0001-backoffice-make-roles-in-inspect-page-links-to-authe.patch
| tests/backoffice_pages/test_form_inspect.py | ||
|---|---|---|
| 768 | 768 |
assert 'rendered as an object' in resp.text |
| 769 | 769 |
assert resp.pyquery('.test-tool-lazylist-details li:first-child').text() == 'Number of items: 3'
|
| 770 | 770 |
assert resp.pyquery('.test-tool-lazylist-details li:last-child').text() == 'First items: bar, baz, foo'
|
| 771 | ||
| 772 | ||
| 773 |
def test_inspect_page_idp_role(pub): |
|
| 774 |
create_user(pub, is_admin=True) |
|
| 775 |
FormDef.wipe() |
|
| 776 | ||
| 777 |
app = login(get_app(pub)) |
|
| 778 | ||
| 779 |
role = pub.role_class(name='plop') |
|
| 780 |
role.uuid = 'd4b59e1ffb204dfd99fd3760f4952999' |
|
| 781 |
role.store() |
|
| 782 | ||
| 783 |
formdef = FormDef() |
|
| 784 |
formdef.name = 'form title' |
|
| 785 |
formdef.fields = [] |
|
| 786 |
formdef.workflow_roles = {'_receiver': role.id}
|
|
| 787 |
formdef.store() |
|
| 788 |
formdef.data_class().wipe() |
|
| 789 | ||
| 790 |
formdata = formdef.data_class()() |
|
| 791 |
formdata.just_created() |
|
| 792 |
formdata.store() |
|
| 793 | ||
| 794 |
pub.cfg['sp'] = {'idp-manage-roles': True}
|
|
| 795 |
pub.cfg['idp'] = {'xxx': {'metadata_url': 'https://idp.example.net/idp/saml2/metadata'}}
|
|
| 796 |
pub.write_cfg() |
|
| 797 | ||
| 798 |
resp = app.get('%sinspect' % formdata.get_url(backoffice=True), status=200)
|
|
| 799 |
assert resp.pyquery('[data-function-key="_receiver"] a').text() == 'plop'
|
|
| 800 |
assert ( |
|
| 801 |
resp.pyquery('[data-function-key="_receiver"] a').attr.href
|
|
| 802 |
== 'https://idp.example.net/manage/roles/uuid:d4b59e1ffb204dfd99fd3760f4952999/' |
|
| 803 |
) |
|
| wcs/backoffice/management.py | ||
|---|---|---|
| 3613 | 3613 |
if self.formdef.workflow.roles: |
| 3614 | 3614 |
workflow = self.formdef.workflow |
| 3615 | 3615 |
for key, label in (workflow.roles or {}).items():
|
| 3616 |
r += htmltext('<li><span class="label">%s</span>') % label
|
|
| 3616 |
r += htmltext('<li data-function-key="%s"><span class="label">%s</span>') % (key, label)
|
|
| 3617 | 3617 |
r += htmltext('<div class="value">')
|
| 3618 | 3618 |
acting_role_ids = self.filled.get_function_roles(key) |
| 3619 | 3619 |
acting_role_names = [] |
| ... | ... | |
| 3621 | 3621 |
try: |
| 3622 | 3622 |
if acting_role_id.startswith('_user:'):
|
| 3623 | 3623 |
acting_role = get_publisher().user_class.get(acting_role_id.split(':')[1])
|
| 3624 |
else: |
|
| 3625 |
acting_role = get_publisher().role_class.get(acting_role_id) |
|
| 3626 |
if key in (self.filled.workflow_roles or {}):
|
|
| 3627 | 3624 |
acting_role_names.append(acting_role.name) |
| 3628 | 3625 |
else: |
| 3629 |
acting_role_names.append('%s (%s)' % (acting_role.name, _('default')))
|
|
| 3626 |
acting_role = get_publisher().role_class.get(acting_role_id) |
|
| 3627 |
if key not in (self.filled.workflow_roles or {}):
|
|
| 3628 |
suffix = ' (%s)' % _('default')
|
|
| 3629 |
else: |
|
| 3630 |
suffix = '' |
|
| 3631 |
acting_role_names.append(acting_role.get_as_inline_html() + suffix) |
|
| 3630 | 3632 |
except KeyError: |
| 3631 | 3633 |
acting_role_names.append('%s (%s)' % (acting_role_id, _('deleted')))
|
| 3632 | 3634 |
if acting_role_names: |
| 3633 | 3635 |
acting_role_names.sort() |
| 3634 |
r += ', '.join(acting_role_names)
|
|
| 3636 |
r += htmltext(', ').join(acting_role_names)
|
|
| 3635 | 3637 |
else: |
| 3636 | 3638 |
r += htmltext('<span class="unset">%s</span>') % _('unset')
|
| 3637 | 3639 |
r += htmltext('</div>')
|
| wcs/roles.py | ||
|---|---|---|
| 14 | 14 |
# You should have received a copy of the GNU General Public License |
| 15 | 15 |
# along with this program; if not, see <http://www.gnu.org/licenses/>. |
| 16 | 16 | |
| 17 |
import urllib.parse |
|
| 17 | 18 |
import xml.etree.ElementTree as ET |
| 18 | 19 | |
| 19 | 20 |
from django.utils.encoding import force_text |
| 20 | 21 |
from quixote import get_publisher |
| 22 |
from quixote.html import htmltext |
|
| 21 | 23 | |
| 22 |
from .qommon import _, misc |
|
| 24 |
from .qommon import _, get_cfg, misc
|
|
| 23 | 25 |
from .qommon.storage import StorableObject |
| 24 | 26 | |
| 25 | 27 | |
| ... | ... | |
| 171 | 173 |
return role |
| 172 | 174 |
return None |
| 173 | 175 | |
| 176 |
def get_as_inline_html(self): |
|
| 177 |
from .qommon.ident.idp import is_idp_managing_user_roles |
|
| 178 | ||
| 179 |
if not (is_idp_managing_user_roles() and self.uuid): |
|
| 180 |
return self.name |
|
| 181 | ||
| 182 |
idps = get_cfg('idp', {})
|
|
| 183 |
entity_id = list(idps.values())[0]['metadata_url'] |
|
| 184 |
base_url = entity_id.split('idp/saml2/metadata')[0]
|
|
| 185 |
url = urllib.parse.urljoin(base_url, '/manage/roles/uuid:%s/' % self.uuid) |
|
| 186 | ||
| 187 |
return htmltext('<a href="%(url)s">%(name)s</a>') % {'url': url, 'name': self.name}
|
|
| 188 | ||
| 174 | 189 | |
| 175 | 190 |
def logged_users_role(): |
| 176 | 191 |
volatile_role = Role.volatile() |
| 177 |
- |
|