20 |
20 |
from django.urls import reverse
|
21 |
21 |
|
22 |
22 |
from authentic2.a2_rbac.models import Role
|
|
23 |
from authentic2.a2_rbac.utils import get_default_ou
|
23 |
24 |
from authentic2.models import APIClient
|
24 |
25 |
|
25 |
26 |
from .utils import login
|
... | ... | |
159 |
160 |
|
160 |
161 |
def test_add(superuser, app):
|
161 |
162 |
assert APIClient.objects.count() == 0
|
162 |
|
role_1 = Role.objects.create(name='role-1')
|
163 |
|
role_2 = Role.objects.create(name='role-2')
|
|
163 |
role_1 = Role.objects.create(name='role-1', ou=get_default_ou())
|
|
164 |
role_2 = Role.objects.create(name='role-2', ou=get_default_ou())
|
164 |
165 |
resp = login(app, superuser, 'a2-manager-api-client-add')
|
165 |
166 |
form = resp.form
|
166 |
167 |
# password is prefilled
|
... | ... | |
195 |
196 |
|
196 |
197 |
def test_add_description_non_mandatory(superuser, app):
|
197 |
198 |
assert APIClient.objects.count() == 0
|
198 |
|
role_1 = Role.objects.create(name='role-1')
|
199 |
|
role_2 = Role.objects.create(name='role-2')
|
|
199 |
role_1 = Role.objects.create(name='role-1', ou=get_default_ou())
|
|
200 |
role_2 = Role.objects.create(name='role-2', ou=get_default_ou())
|
200 |
201 |
resp = login(app, superuser, 'a2-manager-api-client-add')
|
201 |
202 |
form = resp.form
|
202 |
203 |
form.set('name', 'api-client-name')
|
... | ... | |
270 |
271 |
api_client = APIClient.objects.get(password='easy')
|
271 |
272 |
assert api_client.identifier == 'foo-identifier'
|
272 |
273 |
|
|
274 |
resp = app.get(reverse('a2-manager-api-client-edit', kwargs={'pk': api_client.pk}))
|
|
275 |
form = resp.form
|
|
276 |
form.set('ou', ou2.id)
|
|
277 |
response = form.submit()
|
|
278 |
errmsg = response.pyquery('div.error')[0].text
|
|
279 |
assert "do not belong to organizational unit OU2: role-1, role-3." in errmsg
|
|
280 |
response.form.set('ou', ou2.id)
|
|
281 |
response.form['apiclient_roles'].force_value([])
|
|
282 |
response.form.submit().follow()
|
|
283 |
api_client = APIClient.objects.get()
|
|
284 |
assert set(api_client.apiclient_roles.all()) == set()
|
|
285 |
assert api_client.ou == ou2
|
|
286 |
|
|
287 |
resp = app.get(reverse('a2-manager-api-client-edit', kwargs={'pk': api_client.pk}))
|
|
288 |
form = resp.form
|
|
289 |
form['apiclient_roles'].force_value([role_2.id])
|
|
290 |
response = form.submit().follow()
|
|
291 |
api_client = APIClient.objects.get()
|
|
292 |
assert api_client.ou == ou2
|
|
293 |
assert set(api_client.apiclient_roles.all()) == {role_2}
|
|
294 |
|
273 |
295 |
|
274 |
296 |
def test_edit_local_admin(admin_ou1, app, ou1, ou2):
|
275 |
297 |
role_1 = Role.objects.create(name='role-1', ou=ou1)
|
276 |
|
-
|