entrouvert
/
authentic2-wallonie-connect
22
0
Fork 0
Code Issues Pull Requests Releases Activity

start with some runscripts

This commit is contained in:
Benjamin Dauvergne 2019-08-02 09:46:22 +02:00
commit 498824172a
1 changed files with 142 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
runscripts/base-import.py Normal file
View File

@ -0,0 +1,142 @@
import contextlib
import json
import sys
from django.db import transaction
from django.utils import six
from authentic2_idp_oidc import OIDCClient
from authentic2.a2_rbac import Role, OrganizationalUnit
from authentic2.custom_user.models import User
class DryRun(Exception):
pass
@contextlib.contextmanager
def dryrun():
try:
with transaction.atomic():
yield
except DryRun:
pass
@dryrun
def do(dry=True):
content = json.load(open(sys.argv[0]))
locality = content['locality']
print "Locality ", locality['name'],
ou, created = OrganizationalUnit.objects.get_or_create(slug=locality['slug'], defaults={'name': locality['name']})
if not created:
if ou.name != locality['name']:
ou.name = locality['name']
ou.save()
print 'UPDATED'
else:
print 'unchanged'
else:
print 'CREATED'
services = {}
content_services = content.get('services', [])
assert isinstance(content_services, list)
for service in content_services:
name = service['name']
print 'Service', name
slug = service['slug']
client_id = service['client_id']
client_secret = service['client_secret']
frontchannel_logout_uri = service['frontchannel_logout_uri']
assert isinstance(frontchannel_logout_uri, six.text_type)
post_logout_redirect_uris = service.get('post_logout_redirect_uris', [])
assert isinstance(post_logout_redirect_uris, list)
open_to_all = service.get('open_to_all', False)
redirect_uris = service.get('redirect_uris', [])
assert isinstance(redirect_uris, list)
oidc_client, created = OIDCClient.objects.get_or_create(slug=service['slug'], ou=ou, defaults={
'name': name,
'client_id': client_id,
'client_secret': client_secret,
'frontchannel_logout_uri': frontchannel_logout_uri,
'post_logout_redirect_uris': '\n'.join(post_logout_redirect_uris),
'redirect_uris': '\n'.join(redirect_uris),
})
service[slug] = {
'oidc_client': oidc_client,
}
if not created:
modified = False
for key in ('name', 'client_id', 'client_secret',
'frontchannel_logout_uri', 'post_logout_redirect_uris',
'redirect_uris'):
if getattr(oidc_client, key) != locals()[key]:
setattr(oidc_client, key, locals()[key])
modified = True
# FIXME: open_to_all
if modified:
oidc_client.save()
print 'MODIFIED'
else:
print 'unchanged'
else:
print 'CREATED'
if open_to_all:
access_role, created = Role.objects.get_or_create(
slug=slug,
ou=ou,
defaults={
'name': name,
})
if not created and access_role.name != name:
access_role.name = name
access_role.save()
service_slug[slug]['access_role'] = access_role
else:
Role.objects.filter(slug=slug, ou=ou).delete()
content_users = content.get('users', [])
assert isinstance(content_users, list)
for content_user in content_users:
for string_key in ('email', 'first_name', 'last_name', 'password', 'username'):
assert string_key in content_user, 'missing key ' + string_key
value = content_user[string_key]
assert isinstance(value, six.text_type), 'invalid type for key ' + string_key
assert value, 'missing value for key ' + string_key
locals()[string_key] = content_user[string_key]
assert password.startswith('{SSHA}')
uuid = content_user.get('uuid')
assert uuid is None or (isinstance(uuid, six.text_type) and uuid)
allowed_services = content_user.get('allowed_services', [])
assert isinstance(allowed_services, list)
defaults = {
'email': email,
'first_name': first_name,
'last_name': last_name,
'password': password,
}
if uuid is not None:
defaults['username'] = username
kwargs = {
'uuid': uuid,
'defaults': defaults,
}
else:
kwargs = {
'username': username,
'defaults': defaults,
}
user, created = User.objects.get_or_create(**kwargs)
if dry:
raise DryRun
do()