feat: finalize hpc access cli state sync (#212)

WIP

WIP

WIP

WIP

WIP

WIP

WIP; removed state-dump-v2 command and api endpoint

WIP

WIP

WIP

WIP

WIP

WIP

WIP

WIP

WIP

WIP

WIP

WIP

WIP

adminsec/ldap.py

@@ -188,6 +188,7 @@ def get_user_info(self, username):
                 "userAccountControl",
                 "telephoneNumber",
                 "uidNumber",
+                "cn",
             ],
         }
 

adminsec/tasks.py

@@ -58,6 +58,8 @@ def _sync_ldap(write=False, verbose=False, ldapcon=None):
             first_name = userinfo.givenName
             last_name = userinfo.sn
             mail = userinfo.mail
+            name = userinfo.cn
+            display_name = userinfo.displayName
             disabled = True
 
             if userAccountControl:
@@ -78,7 +80,12 @@ def _sync_ldap(write=False, verbose=False, ldapcon=None):
             if uid:
                 user.uid = uid[0]
 
-            user.name = " ".join([user.first_name, user.last_name])
+            if name:
+                user.name = name[0]
+
+            if display_name:
+                user.display_name = display_name[0]
+
             user.is_active = not disabled
 
             if user.hpcuser_user.exists():

adminsec/tests/test_tasks.py

@@ -104,7 +104,7 @@ def setup_test_data_server1(connection):
                 },
             )
             connection.strategy.add_entry(
-                "cn=user,ou=test," + AUTH_LDAP_USER_SEARCH_BASE,
+                "cn=Jane Joe,ou=test," + AUTH_LDAP_USER_SEARCH_BASE,
                 {
                     "objectclass": "person",
                     "mail": USER_MAIL_INSTITUTE,
@@ -126,7 +126,7 @@ def setup_test_data_server2(connection):
                 },
             )
             connection.strategy.add_entry(
-                "cn=user,ou=test," + AUTH_LDAP2_USER_SEARCH_BASE,
+                "cn=John Doe,ou=test," + AUTH_LDAP2_USER_SEARCH_BASE,
                 {
                     "objectclass": "person",
                     "mail": USER_MAIL_INSTITUTE2,

