From 8832796dbdf621d448790326f7ff0ca11e513caa Mon Sep 17 00:00:00 2001 From: Marc 'risson' Schmitt Date: Tue, 16 Jan 2024 06:11:31 +0100 Subject: [PATCH] self review Signed-off-by: Marc 'risson' Schmitt --- .../management/commands/apply_blueprint.py | 4 ++-- .../management/commands/repair_permissions.py | 2 +- authentik/lib/logging.py | 3 +++ authentik/providers/scim/tests/test_user.py | 6 ++--- authentik/sources/ldap/models.py | 2 +- authentik/tenants/middleware.py | 24 ------------------- 6 files changed, 9 insertions(+), 32 deletions(-) delete mode 100644 authentik/tenants/middleware.py diff --git a/authentik/blueprints/management/commands/apply_blueprint.py b/authentik/blueprints/management/commands/apply_blueprint.py index a35b092fe..adc76c207 100644 --- a/authentik/blueprints/management/commands/apply_blueprint.py +++ b/authentik/blueprints/management/commands/apply_blueprint.py @@ -3,10 +3,10 @@ from sys import exit as sys_exit from django.core.management.base import BaseCommand, no_translations from structlog.stdlib import get_logger -from tenant_schemas_celery.scheduler import Tenant from authentik.blueprints.models import BlueprintInstance from authentik.blueprints.v1.importer import Importer +from authentik.tenants.models import Tenant LOGGER = get_logger() @@ -17,7 +17,7 @@ class Command(BaseCommand): @no_translations def handle(self, *args, **options): """Apply all blueprints in order, abort when one fails to import""" - for tenant in Tenant.objects.all(): + for tenant in Tenant.objects.filter(ready=True): with tenant: for blueprint_path in options.get("blueprints", []): content = BlueprintInstance(path=blueprint_path).retrieve() diff --git a/authentik/core/management/commands/repair_permissions.py b/authentik/core/management/commands/repair_permissions.py index c58167799..25200b2ad 100644 --- a/authentik/core/management/commands/repair_permissions.py +++ b/authentik/core/management/commands/repair_permissions.py @@ -13,7 +13,7 @@ class Command(BaseCommand): @no_translations def handle(self, *args, **options): """Check permissions for all apps""" - for tenant in Tenant.objects.all(): + for tenant in Tenant.objects.filter(ready=True): with tenant: for app in apps.get_app_configs(): self.stdout.write(f"Checking app {app.name} ({app.label})\n") diff --git a/authentik/lib/logging.py b/authentik/lib/logging.py index 5205c568c..b93cd06e5 100644 --- a/authentik/lib/logging.py +++ b/authentik/lib/logging.py @@ -118,7 +118,10 @@ def add_process_id(logger: Logger, method_name: str, event_dict): def add_tenant_information(logger: Logger, method_name: str, event_dict): """Add the current tenant""" tenant = getattr(connection, "tenant", None) + schema_name = getattr(connection, "schema_name", None) if tenant is not None: event_dict["schema_name"] = tenant.schema_name event_dict["domain_url"] = getattr(tenant, "domain_url", None) + elif schema_name is not None: + event_dict["schema_name"] = schema_name return event_dict diff --git a/authentik/providers/scim/tests/test_user.py b/authentik/providers/scim/tests/test_user.py index bf57f319f..4d05b9776 100644 --- a/authentik/providers/scim/tests/test_user.py +++ b/authentik/providers/scim/tests/test_user.py @@ -11,7 +11,7 @@ from authentik.core.models import Application, Group, User from authentik.lib.generators import generate_id from authentik.providers.scim.models import SCIMMapping, SCIMProvider from authentik.providers.scim.tasks import scim_sync -from authentik.tenants.utils import get_current_tenant +from authentik.tenants.models import Tenant class SCIMUserTests(TestCase): @@ -21,9 +21,7 @@ class SCIMUserTests(TestCase): def setUp(self) -> None: # Delete all users and groups as the mocked HTTP responses only return one ID # which will cause errors with multiple users - tenant = get_current_tenant() - tenant.avatars = "none" - tenant.save() + Tenant.objects.update(avatars="none") User.objects.all().exclude(pk=get_anonymous_user().pk).delete() Group.objects.all().delete() self.provider: SCIMProvider = SCIMProvider.objects.create( diff --git a/authentik/sources/ldap/models.py b/authentik/sources/ldap/models.py index a81e6354e..c9ecda4ef 100644 --- a/authentik/sources/ldap/models.py +++ b/authentik/sources/ldap/models.py @@ -203,7 +203,7 @@ class LDAPSource(Source): """Redis lock for syncing LDAP to prevent multiple parallel syncs happening""" return Lock( cache.client.get_client(), - name=f"goauthentik.io/sources/ldap/sync{connection.schema_name}-{self.slug}", + name=f"goauthentik.io/sources/ldap/sync/{connection.schema_name}-{self.slug}", # Convert task timeout hours to seconds, and multiply times 3 # (see authentik/sources/ldap/tasks.py:54) # multiply by 3 to add even more leeway diff --git a/authentik/tenants/middleware.py b/authentik/tenants/middleware.py deleted file mode 100644 index 75143acf9..000000000 --- a/authentik/tenants/middleware.py +++ /dev/null @@ -1,24 +0,0 @@ -"""Inject tenant into current request""" -from typing import Callable - -from django.http import HttpRequest, HttpResponse -from django_tenants.utils import get_tenant -from sentry_sdk.api import set_tag - - -class CurrentTenantMiddleware: - """Add current tenant to http request""" - - get_response: Callable[[HttpRequest], HttpResponse] - - def __init__(self, get_response: Callable[[HttpRequest], HttpResponse]): - self.get_response = get_response - - def __call__(self, request: HttpRequest) -> HttpResponse: - if not hasattr(request, "tenant"): - tenant = get_tenant(request) - setattr(request, "tenant", tenant) - if tenant is not None: - set_tag("authentik.tenant_uuid", tenant.tenant_uuid.hex) - set_tag("authentik.tenant_domain_regex", tenant.domain_regex) - return self.get_response(request)