Merged in [19437] from rjsparks@nostrum.com:

Provide a dots oidc claim for online badges. - Legacy-Id: 19445 Note: SVN reference [19437] has been migrated to Git commit 6351ce86c2
2021-10-19 19:28:57 +00:00 · 2021-10-19 19:28:57 +00:00 · 68bdefeb26
parent f126a18807 6351ce86c2
commit 68bdefeb26
3 changed files with 27 additions and 2 deletions
--- a/ietf/ietfauth/tests.py
+++ b/ietf/ietfauth/tests.py
@ -827,7 +827,7 @@ class OpenIDConnectTests(TestCase):
            session["nonce"] = rndstr()
            args = {
                "response_type": "code",
-                "scope": ['openid', 'profile', 'email', 'roles', 'registration', ],
+                "scope": ['openid', 'profile', 'email', 'roles', 'registration', 'dots' ],
                "nonce": session["nonce"],
                "redirect_uri": redirect_uris[0],
                "state": session["state"]
@ -876,7 +876,7 @@ class OpenIDConnectTests(TestCase):
            # Get userinfo, check keys present
            userinfo = client.do_user_info_request(state=params["state"], scope=args['scope'])
            for key in [ 'email', 'family_name', 'given_name', 'meeting', 'name', 'roles',
-                         'ticket_type', 'reg_type', 'affiliation', 'picture', ]:
+                         'ticket_type', 'reg_type', 'affiliation', 'picture', 'dots', ]:
                self.assertIn(key, userinfo)
                self.assertTrue(userinfo[key])
            self.assertIn('remote', set(userinfo['reg_type'].split()))
--- a/ietf/ietfauth/utils.py
+++ b/ietf/ietfauth/utils.py
@ -25,6 +25,7 @@ import debug                            # pyflakes:ignore

 from ietf.group.models import Role, GroupFeatures
 from ietf.person.models import Person
+from ietf.person.utils import get_dots
 from ietf.doc.utils_bofreq import bofreq_editors

 def user_is_person(user, person):
@ -253,6 +254,10 @@ class OidcExtraScopeClaims(oidc_provider.lib.claims.ScopeClaims):
            }
        return info

+    def scope_dots(self):
+        dots = get_dots(self.user.person)
+        return { 'dots': dots }
+
    info_registration = (
            "IETF Meeting Registration Info",
            "Access to public IETF meeting registration information for the current meeting. "
--- a/ietf/person/utils.py
+++ b/ietf/person/utils.py
@ -15,6 +15,7 @@ from django.core.exceptions import ObjectDoesNotExist
 import debug                            # pyflakes:ignore

 from ietf.person.models import Person
+from ietf.group.models import GroupFeatures
 from ietf.utils.mail import send_mail

 def merge_persons(request, source, target, file=sys.stdout, verbose=False):
@ -220,3 +221,22 @@ def get_active_irsg():
        cache.set(cache_key, active_irsg_balloters)
    return active_irsg_balloters        

+def get_dots(person):
+        roles = person.role_set.filter(group__state_id__in=('active','bof','proposed'))
+        chair_group_types = ['wg', 'program', 'rg', 'iabasg']
+        dots = []
+        if roles.filter(name_id='chair',group__type_id__in=chair_group_types).exists():
+            dots.append('chair')
+        if roles.filter(group__acronym='iesg',name_id='ad').exists():
+            dots.append('ad')
+        if roles.filter(group__acronym='iab',name_id='member').exists():
+            dots.append('iab')
+        if roles.filter(group__acronym='irsg').exists():
+            dots.append('irsg')
+        if roles.filter(group__acronym='llc-board').exists():
+            dots.append('llc')
+        if roles.filter(group__acronym='ietf-trust').exists():
+            dots.append('trust')
+        if roles.filter(group__acronym__startswith='nomcom', name_id__in=('chair','member')).exists():
+            dots.append('nomcom')
+        return dots