0001-backoffice-make-roles-in-inspect-page-links-to-authe.patch
tests/backoffice_pages/test_form_inspect.py | ||
---|---|---|
768 | 768 |
assert 'rendered as an object' in resp.text |
769 | 769 |
assert resp.pyquery('.test-tool-lazylist-details li:first-child').text() == 'Number of items: 3' |
770 | 770 |
assert resp.pyquery('.test-tool-lazylist-details li:last-child').text() == 'First items: bar, baz, foo' |
771 | ||
772 | ||
773 |
def test_inspect_page_idp_role(pub): |
|
774 |
create_user(pub, is_admin=True) |
|
775 |
FormDef.wipe() |
|
776 | ||
777 |
app = login(get_app(pub)) |
|
778 | ||
779 |
role = pub.role_class(name='plop') |
|
780 |
role.uuid = 'd4b59e1ffb204dfd99fd3760f4952999' |
|
781 |
role.store() |
|
782 | ||
783 |
formdef = FormDef() |
|
784 |
formdef.name = 'form title' |
|
785 |
formdef.fields = [] |
|
786 |
formdef.workflow_roles = {'_receiver': role.id} |
|
787 |
formdef.store() |
|
788 |
formdef.data_class().wipe() |
|
789 | ||
790 |
formdata = formdef.data_class()() |
|
791 |
formdata.just_created() |
|
792 |
formdata.store() |
|
793 | ||
794 |
pub.cfg['sp'] = {'idp-manage-roles': True} |
|
795 |
pub.cfg['idp'] = {'xxx': {'metadata_url': 'https://idp.example.net/idp/saml2/metadata'}} |
|
796 |
pub.write_cfg() |
|
797 | ||
798 |
resp = app.get('%sinspect' % formdata.get_url(backoffice=True), status=200) |
|
799 |
assert resp.pyquery('[data-function-key="_receiver"] a').text() == 'plop' |
|
800 |
assert ( |
|
801 |
resp.pyquery('[data-function-key="_receiver"] a').attr.href |
|
802 |
== 'https://idp.example.net/manage/roles/uuid:d4b59e1ffb204dfd99fd3760f4952999/' |
|
803 |
) |
wcs/backoffice/management.py | ||
---|---|---|
3613 | 3613 |
if self.formdef.workflow.roles: |
3614 | 3614 |
workflow = self.formdef.workflow |
3615 | 3615 |
for key, label in (workflow.roles or {}).items(): |
3616 |
r += htmltext('<li><span class="label">%s</span>') % label
|
|
3616 |
r += htmltext('<li data-function-key="%s"><span class="label">%s</span>') % (key, label)
|
|
3617 | 3617 |
r += htmltext('<div class="value">') |
3618 | 3618 |
acting_role_ids = self.filled.get_function_roles(key) |
3619 | 3619 |
acting_role_names = [] |
... | ... | |
3621 | 3621 |
try: |
3622 | 3622 |
if acting_role_id.startswith('_user:'): |
3623 | 3623 |
acting_role = get_publisher().user_class.get(acting_role_id.split(':')[1]) |
3624 |
else: |
|
3625 |
acting_role = get_publisher().role_class.get(acting_role_id) |
|
3626 |
if key in (self.filled.workflow_roles or {}): |
|
3627 | 3624 |
acting_role_names.append(acting_role.name) |
3628 | 3625 |
else: |
3629 |
acting_role_names.append('%s (%s)' % (acting_role.name, _('default'))) |
|
3626 |
acting_role = get_publisher().role_class.get(acting_role_id) |
|
3627 |
if key not in (self.filled.workflow_roles or {}): |
|
3628 |
suffix = ' (%s)' % _('default') |
|
3629 |
else: |
|
3630 |
suffix = '' |
|
3631 |
acting_role_names.append(acting_role.get_as_inline_html() + suffix) |
|
3630 | 3632 |
except KeyError: |
3631 | 3633 |
acting_role_names.append('%s (%s)' % (acting_role_id, _('deleted'))) |
3632 | 3634 |
if acting_role_names: |
3633 | 3635 |
acting_role_names.sort() |
3634 |
r += ', '.join(acting_role_names)
|
|
3636 |
r += htmltext(', ').join(acting_role_names)
|
|
3635 | 3637 |
else: |
3636 | 3638 |
r += htmltext('<span class="unset">%s</span>') % _('unset') |
3637 | 3639 |
r += htmltext('</div>') |
wcs/roles.py | ||
---|---|---|
14 | 14 |
# You should have received a copy of the GNU General Public License |
15 | 15 |
# along with this program; if not, see <http://www.gnu.org/licenses/>. |
16 | 16 | |
17 |
import urllib.parse |
|
17 | 18 |
import xml.etree.ElementTree as ET |
18 | 19 | |
19 | 20 |
from django.utils.encoding import force_text |
20 | 21 |
from quixote import get_publisher |
22 |
from quixote.html import htmltext |
|
21 | 23 | |
22 |
from .qommon import _, misc |
|
24 |
from .qommon import _, get_cfg, misc
|
|
23 | 25 |
from .qommon.storage import StorableObject |
24 | 26 | |
25 | 27 | |
... | ... | |
171 | 173 |
return role |
172 | 174 |
return None |
173 | 175 | |
176 |
def get_as_inline_html(self): |
|
177 |
from .qommon.ident.idp import is_idp_managing_user_roles |
|
178 | ||
179 |
if not (is_idp_managing_user_roles() and self.uuid): |
|
180 |
return self.name |
|
181 | ||
182 |
idps = get_cfg('idp', {}) |
|
183 |
entity_id = list(idps.values())[0]['metadata_url'] |
|
184 |
base_url = entity_id.split('idp/saml2/metadata')[0] |
|
185 |
url = urllib.parse.urljoin(base_url, '/manage/roles/uuid:%s/' % self.uuid) |
|
186 | ||
187 |
return htmltext('<a href="%(url)s">%(name)s</a>') % {'url': url, 'name': self.name} |
|
188 | ||
174 | 189 | |
175 | 190 |
def logged_users_role(): |
176 | 191 |
volatile_role = Role.volatile() |
177 |
- |