434 lines
14 KiB
Python
434 lines
14 KiB
Python
# -*- coding: utf-8 -*-
|
|
import shutil
|
|
from quixote import cleanup
|
|
|
|
from wcs.ctl.hobo_notify import CmdHoboNotify
|
|
from wcs.roles import Role
|
|
from wcs.users import User
|
|
|
|
from utilities import create_temporary_pub
|
|
|
|
pub = None
|
|
|
|
|
|
def setup_module(module):
|
|
cleanup()
|
|
global pub
|
|
pub = create_temporary_pub()
|
|
pub.cfg['sp'] = {'saml2_providerid': 'test'}
|
|
pub.write_cfg()
|
|
|
|
|
|
def teardown_module(module):
|
|
shutil.rmtree(pub.APP_DIR)
|
|
|
|
|
|
def setup_function(function):
|
|
r = Role(name='Service étt civil')
|
|
r.slug = 'service-ett-civil'
|
|
r.store()
|
|
|
|
|
|
def teardown_function(function):
|
|
Role.wipe()
|
|
|
|
|
|
def test_process_notification_role_wrong_audience():
|
|
notification = {
|
|
'@type': u'provision',
|
|
'audience': [u'coin'],
|
|
'full': True,
|
|
'objects': {
|
|
'@type': 'role',
|
|
'data': [
|
|
{
|
|
'name': u'Service enfance',
|
|
'slug': u'service-enfance',
|
|
'description': u'Rôle du service petite enfance',
|
|
'uuid': u'12345',
|
|
'emails': [u'petite-enfance@example.com'],
|
|
'emails_to_members': False,
|
|
},
|
|
{
|
|
'@type': 'role',
|
|
'name': u'Service état civil',
|
|
'slug': u'service-etat-civil',
|
|
'description': u'Rôle du service état civil',
|
|
'uuid': u'xyz',
|
|
'emails': [u'etat-civil@example.com'],
|
|
'emails_to_members': True,
|
|
},
|
|
]
|
|
}
|
|
}
|
|
assert Role.count() == 1
|
|
assert Role.select()[0].name == 'Service étt civil'
|
|
assert Role.select()[0].slug == 'service-ett-civil'
|
|
assert Role.select()[0].details is None
|
|
assert Role.select()[0].emails is None
|
|
assert Role.select()[0].emails_to_members is False
|
|
CmdHoboNotify.process_notification(notification)
|
|
assert Role.count() == 1
|
|
assert Role.select()[0].name == 'Service étt civil'
|
|
assert Role.select()[0].slug == 'service-ett-civil'
|
|
assert Role.select()[0].details is None
|
|
assert Role.select()[0].emails is None
|
|
assert Role.select()[0].emails_to_members is False
|
|
|
|
|
|
def test_process_notification_role():
|
|
notification = {
|
|
'@type': u'provision',
|
|
'audience': [u'test'],
|
|
'full': True,
|
|
'objects': {
|
|
'@type': 'role',
|
|
'data': [
|
|
{
|
|
'name': u'Service enfance',
|
|
'slug': u'service-enfance',
|
|
'description': u'Rôle du service petite enfance',
|
|
'uuid': u'12345',
|
|
'emails': [u'petite-enfance@example.com'],
|
|
'emails_to_members': False,
|
|
},
|
|
{
|
|
'name': u'Service état civil',
|
|
'slug': u'service-ett-civil',
|
|
'description': u'Rôle du service état civil',
|
|
'uuid': u'xyz',
|
|
'emails': [u'etat-civil@example.com'],
|
|
'emails_to_members': True,
|
|
},
|
|
]
|
|
}
|
|
}
|
|
assert Role.count() == 1
|
|
assert Role.select()[0].name == 'Service étt civil'
|
|
assert Role.select()[0].slug == 'service-ett-civil'
|
|
assert Role.select()[0].details is None
|
|
assert Role.select()[0].emails is None
|
|
assert Role.select()[0].emails_to_members is False
|
|
existing_role_id = Role.select()[0].id
|
|
CmdHoboNotify.process_notification(notification)
|
|
assert Role.count() == 2
|
|
old_role = Role.get(existing_role_id)
|
|
assert old_role.name == 'Service état civil'
|
|
assert old_role.slug == 'xyz'
|
|
assert old_role.details == 'Rôle du service état civil'
|
|
assert old_role.emails == ['etat-civil@example.com']
|
|
assert old_role.emails_to_members is True
|
|
new_role = Role.get('12345')
|
|
assert new_role.name == 'Service enfance'
|
|
assert new_role.slug == '12345'
|
|
assert new_role.details == 'Rôle du service petite enfance'
|
|
