0001-authenticators-add-import-export-65360.patch
src/authentic2/apps/authenticators/forms.py | ||
---|---|---|
14 | 14 |
# You should have received a copy of the GNU Affero General Public License |
15 | 15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | 16 | |
17 |
import json |
|
18 | ||
17 | 19 |
from django import forms |
20 |
from django.core.exceptions import ValidationError |
|
18 | 21 |
from django.db.models import Max |
19 | 22 |
from django.utils.translation import ugettext as _ |
20 | 23 | |
... | ... | |
54 | 57 |
return super().save() |
55 | 58 | |
56 | 59 | |
60 |
class AuthenticatorImportForm(forms.Form): |
|
61 |
authenticator_json = forms.FileField(label=_('Authenticator export file')) |
|
62 | ||
63 |
def clean_authenticator_json(self): |
|
64 |
try: |
|
65 |
return json.loads(self.cleaned_data['authenticator_json'].read().decode()) |
|
66 |
except ValueError: |
|
67 |
raise ValidationError(_('File is not in the expected JSON format.')) |
|
68 | ||
69 | ||
57 | 70 |
class LoginPasswordAuthenticatorEditForm(forms.ModelForm): |
58 | 71 |
class Meta: |
59 | 72 |
model = LoginPasswordAuthenticator |
src/authentic2/apps/authenticators/manager_urls.py | ||
---|---|---|
76 | 76 |
views.journal, |
77 | 77 |
name='a2-manager-authenticator-journal', |
78 | 78 |
), |
79 |
path('authenticators/<int:pk>/export/', views.export_json, name='a2-manager-authenticator-export'), |
|
80 |
path('authenticators/import/', views.import_json, name='a2-manager-authenticator-import'), |
|
79 | 81 |
path( |
80 | 82 |
'authenticators/order/', |
81 | 83 |
views.order, |
src/authentic2/apps/authenticators/models.py | ||
---|---|---|
18 | 18 |
import logging |
19 | 19 |
import uuid |
20 | 20 | |
21 |
from django.apps import apps |
|
21 | 22 |
from django.core.exceptions import ValidationError |
22 | 23 |
from django.db import models |
24 |
from django.db.models import Max |
|
23 | 25 |
from django.shortcuts import render, reverse |
24 | 26 |
from django.utils.formats import date_format |
25 | 27 |
from django.utils.text import capfirst |
... | ... | |
28 | 30 | |
29 | 31 |
from authentic2 import views |
30 | 32 |
from authentic2.a2_rbac.models import Role |
33 |
from authentic2.data_transfer import search_ou, search_role |
|
31 | 34 |
from authentic2.manager.utils import label_from_role |
32 | 35 |
from authentic2.utils.evaluate import condition_validator, evaluate_condition |
33 | 36 | |
... | ... | |
36 | 39 |
logger = logging.getLogger(__name__) |
37 | 40 | |
38 | 41 | |
42 |
class AuthenticatorImportError(Exception): |
|
43 |
pass |
|
44 | ||
45 | ||
39 | 46 |
class BaseAuthenticator(models.Model): |
40 | 47 |
uuid = models.CharField(max_length=255, unique=True, default=uuid.uuid4, editable=False) |
41 | 48 |
name = models.CharField(_('Name'), blank=True, max_length=128) |
... | ... | |
76 | 83 |
authenticators = AuthenticatorManager() |
77 | 84 | |
78 | 85 |
type = '' |
79 |
related_models = []
|
|
86 |
related_models = {}
|
|
80 | 87 |
related_object_form_class = None |
81 | 88 |
manager_view_template_name = 'authentic2/authenticators/authenticator_detail.html' |
82 | 89 |
unique = False |
... | ... | |
142 | 149 |
return False |
143 | 150 |
return True |
144 | 151 | |
152 |
def export_json(self): |
|
153 |
data = { |
|
154 |
'authenticator_type': '%s.%s' % (self._meta.app_label, self._meta.model_name), |
|
155 |
} |
|
156 | ||
157 |
fields = [ |
|
158 |
f for f in self._meta.get_fields() if not f.is_relation and not f.auto_created and f.editable |
|
159 |
] |
|
160 |
data.update({field.name: getattr(self, field.attname) for field in fields}) |
|
161 | ||
162 |
data['ou'] = self.ou and self.ou.natural_key_json() |
|
163 |
