From 629b9c4ecbc23071babd5bff1aa0f42220412bfd Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Fri, 7 Jul 2023 12:42:19 +0200 Subject: [PATCH 01/13] :construction: [#3215] Make structure of AuthInfo.machtigen constant --- .../contrib/digid_eherkenning_oidc/plugin.py | 45 +++++++++++-------- 1 file changed, 27 insertions(+), 18 deletions(-) diff --git a/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py b/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py index 8ff3bfd339..56d6a82070 100644 --- a/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py +++ b/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py @@ -152,14 +152,17 @@ class DigiDMachtigenOIDCAuthentication(OIDCAuthentication): def add_claims_to_sessions_if_not_cosigning(self, claim, request): # set the session auth key only if we're not co-signing - if claim and CO_SIGN_PARAMETER not in request.GET: - config = OpenIDConnectDigiDMachtigenConfig.get_solo() - request.session[FORM_AUTH_SESSION_KEY] = { - "plugin": self.identifier, - "attribute": self.provides_auth, - "value": claim[config.vertegenwoordigde_claim_name], - "machtigen": request.session[DIGID_MACHTIGEN_OIDC_AUTH_SESSION_KEY], - } + if not claim or CO_SIGN_PARAMETER in request.GET: + return + + config = OpenIDConnectDigiDMachtigenConfig.get_solo() + machtigen_data = request.session[DIGID_MACHTIGEN_OIDC_AUTH_SESSION_KEY] + request.session[FORM_AUTH_SESSION_KEY] = { + "plugin": self.identifier, + "attribute": self.provides_auth, + "value": claim[config.vertegenwoordigde_claim_name], + "machtigen": {"value": machtigen_data.get(config.gemachtigde_claim_name)}, + } def get_label(self) -> str: return "DigiD Machtigen" @@ -179,16 +182,22 @@ class EHerkenningBewindvoeringOIDCAuthentication(OIDCAuthentication): def add_claims_to_sessions_if_not_cosigning(self, claim, request): # set the session auth key only if we're not co-signing - if claim and CO_SIGN_PARAMETER not in request.GET: - config = self.config_class.get_solo() - request.session[FORM_AUTH_SESSION_KEY] = { - "plugin": self.identifier, - "attribute": self.provides_auth, - "value": claim[config.vertegenwoordigde_company_claim_name], - "machtigen": request.session[ - EHERKENNING_BEWINDVOERING_OIDC_AUTH_SESSION_KEY - ], - } + if not claim or CO_SIGN_PARAMETER in request.GET: + return + + config = self.config_class.get_solo() + machtigen_data = request.session[ + EHERKENNING_BEWINDVOERING_OIDC_AUTH_SESSION_KEY + ] + request.session[FORM_AUTH_SESSION_KEY] = { + "plugin": self.identifier, + "attribute": self.provides_auth, + "value": claim[config.vertegenwoordigde_company_claim_name], + "machtigen": { + # TODO So far the only possibility is that this is a BSN. + "value": machtigen_data.get(config.gemachtigde_person_claim_name) + }, + } def get_label(self) -> str: return "eHerkenning bewindvoering" From 96239218491c0227fa6c4ef9015f53bae29263ec Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Fri, 7 Jul 2023 12:42:55 +0200 Subject: [PATCH 02/13] :white_check_mark: [#3215] Test saving AuthInfo with machtigen --- .../authentication/tests/test_signals.py | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/src/openforms/authentication/tests/test_signals.py b/src/openforms/authentication/tests/test_signals.py index 5b19e6a904..9f363da059 100644 --- a/src/openforms/authentication/tests/test_signals.py +++ b/src/openforms/authentication/tests/test_signals.py @@ -278,6 +278,29 @@ def test_setting_auth_attributes_flips_hashed_flag(self): self.assertEqual(submission.auth_info.value, "123456789") self.assertFalse(submission.auth_info.attribute_hashed) + def test_auth_with_digid_machtigen(self): + submission = SubmissionFactory.create( + form__authentication_backends=["digid_machtigen_oidc"] + ) + user = UserFactory() + request = factory.get("/foo") + request.user = user + request.session = { + FORM_AUTH_SESSION_KEY: { + "plugin": "digid_machtigen_oidc", + "attribute": "bsn", + "value": "123123123", + "machtigen": {"value": "123456782"}, + } + } + + set_auth_attribute_on_session(sender=None, instance=submission, request=request) + + submission.refresh_from_db() + + self.assertTrue(submission.is_authenticated) + self.assertEqual(submission.auth_info.machtigen["value"], "123456782") + class SetCosignDataTests(APITestCase): def test_set_cosigner_data(self): From 501469381635a53d91521a597774030621c779dd Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Fri, 7 Jul 2023 15:49:43 +0200 Subject: [PATCH 03/13] :sparkles: [#3215] Refactor prefill functions to handle multiple identifiers --- ...84_formvariable_prefill_identifier_role.py | 24 +++++++++ src/openforms/forms/models/form_variable.py | 17 +++++++ src/openforms/prefill/__init__.py | 50 ++++++++++++------- src/openforms/prefill/constants.py | 7 +++ 4 files changed, 79 insertions(+), 19 deletions(-) create mode 100644 src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py create mode 100644 src/openforms/prefill/constants.py diff --git a/src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py b/src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py new file mode 100644 index 0000000000..d5afa2da2f --- /dev/null +++ b/src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py @@ -0,0 +1,24 @@ +# Generated by Django 3.2.20 on 2023-07-07 12:06 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ("forms", "0083_alter_form_is_appointment"), + ] + + operations = [ + migrations.AddField( + model_name="formvariable", + name="prefill_identifier_role", + field=models.CharField( + choices=[("main", "Main"), ("authorised_person", "Authorised person")], + default="main", + help_text="The role of the identifier. Used to distinguish between the 'main' identifier and the identifiers of someone logging in on behalf of someone/something else.", + max_length=100, + verbose_name="prefill identifier role", + ), + ), + ] diff --git a/src/openforms/forms/models/form_variable.py b/src/openforms/forms/models/form_variable.py index 6186ecf1b1..65d7896015 100644 --- a/src/openforms/forms/models/form_variable.py +++ b/src/openforms/forms/models/form_variable.py @@ -15,6 +15,7 @@ is_layout_component, iter_components, ) +from openforms.prefill.constants import IdentifierRoles from openforms.variables.constants import FormVariableDataTypes, FormVariableSources