update reconcile logic to clearly differentiate between tenant and global
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
parent
7ed9a27a3d
commit
838b3faaf9
|
@ -15,6 +15,6 @@ class AuthentikAdminConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Admin"
|
verbose_name = "authentik Admin"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_admin_signals(self):
|
def reconcile_global_load_admin_signals(self):
|
||||||
"""Load admin signals"""
|
"""Load admin signals"""
|
||||||
self.import_module("authentik.admin.signals")
|
self.import_module("authentik.admin.signals")
|
||||||
|
|
|
@ -13,7 +13,7 @@ class ManagedAppConfig(AppConfig):
|
||||||
|
|
||||||
_logger: BoundLogger
|
_logger: BoundLogger
|
||||||
|
|
||||||
RECONCILE_PREFIX: str = "reconcile_"
|
RECONCILE_GLOBAL_PREFIX: str = "reconcile_global_"
|
||||||
RECONCILE_TENANT_PREFIX: str = "reconcile_tenant_"
|
RECONCILE_TENANT_PREFIX: str = "reconcile_tenant_"
|
||||||
|
|
||||||
def __init__(self, app_name: str, *args, **kwargs) -> None:
|
def __init__(self, app_name: str, *args, **kwargs) -> None:
|
||||||
|
@ -57,26 +57,12 @@ class ManagedAppConfig(AppConfig):
|
||||||
with tenant:
|
with tenant:
|
||||||
self._reconcile(self.RECONCILE_TENANT_PREFIX)
|
self._reconcile(self.RECONCILE_TENANT_PREFIX)
|
||||||
|
|
||||||
def reconcile(self) -> None:
|
def reconcile_global(self) -> None:
|
||||||
"""reconcile ourselves"""
|
"""reconcile ourselves for global methods. Used for signals, tasks, etc. Database queries should not be made in here."""
|
||||||
from django_tenants.utils import get_public_schema_name, schema_context
|
from django_tenants.utils import get_public_schema_name, schema_context
|
||||||
|
|
||||||
# Special case for the authentik_tenants app, as we need to create the default tenant
|
|
||||||
# before being able to use it
|
|
||||||
if self.label == "authentik_tenants":
|
|
||||||
with schema_context(get_public_schema_name()):
|
with schema_context(get_public_schema_name()):
|
||||||
self._reconcile(self.RECONCILE_PREFIX)
|
self._reconcile(self.RECONCILE_GLOBAL_PREFIX)
|
||||||
return
|
|
||||||
|
|
||||||
from authentik.tenants.models import Tenant
|
|
||||||
|
|
||||||
try:
|
|
||||||
default_tenant = Tenant.objects.get(schema_name=get_public_schema_name())
|
|
||||||
except (DatabaseError, ProgrammingError, InternalError) as exc:
|
|
||||||
self._logger.debug("Failed to get default tenant to run reconcile", exc=exc)
|
|
||||||
return
|
|
||||||
with default_tenant:
|
|
||||||
self._reconcile(self.RECONCILE_PREFIX)
|
|
||||||
|
|
||||||
|
|
||||||
class AuthentikBlueprintsConfig(ManagedAppConfig):
|
class AuthentikBlueprintsConfig(ManagedAppConfig):
|
||||||
|
@ -87,7 +73,7 @@ class AuthentikBlueprintsConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Blueprints"
|
verbose_name = "authentik Blueprints"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_blueprints_v1_tasks(self):
|
def reconcile_global_load_blueprints_v1_tasks(self):
|
||||||
"""Load v1 tasks"""
|
"""Load v1 tasks"""
|
||||||
self.import_module("authentik.blueprints.v1.tasks")
|
self.import_module("authentik.blueprints.v1.tasks")
|
||||||
|
|
||||||
|
|
|
@ -13,11 +13,11 @@ class AuthentikCoreConfig(ManagedAppConfig):
|
||||||
mountpoint = ""
|
mountpoint = ""
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_core_signals(self):
|
def reconcile_global_load_core_signals(self):
|
||||||
"""Load core signals"""
|
"""Load core signals"""
|
||||||
self.import_module("authentik.core.signals")
|
self.import_module("authentik.core.signals")
|
||||||
|
|
||||||
def reconcile_debug_worker_hook(self):
|
def reconcile_global_debug_worker_hook(self):
|
||||||
"""Dispatch startup tasks inline when debugging"""
|
"""Dispatch startup tasks inline when debugging"""
|
||||||
if settings.DEBUG:
|
if settings.DEBUG:
|
||||||
from authentik.root.celery import worker_ready_hook
|
from authentik.root.celery import worker_ready_hook
|
||||||
|
|
|
@ -16,7 +16,7 @@ class AuthentikCryptoConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Crypto"
|
verbose_name = "authentik Crypto"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_crypto_tasks(self):
|
def reconcile_global_load_crypto_tasks(self):
|
||||||
"""Load crypto tasks"""
|
"""Load crypto tasks"""
|
||||||
self.import_module("authentik.crypto.tasks")
|
self.import_module("authentik.crypto.tasks")
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,6 @@ class AuthentikEnterpriseConfig(EnterpriseConfig):
|
||||||
verbose_name = "authentik Enterprise"
|
verbose_name = "authentik Enterprise"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_enterprise_signals(self):
|
