nanterre: ajoute un ws de récupération de clé de fédération (fixes #23873)

tests/test_nanterre.py

@@ -67,7 +67,7 @@ def test_person_search_api(app, db, rsu):
     assert any(data['id'] == rsu[0].id for data in response.json['data'])
 
 
-def test_create_individu(transactional_db, app, rsu_schema):
+def test_create_individu(settings, transactional_db, app, rsu_schema):
 
     def get_reseau(identifier):
         reseau_url = reverse('rsu-api-reseau', kwargs={
@@ -789,6 +789,29 @@ def test_create_individu(transactional_db, app, rsu_schema):
         for i, r in enumerate(responses):
             assert r.json['err'] == 0
 
+    # test obtention de clés de fédération
+    def get_federation(uuid, **kwargs):
+        return app.get('/rsu/individu/%s/federation/technocarte/' % uuid, **kwargs).json
+    first = Entity.objects.get(id=first_id)
+    first.content['cles_de_federation']['authentic'] = 'abcd'
+    first.save()
+    enfant = Entity.objects.get(id=enfant_id)
+    enfant.content['cles_de_federation']['authentic'] = 'efgh'
+    enfant.save()
+
+    assert get_federation('abcd', status=403)['err'] == 1
+    assert get_federation('efgh', status=403)['err'] == 1
+    assert get_federation('abcd', params={'apikey': 'xyz'}, status=403)['err'] == 1
+
+    settings.ZOO_NANTERRE_APPLICATIONS['technocarte']['apikey'] = 'xyz'
+    assert get_federation('abcd', status=401)['err'] == 1
+    assert get_federation('efgh', status=401)['err'] == 1
+    assert get_federation('abcd', params={'apikey': 'xyz'})['cle_de_federation'] == '1234'
+    assert get_federation('efgh', params={'apikey': 'xyz'})['cle_de_federation'] == '5678'
+
+    settings.ZOO_NANTERRE_APPLICATIONS['technocarte']['apikey'] = ''
+    assert get_federation('abcd', params={'apikey': 'xyz'}, status=403)['err'] == 1
+
 
 @pytest.mark.django_db(True)
 def test_cles_de_federations(app, rsu_schema):

zoo/zoo_nanterre/api_views.py

@@ -1463,6 +1463,22 @@ class SuppressionIndividu(IndividuViewMixin, TransactionalView):
 suppression_individu = SuppressionIndividu.as_view()
 
 
+class Federation(IndividuViewMixin, APIView):
+    def get(self, request, identifier, application, format=None):
+        app_dfn = utils.get_application(application)
+        if not app_dfn:
+            raise Http404
+        apikey = app_dfn.get('apikey')
+        if not apikey:
+            return Response({'err': 1, 'errors': ['accès interdit']}, status=403)
+        if request.GET.get('apikey') != apikey:
+            return Response({'err': 1, 'errors': ['apikey invalide']}, status=401)
+        individu = self.get_individu(identifier)
+        return Response({'err': 0, 'cle_de_federation': individu.content['cles_de_federation'].get(application)})
+
+federation = Federation.as_view()
+
+
 class SagaTiers(APIView):
     def get(self, request, application, identifier, format=None):
         app_dfn = utils.get_application(application)

zoo/zoo_nanterre/urls.py

@@ -48,6 +48,8 @@ urlpatterns = [
         api_views.suppression_lien_de_responsabilite,
         name='rsu-api-suppression-lien-de-responsabilite'),
     url(r'^individu/$', api_views.create_individu, name='rsu-api-create-individu'),
+    url(r'^individu/(?P<identifier>[-\w]+)/federation/(?P<application>\w+)/$', api_views.federation,
+        name='rsu-api-federation'),
     url(r'^declaration-union/$', api_views.declaration_union,
         name='rsu-api-declaration-union'),
     url(r'^synchronisation/$', api_views.synchronization,