api: add franceconnect information to user's API when ?full is used (fixes #21962)
The following field is added to user's attributes if FC plugin is enabled and the "full" parameter is given to the user's API: "franceconnect": { "linked": true, "link_url": "https://idp/accounts/fc/callback/", "unlink_url": "https://idp/accounts/fc/unlink/" }
This commit is contained in:
parent
4bb9f76c99
commit
afa48159bb
|
@ -42,5 +42,29 @@ class AppConfig(django.apps.AppConfig):
|
|||
from authentic2.api_views import UsersAPI
|
||||
UsersAPI.fc_unlink = fc_unlink
|
||||
|
||||
def a2_hook_api_modify_serializer(self, view, serializer):
|
||||
from rest_framework import serializers
|
||||
from authentic2.utils import make_url
|
||||
from . import app_settings
|
||||
|
||||
if not app_settings.enable:
|
||||
return
|
||||
|
||||
request = view.request
|
||||
|
||||
if 'full' not in request.GET:
|
||||
return
|
||||
|
||||
if view.__class__.__name__ == 'UsersAPI':
|
||||
def get_franceconnect(user):
|
||||
linked = user.fc_accounts.exists()
|
||||
return {
|
||||
'linked': linked,
|
||||
'link_url': make_url('fc-login-or-link', request=request, absolute=True),
|
||||
'unlink_url': make_url('fc-unlink', request=request, absolute=True),
|
||||
}
|
||||
serializer.get_franceconnect = get_franceconnect
|
||||
serializer.fields['franceconnect'] = serializers.SerializerMethodField()
|
||||
|
||||
|
||||
default_app_config = '%s.%s' % (__name__, 'AppConfig')
|
||||
|
|
|
@ -12,3 +12,28 @@ def test_api_fc_unlink(app, admin, user_cartman):
|
|||
# test success
|
||||
app.delete(url, status=204)
|
||||
assert FcAccount.objects.filter(user=user_cartman).exists() is False
|
||||
|
||||
|
||||
def test_api_user_franceconnect(settings, app, admin, user_cartman):
|
||||
settings.A2_FC_ENABLE = True
|
||||
|
||||
url = '/api/users/%s/' % user_cartman.uuid
|
||||
# test unauthorized method
|
||||
app.authorization = ('Basic', (admin.username, admin.username))
|
||||
response = app.get(url)
|
||||
assert 'franceconnect' not in response.json
|
||||
response = app.get(url + '?full')
|
||||
assert 'franceconnect' in response.json, 'missing franceconnect field in user API'
|
||||
content = response.json['franceconnect']
|
||||
assert isinstance(content, dict), 'franceconnect field is not a dict'
|
||||
assert content.get('linked') is True
|
||||
assert content.get('link_url').startswith('http://')
|
||||
assert content.get('link_url').endswith('/callback/')
|
||||
assert content.get('unlink_url').startswith('http://')
|
||||
assert content.get('unlink_url').endswith('/unlink/')
|
||||
|
||||
unlink_url = '/api/users/%s/fc-unlink/' % user_cartman.uuid
|
||||
app.delete(unlink_url, status=204)
|
||||
|
||||
response = app.get(url + '?full')
|
||||
assert response.json['franceconnect']['linked'] is False
|
||||
|
|
Reference in New Issue