from openforms.variables.utils import check_initial_value @@ -87,6 +88,12 @@ def create_for_formstep(self, form_step: "FormStep") -> List["FormVariable"]: default="", skip_exc=KeyError, ), + prefill_identifier_role=glom( + component, + Path("prefill", "identifierRole"), + default=IdentifierRoles.main, + skip_exc=KeyError, + ), key=component["key"], name=component.get("label") or component["key"], is_sensitive_data=component.get("isSensitiveData", False), @@ -154,6 +161,16 @@ class FormVariable(models.Model): blank=True, max_length=200, ) + prefill_identifier_role = models.CharField( + verbose_name=_("prefill identifier role"), + help_text=_( + "The role of the identifier. Used to distinguish between the 'main' identifier and " + "the identifiers of someone logging in on behalf of someone/something else." + ), + choices=IdentifierRoles.choices, + default=IdentifierRoles.main, + max_length=100, + ) data_type = models.CharField( verbose_name=_("data type"), help_text=_("The type of the value that will be associated with this variable"), diff --git a/src/openforms/prefill/__init__.py b/src/openforms/prefill/__init__.py index 780d3d7c06..de8b903936 100644 --- a/src/openforms/prefill/__init__.py +++ b/src/openforms/prefill/__init__.py @@ -31,7 +31,7 @@ """ import logging from collections import defaultdict -from typing import TYPE_CHECKING, Any, Dict, List, Tuple +from typing import TYPE_CHECKING, Any, Dict, Tuple import elasticapm from glom import Path, PathAccessError, glom @@ -56,25 +56,31 @@ def _fetch_prefill_values( ) @elasticapm.capture_span(span_type="app.prefill") - def invoke_plugin(item: Tuple[str, List[str]]) -> Tuple[str, Dict[str, Any]]: - plugin_id, fields = item - plugin = register[plugin_id] + def invoke_plugin( + item: Tuple[str, dict[str, list[str]]] + ) -> Tuple[str, Dict[str, Any]]: + plugin_id, field_groups = item + plugin = register[plugin_id] if not plugin.is_enabled: raise PluginNotEnabled() - try: - values = plugin.get_prefill_values(submission, fields) - except Exception as e: - logger.exception(f"exception in prefill plugin '{plugin_id}'") - logevent.prefill_retrieve_failure(submission, plugin, e) - return plugin_id, {} - else: - if values: - logevent.prefill_retrieve_success(submission, plugin, fields) + retrieved_results = {} + for identifier_role, fields in field_groups.items(): + try: + values = plugin.get_prefill_values(submission, fields, identifier_role) + except Exception as e: + logger.exception(f"exception in prefill plugin '{plugin_id}'") + logevent.prefill_retrieve_failure(submission, plugin, e) + retrieved_results[identifier_role] = {} else: - logevent.prefill_retrieve_empty(submission, plugin, fields) - return plugin_id, values + retrieved_results[identifier_role] = values + if values: + logevent.prefill_retrieve_success(submission, plugin, fields) + else: + logevent.prefill_retrieve_empty(submission, plugin, fields) + + return plugin_id, retrieved_results with parallel() as executor: results = executor.map(invoke_plugin, grouped_fields.items()) @@ -139,11 +145,16 @@ def prefill_variables(submission: "Submission", register=None) -> None: state = submission.load_submission_value_variables_state() variables_to_prefill = state.get_prefill_variables() - grouped_fields = defaultdict(list) + grouped_fields = defaultdict(dict) for variable in variables_to_prefill: - grouped_fields[variable.form_variable.prefill_plugin].append( - variable.form_variable.prefill_attribute - ) + plugin_id = variable.form_variable.prefill_plugin + attribute_name = variable.form_variable.prefill_attribute + identifier_role = variable.form_variable.prefill_identifier_role + + if not grouped_fields[plugin_id].get(identifier_role): + grouped_fields[plugin_id][identifier_role] = [] + + grouped_fields[plugin_id][identifier_role].append(attribute_name) results = _fetch_prefill_values(grouped_fields, submission, register) @@ -155,6 +166,7 @@ def prefill_variables(submission: "Submission", register=None) -> None: results, Path( variable.form_variable.prefill_plugin, + variable.form_variable.prefill_identifier_role, variable.form_variable.prefill_attribute, ), ) diff --git a/src/openforms/prefill/constants.py b/src/openforms/prefill/constants.py new file mode 100644 index 0000000000..c988535d1a --- /dev/null +++ b/src/openforms/prefill/constants.py @@ -0,0 +1,7 @@ +from django.db import models +from django.utils.translation import gettext_lazy as _ + + +class IdentifierRoles(models.TextChoices): + main = "main", _("Main") + authorised_person = "authorised_person", _("Authorised person") From 5a5521e5b389635c03f08991ee8c743ed88ff4d7 Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Fri, 7 Jul 2023 17:16:32 +0200 Subject: [PATCH 04/13] :construction: [#3215] Updated plugins to handle extra identifier --- src/openforms/forms/admin/form_variable.py | 2 + .../forms/api/serializers/form_variable.py | 1 + ...84_formvariable_prefill_identifier_role.py | 2 +- src/openforms/forms/models/form_variable.py | 4 +- src/openforms/prefill/base.py | 29 ++++++++++++-- src/openforms/prefill/contrib/demo/plugin.py | 2 +- .../prefill/contrib/haalcentraal/plugin.py | 38 ++++++++++++------- .../contrib/haalcentraal/tests/test_plugin.py | 15 ++++++-- src/openforms/prefill/contrib/kvk/plugin.py | 22 +++++++++-- .../prefill/contrib/stufbg/plugin.py | 28 +++++++++++--- 10 files changed, 108 insertions(+), 35 deletions(-) diff --git a/src/openforms/forms/admin/form_variable.py b/src/openforms/forms/admin/form_variable.py index ce6447f0fc..64674c37be 100644 --- a/src/openforms/forms/admin/form_variable.py +++ b/src/openforms/forms/admin/form_variable.py @@ -17,6 +17,7 @@ class FormVariableAdmin(admin.ModelAdmin): "source", "prefill_plugin", "prefill_attribute", + "prefill_identifier_role", "data_type", "is_sensitive_data", "initial_value", @@ -29,6 +30,7 @@ class FormVariableAdmin(admin.ModelAdmin): "source", "prefill_plugin", "prefill_attribute", + "prefill_identifier_role", "data_type", "data_format", "is_sensitive_data", diff --git a/src/openforms/forms/api/serializers/form_variable.py b/src/openforms/forms/api/serializers/form_variable.py index 415f30eabb..4fb195899e 100644 --- a/src/openforms/forms/api/serializers/form_variable.py +++ b/src/openforms/forms/api/serializers/form_variable.py @@ -123,6 +123,7 @@ class Meta: "service_fetch_configuration", "prefill_plugin", "prefill_attribute", + "prefill_identifier_role", "data_type", "data_format", "is_sensitive_data", diff --git a/src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py b/src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py index d5afa2da2f..4a51d24439 100644 --- a/src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py +++ b/src/openforms/forms/migrations/0084_formvariable_prefill_identifier_role.py @@ -16,7 +16,7 @@ class Migration(migrations.Migration): field=models.CharField( choices=[("main", "Main"), ("authorised_person", "Authorised person")], default="main", - help_text="The role of the identifier. Used to distinguish between the 'main' identifier and the identifiers of someone logging in on behalf of someone/something else.", + help_text="In case that multiple identifiers are returned (in the case of eHerkenning bewindvoering and DigiD Machtigen), should the prefill data related to the main identifier be used, or that related to the authorised person?", max_length=100, verbose_name="prefill identifier role", ), diff --git a/src/openforms/forms/models/form_variable.py b/src/openforms/forms/models/form_variable.py index 65d7896015..eef75f383a 100644 --- a/src/openforms/forms/models/form_variable.py +++ b/src/openforms/forms/models/form_variable.py @@ -164,8 +164,8 @@ class FormVariable(models.Model): prefill_identifier_role = models.CharField( verbose_name=_("prefill identifier role"), help_text=_( - "The role of the identifier. Used to distinguish between the 'main' identifier and " - "the identifiers of someone logging in on behalf of someone/something else." + "In case that multiple identifiers are returned (in the case of eHerkenning bewindvoering and DigiD " + "Machtigen), should the prefill data related to the main identifier be used, or that related to the authorised person?" ), choices=IdentifierRoles.choices, default=IdentifierRoles.main, diff --git a/src/openforms/prefill/base.py b/src/openforms/prefill/base.py index fd572493ae..7b058e7f78 100644 --- a/src/openforms/prefill/base.py +++ b/src/openforms/prefill/base.py @@ -16,19 +16,23 @@ def get_available_attributes(self) -> Iterable[Tuple[str, str]]: ) def get_prefill_values( - self, submission: Submission, attributes: List[str] + self, + submission: Submission, + attributes: List[str], + identifier_role: str = "main", ) -> Dict[str, Any]: """ Given the requested attributes, look up the appropriate values and return them. - :param submission: an active :class:`Submission` instance, which can be supply + :param submission: an active :class:`Submission` instance, which can supply the required context to fetch the correct prefill values. :param attributes: a list of requested prefill attributes, provided in bulk to efficiently fetch as much data as possible with the minimal amount of calls. + :param identifier_role: A string with one of the choices in :class:`IdentifierRoles` :return: a key-value dictionary, where the key is the requested attribute and the value is the prefill value to use for that attribute. - When no pre-fill value can be found for a given attribute, you may omit the key + When no prefill value can be found for a given attribute, you may omit the key altogether, or use ``None``. """ raise NotImplementedError( @@ -44,7 +48,7 @@ def get_co_sign_values( The return value is a dict keyed by field name as specified in ``self.co_sign_fields``. - :param identfier: the unique co-signer identifier used to look up the details + :param identifier: the unique co-signer identifier used to look up the details in the pre-fill backend. :return: a key-value dictionary, where the key is the requested attribute and the value is the prefill value to use for that attribute. @@ -52,3 +56,20 @@ def get_co_sign_values( raise NotImplementedError( "You must implement the 'get_co_sign_values' method." ) # pragma: nocover + + def get_identifier_value( + self, submission: Submission, identifier_role: str + ) -> str | None: + """ + Given a submission and the role of the identifier, return the value of the identifier. + + The role of the identifier has to do with whether it is the 'main' identifier or an identifier + of someone logging in on behalf of someone/something else. + + :param submission: an active :class:`Submission` instance + :param identifier_role: A string with one of the choices in :class:`IdentifierRoles` + :return: The value for the identifier + """ + raise NotImplementedError( + "You must implement the 'get_identifier_value' method." + ) # pragma: nocover diff --git a/src/openforms/prefill/contrib/demo/plugin.py b/src/openforms/prefill/contrib/demo/plugin.py index 7ba6540928..d820b54e21 100644 --- a/src/openforms/prefill/contrib/demo/plugin.py +++ b/src/openforms/prefill/contrib/demo/plugin.py @@ -27,7 +27,7 @@ def get_available_attributes(): @staticmethod def get_prefill_values( - submission: Submission, attributes: List[str] + submission: Submission, attributes: List[str], identifier_role: str ) -> Dict[str, Any]: """ Given the requested attributes, look up the appropriate values and return them. diff --git a/src/openforms/prefill/contrib/haalcentraal/plugin.py b/src/openforms/prefill/contrib/haalcentraal/plugin.py index 0eaafd4fb0..6fb4d8f98e 100644 --- a/src/openforms/prefill/contrib/haalcentraal/plugin.py +++ b/src/openforms/prefill/contrib/haalcentraal/plugin.py @@ -1,5 +1,4 @@ import logging -from collections.abc import Sequence from typing import Any, Iterable, Optional from django.urls import reverse @@ -15,6 +14,7 @@ from openforms.submissions.models import Submission from ...base import BasePlugin +from ...constants import IdentifierRoles from ...registry import register from .models import HaalCentraalConfig @@ -72,25 +72,35 @@ def _get_values_for_bsn( return values - @classmethod - def get_prefill_values( - cls, submission: Submission, attributes: Sequence[str] - ) -> dict[str, Any]: + def get_identifier_value( + self, submission: Submission, identifier_role: str + ) -> str | None: + if not submission.is_authenticated: + return + if ( - not submission.is_authenticated - or submission.auth_info.attribute != AuthAttribute.bsn + identifier_role == IdentifierRoles.main + and submission.auth_info.attribute == self.requires_auth ): - # If there is no bsn we can't prefill any values so just return - logger.info("No BSN associated with submission, cannot prefill.") + return submission.auth_info.value + + if identifier_role == IdentifierRoles.authorised_person: + return submission.auth_info.machtigen.get("value") + + def get_prefill_values( + self, + submission: Submission, + attributes: list[str], + identifier_role: str = "main", + ) -> dict[str, Any]: + if (config := get_config()) is None: return {} - config = get_config() - if config is None: + if not (bsn_value := self.get_identifier_value(submission, identifier_role)): + logger.info("No appropriate identifier found on the submission.") return {} - return cls._get_values_for_bsn( - config, submission, submission.auth_info.value, attributes - ) + return self._get_values_for_bsn(config, submission, bsn_value, attributes) @classmethod def get_co_sign_values( diff --git a/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py b/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py index 4f290c7827..abf96a8069 100644 --- a/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py +++ b/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py @@ -9,6 +9,7 @@ from zgw_consumers.models import Service from zgw_consumers.test import mock_service_oas_get +from ....registry import register from openforms.registrations.contrib.zgw_apis.tests.factories import ServiceFactory from openforms.submissions.tests.factories import SubmissionFactory @@ -105,7 +106,9 @@ def test_prefill_values(self): submission = SubmissionFactory.create(auth_info__value="999990676") assert submission.is_authenticated - values = HaalCentraalPrefill.get_prefill_values( + + haalcentraal_plugin = register["haalcentraal"] + values = haalcentraal_plugin.get_prefill_values( submission, attributes=[attributes.naam_voornamen, attributes.naam_geslachtsnaam], ) @@ -120,7 +123,8 @@ def test_person_not_found_returns_empty(self): submission = SubmissionFactory.create(auth_info__value="999990676") assert submission.is_authenticated - values = HaalCentraalPrefill.get_prefill_values( + haalcentraal_plugin = register["haalcentraal"] + values = haalcentraal_plugin.get_prefill_values( submission, attributes=[attributes.naam_voornamen, attributes.naam_geslachtsnaam], ) @@ -207,10 +211,13 @@ def test_get_available_attributes(self): def test_get_prefill_values(self): attributes = self.config.get_attributes() + haalcentraal_plugin = register["haalcentraal"] + with self.subTest("unauthenticated submission"): submission = SubmissionFactory.build() assert not submission.is_authenticated - values = HaalCentraalPrefill.get_prefill_values( + + values = haalcentraal_plugin.get_prefill_values( submission, attributes=(attributes.naam_voornamen,) ) @@ -220,7 +227,7 @@ def test_get_prefill_values(self): submission = SubmissionFactory.create(auth_info__value="999990676") assert submission.is_authenticated - values = HaalCentraalPrefill.get_prefill_values( + values = haalcentraal_plugin.get_prefill_values( submission, attributes=(attributes.naam_voornamen,) ) diff --git a/src/openforms/prefill/contrib/kvk/plugin.py b/src/openforms/prefill/contrib/kvk/plugin.py index d86dce949d..5c3cdc2d34 100644 --- a/src/openforms/prefill/contrib/kvk/plugin.py +++ b/src/openforms/prefill/contrib/kvk/plugin.py @@ -15,6 +15,7 @@ from openforms.submissions.models import Submission from ...base import BasePlugin +from ...constants import IdentifierRoles from ...registry import register from .constants import Attributes @@ -39,17 +40,32 @@ class KVK_KVKNumberPrefill(BasePlugin): def get_available_attributes(self) -> list[tuple[str, str]]: return Attributes.choices + def get_identifier_value( + self, submission: Submission, identifier_role: str + ) -> str | None: + if not submission.is_authenticated: + return + + if ( + identifier_role == IdentifierRoles.main + and submission.auth_info.attribute == self.requires_auth + ): + return submission.auth_info.value + def get_prefill_values( - self, submission: Submission, attributes: List[str] + self, + submission: Submission, + attributes: List[str], + identifier_role: str = "main", ) -> Dict[str, Any]: # check if submission was logged in with the identifier we're interested - if submission.auth_info.attribute != AuthAttribute.kvk: + if not (kvk_value := self.get_identifier_value(submission, identifier_role)): return {} client = KVKProfileClient() try: - result = client.query(submission.auth_info.value) + result = client.query(kvk_value) except (RequestException, ClientError, KVKClientError): return {} diff --git a/src/openforms/prefill/contrib/stufbg/plugin.py b/src/openforms/prefill/contrib/stufbg/plugin.py index 7769cce315..3115463e56 100644 --- a/src/openforms/prefill/contrib/stufbg/plugin.py +++ b/src/openforms/prefill/contrib/stufbg/plugin.py @@ -16,6 +16,7 @@ from stuf.stuf_bg.models import StufBGConfig from ...base import BasePlugin +from ...constants import IdentifierRoles from ...registry import register logger = logging.getLogger(__name__) @@ -120,18 +121,33 @@ def _get_values_for_bsn( return response_dict - def get_prefill_values( - self, submission: Submission, attributes: List[str] - ) -> Dict[str, Any]: + def get_identifier_value( + self, submission: Submission, identifier_role: str + ) -> str | None: + if not submission.is_authenticated: + return + if ( - not submission.is_authenticated - or submission.auth_info.attribute != AuthAttribute.bsn + identifier_role == IdentifierRoles.main + and submission.auth_info.attribute == self.requires_auth ): + return submission.auth_info.value + + if identifier_role == IdentifierRoles.authorised_person: + return submission.auth_info.machtigen.get("value") + + def get_prefill_values( + self, + submission: Submission, + attributes: List[str], + identifier_role: str = "main", + ) -> Dict[str, Any]: + if not (bsn_value := self.get_identifier_value(submission, identifier_role)): # If there is no bsn we can't prefill any values so just return logger.info("No BSN associated with submission, cannot prefill.") return {} - return self._get_values_for_bsn(submission.auth_info.value, attributes) + return self._get_values_for_bsn(bsn_value, attributes) def