Remove duplicate definitions SAML_DJANGO_USER_MAIN_ATTRIBUTE{,_LOOKUP}

francoisfreitag · francoisfreitag · commit cd463e8de186 · 2017-09-30T19:50:20.000-07:00
The saml_settings module is only used in backends.py and is not the
only way to retrieve Django's user attribute and attribute lookup.
Instead, define helpers for these on the backend class.

Also, remove unused definitions of django_user_main_attribute_lookup.
diff --git a/djangosaml2/backends.py b/djangosaml2/backends.py
@@ -23,8 +23,6 @@
 
 from djangosaml2.signals import pre_user_save
 
-from . import settings as saml_settings
-
 try:
     from django.contrib.auth.models import SiteProfileNotAvailable
 except ImportError:
@@ -85,8 +83,7 @@ def authenticate(self, request, session_info=None, attribute_mapping=None,
         use_name_id_as_username = getattr(
             settings, 'SAML_USE_NAME_ID_AS_USERNAME', False)
 
-        django_user_main_attribute = saml_settings.SAML_DJANGO_USER_MAIN_ATTRIBUTE
-        django_user_main_attribute_lookup = saml_settings.SAML_DJANGO_USER_MAIN_ATTRIBUTE_LOOKUP
+        django_user_main_attribute = self.get_django_user_main_attribute()
 
         logger.debug('attributes: %s', attributes)
         saml_user = None
@@ -137,15 +134,17 @@ def clean_user_main_attribute(self, main_attribute):
         """
         return main_attribute
 
-    def get_user_query_args(self, main_attribute):
-        django_user_main_attribute = getattr(
+    def get_django_user_main_attribute(self):
+        return getattr(
             settings, 'SAML_DJANGO_USER_MAIN_ATTRIBUTE', 'username')
-        django_user_main_attribute_lookup = getattr(
-            settings, 'SAML_DJANGO_USER_MAIN_ATTRIBUTE_LOOKUP', '')
 
-        return {
-            django_user_main_attribute + django_user_main_attribute_lookup: main_attribute
-        }
+    def get_django_user_main_attribute_lookup(self):
+        return getattr(settings, 'SAML_DJANGO_USER_MAIN_ATTRIBUTE_LOOKUP', '')
+
+    def get_user_query_args(self, main_attribute):
+        lookup = (self.get_django_user_main_attribute() +
+                  self.get_django_user_main_attribute_lookup())
+        return {lookup: main_attribute}
 
     def get_saml2_user(self, create, main_attribute, attributes, attribute_mapping):
         if create:
@@ -156,8 +155,7 @@ def get_saml2_user(self, create, main_attribute, attributes, attribute_mapping):
     def _get_or_create_saml2_user(self, main_attribute, attributes, attribute_mapping):
         logger.debug('Check if the user "%s" exists or create otherwise',
                      main_attribute)
-        django_user_main_attribute = saml_settings.SAML_DJANGO_USER_MAIN_ATTRIBUTE
-        django_user_main_attribute_lookup = saml_settings.SAML_DJANGO_USER_MAIN_ATTRIBUTE_LOOKUP
+        django_user_main_attribute = self.get_django_user_main_attribute()
         user_query_args = self.get_user_query_args(main_attribute)
         user_create_defaults = {django_user_main_attribute: main_attribute}
 
@@ -180,7 +178,7 @@ def _get_or_create_saml2_user(self, main_attribute, attributes, attribute_mappin
 
     def _get_saml2_user(self, main_attribute, attributes, attribute_mapping):
         User = get_saml_user_model()
-        django_user_main_attribute = saml_settings.SAML_DJANGO_USER_MAIN_ATTRIBUTE
+        django_user_main_attribute = self.get_django_user_main_attribute()
         user_query_args = self.get_user_query_args(main_attribute)
 
         logger.debug('Retrieving existing user "%s"', main_attribute)
diff --git a/djangosaml2/settings.py b/djangosaml2/settings.py
diff --git a/tests/testprofiles/models.py b/tests/testprofiles/models.py
@@ -15,8 +15,6 @@
 
 import django
 from django.db import models
-from django.contrib.auth.models import User
-from django.conf import settings
 
 if django.VERSION < (1, 7):
     class TestProfile(models.Model):
@@ -32,3 +30,10 @@ class TestUser(AbstractUser):
 
         def process_first_name(self, first_name):
             self.first_name = first_name[0]
+
+    class StandaloneUserModel(models.Model):
+        """
+        Does not inherit from Django's base abstract user and does not define a
+        USERNAME_FIELD.
+        """
+        username = models.CharField(max_length=30, unique=True)
diff --git a/tests/testprofiles/tests.py b/tests/testprofiles/tests.py
@@ -23,7 +23,9 @@
 else:
     User = get_user_model()
 
-from django.test import TestCase
+from django.contrib.auth.models import User as DjangoUserModel
+
+from django.test import TestCase, override_settings
 
 from djangosaml2.backends import Saml2Backend
 
@@ -110,4 +112,32 @@ def test_update_user_empty_attribute(self):
         self.assertEquals(user.email, 'john@example.com')
         self.assertEquals(user.first_name, 'John')
         # empty attribute list: no update
-        self.assertEquals(user.last_name, 'Smith') 
+        self.assertEquals(user.last_name, 'Smith')
+
+    def test_django_user_main_attribute(self):
+        backend = Saml2Backend()
+
+        with override_settings(AUTH_USER_MODEL='auth.User'):
+            self.assertEquals(
+                DjangoUserModel.USERNAME_FIELD,
+                backend.get_django_user_main_attribute())
+
+        with override_settings(
+                AUTH_USER_MODEL='testprofiles.StandaloneUserModel'):
+            self.assertEquals(
+                backend.get_django_user_main_attribute(),
+                'username')
+
+        with override_settings(SAML_DJANGO_USER_MAIN_ATTRIBUTE='foo'):
+            self.assertEquals(backend.get_django_user_main_attribute(), 'foo')
+
+    def test_django_user_main_attribute_lookup(self):
+        backend = Saml2Backend()
+
+        self.assertEquals(backend.get_django_user_main_attribute_lookup(), '')
+
+        with override_settings(
+                SAML_DJANGO_USER_MAIN_ATTRIBUTE_LOOKUP='__iexact'):
+            self.assertEquals(
+                backend.get_django_user_main_attribute_lookup(),
+                '__iexact')
