hobo_notify: reset user.roles before adding roles from the notification (#8444)
This commit is contained in:
parent
02b6add5cb
commit
5d1bd13115
|
@ -397,3 +397,37 @@ def test_process_notification_user_provision():
|
|||
assert user.form_data['_last_name'] == 'Doe'
|
||||
assert user.name_identifiers == ['a'*32]
|
||||
assert set(user.roles) == set(['12345', old_role.id])
|
||||
|
||||
notification = {
|
||||
u'@type': u'provision',
|
||||
u'issuer': 'http://idp.example.net/idp/saml/metadata',
|
||||
u'audience': [u'test'],
|
||||
u'objects': {
|
||||
u'@type': 'user',
|
||||
u'data': [
|
||||
{
|
||||
u'uuid': u'a' * 32,
|
||||
u'first_name': u'John',
|
||||
u'last_name': u'Doe',
|
||||
u'email': u'john.doe@example.net',
|
||||
u'roles': [
|
||||
{
|
||||
u'uuid': u'xyz',
|
||||
u'name': u'Service état civil',
|
||||
u'description': u'etc.',
|
||||
},
|
||||
],
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
CmdHoboNotify.process_notification(notification)
|
||||
assert User.count() == 1
|
||||
user = User.select()[0]
|
||||
assert user.form_data is not None
|
||||
assert user.form_data['_email'] == 'john.doe@example.net'
|
||||
assert user.email == 'john.doe@example.net'
|
||||
assert user.form_data['_first_name'] == 'John'
|
||||
assert user.form_data['_last_name'] == 'Doe'
|
||||
assert user.name_identifiers == ['a'*32]
|
||||
assert set(user.roles) == set([old_role.id])
|
||||
|
|
|
@ -177,6 +177,8 @@ class CmdHoboNotify(Command):
|
|||
user.form_data['_last_name'] = o['last_name']
|
||||
user.name_identifiers = [uuid]
|
||||
role_uuids = [role['uuid'] for role in o['roles']]
|
||||
# reset roles
|
||||
user.roles = []
|
||||
for role_uuid in role_uuids:
|
||||
try:
|
||||
role = Role.get(role_uuid)
|
||||
|
|
Loading…
Reference in New Issue