From a88d31541cfd836ba2bd4bb3c8ec8142e4cd8aa2 Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom.hubrecht@dgnum.eu>
Date: Sun, 29 Sep 2024 20:05:05 +0200
Subject: [PATCH] feat(radius): Add the user to the correct group

When generating the first WiFi password, the user is added to the
`radius_access` group, which will allow them to connect. This also fix a
previous incorrect logic where users without wifi password could not
generate one.
---
 src/dgsi/views.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/dgsi/views.py b/src/dgsi/views.py
index d446b3e..8c3b9f8 100644
--- a/src/dgsi/views.py
+++ b/src/dgsi/views.py
@@ -83,9 +83,12 @@ class GenerateWiFiPasswordView(LoginRequiredMixin, RedirectView):
 
         if user.kanidm is None:
             messages.error(self.request, _("Compte DGNum inexistant."))
-        elif not user.kanidm.radius_secret:
-            messages.error(self.request, _("Mot de passe WiFi déjà existant."))
         else:
+            # Give access to the wifi network when the user creates its first password
+            if not user.kanidm.radius_secret:
+                async_to_sync(klient.group_add_members)(
+                    "radius_access", [user.username]
+                )
             async_to_sync(klient.call_post)(f"/v1/person/{user.username}/_radius")
 
         return super().get(request, *args, **kwargs)