0002-agent-authentic2-make-objects-homogenous-in-a-provis.patch
hobo/agent/authentic2/apps.py | ||
---|---|---|
18 | 18 | |
19 | 19 |
from django.apps import AppConfig |
20 | 20 |
from django.db.models.signals import post_save, post_delete |
21 |
from django.db.models import Q |
|
22 | 21 |
from django.conf import settings |
23 | 22 | |
24 | 23 |
from django_rbac.utils import get_role_model |
... | ... | |
69 | 68 |
'@type': 'provision', |
70 | 69 |
'audience': get_audience(instance), |
71 | 70 |
'full': True, |
72 |
'objects': [ |
|
73 |
{ |
|
74 |
'@type': 'role', |
|
75 |
'uuid': role.uuid, |
|
76 |
'name': role.name, |
|
77 |
'slug': role.slug, |
|
78 |
'description': role.description, |
|
79 |
'emails': role.emails, |
|
80 |
'emails_to_members': role.emails_to_members, |
|
81 |
} for role in get_related_roles(instance) |
|
82 |
] |
|
71 |
'objects': { |
|
72 |
'@type': 'role', |
|
73 |
'data': [ |
|
74 |
{ |
|
75 |
'uuid': role.uuid, |
|
76 |
'name': role.name, |
|
77 |
'slug': role.slug, |
|
78 |
'description': role.description, |
|
79 |
'emails': role.emails, |
|
80 |
'emails_to_members': role.emails_to_members, |
|
81 |
} for role in get_related_roles(instance) |
|
82 |
], |
|
83 |
} |
|
83 | 84 |
}) |
84 | 85 |
except OrganizationalUnit.DoesNotExist: |
85 | 86 |
pass |
hobo/agent/common/management/commands/hobo_notify.py | ||
---|---|---|
48 | 48 |
and 'objects' in notification \ |
49 | 49 |
and 'audience' in notification \ |
50 | 50 |
and isinstance(notification['audience'], list) \ |
51 |
and isinstance(notification['objects'], list)
|
|
51 |
and isinstance(notification['objects'], dict)
|
|
52 | 52 | |
53 | 53 |
@classmethod |
54 | 54 |
def check_valid_role(cls, o): |
55 |
return '@type' in o \ |
|
56 |
and o['@type'] == 'role' \ |
|
57 |
and 'uuid' in o \ |
|
55 |
return 'uuid' in o \ |
|
58 | 56 |
and 'name' in o \ |
59 | 57 |
and 'description' in o |
60 | 58 | |
... | ... | |
99 | 97 |
if entity_id not in audience: |
100 | 98 |
return |
101 | 99 |
uuids = set() |
102 |
cls.provision_role(action, notification['objects'], full=full) |
|
100 |
object_type = notification['objects']['@type'] |
|
101 |
getattr(cls, 'provision_' + object_type)(action, notification['objects']['data'], full=full) |
tests_authentic/test_provisionning.py | ||
---|---|---|
27 | 27 |
assert arg['@type'] == 'provision' |
28 | 28 |
assert arg['full'] == True |
29 | 29 |
objects = arg['objects'] |
30 |
assert isinstance(objects, list) |
|
31 |
assert len(objects) == 2 |
|
30 |
assert isinstance(objects, dict) |
|
31 |
assert set(objects.keys()) == set(['data', '@type']) |
|
32 |
assert objects['@type'] == 'role' |
|
33 |
data = objects['data'] |
|
34 |
assert isinstance(data, list) |
|
35 |
assert len(data) == 2 |
|
32 | 36 |
like_role = 0 |
33 |
for o in objects:
|
|
34 |
assert set(o.keys()) == set(['@type', 'emails_to_members',
|
|
37 |
for o in data:
|
|
38 |
assert set(o.keys()) == set(['emails_to_members', |
|
35 | 39 |
'description', 'uuid', 'name', |
36 | 40 |
'slug', 'emails']) |
37 |
assert o['@type'] == 'role' |
|
38 | 41 |
assert o['emails_to_members'] == False |
39 | 42 |
assert o['emails'] == [] |
40 | 43 |
if o['uuid'] == role.uuid and o['name'] == role.name \ |
tests_multitenant/test_hobo_notify.py | ||
---|---|---|
17 | 17 |
notification = { |
18 | 18 |
u'@type': u'provision', |
19 | 19 |
