def test_get_real_social_auth_no_social(self): """ Test that if a UserSocialAuth object hasn't been attached to the pipeline as `social`, we return none """ request = mock.MagicMock(session={'running_pipeline': {'kwargs': {}}}) real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, None)
def test_get_real_social_auth_no_pipeline(self): """ Test that if there's no running pipeline, we return None when looking for a database-backed UserSocialAuth object. """ request = mock.MagicMock(session={}) real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, None)
def test_get_real_social_auth(self): """ Test that trying to get a database-backed UserSocialAuth from an existing instance returns correctly. """ request = mock.MagicMock() pipeline_partial = {'kwargs': {'social': self.social_auth}} with mock.patch('third_party_auth.pipeline.get') as get_pipeline: get_pipeline.return_value = pipeline_partial real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def test_get_real_social_auth_from_dict(self): """ Test that we can use a dictionary with a UID entry to retrieve a database-backed UserSocialAuth object. """ request = mock.MagicMock() pipeline_partial = {'kwargs': {'social': {'uid': 'fake uid'}}} with mock.patch('third_party_auth.pipeline.get') as get_pipeline: get_pipeline.return_value = pipeline_partial real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def test_get_real_social_auth(self): """ Test that trying to get a database-backed UserSocialAuth from an existing instance returns correctly. """ request = mock.MagicMock(session={ 'partial_pipeline': { 'kwargs': { 'social': self.social_auth } } }) real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def test_get_real_social_auth_no_social(self): """ Test that if a UserSocialAuth object hasn't been attached to the pipeline as `social`, we return none """ request = mock.MagicMock( session={ 'running_pipeline': { 'kwargs': {} } } ) real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, None)
def post_account_consent(self, request, consent_provided): """ Interpret the account-wide form above, and save it to a UserDataSharingConsentAudit object for later retrieval. """ self.lift_quarantine(request) # Load the linked EnterpriseCustomer for this request. customer = get_enterprise_customer_for_request(request) if customer is None: # If we can't get an EnterpriseCustomer from the pipeline, then we don't really # have enough state to do anything meaningful. Just send the user to the login # screen; if they want to sign in with an Enterprise-linked SSO, they can do # so, and the pipeline will get them back here if they need to be. return redirect('signin_user') # Attempt to retrieve a user being manipulated by the third-party auth # pipeline. Return a 404 if no such user exists. social_auth = get_real_social_auth_object(request) user = getattr(social_auth, 'user', None) if user is None: raise Http404 if not consent_provided and active_provider_enforces_data_sharing( request, EnterpriseCustomer.AT_LOGIN): # Flush the session to avoid the possibility of accidental login and to abort the pipeline. # pipeline is flushed only if data sharing is enforced, in other cases let the user to login. request.session.flush() failure_url = request.POST.get('failure_url') or reverse( 'dashboard') return redirect(failure_url) ec_user, __ = EnterpriseCustomerUser.objects.get_or_create( user_id=user.id, enterprise_customer=customer, ) UserDataSharingConsentAudit.objects.update_or_create( user=ec_user, defaults={ 'state': (UserDataSharingConsentAudit.ENABLED if consent_provided else UserDataSharingConsentAudit.DISABLED) }) # Resume auth pipeline backend_name = request.session.get('partial_pipeline', {}).get('backend') return redirect(get_complete_url(backend_name))
def test_get_real_social_auth_from_dict(self): """ Test that we can use a dictionary with a UID entry to retrieve a database-backed UserSocialAuth object. """ request = mock.MagicMock(session={ 'partial_pipeline': { 'kwargs': { 'social': { 'uid': 'fake uid' } } } }) real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def test_get_real_social_auth(self): """ Test that trying to get a database-backed UserSocialAuth from an existing instance returns correctly. """ request = mock.MagicMock() pipeline_partial = { 'kwargs': { 'social': self.social_auth } } with mock.patch('third_party_auth.pipeline.get') as get_pipeline: get_pipeline.return_value = pipeline_partial real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def test_get_real_social_auth(self): """ Test that trying to get a database-backed UserSocialAuth from an existing instance returns correctly. """ request = mock.MagicMock( session={ 'partial_pipeline': { 'kwargs': { 'social': self.social_auth } } } ) real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def test_get_real_social_auth_from_dict(self): """ Test that we can use a dictionary with a UID entry to retrieve a database-backed UserSocialAuth object. """ request = mock.MagicMock() pipeline_partial = { 'kwargs': { 'social': { 'uid': 'fake uid' } } } with mock.patch('third_party_auth.pipeline.get') as get_pipeline: get_pipeline.return_value = pipeline_partial real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def test_get_real_social_auth_from_dict(self): """ Test that we can use a dictionary with a UID entry to retrieve a database-backed UserSocialAuth object. """ request = mock.MagicMock( session={ 'partial_pipeline': { 'kwargs': { 'social': { 'uid': 'fake uid' } } } } ) real_social = pipeline.get_real_social_auth_object(request) self.assertEqual(real_social, self.social_auth)
