From 6351ce86c2ff753fb011afbf6b6eff88b2fe570d Mon Sep 17 00:00:00 2001 From: Robert Sparks Date: Mon, 18 Oct 2021 21:39:00 +0000 Subject: [PATCH] Provide a dots oidc claim for online badges. Commit ready for merge. - Legacy-Id: 19437 --- ietf/ietfauth/tests.py | 4 ++-- ietf/ietfauth/utils.py | 5 +++++ ietf/person/utils.py | 20 ++++++++++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/ietf/ietfauth/tests.py b/ietf/ietfauth/tests.py index 737af3e2e..05ec0c2b3 100644 --- a/ietf/ietfauth/tests.py +++ b/ietf/ietfauth/tests.py @@ -827,7 +827,7 @@ class OpenIDConnectTests(TestCase): session["nonce"] = rndstr() args = { "response_type": "code", - "scope": ['openid', 'profile', 'email', 'roles', 'registration', ], + "scope": ['openid', 'profile', 'email', 'roles', 'registration', 'dots' ], "nonce": session["nonce"], "redirect_uri": redirect_uris[0], "state": session["state"] @@ -876,7 +876,7 @@ class OpenIDConnectTests(TestCase): # Get userinfo, check keys present userinfo = client.do_user_info_request(state=params["state"], scope=args['scope']) for key in [ 'email', 'family_name', 'given_name', 'meeting', 'name', 'roles', - 'ticket_type', 'reg_type', 'affiliation', 'picture', ]: + 'ticket_type', 'reg_type', 'affiliation', 'picture', 'dots', ]: self.assertIn(key, userinfo) self.assertTrue(userinfo[key]) self.assertIn('remote', set(userinfo['reg_type'].split())) diff --git a/ietf/ietfauth/utils.py b/ietf/ietfauth/utils.py index 9e9126fe3..087674686 100644 --- a/ietf/ietfauth/utils.py +++ b/ietf/ietfauth/utils.py @@ -25,6 +25,7 @@ import debug # pyflakes:ignore from ietf.group.models import Role, GroupFeatures from ietf.person.models import Person +from ietf.person.utils import get_dots from ietf.doc.utils_bofreq import bofreq_editors def user_is_person(user, person): @@ -253,6 +254,10 @@ class OidcExtraScopeClaims(oidc_provider.lib.claims.ScopeClaims): } return info + def scope_dots(self): + dots = get_dots(self.user.person) + return { 'dots': dots } + info_registration = ( "IETF Meeting Registration Info", "Access to public IETF meeting registration information for the current meeting. " diff --git a/ietf/person/utils.py b/ietf/person/utils.py index 939bb8e49..4040149fa 100755 --- a/ietf/person/utils.py +++ b/ietf/person/utils.py @@ -15,6 +15,7 @@ from django.core.exceptions import ObjectDoesNotExist import debug # pyflakes:ignore from ietf.person.models import Person +from ietf.group.models import GroupFeatures from ietf.utils.mail import send_mail def merge_persons(request, source, target, file=sys.stdout, verbose=False): @@ -220,3 +221,22 @@ def get_active_irsg(): cache.set(cache_key, active_irsg_balloters) return active_irsg_balloters +def get_dots(person): + roles = person.role_set.filter(group__state_id__in=('active','bof','proposed')) + chair_group_types = ['wg', 'program', 'rg', 'iabasg'] + dots = [] + if roles.filter(name_id='chair',group__type_id__in=chair_group_types).exists(): + dots.append('chair') + if roles.filter(group__acronym='iesg',name_id='ad').exists(): + dots.append('ad') + if roles.filter(group__acronym='iab',name_id='member').exists(): + dots.append('iab') + if roles.filter(group__acronym='irsg').exists(): + dots.append('irsg') + if roles.filter(group__acronym='llc-board').exists(): + dots.append('llc') + if roles.filter(group__acronym='ietf-trust').exists(): + dots.append('trust') + if roles.filter(group__acronym__startswith='nomcom', name_id__in=('chair','member')).exists(): + dots.append('nomcom') + return dots