0003-manager-filter-api-client-s-assignable-roles-dependi.patch

Paul Marillonnet, 23 décembre 2022 12:51

Voir les différences: en ligne côte à côte

Subject: [PATCH 3/4] manager: filter api client's assignable roles depending
 on its OU (#72703)

 src/authentic2/manager/apiclient_views.py |  7 +++++-
 tests/test_manager_apiclient.py           | 26 +++++++++++++++++++++--
 2 files changed, 30 insertions(+), 3 deletions(-)

     from django.utils.translation import gettext_lazy as _
     from django.views.generic import CreateView, DeleteView, DetailView, ListView, UpdateView
     from authentic2.a2_rbac.models import OrganizationalUnit
     from authentic2.a2_rbac.models import OrganizationalUnit, Role
     from authentic2.manager import forms
     from authentic2.manager.views import MediaMixin, PermissionMixin, TitleMixin
     from authentic2.models import APIClient
-...
                 form.fields['ou'].queryset = OrganizationalUnit.objects.filter(id__in=allowed_ous)
                 form.fields['ou'].required = True
                 form.fields['ou'].empty_label = None
             api_client = self.object
             if api_client and api_client.ou is not None:
                 form.fields['apiclient_roles'].queryset = Role.objects.filter(ou=api_client.ou).exclude(
                     slug__startswith='_'
+                )
             return form

         assert delete_button.text() == 'Delete'
     def test_edit(superuser, app):
     def test_edit(superuser, app, ou1, ou2):
         role_1 = Role.objects.create(name='role-1', ou=ou1)
         role_2 = Role.objects.create(name='role-2', ou=ou2)
         role_3 = Role.objects.create(name='role-3', ou=ou1)
         api_client = APIClient.objects.create(
             name='foo', description='foo-description', identifier='foo-identifier', password='foo-password'
             name='foo',
             description='foo-description',
             identifier='foo-identifier',
             password='foo-password',
             ou=ou1,
+        )
         assert APIClient.objects.count() == 1
         resp = login(app, superuser, 'a2-manager-api-client-edit', kwargs={'pk': api_client.pk})
-...
         assert form.get('password').value == 'foo-password'
         assert ('', False, '---------') in form['ou'].options
         resp.form.set('password', 'easy')
         with pytest.raises(KeyError):
             # forcing values not presented by the Select2ModelMultipleChoiceField,
             # should not happen in UI
             form['apiclient_roles'].force_value([role_1.id, role_2.id])
             form.submit()
         form['apiclient_roles'].force_value([role_1.id, role_3.id])
         response = form.submit().follow()
         assert urlparse(response.request.url).path == api_client.get_absolute_url()
         assert APIClient.objects.count() == 1
-...
     def test_edit_local_admin(admin_ou1, app, ou1, ou2):
         role_1 = Role.objects.create(name='role-1', ou=ou1)
         role_2 = Role.objects.create(name='role-2', ou=ou2)
         role_3 = Role.objects.create(name='role-3', ou=ou1)
         api_client_ou1 = APIClient.objects.create(
             name='foo',
             description='foo-description',
-...
         assert form.get('password').value == 'foo-password'
         resp.form.set('password', 'easy')
         assert ('', False, '---------') not in form['ou'].options
         with pytest.raises(KeyError):
             # forcing values not presented by the Select2ModelMultipleChoiceField,
             # should not happen in UI
             form['apiclient_roles'].force_value([role_1.id, role_2.id])
             form.submit()
         form['apiclient_roles'].force_value([role_1.id, role_3.id])
         response = form.submit().follow()
         assert urlparse(response.request.url).path == api_client_ou1.get_absolute_url()
         api_client = APIClient.objects.get(password='easy')
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0003-manager-filter-api-client-s-assignable-roles-dependi.patch