make attribute release by the user-info web service customizable using the new attribute engine of authentic2
This commit is contained in:
parent
dd81494707
commit
8364249d99
|
@ -1,12 +1,34 @@
|
|||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.contrib import admin
|
||||
|
||||
from provider.oauth2.admin import ClientAdmin
|
||||
|
||||
from . import models
|
||||
|
||||
admin.site.register(models.A2Client, ClientAdmin)
|
||||
|
||||
class WebServiceAdmin(admin.ModelAdmin):
|
||||
prepopulated_fields = {'slug': ('name',)}
|
||||
|
||||
class AttributeReleaseInline(admin.TabularInline):
|
||||
model = models.AttributeRelease
|
||||
|
||||
class A2ClientAdmin(ClientAdmin):
|
||||
inlines = [AttributeReleaseInline]
|
||||
fieldsets = (
|
||||
(None, {'fields': (
|
||||
'name',
|
||||
'user',
|
||||
) }),
|
||||
(_('Location'), {'fields': (
|
||||
'url',
|
||||
'redirect_uri',
|
||||
) }),
|
||||
(_('Credentials'), {'fields': (
|
||||
'client_id',
|
||||
'client_type',
|
||||
'client_secret',
|
||||
) }),
|
||||
(_('Logout'),
|
||||
{'fields': ('logout_url', 'logout_use_iframe', 'logout_use_iframe_timeout'),}),)
|
||||
|
||||
admin.site.register(models.WebService, WebServiceAdmin)
|
||||
admin.site.register(models.A2Client, A2ClientAdmin)
|
||||
|
|
|
@ -0,0 +1,102 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
from south.utils import datetime_utils as datetime
|
||||
from south.db import db
|
||||
from south.v2 import SchemaMigration
|
||||
from django.db import models
|
||||
|
||||
|
||||
class Migration(SchemaMigration):
|
||||
|
||||
def forwards(self, orm):
|
||||
# Adding model 'AttributeRelease'
|
||||
db.create_table(u'authentic2_idp_oauth2_attributerelease', (
|
||||
(u'id', self.gf('django.db.models.fields.AutoField')(primary_key=True)),
|
||||
('client', self.gf('django.db.models.fields.related.ForeignKey')(to=orm['authentic2_idp_oauth2.A2Client'])),
|
||||
('name', self.gf('django.db.models.fields.CharField')(max_length=64)),
|
||||
('attribute_name', self.gf('django.db.models.fields.CharField')(max_length=64)),
|
||||
))
|
||||
db.send_create_signal(u'authentic2_idp_oauth2', ['AttributeRelease'])
|
||||
|
||||
|
||||
def backwards(self, orm):
|
||||
# Deleting model 'AttributeRelease'
|
||||
db.delete_table(u'authentic2_idp_oauth2_attributerelease')
|
||||
|
||||
|
||||
models = {
|
||||
u'auth.group': {
|
||||
'Meta': {'object_name': 'Group'},
|
||||
u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '80'}),
|
||||
'permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'})
|
||||
},
|
||||
u'auth.permission': {
|
||||
'Meta': {'ordering': "(u'content_type__app_label', u'content_type__model', u'codename')", 'unique_together': "((u'content_type', u'codename'),)", 'object_name': 'Permission'},
|
||||
'codename': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
|
||||
'content_type': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['contenttypes.ContentType']"}),
|
||||
u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'max_length': '50'})
|
||||
},
|
||||
u'auth.user': {
|
||||
'Meta': {'object_name': 'User'},
|
||||
'date_joined': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
|
||||
'email': ('django.db.models.fields.EmailField', [], {'max_length': '75', 'blank': 'True'}),
|
||||
'first_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
|
||||
'groups': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Group']", 'symmetrical': 'False', 'blank': 'True'}),
|
||||
u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'is_active': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
|
||||
'is_staff': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'is_superuser': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'last_login': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
|
||||
'last_name': ('django.db.models.fields.CharField', [], {'max_length': '30', 'blank': 'True'}),
|
||||
'password': ('django.db.models.fields.CharField', [], {'max_length': '128'}),
|
||||
'user_permissions': ('django.db.models.fields.related.ManyToManyField', [], {'to': u"orm['auth.Permission']", 'symmetrical': 'False', 'blank': 'True'}),
|
||||
'username': ('django.db.models.fields.CharField', [], {'unique': 'True', 'max_length': '255'})
|
||||
},
|
||||
u'authentic2_idp_oauth2.a2client': {
|
||||
'Meta': {'object_name': 'A2Client', '_ormbases': [u'oauth2.Client']},
|
||||
u'client_ptr': ('django.db.models.fields.related.OneToOneField', [], {'to': u"orm['oauth2.Client']", 'unique': 'True', 'primary_key': 'True'}),
|
||||
'logout_url': ('django.db.models.fields.URLField', [], {'max_length': '255', 'null': 'True', 'blank': 'True'}),
|
||||
'logout_use_iframe': ('django.db.models.fields.BooleanField', [], {'default': 'False'}),
|
||||
'logout_use_iframe_timeout': ('django.db.models.fields.PositiveIntegerField', [], {'default': '300'})
|
||||
},
|
||||
u'authentic2_idp_oauth2.attributerelease': {
|
||||
'Meta': {'object_name': 'AttributeRelease'},
|
||||
'attribute_name': ('django.db.models.fields.CharField', [], {'max_length': '64'}),
|
||||
'client': ('django.db.models.fields.related.ForeignKey', [], {'to': u"orm['authentic2_idp_oauth2.A2Client']"}),
|
||||
