0001-auth-saml-put-newly-created-user-in-default-OU-46484.patch
src/authentic2_auth_saml/adapters.py | ||
---|---|---|
28 | 28 |
from authentic2 import utils |
29 | 29 |
from authentic2.utils.evaluate import evaluate_condition |
30 | 30 |
from authentic2.a2_rbac.models import Role, OrganizationalUnit as OU |
31 |
from authentic2.a2_rbac.utils import get_default_ou |
|
32 | ||
31 | 33 | |
32 | 34 |
logger = logging.getLogger('authentic2.auth_saml') |
33 | 35 | |
... | ... | |
71 | 73 |
self.provision_a2_attributes(user, idp, saml_attributes) |
72 | 74 |
except MappingError as e: |
73 | 75 |
raise UserCreationError('user creation failed on a mandatory mapping action: %s' % e) |
76 |
if not user.ou: |
|
77 |
user.ou = get_default_ou() |
|
78 |
user.save() |
|
74 | 79 | |
75 | 80 |
def provision(self, user, idp, saml_attributes): |
76 | 81 |
super(AuthenticAdapter, self).provision(user, idp, saml_attributes) |
tests/test_auth_saml.py | ||
---|---|---|
142 | 142 |
user = adapter.lookup_user(idp, saml_attributes) |
143 | 143 |
user.refresh_from_db() |
144 | 144 |
assert simple_role not in user.roles.all() |
145 |
assert user.ou.default is True |
|
145 | 146 |
user.delete() |
146 | 147 | |
147 | 148 |
# if a toggle-role is mandatory, failure to evaluate condition block user creation |
148 |
- |