manager: simplify user's authorizations view (#47203)
This commit is contained in:
parent
65cc6b3ade
commit
1b9b01e3ec
|
@ -151,8 +151,7 @@ class ChooseUserRoleForm(LimitQuerysetFormMixin, CssClass, forms.Form):
|
|||
|
||||
|
||||
class ChooseUserAuthorizationsForm(CssClass, forms.Form):
|
||||
auth_id = fields.ChooseUserAuthorizationsField(label=_('Add a service consent'))
|
||||
action = forms.CharField(initial='add', widget=forms.HiddenInput)
|
||||
authorization = fields.ChooseUserAuthorizationsField()
|
||||
|
||||
|
||||
class ChoosePermissionForm(CssClass, forms.Form):
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
<td class="remove-icon-column">
|
||||
<a class="{% if not table.context.view.can_manage_authorizations %} disabled {% else %} js-remove-object {% endif %}"
|
||||
data-confirm="{% blocktrans with client=row.record.client username=table.context.object.get_full_name %}Do you really want to remove "{{ client }}" service granted access to "{{ username }}" profile data ?{% endblocktrans %}"
|
||||
href="#" data-pk-arg="auth_id">
|
||||
href="#" data-pk-arg="authorization">
|
||||
<span class="icon-remove-sign"></span>
|
||||
</a>
|
||||
</td>
|
||||
|
|
|
@ -851,7 +851,7 @@ su = UserSuView.as_view()
|
|||
|
||||
|
||||
class UserAuthorizationsView(FormNeedsRequest, BaseFormView, SingleObjectMixin,
|
||||
BaseTableView, PermissionMixin):
|
||||
BaseTableView, PermissionMixin):
|
||||
permissions = ['custom_user.view_user']
|
||||
template_name = 'authentic2/manager/user_authorizations.html'
|
||||
title = _('Consent Management')
|
||||
|
@ -872,9 +872,8 @@ class UserAuthorizationsView(FormNeedsRequest, BaseFormView, SingleObjectMixin,
|
|||
|
||||
def form_valid(self, form):
|
||||
response = super(UserAuthorizationsView, self).form_valid(form)
|
||||
auth_id = form.cleaned_data['auth_id']
|
||||
action = form.cleaned_data['action']
|
||||
if action == 'remove' and self.can_manage_authorizations:
|
||||
auth_id = form.cleaned_data['authorization']
|
||||
if self.can_manage_authorizations:
|
||||
qs = OIDCAuthorization.objects.filter(user=self.get_object())
|
||||
qs = qs.filter(id=auth_id.pk)
|
||||
qs.delete()
|
||||
|
|
|
@ -888,7 +888,7 @@ def test_manager_user_authorizations(app, superuser, simple_user):
|
|||
assert 'You are not authorized to see this page' in resp.text
|
||||
resp = app.get(user_authorizations_url, status=403)
|
||||
assert 'You are not authorized to see this page' in resp.text
|
||||
params = {'action': 'remove', 'auth_id': auth.pk, 'csrfmiddlewaretoken': '???'}
|
||||
params = {'authorization': auth.pk, 'csrfmiddlewaretoken': '???'}
|
||||
resp = app.post(user_authorizations_url, params=params, status=302)
|
||||
assert OIDCAuthorization.objects.count() == 1
|
||||
|
||||
|
@ -901,7 +901,7 @@ def test_manager_user_authorizations(app, superuser, simple_user):
|
|||
assert resp.html.find('td', {'class': 'remove-icon-column'}).a['class'] == ['disabled']
|
||||
# cannot click it's JS :/
|
||||
token = str(resp.context['csrf_token'])
|
||||
params = {'action': 'remove', 'auth_id': auth.pk, 'csrfmiddlewaretoken': token}
|
||||
params = {'authorization': auth.pk, 'csrfmiddlewaretoken': token}
|
||||
resp = app.post(user_authorizations_url, params=params, status=302)
|
||||
assert OIDCAuthorization.objects.count() == 1
|
||||
|
||||
|
@ -914,7 +914,7 @@ def test_manager_user_authorizations(app, superuser, simple_user):
|
|||
assert resp.html.find('td', {'class': 'remove-icon-column'}).a['class'] == ['js-remove-object']
|
||||
# cannot click it's JS :/
|
||||
token = str(resp.context['csrf_token'])
|
||||
params = {'action': 'remove', 'auth_id': auth.pk, 'csrfmiddlewaretoken': token}
|
||||
params = {'authorization': auth.pk, 'csrfmiddlewaretoken': token}
|
||||
resp = app.post(user_authorizations_url, params=params, status=302)
|
||||
assert OIDCAuthorization.objects.count() == 0
|
||||
resp = resp.follow()
|
||||
|
|
Loading…
Reference in New Issue