diff --git a/src/authentic2_pratic/locale/fr/LC_MESSAGES/django.po b/src/authentic2_pratic/locale/fr/LC_MESSAGES/django.po index e642ad5..2853af4 100644 --- a/src/authentic2_pratic/locale/fr/LC_MESSAGES/django.po +++ b/src/authentic2_pratic/locale/fr/LC_MESSAGES/django.po @@ -232,7 +232,7 @@ msgstr "services" #: authentic2_pratic/models.py:333 msgid "Authentication by certificate only" -msgstr "Authentificiation seulement par certificat" +msgstr "Authentification seulement par certificat" #: authentic2_pratic/models.py:353 msgid "There can be only one instance of a global service by collectivity" diff --git a/src/authentic2_pratic/models.py b/src/authentic2_pratic/models.py index fd81f6c..001a3fa 100644 --- a/src/authentic2_pratic/models.py +++ b/src/authentic2_pratic/models.py @@ -9,6 +9,7 @@ from django.db.models.signals import post_save from django.contrib.auth.models import Group from authentic2 import managers +from authentic2.models import Service as Authentic2Service from authentic2.custom_user.managers import UserManager from authentic2.idp.signals import authorize_service from authentic2.custom_user.models import User as BaseUser @@ -286,6 +287,11 @@ class Service(Model): cas_service_url = URLField( verbose_name=_('CAS service URL'), blank=True) + a2_service = models.ForeignKey( + to='authentic2.Service', + verbose_name=_('related authentic2 service'), + blank=True, + null=True) def __unicode__(self): return self.name @@ -338,6 +344,11 @@ class ServiceInstance(Model): verbose_name=_('Authentication by certificate only'), default=False, blank=True) + a2_service = models.ForeignKey( + to='authentic2.Service', + verbose_name=_('related authentic2 service'), + blank=True, + null=True) def __unicode__(self): return unicode(self.service) @@ -360,6 +371,8 @@ class ServiceInstance(Model): self.service_url = self.service.service_url self.metadata_url = self.service.metadata_url self.cas_service_url = self.service.cas_service_url + if self.service.a2_service_id: + self.a2_service = self.service.a2_service if not self.service.is_global and not self.service_url: raise ValidationError(_('Service URL field is required')) @@ -420,8 +433,12 @@ def authorize_service_cb(request, user, audience, attributes, **kwargs): return authz(False, 'not a pr@tic user') collectivity = user.collectivity try: - si = ServiceInstance.objects.get(collectivity=collectivity, - metadata_url=audience) + if isinstance(audience, basestring): + si = ServiceInstance.objects.get(collectivity=collectivity, + metadata_url=audience) + elif isinstance(audience, Authentic2Service): + si = ServiceInstance.objects.get(collectivity=collectivity, + a2_service=audience) except ServiceInstance.DoesNotExist: logger.warn('unable to find service for audience %r and user %r in collectivity %r', audience, unicode(user), unicode(collectivity)) @@ -457,7 +474,8 @@ def service_post_save(sender, instance, created, raw, **kwargs): utils.sync_cas_provider(instance) if getattr(instance, 'is_global', None): instance.service_instances.update(service_url=instance.service_url, - metadata_url=instance.metadata_url) + metadata_url=instance.metadata_url, + a2_service_id=instance.a2_service_id) @receiver(post_save, sender=User) diff --git a/src/authentic2_pratic/utils.py b/src/authentic2_pratic/utils.py index 830239f..c6aaa0a 100644 --- a/src/authentic2_pratic/utils.py +++ b/src/authentic2_pratic/utils.py @@ -4,6 +4,7 @@ from requests.adapters import HTTPAdapter import logging from django.core.exceptions import ValidationError +from django.db.transaction import atomic from . import models, app_settings @@ -94,6 +95,7 @@ class SSLInfo(object): return '' % self.__dict__ +@atomic def sync_saml_provider(service_or_service_instance): logger = logging.getLogger(__name__) @@ -165,6 +167,7 @@ def sync_oauth2_client(service_or_service_instance): # TODO pass +@atomic def sync_cas_provider(service_or_service_instance): logger = logging.getLogger(__name__)