add settings tests

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

authentik/tenants/api.py

@@ -97,15 +97,9 @@ class DomainViewSet(ModelViewSet):
 class SettingsSerializer(ModelSerializer):
     """Settings Serializer"""
 
-    name = ReadOnlyField()
-    domains = DomainSerializer(read_only=True, many=True)
-
     class Meta:
         model = Tenant
         fields = [
-            "tenant_uuid",
-            "name",
-            "domains",
             "avatars",
             "default_user_change_name",
             "default_user_change_email",
@@ -125,6 +119,6 @@ class SettingsView(RetrieveUpdateAPIView):
     filter_backends = []
 
     def get_object(self):
-        obj = get_tenant(self.request)
+        obj = self.request.tenant
         self.check_object_permissions(self.request, obj)
         return obj

authentik/tenants/tests/test_domain.py

@@ -26,7 +26,7 @@ class TestDomainAPI(TenantAPITestCase):
     @CONFIG.patch("tenants.enabled", True)
     @CONFIG.patch("tenants.api_key", TENANTS_API_KEY)
     def test_domain(self):
-        """Test domain creation"""
+        """Test domain"""
         response = self.client.post(
             reverse("authentik_api:domain-list"),
             headers=HEADERS,

authentik/tenants/tests/test_settings.py

@@ -4,6 +4,7 @@ from json import loads
 from django.urls import reverse
 from django_tenants.utils import get_public_schema_name
 
+from authentik.core.tests.utils import create_test_admin_user
 from authentik.lib.config import CONFIG
 from authentik.lib.generators import generate_id
 from authentik.tenants.models import Domain, Tenant
@@ -13,38 +14,73 @@ TENANTS_API_KEY = generate_id()
 HEADERS = {"Authorization": f"Bearer {TENANTS_API_KEY}"}
 
 
-# class TestSettingsAPI(TenantAPITestCase):
-#     def setUp(self):
-#         super().setUp()
-#         self.tenant_1 = Tenant.objects.get(schema_name=get_public_schema_name())
-#         self.tenant_2 = Tenant.objects.create(
-#             name=generate_id(), schema_name="t_" + generate_id().lower()
-#         )
-#
-#     @CONFIG.patch("outposts.disable_embedded_outpost", True)
-#     @CONFIG.patch("tenants.enabled", True)
-#     @CONFIG.patch("tenants.api_key", TENANTS_API_KEY)
-#     def test_domain(self):
-#         """Test domain creation"""
-#         response = self.client.post(
-#             reverse("authentik_api:domain-list"),
-#             headers=HEADERS,
-#             data={"tenant": self.tenant.pk, "domain": "test.domain"},
-#         )
-#         self.assertEqual(response.status_code, 201)
-#         body = loads(response.content.decode())
-#         self.assertEqual(self.tenant.domains.get(domain="test.domain").pk, body["id"])
-#         self.assertEqual(self.tenant.domains.get(domain="test.domain").is_primary, True)
-#
-#         response = self.client.post(
-#             reverse("authentik_api:domain-list"),
-#             headers=HEADERS,
-#             data={"tenant": self.tenant.pk, "domain": "newprimary.domain", "is_primary": True},
-#         )
-#         self.assertEqual(response.status_code, 201)
-#         self.assertEqual(
-#             Domain.objects.get(tenant=self.tenant, domain="newprimary.domain").is_primary, True
-#         )
-#         self.assertEqual(
-#             Domain.objects.get(tenant=self.tenant, domain="test.domain").is_primary, False
-#         )
+class TestSettingsAPI(TenantAPITestCase):
+    def setUp(self):
+        super().setUp()
+        self.tenant_1 = Tenant.objects.get(schema_name=get_public_schema_name())
+        with self.tenant_1:
+            self.admin_1 = create_test_admin_user()
+        self.tenant_2 = Tenant.objects.create(
+            name=generate_id(), schema_name="t_" + generate_id().lower()
+        )
+        Domain.objects.create(tenant=self.tenant_2, domain="tenant_2.testserver")
+        with self.tenant_2:
+            self.admin_2 = create_test_admin_user()
+
+    def test_settings(self):
+        """Test settings API"""
+        # We need those context managers here because the test client doesn't put itself
+        # in the tenant context as a real request would.
+        with self.tenant_1:
+            self.client.force_login(self.admin_1)
+        response = self.client.patch(
+            reverse("authentik_api:tenant_settings"),
+            data={
+                "avatars": "tenant_1_mode",
+            },
+        )
+        self.assertEqual(response.status_code, 200)
+        self.tenant_1.refresh_from_db()
+        self.assertEqual(self.tenant_1.avatars, "tenant_1_mode")
+        with self.tenant_1:
+            self.client.logout()
+
+        # with self.tenant_2:
+        #     self.client.force_login(self.admin_2)
+        # response = self.client.patch(
+        #     reverse("authentik_api:tenant_settings"),
+        #     data={
+        #         "avatars": "tenant_2_mode",
+        #     },
+        #     headers={
+        #         "Host": "tenant_2.testserver",
+        #     },
+        # )
+        # self.assertEqual(response.status_code, 200)
+        # self.tenant_2.refresh_from_db()
+        # self.assertEqual(self.tenant_2.avatars, "tenant_2_mode")
+        # with self.tenant_2:
+        #     self.client.logout()
+
+        # with self.tenant_1:
+        #     self.client.force_login(self.admin_1)
+        # response_1 = self.client.get(
+        #     reverse("authentik_api:tenant_settings"),
+        # )
+        # self.assertEqual(response_1.status_code, 200)
+        # body_1 = loads(response_1.content.decode())
+        # with self.tenant_1:
+        #     self.client.logout()
+        # with self.tenant_2:
+        #     self.client.force_login(self.admin_2)
+        # response_2 = self.client.get(
+        #     reverse("authentik_api:tenant_settings"),
+        #     headers={
+        #         "host": "tenant_2.testserver",
+        #     },
+        # )
+        # self.assertEqual(response_2.status_code, 200)
+        # body_2 = loads(response_2.content.decode())
+        # with self.tenant_2:
+        #     self.client.logout()
+        # self.assertNotEqual(body_1["avatars"], body_2["avatars"])

authentik/tenants/tests/utils.py

@@ -24,7 +24,7 @@ class TenantAPITestCase(APITransactionTestCase):
                 schemas = cursor.fetchall()
                 for row in schemas:
                     schema = row[0]
-                    cursor.execute(f"DROP SCHEMA {schema}")
+                    cursor.execute(f"DROP SCHEMA {schema} CASCADE")
 
     def setUp(self):
         call_command("migrate_schemas", schema="template", tenant=True)

schema.yml

@@ -41528,18 +41528,6 @@ components:
       type: object
       description: Settings Serializer
       properties:
-        tenant_uuid:
-          type: string
-          format: uuid
-          readOnly: true
-        name:
-          type: string
-          readOnly: true
-        domains:
-          type: array
-          items:
-            $ref: '#/components/schemas/Domain'
-          readOnly: true
         avatars:
           type: string
           description: Configure how authentik should show avatars for users.
@@ -41564,10 +41552,6 @@ components:
           additionalProperties: {}
           description: The option configures the footer links on the flow executor
             pages.
-      required:
-      - domains
-      - name
-      - tenant_uuid
     SettingsRequest:
       type: object
       description: Settings Serializer