auth_fc: check required attributes values (#52818)

2021-04-07 12:49:52 +02:00 · 2021-04-07 12:49:52 +02:00 · 20e610da0e
parent b39a13e601
commit 20e610da0e
2 changed files with 7 additions and 2 deletions
--- a/src/authentic2_auth_fc/views.py
+++ b/src/authentic2_auth_fc/views.py
@ -497,7 +497,7 @@ class LoginOrLinkView(PopupViewMixin, FcOAuthSessionViewMixin, View):
                'name', flat=True
            )
            required = list(a2_app_settings.A2_REGISTRATION_REQUIRED_FIELDS) + list(required_attributes)
-            missing = set(required) - set(data)
+            missing = [attr for attr in set(required) - set(data) if not getattr(user.attributes, attr)]
            if missing:
                messages.warning(
                    request,
--- a/tests/auth_fc/test_auth_fc.py
+++ b/tests/auth_fc/test_auth_fc.py
@ -25,6 +25,7 @@ from django.urls import reverse
 from django.utils.timezone import now

 from authentic2.custom_user.models import DeletedUser
+from authentic2.models import Attribute
 from authentic2_auth_fc import models
 from authentic2_auth_fc.utils import requests_retry_session

@ -223,11 +224,15 @@ def test_no_password_with_fc_account_can_reset_password(app, db, mailoutbox):


 def test_login_with_missing_required_attributes(settings, app, franceconnect):
-    settings.A2_REGISTRATION_REQUIRED_FIELDS = ['title']
+    Attribute.objects.create(label='Title', name='title', required=True, kind='title')
+    Attribute.objects.create(label='Phone', name='phone', required=True, kind='phone_number')

    assert User.objects.count() == 0
    assert models.FcAccount.objects.count() == 0

+    franceconnect.user_info['phone'] = '0102030405'
+    settings.A2_FC_USER_INFO_MAPPINGS = {'phone': {'ref': 'phone'}}
+
    response = app.get('/login/?service=portail&next=/idp/')
    response = response.click(href='callback')
    response = franceconnect.handle_authorization(app, response.location)