manager: add a column to display role is synced from ldap (#51120)

2021-02-16 17:52:40 +01:00 · 2021-02-16 17:52:40 +01:00 · 2bdd088d43
parent 0225be797c
commit 2bdd088d43
3 changed files with 73 additions and 2 deletions
--- a/src/authentic2/manager/tables.py
+++ b/src/authentic2/manager/tables.py
@ -16,6 +16,7 @@

 from django.contrib.auth import get_user_model
 from django.utils import html
+from django.utils.safestring import SafeText
 from django.utils.translation import ugettext_lazy as _
 from django.utils.translation import ugettext_noop

@ -111,6 +112,12 @@ class RoleTable(tables.Table):
    member_count = tables.Column(verbose_name=_('Direct member count'),
                                 orderable=False)

+    def render_name (self, record, bound_column):
+        content = bound_column.column.render(record.name, record, bound_column)
+        if not record.can_manage_members:
+            content = SafeText('%s (%s)' % (content, _('LDAP')))
+        return content
+
    class Meta:
        model = get_role_model()
        attrs = {'class': 'main', 'id': 'role-table'}
@ -158,6 +165,12 @@ class OuUserRolesTable(tables.Table):
        verbose_name=_('Member'),
        order_by=('member', 'via', 'name'))

+    def render_name (self, record, bound_column):
+        content = bound_column.column.render(record.name, record, bound_column)
+        if not record.can_manage_members:
+            content = SafeText('%s (%s)' % (content, _('LDAP')))
+        return content
+
    class Meta:
        model = get_role_model()
        attrs = {'class': 'main', 'id': 'role-table'}
@ -178,6 +191,12 @@ class UserRolesTable(tables.Table):
        verbose_name=_('Inherited from'),
        orderable=False)

+    def render_name (self, record, bound_column):
+        content = bound_column.column.render(record.name, record, bound_column)
+        if not record.can_manage_members:
+            content = SafeText('%s (%s)' % (content, _('LDAP')))
+        return content
+
    class Meta:
        model = get_role_model()
        attrs = {'class': 'main', 'id': 'role-table'}
--- a/tests/test_ldap.py
+++ b/tests/test_ldap.py
@ -457,14 +457,18 @@ def test_group_to_role_mapping_modify_disabled(slapd, settings, db, app, admin,

    utils.login(app, admin, '/manage/')

+    response = app.get('/manage/roles/')
+    q = response.pyquery.remove_namespaces()
+    assert q('table tbody td.name').text() == 'Role3 (LDAP)'
+
    response = app.get('/manage/users/%s/roles/?search-ou=%s' % (user.pk, user.ou.pk))
    q = response.pyquery.remove_namespaces()
-    assert q('table tbody td.name').text() == 'Role3'
+    assert q('table tbody td.name').text() == 'Role3 (LDAP)'
    assert q('table tbody td.member input').attr('disabled')

    response = app.get('/manage/users/%s/roles/?search-ou=all' % user.pk)
    q = response.pyquery.remove_namespaces()
-    assert q('table tbody td.name').text() == 'Role3'
+    assert q('table tbody td.name').text() == 'Role3 (LDAP)'
    assert q('table tbody td.member input').attr('disabled')

    response = app.get('/manage/roles/%s/' % (role.pk))
--- a/tests/test_role_manager.py
+++ b/tests/test_role_manager.py
@ -205,3 +205,51 @@ def test_manager_role_add_selected_ou(app, admin, ou1, ou2):
    response = response.form.submit()
    response = response.click('Add role')
    assert response.pyquery.find('select#id_ou option[selected]')[0].text == 'OU2'
+
+
+def test_roles_displayed_fields(app, admin, ou1, ou2):
+    login(app, admin)
+    role1 = Role.objects.create(name='role1')
+    role2 = Role.objects.create(name='role2')
+
+    user1 = User.objects.create(username='user1')
+    user2 = User.objects.create(username='user2')
+    user1.roles.add(role1)
+    user2.roles.add(role1)
+    role2.add_child(role1)  # indirect members
+
+    assert role1.can_manage_members
+    role2.can_manage_members = False  # user syncronized from LDAP
+    role2.save()
+
+    # check OUTable
+    response = app.get('/manage/roles/')
+    rows = list(zip([text_content(el) for el in response.pyquery('tr td.name')],
+                    [text_content(el) for el in response.pyquery('tr td.member_count')],
+                    ))
+    assert rows == [
+        ('role1', '2'),
+        ('role2 (LDAP)', '0'),
+    ]
+
+    # check UserRolesTable
+    response = app.get('/manage/users/%s/roles/?search-ou=all' % user2.pk)
+    rows = list(zip([text_content(el) for el in response.pyquery('tr td.name')],
+                    [text_content(el) for el in response.pyquery('tr td.via')],
+                    ))
+    assert rows == [
+        ('role1', ''),
+        ('role2 (LDAP)', 'role1 '),
+    ]
+
+    # check OuUserRolesTable
+    response = app.get('/manage/users/%s/roles/?search-ou=' % user2.pk)
+    rows = list(zip([text_content(el) for el in response.pyquery('tr td.name')],
+                    [text_content(el) for el in response.pyquery('tr td.via')],
+                    [el.attrib.get('checked') for el in response.pyquery('tr td.member input')],
+                    [el.attrib.get('disabled') for el in response.pyquery('tr td.member input')],
+                    ))
+    assert rows == [
+        ('role1', '', 'checked', None),
+        ('role2 (LDAP)', 'role1 ', None, 'disabled'),
+    ]