0002-api_views-handle-ou-wise-api-client-checks-71275.patch

Paul Marillonnet, 07 December 2022 04:28 PM

View differences: inline side by side

Subject: [PATCH 2/2] api_views: handle ou-wise api-client checks (#71275)

 src/authentic2/api_views.py | 11 ++++++++++-
 tests/api/test_all.py       | 23 ++++++++++++++++++++++-
 2 files changed, 32 insertions(+), 2 deletions(-)

     class CheckAPIClientSerializer(serializers.Serializer):
         identifier = serializers.CharField(required=True)
         password = serializers.CharField(required=True)
         ou = serializers.SlugRelatedField(
             queryset=OrganizationalUnit.objects.all(),
             slug_field='slug',
             default=None,
             required=False,
             allow_null=True,
+        )
     class CheckPasswordAPI(BaseRpcView):
-...
         def rpc(self, request, serializer):
             identifier = serializer.validated_data['identifier']
             password = serializer.validated_data['password']
             ou = serializer.validated_data.get('ou', None)
             api_client = None
             try:
                 api_client = APIClient.objects.get(identifier=identifier, password=password)
-...
                 pass
             result = {}
             if api_client is None:
             if api_client is None or ou and ou != api_client.ou:
                 result['err'] = 1
                 result['err_desc'] = 'api client not found'
             else:
-...
                     'is_anonymous': api_client.is_anonymous,
                     'is_authenticated': api_client.is_authenticated,
                     'is_superuser': api_client.is_superuser,
                     'ou': api_client.ou.slug if api_client.ou else None,
                     'restrict_to_anonymised_data': api_client.restrict_to_anonymised_data,
                     'roles': [role.uuid for role in api_client.apiclient_roles.all()],
+                }

+        )
     def test_check_api_client(app, superuser):
     def test_check_api_client(app, superuser, ou1, ou2):
         url = '/api/check-api-client/'
         payload = {'identifier': 'foo', 'password': 'bar'}
         resp = app.post_json(url, params=payload, status=401)
-...
         assert data['is_superuser'] is False
         assert data['restrict_to_anonymised_data'] is False
         assert data['roles'] == [role1.uuid]
         assert data['ou'] is None
         api_client.ou = ou1
         api_client.save()
         resp = app.post_json(url, params=payload)
         assert resp.json['data']['ou'] == 'ou1'
         payload['ou'] = ou1.slug
         resp = app.post_json(url, params=payload)
         assert resp.json['data']['ou'] == 'ou1'
         payload['ou'] = ou2.slug
         resp = app.post_json(url, params=payload)
         assert resp.json['err'] == 1
         assert resp.json['err_desc'] == 'api client not found'
         api_client.ou = None
         api_client.save()
         resp = app.post_json(url, params=payload)
         assert resp.json['err'] == 1
         assert resp.json['err_desc'] == 'api client not found'

Project

General

Profile

Produits Entr'ouvert » Authentic 2

0002-api_views-handle-ou-wise-api-client-checks-71275.patch