agent: redeploy roles when authentic get a new service to manage (#35345)

This commit is contained in:
Nicolas Roche 2019-08-09 15:23:19 +02:00
parent 0f0043ca53
commit a125818223
2 changed files with 12 additions and 2 deletions

View File

@ -22,6 +22,7 @@ from django.conf import settings
from tenant_schemas.utils import tenant_context
from hobo.agent.common.management.commands import hobo_deploy
from hobo.agent.authentic2.provisionning import Provisionning
User = get_user_model()
@ -239,6 +240,14 @@ class Command(hobo_deploy.Command):
sp_url = service['saml-sp-metadata-url']
self.stderr.write(self.style.WARNING('Error registering %s: %s\n' % (sp_url, last_error)))
if service_created:
# mass provision roles
engine = Provisionning()
roles = get_role_model().objects.all()
ous = {provider.ou.id: provider.ou}
engine.notify_roles(ous, roles, full=True)
def load_skeleton(self, provider, service_id, template_name,
create_ou=False):
if not getattr(settings, 'HOBO_SKELETONS_DIR', None):

View File

@ -56,9 +56,9 @@ def test_hobo_deploy(monkeypatch, tenant_base, mocker, skeleton_dir):
},
], roles_json)
# As a user is created, notify_agents is called, as celery is not running
# notify_agents is called on service creation, as celery is not running
# we just block it
mocker.patch('hobo.agent.authentic2.provisionning.notify_agents')
mock_notify = mocker.patch('hobo.agent.authentic2.provisionning.notify_agents')
requests_get = mocker.patch('requests.get')
meta1 = '''<?xml version="1.0"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
@ -315,6 +315,7 @@ def test_hobo_deploy(monkeypatch, tenant_base, mocker, skeleton_dir):
hobo_json.write(hobo_json_content)
hobo_json.flush()
call_command('hobo_deploy', 'http://sso.example.net', hobo_json.name)
assert mock_notify.call_count == len(env['services'])
from hobo.multitenant.middleware import TenantMiddleware
tenants = list(TenantMiddleware.get_tenants())