data['related_objects'] = [obj.export_json() for qs in self.related_models.values() for obj in qs] |
|
164 | ||
165 |
return data |
|
166 | ||
167 |
@staticmethod |
|
168 |
def import_json(data): |
|
169 |
def get_model_from_dict(data, key): |
|
170 |
try: |
|
171 |
model_name = data.pop(key) |
|
172 |
except KeyError: |
|
173 |
raise AuthenticatorImportError(_('Missing "%s" key.') % key) |
|
174 | ||
175 |
try: |
|
176 |
return apps.get_model(model_name) |
|
177 |
except LookupError: |
|
178 |
raise AuthenticatorImportError( |
|
179 |
_('Unknown %(key)s: %(value)s.') % {'key': key, 'value': model_name} |
|
180 |
) |
|
181 |
except ValueError: |
|
182 |
raise AuthenticatorImportError( |
|
183 |
_('Invalid %(key)s: %(value)s.') % {'key': key, 'value': model_name} |
|
184 |
) |
|
185 | ||
186 |
related_objects = data.pop('related_objects', []) |
|
187 | ||
188 |
ou = data.pop('ou', None) |
|
189 |
if ou: |
|
190 |
data['ou'] = search_ou(ou) |
|
191 |
if not data['ou']: |
|
192 |
raise AuthenticatorImportError(_('Organization unit not found: %s.') % ou) |
|
193 | ||
194 |
model = get_model_from_dict(data, 'authenticator_type') |
|
195 |
try: |
|
196 |
slug = data.pop('slug') |
|
197 |
except KeyError: |
|
198 |
raise AuthenticatorImportError(_('Missing slug.')) |
|
199 |
authenticator, created = model.objects.update_or_create(slug=slug, defaults=data) |
|
200 | ||
201 |
for obj in related_objects: |
|
202 |
model = get_model_from_dict(obj, 'object_type') |
|
203 |
model.import_json(obj, authenticator) |
|
204 | ||
205 |
if created: |
|
206 |
max_order = BaseAuthenticator.objects.aggregate(max=Max('order'))['max'] or 0 |
|
207 |
authenticator.order = max_order + 1 |
|
208 |
authenticator.save() |
|
209 | ||
210 |
return authenticator, created |
|
211 | ||
145 | 212 | |
146 | 213 |
class AuthenticatorRelatedObjectBase(models.Model): |
147 | 214 |
authenticator = models.ForeignKey(BaseAuthenticator, on_delete=models.CASCADE) |
... | ... | |
160 | 227 |
def verbose_name_plural(self): |
161 | 228 |
return self._meta.verbose_name_plural |
162 | 229 | |
230 |
def export_json(self): |
|
231 |
data = { |
|
232 |
'object_type': '%s.%s' % (self._meta.app_label, self._meta.model_name), |
|
233 |
} |
|
234 | ||
235 |
fields = [ |
|
236 |
f for f in self._meta.get_fields() if not f.is_relation and not f.auto_created and f.editable |
|
237 |
] |
|
238 |
data.update({field.name: getattr(self, field.attname) for field in fields}) |
|
239 |
return data |
|
240 | ||
241 |
@classmethod |
|
242 |
def import_json(cls, data, authenticator): |
|
243 |
cls.objects.update_or_create(authenticator=authenticator, **data) |
|
244 | ||
163 | 245 | |
164 | 246 |
class AddRoleAction(AuthenticatorRelatedObjectBase): |
165 | 247 |
role = models.ForeignKey(Role, verbose_name=_('Role'), on_delete=models.CASCADE) |
... | ... | |
176 | 258 |
def __str__(self): |
177 | 259 |
return label_from_role(self.role) |
178 | 260 | |
261 |
def export_json(self): |
|
262 |
data = super().export_json() |
|
263 |
data['role'] = self.role.natural_key_json() |
|
264 |
return data |
|
265 | ||
266 |
@classmethod |
|
267 |
def import_json(cls, data, authenticator): |
|
268 |
try: |
|
269 |
role = data.pop('role') |
|
270 |
except KeyError: |
|
271 |
raise AuthenticatorImportError(_('Missing "role" key in add role action.')) |
|
272 | ||
273 |
data['role'] = search_role(role) |
|
274 |
if not data['role']: |
|
275 |
raise AuthenticatorImportError(_('Role not found: %s.') % role) |
|
276 | ||
277 |
super().import_json(data, authenticator) |
|
278 | ||
179 | 279 | |
180 | 280 |
class LoginPasswordAuthenticator(BaseAuthenticator): |
181 | 281 |
remember_me = models.PositiveIntegerField( |
src/authentic2/apps/authenticators/templates/authentic2/authenticators/authenticator_detail.html | ||