get_co_sign_values(self, identifier: str) -> Tuple[Dict[str, Any], str]: """ From 8e78f67573640296975f0959dfd8e85f183b35e0 Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Mon, 10 Jul 2023 14:01:14 +0200 Subject: [PATCH 05/13] :white_check_mark: [#3215] Update existing tests --- .../contrib/haalcentraal/tests/test_plugin.py | 2 +- .../prefill/tests/test_prefill_hook.py | 107 +++++++++++++++++- .../prefill/tests/test_prefill_variables.py | 8 +- .../tests/test_submission_step_validate.py | 2 +- src/openforms/variables/tests/test_views.py | 2 + 5 files changed, 112 insertions(+), 9 deletions(-) diff --git a/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py b/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py index abf96a8069..8eb0e7369c 100644 --- a/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py +++ b/src/openforms/prefill/contrib/haalcentraal/tests/test_plugin.py @@ -9,10 +9,10 @@ from zgw_consumers.models import Service from zgw_consumers.test import mock_service_oas_get -from ....registry import register from openforms.registrations.contrib.zgw_apis.tests.factories import ServiceFactory from openforms.submissions.tests.factories import SubmissionFactory +from ....registry import register from ..constants import Attributes, HaalCentraalVersion from ..models import VERSION_TO_ATTRIBUTES_MAP, HaalCentraalConfig from ..plugin import HaalCentraalPrefill diff --git a/src/openforms/prefill/tests/test_prefill_hook.py b/src/openforms/prefill/tests/test_prefill_hook.py index 0eeff97fe8..7aa5dd5a50 100644 --- a/src/openforms/prefill/tests/test_prefill_hook.py +++ b/src/openforms/prefill/tests/test_prefill_hook.py @@ -12,12 +12,12 @@ from openforms.forms.tests.factories import FormFactory, FormStepFactory from openforms.logging.models import TimelineLogProxy from openforms.plugins.exceptions import PluginNotEnabled -from openforms.submissions.models import Submission +from openforms.submissions.models import Submission, SubmissionValueVariable from openforms.submissions.tests.factories import SubmissionFactory from .. import inject_prefill, prefill_variables from ..contrib.demo.plugin import DemoPrefill -from ..registry import Registry +from ..registry import Registry, register as prefill_register register = Registry() @@ -116,6 +116,105 @@ def apply_prefill(configuration: dict, submission: "Submission", register=None) class PrefillHookTests(TransactionTestCase): + @patch( + "openforms.prefill.contrib.haalcentraal.plugin.HaalCentraalPrefill.get_prefill_values", + return_value={"naam.voornamen": "John", "naam.geslachtsnaam": "Dodo"}, + ) + def test_fetch_values_with_multiple_bsn(self, m_bsn): + components = [ + { + "key": "mainPersonName", + "type": "textfield", + "prefill": { + "plugin": "haalcentraal", + "attribute": "naam.voornamen", + "identifierRole": "main", + }, + }, + { + "key": "authorisedPersonSurname", + "type": "textfield", + "prefill": { + "plugin": "haalcentraal", + "attribute": "naam.geslachtsnaam", + "identifierRole": "authorised_person", + }, + }, + ] + submission = SubmissionFactory.from_components(components_list=components) + + apply_prefill( + configuration={"components": components}, + submission=submission, + register=prefill_register, + ) + + name_main = SubmissionValueVariable.objects.get(key="mainPersonName") + surname_authorised_person = SubmissionValueVariable.objects.get( + key="authorisedPersonSurname" + ) + + self.assertEqual(name_main.value, "John") + self.assertEqual(surname_authorised_person.value, "Dodo") + + @patch( + "openforms.prefill.contrib.haalcentraal.plugin.HaalCentraalPrefill.get_prefill_values", + return_value={"naam.voornamen": "John", "naam.geslachtsnaam": "Dodo"}, + ) + @patch( + "openforms.prefill.contrib.kvk.plugin.KVK_KVKNumberPrefill.get_prefill_values", + return_value={"bezoekadres.postcode": "1111 AA"}, + ) + def test_fetch_values_with_kvk_and_bsn(self, m_kvk, m_bsn): + components = [ + { + "key": "companyPostcode", + "type": "postcode", + "prefill": { + "plugin": "kvk-kvknumber", + "attribute": "bezoekadres.postcode", + "identifier": "main", + }, + }, + { + "key": "authorisedPersonSurname", + "type": "textfield", + "prefill": { + "plugin": "haalcentraal", + "attribute": "naam.geslachtsnaam", + "identifier": "authorised_person", + }, + }, + { + "key": "authorisedPersonName", + "type": "textfield", + "prefill": { + "plugin": "haalcentraal", + "attribute": "naam.voornamen", + "identifier": "authorised_person", + }, + }, + ] + submission = SubmissionFactory.from_components(components_list=components) + + apply_prefill( + configuration={"components": components}, + submission=submission, + register=prefill_register, + ) + + postcode_main = SubmissionValueVariable.objects.get(key="companyPostcode") + name_authorised_person = SubmissionValueVariable.objects.get( + key="authorisedPersonName" + ) + surname_authorised_person = SubmissionValueVariable.objects.get( + key="authorisedPersonSurname" + ) + + self.assertEqual(postcode_main.value, "1111 AA") + self.assertEqual(name_authorised_person.value, "John") + self.assertEqual(surname_authorised_person.value, "Dodo") + def test_applying_prefill_plugins(self): form_step = FormStepFactory.create(form_definition__configuration=CONFIGURATION) submission = SubmissionFactory.create(form=form_step.form) @@ -232,7 +331,7 @@ def test_logging_for_empty_prefill(self): @register("demo") class EmptyPrefillPlug(DemoPrefill): @staticmethod - def get_prefill_values(submission, attributes): + def get_prefill_values(submission, attributes, identifier_role): return {} apply_prefill( @@ -444,7 +543,7 @@ def test_value_is_normalized(self): @register("postcode") class HavePlugin(DemoPrefill): @staticmethod - def get_prefill_values(submission, attributes): + def get_prefill_values(submission, attributes, identifier_role): return {"static": "1015CJ"} new_configuration = apply_prefill( diff --git a/src/openforms/prefill/tests/test_prefill_variables.py b/src/openforms/prefill/tests/test_prefill_variables.py index c43f26860f..47bf239905 100644 --- a/src/openforms/prefill/tests/test_prefill_variables.py +++ b/src/openforms/prefill/tests/test_prefill_variables.py @@ -54,7 +54,9 @@ class PrefillVariablesTests(TestCase): @patch( "openforms.prefill._fetch_prefill_values", return_value={ - "demo": {"random_string": "Not so random string", "random_number": 123} + "demo": { + "main": {"random_string": "Not so random string", "random_number": 123} + } }, ) def test_applying_prefill_plugins(self, m_prefill): @@ -88,8 +90,8 @@ def test_applying_prefill_plugins(self, m_prefill): @patch( "openforms.prefill._fetch_prefill_values", return_value={ - "postcode": {"static": "1015CJ"}, - "birthDate": {"static": "19990615"}, + "postcode": {"main": {"static": "1015CJ"}}, + "birthDate": {"main": {"static": "19990615"}}, }, ) def test_normalization_applied(self, m_prefill): diff --git a/src/openforms/submissions/tests/test_submission_step_validate.py b/src/openforms/submissions/tests/test_submission_step_validate.py index aeb8e829a7..b4894cc75e 100644 --- a/src/openforms/submissions/tests/test_submission_step_validate.py +++ b/src/openforms/submissions/tests/test_submission_step_validate.py @@ -249,7 +249,7 @@ def test_prefilled_data_normalised(self): @patch( "openforms.prefill._fetch_prefill_values", return_value={ - "postcode": {"static": "1015CJ"}, + "postcode": {"main": {"static": "1015CJ"}}, }, ) def test_flow_with_badly_structure_prefill_data(self, m_prefill): diff --git a/src/openforms/variables/tests/test_views.py b/src/openforms/variables/tests/test_views.py index f79f762900..5ffcb298f6 100644 --- a/src/openforms/variables/tests/test_views.py +++ b/src/openforms/variables/tests/test_views.py @@ -6,6 +6,7 @@ from rest_framework.test import APITestCase from openforms.accounts.tests.factories import StaffUserFactory, UserFactory +from openforms.prefill.constants import IdentifierRoles from openforms.variables.base import BaseStaticVariable from openforms.variables.constants import FormVariableDataTypes from openforms.variables.registry import Registry @@ -72,6 +73,7 @@ def get_initial_value(self, *args, **kwargs): "service_fetch_configuration": None, "prefill_plugin": "", "prefill_attribute": "", + "prefill_identifier_role": IdentifierRoles.main, "data_type": FormVariableDataTypes.datetime, "data_format": "", "is_sensitive_data": False, From 7dc1588fe1da43b5031826abcb1d16f25eb95cfe Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Mon, 10 Jul 2023 14:58:36 +0200 Subject: [PATCH 06/13] :sparkles: [#3215] Added prefill identifier role to form builder --- .../form_design/variables/VariablesTable.js | 29 ++++++++++++++----- .../admin/form_design/variables/constants.js | 26 ++++++++++++++++- .../admin/form_design/variables/types.js | 1 + .../admin/form_design/variables/utils.js | 1 + src/openforms/js/components/form/edit/tabs.js | 19 ++++++++++++ 5 files changed, 67 insertions(+), 9 deletions(-) diff --git a/src/openforms/js/components/admin/form_design/variables/VariablesTable.js b/src/openforms/js/components/admin/form_design/variables/VariablesTable.js index 9130c51cd6..b456a3ab3a 100644 --- a/src/openforms/js/components/admin/form_design/variables/VariablesTable.js +++ b/src/openforms/js/components/admin/form_design/variables/VariablesTable.js @@ -14,7 +14,7 @@ import Select from 'components/admin/forms/Select'; import {ChangelistTableWrapper, HeadColumn} from 'components/admin/tables'; import {get} from 'utils/fetch'; -import {DATATYPES_CHOICES} from './constants'; +import {DATATYPES_CHOICES, IDENTIFIER_ROLE_CHOICES} from './constants'; import Variable from './types'; import {variableHasErrors} from './utils'; @@ -89,6 +89,7 @@ const VariableRow = ({index, variable}) => { {getFormDefinitionName(variable.formDefinition)} {variable.prefillPlugin} {variable.prefillAttribute} + {variable.prefillIdentifierRole || 'main'} {variable.dataType} @@ -111,13 +112,6 @@ const EditableVariableRow = ({index, variable, onDelete, onChange}) => { const prefillPluginChoices = availablePrefillPlugins.map(plugin => [plugin.id, plugin.label]); const [prefillAttributeChoices, setPrefillAttributeChoices] = useState([]); - const formSteps = formContext.formSteps; - const formStepsChoices = formSteps.map(step => { - if (step.formDefinition) return [step.formDefinition, step.name]; - - return [step._generatedId, step.name]; - }); - const onValueChanged = e => { onChange(variable.key, e.target.name, e.target.value); }; @@ -195,6 +189,17 @@ const EditableVariableRow = ({index, variable, onDelete, onChange}) => { /> + + + { /> } /> + + } + /> { serviceFetchConfiguration: null, prefillPlugin: component.prefill?.plugin || '', prefillAttribute: component.prefill?.attribute || '', + prefillIdentifierRole: component.prefill?.identifierRole || 'main', dataType: getComponentDatatype(component), initialValue: getDefaultValue(component), _id: component.id, diff --git a/src/openforms/js/components/form/edit/tabs.js b/src/openforms/js/components/form/edit/tabs.js index ecd565c3a0..cae3aa5e2a 100644 --- a/src/openforms/js/components/form/edit/tabs.js +++ b/src/openforms/js/components/form/edit/tabs.js @@ -308,6 +308,25 @@ const PREFILL = { refreshOn: 'prefill.plugin', clearOnRefresh: true, }, + { + type: 'select', + key: 'prefill.identifierRole', + label: 'Identifier role', + description: + 'In case that multiple identifiers are returned (in the case of eHerkenning bewindvoering and DigiD ' + + 'Machtigen), should the prefill data related to the main identifier be used, or that related to the authorised person?', + dataSrc: 'values', + data: { + values: [ + {label: 'Main', value: 'main'}, + {label: 'Authorised person', value: 'authorised_person'}, + ], + }, + defaultValue: 'main', + validate: { + required: true, + }, + }, ], }; From e7601a09aef8fc156313d7e94e896dbc10df726c Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Mon, 10 Jul 2023 15:01:15 +0200 Subject: [PATCH 07/13] :package: [#3215] Updated OAS --- src/openapi.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/openapi.yaml b/src/openapi.yaml index 644aa3a95d..8922ea1b8b 100644 --- a/src/openapi.yaml +++ b/src/openapi.yaml @@ -7091,6 +7091,13 @@ components: description: Which attribute from the prefill response should be used to fill this variable maxLength: 200 + prefillIdentifierRole: + allOf: + - $ref: '#/components/schemas/PrefillIdentifierRoleEnum' + description: In case that multiple identifiers are returned (in the case + of eHerkenning bewindvoering and DigiD Machtigen), should the prefill + data related to the main identifier be used, or that related to the authorised + person? dataType: allOf: - $ref: '#/components/schemas/DataTypeEnum' @@ -7929,6 +7936,11 @@ components: required: - id - label + PrefillIdentifierRoleEnum: + enum: + - main + - authorised_person + type: string PrefillPlugin: type: object properties: From ad53c07e560b4514c4c94a802d475d8a1cf90d3e Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Mon, 10 Jul 2023 17:45:07 +0200 Subject: [PATCH 08/13] :memo: [#3215] Document prefill config --- docs/manual/forms/form_fields.