15 |
15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
16 |
16 |
|
17 |
17 |
import random
|
|
18 |
from datetime import timedelta
|
18 |
19 |
|
|
20 |
from django.contrib.contenttypes.models import ContentType
|
19 |
21 |
from django.utils.timezone import now
|
20 |
22 |
|
21 |
23 |
from authentic2.custom_user.models import User
|
22 |
|
from authentic2_idp_oidc.models import OIDCClaim, OIDCClient
|
|
24 |
from authentic2_idp_oidc.models import OIDCAuthorization, OIDCClaim, OIDCClient
|
23 |
25 |
from authentic2_idp_oidc.utils import make_sub
|
24 |
26 |
|
25 |
27 |
|
... | ... | |
72 |
74 |
)
|
73 |
75 |
|
74 |
76 |
users = [User.objects.create(username=f'user-{i}', last_name=f'Name-{i}') for i in range(10)]
|
|
77 |
expired = now() + timedelta(hours=1)
|
|
78 |
for user in users:
|
|
79 |
OIDCAuthorization.objects.create(
|
|
80 |
client_id=oidc_client.id,
|
|
81 |
client_ct=ContentType.objects.get_for_model(OIDCClient),
|
|
82 |
user=user,
|
|
83 |
expired=expired,
|
|
84 |
)
|
75 |
85 |
pre_modification = now().strftime('%Y-%m-%dT%H:%M:%S')
|
76 |
86 |
for count, user in enumerate(users):
|
77 |
87 |
user.first_name = f'User {count}'
|
... | ... | |
103 |
113 |
assert user_dict['email']
|
104 |
114 |
assert user_dict['email'].startswith(user_dict['last_name'])
|
105 |
115 |
assert user_dict['email'].endswith('@templated.nowhere.null')
|
|
116 |
|
|
117 |
|
|
118 |
def test_api_users_list_queryset_reduction(app, oidc_client):
|
|
119 |
oidc_client.has_api_access = True
|
|
120 |
oidc_client.identifier_policy = OIDCClient.POLICY_PAIRWISE_REVERSIBLE
|
|
121 |
oidc_client.save()
|
|
122 |
|
|
123 |
pre_modification = now().strftime('%Y-%m-%dT%H:%M:%S')
|
|
124 |
|
|
125 |
users = [User.objects.create(username=f'user-{i}', last_name=f'Name-{i}') for i in range(10)]
|
|
126 |
expired = now() + timedelta(hours=1)
|
|
127 |
for user in random.sample(users, k=5):
|
|
128 |
OIDCAuthorization.objects.create(
|
|
129 |
client_id=oidc_client.id,
|
|
130 |
client_ct=ContentType.objects.get_for_model(OIDCClient),
|
|
131 |
user=user,
|
|
132 |
expired=expired,
|
|
133 |
)
|
|
134 |
|
|
135 |
app.authorization = ('Basic', (oidc_client.client_id, oidc_client.client_secret))
|
|
136 |
response = app.get(
|
|
137 |
f'/api/users/?modified__gt={pre_modification}&claim_resolution',
|
|
138 |
status=200,
|
|
139 |
)
|
|
140 |
|
|
141 |
assert len(response.json['results']) == 5
|
106 |
|
-
|