From a45ed7e7063e907ddfed6712f196edd28db0a4a6 Mon Sep 17 00:00:00 2001
From: Benjamin Bertrand <benjamin.bertrand@ess.eu>
Date: Wed, 25 Nov 2020 16:29:14 +0100
Subject: [PATCH] Set display_name to username when empty

Modification performed for service account

JIRA INFRA-2909 #action In Progress
---
 app/models.py                   |  2 +-
 tests/functional/conftest.py    | 15 +++++++--
 tests/functional/test_models.py | 58 +++++++++++++++++++++++++++++++++
 tests/unit/test_utils.py        | 15 +++++++++
 4 files changed, 87 insertions(+), 3 deletions(-)

diff --git a/app/models.py b/app/models.py
index 9a8aa70..ab17530 100644
--- a/app/models.py
+++ b/app/models.py
@@ -101,7 +101,7 @@ def save_user(dn, username, data, memberships):
     if user is None:
         user = User(
             username=username,
-            display_name=utils.attribute_to_string(data["cn"]),
+            display_name=utils.attribute_to_string(data["cn"]) or username,
             email=utils.attribute_to_string(data["mail"]),
         )
     # Always update the user groups to keep them up-to-date
diff --git a/tests/functional/conftest.py b/tests/functional/conftest.py
index edfb191..ee178a0 100644
--- a/tests/functional/conftest.py
+++ b/tests/functional/conftest.py
@@ -175,8 +175,19 @@ def patch_ldap_authenticate(monkeypatch):
             response.user_groups = [{"cn": "CSEntry Admin"}]
         elif username == "audit" and password == "auditpasswd":
             response.status = AuthenticationResponseStatus.success
-            response.user_info = {"cn": "Auditor User", "mail": "audit@example.com"}
-            response.user_groups = [{"cn": "CSEntry Auditor"}]
+            response.user_dn = "uid=audit,ou=Service accounts,dc=esss,dc=lu,dc=se"
+            response.user_info = {
+                "uid": ["audit"],
+                "cn": [],
+                "mail": [],
+                "dn": "uid=audit,ou=Service accounts,dc=esss,dc=lu,dc=se",
+            }
+            response.user_groups = [
+                {
+                    "cn": ["CSEntry Auditor"],
+                    "dn": "cn=CSEntry Auditor,ou=ICS,ou=Groups,dc=esss,dc=lu,dc=se",
+                }
+            ]
         elif username == "user_rw" and password == "userrw":
             response.status = AuthenticationResponseStatus.success
             response.user_info = {"cn": "User RW", "mail": "user_rw@example.com"}
diff --git a/tests/functional/test_models.py b/tests/functional/test_models.py
index aee0cbf..3fb410f 100644
--- a/tests/functional/test_models.py
+++ b/tests/functional/test_models.py
@@ -1264,3 +1264,61 @@ def test_host_sensitive_field_update_on_network_change(
     instances, nb = models.Host.search("sensitive:true")
     assert nb == 1
     assert instances[0].name == name
+
+
+@pytest.mark.parametrize(
+    "dn,username,user_info,user_groups,expected_display_name,expected_email,expected_groups",
+    [
+        (
+            "uid=johndoe,ou=Users,dc=esss,dc=lu,dc=se",
+            "johndoe",
+            {"mail": "john.doe@example.org", "cn": "John Doe"},
+            [{"cn": "group2"}, {"cn": "group1"}],
+            "John Doe",
+            "john.doe@example.org",
+            ["group1", "group2"],
+        ),
+        (
+            "uid=johndoe,ou=Users,dc=esss,dc=lu,dc=se",
+            "johndoe",
+            {"mail": ["john.doe@example.org"], "cn": ["John Doe"]},
+            [{"cn": ["group2"]}, {"cn": ["group1"]}],
+            "John Doe",
+            "john.doe@example.org",
+            ["group1", "group2"],
+        ),
+        (
+            "uid=auditor,ou=Service accounts,dc=esss,dc=lu,dc=se",
+            "auditor",
+            {
+                "uid": ["auditor"],
+                "cn": [],
+                "mail": [],
+                "dn": "uid=csentry_svc,ou=Service accounts,dc=esss,dc=lu,dc=se",
+            },
+            [
+                {
+                    "cn": ["csentry_auditors"],
+                    "dn": "cn=csentry_auditors,ou=ICS,ou=Groups,dc=esss,dc=lu,dc=se",
+                }
+            ],
+            "auditor",
+            "",
+            ["csentry_auditors"],
+        ),
+    ],
+)
+def test_save_user(
+    dn,
+    username,
+    user_info,
+    user_groups,
+    expected_display_name,
+    expected_email,
+    expected_groups,
+):
+    user = models.save_user(dn, username, user_info, user_groups)
+    assert user.username == username
+    assert user.display_name == expected_display_name
+    assert user.email == expected_email
+    assert user.groups == expected_groups
diff --git a/tests/unit/test_utils.py b/tests/unit/test_utils.py
index 68542e3..9257866 100644
--- a/tests/unit/test_utils.py
+++ b/tests/unit/test_utils.py
@@ -9,6 +9,7 @@ This module defines utils tests.
 :license: BSD 2-Clause, see LICENSE for more details.
 
 """
+import pytest
 from pathlib import Path
 from app import utils
 
@@ -45,3 +46,17 @@ class TestUniqueFilename:
         p = tmpdir.join("test")
         p.write("Hello")
         assert utils.unique_filename(p) == Path(tmpdir.join("test-1"))
+
+
+@pytest.mark.parametrize(
+    "input,expected",
+    [
+        ([], ""),
+        (["foo"], "foo"),
+        (["foo", "bar"], "foo"),
+        ("hello", "hello"),
+        ("", ""),
+    ],
+)
+def test_attribute_to_string(input, expected):
+    assert utils.attribute_to_string(input) == expected
-- 
GitLab