Merge branch 'release/0.5.1'

libris · Nov 2, 2017 · ec29703 · ec29703
2 parents 0a04cef + 0f88b0b
commit ec29703
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 17 deletions.
diff --git a/README.rst b/README.rst
@@ -183,6 +183,13 @@ DB Models
 Changelog
 =========
 
+v. 0.5.1
+--------
+
+* Update `/oauth/verify` API response format (`#68 <https://github.com/libris/xl_auth/issues/68>`_)
+* Fix bug where collections would read the wrong active/inactive state from bibdb.libris.kb.se
+
+
 v. 0.5.0
 --------
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "xl_auth",
-  "version": "0.5.0",
+  "version": "0.5.1",
   "author": "National Library of Sweden",
   "license": "Apache-2.0",
   "description": "OAuth2 authorization for LibrisXL, replacing BibDB counterpart",

diff --git a/tests/end2end/test_oauth.py b/tests/end2end/test_oauth.py
@@ -105,3 +105,15 @@ def test_get_access_token(grant, testapp):
     assert res.json_body['access_token'] == token.access_token
     assert res.json_body['refresh_token'] == token.refresh_token
     assert res.json_body['version'] == __version__
+
+
+def test_verify_response(token, testapp):
+    """Get user details and token expiry."""
+    res = testapp.get(url_for('oauth.verify'),
+                      headers={'Authorization': str('Bearer ' + token.access_token)})
+
+    assert res.json_body['expires_at'] == token.expires_at.isoformat()
+    assert res.json_body['user']['full_name'] == token.user.full_name
+    assert res.json_body['user']['email'] == token.user.email
+
+    assert len(res.json_body['user']['permissions']) == len(token.user.permissions)
diff --git a/xl_auth/commands.py b/xl_auth/commands.py
@@ -246,7 +246,7 @@ def _get_collection_details_from_bibdb(code):
             'friendly_name': friendly_name,
             'code': bibdb_api_data['sigel'],
             'category': category,
-            'active': not bool(bibdb_api_data['sigel_new']),
+            'active': bibdb_api_data['alive'],
             'replaces': bibdb_api_data['sigel_old'],
             'replaced_by': bibdb_api_data['sigel_new']
         }
@@ -445,7 +445,12 @@ def _get_manually_deleted_permissions():
             continue
 
         collection = Collection.query.filter_by(code=details['code']).first()
-        if not collection:
+        if collection:
+            if collection.active != details['active']:
+                collection.active = details['active']
+                collection.save()
+                print('corrected collection %r: active=%s' % (collection.code, collection.active))
+        else:
             collection = Collection.create(**details)
             collection.save()
 

diff --git a/xl_auth/oauth/views.py b/xl_auth/oauth/views.py
@@ -4,7 +4,6 @@
 from __future__ import absolute_import, division, print_function, unicode_literals
 
 from datetime import datetime, timedelta
-from time import time
 
 from flask import Blueprint, current_app, jsonify, render_template, request
 from flask_login import current_user, login_required
@@ -110,20 +109,14 @@ def verify():
     assert isinstance(user, User)
 
     return jsonify(
-        exp=(time() + 3600) * 1000,
-        expires_at=oauth.expires_at.isoformat(),
-        qsh='mumbojumbo',
+        expires_at=oauth.access_token.expires_at.isoformat(),
         user={
-            'username': user.email,
+            'full_name': user.full_name,
             'email': user.email,
-            'authorization': [{'sigel': permission.collection.code,
-                               'code': permission.collection.code,
-                               'cataloger': permission.cataloger,
-                               'registrant': permission.registrant,
-                               'cataloging_admin': permission.cataloging_admin,
-                               'kat': permission.cataloging_admin,
-                               'xlreg': permission.cataloging_admin}
-                              for permission in user.permissions]
+            'permissions': [{'code': permission.collection.code,
+                             'cataloger': permission.cataloger,
+                             'registrant': permission.registrant}
+                            for permission in user.permissions]
         }
     )