• Jérome Perrin's avatar
    ERP5Security: make ERP5AccessTokenExtractionPlugin work with user ids · c957099d
    Jérome Perrin authored
    Because this was broken, we took the liberty to introduce a breaking
    change to fix naming, now type based scripts are *_getUserValue and must
    return a user document, with a getUserId method returning the user id.
    
    Make this plugin also an IAuthenticationPlugin which does all the job of
    returning the user id.
    It does not really make sense to delegate this to default authenticator.
    A side effect is that token can still authenticate users with no
    assignments, since tokens are scriptable, if this is a requirement, it
    can be implemented in scripts.
    
    also update test:
    
     - plugin must be enabled for IAuthenticationPlugin
     - check complete authentication sequence, not just extraction
     - update scripts to new names
     - simplify transaction management
     - don't set self.person, it was not used anywhere
     - update _createPerson to reindex, as said in docstring
     - merge all tests in on test component
    c957099d
test.erp5.testERP5AccessToken.py 15.2 KB