Merge pull request #2580 from coreos-inc/team-sync-email-fix

Fix handling of team sync when a user already exists with the email address
This commit is contained in:
josephschorr 2017-04-26 14:19:23 -04:00 committed by GitHub
commit 5c4f7d50c6
3 changed files with 56 additions and 6 deletions

View file

@ -107,11 +107,15 @@ class FederatedUsers(object):
return (None, 'Unable to pick a username. Please report this to your administrator.')
prompts = model.user.get_default_user_prompts(features)
try:
db_user = model.user.create_federated_user(valid_username, email, self._federated_service,
username,
set_password_notification=False,
email_required=self._requires_email,
prompts=prompts)
except model.InvalidEmailAddressException as iae:
return (None, iae.message)
else:
# Update the db attributes from the federated service.
if email and db_user.email != email:

View file

@ -257,4 +257,47 @@ def test_teamsync_end_to_end(auth_system_builder, config, app):
# Ensure we now have members.
msg = 'Auth system: %s' % auth.federated_service
sync_team_info = model.team.get_team_sync_information('buynlarge', 'synced2')
assert len(list(model.team.list_team_users(sync_team_info.team))) > 0, msg
team_members = list(model.team.list_team_users(sync_team_info.team))
assert len(team_members) > 1, msg
it, _ = auth.iterate_group_members(config)
assert len(team_members) == len(list(it)), msg
sync_team_info.last_updated = datetime.now() - timedelta(hours=6)
sync_team_info.save()
# Remove one of the members and force a sync again to ensure we re-link the correct users.
first_member = team_members[0]
model.team.remove_user_from_team('buynlarge', 'synced2', first_member.username, 'devtable')
team_members2 = list(model.team.list_team_users(sync_team_info.team))
assert len(team_members2) == 1, msg
assert sync_team(auth, sync_team_info)
team_members3 = list(model.team.list_team_users(sync_team_info.team))
assert len(team_members3) > 1, msg
assert set([m.id for m in team_members]) == set([m.id for m in team_members3])
@pytest.mark.parametrize('auth_system_builder,config', [
(mock_ldap, {'group_dn': 'cn=AwesomeFolk'}),
(fake_keystone, {'group_id': 'somegroupid'}),
])
def test_teamsync_existing_email(auth_system_builder, config, app):
with auth_system_builder() as auth:
# Create an new team to sync.
org = model.organization.get_organization('buynlarge')
new_synced_team = model.team.create_team('synced2', org, 'member', 'Some synced team.')
sync_team_info = model.team.set_team_syncing(new_synced_team, auth.federated_service, config)
# Add a new *unlinked* user with the same email address as one of the team members.
it, _ = auth.iterate_group_members(config)
members = list(it)
model.user.create_user_noverify('someusername', members[0][0].email)
# Sync the team and ensure it doesn't fail.
assert sync_team(auth, sync_team_info)
team_members = list(model.team.list_team_users(sync_team_info.team))
assert len(team_members) > 0

View file

@ -56,6 +56,9 @@ def init_db_path(tmpdir_factory):
application.config.update(conf)
application.config.update({"DB_URI": sqlitedb})
initialize_database()
db.obj.execute_sql('PRAGMA foreign_keys = ON;')
populate_database()
close_db_filter(None)
return str(sqlitedb_file)