def test_update_user_teams_alias_by_saml_attr(self, orgs, users,
galaxy_credential, kwargs,
mock_settings):
with mock.patch('django.conf.settings', mock_settings):
u1 = users[0]
# Test getting teams from attribute with team->org mapping
kwargs['response']['attributes']['groups'] = ['Yellow']
# Ensure team and org will be created
update_user_teams_by_saml_attr(None, None, u1, **kwargs)
assert Team.objects.filter(
name='Yellow', organization__name='Default4').count() == 0
assert Team.objects.filter(
name='Yellow_Alias',
organization__name='Default4').count() == 1
assert Team.objects.get(
name='Yellow_Alias',
organization__name='Default4').member_role.members.count() == 1
# only Org 4 got created/updated
org = Organization.objects.get(name='Default4')
assert org.galaxy_credentials.count() == 1
assert org.galaxy_credentials.first().name == 'Ansible Galaxy'
def test_galaxy_credential_auto_assign(self, users, kwargs, galaxy_credential, mock_settings):
kwargs['response']['attributes']['memberOf'] = ['Default1', 'Default2', 'Default3']
kwargs['response']['attributes']['groups'] = ['Blue', 'Red', 'Green']
with mock.patch('django.conf.settings', mock_settings):
for u in users:
update_user_orgs_by_saml_attr(None, None, u, **kwargs)
update_user_teams_by_saml_attr(None, None, u, **kwargs)
assert Organization.objects.count() == 4
for o in Organization.objects.all():
assert o.galaxy_credentials.count() == 1
assert o.galaxy_credentials.first().name == 'Ansible Galaxy'
def test_autocreate_disabled(self, users, kwargs, mock_settings):
kwargs['response']['attributes']['memberOf'] = [
'Default1', 'Default2', 'Default3'
]
kwargs['response']['attributes']['groups'] = ['Blue', 'Red', 'Green']
with mock.patch('django.conf.settings', mock_settings):
for u in users:
update_user_orgs_by_saml_attr(None, None, u, **kwargs)
update_user_teams_by_saml_attr(None, None, u, **kwargs)
assert Organization.objects.count() == 0
assert Team.objects.count() == 0
# precreate everything
o1 = Organization.objects.create(name='Default1')
o2 = Organization.objects.create(name='Default2')
o3 = Organization.objects.create(name='Default3')
Team.objects.create(name='Blue', organization_id=o1.id)
Team.objects.create(name='Blue', organization_id=o2.id)
Team.objects.create(name='Blue', organization_id=o3.id)
Team.objects.create(name='Red', organization_id=o1.id)
Team.objects.create(name='Green', organization_id=o1.id)
Team.objects.create(name='Green', organization_id=o3.id)
for u in users:
update_user_orgs_by_saml_attr(None, None, u, **kwargs)
update_user_teams_by_saml_attr(None, None, u, **kwargs)
assert o1.member_role.members.count() == 3
assert o2.member_role.members.count() == 3
assert o3.member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default2').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default3').member_role.members.count() == 3
assert Team.objects.get(
name='Red',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default3').member_role.members.count() == 3
def test_galaxy_credential_no_auto_assign(self, users, kwargs,
galaxy_credential,
mock_settings):
# A Galaxy credential should not be added to an existing org
o = Organization.objects.create(name='Default1')
o = Organization.objects.create(name='Default2')
o = Organization.objects.create(name='Default3')
o = Organization.objects.create(name='Default4')
kwargs['response']['attributes']['memberOf'] = ['Default1']
kwargs['response']['attributes']['groups'] = ['Blue']
with mock.patch('django.conf.settings', mock_settings):
for u in users:
update_user_orgs_by_saml_attr(None, None, u, **kwargs)
update_user_teams_by_saml_attr(None, None, u, **kwargs)
assert Organization.objects.count() == 4
for o in Organization.objects.all():
assert o.galaxy_credentials.count() == 0
def test_update_user_teams_by_saml_attr(self, orgs, users, kwargs,
mock_settings):
with mock.patch('django.conf.settings', mock_settings):
o1, o2, o3 = orgs
u1, u2, u3 = users
# Test getting teams from attribute with team->org mapping
kwargs['response']['attributes']['groups'] = [
'Blue', 'Red', 'Green'
]
# Ensure basic functionality
update_user_teams_by_saml_attr(None, None, u1, **kwargs)
update_user_teams_by_saml_attr(None, None, u2, **kwargs)
update_user_teams_by_saml_attr(None, None, u3, **kwargs)
assert Team.objects.get(
name='Blue',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default2').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default3').member_role.members.count() == 3
assert Team.objects.get(