---|---|---|
11 | 11 |
{% endif %} |
12 | 12 |
<a href="{% url 'a2-manager-authenticator-edit' pk=object.pk %}">{% trans "Edit" %}</a> |
13 | 13 |
<ul class="extra-actions-menu"> |
14 |
<li><a href="{% url 'a2-manager-authenticator-export' pk=object.pk %}">{% trans "Export" %}</a></li> |
|
14 | 15 |
<li><a href="{% url 'a2-manager-authenticator-journal' pk=object.pk %}">{% trans "Journal" %}</a></li> |
15 | 16 |
{% if not object.protected %} |
16 | 17 |
<li><a rel="popup" href="{% url 'a2-manager-authenticator-delete' pk=object.pk %}">{% trans "Delete" %}</a></li> |
src/authentic2/apps/authenticators/templates/authentic2/authenticators/authenticators.html | ||
---|---|---|
4 | 4 |
{% block appbar %} |
5 | 5 |
{{ block.super }} |
6 | 6 |
<span class="actions"> |
7 |
<a class="extra-actions-menu-opener"></a> |
|
7 | 8 |
<a href="{% url 'a2-manager-authenticators-order' %}" rel="popup">{% trans "Edit order" %}</a> |
8 | 9 |
<a href="{% url 'a2-manager-authenticator-add' %}" rel="popup">{% trans "Add new authenticator" %}</a> |
10 |
<ul class="extra-actions-menu"> |
|
11 |
<li><a href="{% url 'a2-manager-authenticator-import' %}" rel="popup">{% trans "Import" %}</a></li> |
|
12 |
</ul> |
|
9 | 13 |
</span> |
10 | 14 |
{% endblock %} |
11 | 15 |
src/authentic2/apps/authenticators/views.py | ||
---|---|---|
14 | 14 |
# You should have received a copy of the GNU Affero General Public License |
15 | 15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | 16 | |
17 |
import datetime |
|
18 |
import json |
|
19 | ||
17 | 20 |
from django.apps import apps |
18 | 21 |
from django.contrib import messages |
19 | 22 |
from django.core.exceptions import PermissionDenied |
20 | 23 |
from django.forms.models import modelform_factory |
21 |
from django.http import Http404, HttpResponseRedirect |
|
24 |
from django.http import Http404, HttpResponse, HttpResponseRedirect
|
|
22 | 25 |
from django.shortcuts import get_object_or_404 |
23 | 26 |
from django.urls import reverse, reverse_lazy |
24 | 27 |
from django.utils.functional import cached_property |
... | ... | |
27 | 30 |
from django.views.generic import CreateView, DeleteView, DetailView, FormView, UpdateView |
28 | 31 |
from django.views.generic.list import ListView |
29 | 32 | |
30 |
from authentic2.apps.authenticators import forms |
|
31 |
from authentic2.apps.authenticators.models import BaseAuthenticator |
|
32 | 33 |
from authentic2.apps.journal.views import JournalViewWithContext |
33 | 34 |
from authentic2.manager.journal_views import BaseJournalView |
34 | 35 |
from authentic2.manager.views import MediaMixin, TitleMixin |
35 | 36 | |
37 |
from . import forms |
|
38 |
from .models import AuthenticatorImportError, BaseAuthenticator |
|
39 | ||
36 | 40 | |
37 | 41 |
class AuthenticatorsMixin(MediaMixin, TitleMixin): |
38 | 42 |
model = BaseAuthenticator |
... | ... | |
190 | 194 |
journal = AuthenticatorJournal.as_view() |
191 | 195 | |
192 | 196 | |
197 |
class AuthenticatorExportView(AuthenticatorsMixin, DetailView): |
|
198 |
def get(self, request, *args, **kwargs): |
|
199 |
authenticator = self.get_object() |
|
200 | ||
201 |
response = HttpResponse(content_type='application/json') |
|
202 |
today = datetime.date.today() |
|
203 |
attachment = 'attachment; filename="export_{}_{}.json"'.format( |
|
204 |
authenticator.slug.replace('-', '_'), today.strftime('%Y%m%d') |
|
205 |
) |
|
206 |
response['Content-Disposition'] = attachment |
|
207 |
json.dump(authenticator.export_json(), response, indent=4) |
|
208 |
return response |
|
209 | ||
210 | ||
211 |
export_json = AuthenticatorExportView.as_view() |
|
212 | ||
213 | ||
214 |
