allow for saml attributes to define team and org

related to https://github.com/ansible/awx/issues/217 * Adds a configure tower in tower setting for users to configure a saml attribute that tower will use to put users into teams and orgs.
2026-03-05 02:31:03 -03:30 · 2017-12-04 12:18:44 -05:00
parent 4707b5e020
commit 9d58b15135
6 changed files with 529 additions and 1 deletions
--- a/awx/sso/fields.py
+++ b/awx/sso/fields.py
@@ -3,6 +3,7 @@ import ldap

 # Django
 from django.utils.translation import ugettext_lazy as _
+from django.core.exceptions import ValidationError

 # Django Auth LDAP
 import django_auth_ldap.config
@@ -620,7 +621,7 @@ class SAMLEnabledIdPsField(fields.DictField):
    child = SAMLIdPField()


-class SAMLSecurityField(fields.DictField):
+class SAMLSecurityField(BaseDictWithChildField):

    child_fields = {
        'nameIdEncrypted': fields.BooleanField(required=False),
@@ -643,3 +644,28 @@ class SAMLSecurityField(fields.DictField):
    }
    allow_unknown_keys = True

+
+class SAMLOrgAttrField(BaseDictWithChildField):
+
+    child_fields = {
+        'remove': fields.BooleanField(required=False),
+        'saml_attr': fields.CharField(required=False, allow_null=True),
+    }
+
+
+class SAMLTeamAttrTeamOrgMapField(BaseDictWithChildField):
+
+    child_fields = {
+        'team': fields.CharField(required=True, allow_null=False),
+        'organization': fields.CharField(required=True, allow_null=False),
+    }
+
+
+class SAMLTeamAttrField(BaseDictWithChildField):
+
+    child_fields = {
+        'team_org_map': fields.ListField(required=False, child=SAMLTeamAttrTeamOrgMapField(), allow_null=True),
+        'remove': fields.BooleanField(required=False),
+        'saml_attr': fields.CharField(required=False, allow_null=True),
+    }
+