entrouvert
/
authentic2-wallonie-connect
22
0
Fork 0
Code Issues Pull Requests Releases Activity

add other access roles

This commit is contained in:
Benoit Suttor 2021-10-06 16:11:45 +02:00
parent d23e5ca30d
commit 6f388a5ee5
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/authentic2_wallonie_connect/management/commands/wc-base-import.py
View File

@ -150,6 +150,7 @@ class Command(BaseCommand):
OIDCClient, "ALGO_" + service["idtoken_algo"].upper()
)
scope = service.get("scope", "")
other_access = service.get("other_access", [])
oidc_client, created = OIDCClient.objects.get_or_create(
slug=service["slug"],
ou=ou,
@ -233,6 +234,26 @@ class Command(BaseCommand):
self.info(self.style.SUCCESS("MODIFIED"))
else:
Role.objects.filter(slug=slug, ou=ou).delete()
# access role to news, events or directory
if len(other_access) > 0:
for other in other_access:
other_slug = f"{slug}-{other}"
other_access_role, created = Role.objects.get_or_create(
slug=other_slug, ou=ou, defaults={"name": other_slug}
)
if not created and other_access_role.slug != slug:
access_role.name = other_slug
access_role.save()
other_oidc_client, created = OIDCClient.objects.get(
slug=f"imio-other"
)
if access_role not in other_oidc_client.authorized_roles.all():
other_oidc_client.add_authorized_role(access_role)
self.info(
self.style.SUCCESS(f"{other_oidc_client.slug} MODIFIED")
)
claims = service.get("claims", DEFAULT_CLAIMS)
assert isinstance(claims, list), "claims must be a list of dic"
claim_set = set()