liberty_service_provider-to-service_provider-8826.patch

Josué Kouka, 11 décembre 2015 15:27

Voir les différences: en ligne côte à côte

Subject: [PATCH 1/3] manager: fix logout links (#9274)


 .../manager/templates/authentic2/manager/base.html          | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/authentic2/manager/templates/authentic2/manager/base.html b/src/authentic2/manager/templates/authentic2/manager/base.html
index 3a1d8cc..d32a140 100644
--- a/src/authentic2/manager/templates/authentic2/manager/base.html
+++ b/src/authentic2/manager/templates/authentic2/manager/base.html
@@ -6,6 +6,19 @@
 {% block page-title %}{% firstof site_title "Authentic2" %}{% endblock %}
 {% block site-title %}{% firstof site_title "Authentic2" %}{% endblock %}
 
+{% block user-links %}
+  <ul class="user-info">
+    {% if user.is_authenticated %}
+      <li class="ui-name">{{ user.get_full_name }}</li>
+      <li class="ui-logout"><a href="{% url 'auth_logout' %}">{% trans "Logout" %}</a></li>
+    {% endif %}
+  </ul>
+{% endblock %}
+
+{% block appbar %}
+  <h2>{% block page_title %}{% endblock %}</h2>
+{% endblock %}
+
 {% block css %}
   {{ block.super }}
   <link rel="stylesheet" type="text/css" media="all" href="{% static "authentic2/manager/css/style.css" %}"/>
-- 
2.6.2


From dd2191d191a2337f53faf987d20bab72a772f1a8 Mon Sep 17 00:00:00 2001
From: Josue Kouka <jkouka@entrouvert.com>
Date: Wed, 9 Dec 2015 18:35:24 +0100
Subject: [PATCH 2/3] Model/Data migrations of LibertyServiceProvider ->
 LibertyProvider

---
 .../saml/migrations/0017_auto_20151208_1537.py     | 45 ++++++++++++++++++++++
 .../saml/migrations/0018_auto_20151208_1542.py     | 28 ++++++++++++++
 src/authentic2/saml/models.py                      | 17 +++++++-
 3 files changed, 89 insertions(+), 1 deletion(-)
 create mode 100644 src/authentic2/saml/migrations/0017_auto_20151208_1537.py
 create mode 100644 src/authentic2/saml/migrations/0018_auto_20151208_1542.py

diff --git a/src/authentic2/saml/migrations/0017_auto_20151208_1537.py b/src/authentic2/saml/migrations/0017_auto_20151208_1537.py
new file mode 100644
index 0000000..04e7dd6
--- /dev/null
+++ b/src/authentic2/saml/migrations/0017_auto_20151208_1537.py
@@ -0,0 +1,45 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('saml', '0016_auto_20150915_2041'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='libertyprovider',
+            name='enable_following_sp_options_policy',
+            field=models.BooleanField(default=False, verbose_name='The following options policy will apply except if a policy for all service provider is defined.'),
+            preserve_default=True,
+        ),
+        migrations.AddField(
+            model_name='libertyprovider',
+            name='enabled',
+            field=models.BooleanField(default=False, db_index=True, verbose_name='Enabled'),
+            preserve_default=True,
+        ),
+        migrations.AddField(
+            model_name='libertyprovider',
+            name='sp_options_policy',
+            field=models.ForeignKey(related_name='sp_options_policy', on_delete=django.db.models.deletion.SET_NULL, verbose_name='service provider options policy', blank=True, to='saml.SPOptionsIdPPolicy', null=True),
+            preserve_default=True,
+        ),
+        migrations.AddField(
+            model_name='libertyprovider',
+            name='users_can_manage_federations',
+            field=models.BooleanField(default=True, db_index=True, verbose_name='users can manage federation'),
+            preserve_default=True,
+        ),
+        migrations.AlterField(
+            model_name='libertyserviceprovider',
+            name='sp_options_policy',
+            field=models.ForeignKey(related_name='old_isp_options_policy', on_delete=django.db.models.deletion.SET_NULL, verbose_name='service provider options policy', blank=True, to='saml.SPOptionsIdPPolicy', null=True),
+            preserve_default=True,
+        ),
+    ]
diff --git a/src/authentic2/saml/migrations/0018_auto_20151208_1542.py b/src/authentic2/saml/migrations/0018_auto_20151208_1542.py
new file mode 100644
index 0000000..7fee69b
--- /dev/null
+++ b/src/authentic2/saml/migrations/0018_auto_20151208_1542.py
@@ -0,0 +1,28 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import models, migrations
+
+def liberty_service_provider_data_to_liberty_provider(apps, schema_editor):
+    LibertyProvider = apps.get_model('saml','LibertyProvider')
+    LibertyServiceProvider = apps.get_model('saml','LibertyServiceProvider')
+
+    for lsp in LibertyServiceProvider.objects.all():
+        lp = lsp.liberty_provider
+
+        lp.enabled = lsp.enabled
+        lp.enable_following_sp_options_policy = lsp.enable_following_sp_options_policy
+        lp.sp_options_policy = lsp.sp_options_policy
+        lp.users_can_manage_federations = lsp.users_can_manage_federations
+        lp.save()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('saml', '0017_auto_20151208_1537'),
+    ]
+
+    operations = [
+            migrations.RunPython(liberty_service_provider_data_to_liberty_provider),
+    ]
diff --git a/src/authentic2/saml/models.py b/src/authentic2/saml/models.py
index b229583..d636e51 100644
--- a/src/authentic2/saml/models.py
+++ b/src/authentic2/saml/models.py
@@ -319,6 +319,21 @@ class LibertyProvider(Service):
     ssl_certificate = models.TextField(blank=True)
     ca_cert_chain = models.TextField(blank=True)
     federation_source = models.CharField(max_length=64, blank=True, null=True)
+    enabled = models.BooleanField(verbose_name = _('Enabled'),
+            default=False, db_index=True)
+    enable_following_sp_options_policy = models.BooleanField(verbose_name = \
+        _('The following options policy will apply except if a policy for all service provider is defined.'),
+        default=False)
+    sp_options_policy = models.ForeignKey(SPOptionsIdPPolicy,
+            related_name="sp_options_policy",
+            verbose_name=_('service provider options policy'), blank=True,
+            null=True,
+            on_delete=models.SET_NULL)
+    users_can_manage_federations = models.BooleanField(
+            verbose_name=_('users can manage federation'),
+            default=True,
+            blank=True,
+            db_index=True)
 
