Enable admin site in Kesäseteli and add utilities to automatically manage admin user group#3830
Enable admin site in Kesäseteli and add utilities to automatically manage admin user group#3830nikomakela merged 5 commits intomainfrom
Conversation
|
YJDH-KESASETELI-API branch is deployed to platta: https://yjdh-kesaseteli-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
|
YOUTH branch is deployed to platta: https://nuortenkesaseteli-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
YJDH-HELSINKILISA-API branch is deployed to platta: https://helsinkilisa-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
|
EMPLOYER branch is deployed to platta: https://kesaseteli-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
HANDLER branch is deployed to platta: https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://nuortenkesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
|
HANDLER branch is deployed to platta: https://helsinkilisa-ui-handler-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
APPLICANT is deployed to platta: https://helsinkilisa-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://kesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-handler-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
nikomakela
force-pushed
the
YJDH-733-admin-ad-login
branch
from
6353f18 to
3e13b26
Compare
|
YJDH-KESASETELI-API branch is deployed to platta: https://yjdh-kesaseteli-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
|
YOUTH branch is deployed to platta: https://nuortenkesaseteli-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
YJDH-HELSINKILISA-API branch is deployed to platta: https://helsinkilisa-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
|
HANDLER branch is deployed to platta: https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
EMPLOYER branch is deployed to platta: https://kesaseteli-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://nuortenkesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
|
APPLICANT is deployed to platta: https://helsinkilisa-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
HANDLER branch is deployed to platta: https://helsinkilisa-ui-handler-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://kesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-handler-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
nikomakela
force-pushed
the
YJDH-733-admin-ad-login
branch
from
3e13b26 to
45bedf4
Compare
|
YJDH-KESASETELI-API branch is deployed to platta: https://yjdh-kesaseteli-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
nikomakela
force-pushed
the
YJDH-733-admin-ad-login
branch
from
45bedf4 to
a9f9efa
Compare
|
YJDH-KESASETELI-API branch is deployed to platta: https://yjdh-kesaseteli-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
|
YJDH-HELSINKILISA-API branch is deployed to platta: https://helsinkilisa-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://nuortenkesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
|
HANDLER branch is deployed to platta: https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
APPLICANT is deployed to platta: https://helsinkilisa-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://kesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-handler-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
nikomakela
force-pushed
the
YJDH-733-admin-ad-login
branch
from
a89ba90 to
20c7e6a
Compare
|
YJDH-KESASETELI-API branch is deployed to platta: https://yjdh-kesaseteli-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
YJDH-733. Refactored HelsinkiOAuth2CallbackView to be context-aware regarding redirect destinations. Previously, the view forcibly redirected all successful logins to ADFS_LOGIN_REDIRECT_URL. This hijacked intentional destinations, such as Django Admin deep links or specific application sub-pages. Changes: - Replaced manual 'next' parameter parsing with reliance on the library's internal 'state' decoding. - Added logic to honor redirects if the destination is the Admin site or a specific deep link. - Maintained the fallback to ADFS_LOGIN_REDIRECT_URL for generic logins (e.g., from the home page). - Cleaned up error handling and MFA redirect detection.
YJDH-733. Added a new app to project: "Staff Admin Permissions". This app provides utilities to automatically manage an "admins" user group and simplify permission setup for staff users in **development environments**. The main goals are: 1. To ensure the `admins` group is created during the `post_migrate` process in all environments. 2. To maintain full CRUD (Create, Read, Update, Delete) permissions for all models registered in the Django Admin in local development. 3. To automatically assign this group to new staff users (e.g., mock users) during local development to avoid manual configuration.
nikomakela
force-pushed
the
YJDH-733-admin-ad-login
branch
from
20c7e6a to
d5c5099
Compare
|
|
|
YJDH-KESASETELI-API branch is deployed to platta: https://yjdh-kesaseteli-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
|
YOUTH branch is deployed to platta: https://nuortenkesaseteli-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
HANDLER branch is deployed to platta: https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://nuortenkesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
|
HANDLER branch is deployed to platta: https://helsinkilisa-ui-handler-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://kesaseteli-handler-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
|
EMPLOYER branch is deployed to platta: https://kesaseteli-pr3830.dev.hel.ninja 🚀🚀🚀 |
|
YJDH-HELSINKILISA-API branch is deployed to platta: https://helsinkilisa-pr3830.api.dev.hel.ninja 🚀🚀🚀 |
|
APPLICANT is deployed to platta: https://helsinkilisa-ui-pr3830.dev.hel.ninja 🚀🚀🚀 |
TestCafe result is success for https://kesaseteli-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-handler-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
TestCafe result is success for https://helsinkilisa-ui-pr3830.dev.hel.ninja 😆🎉🎉🎉 |
4 participants
YJDH-733.
Staff Admin Permissions
The main goals are:
adminsgroup is created during thepost_migrateprocess in all environments.Signals:
settings.AUTO_ASSIGN_ADMIN_TO_STAFFisTrue. If env variable is unset, the setting is True by default ifDEBUGandNEXT_PUBLIC_MOCK_FLAGareTrue.How to apply and test changes:
python manage.py migrateto create admin grouppython manage.py setup_admin_permissionsto set permissions to admin groupsettings.AUTO_ASSIGN_ADMIN_TO_STAFFto True.