def get_tenant(self, model, hostname, request):
"""Override the tenant selection logic."""
connections["default"].set_schema_to_public()
tenant_schema = create_schema_name(request.user.account)
tenant = TENANTS.get_tenant(tenant_schema)
if tenant is None:
if request.user.system:
try:
tenant = Tenant.objects.get(schema_name=tenant_schema)
except Tenant.DoesNotExist:
raise Http404()
else:
with transaction.atomic():
try:
tenant = Tenant.objects.get(schema_name=tenant_schema)
except Tenant.DoesNotExist:
cursor = transaction.get_connection().cursor()
cursor.execute("LOCK TABLE public.api_tenant in SHARE ROW EXCLUSIVE MODE")
tenant, created = Tenant.objects.get_or_create(schema_name=tenant_schema)
if created:
seed_permissions(tenant=tenant)
seed_roles(tenant=tenant)
seed_group(tenant=tenant)
TENANTS.save_tenant(tenant)
return tenant
def test_role_update_version_diff(self):
""" Test that role seeding updates attribute when version is changed. """
self.try_seed_roles()
# set the version to zero, so it would update attribute when seed_roles is called
with tenant_context(self.tenant):
roles = Role.objects.filter(platform_default=True).update(version=0, platform_default=False)
self.assertFalse(len(Role.objects.filter(platform_default=True)))
seed_roles(self.tenant, update=True)
roles = Role.objects.filter(platform_default=True)
self.assertTrue(len(roles))
def test_role_update(self):
""" Test that role seeding update will re-create the roles. """
self.try_seed_roles()
# delete all the roles and re-create roles again when seed_roles is called
with tenant_context(self.tenant):
Role.objects.all().delete()
roles = Role.objects.filter(platform_default=True)
self.assertFalse(len(roles))
seed_roles(self.tenant, update=True)
roles = Role.objects.filter(platform_default=True)
self.assertTrue(len(roles))
def get_tenant(self, model, hostname, request):
"""Override the tenant selection logic."""
connections["default"].set_schema_to_public()
if request.user.account not in TENANTS:
if request.user.system:
try:
tenant = Tenant.objects.get(schema_name=create_schema_name(request.user.account))
except Tenant.DoesNotExist:
raise Http404()
else:
tenant, created = Tenant.objects.get_or_create(schema_name=create_schema_name(request.user.account))
if created:
seed_roles(tenant=tenant, update=False)
seed_group(tenant=tenant)
TENANTS[request.user.account] = tenant
return TENANTS[request.user.account]
def test_role_update(self):
""" Test that role seeding update will re-create the roles. """
self.try_seed_roles()
# delete all the roles and re-create roles again when seed_roles is called
with tenant_context(self.tenant):
Role.objects.all().delete()
roles = Role.objects.filter(platform_default=True)
self.assertFalse(len(roles))
seed_roles(self.tenant)
roles = Role.objects.filter(platform_default=True)
self.assertTrue(len(roles))
for access in Access.objects.all():
self.assertEqual(access.tenant, self.tenant)
for rd in ResourceDefinition.objects.filter(access=access):
self.assertEqual(rd.tenant, self.tenant)
def _create_tenant(account):
"""Create a tenant.
Args:
account (str): The account identifier
Returns:
(Tenant) The created tenant
"""
schema_name = create_schema_name(account)
try:
with transaction.atomic():
tenant = Tenant(schema_name=schema_name)
tenant.save()
logger.info('Created new tenant from account_id %s.', account)
seed_roles(tenant=tenant, update=False)
except IntegrityError:
tenant = Tenant.objects.filter(schema_name=schema_name).get()
return tenant
def setUp(self):
"""Set up the group definer tests."""
super().setUp()
seed_roles(self.tenant, update=True)
seed_group(self.tenant)
def try_seed_roles(self):
""" Try to seed roles """
try:
seed_roles(self.tenant)
except Exception:
self.fail(msg="seed_roles encountered an exception")
def try_seed_roles(self):
""" Try to seed roles """
try:
seed_roles(self.tenant, update=False)
except Exception:
self.fail(msg='seed_roles encountered an exception')
def test_role_update(self):
"""Test that we can run a role seeding update."""
try:
seed_roles(self.tenant, update=True)
except Exception:
self.fail(msg='seed_roles encountere an exception')