     attributes = GenericRelation(SAMLAttribute)
 
@@ -390,7 +405,7 @@ class LibertyServiceProvider(models.Model):
         _('The following options policy will apply except if a policy for all service provider is defined.'),
         default=False)
     sp_options_policy = models.ForeignKey(SPOptionsIdPPolicy,
-            related_name="sp_options_policy",
+            related_name="old_isp_options_policy",
             verbose_name=_('service provider options policy'), blank=True,
             null=True,
             on_delete=models.SET_NULL)
-- 
2.6.2


From e624884166701cbd7b57de48a516fe503ecd07af Mon Sep 17 00:00:00 2001
From: Josue Kouka <jkouka@entrouvert.com>
Date: Thu, 10 Dec 2015 17:14:09 +0100
Subject: [PATCH 3/3] use of liberty service provider changed to service
 provider 8826

---

 .../manager/templates/authentic2/manager/base.html          | 13 +++++++++++++
 1 file changed, 13 insertions(+)

     {% block page-title %}{% firstof site_title "Authentic2" %}{% endblock %}
     {% block site-title %}{% firstof site_title "Authentic2" %}{% endblock %}
     {% block user-links %}
       <ul class="user-info">
         {% if user.is_authenticated %}
           <li class="ui-name">{{ user.get_full_name }}</li>
           <li class="ui-logout"><a href="{% url 'auth_logout' %}">{% trans "Logout" %}</a></li>
         {% endif %}
       </ul>
     {% endblock %}
     {% block appbar %}
       <h2>{% block page_title %}{% endblock %}</h2>
     {% endblock %}
     {% block css %}
       {{ block.super }}
       <link rel="stylesheet" type="text/css" media="all" href="{% static "authentic2/manager/css/style.css" %}"/>
+    -

     # -*- coding: utf-8 -*-
     from __future__ import unicode_literals
     from django.db import models, migrations
     import django.db.models.deletion
     class Migration(migrations.Migration):
         dependencies = [
             ('saml', '0016_auto_20150915_2041'),
+        ]
         operations = [
             migrations.AddField(
                 model_name='libertyprovider',
                 name='enable_following_sp_options_policy',
                 field=models.BooleanField(default=False, verbose_name='The following options policy will apply except if a policy for all service provider is defined.'),
                 preserve_default=True,
             ),
             migrations.AddField(
                 model_name='libertyprovider',
                 name='enabled',
                 field=models.BooleanField(default=False, db_index=True, verbose_name='Enabled'),
                 preserve_default=True,
             ),
             migrations.AddField(
                 model_name='libertyprovider',
                 name='sp_options_policy',
                 field=models.ForeignKey(related_name='sp_options_policy', on_delete=django.db.models.deletion.SET_NULL, verbose_name='service provider options policy', blank=True, to='saml.SPOptionsIdPPolicy', null=True),
                 preserve_default=True,
             ),
             migrations.AddField(
                 model_name='libertyprovider',
                 name='users_can_manage_federations',
                 field=models.BooleanField(default=True, db_index=True, verbose_name='users can manage federation'),
                 preserve_default=True,
             ),
             migrations.AlterField(
                 model_name='libertyserviceprovider',
                 name='sp_options_policy',
                 field=models.ForeignKey(related_name='old_isp_options_policy', on_delete=django.db.models.deletion.SET_NULL, verbose_name='service provider options policy', blank=True, to='saml.SPOptionsIdPPolicy', null=True),
                 preserve_default=True,
             ),
+        ]