class AuthenticatorImportView(AuthenticatorsMixin, FormView): |
|
215 |
form_class = forms.AuthenticatorImportForm |
|
216 |
template_name = 'authentic2/manager/import_form.html' |
|
217 |
title = _('Authenticator Import') |
|
218 | ||
219 |
def form_valid(self, form): |
|
220 |
try: |
|
221 |
self.authenticator, created = BaseAuthenticator.import_json( |
|
222 |
form.cleaned_data['authenticator_json'] |
|
223 |
) |
|
224 |
except AuthenticatorImportError as e: |
|
225 |
form.add_error('authenticator_json', e) |
|
226 |
return self.form_invalid(form) |
|
227 | ||
228 |
if created: |
|
229 |
messages.success(self.request, _('Authenticator has been created.')) |
|
230 |
else: |
|
231 |
messages.success(self.request, _('Authenticator has been updated.')) |
|
232 | ||
233 |
return super().form_valid(form) |
|
234 | ||
235 |
def get_success_url(self): |
|
236 |
return reverse('a2-manager-authenticator-detail', kwargs={'pk': self.authenticator.pk}) |
|
237 | ||
238 | ||
239 |
import_json = AuthenticatorImportView.as_view() |
|
240 | ||
241 | ||
193 | 242 |
class AuthenticatorsOrderView(AuthenticatorsMixin, FormView): |
194 | 243 |
template_name = 'authentic2/authenticators/authenticators_order_form.html' |
195 | 244 |
title = _('Configure display order') |
tests/test_manager_authenticators.py | ||
---|---|---|
14 | 14 |
# You should have received a copy of the GNU Affero General Public License |
15 | 15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
16 | 16 | |
17 |
import json |
|
18 | ||
17 | 19 |
import pytest |
18 | 20 |
from django import VERSION as DJ_VERSION |
19 | 21 |
from django.utils.html import escape |
22 |
from webtest import Upload |
|
20 | 23 | |
21 | 24 |
from authentic2.a2_rbac.utils import get_default_ou |
22 |
from authentic2.apps.authenticators.models import BaseAuthenticator, LoginPasswordAuthenticator |
|
25 |
from authentic2.apps.authenticators.models import AddRoleAction, BaseAuthenticator, LoginPasswordAuthenticator
|
|
23 | 26 |
from authentic2.models import Attribute |
24 | 27 |
from authentic2_auth_fc.models import FcAuthenticator |
25 |
from authentic2_auth_oidc.models import OIDCProvider |
|
26 |
from authentic2_auth_saml.models import SAMLAuthenticator |
|
28 |
from authentic2_auth_oidc.models import OIDCClaimMapping, OIDCProvider
|
|
29 |
from authentic2_auth_saml.models import SAMLAuthenticator, SetAttributeAction
|
|
27 | 30 | |
28 | 31 |
from .utils import assert_event, login, logout |
29 | 32 | |
... | ... | |
101 | 104 |
assert 'Password' not in resp.text |
102 | 105 | |
103 | 106 | |
107 |
@pytest.mark.freeze_time('2022-04-19 14:00') |
|
108 |
def test_authenticators_password_export(app, superuser): |
|
109 |
resp = login(app, superuser, path='/manage/authenticators/') |
|
110 |
assert LoginPasswordAuthenticator.objects.count() == 1 |
|
111 | ||
112 |
resp = resp.click('Configure') |
|
113 |
resp = resp.click('Export') |
|
114 |
assert resp.headers['content-type'] == 'application/json' |
|
115 |
assert ( |
|
116 |
resp.headers['content-disposition'] |
|
117 |
== 'attachment; filename="export_password_authenticator_20220419.json"' |
|
118 |
) |
|
119 | ||
120 |
authenticator_json = json.loads(resp.text) |
|
121 |
assert authenticator_json == { |
|
122 |
'authenticator_type': 'authenticators.loginpasswordauthenticator', |
|
123 |
'button_description': '', |
|
124 |
'button_label': 'Login', |
|
125 |
'include_ou_selector': False, |
|
126 |
'name': '', |
|
127 |
'ou': None, |
|
128 |
'related_objects': [], |
|
129 |
'remember_me': None, |
|
130 |
'show_condition': '', |
|
131 |
'slug': 'password-authenticator', |
|
132 |
} |
|
133 | ||
134 |
resp = app.get('/manage/authenticators/') |
|
135 |
resp = resp.click('Import') |
|
136 |
