Skip to content

Commit

Permalink
add method to update Passport configuration via the AdminAPI (#279)
Browse files Browse the repository at this point in the history
  • Loading branch information
kmahan-duo authored Oct 29, 2024
1 parent 2ebd510 commit 5ed6201
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 1 deletion.
48 changes: 47 additions & 1 deletion duo_client/admin.py
Original file line number Diff line number Diff line change
Expand Up @@ -3644,13 +3644,59 @@ def calculate_policy(self, integration_key, user_id):

def get_passport_config(self):
"""
Returns the current Passport configuration.
Retrieve the current Passport configuration.
Returns (dict):
{
"enabled_status": string,
"enabled_groups": [
{
"group_id": user group ID,
"group_name": descriptive user group name,
...
},
...
]
"disabled_groups": [
{
"group_id": user group ID,
"group_name": descriptive user group name,
...
},
...
]
}
"""

path = "/admin/v2/passport/config"
response = self.json_api_call("GET", path, {})
return response

def update_passport_config(self, enabled_status, enabled_groups=[], disabled_groups=[]):
"""
Update the current Passport configuration.
Args:
enabled_status (str) - one of "disabled", "enabled", "enabled-for-groups",
or "enabled-with-exceptions"
enabled_groups (list[str]) - if enabled_status is "enabled-for-groups", a
list of user group IDs for whom Passport should be enabled
disabled_groups (list[str]) - if enabled_status is "enabled-with-exceptions",
a list of user group IDs for whom Passport should be disabled
"""

path = "/admin/v2/passport/config"
response = self.json_api_call(
"POST",
path,
{
"enabled_status": enabled_status,
"enabled_groups": enabled_groups,
"disabled_groups": disabled_groups,
},
)
return response


class AccountAdmin(Admin):
"""AccountAdmin manages a child account using an Accounts API integration."""
Expand Down
12 changes: 12 additions & 0 deletions tests/admin/test_passport.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
import json

from .base import TestAdmin
from .. import util

Expand All @@ -11,3 +13,13 @@ def test_get_passport(self):
self.assertEqual(response['method'], 'GET')
self.assertEqual(uri, '/admin/v2/passport/config')
self.assertEqual(util.params_to_dict(args), {'account_id': [self.client.account_id]})

def test_update_passport(self):
""" Test update passport configuration
"""
response = self.client.update_passport_config(enabled_status="enabled-for-groups", enabled_groups=["passport-test-group"])
self.assertEqual(response["uri"], "/admin/v2/passport/config")
body = json.loads(response["body"])
self.assertEqual(body["enabled_status"], "enabled-for-groups")
self.assertEqual(body["enabled_groups"], ["passport-test-group"])
self.assertEqual(body["disabled_groups"], [])

0 comments on commit 5ed6201

Please sign in to comment.