profile: disable identifier attribuate deactivation checkbox (#79137)
gitea/hobo/pipeline/head This commit looks good
Details
gitea/hobo/pipeline/head This commit looks good
Details
This commit is contained in:
parent
21948b656c
commit
1cc7e24506
|
@ -17,7 +17,7 @@
|
|||
from django import forms
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
from . import models
|
||||
from . import models, utils
|
||||
|
||||
|
||||
class EditFullNameTemplateForm(forms.Form):
|
||||
|
@ -54,6 +54,25 @@ class AttributeDefinitionCreateForm(forms.ModelForm):
|
|||
|
||||
|
||||
class AttributeDefinitionUpdateForm(AttributeDefinitionCreateForm):
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
authn_info = utils.get_authn_information_from_idp()
|
||||
if self.instance.name == 'email' and authn_info.get('accept_email_authentication', False):
|
||||
self.fields['disabled'].disabled = True
|
||||
self.fields['disabled'].help_text = _(
|
||||
'The email attribute is an identifier on the identity provider hence can\'t be deactivated.'
|
||||
)
|
||||
if authn_info.get('accept_phone_authentication', False) and self.instance.name == authn_info.get(
|
||||
'phone_identifier_field', ''
|
||||
):
|
||||
self.fields['disabled'].disabled = True
|
||||
self.fields['disabled'].help_text = (
|
||||
_(
|
||||
'The "%s" phone attribute is an identifier on the identity provider hence can\'t be deactivated.'
|
||||
)
|
||||
% self.instance.name
|
||||
)
|
||||
|
||||
class Meta(AttributeDefinitionCreateForm.Meta):
|
||||
model = models.AttributeDefinition
|
||||
exclude = ['name', 'kind']
|
||||
|
|
|
@ -164,6 +164,59 @@ def test_cached_authn_information_from_idp(settings, freezer):
|
|||
assert authn_info['accept_phone_authentication'] is False
|
||||
|
||||
|
||||
def test_identifier_attributes_deactivation_disabled(settings, freezer, logged_app):
|
||||
settings.KNOWN_SERVICES = {
|
||||
'authentic': {'idp': {'url': 'https://idp.example.com/', 'orig': 'example.com'}}
|
||||
}
|
||||
|
||||
with HTTMock(mocked_http):
|
||||
resp = logged_app.get('/profile/email/options', status=200)
|
||||
assert resp.form['disabled'].checked is False
|
||||
assert 'disabled' in resp.form['disabled'].attrs
|
||||
assert 'The email attribute is an identifier' in resp.form.text
|
||||
|
||||
resp = logged_app.get('/profile/phone/options', status=200)
|
||||
assert resp.form['disabled'].checked is False
|
||||
assert 'disabled' in resp.form['disabled'].attrs
|
||||
assert 'The "phone" phone attribute is an identifier' in resp.form.text
|
||||
|
||||
settings.KNOWN_SERVICES = {
|
||||
'authentic': {'idp': {'url': 'https://deactivated.example.com/', 'orig': 'example.com'}}
|
||||
}
|
||||
|
||||
# cached result
|
||||
with HTTMock(mocked_http):
|
||||
resp = logged_app.get('/profile/email/options', status=200)
|
||||
assert resp.form['disabled'].checked is False
|
||||
assert 'disabled' in resp.form['disabled'].attrs
|
||||
assert 'The email attribute is an identifier' in resp.form.text
|
||||
|
||||
resp = logged_app.get('/profile/phone/options', status=200)
|
||||
assert resp.form['disabled'].checked is False
|
||||
assert 'disabled' in resp.form['disabled'].attrs
|
||||
assert 'The "phone" phone attribute is an identifier' in resp.form.text
|
||||
|
||||
freezer.tick(11)
|
||||
|
||||
# stale cache
|
||||
with HTTMock(mocked_http):
|
||||
resp = logged_app.get('/profile/email/options', status=200)
|
||||
assert resp.form['disabled'].checked is False
|
||||
assert 'disabled' not in resp.form['disabled'].attrs
|
||||
assert 'The email attribute is an identifier' not in resp.form.text
|
||||
resp.form.set('disabled', True)
|
||||
resp.form.submit()
|
||||
assert AttributeDefinition.objects.get(name='email').disabled
|
||||
|
||||
resp = logged_app.get('/profile/phone/options', status=200)
|
||||
assert resp.form['disabled'].checked is False
|
||||
assert 'disabled' not in resp.form['disabled'].attrs
|
||||
assert 'The "phone" phone attribute is an identifier' not in resp.form.text
|
||||
resp.form.set('disabled', True)
|
||||
resp.form.submit()
|
||||
assert AttributeDefinition.objects.get(name='phone').disabled
|
||||
|
||||
|
||||
def test_reorder_view(logged_app):
|
||||
assert AttributeDefinition.objects.filter(name='first_name')[0].order == 2
|
||||
new_order = '3,2,1,4,5,6,7,8,9,10,11'
|
||||
|
|
Loading…
Reference in New Issue