name='Red',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default3').member_role.members.count() == 3
# Test remove logic
kwargs['response']['attributes']['groups'] = ['Green']
update_user_teams_by_saml_attr(None, None, u1, **kwargs)
update_user_teams_by_saml_attr(None, None, u2, **kwargs)
update_user_teams_by_saml_attr(None, None, u3, **kwargs)
assert Team.objects.get(
name='Blue',
organization__name='Default1').member_role.members.count() == 0
assert Team.objects.get(
name='Blue',
organization__name='Default2').member_role.members.count() == 0
assert Team.objects.get(
name='Blue',
organization__name='Default3').member_role.members.count() == 0
assert Team.objects.get(
name='Red',
organization__name='Default1').member_role.members.count() == 0
assert Team.objects.get(
name='Green',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default3').member_role.members.count() == 3
# Test remove logic disabled
mock_settings.SOCIAL_AUTH_SAML_TEAM_ATTR['remove'] = False
kwargs['response']['attributes']['groups'] = ['Blue']
update_user_teams_by_saml_attr(None, None, u1, **kwargs)
update_user_teams_by_saml_attr(None, None, u2, **kwargs)
update_user_teams_by_saml_attr(None, None, u3, **kwargs)
assert Team.objects.get(
name='Blue',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default2').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default3').member_role.members.count() == 3
assert Team.objects.get(
name='Red',
organization__name='Default1').member_role.members.count() == 0
assert Team.objects.get(
name='Green',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default3').member_role.members.count() == 3
def test_update_user_teams_by_saml_attr(self, orgs, users,
galaxy_credential, kwargs,
mock_settings):
with mock.patch('django.conf.settings', mock_settings):
o1, o2, o3 = orgs
u1, u2, u3 = users
# Test getting teams from attribute with team->org mapping
kwargs['response']['attributes']['groups'] = [
'Blue', 'Red', 'Green'
]
# Ensure basic functionality
update_user_teams_by_saml_attr(None, None, u1, **kwargs)
update_user_teams_by_saml_attr(None, None, u2, **kwargs)
update_user_teams_by_saml_attr(None, None, u3, **kwargs)
assert Team.objects.get(
name='Blue',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default2').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default3').member_role.members.count() == 3
assert Team.objects.get(
name='Red',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default3').member_role.members.count() == 3
# Test remove logic
kwargs['response']['attributes']['groups'] = ['Green']
update_user_teams_by_saml_attr(None, None, u1, **kwargs)
update_user_teams_by_saml_attr(None, None, u2, **kwargs)
update_user_teams_by_saml_attr(None, None, u3, **kwargs)
assert Team.objects.get(
name='Blue',
organization__name='Default1').member_role.members.count() == 0
assert Team.objects.get(
name='Blue',
organization__name='Default2').member_role.members.count() == 0
assert Team.objects.get(
name='Blue',
organization__name='Default3').member_role.members.count() == 0
assert Team.objects.get(
name='Red',
organization__name='Default1').member_role.members.count() == 0
assert Team.objects.get(
name='Green',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default3').member_role.members.count() == 3
# Test remove logic disabled
mock_settings.SOCIAL_AUTH_SAML_TEAM_ATTR['remove'] = False
kwargs['response']['attributes']['groups'] = ['Blue']
update_user_teams_by_saml_attr(None, None, u1, **kwargs)
update_user_teams_by_saml_attr(None, None, u2, **kwargs)
update_user_teams_by_saml_attr(None, None, u3, **kwargs)
assert Team.objects.get(
name='Blue',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default2').member_role.members.count() == 3
assert Team.objects.get(
name='Blue',
organization__name='Default3').member_role.members.count() == 3
assert Team.objects.get(
name='Red',
organization__name='Default1').member_role.members.count() == 0
assert Team.objects.get(
name='Green',
organization__name='Default1').member_role.members.count() == 3
assert Team.objects.get(
name='Green',
organization__name='Default3').member_role.members.count() == 3
for o in Organization.objects.all():
if o.id in [o1.id, o2.id, o3.id]:
# o[123] were created without a default galaxy cred
assert o.galaxy_credentials.count() == 0
else:
# anything else created should have a default galaxy cred
assert o.galaxy_credentials.count() == 1
assert o.galaxy_credentials.first().name == 'Ansible Galaxy'