def reconcile_global_load_enterprise_signals(self):
|
||||||
"""Load enterprise signals"""
|
"""Load enterprise signals"""
|
||||||
self.import_module("authentik.enterprise.signals")
|
self.import_module("authentik.enterprise.signals")
|
||||||
|
|
|
@ -12,6 +12,6 @@ class AuthentikEnterpriseProviderRAC(EnterpriseConfig):
|
||||||
mountpoint = ""
|
mountpoint = ""
|
||||||
ws_mountpoint = "authentik.enterprise.providers.rac.urls"
|
ws_mountpoint = "authentik.enterprise.providers.rac.urls"
|
||||||
|
|
||||||
def reconcile_load_rac_signals(self):
|
def reconcile_global_load_rac_signals(self):
|
||||||
"""Load rac signals"""
|
"""Load rac signals"""
|
||||||
self.import_module("authentik.enterprise.providers.rac.signals")
|
self.import_module("authentik.enterprise.providers.rac.signals")
|
||||||
|
|
|
@ -19,11 +19,11 @@ class AuthentikEventsConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Events"
|
verbose_name = "authentik Events"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_events_signals(self):
|
def reconcile_global_load_events_signals(self):
|
||||||
"""Load events signals"""
|
"""Load events signals"""
|
||||||
self.import_module("authentik.events.signals")
|
self.import_module("authentik.events.signals")
|
||||||
|
|
||||||
def reconcile_check_deprecations(self):
|
def reconcile_global_check_deprecations(self):
|
||||||
"""Check for config deprecations"""
|
"""Check for config deprecations"""
|
||||||
from authentik.events.models import Event, EventAction
|
from authentik.events.models import Event, EventAction
|
||||||
|
|
||||||
|
|
|
@ -30,11 +30,11 @@ class AuthentikFlowsConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Flows"
|
verbose_name = "authentik Flows"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_flows_signals(self):
|
def reconcile_global_load_flows_signals(self):
|
||||||
"""Load flows signals"""
|
"""Load flows signals"""
|
||||||
self.import_module("authentik.flows.signals")
|
self.import_module("authentik.flows.signals")
|
||||||
|
|
||||||
def reconcile_load_stages(self):
|
def reconcile_global_load_stages(self):
|
||||||
"""Ensure all stages are loaded"""
|
"""Ensure all stages are loaded"""
|
||||||
from authentik.flows.models import Stage
|
from authentik.flows.models import Stage
|
||||||
|
|
||||||
|
|
|
@ -29,7 +29,7 @@ class AuthentikOutpostConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Outpost"
|
verbose_name = "authentik Outpost"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_outposts_signals(self):
|
def reconcile_global_load_outposts_signals(self):
|
||||||
"""Load outposts signals"""
|
"""Load outposts signals"""
|
||||||
self.import_module("authentik.outposts.signals")
|
self.import_module("authentik.outposts.signals")
|
||||||
|
|
||||||
|
|
|
@ -35,6 +35,6 @@ class AuthentikPoliciesConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Policies"
|
verbose_name = "authentik Policies"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_policies_signals(self):
|
def reconcile_global_load_policies_signals(self):
|
||||||
"""Load policies signals"""
|
"""Load policies signals"""
|
||||||
self.import_module("authentik.policies.signals")
|
self.import_module("authentik.policies.signals")
|
||||||
|
|
|
@ -10,10 +10,10 @@ class AuthentikPolicyReputationConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Policies.Reputation"
|
verbose_name = "authentik Policies.Reputation"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_policies_reputation_signals(self):
|
def reconcile_global_load_policies_reputation_signals(self):
|
||||||
"""Load policies.reputation signals"""
|
"""Load policies.reputation signals"""
|
||||||
self.import_module("authentik.policies.reputation.signals")
|
self.import_module("authentik.policies.reputation.signals")
|
||||||
|
|
||||||
def reconcile_load_policies_reputation_tasks(self):
|
def reconcile_global_load_policies_reputation_tasks(self):
|
||||||
"""Load policies.reputation tasks"""
|
"""Load policies.reputation tasks"""
|
||||||
self.import_module("authentik.policies.reputation.tasks")
|
self.import_module("authentik.policies.reputation.tasks")
|
||||||
|
|
|
@ -10,6 +10,6 @@ class AuthentikProviderProxyConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Providers.Proxy"
|
verbose_name = "authentik Providers.Proxy"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_providers_proxy_signals(self):
|
def reconcile_global_load_providers_proxy_signals(self):
|
||||||
"""Load proxy signals"""
|
"""Load proxy signals"""
|
||||||
self.import_module("authentik.providers.proxy.signals")
|
self.import_module("authentik.providers.proxy.signals")
|
||||||
|
|
|
