add irodsinfo oidc user token alert (#1999)

CHANGELOG.rst

@@ -16,6 +16,8 @@ Added
     - ``SESSION_COOKIE_AGE`` and ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` Django settings (#2015)
 - **Irodsbackend**
     - Token auth support in ``BasicAuthView`` (#1999)
+- **Irodsinfo**
+    - Alert on token usage for OIDC users (#1999)
 - **Landingzones**
     - REST API list view pagination (#1994)
     - ``notify_email_zone_status`` user app setting (#1939)

irodsinfo/templates/irodsinfo/info.html

@@ -26,11 +26,20 @@ <h2><i class="iconify" data-icon="mdi:lifebuoy"></i> iRODS Info</h2>
 
   {# Guide #}
   <div class="alert alert-info">
-    The iRODS connecting guide has been moved into the
+    For instructions on connecting to iRODS, see the
     <a href="https://sodar-server.readthedocs.io/en/{% if '+' in site_v %}dev{% else %}latest{% endif %}/">
       SODAR Manual</a>.
   </div>
 
+  {% if request.user.get_auth_type == 'OIDC' %}
+    <div class="alert alert-warning" id="sodar-ii-alert-oidc">
+      <strong>Important:</strong> You are authenticating with SODAR using OIDC
+      single sign-on. This means you need to provide a SODAR API token as your
+      password for iRODS and Davrods logins. You can create a token using
+      the <a href="{% url 'tokens:list' %}">API Tokens app</a>.
+    </div>
+  {% endif %}
+
   {# Server info #}
   <div class="card">
     <div class="card-header">

irodsinfo/tests/test_ui.py

@@ -0,0 +1,54 @@
+"""UI tests for the irodsinfo app"""
+
+from django.contrib.auth.models import Group
+from django.test import override_settings
+from django.urls import reverse
+
+from selenium.common.exceptions import NoSuchElementException
+from selenium.webdriver.common.by import By
+
+# Projectroles dependency
+from projectroles.models import SODAR_CONSTANTS
+from projectroles.tests.test_ui import UITestBase
+
+
+# SODAR constants
+AUTH_TYPE_LOCAL = SODAR_CONSTANTS['AUTH_TYPE_LOCAL']
+AUTH_TYPE_LDAP = SODAR_CONSTANTS['AUTH_TYPE_LDAP']
+AUTH_TYPE_OIDC = SODAR_CONSTANTS['AUTH_TYPE_OIDC']
+OIDC_USER_GROUP = SODAR_CONSTANTS['OIDC_USER_GROUP']
+
+
+class TestIrodsInfoView(UITestBase):
+    """Tests for IrodsInfoView"""
+
+    def setUp(self):
+        super().setUp()
+        self.url = reverse('irodsinfo:info')
+
+    def test_render_oidc_alert_local(self):
+        """Test rendering of OIDC alert as local user"""
+        self.assertEqual(self.user_owner.get_auth_type(), AUTH_TYPE_LOCAL)
+        self.login_and_redirect(self.user_owner, self.url)
+        with self.assertRaises(NoSuchElementException):
+            self.selenium.find_element(By.ID, 'sodar-ii-alert-oidc')
+
+    @override_settings(AUTH_LDAP_USERNAME_DOMAIN='TEST')
+    def test_render_oidc_alert_ldap(self):
+        """Test rendering of OIDC alert as LDAP user"""
+        self.user_owner.username = 'user_owner@TEST'
+        self.user_owner.save()  # NOTE: set_group() is called on user save()
+        self.assertEqual(self.user_owner.get_auth_type(), AUTH_TYPE_LDAP)
+        self.login_and_redirect(self.user_owner, self.url)
+        with self.assertRaises(NoSuchElementException):
+            self.selenium.find_element(By.ID, 'sodar-ii-alert-oidc')
+
+    def test_render_oidc_alert_oidc(self):
+        """Test rendering of OIDC alert as OIDC user"""
+        group, _ = Group.objects.get_or_create(name=OIDC_USER_GROUP)
+        group.user_set.add(self.user_owner)
+        self.assertEqual(self.user_owner.get_auth_type(), AUTH_TYPE_OIDC)
+        self.login_and_redirect(self.user_owner, self.url)
+        self.assertIsNotNone(
+            self.selenium.find_element(By.ID, 'sodar-ii-alert-oidc')
+        )