assert new_role.emails == ['petite-enfance@example.com']
|
|
assert new_role.emails_to_members is False
|
|
notification = {
|
|
'@type': u'provision',
|
|
'audience': [u'test'],
|
|
'full': True,
|
|
'objects': {
|
|
'@type': 'role',
|
|
'data': [
|
|
{
|
|
'@type': 'role',
|
|
'name': u'Service enfance',
|
|
'slug': u'service-enfance',
|
|
'description': u'Rôle du service petite enfance',
|
|
'uuid': u'12345',
|
|
'emails': [u'petite-enfance@example.com'],
|
|
'emails_to_members': True,
|
|
},
|
|
]
|
|
}
|
|
}
|
|
CmdHoboNotify.process_notification(notification)
|
|
assert Role.count() == 1
|
|
assert Role.select()[0].id == new_role.id
|
|
assert Role.select()[0].name == 'Service enfance'
|
|
assert Role.select()[0].slug == '12345'
|
|
assert Role.select()[0].details == 'Rôle du service petite enfance'
|
|
assert Role.select()[0].emails == ['petite-enfance@example.com']
|
|
assert Role.select()[0].emails_to_members is True
|
|
|
|
def test_process_notification_role_deprovision():
|
|
notification = {
|
|
'@type': u'deprovision',
|
|
'audience': [u'test'],
|
|
'full': True,
|
|
'objects': {
|
|
'@type': 'role',
|
|
'data': [
|
|
{
|
|
'@type': 'role',
|
|
'name': u'Service état civil',
|
|
'slug': u'service-ett-civil',
|
|
'description': u'Rôle du service état civil',
|
|
'uuid': u'xyz',
|
|
'emails': [u'etat-civil@example.com'],
|
|
'emails_to_members': True,
|
|
},
|
|
]
|
|
}
|
|
}
|
|
assert Role.count() == 1
|
|
assert Role.select()[0].name == 'Service étt civil'
|
|
assert Role.select()[0].slug == 'service-ett-civil'
|
|
CmdHoboNotify.process_notification(notification)
|
|
assert Role.count() == 0
|
|
|
|
PROFILE = {
|
|
'fields': [
|
|
{
|
|
'kind': 'title',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': u'Civilité',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'title'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': True,
|
|
'user_visible': True,
|
|
'label': u'Prénom',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': True,
|
|
'name': 'first_name'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': True,
|
|
'user_visible': True,
|
|
'label': 'Nom',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': True,
|
|
'name': 'last_name'
|
|
},
|
|
{
|
|
'kind': 'email',
|
|
'description': '',
|
|
'required': True,
|
|
'user_visible': True,
|
|
'label': u'Adresse électronique',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'email'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': 'Addresse',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'address'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': 'Code postal',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'zipcode'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': 'Commune',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'city'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': u'Téléphone',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'phone'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': 'Mobile',
|
|
'disabled': False,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'mobile'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': 'Pays',
|
|
'disabled': True,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'country'
|
|
},
|
|
{
|
|
'kind': 'string',
|
|
'description': '',
|
|
'required': False,
|
|
'user_visible': True,
|
|
'label': 'Date de naissance',
|
|
'disabled': True,
|
|
'user_editable': True,
|
|
'asked_on_registration': False,
|
|
'name': 'birthdate'
|
|
}
|
|
]
|
|
}
|
|
|
|
def test_process_notification_user_provision():
|
|
# create some roles
|
|
from wcs.ctl.check_hobos import CmdCheckHobos
|
|
|
|
