Merge branch 'no-ldap-update' into 'master'

don't update user data from ldap

See merge request !682

amivapi/ldap.py

@@ -40,7 +40,6 @@ anymore. Unfortunately, the info for all previous students is still in the
 parsing.
 """
 
-from eve.methods.patch import patch_internal
 from eve.methods.post import post_internal
 from flask import current_app
 from nethz.ldap import AuthenticatedLdap
@@ -208,20 +207,11 @@ def _create_or_update_user(ldap_data):
     db_data = current_app.data.driver.db['users'].find_one(query)
 
     with admin_permissions():
-        if db_data:
-            # Membership will not be downgraded and email not be overwritten
-            # Newsletter settings will also not be adjusted
-            ldap_data.pop('email', None)
-            if db_data.get('membership') != u"none":
-                ldap_data.pop('membership', None)
-                ldap_data.pop('send_newsletter', None)
-
-            user = patch_internal('users',
-                                  ldap_data,
-                                  _id=db_data['_id'])[0]
-        else:
-            # For new members,
-
+        if not db_data:
+            # Only create users if they do not exist,
+            # updating them is taken care of by the group sync
             user = post_internal('users', ldap_data)[0]
+        else:
+            user = db_data
 
     return user

amivapi/tests/test_ldap.py

@@ -203,59 +203,6 @@ class LdapTest(WebTestNoAuth):
         # User exists now
         self.api.get('/users/%s' % new_user['nethz'], status_code=200)
 
-    def test_update_user(self):
-        """Test the 'patch' part of _create_or_patch_user."""
-        # The user is in the database. Now change a few things and verify
-        # patch with original data does the correct thing
-        tests = (
-            # (field, db_value, ldap_value, change_expected)
-            ('firstname', 'old', 'new', True),
-            ('lastname', 'old', 'new', True),
-            ('department', 'mavt', 'itet', True),
-            ('legi', '76543210', '01234567', True),
-            # Membership is only upgraded
-            ('membership', 'none', 'regular', True),
-            ('membership', 'regular', 'none', False),
-            ('membership', 'honorary', 'regular', False),
-            ('membership', 'honorary', 'none', False),
-            ('membership', 'extraordinary', 'regular', False),
-            ('membership', 'extraordinary', 'none', False),
-            # email will not be changed
-            ('email', 'old@mail.de', 'new@mail.de', False)
-        )
-
-        for ind, (field, db_value, ldap_value, change) in enumerate(tests):
-            # Create a new user for every test
-            self.new_object('users', nethz=str(ind), **{field: db_value})
-            ldap_data = {'nethz': str(ind), field: ldap_value}
-
-            with self.app.test_request_context():
-                result = ldap._create_or_update_user(ldap_data)
-
-            if change:
-                self.assertEqual(result[field], ldap_value)
-            else:
-                self.assertEqual(result[field], db_value)
-
-    def test_upgrade_membership(self):
-        # Insert non-member and upgrade by ldap later
-        user = self.api.post('/users', data={
-            'nethz': 'pablo',
-            'email': 'pablo@ethz.ch',  # this will be auto-generated
-            'firstname': 'P',
-            'lastname': 'Ablo',
-            'department': 'itet',
-            'membership': 'none',
-            'legi': '01234567',
-            'send_newsletter': False,
-        }, status_code=201).json
-        self.assertFalse(user['send_newsletter'])
-
-        with self.app.test_request_context():
-            result = ldap._create_or_update_user(self.fake_filtered_data())
-
-        self.assertTrue(result['send_newsletter'])
-
     def test_search(self):
         """Test that ldap is correctly queried."""
         test_query = "äüáíðáßðöó"