def get_tenant(self, model, hostname, request): """Override the tenant selection logic.""" connections["default"].set_schema_to_public() tenant_schema = create_schema_name(request.user.account) tenant = TENANTS.get_tenant(tenant_schema) if tenant is None: if request.user.system: try: tenant = Tenant.objects.get(schema_name=tenant_schema) except Tenant.DoesNotExist: raise Http404() else: with transaction.atomic(): try: tenant = Tenant.objects.get(schema_name=tenant_schema) except Tenant.DoesNotExist: cursor = transaction.get_connection().cursor() cursor.execute("LOCK TABLE public.api_tenant in SHARE ROW EXCLUSIVE MODE") tenant, created = Tenant.objects.get_or_create(schema_name=tenant_schema) if created: seed_permissions(tenant=tenant) seed_roles(tenant=tenant) seed_group(tenant=tenant) TENANTS.save_tenant(tenant) return tenant
def test_default_group_seeding_skips(self): """Test that default groups with system flag false will be skipped during seeding""" self.modify_default_group(system=False) try: seed_group(self.tenant) except Exception: self.fail(msg='update seed_group encountered an exception') with tenant_context(self.tenant): group = Group.objects.get(platform_default=True) self.assertEqual(group.system, False) group.roles().get(name="RBAC Administrator")
def test_default_group_seeding_reassign_roles(self): """Test that previous assigned roles would be eliminated before assigning new roles.""" self.modify_default_group() try: seed_group(self.tenant) except Exception: self.fail(msg='update seed_group encountered an exception') with tenant_context(self.tenant): group = Group.objects.get(platform_default=True) self.assertEqual(group.system, True) self.assertRaises(Role.DoesNotExist, group.roles().get, name="RBAC Administrator") for role in group.roles(): self.assertTrue(role.platform_default)
def test_default_group_seeding_skips(self): """Test that default groups with system flag false will be skipped during seeding""" self.modify_default_group(system=False) try: seed_group(self.tenant) except Exception: self.fail(msg="update seed_group encountered an exception") with tenant_context(self.tenant): group = Group.objects.get(platform_default=True) self.assertEqual(group.system, False) self.assertEqual(group.tenant, self.tenant) group.roles().get(name="Ansible Automation Access Local Test")
def get_tenant(self, model, hostname, request): """Override the tenant selection logic.""" connections["default"].set_schema_to_public() if request.user.account not in TENANTS: if request.user.system: try: tenant = Tenant.objects.get(schema_name=create_schema_name(request.user.account)) except Tenant.DoesNotExist: raise Http404() else: tenant, created = Tenant.objects.get_or_create(schema_name=create_schema_name(request.user.account)) if created: seed_roles(tenant=tenant, update=False) seed_group(tenant=tenant) TENANTS[request.user.account] = tenant return TENANTS[request.user.account]
def _create_tenant(account): """Create a tenant. Args: account (str): The account identifier Returns: (Tenant) The created tenant """ schema_name = create_schema_name(account) try: with transaction.atomic(): tenant = Tenant(schema_name=schema_name) tenant.save() logger.info('Created new tenant from account_id %s.', account) seed_roles(tenant=tenant, update=False) seed_group(tenant=tenant) except IntegrityError: tenant = Tenant.objects.filter(schema_name=schema_name).get() return tenant
def setUp(self): """Set up the group definer tests.""" super().setUp() seed_roles(self.tenant, update=True) seed_group(self.tenant)