globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity

Fixed client preconsent disabling

Browse source
This commit is contained in:
Éloi Rivard 2022-11-16 17:36:16 +01:00
parent c36d1bd222
commit 62b62b684f
3 changed files with 47 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGES.rst
View file

@ -18,6 +18,7 @@ Fixed
- Fixed non-square logo CSS. :pr:`67`
- Fixed schema path on installation. :pr:`68`
- Fixed RFC7591 ``software_statement`` claim support. :pr:`70`
- Fixed client preconsent disabling. :pr:`72`
Added
*****

33
canaille/ldap_backend/ldapobject.py
View file

@ -9,10 +9,19 @@ LDAP_NULL_DATE = "000001010000Z"
class Syntax(str, Enum):
# fmt: off
BOOLEAN = "1.3.6.1.4.1.1466.115.121.1.7"
DIRECTORY_STRING = "1.3.6.1.4.1.1466.115.121.1.15"
GENERALIZED_TIME = "1.3.6.1.4.1.1466.115.121.1.24"
INTEGER = "1.3.6.1.4.1.1466.115.121.1.27"
JPEG = "1.3.6.1.4.1.1466.115.121.1.28"
BOOLEAN = "1.3.6.1.4.1.1466.115.121.1.7"
IA5_STRING = "1.3.6.1.4.1.1466.115.121.1.26"
INTEGER = "1.3.6.1.4.1.1466.115.121.1.27"
JPEG = "1.3.6.1.4.1.1466.115.121.1.28"
NUMERIC_STRING = "1.3.6.1.4.1.1466.115.121.1.36"
OCTET_STRING = "1.3.6.1.4.1.1466.115.121.1.40"
POSTAL_ADDRESS = "1.3.6.1.4.1.1466.115.121.1.41"
PRINTABLE_STRING = "1.3.6.1.4.1.1466.115.121.1.44"
TELEPHONE_NUMBER = "1.3.6.1.4.1.1466.115.121.1.50"
# fmt: on
class LDAPObject:
@ -225,12 +234,12 @@ class LDAPObject:
return str(value).encode("utf-8")
if syntax == Syntax.JPEG:
return value
return value if value else None
if syntax == Syntax.BOOLEAN and isinstance(value, bool):
return ("TRUE" if value else "FALSE").encode("utf-8")
return value.encode("utf-8")
return value.encode("utf-8") if value else None
@staticmethod
def ldap_attrs_to_python(attrs):
@ -269,9 +278,13 @@ class LDAPObject:
changes = {
name: value
for name, value in self.changes.items()
if value and value[0] and self.attrs.get(name) != value
if name not in deletions and self.attrs.get(name) != value
}
formatted_changes = {
name: value
for name, value in self.python_attrs_to_ldap(changes).items()
if value is not None and value != [None]
}
formatted_changes = self.python_attrs_to_ldap(changes)
modlist = [(ldap.MOD_DELETE, name, None) for name in deletions] + [
(ldap.MOD_REPLACE, name, values)
for name, values in formatted_changes.items()
@ -285,7 +298,11 @@ class LDAPObject:
for name, value in {**self.attrs, **self.changes}.items()
if value and value[0]
}
formatted_changes = self.python_attrs_to_ldap(changes)
formatted_changes = {
name: value
for name, value in self.python_attrs_to_ldap(changes).items()
if value is not None and value != None
}
attributes = [(name, values) for name, values in formatted_changes.items()]
conn.add_s(self.dn, attributes)

21
tests/oidc/test_client_admin.py
View file

@ -90,6 +90,7 @@ def test_client_edit(testclient, client, logged_admin, other_client):
assert (
"The client has not been edited. Please check your information." not in res.text
)
assert "The client has been edited." in res.text
client = Client.get(client.dn)
for k, v in data.items():
@ -107,3 +108,23 @@ def test_client_edit(testclient, client, logged_admin, other_client):
status=200
)
assert Client.get(client.client_id) is None
def test_client_edit_preauth(testclient, client, logged_admin, other_client):
assert not client.preconsent
res = testclient.get("/admin/client/edit/" + client.client_id)
res.forms["clientadd"]["preconsent"] = True
res = res.forms["clientadd"].submit(status=200, name="action", value="edit")
assert "The client has been edited." in res.text
client = Client.get(client.dn)
assert client.preconsent
res = testclient.get("/admin/client/edit/" + client.client_id)
res.forms["clientadd"]["preconsent"] = False
res = res.forms["clientadd"].submit(status=200, name="action", value="edit")
assert "The client has been edited." in res.text
client = Client.get(client.dn)
assert not client.preconsent