def test_update_user_teams_alias_by_saml_attr(self, orgs, users, galaxy_credential, kwargs, mock_settings): with mock.patch('django.conf.settings', mock_settings): u1 = users[0] # Test getting teams from attribute with team->org mapping kwargs['response']['attributes']['groups'] = ['Yellow'] # Ensure team and org will be created update_user_teams_by_saml_attr(None, None, u1, **kwargs) assert Team.objects.filter( name='Yellow', organization__name='Default4').count() == 0 assert Team.objects.filter( name='Yellow_Alias', organization__name='Default4').count() == 1 assert Team.objects.get( name='Yellow_Alias', organization__name='Default4').member_role.members.count() == 1 # only Org 4 got created/updated org = Organization.objects.get(name='Default4') assert org.galaxy_credentials.count() == 1 assert org.galaxy_credentials.first().name == 'Ansible Galaxy'
def test_galaxy_credential_auto_assign(self, users, kwargs, galaxy_credential, mock_settings): kwargs['response']['attributes']['memberOf'] = ['Default1', 'Default2', 'Default3'] kwargs['response']['attributes']['groups'] = ['Blue', 'Red', 'Green'] with mock.patch('django.conf.settings', mock_settings): for u in users: update_user_orgs_by_saml_attr(None, None, u, **kwargs) update_user_teams_by_saml_attr(None, None, u, **kwargs) assert Organization.objects.count() == 4 for o in Organization.objects.all(): assert o.galaxy_credentials.count() == 1 assert o.galaxy_credentials.first().name == 'Ansible Galaxy'
def test_autocreate_disabled(self, users, kwargs, mock_settings): kwargs['response']['attributes']['memberOf'] = [ 'Default1', 'Default2', 'Default3' ] kwargs['response']['attributes']['groups'] = ['Blue', 'Red', 'Green'] with mock.patch('django.conf.settings', mock_settings): for u in users: update_user_orgs_by_saml_attr(None, None, u, **kwargs) update_user_teams_by_saml_attr(None, None, u, **kwargs) assert Organization.objects.count() == 0 assert Team.objects.count() == 0 # precreate everything o1 = Organization.objects.create(name='Default1') o2 = Organization.objects.create(name='Default2') o3 = Organization.objects.create(name='Default3') Team.objects.create(name='Blue', organization_id=o1.id) Team.objects.create(name='Blue', organization_id=o2.id) Team.objects.create(name='Blue', organization_id=o3.id) Team.objects.create(name='Red', organization_id=o1.id) Team.objects.create(name='Green', organization_id=o1.id) Team.objects.create(name='Green', organization_id=o3.id) for u in users: update_user_orgs_by_saml_attr(None, None, u, **kwargs) update_user_teams_by_saml_attr(None, None, u, **kwargs) assert o1.member_role.members.count() == 3 assert o2.member_role.members.count() == 3 assert o3.member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default2').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default3').member_role.members.count() == 3 assert Team.objects.get( name='Red', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default3').member_role.members.count() == 3
def test_galaxy_credential_no_auto_assign(self, users, kwargs, galaxy_credential, mock_settings): # A Galaxy credential should not be added to an existing org o = Organization.objects.create(name='Default1') o = Organization.objects.create(name='Default2') o = Organization.objects.create(name='Default3') o = Organization.objects.create(name='Default4') kwargs['response']['attributes']['memberOf'] = ['Default1'] kwargs['response']['attributes']['groups'] = ['Blue'] with mock.patch('django.conf.settings', mock_settings): for u in users: update_user_orgs_by_saml_attr(None, None, u, **kwargs) update_user_teams_by_saml_attr(None, None, u, **kwargs) assert Organization.objects.count() == 4 for o in Organization.objects.all(): assert o.galaxy_credentials.count() == 0
def test_update_user_teams_by_saml_attr(self, orgs, users, kwargs, mock_settings): with mock.patch('django.conf.settings', mock_settings): o1, o2, o3 = orgs u1, u2, u3 = users # Test getting teams from attribute with team->org mapping kwargs['response']['attributes']['groups'] = [ 'Blue', 'Red', 'Green' ] # Ensure basic functionality update_user_teams_by_saml_attr(None, None, u1, **kwargs) update_user_teams_by_saml_attr(None, None, u2, **kwargs) update_user_teams_by_saml_attr(None, None, u3, **kwargs) assert Team.objects.get( name='Blue', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default2').