authentic2: remove remaining dependencies to RoleAttribute (#71836)
This commit is contained in:
parent
f939e727f0
commit
93fc9d9960
|
@ -317,7 +317,7 @@ class Provisionning(threading.local):
|
|||
)
|
||||
|
||||
roles = {role for role in roles if not is_forbidden_technical_role(role)}
|
||||
if mode == 'provision':
|
||||
if mode == 'provision' and not hasattr(RoleAttribute, 'dummy'):
|
||||
self.complete_roles(roles)
|
||||
|
||||
if not roles:
|
||||
|
|
|
@ -12,23 +12,6 @@
|
|||
],
|
||||
"roles": [
|
||||
{
|
||||
"attributes": [
|
||||
{
|
||||
"kind": "json",
|
||||
"name": "details",
|
||||
"value": "\"\""
|
||||
},
|
||||
{
|
||||
"kind": "json",
|
||||
"name": "emails",
|
||||
"value": "[]"
|
||||
},
|
||||
{
|
||||
"kind": "json",
|
||||
"name": "emails_to_members",
|
||||
"value": "false"
|
||||
}
|
||||
],
|
||||
"description": "",
|
||||
"external_id": "",
|
||||
"name": "Debug eo",
|
||||
|
|
|
@ -475,10 +475,7 @@ def test_hobo_deploy(monkeypatch, tenant_base, mocker, skeleton_dir, tmp_path):
|
|||
assert service_provider.users_can_manage_federations is False
|
||||
assert Role.objects.filter(slug='_a2-hobo-superuser', service=provider).count() == 1
|
||||
su_role = Role.objects.get(slug='_a2-hobo-superuser', service=provider)
|
||||
assert su_role.attributes.count() == 1
|
||||
assert (
|
||||
su_role.attributes.filter(name='is_superuser', kind='string', value='true').count() == 1
|
||||
)
|
||||
assert su_role.is_superuser is True
|
||||
if i == 0 or service_id != 'wcs':
|
||||
assert provider.ou == get_default_ou()
|
||||
else:
|
||||
|
|
|
@ -5,7 +5,7 @@ from unittest.mock import ANY, call, patch
|
|||
import lasso
|
||||
import pytest
|
||||
import requests
|
||||
from authentic2.a2_rbac.models import OrganizationalUnit, Role, RoleAttribute
|
||||
from authentic2.a2_rbac.models import OrganizationalUnit, Role
|
||||
from authentic2.a2_rbac.utils import get_default_ou
|
||||
from authentic2.models import Attribute, AttributeValue
|
||||
from authentic2.saml.models import LibertyProvider
|
||||
|
@ -66,10 +66,9 @@ def test_provision_role(transactional_db, tenant, caplog):
|
|||
notify_agents.reset_mock()
|
||||
emails = ['john.doe@example.com', 'toto@entrouvert.com']
|
||||
with provisionning:
|
||||
RoleAttribute.objects.create(role=role, name='emails', kind='json', value=json.dumps(emails))
|
||||
RoleAttribute.objects.create(
|
||||
role=role, name='emails_to_members', kind='json', value=json.dumps(True)
|
||||
)
|
||||
role.emails = emails
|
||||
role.emails_to_members = True
|
||||
role.save()
|
||||
|
||||
assert notify_agents.call_count == 1
|
||||
arg = notify_agents.call_args
|
||||
|
@ -134,10 +133,10 @@ def test_provision_user(transactional_db, tenant, caplog):
|
|||
entity_id='http://provider.com',
|
||||
protocol_conformance=lasso.PROTOCOL_SAML_2_0,
|
||||
)
|
||||
role = Role.objects.create(name='coin', service=service, ou=get_default_ou())
|
||||
role.attributes.create(kind='string', name='is_superuser', value='true')
|
||||
role2 = Role.objects.create(name='zob', service=service, ou=get_default_ou())
|
||||
role2.attributes.create(kind='json', name='emails', value='["zob@example.net"]')
|
||||
role = Role.objects.create(name='coin', service=service, ou=get_default_ou(), is_superuser=True)
|
||||
role2 = Role.objects.create(
|
||||
name='zob', service=service, ou=get_default_ou(), emails=['zob@example.net']
|
||||
)
|
||||
child_role = Role.objects.create(name='child', ou=get_default_ou())
|
||||
notify_agents.reset_mock()
|
||||
attribute = Attribute.objects.create(label='Code postal', name='code_postal', kind='string')
|
||||
|
|
Loading…
Reference in New Issue