From f4be224e56f9c0139ef93cf6138442f0ab1ddffd Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Fri, 1 Oct 2021 10:20:42 +0200
Subject: [PATCH] settings_loaders: adapt service slug for secondary services
 (#57482)

---
 hobo/multitenant/settings_loaders.py | 20 +++++++++++++++-
 tests/test_settings_loaders.py       | 36 ++++++++++++++++++++++++----
 2 files changed, 50 insertions(+), 6 deletions(-)

diff --git a/hobo/multitenant/settings_loaders.py b/hobo/multitenant/settings_loaders.py
index d07be91..425beff 100644
--- a/hobo/multitenant/settings_loaders.py
+++ b/hobo/multitenant/settings_loaders.py
@@ -1,6 +1,7 @@
 import hashlib
 import json
 import os
+import urllib.parse
 
 from django.conf import settings
 from django.utils.encoding import force_bytes
@@ -131,6 +132,9 @@ class TemplateVars(FileBaseSettingsLoader):
     def get_hobo_json_variables(cls, hobo_json):
         variables = hobo_json.get('variables', {})
         variables['is_portal_agent'] = False
+
+        authentic_service = None
+
         for service in hobo_json.get('services'):
             if not service.get('slug'):
                 continue
@@ -146,6 +150,7 @@ class TemplateVars(FileBaseSettingsLoader):
                     variables['portal_user_slug'] = service.get('slug')
 
             if service.get('service-id') == 'authentic':
+                authentic_service = service
                 variables['idp_url'] = service.get('base_url')
                 variables['idp_api_url'] = service.get('base_url') + 'api/'
                 variables['idp_account_url'] = service.get('base_url') + 'accounts/'
@@ -165,9 +170,22 @@ class TemplateVars(FileBaseSettingsLoader):
             if 'portal_user_url' in variables:
                 params['next'] = variables['portal_user_url']
             if 'portal_user_slug' in variables:
-                params['service'] = variables['portal_user_slug']
+                # if we are in a secondary hobo, adapt the ou slug and
+                # portal_user_slug to match the service slug in the Authentic
+                # of the primary hobo
+                if authentic_service.get('secondary'):
+                    ou_slug = variables['ou-slug']
+                    service_slug = '_%s_%s' % (ou_slug, variables['portal_user_slug'])
+                    params['service'] = '%s %s' % (ou_slug, service_slug)
+                else:
+                    # we should provider the default slug to have a full
+                    # service reference, but it could change so for now we
+                    # expect authentic to search first in the default ou
+                    params['service'] = variables['portal_user_slug']
             if params:
                 variables['idp_registration_url'] += '?%s' % urlencode(params)
+                variables['idp_account_url'] += '?%s' % urlencode(params)
+                variables['idp_url'] += '?%s' % urlencode(params)
 
         if getattr(settings, 'HOBO_MANAGER_HOMEPAGE_TITLE_VAR', None):
             variables['manager_homepage_title'] = variables.get(settings.HOBO_MANAGER_HOMEPAGE_TITLE_VAR)
diff --git a/tests/test_settings_loaders.py b/tests/test_settings_loaders.py
index 8684e4d..b49ea9e 100644
--- a/tests/test_settings_loaders.py
+++ b/tests/test_settings_loaders.py
@@ -1,11 +1,12 @@
 import json
 import os
+import urllib.parse
 
 import pytest
 from django.conf import UserSettingsHolder
 
 from hobo.deploy.utils import get_hobo_json
-from hobo.environment.models import Authentic, Combo
+from hobo.environment.models import Authentic, Combo, Variable
 from hobo.multitenant.settings_loaders import Authentic as AuthenticLoader
 from hobo.multitenant.settings_loaders import BackofficeLoginHint, TemplateVars
 from hobo.profile.models import AttributeDefinition
@@ -175,6 +176,8 @@ def test_sms_update_settings_from_path(tmpdir):
 
 
 def test_get_hobo_json_variables(tmpdir):
+    from django.http.request import QueryDict
+
     a = Authentic(title='bar', slug='bar', base_url='http://bar.example.net')
     a.save()
     c = Combo(title='combo', slug='portal', base_url='http://portal.example.net', template_name='portal-user')
@@ -185,7 +188,30 @@ def test_get_hobo_json_variables(tmpdir):
 
     variables = loader.get_hobo_json_variables(env)
 
-    url = variables['idp_registration_url']
-    assert url.startswith('http://bar.example.net/accounts/register/?')
-    assert 'next=http%3A%2F%2Fportal.example.net%2F' in url
-    assert 'service=portal' in url
+    url, query = variables['idp_registration_url'].split('?')
+    assert url == 'http://bar.example.net/accounts/register/'
+    assert QueryDict(query).dict() == {'next': 'http://portal.example.net/', 'service': 'portal'}
+
+
+def test_get_hobo_json_variables_secondary(tmpdir):
+    from django.http.request import QueryDict
+
+    a = Authentic(title='bar', slug='bar', base_url='http://bar.example.net', secondary=True)
+    a.save()
+    c = Combo(title='combo', slug='portal', base_url='http://portal.example.net', template_name='portal-user')
+    c.save()
+    # simulate hobo.json from a secondary hobo
+    v = Variable(name='ou-slug', auto=True, service_pk=None, value='hobo-othercol')
+    v.save()
+
+    loader = TemplateVars()
+    env = get_hobo_json()
+
+    variables = loader.get_hobo_json_variables(env)
+
+    url, query = variables['idp_registration_url'].split('?')
+    assert url == 'http://bar.example.net/accounts/register/'
+    assert QueryDict(query).dict() == {
+        'next': 'http://portal.example.net/',
+        'service': '_hobo-othercol _hobo-othercol_portal',
+    }
-- 
2.33.0