From e0116ff57d87b1557d540c0b9ac9a029080ad9a7 Mon Sep 17 00:00:00 2001
From: Valentin Deniaud <vdeniaud@entrouvert.com>
Date: Tue, 29 Nov 2022 14:54:48 +0100
Subject: [PATCH] authentic2: remove remaining dependancies to RoleAttribute
 (#71836)

---
 hobo/agent/authentic2/provisionning.py          |  2 +-
 tests_authentic/data_authentic_export_site.json | 17 -----------------
 tests_authentic/test_hobo_deploy.py             |  5 +----
 tests_authentic/test_provisionning.py           | 17 ++++++++---------
 4 files changed, 10 insertions(+), 31 deletions(-)

diff --git a/hobo/agent/authentic2/provisionning.py b/hobo/agent/authentic2/provisionning.py
index b46c82c..b4933d4 100644
--- a/hobo/agent/authentic2/provisionning.py
+++ b/hobo/agent/authentic2/provisionning.py
@@ -317,7 +317,7 @@ class Provisionning(threading.local):
             )
 
         roles = {role for role in roles if not is_forbidden_technical_role(role)}
-        if mode == 'provision':
+        if mode == 'provision' and not hasattr(RoleAttribute, 'dummy'):
             self.complete_roles(roles)
 
         if not roles:
diff --git a/tests_authentic/data_authentic_export_site.json b/tests_authentic/data_authentic_export_site.json
index 7200749..8005a41 100644
--- a/tests_authentic/data_authentic_export_site.json
+++ b/tests_authentic/data_authentic_export_site.json
@@ -12,23 +12,6 @@
     ],
     "roles": [
         {
-            "attributes": [
-                {
-                    "kind": "json",
-                    "name": "details",
-                    "value": "\"\""
-                },
-                {
-                    "kind": "json",
-                    "name": "emails",
-                    "value": "[]"
-                },
-                {
-                    "kind": "json",
-                    "name": "emails_to_members",
-                    "value": "false"
-                }
-            ],
             "description": "",
             "external_id": "",
             "name": "Debug eo",
diff --git a/tests_authentic/test_hobo_deploy.py b/tests_authentic/test_hobo_deploy.py
index ea2c2e5..c4fd93b 100644
--- a/tests_authentic/test_hobo_deploy.py
+++ b/tests_authentic/test_hobo_deploy.py
@@ -475,10 +475,7 @@ def test_hobo_deploy(monkeypatch, tenant_base, mocker, skeleton_dir, tmp_path):
                 assert service_provider.users_can_manage_federations is False
                 assert Role.objects.filter(slug='_a2-hobo-superuser', service=provider).count() == 1
                 su_role = Role.objects.get(slug='_a2-hobo-superuser', service=provider)
-                assert su_role.attributes.count() == 1
-                assert (
-                    su_role.attributes.filter(name='is_superuser', kind='string', value='true').count() == 1
-                )
+                assert su_role.is_superuser is True
                 if i == 0 or service_id != 'wcs':
                     assert provider.ou == get_default_ou()
                 else:
diff --git a/tests_authentic/test_provisionning.py b/tests_authentic/test_provisionning.py
index 1d6d18b..634bb23 100644
--- a/tests_authentic/test_provisionning.py
+++ b/tests_authentic/test_provisionning.py
@@ -5,7 +5,7 @@ from unittest.mock import ANY, call, patch
 import lasso
 import pytest
 import requests
-from authentic2.a2_rbac.models import OrganizationalUnit, Role, RoleAttribute
+from authentic2.a2_rbac.models import OrganizationalUnit, Role
 from authentic2.a2_rbac.utils import get_default_ou
 from authentic2.models import Attribute, AttributeValue
 from authentic2.saml.models import LibertyProvider
@@ -66,10 +66,9 @@ def test_provision_role(transactional_db, tenant, caplog):
             notify_agents.reset_mock()
             emails = ['john.doe@example.com', 'toto@entrouvert.com']
             with provisionning:
-                RoleAttribute.objects.create(role=role, name='emails', kind='json', value=json.dumps(emails))
-                RoleAttribute.objects.create(
-                    role=role, name='emails_to_members', kind='json', value=json.dumps(True)
-                )
+                role.emails = emails
+                role.emails_to_members = True
+                role.save()
 
             assert notify_agents.call_count == 1
             arg = notify_agents.call_args
@@ -134,10 +133,10 @@ def test_provision_user(transactional_db, tenant, caplog):
                 entity_id='http://provider.com',
                 protocol_conformance=lasso.PROTOCOL_SAML_2_0,
             )
-            role = Role.objects.create(name='coin', service=service, ou=get_default_ou())
-            role.attributes.create(kind='string', name='is_superuser', value='true')
-            role2 = Role.objects.create(name='zob', service=service, ou=get_default_ou())
-            role2.attributes.create(kind='json', name='emails', value='["zob@example.net"]')
+            role = Role.objects.create(name='coin', service=service, ou=get_default_ou(), is_superuser=True)
+            role2 = Role.objects.create(
+                name='zob', service=service, ou=get_default_ou(), emails=['zob@example.net']
+            )
             child_role = Role.objects.create(name='child', ou=get_default_ou())
             notify_agents.reset_mock()
             attribute = Attribute.objects.create(label='Code postal', name='code_postal', kind='string')
-- 
2.35.1