0001-auth_fc-un-verify-attributes-when-user-deletes-FC-li.patch
src/authentic2_auth_fc/views.py | ||
---|---|---|
37 | 37 |
from authentic2 import constants, hooks |
38 | 38 |
from authentic2.a2_rbac.utils import get_default_ou |
39 | 39 |
from authentic2.forms.passwords import SetPasswordForm |
40 |
from authentic2.models import Attribute, Lock |
|
40 |
from authentic2.models import Attribute, AttributeValue, Lock
|
|
41 | 41 |
from authentic2.utils import misc as utils_misc |
42 | 42 |
from authentic2.utils import views as utils_views |
43 | 43 |
from authentic2.utils.crypto import check_hmac_url, hash_chain, hmac_url |
... | ... | |
544 | 544 |
hooks.call_hooks('event', name='fc-unlink', user=self.request.user) |
545 | 545 |
messages.info(self.request, _('The link with the FranceConnect account has been deleted.')) |
546 | 546 |
links.delete() |
547 |
# FC mapping config may have changed over time, hence it is impossible to tell which |
|
548 |
# attribute was verified at FC link time. |
|
549 |
AttributeValue.objects.with_owner(self.request.user).update(verified=False) |
|
547 | 550 |
response = super().form_valid(form) |
548 | 551 |
if app_settings.logout_when_unlink: |
549 | 552 |
response.display_message = False |
tests/auth_fc/test_auth_fc.py | ||
---|---|---|
33 | 33 |
from authentic2.apps.authenticators.models import LoginPasswordAuthenticator |
34 | 34 |
from authentic2.apps.journal.models import Event |
35 | 35 |
from authentic2.custom_user.models import DeletedUser |
36 |
from authentic2.models import Attribute |
|
36 |
from authentic2.models import Attribute, AttributeValue
|
|
37 | 37 |
from authentic2_auth_fc import models |
38 | 38 |
from authentic2_auth_fc.backends import FcBackend |
39 | 39 |
from authentic2_auth_fc.utils import requests_retry_session |
... | ... | |
122 | 122 |
assert app.session['_auth_user_id'] |
123 | 123 |
assert app.session.get_expire_at_browser_close() |
124 | 124 |
assert models.FcAccount.objects.count() == 1 |
125 |
assert AttributeValue.objects.with_owner(user).filter(verified=True) |
|
125 | 126 | |
126 | 127 |
# test unlink cancel case |
127 | 128 |
response = app.get('/accounts/') |
... | ... | |
137 | 138 |
response.form.set('new_password2', 'ikKL1234') |
138 | 139 |
response = response.form.submit(name='unlink') |
139 | 140 |
assert models.FcAccount.objects.count() == 0 |
141 |
assert not AttributeValue.objects.with_owner(user).filter(verified=True) |
|
140 | 142 |
response = franceconnect.handle_logout(app, response.location) |
141 | 143 |
assert path(response.location) == '/accounts/' |
142 | 144 |
response = response.follow() |
143 |
- |