def test_remove_g_suite_user_from_g_suite_group_g_suite_dict_httperror( self, mocked_g_suite_client, mocked_logger ): group_name = list(settings.OW4_GSUITE_SYNC.get("GROUPS").keys())[0] email = "*****@*****.**" http_error = create_http_error(400, "Error", "Error") mocked_g_suite_client.return_value.members.return_value.delete.return_value.execute.side_effect = ( http_error ) ow4_gsuite_sync = self.ow4_gsuite_sync ow4_gsuite_sync["ENABLED"] = True ow4_gsuite_sync["ENABLE_DELETE"] = True with override_settings(OW4_GSUITE_SYNC=ow4_gsuite_sync): self.assertRaises( HttpError, lambda: remove_g_suite_user_from_group( self.domain, group_name, email, suppress_http_errors=False ), ) mocked_logger.assert_called_with( f'HttpError when deleting user "{email}" from G Suite group: {http_error}', extra={"suppress_http_error": False}, )
def remove_excess_g_suite_users(domain, group_name, g_suite_excess_users, suppress_http_errors=False): """ Removes excess users from a G Suite group. :param domain: The domain in which to remove a user from a group. :type domain: str :param group_name: The name of the group to remove the users from. :type group_name: str :param g_suite_excess_users: A list of the excess users to be removed from said group. :type g_suite_excess_users: list """ logger.info("Cleaning G Suite group '{group}'.".format(group=group_name), extra={ 'group': group_name, 'excess_users': g_suite_excess_users }) for excess_user in g_suite_excess_users: resp = remove_g_suite_user_from_group( domain, group_name, excess_user, suppress_http_errors=suppress_http_errors) logger.debug('Response from cleaning {group_name}: {resp}'.format( group_name=group_name, resp=resp))
def remove_excess_g_suite_users( domain: str, group_name: str, g_suite_excess_users: List[Dict[str, str]], suppress_http_errors: bool = False, ): """ Removes excess users from a G Suite group. :param domain: The domain in which to remove a user from a group. :param group_name: The name of the group to remove the users from. :param g_suite_excess_users: A list of the excess users to be removed from said group. :param suppress_http_errors: Whether or not to suppress HttpErrors happening during execution. """ logger.info( "Cleaning G Suite group '{group}'.".format(group=group_name), extra={ "group": group_name, "excess_users": g_suite_excess_users }, ) for excess_user in g_suite_excess_users: resp = remove_g_suite_user_from_group( domain, group_name, excess_user, suppress_http_errors=suppress_http_errors) logger.debug(f"Response from cleaning {group_name}: {resp}")
def test_remove_leader(self, mocked_logger): group_name = list(settings.OW4_GSUITE_SYNC.get("GROUPS").keys())[0] email = "leder@{domain}".format(domain=self.domain) ow4_gsuite_sync = self.ow4_gsuite_sync ow4_gsuite_sync["ENABLE_DELETE"] = False with override_settings(OW4_GSUITE_SYNC=ow4_gsuite_sync): resp = remove_g_suite_user_from_group(self.domain, group_name, email) self.assertIsNone(resp) mocked_logger.assert_called_with( f'Skipping removing user "{email}" since (s)he should be on all lists.' )
def test_remove_when_remove_disabled(self, mocked_logger): group_name = list(settings.OW4_GSUITE_SYNC.get("GROUPS").keys())[0] email = "*****@*****.**" ow4_gsuite_sync = self.ow4_gsuite_sync ow4_gsuite_sync["ENABLE_DELETE"] = False with override_settings(OW4_GSUITE_SYNC=ow4_gsuite_sync): resp = remove_g_suite_user_from_group(self.domain, group_name, email) self.assertIsNone(resp) mocked_logger.assert_called_with( f'Skipping removing user "{email}" since ENABLE_DELETE is False.' )