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/manual/forms/form_fields.rst b/docs/manual/forms/form_fields.rst index 87471974f4..1d0ccc34de 100644 --- a/docs/manual/forms/form_fields.rst +++ b/docs/manual/forms/form_fields.rst @@ -132,6 +132,13 @@ Registratie naar het achterliggende registratie systeem, dan kunt u hier een attribuut kiezen dat beschikbaar is in het achterliggende registratie systeem. +Prefill +------- + +* **Plugin**: Welke prefill plugin te gebruiken om data op te halen over de persoon/het bedrijf die ingelogd is. +* **Pluginattribuut**: Welke attribuut van de prefill-backend data te gebruiken om deze component te prefillen. +* **Identifier rol**: In het geval dat de gebruiker met DigiD Machtigen en eHerkenning Bewindvoering heeft ingelogd, moeten de gegevens gerelateerd aan het 'hoofd identifier' worden gebruikt, of die gerelateerd aan de gemachtigde persoon? + Globale configuratieopties ========================== From 7a80fe2de55d4932c22ae4a257dea1e2d611f026 Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Tue, 11 Jul 2023 10:37:44 +0200 Subject: [PATCH 09/13] :ok_hand: [#3215] PR Feedback 1 --- docs/manual/forms/form_fields.rst | 4 ++-- .../contrib/digid_eherkenning_oidc/plugin.py | 2 +- .../form_design/variables/VariablesTable.js | 6 ++++-- .../admin/form_design/variables/constants.js | 16 +++++++++++++++- src/openforms/prefill/__init__.py | 5 +---- src/openforms/prefill/tests/test_prefill_hook.py | 4 ++-- 6 files changed, 25 insertions(+), 12 deletions(-) diff --git a/docs/manual/forms/form_fields.rst b/docs/manual/forms/form_fields.rst index 1d0ccc34de..462449fe44 100644 --- a/docs/manual/forms/form_fields.rst +++ b/docs/manual/forms/form_fields.rst @@ -136,8 +136,8 @@ Prefill ------- * **Plugin**: Welke prefill plugin te gebruiken om data op te halen over de persoon/het bedrijf die ingelogd is. -* **Pluginattribuut**: Welke attribuut van de prefill-backend data te gebruiken om deze component te prefillen. -* **Identifier rol**: In het geval dat de gebruiker met DigiD Machtigen en eHerkenning Bewindvoering heeft ingelogd, moeten de gegevens gerelateerd aan het 'hoofd identifier' worden gebruikt, of die gerelateerd aan de gemachtigde persoon? +* **Pluginattribuut**: Welk attribuut van de prefill-backend data te gebruiken om deze component voorin te vullen. +* **Identifier rol**: In het geval dat de gebruiker met DigiD Machtigen of eHerkenning Bewindvoering heeft ingelogd: van welke rol moeten de gegevens gebruikt worden, die van de 'hoofd identifier' worden gebruikt, of die van de gemachtigde persoon? Globale configuratieopties diff --git a/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py b/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py index 56d6a82070..6efc464a81 100644 --- a/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py +++ b/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py @@ -155,7 +155,7 @@ def add_claims_to_sessions_if_not_cosigning(self, claim, request): if not claim or CO_SIGN_PARAMETER in request.GET: return - config = OpenIDConnectDigiDMachtigenConfig.get_solo() + config = self.config_class.get_solo() machtigen_data = request.session[DIGID_MACHTIGEN_OIDC_AUTH_SESSION_KEY] request.session[FORM_AUTH_SESSION_KEY] = { "plugin": self.identifier, diff --git a/src/openforms/js/components/admin/form_design/variables/VariablesTable.js b/src/openforms/js/components/admin/form_design/variables/VariablesTable.js index b456a3ab3a..b04e97776e 100644 --- a/src/openforms/js/components/admin/form_design/variables/VariablesTable.js +++ b/src/openforms/js/components/admin/form_design/variables/VariablesTable.js @@ -14,7 +14,7 @@ import Select from 'components/admin/forms/Select'; import {ChangelistTableWrapper, HeadColumn} from 'components/admin/tables'; import {get} from 'utils/fetch'; -import {DATATYPES_CHOICES, IDENTIFIER_ROLE_CHOICES} from './constants'; +import {DATATYPES_CHOICES, IDENTIFIER_ROLE_CHOICES, IDENTIFIER_ROLE_LABELS} from './constants'; import Variable from './types'; import {variableHasErrors} from './utils'; @@ -89,7 +89,9 @@ const VariableRow = ({index, variable}) => { {getFormDefinitionName(variable.formDefinition)} {variable.prefillPlugin} {variable.prefillAttribute} - {variable.prefillIdentifierRole || 'main'} + + {IDENTIFIER_ROLE_LABELS[variable.prefillIdentifierRole] || IDENTIFIER_ROLE_LABELS.main} + {variable.dataType} diff --git a/src/openforms/js/components/admin/form_design/variables/constants.js b/src/openforms/js/components/admin/form_design/variables/constants.js index fde3045937..d2b23ecfac 100644 --- a/src/openforms/js/components/admin/form_design/variables/constants.js +++ b/src/openforms/js/components/admin/form_design/variables/constants.js @@ -1,4 +1,5 @@ -import {defineMessage} from 'react-intl'; +import React from 'react'; +import {FormattedMessage, defineMessage} from 'react-intl'; const COMPONENT_DATATYPES = { date: 'date', @@ -115,10 +116,23 @@ const IDENTIFIER_ROLE_CHOICES = [ ], ]; +const IDENTIFIER_ROLE_LABELS = { + main: ( + + ), + authorised_person: ( + + ), +}; + export { COMPONENT_DATATYPES, VARIABLE_SOURCES, DATATYPES_CHOICES, EMPTY_VARIABLE, IDENTIFIER_ROLE_CHOICES, + IDENTIFIER_ROLE_LABELS, }; diff --git a/src/openforms/prefill/__init__.py b/src/openforms/prefill/__init__.py index de8b903936..ea9d94d38a 100644 --- a/src/openforms/prefill/__init__.py +++ b/src/openforms/prefill/__init__.py @@ -151,10 +151,7 @@ def prefill_variables(submission: "Submission", register=None) -> None: attribute_name = variable.form_variable.prefill_attribute identifier_role = variable.form_variable.prefill_identifier_role - if not