0001-authentic2-remove-remaining-dependancies-to-RoleAttr.patch
| hobo/agent/authentic2/provisionning.py | ||
|---|---|---|
| 317 | 317 |
) |
| 318 | 318 | |
| 319 | 319 |
roles = {role for role in roles if not is_forbidden_technical_role(role)}
|
| 320 |
if mode == 'provision': |
|
| 320 |
if mode == 'provision' and not hasattr(RoleAttribute, 'dummy'):
|
|
| 321 | 321 |
self.complete_roles(roles) |
| 322 | 322 | |
| 323 | 323 |
if not roles: |
| tests_authentic/data_authentic_export_site.json | ||
|---|---|---|
| 12 | 12 |
], |
| 13 | 13 |
"roles": [ |
| 14 | 14 |
{
|
| 15 |
"attributes": [ |
|
| 16 |
{
|
|
| 17 |
"kind": "json", |
|
| 18 |
"name": "details", |
|
| 19 |
"value": "\"\"" |
|
| 20 |
}, |
|
| 21 |
{
|
|
| 22 |
"kind": "json", |
|
| 23 |
"name": "emails", |
|
| 24 |
"value": "[]" |
|
| 25 |
}, |
|
| 26 |
{
|
|
| 27 |
"kind": "json", |
|
| 28 |
"name": "emails_to_members", |
|
| 29 |
"value": "false" |
|
| 30 |
} |
|
| 31 |
], |
|
| 32 | 15 |
"description": "", |
| 33 | 16 |
"external_id": "", |
| 34 | 17 |
"name": "Debug eo", |
| tests_authentic/test_hobo_deploy.py | ||
|---|---|---|
| 475 | 475 |
assert service_provider.users_can_manage_federations is False |
| 476 | 476 |
assert Role.objects.filter(slug='_a2-hobo-superuser', service=provider).count() == 1 |
| 477 | 477 |
su_role = Role.objects.get(slug='_a2-hobo-superuser', service=provider) |
| 478 |
assert su_role.attributes.count() == 1 |
|
| 479 |
assert ( |
|
| 480 |
su_role.attributes.filter(name='is_superuser', kind='string', value='true').count() == 1 |
|
| 481 |
) |
|
| 478 |
assert su_role.is_superuser is True |
|
| 482 | 479 |
if i == 0 or service_id != 'wcs': |
| 483 | 480 |
assert provider.ou == get_default_ou() |
| 484 | 481 |
else: |
| tests_authentic/test_provisionning.py | ||
|---|---|---|
| 5 | 5 |
import lasso |
| 6 | 6 |
import pytest |
| 7 | 7 |
import requests |
| 8 |
from authentic2.a2_rbac.models import OrganizationalUnit, Role, RoleAttribute
|
|
| 8 |
from authentic2.a2_rbac.models import OrganizationalUnit, Role |
|
| 9 | 9 |
from authentic2.a2_rbac.utils import get_default_ou |
| 10 | 10 |
from authentic2.models import Attribute, AttributeValue |
| 11 | 11 |
from authentic2.saml.models import LibertyProvider |
| ... | ... | |
| 66 | 66 |
notify_agents.reset_mock() |
| 67 | 67 |
emails = ['john.doe@example.com', 'toto@entrouvert.com'] |
| 68 | 68 |
with provisionning: |
| 69 |
RoleAttribute.objects.create(role=role, name='emails', kind='json', value=json.dumps(emails)) |
|
| 70 |
RoleAttribute.objects.create( |
|
| 71 |
role=role, name='emails_to_members', kind='json', value=json.dumps(True) |
|
| 72 |
) |
|
| 69 |
role.emails = emails |
|
| 70 |
role.emails_to_members = True |
|
| 71 |
role.save() |
|
| 73 | 72 | |
| 74 | 73 |
assert notify_agents.call_count == 1 |
| 75 | 74 |
arg = notify_agents.call_args |
| ... | ... | |
| 134 | 133 |
entity_id='http://provider.com', |
| 135 | 134 |
protocol_conformance=lasso.PROTOCOL_SAML_2_0, |
| 136 | 135 |
) |
| 137 |
role = Role.objects.create(name='coin', service=service, ou=get_default_ou()) |
|
| 138 |
role.attributes.create(kind='string', name='is_superuser', value='true')
|
|
| 139 |
role2 = Role.objects.create(name='zob', service=service, ou=get_default_ou())
|
|
| 140 |
role2.attributes.create(kind='json', name='emails', value='["zob@example.net"]')
|
|
| 136 |
role = Role.objects.create(name='coin', service=service, ou=get_default_ou(), is_superuser=True)
|
|
| 137 |
role2 = Role.objects.create(
|
|
| 138 |
name='zob', service=service, ou=get_default_ou(), emails=['zob@example.net']
|
|
| 139 |
) |
|
| 141 | 140 |
child_role = Role.objects.create(name='child', ou=get_default_ou()) |
| 142 | 141 |
notify_agents.reset_mock() |
| 143 | 142 |
attribute = Attribute.objects.create(label='Code postal', name='code_postal', kind='string') |
| 144 |
- |
|