     # -*- coding: utf-8 -*-
     from __future__ import unicode_literals
     from django.db import models, migrations
     def liberty_service_provider_data_to_liberty_provider(apps, schema_editor):
         LibertyProvider = apps.get_model('saml','LibertyProvider')
         LibertyServiceProvider = apps.get_model('saml','LibertyServiceProvider')
         for lsp in LibertyServiceProvider.objects.all():
             lp = lsp.liberty_provider
             lp.enabled = lsp.enabled
             lp.enable_following_sp_options_policy = lsp.enable_following_sp_options_policy
             lp.sp_options_policy = lsp.sp_options_policy
             lp.users_can_manage_federations = lsp.users_can_manage_federations
             lp.save()
     class Migration(migrations.Migration):
         dependencies = [
             ('saml', '0017_auto_20151208_1537'),
+        ]
         operations = [
                 migrations.RunPython(liberty_service_provider_data_to_liberty_provider),
+        ]

         ssl_certificate = models.TextField(blank=True)
         ca_cert_chain = models.TextField(blank=True)
         federation_source = models.CharField(max_length=64, blank=True, null=True)
         enabled = models.BooleanField(verbose_name = _('Enabled'),
                 default=False, db_index=True)
         enable_following_sp_options_policy = models.BooleanField(verbose_name = \
             _('The following options policy will apply except if a policy for all service provider is defined.'),
             default=False)
         sp_options_policy = models.ForeignKey(SPOptionsIdPPolicy,
                 related_name="sp_options_policy",
                 verbose_name=_('service provider options policy'), blank=True,
                 null=True,
                 on_delete=models.SET_NULL)
         users_can_manage_federations = models.BooleanField(
                 verbose_name=_('users can manage federation'),
                 default=True,
                 blank=True,
                 db_index=True)
         attributes = GenericRelation(SAMLAttribute)
-...
             _('The following options policy will apply except if a policy for all service provider is defined.'),
             default=False)
         sp_options_policy = models.ForeignKey(SPOptionsIdPPolicy,
                 related_name="sp_options_policy",
                 related_name="old_isp_options_policy",
                 verbose_name=_('service provider options policy'), blank=True,
                 null=True,
                 on_delete=models.SET_NULL)
+    -

             self.logger = logging.getLogger(__name__)
         def service_list(self, request):
             q = models.LibertyServiceProvider.objects.filter(enabled = True) \
             q = models.LibertyProvider.objects.filter(enabled = True) \
                     .select_related()
             ls = []
             sessions = models.LibertySession.objects.filter(
-...
                     sp_options_policy__idp_initiated_sso=True))
                 queries.append(q.filter(sp_options_policy__enabled=True,
                     sp_options_policy__accept_slo=True,
                     liberty_provider__entity_id__in=sessions_eids))
                     entity_id__in=sessions_eids))
                 if default_policy and default_policy.idp_initiated_sso:
                     queries.append(q.filter(sp_options_policy__isnull=True))
                 if default_policy and default_policy.accept_slo:

         LibertySession, LibertyFederation,
         nameid2kwargs, saml2_urn_to_nidformat,
         nidformat_to_saml2_urn, save_key_values, get_and_delete_key_values,
         LibertyProvider, LibertyServiceProvider, SAMLAttribute, NAME_ID_FORMATS)
         LibertyProvider, SAMLAttribute, NAME_ID_FORMATS)
     from authentic2.saml.common import redirect_next, asynchronous_bindings, \
         soap_bindings, load_provider, get_saml2_request_message, \
         error_page, set_saml2_response_responder_status_code, \
-...
                 kwargs['name_id_qualifier'] = AUTHENTIC_SAME_ID_SENTINEL
             if kwargs.get('name_id_sp_name_qualifier') == login.remoteProviderId:
                 kwargs['name_id_sp_name_qualifier'] = AUTHENTIC_SAME_ID_SENTINEL
             service_provider = LibertyServiceProvider.objects \
                     .get(liberty_provider__entity_id=login.remoteProviderId)
             service_provider = LibertyProvider.objects \
                     .get(entity_id=login.remoteProviderId)
             federation, new = LibertyFederation.objects.get_or_create(
                     sp=service_provider,
                     user=request.user, **kwargs)

