From c6c682ad616ea7b1a4eff104473c9a4b575fd4fd Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Thu, 14 Feb 2019 11:24:05 +0100 Subject: [PATCH 5/6] forms: add ou selector to login form (#30252) --- src/authentic2/app_settings.py | 2 ++ src/authentic2/forms/__init__.py | 12 ++++++++++++ tests/test_login.py | 15 +++++++++++++++ 3 files changed, 29 insertions(+) diff --git a/src/authentic2/app_settings.py b/src/authentic2/app_settings.py index 67ecb553..d21323a0 100644 --- a/src/authentic2/app_settings.py +++ b/src/authentic2/app_settings.py @@ -137,6 +137,8 @@ default_settings = dict( ' form'), A2_USERNAME_HELP_TEXT=Setting(default=None, definition='Help text to explain validation rules of usernames'), A2_USERNAME_IS_UNIQUE=Setting(default=True, definition='Check username uniqueness'), + A2_LOGIN_FORM_OU_SELECTOR=Setting(default=False, definition='Whether to add an OU selector to the login form'), + A2_LOGIN_FORM_OU_SELECTOR_LABEL=Setting(default=None, definition='Label of OU field on login page'), A2_REGISTRATION_USERNAME_IS_UNIQUE=Setting(default=True, definition='Check username uniqueness on registration'), IDP_BACKENDS=(), AUTH_FRONTENDS=(), diff --git a/src/authentic2/forms/__init__.py b/src/authentic2/forms/__init__.py index 26a4ac1c..08157373 100644 --- a/src/authentic2/forms/__init__.py +++ b/src/authentic2/forms/__init__.py @@ -22,12 +22,17 @@ from django.utils.translation import ugettext_lazy as _ from django.contrib.auth import REDIRECT_FIELD_NAME, forms as auth_forms from django.utils import html +from django_rbac.utils import get_ou_model + +from authentic2.utils import lazy_label from authentic2.compat import get_user_model from authentic2.forms.fields import PasswordField from .. import app_settings from ..exponential_retry_timeout import ExponentialRetryTimeout +OU = get_ou_model() + class EmailChangeFormNoPassword(forms.Form): email = forms.EmailField(label=_('New email')) @@ -181,6 +186,10 @@ class AuthenticationForm(auth_forms.AuthenticationForm): required=False, label=_('Remember me'), help_text=_('Do not ask for authentication next time')) + ou = forms.ModelChoiceField( + label=lazy_label(_('Organizational unit'), lambda: app_settings.A2_LOGIN_FORM_OU_SELECTOR_LABEL), + required=True, + queryset=OU.objects.all()) def __init__(self, *args, **kwargs): super(AuthenticationForm, self).__init__(*args, **kwargs) @@ -192,6 +201,9 @@ class AuthenticationForm(auth_forms.AuthenticationForm): if not app_settings.A2_USER_REMEMBER_ME: del self.fields['remember_me'] + if not app_settings.A2_LOGIN_FORM_OU_SELECTOR: + del self.fields['ou'] + if self.request: self.remote_addr = self.request.META['REMOTE_ADDR'] else: diff --git a/tests/test_login.py b/tests/test_login.py index c344bbae..3d40b7a9 100644 --- a/tests/test_login.py +++ b/tests/test_login.py @@ -133,3 +133,18 @@ def test_session_remember_me_nok(app, settings, simple_user, freezer): freezer.move_to('2018-01-31') response = app.get('/') assert simple_user.first_name not in response + + +def test_ou_selector(app, settings, simple_user): + settings.A2_LOGIN_FORM_OU_SELECTOR = True + response = app.get('/login/') + # Check selector is here and there are no errors + assert not response.pyquery('.errorlist') + assert response.pyquery.find('select#id_ou') + assert (set([elt.text for elt in response.pyquery.find('select#id_ou option')]) + == set([u'Default organizational unit', u'OU1', u'---------'])) + # Check selector is required + response.form.set('username', simple_user.username) + response.form.set('password', simple_user.username) + response = response.form.submit(name='login-password-submit') + assert response.pyquery('.errorlist') -- 2.20.1