outposts: fix integrity error with tokens
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
ddfc943bba
commit
fc8004db2b
|
@ -18,7 +18,6 @@ class AuthentikAPIConfig(AppConfig):
|
||||||
|
|
||||||
# Class is defined here as it needs to be created early enough that drf-spectacular will
|
# Class is defined here as it needs to be created early enough that drf-spectacular will
|
||||||
# find it, but also won't cause any import issues
|
# find it, but also won't cause any import issues
|
||||||
|
|
||||||
# pylint: disable=unused-variable
|
# pylint: disable=unused-variable
|
||||||
class TokenSchema(OpenApiAuthenticationExtension):
|
class TokenSchema(OpenApiAuthenticationExtension):
|
||||||
"""Auth schema"""
|
"""Auth schema"""
|
||||||
|
|
|
@ -8,7 +8,7 @@ from uuid import uuid4
|
||||||
from dacite import from_dict
|
from dacite import from_dict
|
||||||
from django.contrib.auth.models import Permission
|
from django.contrib.auth.models import Permission
|
||||||
from django.core.cache import cache
|
from django.core.cache import cache
|
||||||
from django.db import models, transaction
|
from django.db import IntegrityError, models, transaction
|
||||||
from django.db.models.base import Model
|
from django.db.models.base import Model
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from docker.client import DockerClient
|
from docker.client import DockerClient
|
||||||
|
@ -380,21 +380,24 @@ class Outpost(models.Model):
|
||||||
tokens = Token.filter_not_expired(
|
tokens = Token.filter_not_expired(
|
||||||
identifier=self.token_identifier,
|
identifier=self.token_identifier,
|
||||||
intent=TokenIntents.INTENT_API,
|
intent=TokenIntents.INTENT_API,
|
||||||
)
|
|
||||||
if tokens.exists():
|
|
||||||
token = tokens.first()
|
|
||||||
if not token.managed:
|
|
||||||
token.managed = managed
|
|
||||||
token.save()
|
|
||||||
return token
|
|
||||||
return Token.objects.create(
|
|
||||||
user=self.user,
|
|
||||||
identifier=self.token_identifier,
|
|
||||||
intent=TokenIntents.INTENT_API,
|
|
||||||
description=f"Autogenerated by authentik for Outpost {self.name}",
|
|
||||||
expiring=False,
|
|
||||||
managed=managed,
|
managed=managed,
|
||||||
)
|
)
|
||||||
|
if tokens.exists():
|
||||||
|
return tokens.first()
|
||||||
|
try:
|
||||||
|
return Token.objects.create(
|
||||||
|
user=self.user,
|
||||||
|
identifier=self.token_identifier,
|
||||||
|
intent=TokenIntents.INTENT_API,
|
||||||
|
description=f"Autogenerated by authentik for Outpost {self.name}",
|
||||||
|
expiring=False,
|
||||||
|
managed=managed,
|
||||||
|
)
|
||||||
|
except IntegrityError:
|
||||||
|
# Integrity error happens mostly when managed is re-used
|
||||||
|
Token.objects.filter(managed=managed).delete()
|
||||||
|
Token.objects.filter(identifier=self.token_identifier).delete()
|
||||||
|
return self.token
|
||||||
|
|
||||||
def get_required_objects(self) -> Iterable[Union[models.Model, str]]:
|
def get_required_objects(self) -> Iterable[Union[models.Model, str]]:
|
||||||
"""Get an iterator of all objects the user needs read access to"""
|
"""Get an iterator of all objects the user needs read access to"""
|
||||||
|
|
Reference in a new issue