def cleanup_groups_for_user(domain, user, suppress_http_errors=False): """ Finds excess groups for a OW4 user, and removes the user from said groups. :param domain: The domain in which to find a users excess group memberships. :type domain: str :param user: The user to remove excess group memberships for. :type user: apps.authentication.models.OnlineUser :param suppress_http_errors: Whether or not to suppress HttpErrors happening during execution. :type suppress_http_errors: bool """ excess_groups = get_excess_groups_for_user(domain, user) if excess_groups: logger.debug( 'Removing "{user}" from some G Suite groups.'.format(user=user), extra={ 'user': user, 'excess_groups': excess_groups }) for group in excess_groups: remove_g_suite_user_from_group( domain, group, user.online_mail, suppress_http_errors=suppress_http_errors)
def cleanup_groups_for_user(domain: str, user: User, suppress_http_errors: bool = False): """ Finds excess groups for a OW4 user, and removes the user from said groups. :param domain: The domain in which to find a users excess group memberships. :param user: The user to remove excess group memberships for. :param suppress_http_errors: Whether or not to suppress HttpErrors happening during execution. """ excess_groups = get_excess_groups_for_user(domain, user) if excess_groups: logger.debug( f'Removing "{user}" from some G Suite groups.', extra={ "user": user, "excess_groups": excess_groups }, ) for group in excess_groups: remove_g_suite_user_from_group( domain, group, user.online_mail, suppress_http_errors=suppress_http_errors)
def test_remove_g_suite_user_from_g_suite_group_g_suite_dict( self, mocked_g_suite_client, mocked_logger): group_name = list(settings.OW4_GSUITE_SYNC.get('GROUPS').keys())[0] email = {'email': '*****@*****.**'} mocked_g_suite_client.return_value.members.return_value.delete.return_value.execute.return_value = \ None ow4_gsuite_sync = self.ow4_gsuite_sync ow4_gsuite_sync['ENABLE_DELETE'] = True with override_settings(OW4_GSUITE_SYNC=ow4_gsuite_sync): resp = remove_g_suite_user_from_group(self.domain, group_name, email) self.assertIsNone(resp) mocked_logger.assert_called_with( 'Removal of user response: {resp}'.format(resp=resp))
def test_remove_g_suite_user_from_g_suite_group_g_suite_dict( self, mocked_g_suite_client, mocked_logger ): group_name = list(settings.OW4_GSUITE_SYNC.get("GROUPS").keys())[0] email = {"email": "*****@*****.**"} mocked_g_suite_client.return_value.members.return_value.delete.return_value.execute.return_value = ( None ) ow4_gsuite_sync = self.ow4_gsuite_sync ow4_gsuite_sync["ENABLE_DELETE"] = True with override_settings(OW4_GSUITE_SYNC=ow4_gsuite_sync): resp = remove_g_suite_user_from_group(self.domain, group_name, email) self.assertIsNone(resp) mocked_logger.assert_called_with(f"Removal of user response: {resp}")
def test_remove_g_suite_user_from_g_suite_group_g_suite_dict_httperror( self, mocked_g_suite_client, mocked_logger): group_name = list(settings.OW4_GSUITE_SYNC.get('GROUPS').keys())[0] email = '*****@*****.**' http_error = create_http_error(400, "Error", "Error") mocked_g_suite_client.return_value.members.return_value.delete.return_value.execute.side_effect = \ http_error ow4_gsuite_sync = self.ow4_gsuite_sync ow4_gsuite_sync['ENABLED'] = True ow4_gsuite_sync['ENABLE_DELETE'] = True with override_settings(OW4_GSUITE_SYNC=ow4_gsuite_sync): self.assertRaises( HttpError, lambda: remove_g_suite_user_from_group( self.domain, group_name, email, suppress_http_errors=False) ) mocked_logger.assert_called_with( 'HttpError when deleting user "{user}" from G Suite group: {err}'. format(err=http_error, user=email), extra={'suppress_http_error': False})