From 5f63b2c1f2fb6ae1a95f0874f60fbc66d34a408a Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 15 May 2020 17:08:35 +0200 Subject: [PATCH] misc: hide disabled attributes and values (#42963) --- src/authentic2/custom_user/models.py | 22 +++++++--- src/authentic2/managers.py | 2 +- .../migrations/0021_attribute_order.py | 7 +++- src/authentic2/models.py | 7 ++-- tests/test_models.py | 40 +++++++++++++++++++ 5 files changed, 67 insertions(+), 11 deletions(-) create mode 100644 tests/test_models.py diff --git a/src/authentic2/custom_user/models.py b/src/authentic2/custom_user/models.py index 65316d71..9a0dbc31 100644 --- a/src/authentic2/custom_user/models.py +++ b/src/authentic2/custom_user/models.py @@ -46,7 +46,7 @@ from .managers import UserManager, UserQuerySet @RequestCache def get_attributes_map(): mapping = {} - for at in Attribute.all_objects.all(): + for at in Attribute.objects.all(): mapping[at.id] = at mapping[at.name] = at return mapping @@ -59,7 +59,7 @@ class Attributes(object): if not hasattr(self.owner, '_a2_attributes_cache'): values = {} setattr(self.owner, '_a2_attributes_cache', values) - for atv in self.owner.attribute_values.all(): + for atv in self.owner.attribute_values.filter(attribute__disabled=False): attribute = get_attributes_map()[atv.attribute_id] atv.attribute = attribute if attribute.multiple: @@ -321,10 +321,20 @@ class User(AbstractBaseUser, PermissionMixin): update_fields = kwargs.get('update_fields') rc = super(User, self).save(*args, **kwargs) if not update_fields or not set(update_fields).isdisjoint(set(['first_name', 'last_name'])): - if self.attributes.first_name != self.first_name: - self.attributes.first_name = self.first_name - if self.attributes.last_name != self.last_name: - self.attributes.last_name = self.last_name + try: + self.attributes.first_name + except AttributeError: + pass + else: + if self.attributes and self.attributes.first_name != self.first_name: + self.attributes.first_name = self.first_name + try: + self.attributes.last_name + except AttributeError: + pass + else: + if self.attributes.last_name != self.last_name: + self.attributes.last_name = self.last_name return rc def can_change_password(self): diff --git a/src/authentic2/managers.py b/src/authentic2/managers.py index 1ca45e5c..6efba54c 100644 --- a/src/authentic2/managers.py +++ b/src/authentic2/managers.py @@ -111,4 +111,4 @@ class AttributeManager(managers.QueryManager.from_queryset(GetByNameQuerySet)): ServiceManager = BaseServiceManager.from_queryset(ServiceQuerySet) -AttributeValueManager = models.Manager.from_queryset(AttributeValueQuerySet) +AttributeValueManager = managers.QueryManager.from_queryset(AttributeValueQuerySet) diff --git a/src/authentic2/migrations/0021_attribute_order.py b/src/authentic2/migrations/0021_attribute_order.py index b2ffc892..3bec9649 100644 --- a/src/authentic2/migrations/0021_attribute_order.py +++ b/src/authentic2/migrations/0021_attribute_order.py @@ -24,7 +24,12 @@ class Migration(migrations.Migration): migrations.AlterModelManagers( name='attribute', managers=[ - ('objects', django.db.models.manager.Manager()), + ('all_objects', django.db.models.manager.Manager()), + ], + ), + migrations.AlterModelManagers( + name='attributevalue', + managers=[ ('all_objects', django.db.models.manager.Manager()), ], ), diff --git a/src/authentic2/models.py b/src/authentic2/models.py index 0056097d..01a37e5c 100644 --- a/src/authentic2/models.py +++ b/src/authentic2/models.py @@ -160,8 +160,8 @@ class Attribute(models.Model): verbose_name=_('order'), default=0) - objects = managers.AttributeManager(disabled=False) all_objects = managers.AttributeManager() + objects = managers.AttributeManager(disabled=False) registration_attributes = QueryManager(asked_on_registration=True) user_attributes = QueryManager(user_editable=True) @@ -218,7 +218,7 @@ class Attribute(models.Model): def get_value(self, owner, verified=None): kind = self.get_kind() deserialize = kind['deserialize'] - atvs = AttributeValue.objects.with_owner(owner) + atvs = AttributeValue.all_objects.with_owner(owner) if verified is True or verified is False: atvs = atvs.filter(verified=verified) if self.multiple: @@ -324,7 +324,8 @@ class AttributeValue(models.Model): content = models.TextField(verbose_name=_('content'), db_index=True) verified = models.BooleanField(default=False) - objects = managers.AttributeValueManager() + all_objects = managers.AttributeValueManager() + objects = managers.AttributeValueManager(attribute__disabled=False) def to_python(self): deserialize = self.attribute.get_kind()['deserialize'] diff --git a/tests/test_models.py b/tests/test_models.py new file mode 100644 index 00000000..a2ac3fb2 --- /dev/null +++ b/tests/test_models.py @@ -0,0 +1,40 @@ +# -*- coding: utf-8 -*- +# authentic2 - versatile identity manager +# Copyright (C) 2010-2019 Entr'ouvert +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU Affero General Public License as published +# by the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +from __future__ import unicode_literals + +import pytest + +from authentic2.models import Attribute +from authentic2.custom_user.models import User + + +def test_attribute_disabled(db): + attribute = Attribute.all_objects.create(name='test', label='test', kind='string') + user = User.objects.create() + user.attributes.test = 'abcd' + + assert user.to_json()['test'] == 'abcd' + attribute.disabled = True + attribute.save() + assert 'test' not in user.to_json() + + with pytest.raises(AttributeError): + assert user.attributes.test == 'abcd' + + with pytest.raises(AttributeError): + user.attributes.test = '1234' -- 2.26.2