Skip to content

Commit

Permalink
✨ [#3967] Add 'auth_context_branch_number' static variable
Browse files Browse the repository at this point in the history
For eherkenning authentication, this will contain the branch number
that the employee is authenticated/authorized for.
  • Loading branch information
sergei-maertens committed Jul 3, 2024
1 parent b3dbcc6 commit b5e791e
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 1 deletion.
7 changes: 6 additions & 1 deletion docs/manual/forms/variables.rst
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,8 @@ authenticatiecontextdatamodel_. De structuur is als volgt:
"authorizee": {
"legalSubject": {
"identifierType": "string",
"identifier": "string"
"identifier": "string",
"branchNumber": "string"
},
"actingSubject": {
"identifierType": "string",
Expand Down Expand Up @@ -169,6 +170,10 @@ De onderdelen van deze structuur worden ook als individuele variabelen aangebode
Identificatie van de (wettelijke) vertegenwoordiger. Leeg indien het formulier
zonder inloggen gestart is.

``auth_context_branch_number``
Vestigingsnummer waarvoor de medewerker ingelogd is. Leeg indien het geen
eHerkenning-login betreft.

``auth_context_acting_subject_identifier_type``
In de praktijk zal de waarde altijd ``opaque`` of leeg zijn. Geeft aan hoe de
identificatie van de handelende persoon ("de persoon aan de knoppen")
Expand Down
15 changes: 15 additions & 0 deletions src/openforms/authentication/static_variables/static_variables.py
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,21 @@ def get_initial_value(self, submission: Submission | None = None) -> str:
return auth_context["authorizee"]["legalSubject"]["identifier"]


@register_static_variable("auth_context_branch_number")
class AuthContextBranchNumber(BaseStaticVariable):
name = _("Authentication context data: branch number")
data_type = FormVariableDataTypes.string

def get_initial_value(self, submission: Submission | None = None) -> str:
if submission is None or not submission.is_authenticated:
return ""
auth_context = submission.auth_info.to_auth_context_data()
if auth_context["source"] != "eherkenning":
return ""
legal_subject = auth_context["authorizee"]["legalSubject"]
return legal_subject.get("branchNumber", "")


@register_static_variable("auth_context_acting_subject_identifier_type")
class AuthContextActingSubjectIdentifierType(BaseStaticVariable):
name = _("Authentication context data: authorizee, acting subject identifier type")
Expand Down
59 changes: 59 additions & 0 deletions src/openforms/authentication/tests/test_static_variables.py
Original file line number Diff line number Diff line change
Expand Up @@ -77,3 +77,62 @@ def test_language_code_variable(self):
}

self.assertEqual(static_data["language_code"], "nl")

def test_branch_number_variable(self):
cases = (
(
AuthInfoFactory.create(
is_digid=True,
legal_subject_service_restriction="foo",
),
"",
),
(
AuthInfoFactory.create(
is_digid_machtigen=True,
legal_subject_service_restriction="foo",
),
"",
),
(
AuthInfoFactory.create(
is_eh=True,
legal_subject_service_restriction="123456789012",
),
"123456789012",
),
(
AuthInfoFactory.create(
is_eh_bewindvoering=True,
legal_subject_service_restriction="123456789012",
),
"123456789012",
),
(
AuthInfoFactory.create(
is_eh=True,
legal_subject_service_restriction="",
),
"",
),
(
AuthInfoFactory.create(
is_eh_bewindvoering=True,
legal_subject_service_restriction="",
),
"",
),
)
for auth_info, expected in cases:
with self.subTest(
attribute=auth_info.attribute,
service_restriction=auth_info.legal_subject_service_restriction,
):
static_data = {
variable.key: variable.initial_value
for variable in get_static_variables(
submission=auth_info.submission
)
}

self.assertEqual(static_data["auth_context_branch_number"], expected)

0 comments on commit b5e791e

Please sign in to comment.