adminsec/tests/test_views_api.py

@@ -8,7 +8,6 @@
 from test_plus import TestCase
 
 from usersec.models import REQUEST_STATUS_ACTIVE
-from usersec.serializers import HPC_ALUMNI_GROUP
 from usersec.tests.factories import (
     HpcGroupCreateRequestFactory,
     HpcGroupFactory,
@@ -627,126 +626,3 @@ def test_delete_fail(self):
                     self.response_405()
                 else:
                     self.response_403()
-
-
-class TestHpcAccessStatusApiView(ApiTestCase):
-    """Tests for the HpcAccessStatusApiView."""
-
-    def test_get_succeed(self):
-        """Test the GET method (staff users can do)."""
-
-        expected = {
-            "hpc_users": [
-                {
-                    "uid": self.hpcuser_user.uid,
-                    "email": self.hpcuser_user.user.email,
-                    "full_name": "User Name",
-                    "first_name": self.hpcuser_user.user.first_name,
-                    "last_name": self.hpcuser_user.user.last_name,
-                    "phone_number": None,
-                    "primary_group": self.hpcuser_group.name,
-                    "resources_requested": self.hpcuser_user.resources_requested,
-                    "status": "INITIAL",
-                    "description": self.hpcuser_user.description,
-                    "username": self.hpcuser_user.username,
-                    "expiration": self.hpcuser_user.expiration.strftime("%Y-%m-%dT%H:%M:%SZ"),
-                    "home_directory": self.hpcuser_user.home_directory,
-                    "login_shell": self.hpcuser_user.login_shell,
-                }
-            ],
-            "hpc_groups": [
-                {
-                    "owner": None,
-                    "delegate": None,
-                    "resources_requested": self.hpcuser_group.resources_requested,
-                    "status": "INITIAL",
-                    "description": self.hpcuser_group.description,
-                    "name": self.hpcuser_group.name,
-                    "folders": self.hpcuser_group.folders,
-                    "expiration": self.hpcuser_group.expiration.strftime("%Y-%m-%dT%H:%M:%SZ"),
-                    "gid": self.hpcuser_group.gid,
-                }
-            ],
-            "hpc_projects": [
-                {
-                    "gid": self.hpcuser_project.gid,
-                    "group": self.hpcuser_group.name,
-                    "delegate": None,
-                    "resources_requested": self.hpcuser_project.resources_requested,
-                    "status": "INITIAL",
-                    "description": self.hpcuser_project.description,
-                    "name": self.hpcuser_project.name,
-                    "folders": self.hpcuser_project.folders,
-                    "expiration": self.hpcuser_project.expiration.strftime("%Y-%m-%dT%H:%M:%SZ"),
-                    "members": [],
-                }
-            ],
-        }
-        for user in [self.user_staff, self.user_admin, self.user_hpcadmin]:
-            with self.login(user):
-                self.get("adminsec:api-hpcaccess-status")
-                self.response_200()
-                self.assertEqual(self.last_response.json(), expected)
-
-    def test_get_succeed_alumni(self):
-        self.hpcuser_user.primary_group = None
-        self.hpcuser_user.save()
-        expected = {
-            "hpc_users": [
-                {
-                    "uid": self.hpcuser_user.uid,
-                    "email": self.hpcuser_user.user.email,
-                    "full_name": "User Name",
-                    "first_name": self.hpcuser_user.user.first_name,
-                    "last_name": self.hpcuser_user.user.last_name,
-                    "phone_number": None,
-                    "primary_group": HPC_ALUMNI_GROUP,
-                    "resources_requested": self.hpcuser_user.resources_requested,
-                    "status": "INITIAL",
-                    "description": self.hpcuser_user.description,
-                    "username": self.hpcuser_user.username,
-                    "expiration": self.hpcuser_user.expiration.strftime("%Y-%m-%dT%H:%M:%SZ"),
-                    "home_directory": self.hpcuser_user.home_directory,
-                    "login_shell": self.hpcuser_user.login_shell,
-                }
-            ],
-            "hpc_groups": [
-                {
-                    "owner": None,
-                    "delegate": None,
-                    "resources_requested": self.hpcuser_group.resources_requested,
-                    "status": "INITIAL",
-                    "description": self.hpcuser_group.description,
-                    "name": self.hpcuser_group.name,
-                    "folders": self.hpcuser_group.folders,
-                    "expiration": self.hpcuser_group.expiration.strftime("%Y-%m-%dT%H:%M:%SZ"),
-                    "gid": self.hpcuser_group.gid,
-                }
-            ],
-            "hpc_projects": [
-                {
-                    "gid": self.hpcuser_project.gid,
-                    "group": self.hpcuser_group.name,
-                    "delegate": None,
-                    "resources_requested": self.hpcuser_project.resources_requested,
-                    "status": "INITIAL",
-                    "description": self.hpcuser_project.description,
-                    "name": self.hpcuser_project.name,
-                    "folders": self.hpcuser_project.folders,
-                    "expiration": self.hpcuser_project.expiration.strftime("%Y-%m-%dT%H:%M:%SZ"),
-                    "members": [],
-                }
-            ],
-        }
-        for user in [self.user_staff, self.user_admin, self.user_hpcadmin]:
-            with self.login(user):
-                self.get("adminsec:api-hpcaccess-status")
-                self.response_200()
-                self.assertEqual(self.last_response.json(), expected)
-
-    def test_get_fail(self):
-        """Test the GET method (non-staff cannot do)."""
-        for user in [self.user_user]:
-            with self.login(user):
-                self.get("adminsec:api-hpcaccess-status")
-                self.response_403()

adminsec/urls.py

@@ -318,11 +318,6 @@
         view=views_api.HpcProjectCreateRequestRetrieveUpdateApiView.as_view(),
         name="api-hpcprojectcreaterequest-retrieveupdate",
     ),
-    path(
-        "api/hpcaccess-status/",
-        view=views_api.HpcAccessStatusApiView.as_view(),
-        name="api-hpcaccess-status",
-    ),
 ]
 
 urlpatterns = urlpatterns_ui + urlpatterns_api

adminsec/views_api.py

@@ -5,7 +5,6 @@
 from rest_framework.exceptions import ValidationError
 from rest_framework.generics import (
     ListAPIView,
-    RetrieveAPIView,
     RetrieveUpdateAPIView,
     get_object_or_404,
 )
@@ -15,7 +14,6 @@
     RE_FOLDER,
     RE_NAME,
 )
-from adminsec.models import HpcAccessStatus
 from adminsec.permissions_api import IsHpcAdminUser
 from hpcaccess.utils.rest_framework import CursorPagination
 from usersec.models import (
@@ -26,7 +24,6 @@
     HpcUser,
 )
 from usersec.serializers import (
-    HpcAccessStatusSerializer,
     HpcGroupCreateRequestSerializer,
     HpcGroupSerializer,
     HpcProjectCreateRequestSerializer,
@@ -218,18 +215,3 @@ def perform_update(self, serializer):
             raise ValidationError(errors)
 
