Fixes in order to gitlab and ldap to work

c0f7981e · Peter Stanko · c057985f · c0f7981e · c0f7981e · c0f7981e
Verified Commit c0f7981e authored 6 years ago by Peter Stanko
--- a/portal/rest/auth/gitlab.py
+++ b/portal/rest/auth/gitlab.py
 import logging
 from typing import Union
-from flask import Flask, Response, make_response, redirect, request, session, url_for
+from flask import Flask, Response, make_response, redirect, request, session
 from flask_oauthlib.client import OAuth, OAuthRemoteApp
 from flask_restplus import Namespace, Resource

 from portal import oauth
+from portal.rest import rest_api
 from portal.service import general
 from portal.service.users import create_user

@@ -23,7 +24,7 @@ def extract_user_info(me: dict) -> dict:
        )


-def gitlab_enabled(app: Flask)-> bool:
+def gitlab_enabled(app: Flask) -> bool:
    return app.config.get('GITLAB_URL') and \
           app.config.get('GITLAB_CLIENT_ID') and \
           app.config.get('GITLAB_CLIENT_SECRET')
@@ -54,13 +55,12 @@ gitlab = create_gitlab_app(oauth_app=oauth)

 @oauth_namespace.route('/login')
 class OAuthLogin(Resource):
-
    def get(self):
        if not gitlab:
            return {'message': 'Gitlab OAuth is not enabled'}, 404

-        callback = url_for('oauth.oauth_authorized',
-                           _external=True, _scheme='https')
+        callback = rest_api.url_for(OAuthLoginAuthorized, _external=True)
+
        log.debug(f"Callback set: {callback}")
        return gitlab.authorize(callback=callback)

@@ -88,7 +88,6 @@ def user_login(user_info) -> Response:

 @oauth_namespace.route('/login/authorized')
 class OAuthLoginAuthorized(Resource):
-
    def get(self):
        if not gitlab:
            return {'message': 'Gitlab OAuth is not enabled'}, 404

--- a/portal/rest/auth/login.py
+++ b/portal/rest/auth/login.py
@@ -6,6 +6,7 @@ from flask_restplus import Namespace, Resource, fields

 from portal import jwt
 from portal.database.models import Component, User
+from portal.rest import rest_api
 from portal.service import general
 from portal.service.auth import login_component, login_user
 from portal.service.errors import PortalAPIError, UnauthorizedError
@@ -18,16 +19,16 @@ login_schema = auth_namespace.model('LoginSchema', {
    'id': fields.String,
    'access_token': fields.String,
    'refresh_token': fields.String
-})
+    })

 refresh_schema = auth_namespace.model('RefreshSchema', {
    'refresh_token': fields.String
-})
+    })

 logout_schema = auth_namespace.model('LogoutSchema', {
    'access_token': fields.String,
    'refresh_token': fields.String
-})
+    })


 @jwt.user_claims_loader
@@ -77,7 +78,7 @@ def _create_tokens(client) -> dict:
        id=client_id,
        access_token=create_access_token(identity=client_id),
        refresh_token=create_refresh_token(identity=client_id)
-    )
+        )


 @auth_namespace.route('/login')

--- a/portal/service/users.py
+++ b/portal/service/users.py
@@ -32,10 +32,9 @@ def create_user(**data) -> User:
    data['is_admin'] = data.get('is_admin', False)
    username = data['username']
    new_user = User(username=username)
-    __set_user_data(new_user, data, True)
-
    if data['uco'] is None and ldap_wrapper.is_enabled:
-        new_user.uco = ldap_get_uco_for_user(username)
+        data['uco'] = ldap_get_uco_for_user(username)
+    __set_user_data(new_user, data, True)

    emails.notify_user(new_user, 'users', 'created',
                       context=dict(username=username))
@@ -54,7 +53,7 @@ def ldap_get_uco_for_user(username: str) -> int:
    if not user_dict:
        return 0
    desc = user_dict[0]['description']
-    uco = [u for u in desc if u.startswith('UCO=')]
+    uco = [str(u) for u in desc if str(u).startswith('UCO=')]
    if not uco:
        return 0
    return int(uco[0][4:])