Skip to content

D
django-openid-auth
Commit bd470b7f by Stuart Metcalfe
Options

Prevented staff status from being changed if OPENID_LAUNCHPAD_STAFF_TEAMS is not… 

Prevented staff status from being changed if OPENID_LAUNCHPAD_STAFF_TEAMS is not defined.  Refactored tests to reduce repetition
parent b9f382b6
Showing with 25 additions and 23 deletions
django_openid_auth/auth.py
......@@ -222,6 +222,9 @@ class OpenIDBackend:
user.groups.add(group)
def update_staff_status_from_teams(self, user, teams_response):
if not hasattr(settings, 'OPENID_LAUNCHPAD_STAFF_TEAMS'):
return
staff_teams = getattr(settings, 'OPENID_LAUNCHPAD_STAFF_TEAMS', [])
user.is_staff = False
......
django_openid_auth/tests/test_views.py
......@@ -467,30 +467,25 @@ class RelyingPartyTests(TestCase):
self.assertEqual(group2 in user.groups.all(), False)
self.assertTrue(group3 not in user.groups.all())
def test_login_teams_staff_not_defined(self):
delattr(settings, 'OPENID_LAUNCHPAD_STAFF_TEAMS')
user = User.objects.create_user('testuser', 'someone@example.com')
user.is_staff = True
user.save()
self.assertTrue(user.is_staff)
user = self.get_openid_authed_user_with_teams(user, 'teamname,some-other-team')
# The user's staff status has been updated.
user = User.objects.get(username='testuser')
self.assertTrue(user.is_staff)
def test_login_teams_staff_assignment(self):
settings.OPENID_LAUNCHPAD_STAFF_TEAMS = ('teamname',)
user = User.objects.create_user('testuser', 'someone@example.com')
user.is_staff = False
user.save()
useropenid = UserOpenID(
user=user,
claimed_id='http://example.com/identity',
display_id='http://example.com/identity')
useropenid.save()
self.assertFalse(user.is_staff)
# Posting in an identity URL begins the authentication request:
response = self.client.post('/openid/login/',
{'openid_identifier': 'http://example.com/identity'})
# Complete the request
openid_request = self.provider.parseFormPost(response.content)
openid_response = openid_request.answer(True)
teams_request = teams.TeamsRequest.fromOpenIDRequest(openid_request)
teams_response = teams.TeamsResponse.extractResponse(
teams_request, 'teamname,some-other-team')
openid_response.addExtension(teams_response)
response = self.complete(openid_response)
user = self.get_openid_authed_user_with_teams(user, 'teamname,some-other-team')
# The user's staff status has been updated.
user = User.objects.get(username='testuser')
......@@ -501,12 +496,20 @@ class RelyingPartyTests(TestCase):
user = User.objects.create_user('testuser', 'someone@example.com')
user.is_staff = True
user.save()
self.assertTrue(user.is_staff)
user = self.get_openid_authed_user_with_teams(user, 'teamname,some-other-team')
# The user's staff status has been updated.
user = User.objects.get(username='testuser')
self.assertFalse(user.is_staff)
def get_openid_authed_user_with_teams(self, user, teams_str):
useropenid = UserOpenID(
user=user,
claimed_id='http://example.com/identity',
display_id='http://example.com/identity')
useropenid.save()
self.assertTrue(user.is_staff)
# Posting in an identity URL begins the authentication request:
response = self.client.post('/openid/login/',
......@@ -517,14 +520,10 @@ class RelyingPartyTests(TestCase):
openid_response = openid_request.answer(True)
teams_request = teams.TeamsRequest.fromOpenIDRequest(openid_request)
teams_response = teams.TeamsResponse.extractResponse(
teams_request, 'teamname,some-other-team')
teams_request, teams_str)
openid_response.addExtension(teams_response)
response = self.complete(openid_response)
# The user's staff status has been updated.
user = User.objects.get(username='testuser')
self.assertFalse(user.is_staff)
class HelperFunctionsTest(TestCase):
def test_sanitise_redirect_url(self):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment