add possibility to define a hook to alter login template context (#38533)

2019-12-15 16:09:59 +01:00 · 2019-12-15 16:09:59 +01:00 · b1b85cf0d2
parent 603e20b5cf
commit b1b85cf0d2
4 changed files with 55 additions and 6 deletions
--- a/mellon/views.py
+++ b/mellon/views.py
@ -128,6 +128,12 @@ class LoginView(ProfileMixin, LogMixin, View):
    def template_base(self):
        return self.kwargs.get('template_base', 'base.html')

+    def render(self, request, template_names, context):
+        context['template_base'] = self.template_base
+        if 'context_hook' in self.kwargs:
+            self.kwargs['context_hook'](context)
+        return render(request, template_names, context)
+
    def get_idp(self, request):
        entity_id = request.POST.get('entityID') or request.GET.get('entityID')
        if not entity_id:
@ -184,9 +190,8 @@ class LoginView(ProfileMixin, LogMixin, View):
        if error_url:
            error_url = resolve_url(error_url)
        next_url = error_url or self.get_next_url(default=resolve_url(settings.LOGIN_REDIRECT_URL))
-        return render(request, 'mellon/authentication_failed.html',
+        return self.render(request, 'mellon/authentication_failed.html',
                      {
-                          'template_base': self.template_base,
                          'debug': settings.DEBUG,
                          'reason': reason,
                          'status_codes': status_codes,
@ -253,14 +258,12 @@ class LoginView(ProfileMixin, LogMixin, View):
            else:
                self.log.warning('user %s (NameID is %r) is inactive, login refused', user,
                                 attributes['name_id_content'])
-                return render(request, 'mellon/inactive_user.html', {
-                    'template_base': self.template_base,
+                return self.render(request, 'mellon/inactive_user.html', {
                    'user': user,
                    'saml_attributes': attributes})
        else:
            self.log.warning('no user found for NameID %r', attributes['name_id_content'])
-            return render(request, 'mellon/user_not_found.html', {
-                              'template_base': self.template_base,
+            return self.render(request, 'mellon/user_not_found.html', {
                              'saml_attributes': attributes
                          })
        request.session['lasso_session_dump'] = login.session.dump()
--- a/tests/templates/theme.html
+++ b/tests/templates/theme.html
@ -1,6 +1,7 @@
 <html>
 <body>
   <p>Theme is ok</p>
+   <p>{{ hook }}</p>
   {% block content %}
   {% endblock %}
 </body>
--- a/tests/test_sso_slo.py
+++ b/tests/test_sso_slo.py
@ -233,6 +233,18 @@ def test_template_base(db, app, idp, caplog, sp_settings):
    assert 'Theme is ok' in response.text


+@pytest.mark.urls('urls_tests_template_hook')
+def test_template_hook(db, app, idp, caplog, sp_settings):
+    response = app.get(reverse('mellon_login'))
+    url, body, relay_state = idp.process_authn_request_redirect(
+        response['Location'],
+        auth_result=False,
+        msg='User is not allowed to login')
+    response = app.post(reverse('mellon_login'), params={'SAMLResponse': body, 'RelayState': relay_state})
+    assert 'Theme is ok' in response.text
+    assert 'HOOK' in response.text
+
+
 def test_no_template_base(db, app, idp, caplog, sp_settings):
    response = app.get(reverse('mellon_login'))
    url, body, relay_state = idp.process_authn_request_redirect(
--- a/tests/urls_tests_template_hook.py
+++ b/tests/urls_tests_template_hook.py
@ -0,0 +1,33 @@
+# django-mellon - SAML2 authentication for Django
+# Copyright (C) 2014-2019 Entr'ouvert
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+from django.conf.urls import url, include
+from django.http import HttpResponse
+
+
+def homepage(request):
+    return HttpResponse('ok')
+
+def context_hook(context):
+    context['hook'] = 'HOOK'
+
+
+urlpatterns = [
+    url('^', include('mellon.urls'), kwargs={
+        'template_base': 'theme.html',
+        'context_hook': context_hook,
+    }),
+    url('^$', homepage, name='homepage'),
+]