manager: include oidc and saml federation info in user details (#28210)
This commit is contained in:
parent
30ee547427
commit
fd74358a9e
|
@ -1,6 +1,6 @@
|
|||
{% load i18n %}
|
||||
{% for account in user.fc_accounts.all %}
|
||||
<div class="auth-fc-user-sidebar">
|
||||
<p>{% trans "Link with FranceConnect created on" %} {{ account.created }}</p>
|
||||
<p>{% trans "Link with FranceConnect created on" %} {{ account.created }}.</p>
|
||||
</div>
|
||||
{% endfor %}
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import django.apps
|
||||
from django import template
|
||||
|
||||
|
||||
class Plugin(object):
|
||||
|
@ -101,3 +102,9 @@ class AppConfig(django.apps.AppConfig):
|
|||
'sub': oidc_account.sub,
|
||||
}
|
||||
)
|
||||
|
||||
def a2_hook_manager_user_data(self, view, user):
|
||||
context = {'user': user}
|
||||
return [
|
||||
template.loader.get_template('authentic2_auth_oidc/manager_user_sidebar.html').render(context)
|
||||
]
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
{% load i18n %}
|
||||
{% if user.oidc_account %}
|
||||
<p>
|
||||
{% blocktrans trimmed with created=user.oidc_account.created name=user.oidc_account.provider.name sub=user.oidc_account.sub %}
|
||||
Link with OIDC provider {{ name }} created on {{ created }} (sub {{ sub }}).
|
||||
{% endblocktrans %}
|
||||
</p>
|
||||
{% endif %}
|
|
@ -15,6 +15,8 @@
|
|||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import django.apps
|
||||
from django import template
|
||||
from mellon.utils import get_idp
|
||||
|
||||
|
||||
class AppConfig(django.apps.AppConfig):
|
||||
|
@ -41,3 +43,14 @@ class AppConfig(django.apps.AppConfig):
|
|||
'name_id': saml_account.name_id,
|
||||
}
|
||||
)
|
||||
|
||||
def a2_hook_manager_user_data(self, view, user):
|
||||
user_saml_identifiers = user.saml_identifiers.all()
|
||||
if not user_saml_identifiers:
|
||||
return ['']
|
||||
for user_saml_identifier in user_saml_identifiers:
|
||||
user_saml_identifier.idp = get_idp(user_saml_identifier.issuer)
|
||||
context = {'user_saml_identifiers': user_saml_identifiers}
|
||||
return [
|
||||
template.loader.get_template('authentic2_auth_saml/manager_user_sidebar.html').render(context)
|
||||
]
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
{% load i18n %}
|
||||
{% for identifier in user_saml_identifiers %}
|
||||
{% firstof identifier.idp.DISPLAY_NAME identifier.issuer as provider %}
|
||||
<p>
|
||||
{% blocktrans trimmed with created=identifier.created name_id=identifier.name_id %}
|
||||
Link with SAML provider {{ provider }} created on {{ created }} (NameID {{ name_id }}).
|
||||
{% endblocktrans %}
|
||||
</p>
|
||||
{% endfor %}
|
|
@ -899,3 +899,16 @@ def test_multiple_users_with_same_email(app, caplog, code, oidc_provider_jwkset,
|
|||
assert '_auth_user_id' not in app.session
|
||||
assert OIDCAccount.objects.count() == 0
|
||||
assert 'too many users' in caplog.records[-1].message
|
||||
|
||||
|
||||
def test_manager_user_sidebar(app, superuser, simple_user, oidc_provider):
|
||||
utils.login(app, superuser, '/manage/')
|
||||
response = app.get('/manage/users/%s/' % simple_user.id)
|
||||
assert 'OIDC' not in response
|
||||
|
||||
OIDCAccount.objects.create(user=simple_user, provider=oidc_provider, sub='1234')
|
||||
|
||||
response = app.get('/manage/users/%s/' % simple_user.id)
|
||||
assert 'OIDC' in response
|
||||
assert 'Server' in response
|
||||
assert '1234' in response
|
||||
|
|
|
@ -26,6 +26,8 @@ from authentic2.custom_user.models import DeletedUser
|
|||
from authentic2.models import Attribute
|
||||
from authentic2_auth_saml.adapters import AuthenticAdapter, MappingError
|
||||
|
||||
from .utils import login
|
||||
|
||||
User = get_user_model()
|
||||
|
||||
|
||||
|
@ -273,3 +275,16 @@ def test_save_account_on_delete_user(db):
|
|||
'name_id': '4567',
|
||||
},
|
||||
]
|
||||
|
||||
|
||||
def test_manager_user_sidebar(app, superuser, simple_user):
|
||||
login(app, superuser, '/manage/')
|
||||
response = app.get('/manage/users/%s/' % simple_user.id)
|
||||
assert 'SAML' not in response
|
||||
|
||||
UserSAMLIdentifier.objects.create(user=simple_user, issuer='https://idp1.com/', name_id='1234')
|
||||
|
||||
response = app.get('/manage/users/%s/' % simple_user.id)
|
||||
assert 'SAML' in response
|
||||
assert 'https://idp1.com/' in response
|
||||
assert '1234' in response
|
||||
|
|
Loading…
Reference in New Issue