Projet

Général

Profil

0003-sync-metadata-load-attribute-filters-only-for-servic.patch

Benjamin Dauvergne, 03 avril 2015 22:24

Télécharger (4,34 ko)

Voir les différences:

Subject: [PATCH 3/4] sync-metadata: load attribute filters only for service
 providers (#6847)

 .../saml/management/commands/sync-metadata.py      | 44 +++++++++++-----------
 1 file changed, 22 insertions(+), 22 deletions(-)
src/authentic2/saml/management/commands/sync-metadata.py
128 128
            identity_provider.save()
129 129
        if sp:
130 130
            service_provider, created = LibertyServiceProvider.objects.get_or_create(
131 131
                    liberty_provider=provider,
132 132
                    defaults={'enabled': not options['create-disabled']})
133 133
            if sp_policy:
134 134
                service_provider.sp_options_policy = sp_policy
135 135
            service_provider.save()
136
        if afp and provider.entity_id in afp:
137 136
            pks = []
138
            for name in afp[provider.entity_id]:
139
                kwargs, defaults = build_saml_attribute_kwargs(provider, name)
140
                if not kwargs:
141
                    if verbosity > 1:
142
                        print >>sys.stderr, _('Unable to find an LDAP definition for attribute %(name)s on %(provider)s') % \
143
                            {'name': name, 'provider': provider}
144
                    continue
145
                # create object with default attribute mapping to the same name
146
                # as the attribute if no SAMLAttribute model already exists,
147
                # otherwise do nothing
148
                try:
149
                    attribute, created = SAMLAttribute.objects.get_or_create(defaults=defaults,
150
                            **kwargs)
151
                    if created and verbosity > 1:
152
                        print _('Created new attribute %(name)s for %(provider)s') % \
137
            if afp and provider.entity_id in afp:
138
                for name in afp[provider.entity_id]:
139
                    kwargs, defaults = build_saml_attribute_kwargs(provider, name)
140
                    if not kwargs:
141
                        if verbosity > 1:
142
                            print >>sys.stderr, _('Unable to find an LDAP definition for attribute %(name)s on %(provider)s') % \
153 143
                                {'name': name, 'provider': provider}
154
                    pks.append(attribute.pk)
155
                except SAMLAttribute.MultipleObjectsReturned:
156
                    pks.extend(SAMLAttribute.objects.filter(**kwargs).values_list('pk', flat=True))
157
            if options.get('reset-attributes'):
158
                # remove attributes not matching the filters
159
                SAMLAttribute.objects.for_generic_object(provider).exclude(pk__in=pks).delete()
144
                        continue
145
                    # create object with default attribute mapping to the same name
146
                    # as the attribute if no SAMLAttribute model already exists,
147
                    # otherwise do nothing
148
                    try:
149
                        attribute, created = SAMLAttribute.objects.get_or_create(defaults=defaults,
150
                                **kwargs)
151
                        if created and verbosity > 1:
152
                            print _('Created new attribute %(name)s for %(provider)s') % \
153
                                    {'name': name, 'provider': provider}
154
                        pks.append(attribute.pk)
155
                    except SAMLAttribute.MultipleObjectsReturned:
156
                        pks.extend(SAMLAttribute.objects.filter(**kwargs).values_list('pk', flat=True))
157
                if options.get('reset-attributes'):
158
                    # remove attributes not matching the filters
159
                    SAMLAttribute.objects.for_generic_object(provider).exclude(pk__in=pks).delete()
160 160

  
161 161
class Command(BaseCommand):
162 162
    '''Load SAMLv2 metadata file into the LibertyProvider, LibertyServiceProvider
163 163
    and LibertyIdentityProvider files'''
164 164
    can_import_django_settings = True
165 165
    output_transaction = True
166 166
    requires_model_validation = True
167 167
    option_list = BaseCommand.option_list + (
168
-