def post_account_consent(self, request, consent_provided): """ Interpret the account-wide form above, and save it to a UserDataSharingConsentAudit object for later retrieval. """ self.lift_quarantine(request) # Load the linked EnterpriseCustomer for this request. Return a 404 if no such EnterpriseCustomer exists customer = get_enterprise_customer_for_request(request) if customer is None: raise Http404 # Attempt to retrieve a user being manipulated by the third-party auth # pipeline. Return a 404 if no such user exists. social_auth = get_real_social_auth_object(request) user = getattr(social_auth, 'user', None) if user is None: raise Http404 if not consent_provided and active_provider_enforces_data_sharing( request, EnterpriseCustomer.AT_LOGIN): # Flush the session to avoid the possibility of accidental login and to abort the pipeline. # pipeline is flushed only if data sharing is enforced, in other cases let the user to login. request.session.flush() return redirect(reverse('dashboard')) ec_user, __ = EnterpriseCustomerUser.objects.get_or_create( user_id=user.id, enterprise_customer=customer, ) UserDataSharingConsentAudit.objects.update_or_create( user=ec_user, defaults={ 'state': (UserDataSharingConsentAudit.ENABLED if consent_provided else UserDataSharingConsentAudit.DISABLED) }) # Resume auth pipeline backend_name = request.session.get('partial_pipeline', {}).get('backend') return redirect(get_complete_url(backend_name))
def post(self, request): """ Process the above form. """ # Verify that all necessary resources are present verify_edx_resources() self.lift_quarantine(request) customer = get_enterprise_customer_for_request(request) if customer is None: raise Http404 consent_provided = request.POST.get('data_sharing_consent', False) # If the checkbox is unchecked, no value will be sent user = get_real_social_auth_object(request).user ec_user, __ = EnterpriseCustomerUser.objects.get_or_create( user_id=user.id, enterprise_customer=customer, ) UserDataSharingConsentAudit.objects.update_or_create( user=ec_user, defaults={ 'state': (UserDataSharingConsentAudit.ENABLED if consent_provided else UserDataSharingConsentAudit.DISABLED) }) if not consent_provided: # Flush the session to avoid the possibility of accidental login and to abort the pipeline. # pipeline is flushed only if data sharing is enforced, in other cases let the user to login. if active_provider_enforces_data_sharing( request, EnterpriseCustomer.AT_LOGIN): request.session.flush() return redirect(reverse('dashboard')) # Resume auth pipeline backend_name = request.session.get('partial_pipeline', {}).get('backend') return redirect(get_complete_url(backend_name))
def post_account_consent(self, request, consent_provided): """ Interpret the account-wide form above, and save it to a UserDataSharingConsentAudit object for later retrieval. """ self.lift_quarantine(request) # Load the linked EnterpriseCustomer for this request. customer = get_enterprise_customer_for_request(request) if customer is None: # If we can't get an EnterpriseCustomer from the pipeline, then we don't really # have enough state to do anything meaningful. Just send the user to the login # screen; if they want to sign in with an Enterprise-linked SSO, they can do # so, and the pipeline will get them back here if they need to be. return redirect('signin_user') # Attempt to retrieve a user being manipulated by the third-party auth # pipeline. Return a 404 if no such user exists. social_auth = get_real_social_auth_object(request) user = getattr(social_auth, 'user', None) if user is None: raise Http404 if not consent_provided and active_provider_enforces_data_sharing( request, EnterpriseCustomer.AT_LOGIN): # Flush the session to avoid the possibility of accidental login and to abort the pipeline. # pipeline is flushed only if data sharing is enforced, in other cases let the user to login. request.session.flush() failure_url = request.POST.get('failure_url') or reverse( 'dashboard') return redirect(failure_url) enterprise_customer_user, __ = EnterpriseCustomerUser.objects.get_or_create( user_id=user.id, enterprise_customer=customer, ) platform_name = configuration_helpers.get_value( 'PLATFORM_NAME', settings.PLATFORM_NAME) messages.success( request, _('{span_start}Account created{span_end} Thank you for creating an account with {platform_name}.' ).format( platform_name=platform_name, span_start='<span>', span_end='</span>', )) if not user.is_active: messages.info( request, _('{span_start}Activate your account{span_end} Check your inbox for an activation email. ' 'You will not be able to log back into your account until you have activated it.' ).format(span_start='<span>', span_end='</span>')) UserDataSharingConsentAudit.objects.update_or_create( user=enterprise_customer_user, defaults={ 'state': (UserDataSharingConsentAudit.ENABLED if consent_provided else UserDataSharingConsentAudit.DISABLED) }) # Resume auth pipeline backend_name = get_partial_pipeline(request).get('backend') return redirect(get_complete_url(backend_name))