authenticator_json['button_description'] = 'test' |
|
137 |
resp.form['authenticator_json'] = Upload( |
|
138 |
'export.json', json.dumps(authenticator_json).encode(), 'application/json' |
|
139 |
) |
|
140 |
resp = resp.form.submit() |
|
141 |
assert LoginPasswordAuthenticator.objects.count() == 1 |
|
142 |
assert LoginPasswordAuthenticator.objects.get().button_description == 'test' |
|
143 | ||
144 | ||
104 | 145 |
@pytest.mark.freeze_time('2022-04-19 14:00') |
105 | 146 |
def test_authenticators_oidc(app, superuser, ou1, ou2): |
106 | 147 |
resp = login(app, superuser, path='/manage/authenticators/') |
... | ... | |
233 | 274 |
assert 'role_ou1' in resp.text |
234 | 275 | |
235 | 276 | |
277 |
def test_authenticators_oidc_export(app, superuser, simple_role): |
|
278 |
authenticator = OIDCProvider.objects.create(slug='idp1', order=42, ou=get_default_ou(), enabled=True) |
|
279 |
OIDCClaimMapping.objects.create(authenticator=authenticator, claim='test', attribute='hop') |
|
280 |
AddRoleAction.objects.create(authenticator=authenticator, role=simple_role) |
|
281 | ||
282 |
resp = login(app, superuser, path=authenticator.get_absolute_url()) |
|
283 |
export_resp = resp.click('Export') |
|
284 | ||
285 |
resp = app.get('/manage/authenticators/import/') |
|
286 |
resp.form['authenticator_json'] = Upload('export.json', export_resp.body, 'application/json') |
|
287 |
resp = resp.form.submit() |
|
288 |
assert '/authenticators/%s/' % authenticator.pk in resp.location |
|
289 | ||
290 |
resp = resp.follow() |
|
291 |
assert 'Authenticator has been updated.' in resp.text |
|
292 |
assert OIDCProvider.objects.count() == 1 |
|
293 |
assert OIDCClaimMapping.objects.count() == 1 |
|
294 |
assert AddRoleAction.objects.count() == 1 |
|
295 | ||
296 |
OIDCProvider.objects.all().delete() |
|
297 |
OIDCClaimMapping.objects.all().delete() |
|
298 |
AddRoleAction.objects.all().delete() |
|
299 | ||
300 |
resp = app.get('/manage/authenticators/import/') |
|
301 |
resp.form['authenticator_json'] = Upload('export.json', export_resp.body, 'application/json') |
|
302 |
resp = resp.form.submit().follow() |
|
303 |
assert 'Authenticator has been created.' in resp.text |
|
304 | ||
305 |
authenticator = OIDCProvider.objects.get() |
|
306 |
assert authenticator.slug == 'idp1' |
|
307 |
assert authenticator.order == 1 |
|
308 |
assert authenticator.ou == get_default_ou() |
|
309 |
assert authenticator.enabled is False |
|
310 |
assert OIDCClaimMapping.objects.filter( |
|
311 |
authenticator=authenticator, claim='test', attribute='hop' |
|
312 |
).exists() |
|
313 |
assert AddRoleAction.objects.filter(authenticator=authenticator, role=simple_role).exists() |
|
314 | ||
315 | ||
316 |
def test_authenticators_oidc_import_errors(app, superuser, simple_role): |
|
317 |
resp = login(app, superuser, path='/manage/authenticators/import/') |
|
318 |
resp.form['authenticator_json'] = Upload('export.json', b'not-json', 'application/json') |
|
319 |
resp = resp.form.submit() |
|
320 |
assert 'File is not in the expected JSON format.' in resp.text |
|
321 | ||
322 |
resp.form['authenticator_json'] = Upload('export.json', b'{}', 'application/json') |
|
323 |
resp = resp.form.submit() |
|
324 |
assert escape('Missing "authenticator_type" key.') in resp.text |
|
325 | ||
326 |
resp.form['authenticator_json'] = Upload( |
|
327 |
'export.json', b'{"authenticator_type": "xxx"}', 'application/json' |
|
328 |
) |
|
329 |
resp = resp.form.submit() |
|
330 |
assert 'Invalid authenticator_type: xxx.' in resp.text |
|
331 | ||
332 |
resp.form['authenticator_json'] = Upload( |
|
333 |
'export.json', b'{"authenticator_type": "x.y"}', 'application/json' |
|
334 |
) |
|
335 |
resp = resp.form.submit() |
|
336 |