                 metadata=sp_meta)
             self.liberty_provider.clean()
             self.liberty_provider.save()
             self.liberty_service_provider = saml_models.LibertyServiceProvider \
                 .objects.create(
                     liberty_provider=self.liberty_provider,
                     enabled=True)
             self.default_sp_options_idp_policy = saml_models.SPOptionsIdPPolicy \
                 .objects.create(
                     name='Default',

     except ImportError:
         from django.contrib.contenttypes.generic import GenericTabularInline
     from authentic2.saml.models import (LibertyProvider, LibertyServiceProvider,
                                         SPOptionsIdPPolicy, LibertyFederation,
                                         KeyValue, LibertySession, SAMLAttribute)
     from authentic2.saml.models import (LibertyProvider, SPOptionsIdPPolicy,
                                         LibertyFederation, KeyValue,
                                         LibertySession, SAMLAttribute)
     from authentic2.decorators import to_iter
     from authentic2.attributes_ng.engine import get_attribute_names
-...
     logger = logging.getLogger(__name__)
     class LibertyServiceProviderInline(admin.StackedInline):
         model = LibertyServiceProvider
     #class LibertyServiceProviderInline(admin.StackedInline):
     #    model = LibertyServiceProvider
     class TextAndFileWidget(forms.widgets.MultiWidget):
         def __init__(self, attrs=None):
-...
                 (_('Metadata files'), {
                     'fields': ('metadata_url', 'metadata', 'public_key', 'ssl_certificate', 'ca_cert_chain')
                 }),
                 (_('SAML service provider'), {
                     'fields': ('enabled', 'enable_following_sp_options_policy', 'sp_options_policy',
                         'users_can_manage_federations')
                 }),
+        )
         inlines = [
                 LibertyServiceProviderInline,
                 #LibertyServiceProviderInline,
                 SAMLAttributeInlineAdmin,
+        ]
         actions = [ update_metadata ]

     from django.core.exceptions import ValidationError
     from authentic2.saml.models import (LibertyFederation, LibertyProvider,
                                         LibertyServiceProvider, SPOptionsIdPPolicy)
                                         SPOptionsIdPPolicy)
     from authentic2.saml import models
     from authentic2.saml import saml2utils
-...
             return None
         p.save()
         logger.debug('%s saved', p)
         s = LibertyServiceProvider(liberty_provider=p, enabled=True)
         s.save()
         return p
-...
                     return False
             else:
                 return False
         try:
             service_provider = liberty_provider.service_provider
         except LibertyServiceProvider.DoesNotExist:
             return False
         if not service_provider.enabled:
             return False
         if server:

     from django.core.exceptions import ValidationError
     from django.utils.translation import ugettext_lazy as _
     from .models import LibertyProvider, LibertyServiceProvider
     from .models import LibertyProvider
     from authentic2.a2_rbac.utils import get_default_ou
-...
                         slug=slug, metadata=content, metadata_url=url, ou=ou)
                     liberty_provider.full_clean(exclude=
                             ('entity_id', 'protocol_conformance'))
                     self.childs.append(LibertyServiceProvider(
                         liberty_provider=liberty_provider,
                         enabled=True))
                     self.childs.append(liberty_provider,
                         enabled=True)
                 except ValidationError, e:
                     raise
                 except Exception, e:

             provider.save()
             options['count'] = options.get('count', 0) + 1
             if sp:
                 service_provider, created = LibertyServiceProvider.objects.get_or_create(
                         liberty_provider=provider,
                         defaults={'enabled': not options['create-disabled']})
                 if sp_policy:
                     service_provider.sp_options_policy = sp_policy
                 service_provider.save()
                 pks = []
                 if options['load_attribute_consuming_service']:
                     load_acs(tree, provider, pks, verbosity)
-...
                         SAMLAttribute.objects.for_generic_object(provider).exclude(pk__in=pks).delete()
     class Command(BaseCommand):
         '''Load SAMLv2 metadata file into the LibertyProvider, LibertyServiceProvider
         '''Load SAMLv2 metadata file into the LibertyProvider,
         and LibertyIdentityProvider files'''
         can_import_django_settings = True
         output_transaction = True
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

liberty_service_provider-to-service_provider-8826.patch