grouped_fields[plugin_id].get(identifier_role): - grouped_fields[plugin_id][identifier_role] = [] - - grouped_fields[plugin_id][identifier_role].append(attribute_name) + grouped_fields[plugin_id].setdefault(identifier_role, []).append(attribute_name) results = _fetch_prefill_values(grouped_fields, submission, register) diff --git a/src/openforms/prefill/tests/test_prefill_hook.py b/src/openforms/prefill/tests/test_prefill_hook.py index 7aa5dd5a50..da946e05bd 100644 --- a/src/openforms/prefill/tests/test_prefill_hook.py +++ b/src/openforms/prefill/tests/test_prefill_hook.py @@ -120,7 +120,7 @@ class PrefillHookTests(TransactionTestCase): "openforms.prefill.contrib.haalcentraal.plugin.HaalCentraalPrefill.get_prefill_values", return_value={"naam.voornamen": "John", "naam.geslachtsnaam": "Dodo"}, ) - def test_fetch_values_with_multiple_bsn(self, m_bsn): + def test_fetch_values_with_multiple_people(self, m_haal_centraal): components = [ { "key": "mainPersonName", @@ -165,7 +165,7 @@ def test_fetch_values_with_multiple_bsn(self, m_bsn): "openforms.prefill.contrib.kvk.plugin.KVK_KVKNumberPrefill.get_prefill_values", return_value={"bezoekadres.postcode": "1111 AA"}, ) - def test_fetch_values_with_kvk_and_bsn(self, m_kvk, m_bsn): + def test_fetch_values_with_legal_entity_and_person(self, m_kvk, m_haal_centraal): components = [ { "key": "companyPostcode", From 02243bbd819d3cf0bbc0486a7475f9f806e3e874 Mon Sep 17 00:00:00 2001 From: SilviaAmAm Date: Thu, 13 Jul 2023 14:08:35 +0200 Subject: [PATCH 10/13] :ok_hand: [#3215] PR Feedback 2 --- docs/manual/forms/form_fields.rst | 4 +- .../contrib/digid_eherkenning_oidc/plugin.py | 14 +++-- .../form_design/variables/VariablesTable.js | 9 ++- .../admin/form_design/variables/constants.js | 37 +++--------- .../admin/form_design/variables/types.js | 2 +- .../js/components/admin/forms/Select.js | 2 - src/openforms/prefill/__init__.py | 57 +++++++++++-------- src/openforms/prefill/base.py | 3 +- .../prefill/contrib/haalcentraal/plugin.py | 17 +++--- src/openforms/prefill/contrib/kvk/plugin.py | 2 +- .../prefill/contrib/stufbg/plugin.py | 4 +- .../prefill/tests/test_prefill_hook.py | 11 ++-- src/openforms/prefill/types.py | 7 +++ 13 files changed, 89 insertions(+), 80 deletions(-) create mode 100644 src/openforms/prefill/types.py diff --git a/docs/manual/forms/form_fields.rst b/docs/manual/forms/form_fields.rst index 462449fe44..fa18007aca 100644 --- a/docs/manual/forms/form_fields.rst +++ b/docs/manual/forms/form_fields.rst @@ -137,7 +137,9 @@ Prefill * **Plugin**: Welke prefill plugin te gebruiken om data op te halen over de persoon/het bedrijf die ingelogd is. * **Pluginattribuut**: Welk attribuut van de prefill-backend data te gebruiken om deze component voorin te vullen. -* **Identifier rol**: In het geval dat de gebruiker met DigiD Machtigen of eHerkenning Bewindvoering heeft ingelogd: van welke rol moeten de gegevens gebruikt worden, die van de 'hoofd identifier' worden gebruikt, of die van de gemachtigde persoon? +* **Identifier rol**: Bij DigiD Machtigen of eHekerkenning zijn meerdere rollen actief: de gemachtigde (persoon die het + formulier invult), of de 'geauthenticeerde' (persoon of bedrijf voor wie het formulier ingevuld wordt). Deze optie stelt in + voor welke van deze rollen de relevante gegevens voor het geselecteerde attribuut opgevraagd worden. Globale configuratieopties diff --git a/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py b/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py index 6efc464a81..a549481870 100644 --- a/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py +++ b/src/openforms/authentication/contrib/digid_eherkenning_oidc/plugin.py @@ -156,12 +156,14 @@ def add_claims_to_sessions_if_not_cosigning(self, claim, request): return config = self.config_class.get_solo() - machtigen_data = request.session[DIGID_MACHTIGEN_OIDC_AUTH_SESSION_KEY] + machtigen_data = request.session[self.session_key] request.session[FORM_AUTH_SESSION_KEY] = { "plugin": self.identifier, "attribute": self.provides_auth, "value": claim[config.vertegenwoordigde_claim_name], - "machtigen": {"value": machtigen_data.get(config.gemachtigde_claim_name)}, + "machtigen": { + "identifier_value": machtigen_data.get(config.gemachtigde_claim_name) + }, } def get_label(self) -> str: @@ -186,16 +188,16 @@ def add_claims_to_sessions_if_not_cosigning(self, claim, request): return config = self.config_class.get_solo() - machtigen_data = request.session[ - EHERKENNING_BEWINDVOERING_OIDC_AUTH_SESSION_KEY - ] + machtigen_data = request.session[self.session_key] request.session[FORM_AUTH_SESSION_KEY] = { "plugin": self.identifier, "attribute": self.provides_auth, "value": claim[config.vertegenwoordigde_company_claim_name], "machtigen": { # TODO So far the only possibility is that this is a BSN. - "value": machtigen_data.get(config.gemachtigde_person_claim_name) + "identifier_value": machtigen_data.get( + config.gemachtigde_person_claim_name + ) }, } diff --git a/src/openforms/js/components/admin/form_design/variables/VariablesTable.js b/src/openforms/js/components/admin/form_design/variables/VariablesTable.js index b04e97776e..9a5a2a7d95 100644 --- a/src/openforms/js/components/admin/form_design/variables/VariablesTable.js +++ b/src/openforms/js/components/admin/form_design/variables/VariablesTable.js @@ -14,7 +14,7 @@ import Select from 'components/admin/forms/Select'; import {ChangelistTableWrapper, HeadColumn} from 'components/admin/tables'; import {get} from 'utils/fetch'; -import {DATATYPES_CHOICES, IDENTIFIER_ROLE_CHOICES, IDENTIFIER_ROLE_LABELS} from './constants'; +import {DATATYPES_CHOICES, IDENTIFIER_ROLE_CHOICES} from './constants'; import Variable from './types'; import {variableHasErrors} from './utils'; @@ -66,6 +66,7 @@ Td.propTypes = { }; const VariableRow = ({index, variable}) => { + const intl = useIntl(); const formContext = useContext(FormContext); const formSteps = formContext.formSteps; @@ -90,7 +91,9 @@ const VariableRow = ({index, variable}) => { {variable.prefillPlugin} {variable.prefillAttribute} - {IDENTIFIER_ROLE_LABELS[variable.prefillIdentifierRole] || IDENTIFIER_ROLE_LABELS.main} + {intl.formatMessage( + IDENTIFIER_ROLE_CHOICES[variable.prefillIdentifierRole] || IDENTIFIER_ROLE_CHOICES.main + )} {variable.dataType} @@ -195,7 +198,7 @@ const EditableVariableRow = ({index, variable, onDelete, onChange}) => {