     "Unsupported context value for role_delete_orphans : %s" % (
                         import_context.role_delete_orphans))
                 raise ValidationError(_("Unsupported context value for role_delete_orphans : %s") % (
                     import_context.role_delete_orphans))
         return result

     import json
     import inspect
     from django.core.exceptions import PermissionDenied
     from django.core.exceptions import PermissionDenied, ValidationError
     from django.db import transaction
     from django.views.generic.base import ContextMixin
     from django.views.generic import (FormView, UpdateView, CreateView, DeleteView, TemplateView,
-...
     from django_rbac.utils import get_ou_model
     from authentic2.data_transfer import export_site, import_site, DataImportError, ImportContext
     from authentic2.data_transfer import export_site, import_site, ImportContext
     from authentic2.forms.profile import modelform_factory
     from authentic2.utils import redirect, batch_queryset
     from authentic2.decorators import json as json_view
-...
         def form_valid(self, form):
             try:
                 json_site = json.loads(force_text(
                         self.request.FILES['site_json'].read()))
                 json_site = json.loads(
                     force_text(self.request.FILES['site_json'].read()))
             except ValueError:
                 form.add_error('site_json', _('File is not in the expected JSON format.'))
                 return self.form_invalid(form)
-...
             try:
                 with transaction.atomic():
                     import_site(json_site, ImportContext())
             except DataImportError as e:
                 form.add_error('site_json', six.text_type(e))
             except ValidationError as e:
                 form.add_error('site_json', e)
                 return self.form_invalid(form)
             return super(SiteImportView, self).form_valid(form)

     # authentic2 - versatile identity manager
     # Copyright (C) 2010-2020 Entr'ouvert
+    #
     # This program is free software: you can redistribute it and/or modify it
     # under the terms of the GNU Affero General Public License as published
     # by the Free Software Foundation, either version 3 of the License, or
     # (at your option) any later version.
+    #
     # This program is distributed in the hope that it will be useful,
     # but WITHOUT ANY WARRANTY; without even the implied warranty of
     # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     # GNU Affero General Public License for more details.
+    #
     # You should have received a copy of the GNU Affero General Public License
     # along with this program.  If not, see <http://www.gnu.org/licenses/>.
     from django.utils.text import format_lazy
     def lazy_join(join, args):
         if not args:
             return ''
         fstring = '{}' + ''.join([join + '{}'] * (len(args) - 1))
         return format_lazy(fstring, *args)

     # You should have received a copy of the GNU Affero General Public License
     # along with this program.  If not, see <http://www.gnu.org/licenses/>.
     from django_rbac.utils import get_role_model, get_ou_model
     import pytest
     from django.core.exceptions import ValidationError
     from django_rbac.utils import get_role_model, get_ou_model
     from authentic2.a2_rbac.models import RoleParenting
     from authentic2.data_transfer import (
         export_site,
         ExportContext,
         DataImportError,
         export_roles,
         import_site,
         export_ous,
-...
             'uuid': get_hex_uuid(), 'name': 'some role', 'description': 'role description',
             'slug': 'some-role', 'ou': {'slug': 'some-ou'}, 'service': None},
             ImportContext())
         with pytest.raises(DataImportError):
         with pytest.raises(ValidationError):
             rd.deserialize()
-...
             'uuid': get_hex_uuid(), 'ou': None, 'service': None}
         rd = RoleDeserializer(child_role_dict, ImportContext())
         rd.deserialize()
         with pytest.raises(DataImportError) as excinfo:
         with pytest.raises(ValidationError) as excinfo:
             rd.parentings()
         assert "Could not find role" in str(excinfo.value)
         assert "Could not find parent role" in str(excinfo.value)
     def test_role_deserializer_permissions(db):
-...
     def test_import_roles_role_delete_orphans(db):
         roles = [{
             'name': 'some role', 'description': 'some role description', 'slug': '_some-role'}]
         with pytest.raises(DataImportError):
         with pytest.raises(ValidationError):
             import_site({'roles': roles}, ImportContext(role_delete_orphans=True))
-...
         import_site(d, ImportContext(import_roles=False, import_ous=False))
         assert Role.objects.exclude(slug__startswith='_').count() == 0
         assert OU.objects.exclude(slug='default').count() == 0
         with pytest.raises(DataImportError) as e:
         with pytest.raises(ValidationError) as e:
             import_site(d, ImportContext(import_roles=True, import_ous=False))
         assert 'missing Organizational' in e.value.args[0]
         assert Role.objects.exclude(slug__startswith='_').count() == 0
-...
         d = export_site(ExportContext(export_ous=False))
         assert 'ous' not in d
     def test_role_validate_unique(db):
         ou = OU.objects.create(name='ou', slug='ou')
         Role.objects.create(name='role1', slug='role1', ou=ou)
         Role.objects.create(name='role2', slug='role2', ou=ou)
         data = {
             'roles': [
+                {
                     'name': 'role1',
                     'slug': 'role2',
                     'ou': {'slug': 'ou'},
+                }
+            ]
+        }
         with pytest.raises(ValidationError, match=r'Role "role1": name="role1": Name already used'):
             import_site(data)

     import random
     import json
     from django.core.exceptions import ValidationError
     from django.utils import six
     from django.utils.six.moves import builtins as __builtin__
     from django.core import management
-...
     def test_import_site_cmd_unhandled_context_option(db, monkeypatch, capsys, json_fixture):
         from authentic2.data_transfer import DataImportError
         content = {
             'roles': [
+                {
-...
         Role.objects.create(uuid='dqfewrvesvews2532', slug='role-slug', name='role-name')
         with pytest.raises(DataImportError):
         with pytest.raises(ValidationError):
             management.call_command(
                 'import_site', '-o', 'role-delete-orphans', json_fixture(content))
-...
     def test_import_site_empty_uuids(db, monkeypatch, json_fixture):
         from authentic2.data_transfer import DataImportError
         with pytest.raises(DataImportError):
         with pytest.raises(ValidationError):
             management.call_command('import_site', json_fixture({
                 'roles': [
+                    {
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2