refactor: set verified_source_apps variable

2021-10-14 08:09:26 +02:00 · 2021-10-14 08:09:26 +02:00 · 2dbae3f6e2
parent ac8a13beec
commit 2dbae3f6e2
1 changed files with 24 additions and 14 deletions
--- a/src/authentic2_wallonie_connect/management/commands/wc-base-import.py
+++ b/src/authentic2_wallonie_connect/management/commands/wc-base-import.py
@ -150,7 +150,7 @@ class Command(BaseCommand):
                        OIDCClient, "ALGO_" + service["idtoken_algo"].upper()
                    )
                scope = service.get("scope", "")
-                other_access = service.get("other_access", [])
+                verified_source_apps = service.get("verified_source_apps", [])
                oidc_client, created = OIDCClient.objects.get_or_create(
                    slug=service["slug"],
                    ou=ou,
@ -236,22 +236,32 @@ class Command(BaseCommand):
                    Role.objects.filter(slug=slug, ou=ou).delete()

                # access role to news, events or directory
-                if len(other_access) > 0:
-                    for other in other_access:
-                        other_slug = f"{slug}-{other}"
-                        other_access_role, created = Role.objects.get_or_create(
-                            slug=other_slug, ou=ou, defaults={"name": other_slug}
+                if len(verified_source_apps) > 0:
+                    for verified_source_app in verified_source_apps:
+                        verified_source_app_slug = f"{slug}-{verified_source_app}"
+                        verified_source_app_role, created = Role.objects.get_or_create(
+                            slug=verified_source_app_slug,
+                            ou=ou,
+                            defaults={"name": verified_source_app_slug},
                        )
-                        if not created and other_access_role.slug != slug:
-                            access_role.name = other_slug
+                        if not created and verified_source_app_role.slug != slug:
+                            access_role.name = verified_source_app_slug
                            access_role.save()
-                        other_oidc_client, created = OIDCClient.objects.get(
-                            slug=f"imio-other"
-                        )
-                        if access_role not in other_oidc_client.authorized_roles.all():
-                            other_oidc_client.add_authorized_role(access_role)
+                        (
+                            verified_source_app_oidc_client,
+                            created,
+                        ) = OIDCClient.objects.get(slug=f"imio-{verified_source_app}")
+                        if (
+                            access_role
+                            not in verified_source_app_oidc_client.authorized_roles.all()
+                        ):
+                            verified_source_app_oidc_client.add_authorized_role(
+                                access_role
+                            )
                            self.info(
-                                self.style.SUCCESS(f"{other_oidc_client.slug} MODIFIED")
+                                self.style.SUCCESS(
+                                    f"{verified_source_app_oidc_client.slug} MODIFIED"
+                                )
                            )

                claims = service.get("claims", DEFAULT_CLAIMS)