Fix the creation of saml users
When created, they are put into the cache. Also allows bulk-delete for saml users.
This commit is contained in:
parent
fbb0be6fb4
commit
7d455b34f5
1
.gitignore
vendored
1
.gitignore
vendored
@ -29,6 +29,7 @@ dist/*
|
||||
debug/*
|
||||
.DS_Store
|
||||
.idea
|
||||
*.code-workspace
|
||||
|
||||
# Unit test and coverage reports
|
||||
.coverage
|
||||
|
@ -12,6 +12,8 @@ from onelogin.saml2.auth import OneLogin_Saml2_Auth
|
||||
from onelogin.saml2.errors import OneLogin_Saml2_Error
|
||||
from onelogin.saml2.utils import OneLogin_Saml2_Utils
|
||||
|
||||
from openslides.utils.autoupdate import inform_changed_data
|
||||
|
||||
from .settings import get_saml_settings
|
||||
|
||||
|
||||
@ -141,6 +143,7 @@ class SamlView(View):
|
||||
logger.info(
|
||||
f"Created new saml user with id {user.id} and username {user.username}"
|
||||
)
|
||||
inform_changed_data(user) # put the new user into the cache
|
||||
else:
|
||||
logger.info(
|
||||
f"Found saml user with id {user.id} and username {user.username}"
|
||||
|
@ -322,22 +322,21 @@ class UserViewSet(ModelViewSet):
|
||||
self.assert_list_of_ints(ids)
|
||||
|
||||
# Exclude the request user
|
||||
users = self.bulk_get_users(request, ids)
|
||||
users = self.bulk_get_users(request, ids, auth_type=None)
|
||||
for user in list(users):
|
||||
user.delete()
|
||||
|
||||
return Response(status=status.HTTP_204_NO_CONTENT)
|
||||
|
||||
def bulk_get_users(self, request, ids):
|
||||
def bulk_get_users(self, request, ids, auth_type="default"):
|
||||
"""
|
||||
Get all users for the given ids. Exludes the request user and all
|
||||
users with a non-default auth_type.
|
||||
Get all users for the given ids. Exludes the request user.
|
||||
If the auth type is given (so it is not None), only these users are included.
|
||||
"""
|
||||
return (
|
||||
User.objects.filter(auth_type="default")
|
||||
.exclude(pk=request.user.id)
|
||||
.filter(pk__in=ids)
|
||||
)
|
||||
queryset = User.objects
|
||||
if auth_type is not None:
|
||||
queryset = queryset.filter(auth_type=auth_type)
|
||||
return queryset.exclude(pk=request.user.id).filter(pk__in=ids)
|
||||
|
||||
@list_route(methods=["post"])
|
||||
@transaction.atomic
|
||||
|
Loading…
Reference in New Issue
Block a user