update reconcile logic to clearly differentiate between tenant and global

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2024-01-11 15:48:50 +01:00 · 2024-01-11 15:48:50 +01:00 · 838b3faaf9
parent 7ed9a27a3d
commit 838b3faaf9
21 changed files with 31 additions and 48 deletions
--- a/authentik/admin/apps.py
+++ b/authentik/admin/apps.py
@ -15,6 +15,6 @@ class AuthentikAdminConfig(ManagedAppConfig):
    verbose_name = "authentik Admin"
    default = True
-    def reconcile_load_admin_signals(self):
+    def reconcile_global_load_admin_signals(self):
        """Load admin signals"""
        self.import_module("authentik.admin.signals")
--- a/authentik/blueprints/apps.py
+++ b/authentik/blueprints/apps.py
@ -13,7 +13,7 @@ class ManagedAppConfig(AppConfig):
    _logger: BoundLogger
-    RECONCILE_PREFIX: str = "reconcile_"
+    RECONCILE_GLOBAL_PREFIX: str = "reconcile_global_"
    RECONCILE_TENANT_PREFIX: str = "reconcile_tenant_"
    def __init__(self, app_name: str, *args, **kwargs) -> None:
@ -57,26 +57,12 @@ class ManagedAppConfig(AppConfig):
            with tenant:
                self._reconcile(self.RECONCILE_TENANT_PREFIX)
-    def reconcile(self) -> None:
+    def reconcile_global(self) -> None:
-        """reconcile ourselves"""
+        """reconcile ourselves for global methods. Used for signals, tasks, etc. Database queries should not be made in here."""
        from django_tenants.utils import get_public_schema_name, schema_context
-        # Special case for the authentik_tenants app, as we need to create the default tenant
+        with schema_context(get_public_schema_name()):
-        # before being able to use it
+            self._reconcile(self.RECONCILE_GLOBAL_PREFIX)
        if self.label == "authentik_tenants":
            with schema_context(get_public_schema_name()):
                self._reconcile(self.RECONCILE_PREFIX)
            return
        from authentik.tenants.models import Tenant
        try:
            default_tenant = Tenant.objects.get(schema_name=get_public_schema_name())
        except (DatabaseError, ProgrammingError, InternalError) as exc:
            self._logger.debug("Failed to get default tenant to run reconcile", exc=exc)
            return
        with default_tenant:
            self._reconcile(self.RECONCILE_PREFIX)
 class AuthentikBlueprintsConfig(ManagedAppConfig):
@ -87,7 +73,7 @@ class AuthentikBlueprintsConfig(ManagedAppConfig):
    verbose_name = "authentik Blueprints"
    default = True
-    def reconcile_load_blueprints_v1_tasks(self):
+    def reconcile_global_load_blueprints_v1_tasks(self):
        """Load v1 tasks"""
        self.import_module("authentik.blueprints.v1.tasks")
--- a/authentik/core/apps.py
+++ b/authentik/core/apps.py
@ -13,11 +13,11 @@ class AuthentikCoreConfig(ManagedAppConfig):
    mountpoint = ""
    default = True
-    def reconcile_load_core_signals(self):
+    def reconcile_global_load_core_signals(self):
        """Load core signals"""
        self.import_module("authentik.core.signals")
-    def reconcile_debug_worker_hook(self):
+    def reconcile_global_debug_worker_hook(self):
        """Dispatch startup tasks inline when debugging"""
        if settings.DEBUG:
            from authentik.root.celery import worker_ready_hook
--- a/authentik/crypto/apps.py
+++ b/authentik/crypto/apps.py
@ -16,7 +16,7 @@ class AuthentikCryptoConfig(ManagedAppConfig):
    verbose_name = "authentik Crypto"
    default = True
-    def reconcile_load_crypto_tasks(self):
+    def reconcile_global_load_crypto_tasks(self):
        """Load crypto tasks"""
        self.import_module("authentik.crypto.tasks")
--- a/authentik/enterprise/apps.py
+++ b/authentik/enterprise/apps.py
@ -14,6 +14,6 @@ class AuthentikEnterpriseConfig(EnterpriseConfig):
    verbose_name = "authentik Enterprise"