assert 'Unknown authenticator_type: x.y.' in resp.text |
|
337 | ||
338 |
authenticator = OIDCProvider.objects.create(slug='idp1', order=42, ou=get_default_ou(), enabled=True) |
|
339 |
AddRoleAction.objects.create(authenticator=authenticator, role=simple_role) |
|
340 | ||
341 |
export_resp = app.get('/manage/authenticators/%s/export/' % authenticator.pk) |
|
342 | ||
343 |
export = json.loads(export_resp.text) |
|
344 |
del export['slug'] |
|
345 |
resp.form['authenticator_json'] = Upload('export.json', json.dumps(export).encode(), 'application/json') |
|
346 |
resp = resp.form.submit() |
|
347 |
assert 'Missing slug.' in resp.text |
|
348 | ||
349 |
export = json.loads(export_resp.text) |
|
350 |
export['ou'] = {'slug': 'xxx'} |
|
351 |
resp.form['authenticator_json'] = Upload('export.json', json.dumps(export).encode(), 'application/json') |
|
352 |
resp = resp.form.submit() |
|
353 |
assert escape("Organization unit not found: {'slug': 'xxx'}.") in resp.text |
|
354 | ||
355 |
export = json.loads(export_resp.text) |
|
356 |
del export['related_objects'][0]['object_type'] |
|
357 |
resp.form['authenticator_json'] = Upload('export.json', json.dumps(export).encode(), 'application/json') |
|
358 |
resp = resp.form.submit() |
|
359 |
assert escape('Missing "object_type" key.') in resp.text |
|
360 | ||
361 |
export = json.loads(export_resp.text) |
|
362 |
del export['related_objects'][0]['role'] |
|
363 |
resp.form['authenticator_json'] = Upload('export.json', json.dumps(export).encode(), 'application/json') |
|
364 |
resp = resp.form.submit() |
|
365 |
assert escape('Missing "role" key in add role action.') in resp.text |
|
366 | ||
367 |
export = json.loads(export_resp.text) |
|
368 |
export['related_objects'][0]['role'] = {'slug': 'xxx'} |
|
369 |
resp.form['authenticator_json'] = Upload('export.json', json.dumps(export).encode(), 'application/json') |
|
370 |
resp = resp.form.submit() |
|
371 |
assert escape("Role not found: {'slug': 'xxx'}.") in resp.text |
|
372 | ||
373 | ||
236 | 374 |
def test_authenticators_fc(app, superuser): |
237 | 375 |
resp = login(app, superuser, path='/manage/authenticators/') |
238 | 376 | |
... | ... | |
423 | 561 |
assert 'role_ou2' in resp.text |
424 | 562 | |
425 | 563 | |
564 |
def test_authenticators_saml_export(app, superuser, simple_role): |
|
565 |
authenticator = SAMLAuthenticator.objects.create(metadata='meta1.xml', slug='idp1') |
|
566 |
SetAttributeAction.objects.create(authenticator=authenticator, user_field='test', saml_attribute='hop') |
|
567 |
AddRoleAction.objects.create(authenticator=authenticator, role=simple_role) |
|
568 | ||
569 |
resp = login(app, superuser, path=authenticator.get_absolute_url()) |
|
570 |
export_resp = resp.click('Export') |
|
571 | ||
572 |
SAMLAuthenticator.objects.all().delete() |
|
573 |
SetAttributeAction.objects.all().delete() |
|
574 |
AddRoleAction.objects.all().delete() |
|
575 | ||
576 |
resp = app.get('/manage/authenticators/import/') |
|
577 |
resp.form['authenticator_json'] = Upload('export.json', export_resp.body, 'application/json') |
|
578 |
resp = resp.form.submit().follow() |
|
579 | ||
580 |
authenticator = SAMLAuthenticator.objects.get() |
|
581 |
assert authenticator.slug == 'idp1' |
|
582 |
assert authenticator.metadata == 'meta1.xml' |
|
583 |
assert SetAttributeAction.objects.filter( |
|
584 |
authenticator=authenticator, user_field='test', saml_attribute='hop' |
|
585 |
).exists() |
|
586 |
assert AddRoleAction.objects.filter(authenticator=authenticator, role=simple_role).exists() |
|
587 | ||
588 | ||
426 | 589 |
def test_authenticators_order(app, superuser): |
427 | 590 |
resp = login(app, superuser, path='/manage/authenticators/') |
428 | 591 | |
429 |
- |