From 3344af72c21ca673e0cb01fd23ae6de7cb8ea02a Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Tue, 5 Jul 2022 20:26:56 +0000
Subject: [PATCH] outposts: cleanup user handling

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/outposts/models.py | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/authentik/outposts/models.py b/authentik/outposts/models.py
index f7024ac13..7eeb5e20d 100644
--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@@ -331,20 +331,18 @@ class Outpost(ManagedModel):
     @property
     def user(self) -> User:
         """Get/create user with access to all required objects"""
-        users = User.objects.filter(username=self.user_identifier)
-        should_create_user = not users.exists()
-        if should_create_user:
+        user = User.objects.filter(username=self.user_identifier).first()
+        user_created = False
+        if not user:
             user: User = User.objects.create(username=self.user_identifier)
             user.set_unusable_password()
-            user.save()
-        else:
-            user = users.first()
+            user_created = True
         user.attributes[USER_ATTRIBUTE_SA] = True
         user.attributes[USER_ATTRIBUTE_CAN_OVERRIDE_IP] = True
         user.name = f"Outpost {self.name} Service-Account"
         user.path = USER_PATH_OUTPOSTS
         user.save()
-        if should_create_user:
+        if user_created:
             self.build_user_permissions(user)
         return user