From 4227a563d4d9e8f5a5f7fe4701ade2c520c09e2f Mon Sep 17 00:00:00 2001 From: Ryan Lerch Date: Jun 17 2020 00:15:20 +0000 Subject: add fasjson support Adds the ability to elections to optionally use fasjson / noggin / AAA replacement instead of FAS2 fir getting usernames Signed-off-by: Ryan Lerch --- diff --git a/fedora_elections/__init__.py b/fedora_elections/__init__.py index 20e7865..fbe9fbb 100644 --- a/fedora_elections/__init__.py +++ b/fedora_elections/__init__.py @@ -43,6 +43,7 @@ import flask # noqa import munch # noqa import six # noqa +from fasjson_client import Client from fedora.client import AuthError, AppError # noqa from fedora.client.fas2 import AccountSystem # noqa from flask_oidc import OpenIDConnect # noqa @@ -64,13 +65,18 @@ LOG = APP.logger APP.wsgi_app = fedora_elections.proxy.ReverseProxied(APP.wsgi_app) -# FAS for usernames. -FAS2 = AccountSystem( - APP.config['FAS_BASE_URL'], - username=APP.config['FAS_USERNAME'], - password=APP.config['FAS_PASSWORD'], - insecure=not APP.config['FAS_CHECK_CERT'] -) +if APP.config.get('FASJSON'): + ACCOUNTS = Client( + url=APP.config['FAS_BASE_URL'] + ) +else: + # FAS for usernames. + ACCOUNTS = AccountSystem( + APP.config['FAS_BASE_URL'], + username=APP.config['FAS_USERNAME'], + password=APP.config['FAS_PASSWORD'], + insecure=not APP.config['FAS_CHECK_CERT'] + ) # modular imports diff --git a/fedora_elections/admin.py b/fedora_elections/admin.py index beab90e..48a525f 100644 --- a/fedora_elections/admin.py +++ b/fedora_elections/admin.py @@ -36,8 +36,9 @@ from fedora_elections import fedmsgshim from fedora_elections import forms from fedora_elections import models from fedora_elections import ( - APP, SESSION, FAS2, is_authenticated, is_admin + APP, SESSION, ACCOUNTS, is_authenticated, is_admin ) +from fasjson_client.errors import APIError def election_admin_required(f): @@ -230,9 +231,14 @@ def admin_add_candidate(election_alias): fas_name = None if election.candidates_are_fasusers: # pragma: no cover try: - fas_name = FAS2.person_by_username( - form.name.data)['human_name'] - except (KeyError, AuthError): + if APP.config.get('FASJSON'): + user = ACCOUNTS.get_user( + username=form.name.data).result + fas_name = f'{user['givenname']} {user['surname']}' + else: + fas_name = ACCOUNTS.person_by_username( + form.name.data)['human_name'] + except (KeyError, AuthError, APIError): flask.flash( 'User `%s` does not have a FAS account.' % form.name.data, 'error') @@ -286,9 +292,14 @@ def admin_add_multi_candidate(election_alias): fas_name = None if election.candidates_are_fasusers: # pragma: no cover try: - fas_name = FAS2.person_by_username( - candidate[0])['human_name'] - except (KeyError, AuthError): + if APP.config.get('FASJSON'): + user = ACCOUNTS.get_user( + username=candidate[0]).result + fas_name = f'{user['givenname']} {user['surname']}' + else: + fas_name = ACCOUNTS.person_by_username( + candidate[0])['human_name'] + except (KeyError, AuthError, APIError): SESSION.rollback() flask.flash( 'User `%s` does not have a FAS account.' @@ -356,9 +367,14 @@ def admin_edit_candidate(election_alias, candidate_id): if election.candidates_are_fasusers: # pragma: no cover try: - candidate.fas_name = FAS2.person_by_username( - candidate.name)['human_name'] - except (KeyError, AuthError): + if APP.config.get('FASJSON'): + user = ACCOUNTS.get_user( + username=candidate.name).result + candidate.fas_name = f'{user['givenname']} {user['surname']}' + else: + candidate.fas_name = ACCOUNTS.person_by_username( + candidate.name)['human_name'] + except (KeyError, AuthError, APIError): SESSION.rollback() flask.flash( 'User `%s` does not have a FAS account.' diff --git a/fedora_elections/default_config.py b/fedora_elections/default_config.py index 42c6d44..dd6724e 100644 --- a/fedora_elections/default_config.py +++ b/fedora_elections/default_config.py @@ -19,6 +19,8 @@ DB_URL = 'sqlite:////var/tmp/elections_dev.sqlite' # You will want to change this for your install SECRET_KEY = 'change me' +FASJSON = False + FAS_BASE_URL = 'https://admin.stg.fedoraproject.org/accounts/' FAS_USERNAME = '' FAS_PASSWORD = '' diff --git a/fedora_elections/forms.py b/fedora_elections/forms.py index b88edaf..e29ecb1 100644 --- a/fedora_elections/forms.py +++ b/fedora_elections/forms.py @@ -10,8 +10,9 @@ except ImportError: from fedora.client import AuthError -from fedora_elections import SESSION, FAS2, APP +from fedora_elections import SESSION, ACCOUNTS, APP from fedora_elections.models import Election +from fasjson_client.errors import APIError class ElectionForm(FlaskForm): @@ -155,9 +156,14 @@ def get_simple_voting_form(candidates, fasusers): if fasusers: # pragma: no cover # We can't cover FAS integration try: - title = \ - FAS2.person_by_username(candidate.name)['human_name'] - except (KeyError, AuthError) as err: + if APP.config.get('FASJSON'): + user = ACCOUNTS.get_user( + username=candidate.name).result + title = f'{user['givenname']} {user['surname']}' + else: + title = ACCOUNTS.person_by_username( + candidate.name)['human_name'] + except (KeyError, AuthError, APIError) as err: APP.logger.debug(err) if candidate.url: title = '%s [Info]' % (title, candidate.url) diff --git a/files/fedora-elections.cfg b/files/fedora-elections.cfg index 0ce7c61..37e76e5 100644 --- a/files/fedora-elections.cfg +++ b/files/fedora-elections.cfg @@ -15,6 +15,11 @@ DB_URL = 'sqlite:////var/tmp/elections_dev.sqlite' ## application, including all elections past, present and future FEDORA_ELECTIONS_ADMIN_GROUP = 'elections' +# Elections directly connects to the accounts backend to get +# details of nominees when adding them to an election. +# if FASJSON is false, elections will connect to FAS2. if FASJSON is +# True, elections will connect to FASJSON +FASJSON = False ## Fedora-elections can integrate with FAS to retrieve information about the ## candidates, the following configuration keys are required for this