From af8cdb34ee7f5d28a7500822bcf3ee30a8b58895 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Fri, 19 Jun 2020 20:35:38 +0200 Subject: [PATCH] *: fix not all migrations using db_alias --- e2e/test_provider_oidc.py | 4 +- passbook/core/migrations/0003_default_user.py | 4 +- .../flows/migrations/0004_source_flows.py | 50 ++++++++++++------- .../flows/migrations/0005_provider_flows.py | 10 ++-- 4 files changed, 45 insertions(+), 23 deletions(-) diff --git a/e2e/test_provider_oidc.py b/e2e/test_provider_oidc.py index 0c16c739d..52c9fa68d 100644 --- a/e2e/test_provider_oidc.py +++ b/e2e/test_provider_oidc.py @@ -79,7 +79,9 @@ class TestProviderOIDC(StaticLiveServerTestCase): """test OpenID Provider flow (invalid redirect URI, check error message)""" sleep(1) # Bootstrap all needed objects - authorization_flow = Flow.objects.get(slug="default-provider-authorization") + authorization_flow = Flow.objects.get( + slug="default-provider-authorization-implicit-consent" + ) client = Client.objects.create( name="grafana", client_type="confidential", diff --git a/passbook/core/migrations/0003_default_user.py b/passbook/core/migrations/0003_default_user.py index d236c8f90..63af2c780 100644 --- a/passbook/core/migrations/0003_default_user.py +++ b/passbook/core/migrations/0003_default_user.py @@ -9,7 +9,9 @@ def create_default_user(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): # We have to use a direct import here, otherwise we get an object manager error from passbook.core.models import User - pbadmin, _ = User.objects.get_or_create( + db_alias = schema_editor.connection.alias + + pbadmin, _ = User.objects.using(db_alias).get_or_create( username="pbadmin", email="root@localhost", name="passbook Default Admin" ) pbadmin.set_password("pbadmin") # noqa # nosec diff --git a/passbook/flows/migrations/0004_source_flows.py b/passbook/flows/migrations/0004_source_flows.py index 112ff34a3..746424f17 100644 --- a/passbook/flows/migrations/0004_source_flows.py +++ b/passbook/flows/migrations/0004_source_flows.py @@ -32,25 +32,27 @@ def create_default_source_enrollment_flow( db_alias = schema_editor.connection.alias # Create a policy that only allows this flow when doing an SSO Request - flow_policy = ExpressionPolicy.objects.create( + flow_policy = ExpressionPolicy.objects.using(db_alias).create( name="default-source-enrollment-if-sso", expression=FLOW_POLICY_EXPRESSION ) # This creates a Flow used by sources to enroll users # It makes sure that a username is set, and if not, prompts the user for a Username - flow = Flow.objects.create( + flow = Flow.objects.using(db_alias).create( name="default-source-enrollment", slug="default-source-enrollment", designation=FlowDesignation.ENROLLMENT, ) - PolicyBinding.objects.create(policy=flow_policy, target=flow, order=0) + PolicyBinding.objects.using(db_alias).create( + policy=flow_policy, target=flow, order=0 + ) # PromptStage to ask user for their username - prompt_stage = PromptStage.objects.create( + prompt_stage = PromptStage.objects.using(db_alias).create( name="default-source-enrollment-username-prompt", ) prompt_stage.fields.add( - Prompt.objects.create( + Prompt.objects.using(db_alias).create( field_key="username", label="Username", type=FieldTypes.TEXT, @@ -59,20 +61,30 @@ def create_default_source_enrollment_flow( ) ) # Policy to only trigger prompt when no username is given - prompt_policy = ExpressionPolicy.objects.create( + prompt_policy = ExpressionPolicy.objects.using(db_alias).create( name="default-source-enrollment-if-username", expression=PROMPT_POLICY_EXPRESSION, ) # UserWrite stage to create the user, and login stage to log user in - user_write = UserWriteStage.objects.create(name="default-source-enrollment-write") - user_login = UserLoginStage.objects.create(name="default-source-enrollment-login") + user_write = UserWriteStage.objects.using(db_alias).create( + name="default-source-enrollment-write" + ) + user_login = UserLoginStage.objects.using(db_alias).create( + name="default-source-enrollment-login" + ) - binding = FlowStageBinding.objects.create(flow=flow, stage=prompt_stage, order=0) - PolicyBinding.objects.create(policy=prompt_policy, target=binding) + binding = FlowStageBinding.objects.using(db_alias).create( + flow=flow, stage=prompt_stage, order=0 + ) + PolicyBinding.objects.using(db_alias).create(policy=prompt_policy, target=binding) - FlowStageBinding.objects.create(flow=flow, stage=user_write, order=1) - FlowStageBinding.objects.create(flow=flow, stage=user_login, order=2) + FlowStageBinding.objects.using(db_alias).create( + flow=flow, stage=user_write, order=1 + ) + FlowStageBinding.objects.using(db_alias).create( + flow=flow, stage=user_login, order=2 + ) def create_default_source_authentication_flow( @@ -91,22 +103,26 @@ def create_default_source_authentication_flow( db_alias = schema_editor.connection.alias # Create a policy that only allows this flow when doing an SSO Request - flow_policy = ExpressionPolicy.objects.create( + flow_policy = ExpressionPolicy.objects.using(db_alias).create( name="default-source-authentication-if-sso", expression=FLOW_POLICY_EXPRESSION ) # This creates a Flow used by sources to authenticate users - flow = Flow.objects.create( + flow = Flow.objects.using(db_alias).create( name="default-source-authentication", slug="default-source-authentication", designation=FlowDesignation.AUTHENTICATION, ) - PolicyBinding.objects.create(policy=flow_policy, target=flow, order=0) + PolicyBinding.objects.using(db_alias).create( + policy=flow_policy, target=flow, order=0 + ) - user_login = UserLoginStage.objects.create( + user_login = UserLoginStage.objects.using(db_alias).create( name="default-source-authentication-login" ) - FlowStageBinding.objects.create(flow=flow, stage=user_login, order=0) + FlowStageBinding.objects.using(db_alias).create( + flow=flow, stage=user_login, order=0 + ) class Migration(migrations.Migration): diff --git a/passbook/flows/migrations/0005_provider_flows.py b/passbook/flows/migrations/0005_provider_flows.py index 007f29475..6fa5fa48e 100644 --- a/passbook/flows/migrations/0005_provider_flows.py +++ b/passbook/flows/migrations/0005_provider_flows.py @@ -18,20 +18,22 @@ def create_default_provider_authz_flow( db_alias = schema_editor.connection.alias # Empty flow for providers where consent is implicitly given - Flow.objects.create( + Flow.objects.using(db_alias).create( name="Authorize Application", slug="default-provider-authorization-implicit-consent", designation=FlowDesignation.AUTHORIZATION, ) # Flow with consent form to obtain explicit user consent - flow = Flow.objects.create( + flow = Flow.objects.using(db_alias).create( name="Authorize Application", slug="default-provider-authorization-explicit-consent", designation=FlowDesignation.AUTHORIZATION, ) - stage = ConsentStage.objects.create(name="default-provider-authorization-consent") - FlowStageBinding.objects.create(flow=flow, stage=stage, order=0) + stage = ConsentStage.objects.using(db_alias).create( + name="default-provider-authorization-consent" + ) + FlowStageBinding.objects.using(db_alias).create(flow=flow, stage=stage, order=0) class Migration(migrations.Migration):