Bug 2357 Fixed: Session expiry while deleting non-session Project-Role

Change-Id: Ifc14e2e5c6cc167cbbca02e2dc9bc6dc16d649ae
Signed-off-by: Adurti <adurti.v@tataelxsi.co.in>

diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py
index b4f8980..a98e2ff 100644 (file)
--- a/osm_nbi/admin_topics.py
+++ b/osm_nbi/admin_topics.py
@@ -1105,6 +1105,17 @@ class UserTopicAuth(UserTopic):
                         http_code=HTTPStatus.UNPROCESSABLE_ENTITY,
                     )
 
+            # check before deleting project-role
+            delete_session_project = False
+            if indata.get("remove_project_role_mappings"):
+                for pr in indata["remove_project_role_mappings"]:
+                    project_name = pr.get("project")
+                    project_details = self.db.get_one(
+                        "projects", {"_id": session.get("project_id")[0]}
+                    )
+                    if project_details["name"] == project_name:
+                        delete_session_project = True
+
             # password change
             if indata.get("password"):
                 if not session.get("admin_show"):
@@ -1212,6 +1223,7 @@ class UserTopicAuth(UserTopic):
                     "renew": indata.get("renew"),
                     "session_user": session.get("username"),
                     "email_id": indata.get("email_id"),
+                    "remove_session_project": delete_session_project,
                 }
             )
             data_to_send = {"_id": _id, "changes": indata}

diff --git a/osm_nbi/authconn_internal.py b/osm_nbi/authconn_internal.py
index cf8c55a..cfd23af 100644 (file)
--- a/osm_nbi/authconn_internal.py
+++ b/osm_nbi/authconn_internal.py
@@ -738,7 +738,10 @@ class AuthconnInternal(Authconn):
         self.db.set_one(self.users_collection, {idf: uid}, user_data)
         if user_info.get("remove_project_role_mappings"):
             idf = "user_id" if idf == "_id" else idf
-            self.db.del_list(self.tokens_collection, {idf: uid})
+            if not user_data.get("project_role_mappings") or user_info.get(
+                "remove_session_project"
+            ):
+                self.db.del_list(self.tokens_collection, {idf: uid})
 
     def delete_user(self, user_id):
         """

diff --git a/osm_nbi/tests/test_admin_topics.py b/osm_nbi/tests/test_admin_topics.py
index 2ecdbf7..101604c 100755 (executable)
--- a/osm_nbi/tests/test_admin_topics.py
+++ b/osm_nbi/tests/test_admin_topics.py
@@ -926,6 +926,12 @@ class Test_UserTopicAuth(TestCase):
         uid = str(uuid4())
         pid1 = str(uuid4())
         rid1 = str(uuid4())
+        test_project = {
+            "_id": test_pid,
+            "name": "test",
+            "_admin": {"created": now, "modified": now},
+        }
+        self.db.create("projects", test_project)
         self.fake_session["user_id"] = uid
         self.fake_session["admin_show"] = True
         prms = [