manager: force api client ou assignment for local admins (#72703)
This commit is contained in:
parent
16ba28029d
commit
88fe8e143a
|
@ -55,6 +55,8 @@ class APIClientsFormViewMixin(APIClientsMixin):
|
|||
if self.request.user.has_ou_perm('authentic2.admin_apiclient', ou):
|
||||
allowed_ous.append(ou.id)
|
||||
form.fields['ou'].queryset = OrganizationalUnit.objects.filter(id__in=allowed_ous)
|
||||
form.fields['ou'].required = True
|
||||
form.fields['ou'].empty_label = None
|
||||
return form
|
||||
|
||||
|
||||
|
|
|
@ -165,6 +165,7 @@ def test_add(superuser, app):
|
|||
form = resp.form
|
||||
# password is prefilled
|
||||
assert form.get('password').value
|
||||
assert ('', False, '---------') in form['ou'].options
|
||||
form.set('name', 'api-client-name')
|
||||
form.set('description', 'api-client-description')
|
||||
form.set('identifier', 'api-client-identifier')
|
||||
|
@ -182,12 +183,14 @@ def test_add_local_admin(admin_ou1, app, ou1, ou2):
|
|||
resp = login(app, admin_ou1, 'a2-manager-api-client-add')
|
||||
form = resp.form
|
||||
assert len(form['ou'].options) == 1
|
||||
assert ('', False, '---------') not in form['ou'].options
|
||||
assert form['ou'].options[0][2] == 'OU1'
|
||||
|
||||
role = Role.objects.get(slug='_a2-manager-of-api-clients-%s' % ou2.slug)
|
||||
admin_ou1.roles.add(role)
|
||||
resp = app.get(reverse('a2-manager-api-client-add'))
|
||||
assert len(resp.form['ou'].options) == 2
|
||||
assert ('', False, '---------') not in form['ou'].options
|
||||
|
||||
|
||||
def test_add_description_non_mandatory(superuser, app):
|
||||
|
@ -246,6 +249,7 @@ def test_edit(superuser, app):
|
|||
resp = login(app, superuser, 'a2-manager-api-client-edit', kwargs={'pk': api_client.pk})
|
||||
form = resp.form
|
||||
assert form.get('password').value == 'foo-password'
|
||||
assert ('', False, '---------') in form['ou'].options
|
||||
resp.form.set('password', 'easy')
|
||||
response = form.submit().follow()
|
||||
assert urlparse(response.request.url).path == api_client.get_absolute_url()
|
||||
|
@ -273,6 +277,7 @@ def test_edit_local_admin(admin_ou1, app, ou1, ou2):
|
|||
form = resp.form
|
||||
assert form.get('password').value == 'foo-password'
|
||||
resp.form.set('password', 'easy')
|
||||
assert ('', False, '---------') not in form['ou'].options
|
||||
response = form.submit().follow()
|
||||
assert urlparse(response.request.url).path == api_client_ou1.get_absolute_url()
|
||||
api_client = APIClient.objects.get(password='easy')
|
||||
|
@ -282,6 +287,7 @@ def test_edit_local_admin(admin_ou1, app, ou1, ou2):
|
|||
admin_ou1.roles.add(role)
|
||||
resp = app.get(reverse('a2-manager-api-client-edit', kwargs={'pk': api_client_ou2.pk}))
|
||||
assert resp.form.get('password').value == 'bar-password'
|
||||
assert ('', False, '---------') not in form['ou'].options
|
||||
resp.form.set('ou', ou1.id)
|
||||
resp.form.submit().follow()
|
||||
assert APIClient.objects.filter(ou=ou1).count() == 2
|
||||
|
|
Loading…
Reference in New Issue