Fix the creation of saml users

When created, they are put into the cache.
Also allows bulk-delete for saml users.
This commit is contained in:
FinnStutzenstein 2020-06-10 08:44:26 +02:00
parent fbb0be6fb4
commit 7d455b34f5
No known key found for this signature in database
GPG Key ID: 9042F605C6324654
3 changed files with 12 additions and 9 deletions

1
.gitignore vendored
View File

@ -29,6 +29,7 @@ dist/*
debug/* debug/*
.DS_Store .DS_Store
.idea .idea
*.code-workspace
# Unit test and coverage reports # Unit test and coverage reports
.coverage .coverage

View File

@ -12,6 +12,8 @@ from onelogin.saml2.auth import OneLogin_Saml2_Auth
from onelogin.saml2.errors import OneLogin_Saml2_Error from onelogin.saml2.errors import OneLogin_Saml2_Error
from onelogin.saml2.utils import OneLogin_Saml2_Utils from onelogin.saml2.utils import OneLogin_Saml2_Utils
from openslides.utils.autoupdate import inform_changed_data
from .settings import get_saml_settings from .settings import get_saml_settings
@ -141,6 +143,7 @@ class SamlView(View):
logger.info( logger.info(
f"Created new saml user with id {user.id} and username {user.username}" f"Created new saml user with id {user.id} and username {user.username}"
) )
inform_changed_data(user) # put the new user into the cache
else: else:
logger.info( logger.info(
f"Found saml user with id {user.id} and username {user.username}" f"Found saml user with id {user.id} and username {user.username}"

View File

@ -322,22 +322,21 @@ class UserViewSet(ModelViewSet):
self.assert_list_of_ints(ids) self.assert_list_of_ints(ids)
# Exclude the request user # Exclude the request user
users = self.bulk_get_users(request, ids) users = self.bulk_get_users(request, ids, auth_type=None)
for user in list(users): for user in list(users):
user.delete() user.delete()
return Response(status=status.HTTP_204_NO_CONTENT) return Response(status=status.HTTP_204_NO_CONTENT)
def bulk_get_users(self, request, ids): def bulk_get_users(self, request, ids, auth_type="default"):
""" """
Get all users for the given ids. Exludes the request user and all Get all users for the given ids. Exludes the request user.
users with a non-default auth_type. If the auth type is given (so it is not None), only these users are included.
""" """
return ( queryset = User.objects
User.objects.filter(auth_type="default") if auth_type is not None:
.exclude(pk=request.user.id) queryset = queryset.filter(auth_type=auth_type)
.filter(pk__in=ids) return queryset.exclude(pk=request.user.id).filter(pk__in=ids)
)
@list_route(methods=["post"]) @list_route(methods=["post"])
@transaction.atomic @transaction.atomic