    default = True
-    def reconcile_load_enterprise_signals(self):
+    def reconcile_global_load_enterprise_signals(self):
        """Load enterprise signals"""
        self.import_module("authentik.enterprise.signals")
--- a/authentik/enterprise/providers/rac/apps.py
+++ b/authentik/enterprise/providers/rac/apps.py
@ -12,6 +12,6 @@ class AuthentikEnterpriseProviderRAC(EnterpriseConfig):
    mountpoint = ""
    ws_mountpoint = "authentik.enterprise.providers.rac.urls"
-    def reconcile_load_rac_signals(self):
+    def reconcile_global_load_rac_signals(self):
        """Load rac signals"""
        self.import_module("authentik.enterprise.providers.rac.signals")
--- a/authentik/events/apps.py
+++ b/authentik/events/apps.py
@ -19,11 +19,11 @@ class AuthentikEventsConfig(ManagedAppConfig):
    verbose_name = "authentik Events"
    default = True
-    def reconcile_load_events_signals(self):
+    def reconcile_global_load_events_signals(self):
        """Load events signals"""
        self.import_module("authentik.events.signals")
-    def reconcile_check_deprecations(self):
+    def reconcile_global_check_deprecations(self):
        """Check for config deprecations"""
        from authentik.events.models import Event, EventAction
--- a/authentik/flows/apps.py
+++ b/authentik/flows/apps.py
@ -30,11 +30,11 @@ class AuthentikFlowsConfig(ManagedAppConfig):
    verbose_name = "authentik Flows"
    default = True
-    def reconcile_load_flows_signals(self):
+    def reconcile_global_load_flows_signals(self):
        """Load flows signals"""
        self.import_module("authentik.flows.signals")
-    def reconcile_load_stages(self):
+    def reconcile_global_load_stages(self):
        """Ensure all stages are loaded"""
        from authentik.flows.models import Stage
--- a/authentik/outposts/apps.py
+++ b/authentik/outposts/apps.py
@ -29,7 +29,7 @@ class AuthentikOutpostConfig(ManagedAppConfig):
    verbose_name = "authentik Outpost"
    default = True
-    def reconcile_load_outposts_signals(self):
+    def reconcile_global_load_outposts_signals(self):
        """Load outposts signals"""
        self.import_module("authentik.outposts.signals")
--- a/authentik/policies/apps.py
+++ b/authentik/policies/apps.py
@ -35,6 +35,6 @@ class AuthentikPoliciesConfig(ManagedAppConfig):
    verbose_name = "authentik Policies"
    default = True
-    def reconcile_load_policies_signals(self):
+    def reconcile_global_load_policies_signals(self):
        """Load policies signals"""
        self.import_module("authentik.policies.signals")
--- a/authentik/policies/reputation/apps.py
+++ b/authentik/policies/reputation/apps.py
@ -10,10 +10,10 @@ class AuthentikPolicyReputationConfig(ManagedAppConfig):
    verbose_name = "authentik Policies.Reputation"
    default = True
-    def reconcile_load_policies_reputation_signals(self):
+    def reconcile_global_load_policies_reputation_signals(self):
        """Load policies.reputation signals"""
        self.import_module("authentik.policies.reputation.signals")
-    def reconcile_load_policies_reputation_tasks(self):
+    def reconcile_global_load_policies_reputation_tasks(self):
        """Load policies.reputation tasks"""
        self.import_module("authentik.policies.reputation.tasks")
--- a/authentik/providers/proxy/apps.py
+++ b/authentik/providers/proxy/apps.py
@ -10,6 +10,6 @@ class AuthentikProviderProxyConfig(ManagedAppConfig):
    verbose_name = "authentik Providers.Proxy"
    default = True
-    def reconcile_load_providers_proxy_signals(self):
+    def reconcile_global_load_providers_proxy_signals(self):
        """Load proxy signals"""
        self.import_module("authentik.providers.proxy.signals")
--- a/authentik/providers/scim/apps.py
+++ b/authentik/providers/scim/apps.py
