profile_views: provide a more general message in oidc-authz page (#45651)
This commit is contained in:
parent
2033b742af
commit
affa37c6b9
|
@ -17,13 +17,9 @@
|
|||
{% block oidc-authorized-oauth-services-top %}
|
||||
<p class="authorized-oauth-services--top">
|
||||
{% if authorized_oauth_services|length_is:0 %}
|
||||
{% trans "You have not granted service access to your account profile data." %}
|
||||
{% trans "You have not given any authorization to access your account profile data." %}
|
||||
{% else %}
|
||||
{% blocktrans count counter=authorized_oauth_services|length %}
|
||||
You have granted one service access to your account profile data.
|
||||
{% plural %}
|
||||
You have granted {{ counter }} services access to your account profile data.
|
||||
{% endblocktrans %}
|
||||
{% trans "You have given authorizations to access your account profile data." %}
|
||||
{% endif %}
|
||||
</p>
|
||||
{% endblock %}
|
||||
|
|
|
@ -45,6 +45,7 @@ from authentic2_idp_oidc.utils import make_sub
|
|||
from authentic2.a2_rbac.utils import get_default_ou
|
||||
from authentic2.utils import make_url
|
||||
from authentic2_auth_oidc.utils import parse_timestamp
|
||||
from django_rbac.utils import get_ou_model
|
||||
from django_rbac.utils import get_role_model
|
||||
|
||||
User = get_user_model()
|
||||
|
@ -1615,14 +1616,23 @@ def test_oidc_client_clean():
|
|||
|
||||
|
||||
def test_oidc_authorized_oauth_services_view(app, oidc_client, simple_user):
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
|
||||
url = make_url('authorized-oauth-services')
|
||||
response = app.get(url, status=302)
|
||||
assert '/login/' in response.location
|
||||
|
||||
utils.login(app, simple_user)
|
||||
response = app.get(url, status=200)
|
||||
assert "You have not granted service access to your account profile data." in response.text
|
||||
assert "You have not given any authorization to access your account profile data." in response.text
|
||||
|
||||
# create an ou authz
|
||||
OU = get_ou_model()
|
||||
ou1 = OU.objects.create(name='Orgunit1', slug='orgunit1')
|
||||
OIDCAuthorization.objects.create(
|
||||
client=ou1, user=simple_user, scopes='openid profile email',
|
||||
expired=now() + datetime.timedelta(days=2))
|
||||
# create service authzs
|
||||
OIDCAuthorization.objects.create(
|
||||
client=oidc_client, user=simple_user, scopes='openid',
|
||||
expired=now() + datetime.timedelta(days=2))
|
||||
|
@ -1634,17 +1644,28 @@ def test_oidc_authorized_oauth_services_view(app, oidc_client, simple_user):
|
|||
expired=now() + datetime.timedelta(days=2))
|
||||
|
||||
response = app.get(url, status=200)
|
||||
assert "You have granted 3 services access to your account profile data."
|
||||
assert "You have given authorizations to access your account profile data." in response.text
|
||||
assert len(response.html.find_all(
|
||||
'button', {'class': 'authorized-oauth-services--revoke-button'})) == 4
|
||||
|
||||
# revoke two service authz
|
||||
response = response.forms[1].submit()
|
||||
response = response.follow()
|
||||
assert len(response.html.find_all(
|
||||
'button', {'class': 'authorized-oauth-services--revoke-button'})) == 3
|
||||
|
||||
# revoke two
|
||||
response = response.forms[0].submit()
|
||||
assert OIDCAuthorization.objects.filter(
|
||||
client_ct=ContentType.objects.get_for_model(OIDCClient)).count() == 2
|
||||
response = response.forms[1].submit()
|
||||
response = response.follow()
|
||||
assert len(response.html.find_all(
|
||||
'button', {'class': 'authorized-oauth-services--revoke-button'})) == 2
|
||||
assert OIDCAuthorization.objects.filter(
|
||||
client_ct=ContentType.objects.get_for_model(OIDCClient)).count() == 1
|
||||
|
||||
# revoke the only OU authz
|
||||
response = response.forms[0].submit()
|
||||
response = response.follow()
|
||||
assert len(response.html.find_all(
|
||||
'button', {'class': 'authorized-oauth-services--revoke-button'})) == 1
|
||||
assert "You have granted one service access to your account profile data." in response.text
|
||||
assert OIDCAuthorization.objects.filter(
|
||||
client_ct=ContentType.objects.get_for_model(OU)).count() == 0
|
||||
|
|
Loading…
Reference in New Issue