u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'max_length': '64'})
|
||||
},
|
||||
u'authentic2_idp_oauth2.webservice': {
|
||||
'Meta': {'object_name': 'WebService'},
|
||||
'allow_redirects': ('django.db.models.fields.BooleanField', [], {'default': 'True'}),
|
||||
'auth_mech': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '16', 'blank': 'True'}),
|
||||
u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'max_length': '32'}),
|
||||
'signature_key': ('django.db.models.fields.CharField', [], {'default': "''", 'max_length': '128', 'blank': 'True'}),
|
||||
'slug': ('django.db.models.fields.SlugField', [], {'max_length': '32'}),
|
||||
'timeout': ('django.db.models.fields.IntegerField', [], {'default': '10'}),
|
||||
'url': ('django.db.models.fields.CharField', [], {'max_length': '1024'}),
|
||||
'verify_certificate': ('django.db.models.fields.BooleanField', [], {'default': 'True'})
|
||||
},
|
||||
u'contenttypes.contenttype': {
|
||||
'Meta': {'ordering': "('name',)", 'unique_together': "(('app_label', 'model'),)", 'object_name': 'ContentType', 'db_table': "'django_content_type'"},
|
||||
'app_label': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
|
||||
u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'model': ('django.db.models.fields.CharField', [], {'max_length': '100'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'max_length': '100'})
|
||||
},
|
||||
u'oauth2.client': {
|
||||
'Meta': {'object_name': 'Client'},
|
||||
'client_id': ('django.db.models.fields.CharField', [], {'default': "'cf9fa9fcc8e786008f9a'", 'max_length': '255'}),
|
||||
'client_secret': ('django.db.models.fields.CharField', [], {'default': "'a033d904a82ffb7c186e9ca264e572ae8a4afb90'", 'max_length': '255'}),
|
||||
'client_type': ('django.db.models.fields.IntegerField', [], {}),
|
||||
u'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
|
||||
'name': ('django.db.models.fields.CharField', [], {'max_length': '255', 'blank': 'True'}),
|
||||
'redirect_uri': ('django.db.models.fields.URLField', [], {'max_length': '200'}),
|
||||
'url': ('django.db.models.fields.URLField', [], {'max_length': '200'}),
|
||||
'user': ('django.db.models.fields.related.ForeignKey', [], {'blank': 'True', 'related_name': "'oauth2_client'", 'null': 'True', 'to': u"orm['auth.User']"})
|
||||
}
|
||||
}
|
||||
|
||||
complete_apps = ['authentic2_idp_oauth2']
|
|
@ -7,12 +7,27 @@ from provider.oauth2.models import Client
|
|||
|
||||
from authentic2.models import LogoutUrlAbstract
|
||||
from authentic2.managers import GetBySlugManager
|
||||
from authentic2.decorators import to_iter
|
||||
from authentic2.attributes_ng.engine import get_attribute_names
|
||||
|
||||
class A2Client(LogoutUrlAbstract, Client):
|
||||
class Meta:
|
||||
verbose_name = _('client')
|
||||
verbose_name_plural = _('clients')
|
||||
|
||||
|
||||
class AttributeRelease(models.Model):
|
||||
client = models.ForeignKey(A2Client, verbose_name=_('client'))
|
||||
name = models.CharField(verbose_name=_('name'), max_length=64)
|
||||
attribute_name = models.CharField(max_length=64,
|
||||
verbose_name=_('attribute name'),
|
||||
choices=to_iter(get_attribute_names)({'user': None, 'request': None}))
|
||||
|
||||
class Meta:
|
||||
verbose_name = _('OAuth2 attribute release')
|
||||
verbose_name_plural = _('oauth2 attribute releases')
|
||||
|
||||
|
||||
class WebService(models.Model):
|
||||
AUTH_MECH = (
|
||||
('', 'None'),
|
||||
|
|
|
@ -13,6 +13,7 @@ from provider.oauth2.views import Authorize
|
|||
from provider import scope
|
||||
|
||||
from authentic2.models import FederatedId
|
||||
from authentic2.attributes_ng.engine import get_attributes
|
||||
|
||||
from . import forms, app_settings, models, signature
|
||||
|
||||
|
@ -52,16 +53,32 @@ def user_info(request):
|
|||
data = {}
|
||||
if request.user and request.user.is_authenticated():
|
||||
if request.method == 'GET':
|
||||
user = request.user
|
||||
data = {
|
||||
'username': user.username,
|
||||
'first_name': user.first_name,
|
||||
'last_name': user.last_name,
|
||||
'email': user.email,
|
||||
'display_name': user.get_full_name(),
|
||||
'role': user.groups.values_list('name', flat=True),
|
||||
}
|
||||
add_targeted_id(request, data)
|
||||
if request.auth is None:
|
||||
ctx = get_attributes({
|
||||
'request': request,
|
||||
'user': request.user,
|
||||
})
|
||||
for key, value in ctx.iteritems():
|
||||
if isinstance(value, (str, unicode)):
|
||||
data[key] = value
|
||||
elif isinstance(value, (list, tuple)) and value and isinstance(value[0], (str, unicode)):
|
||||
data[key] = value
|
||||
else:
|
||||
client = request.auth.client
|
||||
qs = models.AttributeRelease.objects.filter(client=client)
|
||||
wanted_attributes = [a.attribute_name for a in qs]
|
||||
ctx = get_attributes({
|
||||
'request': request,
|
||||
'user': request.user,
|
||||
'provider': client,
|
||||
'__wanted_attributes': wanted_attributes,
|
||||
})
|
||||
for a in qs:
|
||||
if a.attribute_name in ctx:
|
||||
data[a.name] = ctx[a.attribute_name]
|
||||
add_targeted_id(request, data)
|
||||
elif request.method == 'DELETE':
|
||||
delete_targeted_id(request, data)
|
||||
return Response(data)
|
||||
|
|
Reference in New Issue