fixup! ERP5Security: make ERP5AccessTokenExtractionPlugin work with user ids

Just return the token relative URL as login. It should "look like a token" enough to be obvious.

fixup! ERP5Security: make ERP5AccessTokenExtractionPlugin work with user ids
Just return the token relative URL as login. It should "look like a token" enough to be obvious.
6214f65e · Jérome Perrin · 40310dbe · 6214f65e · 6214f65e
Commit 6214f65e authored Mar 18, 2019 by Jérome Perrin
2 changed files
--- a/bt5/erp5_access_token/TestTemplateItem/portal_components/test.erp5.testERP5AccessToken.py
+++ b/bt5/erp5_access_token/TestTemplateItem/portal_components/test.erp5.testERP5AccessToken.py
@@ -115,7 +115,7 @@ class TestERP5AccessTokenSkins(AccessTokenTestCase):
    user_id, login = result
    self.assertEqual(user_id, person.Person_getUserId())
    # tokens have a login value, for auditing purposes
-    self.assertIn('token', login)
+    self.assertEqual(access_token.getRelativeUrl(), login)

  def test_bad_token(self):
    person = self._createPerson(self.new_id)

--- a/product/ERP5Security/ERP5AccessTokenExtractionPlugin.py
+++ b/product/ERP5Security/ERP5AccessTokenExtractionPlugin.py
@@ -94,7 +94,8 @@ class ERP5AccessTokenExtractionPlugin(BasePlugin):
          user_id = method()

        if user_id is not None:
-          return (user_id, 'token {erp5_access_token_id} for {user_id}'.format(**locals()))
+          # Return token relative URL as login, for traceability.
+          return (user_id, token_document.getRelativeUrl())


 #Form for new plugin in ZMI