0001-authentic2-remove-remaining-dependancies-to-RoleAttr.patch
hobo/agent/authentic2/provisionning.py | ||
---|---|---|
317 | 317 |
) |
318 | 318 | |
319 | 319 |
roles = {role for role in roles if not is_forbidden_technical_role(role)} |
320 |
if mode == 'provision': |
|
320 |
if mode == 'provision' and not hasattr(RoleAttribute, 'dummy'):
|
|
321 | 321 |
self.complete_roles(roles) |
322 | 322 | |
323 | 323 |
if not roles: |
tests_authentic/data_authentic_export_site.json | ||
---|---|---|
12 | 12 |
], |
13 | 13 |
"roles": [ |
14 | 14 |
{ |
15 |
"attributes": [ |
|
16 |
{ |
|
17 |
"kind": "json", |
|
18 |
"name": "details", |
|
19 |
"value": "\"\"" |
|
20 |
}, |
|
21 |
{ |
|
22 |
"kind": "json", |
|
23 |
"name": "emails", |
|
24 |
"value": "[]" |
|
25 |
}, |
|
26 |
{ |
|
27 |
"kind": "json", |
|
28 |
"name": "emails_to_members", |
|
29 |
"value": "false" |
|
30 |
} |
|
31 |
], |
|
32 | 15 |
"description": "", |
33 | 16 |
"external_id": "", |
34 | 17 |
"name": "Debug eo", |
tests_authentic/test_hobo_deploy.py | ||
---|---|---|
475 | 475 |
assert service_provider.users_can_manage_federations is False |
476 | 476 |
assert Role.objects.filter(slug='_a2-hobo-superuser', service=provider).count() == 1 |
477 | 477 |
su_role = Role.objects.get(slug='_a2-hobo-superuser', service=provider) |
478 |
assert su_role.attributes.count() == 1 |
|
479 |
assert ( |
|
480 |
su_role.attributes.filter(name='is_superuser', kind='string', value='true').count() == 1 |
|
481 |
) |
|
478 |
assert su_role.is_superuser is True |
|
482 | 479 |
if i == 0 or service_id != 'wcs': |
483 | 480 |
assert provider.ou == get_default_ou() |
484 | 481 |
else: |
tests_authentic/test_provisionning.py | ||
---|---|---|
5 | 5 |
import lasso |
6 | 6 |
import pytest |
7 | 7 |
import requests |
8 |
from authentic2.a2_rbac.models import OrganizationalUnit, Role, RoleAttribute
|
|
8 |
from authentic2.a2_rbac.models import OrganizationalUnit, Role |
|
9 | 9 |
from authentic2.a2_rbac.utils import get_default_ou |
10 | 10 |
from authentic2.models import Attribute, AttributeValue |
11 | 11 |
from authentic2.saml.models import LibertyProvider |
... | ... | |
66 | 66 |
notify_agents.reset_mock() |
67 | 67 |
emails = ['john.doe@example.com', 'toto@entrouvert.com'] |
68 | 68 |
with provisionning: |
69 |
RoleAttribute.objects.create(role=role, name='emails', kind='json', value=json.dumps(emails)) |
|
70 |
RoleAttribute.objects.create( |
|
71 |
role=role, name='emails_to_members', kind='json', value=json.dumps(True) |
|
72 |
) |
|
69 |
role.emails = emails |
|
70 |
role.emails_to_members = True |
|
71 |
role.save() |
|
73 | 72 | |
74 | 73 |
assert notify_agents.call_count == 1 |
75 | 74 |
arg = notify_agents.call_args |
... | ... | |
134 | 133 |
entity_id='http://provider.com', |
135 | 134 |
protocol_conformance=lasso.PROTOCOL_SAML_2_0, |
136 | 135 |
) |
137 |
role = Role.objects.create(name='coin', service=service, ou=get_default_ou()) |
|
138 |
role.attributes.create(kind='string', name='is_superuser', value='true')
|
|
139 |
role2 = Role.objects.create(name='zob', service=service, ou=get_default_ou())
|
|
140 |
role2.attributes.create(kind='json', name='emails', value='["zob@example.net"]')
|
|
136 |
role = Role.objects.create(name='coin', service=service, ou=get_default_ou(), is_superuser=True)
|
|
137 |
role2 = Role.objects.create(
|
|
138 |
name='zob', service=service, ou=get_default_ou(), emails=['zob@example.net']
|
|
139 |
) |
|
141 | 140 |
child_role = Role.objects.create(name='child', ou=get_default_ou()) |
142 | 141 |
notify_agents.reset_mock() |
143 | 142 |
attribute = Attribute.objects.create(label='Code postal', name='code_postal', kind='string') |
144 |
- |