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default3').member_role.members.count() == 3 assert Team.objects.get( name='Red', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default3').member_role.members.count() == 3 # Test remove logic kwargs['response']['attributes']['groups'] = ['Green'] update_user_teams_by_saml_attr(None, None, u1, **kwargs) update_user_teams_by_saml_attr(None, None, u2, **kwargs) update_user_teams_by_saml_attr(None, None, u3, **kwargs) assert Team.objects.get( name='Blue', organization__name='Default1').member_role.members.count() == 0 assert Team.objects.get( name='Blue', organization__name='Default2').member_role.members.count() == 0 assert Team.objects.get( name='Blue', organization__name='Default3').member_role.members.count() == 0 assert Team.objects.get( name='Red', organization__name='Default1').member_role.members.count() == 0 assert Team.objects.get( name='Green', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default3').member_role.members.count() == 3 # Test remove logic disabled mock_settings.SOCIAL_AUTH_SAML_TEAM_ATTR['remove'] = False kwargs['response']['attributes']['groups'] = ['Blue'] update_user_teams_by_saml_attr(None, None, u1, **kwargs) update_user_teams_by_saml_attr(None, None, u2, **kwargs) update_user_teams_by_saml_attr(None, None, u3, **kwargs) assert Team.objects.get( name='Blue', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default2').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default3').member_role.members.count() == 3 assert Team.objects.get( name='Red', organization__name='Default1').member_role.members.count() == 0 assert Team.objects.get( name='Green', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default3').member_role.members.count() == 3
def test_update_user_teams_by_saml_attr(self, orgs, users, galaxy_credential, kwargs, mock_settings): with mock.patch('django.conf.settings', mock_settings): o1, o2, o3 = orgs u1, u2, u3 = users # Test getting teams from attribute with team->org mapping kwargs['response']['attributes']['groups'] = [ 'Blue', 'Red', 'Green' ] # Ensure basic functionality update_user_teams_by_saml_attr(None, None, u1, **kwargs) update_user_teams_by_saml_attr(None, None, u2, **kwargs) update_user_teams_by_saml_attr(None, None, u3, **kwargs) assert Team.objects.get( name='Blue', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default2').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default3').member_role.members.count() == 3 assert Team.objects.get( name='Red', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default3').member_role.members.count() == 3 # Test remove logic kwargs['response']['attributes']['groups'] = ['Green'] update_user_teams_by_saml_attr(None, None, u1, **kwargs) update_user_teams_by_saml_attr(None, None, u2, **kwargs) update_user_teams_by_saml_attr(None, None, u3, **kwargs) assert Team.objects.get( name='Blue', organization__name='Default1').member_role.members.count() == 0 assert Team.objects.get( name='Blue', organization__name='Default2').member_role.members.count() == 0 assert Team.objects.get( name='Blue', organization__name='Default3').member_role.members.count() == 0 assert Team.objects.get( name='Red', organization__name='Default1').member_role.members.count() == 0 assert Team.objects.get( name='Green', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default3').member_role.members.count() == 3 # Test remove logic disabled mock_settings.SOCIAL_AUTH_SAML_TEAM_ATTR['remove'] = False kwargs['response']['attributes']['groups'] = ['Blue'] update_user_teams_by_saml_attr(None, None, u1, **kwargs) update_user_teams_by_saml_attr(None, None, u2, **kwargs) update_user_teams_by_saml_attr(None, None, u3, **kwargs) assert Team.objects.get( name='Blue', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default2').member_role.members.count() == 3 assert Team.objects.get( name='Blue', organization__name='Default3').member_role.members.count() == 3 assert Team.objects.get( name='Red', organization__name='Default1').member_role.members.count() == 0 assert Team.objects.get( name='Green', organization__name='Default1').member_role.members.count() == 3 assert Team.objects.get( name='Green', organization__name='Default3').member_role.members.count() == 3 for o in Organization.objects.all(): if o.id in [o1.id, o2.id, o3.id]: # o[123] were created without a default galaxy cred assert o.galaxy_credentials.count() == 0 else: # anything else created should have a default galaxy cred assert o.galaxy_credentials.count() == 1 assert o.galaxy_credentials.first().name == 'Ansible Galaxy'