@ -10,6 +10,6 @@ class AuthentikProviderSCIMConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Providers.SCIM"
|
verbose_name = "authentik Providers.SCIM"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_signals(self):
|
def reconcile_global_load_signals(self):
|
||||||
"""Load signals"""
|
"""Load signals"""
|
||||||
self.import_module("authentik.providers.scim.signals")
|
self.import_module("authentik.providers.scim.signals")
|
||||||
|
|
|
@ -10,6 +10,6 @@ class AuthentikRBACConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik RBAC"
|
verbose_name = "authentik RBAC"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_rbac_signals(self):
|
def reconcile_global_load_rbac_signals(self):
|
||||||
"""Load rbac signals"""
|
"""Load rbac signals"""
|
||||||
self.import_module("authentik.rbac.signals")
|
self.import_module("authentik.rbac.signals")
|
||||||
|
|
|
@ -10,6 +10,6 @@ class AuthentikSourceLDAPConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Sources.LDAP"
|
verbose_name = "authentik Sources.LDAP"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_sources_ldap_signals(self):
|
def reconcile_global_load_sources_ldap_signals(self):
|
||||||
"""Load sources.ldap signals"""
|
"""Load sources.ldap signals"""
|
||||||
self.import_module("authentik.sources.ldap.signals")
|
self.import_module("authentik.sources.ldap.signals")
|
||||||
|
|
|
@ -31,7 +31,7 @@ class AuthentikSourceOAuthConfig(ManagedAppConfig):
|
||||||
mountpoint = "source/oauth/"
|
mountpoint = "source/oauth/"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_sources_loaded(self):
|
def reconcile_global_sources_loaded(self):
|
||||||
"""Load source_types from config file"""
|
"""Load source_types from config file"""
|
||||||
for source_type in AUTHENTIK_SOURCES_OAUTH_TYPES:
|
for source_type in AUTHENTIK_SOURCES_OAUTH_TYPES:
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -11,6 +11,6 @@ class AuthentikSourceSAMLConfig(ManagedAppConfig):
|
||||||
mountpoint = "source/saml/"
|
mountpoint = "source/saml/"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_sources_saml_signals(self):
|
def reconcile_global_load_sources_saml_signals(self):
|
||||||
"""Load sources.saml signals"""
|
"""Load sources.saml signals"""
|
||||||
self.import_module("authentik.sources.saml.signals")
|
self.import_module("authentik.sources.saml.signals")
|
||||||
|
|
|
@ -11,6 +11,6 @@ class AuthentikStageAuthenticatorDuoConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Stages.Authenticator.Duo"
|
verbose_name = "authentik Stages.Authenticator.Duo"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_tasks(self):
|
def reconcile_global_load_tasks(self):
|
||||||
"""Load tasks"""
|
"""Load tasks"""
|
||||||
self.import_module("authentik.stages.authenticator_duo.tasks")
|
self.import_module("authentik.stages.authenticator_duo.tasks")
|
||||||
|
|
|
@ -10,6 +10,6 @@ class AuthentikStageAuthenticatorStaticConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Stages.Authenticator.Static"
|
verbose_name = "authentik Stages.Authenticator.Static"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_stages_authenticator_static_signals(self):
|
def reconcile_global_load_stages_authenticator_static_signals(self):
|
||||||
"""Load stages.authenticator_static signals"""
|
"""Load stages.authenticator_static signals"""
|
||||||
self.import_module("authentik.stages.authenticator_static.signals")
|
self.import_module("authentik.stages.authenticator_static.signals")
|
||||||
|
|
|
@ -14,6 +14,6 @@ class AuthentikStageEmailConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Stages.Email"
|
verbose_name = "authentik Stages.Email"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def reconcile_load_stages_emails_tasks(self):
|
def reconcile_global_load_stages_emails_tasks(self):
|
||||||
"""Load stages.emails tasks"""
|
"""Load stages.emails tasks"""
|
||||||
self.import_module("authentik.stages.email.tasks")
|
self.import_module("authentik.stages.email.tasks")
|
||||||
|
|
|
@ -27,10 +27,7 @@ class AuthentikTenantsConfig(ManagedAppConfig):
|
||||||
verbose_name = "authentik Tenants"
|
verbose_name = "authentik Tenants"
|
||||||
default = True
|
default = True
|
||||||
|
|
||||||
def ready(self):
|
def reconcile_global_default_tenant(self):
|
||||||
post_migrate.connect(reconcile_default_tenant)
|
|
||||||
super().ready()
|
|
||||||
|
|
||||||
def reconcile_default_tenant(self):
|
|
||||||
"""Make sure default tenant exists, especially after a migration"""
|
"""Make sure default tenant exists, especially after a migration"""
|
||||||
|
post_migrate.connect(reconcile_default_tenant)
|
||||||
reconcile_default_tenant()
|
reconcile_default_tenant()
|
||||||
|
|
Reference in New Issue