# setup an hobo profile
|
|
CmdCheckHobos().update_profile(PROFILE, pub)
|
|
|
|
notification = {
|
|
'@type': u'provision',
|
|
'audience': [u'test'],
|
|
'full': True,
|
|
'objects': {
|
|
'@type': 'role',
|
|
'data': [
|
|
{
|
|
'name': u'Service enfance',
|
|
'slug': u'service-enfance',
|
|
'description': u'Rôle du service petite enfance',
|
|
'uuid': u'12345',
|
|
'emails': [u'petite-enfance@example.com'],
|
|
'emails_to_members': False,
|
|
},
|
|
{
|
|
'name': u'Service état civil',
|
|
'slug': u'service-ett-civil',
|
|
'description': u'Rôle du service état civil',
|
|
'uuid': u'xyz',
|
|
'emails': [u'etat-civil@example.com'],
|
|
'emails_to_members': True,
|
|
},
|
|
]
|
|
}
|
|
}
|
|
assert Role.count() == 1
|
|
assert Role.select()[0].name == 'Service étt civil'
|
|
assert Role.select()[0].slug == 'service-ett-civil'
|
|
assert Role.select()[0].details is None
|
|
assert Role.select()[0].emails is None
|
|
assert Role.select()[0].emails_to_members is False
|
|
existing_role_id = Role.select()[0].id
|
|
CmdHoboNotify.process_notification(notification)
|
|
assert Role.count() == 2
|
|
old_role = Role.get(existing_role_id)
|
|
assert old_role.name == 'Service état civil'
|
|
assert old_role.slug == 'xyz'
|
|
assert old_role.details == 'Rôle du service état civil'
|
|
assert old_role.emails == ['etat-civil@example.com']
|
|
assert old_role.emails_to_members is True
|
|
new_role = Role.get('12345')
|
|
assert new_role.name == 'Service enfance'
|
|
assert new_role.slug == '12345'
|
|
assert new_role.details == 'Rôle du service petite enfance'
|
|
assert new_role.emails == ['petite-enfance@example.com']
|
|
assert new_role.emails_to_members is False
|
|
|
|
notification = {
|
|
u'@type': u'provision',
|
|
u'issuer': 'http://idp.example.net/idp/saml/metadata',
|
|
u'audience': [u'test'],
|
|
u'objects': {
|
|
u'@type': 'user',
|
|
u'data': [
|
|
{
|
|
u'uuid': u'a' * 32,
|
|
u'first_name': u'John',
|
|
u'last_name': u'Doe',
|
|
u'email': u'john.doe@example.net',
|
|
u'roles': [
|
|
{
|
|
u'uuid': u'12345',
|
|
u'name': u'Service petite enfance',
|
|
u'description': u'etc.',
|
|
},
|
|
{
|
|
u'uuid': u'xyz',
|
|
u'name': u'Service état civil',
|
|
u'description': u'etc.',
|
|
},
|
|
],
|
|
}
|
|
]
|
|
}
|
|
}
|
|
CmdHoboNotify.process_notification(notification)
|
|
assert User.count() == 1
|
|
user = User.select()[0]
|
|
assert user.form_data is not None
|
|
assert user.form_data['_email'] == 'john.doe@example.net'
|
|
assert user.email == 'john.doe@example.net'
|
|
assert user.form_data['_first_name'] == 'John'
|
|
assert user.form_data['_last_name'] == 'Doe'
|
|
assert user.name_identifiers == ['a'*32]
|
|
assert set(user.roles) == set(['12345', old_role.id])
|
|
|
|
notification = {
|
|
u'@type': u'provision',
|
|
u'issuer': 'http://idp.example.net/idp/saml/metadata',
|
|
u'audience': [u'test'],
|
|
u'objects': {
|
|
u'@type': 'user',
|
|
u'data': [
|
|
{
|
|
u'uuid': u'a' * 32,
|
|
u'first_name': u'John',
|
|
u'last_name': u'Doe',
|
|
u'email': u'john.doe@example.net',
|
|
u'roles': [
|
|
{
|
|
u'uuid': u'xyz',
|
|
u'name': u'Service état civil',
|
|
u'description': u'etc.',
|
|
},
|
|
],
|
|
}
|
|
]
|
|
}
|
|
}
|
|
CmdHoboNotify.process_notification(notification)
|
|
assert User.count() == 1
|
|
user = User.select()[0]
|
|
assert user.form_data is not None
|
|
assert user.form_data['_email'] == 'john.doe@example.net'
|
|
assert user.email == 'john.doe@example.net'
|
|
assert user.form_data['_first_name'] == 'John'
|
|
assert user.form_data['_last_name'] == 'Doe'
|
|
assert user.name_identifiers == ['a'*32]
|
|
assert set(user.roles) == set([old_role.id])
|