@ -10,6 +10,6 @@ class AuthentikProviderSCIMConfig(ManagedAppConfig):
    verbose_name = "authentik Providers.SCIM"
    default = True
-    def reconcile_load_signals(self):
+    def reconcile_global_load_signals(self):
        """Load signals"""
        self.import_module("authentik.providers.scim.signals")
--- a/authentik/rbac/apps.py
+++ b/authentik/rbac/apps.py
@ -10,6 +10,6 @@ class AuthentikRBACConfig(ManagedAppConfig):
    verbose_name = "authentik RBAC"
    default = True
-    def reconcile_load_rbac_signals(self):
+    def reconcile_global_load_rbac_signals(self):
        """Load rbac signals"""
        self.import_module("authentik.rbac.signals")
--- a/authentik/sources/ldap/apps.py
+++ b/authentik/sources/ldap/apps.py
@ -10,6 +10,6 @@ class AuthentikSourceLDAPConfig(ManagedAppConfig):
    verbose_name = "authentik Sources.LDAP"
    default = True
-    def reconcile_load_sources_ldap_signals(self):
+    def reconcile_global_load_sources_ldap_signals(self):
        """Load sources.ldap signals"""
        self.import_module("authentik.sources.ldap.signals")
--- a/authentik/sources/oauth/apps.py
+++ b/authentik/sources/oauth/apps.py
@ -31,7 +31,7 @@ class AuthentikSourceOAuthConfig(ManagedAppConfig):
    mountpoint = "source/oauth/"
    default = True
-    def reconcile_sources_loaded(self):
+    def reconcile_global_sources_loaded(self):
        """Load source_types from config file"""
        for source_type in AUTHENTIK_SOURCES_OAUTH_TYPES:
            try:
--- a/authentik/sources/saml/apps.py
+++ b/authentik/sources/saml/apps.py
@ -11,6 +11,6 @@ class AuthentikSourceSAMLConfig(ManagedAppConfig):
    mountpoint = "source/saml/"
    default = True
-    def reconcile_load_sources_saml_signals(self):
+    def reconcile_global_load_sources_saml_signals(self):
        """Load sources.saml signals"""
        self.import_module("authentik.sources.saml.signals")
--- a/authentik/stages/authenticator_duo/apps.py
+++ b/authentik/stages/authenticator_duo/apps.py
@ -11,6 +11,6 @@ class AuthentikStageAuthenticatorDuoConfig(ManagedAppConfig):
    verbose_name = "authentik Stages.Authenticator.Duo"
    default = True
-    def reconcile_load_tasks(self):
+    def reconcile_global_load_tasks(self):
        """Load tasks"""
        self.import_module("authentik.stages.authenticator_duo.tasks")
--- a/authentik/stages/authenticator_static/apps.py
+++ b/authentik/stages/authenticator_static/apps.py
@ -10,6 +10,6 @@ class AuthentikStageAuthenticatorStaticConfig(ManagedAppConfig):
    verbose_name = "authentik Stages.Authenticator.Static"
    default = True
-    def reconcile_load_stages_authenticator_static_signals(self):
+    def reconcile_global_load_stages_authenticator_static_signals(self):
        """Load stages.authenticator_static signals"""
        self.import_module("authentik.stages.authenticator_static.signals")
--- a/authentik/stages/email/apps.py
+++ b/authentik/stages/email/apps.py
@ -14,6 +14,6 @@ class AuthentikStageEmailConfig(ManagedAppConfig):
    verbose_name = "authentik Stages.Email"
    default = True
-    def reconcile_load_stages_emails_tasks(self):
+    def reconcile_global_load_stages_emails_tasks(self):
        """Load stages.emails tasks"""
        self.import_module("authentik.stages.email.tasks")
--- a/authentik/tenants/apps.py
+++ b/authentik/tenants/apps.py
@ -27,10 +27,7 @@ class AuthentikTenantsConfig(ManagedAppConfig):
    verbose_name = "authentik Tenants"
    default = True
-    def ready(self):
+    def reconcile_global_default_tenant(self):
        post_migrate.connect(reconcile_default_tenant)
        super().ready()
    def reconcile_default_tenant(self):
        """Make sure default tenant exists, especially after a migration"""
        post_migrate.connect(reconcile_default_tenant)
        reconcile_default_tenant()