u'audience': [u'http://coin.com/saml/metadata'], |
20 |
u'objects': [ |
|
21 |
{ |
|
22 |
u'@type': 'role', |
|
23 |
u'uuid': u'12345', |
|
24 |
u'name': u'Service petite enfance', |
|
25 |
u'slug': u'service-petite-enfance', |
|
26 |
u'description': u'Role du service petite enfance %s' % tenant.domain_url, |
|
27 |
} |
|
28 |
] |
|
20 |
u'objects': { |
|
21 |
u'@type': 'role', |
|
22 |
u'data': [ |
|
23 |
{ |
|
24 |
u'uuid': u'12345', |
|
25 |
u'name': u'Service petite enfance', |
|
26 |
u'slug': u'service-petite-enfance', |
|
27 |
u'description': u'Role du service petite enfance %s' % tenant.domain_url, |
|
28 |
} |
|
29 |
] |
|
30 |
} |
|
29 | 31 |
} |
30 | 32 |
Command.process_notification(tenant, notification) |
31 | 33 |
assert Group.objects.count() == 0 |
... | ... | |
37 | 39 |
notification = { |
38 | 40 |
u'@type': u'provision', |
39 | 41 |
u'audience': [u'%s/saml/metadata' % tenant.get_base_url()], |
40 |
u'objects': [ |
|
41 |
{ |
|
42 |
u'@type': 'role', |
|
43 |
u'uuid': u'12345', |
|
44 |
u'name': u'Service petite enfance', |
|
45 |
u'slug': u'service-petite-enfance', |
|
46 |
u'description': u'Role du service petite enfance %s' % tenant.domain_url, |
|
47 |
} |
|
48 |
] |
|
42 |
u'objects': { |
|
43 |
u'@type': 'role', |
|
44 |
u'data': [ |
|
45 |
{ |
|
46 |
u'uuid': u'12345', |
|
47 |
u'name': u'Service petite enfance', |
|
48 |
u'slug': u'service-petite-enfance', |
|
49 |
u'description': u'Role du service petite enfance %s' % tenant.domain_url, |
|
50 |
} |
|
51 |
] |
|
52 |
} |
|
49 | 53 |
} |
50 | 54 |
Command.process_notification(tenant, notification) |
51 | 55 |
assert Group.objects.count() == 1 |
... | ... | |
62 | 66 |
u'@type': u'provision', |
63 | 67 |
u'full': True, |
64 | 68 |
u'audience': [u'%s/saml/metadata' % tenant.get_base_url()], |
65 |
u'objects': [ |
|
66 |
{ |
|
67 |
u'@type': 'role', |
|
68 |
u'uuid': u'xyz', |
|
69 |
u'name': u'Service état civil', |
|
70 |
u'slug': u'service-etat-civil', |
|
71 |
u'description': u'Role du service état civil %s' % tenant.domain_url, |
|
72 |
} |
|
73 |
] |
|
69 |
u'objects': { |
|
70 |
u'@type': 'role', |
|
71 |
u'data': [ |
|
72 |
{ |
|
73 |
u'uuid': u'xyz', |
|
74 |
u'name': u'Service état civil', |
|
75 |
u'slug': u'service-etat-civil', |
|
76 |
u'description': u'Role du service état civil %s' % tenant.domain_url, |
|
77 |
} |
|
78 |
] |
|
79 |
} |
|
74 | 80 |
} |
75 | 81 |
Command.process_notification(tenant, notification) |
76 | 82 |
assert Group.objects.count() == 1 |
... | ... | |
86 | 92 |
notification = { |
87 | 93 |
u'@type': u'deprovision', |
88 | 94 |
u'audience': [u'%s/saml/metadata' % tenant.get_base_url()], |
89 |
u'objects': [ |
|
90 |
{ |
|
91 |
u'@type': 'role', |
|
92 |
u'uuid': u'xyz', |
|
93 |
u'name': u'Service état civil', |
|
94 |
u'slug': u'service-etat-civil', |
|
95 |
u'description': u'Role du service état civil %s' % tenant.domain_url, |
|
96 |
} |
|
97 |
] |
|
95 |
u'objects': { |
|
96 |
u'@type': 'role', |
|
97 |
u'data': [ |
|
98 |
{ |
|
99 |
u'uuid': u'xyz', |
|
100 |
u'name': u'Service état civil', |
|
101 |
u'slug': u'service-etat-civil', |
|
102 |
u'description': u'Role du service état civil %s' % tenant.domain_url, |
|
103 |
} |
|
104 |
] |
|
105 |
} |
|
98 | 106 |
} |
99 | 107 |
Command.process_notification(tenant, notification) |
100 | 108 |
assert Group.objects.count() == 0 |
101 |
- |