self review
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
parent
683e634116
commit
8832796dbd
|
@ -3,10 +3,10 @@ from sys import exit as sys_exit
|
||||||
|
|
||||||
from django.core.management.base import BaseCommand, no_translations
|
from django.core.management.base import BaseCommand, no_translations
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
from tenant_schemas_celery.scheduler import Tenant
|
|
||||||
|
|
||||||
from authentik.blueprints.models import BlueprintInstance
|
from authentik.blueprints.models import BlueprintInstance
|
||||||
from authentik.blueprints.v1.importer import Importer
|
from authentik.blueprints.v1.importer import Importer
|
||||||
|
from authentik.tenants.models import Tenant
|
||||||
|
|
||||||
LOGGER = get_logger()
|
LOGGER = get_logger()
|
||||||
|
|
||||||
|
@ -17,7 +17,7 @@ class Command(BaseCommand):
|
||||||
@no_translations
|
@no_translations
|
||||||
def handle(self, *args, **options):
|
def handle(self, *args, **options):
|
||||||
"""Apply all blueprints in order, abort when one fails to import"""
|
"""Apply all blueprints in order, abort when one fails to import"""
|
||||||
for tenant in Tenant.objects.all():
|
for tenant in Tenant.objects.filter(ready=True):
|
||||||
with tenant:
|
with tenant:
|
||||||
for blueprint_path in options.get("blueprints", []):
|
for blueprint_path in options.get("blueprints", []):
|
||||||
content = BlueprintInstance(path=blueprint_path).retrieve()
|
content = BlueprintInstance(path=blueprint_path).retrieve()
|
||||||
|
|
|
@ -13,7 +13,7 @@ class Command(BaseCommand):
|
||||||
@no_translations
|
@no_translations
|
||||||
def handle(self, *args, **options):
|
def handle(self, *args, **options):
|
||||||
"""Check permissions for all apps"""
|
"""Check permissions for all apps"""
|
||||||
for tenant in Tenant.objects.all():
|
for tenant in Tenant.objects.filter(ready=True):
|
||||||
with tenant:
|
with tenant:
|
||||||
for app in apps.get_app_configs():
|
for app in apps.get_app_configs():
|
||||||
self.stdout.write(f"Checking app {app.name} ({app.label})\n")
|
self.stdout.write(f"Checking app {app.name} ({app.label})\n")
|
||||||
|
|
|
@ -118,7 +118,10 @@ def add_process_id(logger: Logger, method_name: str, event_dict):
|
||||||
def add_tenant_information(logger: Logger, method_name: str, event_dict):
|
def add_tenant_information(logger: Logger, method_name: str, event_dict):
|
||||||
"""Add the current tenant"""
|
"""Add the current tenant"""
|
||||||
tenant = getattr(connection, "tenant", None)
|
tenant = getattr(connection, "tenant", None)
|
||||||
|
schema_name = getattr(connection, "schema_name", None)
|
||||||
if tenant is not None:
|
if tenant is not None:
|
||||||
event_dict["schema_name"] = tenant.schema_name
|
event_dict["schema_name"] = tenant.schema_name
|
||||||
event_dict["domain_url"] = getattr(tenant, "domain_url", None)
|
event_dict["domain_url"] = getattr(tenant, "domain_url", None)
|
||||||
|
elif schema_name is not None:
|
||||||
|
event_dict["schema_name"] = schema_name
|
||||||
return event_dict
|
return event_dict
|
||||||
|
|
|
@ -11,7 +11,7 @@ from authentik.core.models import Application, Group, User
|
||||||
from authentik.lib.generators import generate_id
|
from authentik.lib.generators import generate_id
|
||||||
from authentik.providers.scim.models import SCIMMapping, SCIMProvider
|
from authentik.providers.scim.models import SCIMMapping, SCIMProvider
|
||||||
from authentik.providers.scim.tasks import scim_sync
|
from authentik.providers.scim.tasks import scim_sync
|
||||||
from authentik.tenants.utils import get_current_tenant
|
from authentik.tenants.models import Tenant
|
||||||
|
|
||||||
|
|
||||||
class SCIMUserTests(TestCase):
|
class SCIMUserTests(TestCase):
|
||||||
|
@ -21,9 +21,7 @@ class SCIMUserTests(TestCase):
|
||||||
def setUp(self) -> None:
|
def setUp(self) -> None:
|
||||||
# Delete all users and groups as the mocked HTTP responses only return one ID
|
# Delete all users and groups as the mocked HTTP responses only return one ID
|
||||||
# which will cause errors with multiple users
|
# which will cause errors with multiple users
|
||||||
tenant = get_current_tenant()
|
Tenant.objects.update(avatars="none")
|
||||||
tenant.avatars = "none"
|
|
||||||
tenant.save()
|
|
||||||
User.objects.all().exclude(pk=get_anonymous_user().pk).delete()
|
User.objects.all().exclude(pk=get_anonymous_user().pk).delete()
|
||||||
Group.objects.all().delete()
|
Group.objects.all().delete()
|
||||||
self.provider: SCIMProvider = SCIMProvider.objects.create(
|
self.provider: SCIMProvider = SCIMProvider.objects.create(
|
||||||
|
|
|
@ -203,7 +203,7 @@ class LDAPSource(Source):
|
||||||
"""Redis lock for syncing LDAP to prevent multiple parallel syncs happening"""
|
"""Redis lock for syncing LDAP to prevent multiple parallel syncs happening"""
|
||||||
return Lock(
|
return Lock(
|
||||||
cache.client.get_client(),
|
cache.client.get_client(),
|
||||||
name=f"goauthentik.io/sources/ldap/sync{connection.schema_name}-{self.slug}",
|
name=f"goauthentik.io/sources/ldap/sync/{connection.schema_name}-{self.slug}",
|
||||||
# Convert task timeout hours to seconds, and multiply times 3
|
# Convert task timeout hours to seconds, and multiply times 3
|
||||||
# (see authentik/sources/ldap/tasks.py:54)
|
# (see authentik/sources/ldap/tasks.py:54)
|
||||||
# multiply by 3 to add even more leeway
|
# multiply by 3 to add even more leeway
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
"""Inject tenant into current request"""
|
|
||||||
from typing import Callable
|
|
||||||
|
|
||||||
from django.http import HttpRequest, HttpResponse
|
|
||||||
from django_tenants.utils import get_tenant
|
|
||||||
from sentry_sdk.api import set_tag
|
|
||||||
|
|
||||||
|
|
||||||
class CurrentTenantMiddleware:
|
|
||||||
"""Add current tenant to http request"""
|
|
||||||
|
|
||||||
get_response: Callable[[HttpRequest], HttpResponse]
|
|
||||||
|
|
||||||
def __init__(self, get_response: Callable[[HttpRequest], HttpResponse]):
|
|
||||||
self.get_response = get_response
|
|
||||||
|
|
||||||
def __call__(self, request: HttpRequest) -> HttpResponse:
|
|
||||||
if not hasattr(request, "tenant"):
|
|
||||||
tenant = get_tenant(request)
|
|
||||||
setattr(request, "tenant", tenant)
|
|
||||||
if tenant is not None:
|
|
||||||
set_tag("authentik.tenant_uuid", tenant.tenant_uuid.hex)
|
|
||||||
set_tag("authentik.tenant_domain_regex", tenant.domain_regex)
|
|
||||||
return self.get_response(request)
|
|
Reference in a new issue