manager: remove username column of role members table if configured so (#45423)

src/authentic2/manager/role_views.py

@@ -33,6 +33,7 @@ from authentic2.utils import redirect
 from authentic2 import hooks, data_transfer
 
 from . import tables, views, resources, forms, app_settings
+from .utils import has_show_username
 
 
 class RolesMixin(object):
@@ -202,6 +203,21 @@ class RoleMembersView(views.HideOUColumnMixin, RoleViewMixin, views.BaseSubTable
         ctx['from_ldap'] = self._can_manage_members and not self.can_manage_members
         return ctx
 
+    def is_ou_specified(self):
+        return self.search_form.is_valid() \
+            and self.search_form.cleaned_data.get('ou')
+
+    def get_table(self, **kwargs):
+        show_username = has_show_username()
+        if not show_username and self.is_ou_specified():
+            show_username = self.is_ou_specified().show_username
+        if not show_username:
+            exclude = kwargs.setdefault('exclude', [])
+            if 'username' not in exclude:
+                exclude.append('username')
+        return super().get_table(**kwargs)
+
+
 members = RoleMembersView.as_view()
 
 

tests/test_manager.py

@@ -813,6 +813,20 @@ def test_manager_ajax_form_view_mixin_response(superuser_or_admin, app):
     assert resp.json['content']
 
 
+def test_manager_role_username_column(app, admin, simple_role):
+    login(app, admin, '/manage/')
+
+    resp = app.get('/manage/roles/%s/' % simple_role.id)
+    assert resp.html.find('th', {'class': 'asc orderable username'})
+
+    ou = get_default_ou()
+    ou.show_username = False
+    ou.save()
+
+    resp = app.get('/manage/roles/%s/' % simple_role.id)
+    assert not resp.html.find('th', {'class': 'asc orderable username'})
+
+
 def test_manager_role_admin_permissions(app, simple_user, admin, simple_role):
     admin_role = simple_role.get_admin_role()
     simple_user.roles.add(admin_role)