Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jlc/NIDpipelines #232

Merged
merged 3 commits into from
Nov 12, 2024
Merged

Jlc/NIDpipelines #232

merged 3 commits into from
Nov 12, 2024

Conversation

johanseto
Copy link
Collaborator

@johanseto johanseto commented Nov 7, 2024
edited
Loading

Description

As username was changed as national_id, now the national_id needs to be
loaded using other fields.
eg uid=1999444333
So now user is looked up using:

  • safer_associate_user_by_national_id: extrainfo__national_id
  • safer_associate_user_by_social_auth_record: social_auth__uid__endswith

Also there is other pipe that was separated to manage staff and superusers.

  • disallow_staff_superuser_users

Testing instructions

We need to change the pipelines functions in this way.

Before

SOCIAL_AUTH_TPA_SAML_PIPELINE = [
...
    "eox_nelp.third_party_auth.pipeline.safer_associate_username_by_uid",
...
]

After

SOCIAL_AUTH_TPA_SAML_PIPELINE = [
...
    "eox_nelp.third_party_auth.pipeline.safer_associate_user_by_national_id",
    "eox_nelp.third_party_auth.pipeline.safer_associate_user_by_social_auth_record",
    "eox_nelp.third_party_auth.pipeline.disallow_staff_superuser_users",
...
]

Check if saml association are working =)

Additional information

Jira story

Checklist for Merge

  • Tested in a remote environment
  • Updated documentation
  • Rebased master/main
  • Squashed commits

@johanseto
refactor!: pipelines 2 match without usernames
c919f2c 
As username was changed as national_id, now the national_id needs to be
loaded using other fields.
So now user is looked up using:
- safer_associate_user_by_national_id: extrainfo__national_id
- safer_associate_user_by_social_auth_record: social_auth__uid__endswith

Also there is other pipe that was separated to manage staff and superusers.
- disallow_staff_superuser_users
@johanseto
refactor: use utils to dont repeat code
3aecd50
@github-actions github-actions bot added test size/m m lines label labels Nov 7, 2024
@johanseto johanseto marked this pull request as ready for review November 7, 2024 22:13
@johanseto johanseto changed the title Jlc/national id pipelines Jlc/NIDpipelines Nov 7, 2024
andrey-canon
andrey-canon approved these changes Nov 8, 2024
View reviewed changes
Copy link
Collaborator

@andrey-canon andrey-canon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
could you add tests for the line 145 of eox_nelp/third_party_auth/pipeline.py?

eox_nelp/third_party_auth/tests/test_pipeline.py

class SaferAssociaciateUserBySocialAuthRecordTestCase(SaferAssociateUserUsingUid, TestCase):
"""Test case for `safer_associate_user_by_social_auth_record`"""
uid_pipe = staticmethod(safer_associate_user_by_social_auth_record)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just asking why this instead of uid_pipe = safer_associate_user_by_social_auth_record ?

Copy link
Collaborator Author

@johanseto johanseto Nov 8, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because as is defined inside a class. When the function is called(self.uid_pipe()) the first argument is filled with self. So the order function fails...

eox_nelp/third_party_auth/tests/test_pipeline.py Outdated

self.backend.get_idp.return_value.get_user_permanent_id.return_value = test_uid
self.backend.strategy.storage.user.get_user.return_value = past_user

pipe_output = safer_associate_username_by_uid(self.request, self.backend, self.details, self.response)
pipe_output = safer_associate_user_by_national_id(self.request, self.backend, self.details, self.response)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
pipe_output = safer_associate_user_by_national_id(self.request, self.backend, self.details, self.response)
pipe_output = self.uid_pipe(self.request, self.backend, self.details, self.response)

??? I Think it's the same but this suggestion keeps the style of other tests

eox_nelp/third_party_auth/tests/test_pipeline.py Outdated
@@ -94,7 +136,49 @@ def test_user_associate_username_with_uid(self):
self.backend.get_idp.return_value.get_user_permanent_id.return_value = test_uid
self.backend.strategy.storage.user.get_user.return_value = past_user

pipe_output = safer_associate_username_by_uid(self.request, self.backend, self.details, self.response)
pipe_output = safer_associate_user_by_social_auth_record(
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same comment as above

@johanseto johanseto force-pushed the jlc/national_id_pipelines branch from cf82485 to 8b11e10 Compare November 8, 2024 21:07
@johanseto johanseto force-pushed the jlc/national_id_pipelines branch from 8b11e10 to c69533b Compare November 8, 2024 21:08
@johanseto johanseto merged commit fc47d6d into master Nov 12, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrey-canon andrey-canon andrey-canon approved these changes

Assignees
No one assigned
Labels
size/m m lines label test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@johanseto @andrey-canon