+ def change_name(self, key, value):
+
+ if value == self.sp.name:
+ return False
+
+ if self.user.is_admin or self.user.name == self.sp.owner:
+ if re.search(VALID_IN_NAME, value):
+ err = "Invalid name! Use only numbers and letters"
+ raise InvalidValueFormat(err)
+
+ self._debug("Replacing %s: %s -> %s" % (key, self.sp.name, value))
+ return {'name': value, 'rename': [self.sp.name, value]}
+ else:
+ raise UnauthorizedUser("Unauthorized to rename Service Provider")
+
+ def change_owner(self, key, value):
+ if value == self.sp.owner:
+ return False
+
+ if self.user.is_admin:
+ self._debug("Replacing %s: %s -> %s" % (key, self.sp.owner, value))
+ return {'owner': value}
+ else:
+ raise UnauthorizedUser("Unauthorized to set owner value")
+
+ def change_default_nameid(self, key, value):
+ if value == self.sp.default_nameid:
+ return False
+
+ if self.user.is_admin:
+ self._debug("Replacing %s: %s -> %s" % (key,
+ self.sp.default_nameid,
+ value))
+ if not self.sp.is_valid_nameid(value):
+ raise InvalidValueFormat('Invalid default nameid value')
+ return {'default_nameid': value}
+ else:
+ raise UnauthorizedUser("Unauthorized to set default nameid value")
+
+ def change_allowed_nameids(self, key, value):
+ v = set([x.strip() for x in value.split(',')])
+ if v == set(self.sp.allowed_nameids):
+ return False
+
+ if self.user.is_admin:
+ self._debug("Replacing %s: %s -> %s" % (key,
+ self.sp.allowed_nameids,
+ list(v)))
+ for x in v:
+ if not self.sp.is_valid_nameid(x):
+ l = ', '.join(self.sp.valid_nameids())
+ err = 'Invalid nameid [%s]. Available [%s].' % (x, l)
+ raise InvalidValueFormat(err)
+ return {'allowed_nameids': list(v)}
+ else:
+ raise UnauthorizedUser("Unauthorized to set alowed nameids values")
+