         super().perform_update(serializer)
-
-
-class HpcAccessStatusApiView(RetrieveAPIView):
-    """API view for listing all users."""
-
-    serializer_class = HpcAccessStatusSerializer
-    permission_classes = [IsAdminUser | IsHpcAdminUser]
-
-    def get_object(self):
-        """Return the object to be used in the view."""
-        return HpcAccessStatus(
-            hpc_users=HpcUser.objects.all(),
-            hpc_groups=HpcGroup.objects.all(),
-            hpc_projects=HpcProject.objects.all(),
-        )

usersec/serializers.py

@@ -103,36 +103,6 @@ class Meta:
         ]
 
 
-class HpcUserStatusSerializer(HpcUserAbstractSerializer, serializers.ModelSerializer):
-    """Serializer for HpcUser model."""
-
-    primary_group = serializers.SerializerMethodField()
-
-    def get_primary_group(self, obj):
-        if obj.primary_group is None:
-            return HPC_ALUMNI_GROUP
-        return obj.primary_group.name
-
-    class Meta:
-        model = HpcUser
-        fields = [
-            "uid",
-            "email",
-            "full_name",
-            "first_name",
-            "last_name",
-            "phone_number",
-            "primary_group",
-            "resources_requested",
-            "status",
-            "description",
-            "username",
-            "expiration",
-            "home_directory",
-            "login_shell",
-        ]
-
-
 class HpcUserVersionSerializer(HpcUserAbstractSerializer, serializers.ModelSerializer):
     """Serializer for HpcUserVersion model."""
 
@@ -200,26 +170,6 @@ class Meta:
         ]
 
 
-class HpcGroupStatusSerializer(HpcGroupAbstractSerializer, serializers.ModelSerializer):
-    """Serializer for HpcGroup model."""
-
-    owner = serializers.SlugRelatedField(slug_field="username", read_only=True)
-
-    class Meta:
-        model = HpcUser
-        fields = [
-            "owner",
-            "delegate",
-            "resources_requested",
-            "status",
-            "description",
-            "name",
-            "folders",
-            "expiration",
-            "gid",
-        ]
-
-
 class HpcProjectAbstractSerializer(HpcObjectAbstractSerializer):
     """Common base class for HPC project serializers."""
 
@@ -276,29 +226,6 @@ class Meta:
         ]
 
 
-class HpcProjectStatusSerializer(HpcProjectAbstractSerializer, serializers.ModelSerializer):
-    """Serializer for HpcProject model."""
-
-    group = serializers.SlugRelatedField(slug_field="name", read_only=True)
-    delegate = serializers.SlugRelatedField(slug_field="username", read_only=True)
-    members = serializers.SlugRelatedField(slug_field="username", many=True, read_only=True)
-
-    class Meta:
-        model = HpcUser
-        fields = [
-            "gid",
-            "group",
-            "delegate",
-            "resources_requested",
-            "status",
-            "description",
-            "name",
-            "folders",
-            "expiration",
-            "members",
-        ]
-
-
 class HpcRequestAbstractSerializer(HpcObjectAbstractSerializer):
     """Common base class for HPC request serializers."""
 
@@ -456,20 +383,3 @@ class Meta:
             "primary_group",
             "full_name",
         ]
-
-
-class HpcAccessStatusSerializer(serializers.Serializer):
-    """Serializer for HpcAccessStatus model."""
-
-    hpc_users = serializers.SerializerMethodField()
-    hpc_groups = serializers.SerializerMethodField()
-    hpc_projects = serializers.SerializerMethodField()
-
-    def get_hpc_users(self, obj):
-        return HpcUserStatusSerializer(obj.hpc_users, many=True).data
-
-    def get_hpc_groups(self, obj):
-        return HpcGroupStatusSerializer(obj.hpc_groups, many=True).data
-
-    def get_hpc_projects(self, obj):
-        return HpcProjectStatusSerializer(obj.hpc_projects, many=True).data