Add sso error sync job
This commit is contained in:
Christian Cueni
parent
014ecc31c4
commit
1d0ee7b906
|
|
@ -4,6 +4,9 @@
|
||||||
# Run every 6 hours
|
# Run every 6 hours
|
||||||
0 */6 * * * /usr/local/bin/python /app/manage.py simple_dummy_job
|
0 */6 * * * /usr/local/bin/python /app/manage.py simple_dummy_job
|
||||||
|
|
||||||
|
# Run every hour at minute 11
|
||||||
|
0 */11 * * * /usr/local/bin/python /app/manage.py handle_sso_sync_errors
|
||||||
|
|
||||||
# Run every hour at minute 17
|
# Run every hour at minute 17
|
||||||
17 * * * * /usr/local/bin/python /app/manage.py edoniq_import_results
|
17 * * * * /usr/local/bin/python /app/manage.py edoniq_import_results
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -23,15 +23,17 @@ def create_sso_user_from_admin(user: User, request):
|
||||||
try:
|
try:
|
||||||
create_and_update_user(user) # noqa
|
create_and_update_user(user) # noqa
|
||||||
user.save()
|
user.save()
|
||||||
messages.add_message(
|
if request:
|
||||||
request, messages.SUCCESS, "Der Bentuzer wurde in Keycloak erstellt."
|
messages.add_message(
|
||||||
)
|
request, messages.SUCCESS, "Der Bentuzer wurde in Keycloak erstellt."
|
||||||
|
)
|
||||||
except KeycloakPostError as e:
|
except KeycloakPostError as e:
|
||||||
messages.add_message(
|
if request:
|
||||||
request,
|
messages.add_message(
|
||||||
messages.WARNING,
|
request,
|
||||||
f"Der Benutzer {user} konnte nicht in Keycloak erstellt werden: {e}",
|
messages.WARNING,
|
||||||
)
|
f"Der Benutzer {user} konnte nicht in Keycloak erstellt werden: {e}",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def sync_sso_roles_from_admin(user: User, request):
|
def sync_sso_roles_from_admin(user: User, request):
|
||||||
|
|
@ -53,21 +55,26 @@ def sync_sso_roles_from_admin(user: User, request):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
sync_roles_for_user(user, course_roles)
|
sync_roles_for_user(user, course_roles)
|
||||||
messages.add_message(
|
if request:
|
||||||
request, messages.SUCCESS, "Die Daten wurden mit Keycloak synchronisiert."
|
messages.add_message(
|
||||||
)
|
request,
|
||||||
|
messages.SUCCESS,
|
||||||
|
"Die Daten wurden mit Keycloak synchronisiert.",
|
||||||
|
)
|
||||||
except KeycloakDeleteError as e:
|
except KeycloakDeleteError as e:
|
||||||
messages.add_message(
|
if request:
|
||||||
request,
|
messages.add_message(
|
||||||
messages.WARNING,
|
request,
|
||||||
f"Die bestehenden Rollen für Benutzer ({user}) konnten in Keycloak nicht gelöscht werden: {e}",
|
messages.WARNING,
|
||||||
)
|
f"Die bestehenden Rollen für Benutzer ({user}) konnten in Keycloak nicht gelöscht werden: {e}",
|
||||||
|
)
|
||||||
except KeycloakPostError as e:
|
except KeycloakPostError as e:
|
||||||
messages.add_message(
|
if request:
|
||||||
request,
|
messages.add_message(
|
||||||
messages.WARNING,
|
request,
|
||||||
f"Die neuen Rollen für Benutzer ({user}) konnten in Keycloak nicht erstellt werden: {e}",
|
messages.WARNING,
|
||||||
)
|
f"Die neuen Rollen für Benutzer ({user}) konnten in Keycloak nicht erstellt werden: {e}",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@admin.action(description="KEYCLOAK: Sync SSO Roles")
|
@admin.action(description="KEYCLOAK: Sync SSO Roles")
|
||||||
|
|
@ -98,7 +105,14 @@ class SsoUserAdmin(auth_admin.UserAdmin):
|
||||||
"sso_id",
|
"sso_id",
|
||||||
"intermedia_sso_id",
|
"intermedia_sso_id",
|
||||||
]
|
]
|
||||||
search_fields = ["first_name", "last_name", "email", "username", "sso_id"]
|
search_fields = [
|
||||||
|
"first_name",
|
||||||
|
"last_name",
|
||||||
|
"email",
|
||||||
|
"username",
|
||||||
|
"sso_id",
|
||||||
|
"additional_json_data__intermediate_sso_id",
|
||||||
|
]
|
||||||
actions = [sync_sso_roles, create_sso_user]
|
actions = [sync_sso_roles, create_sso_user]
|
||||||
|
|
||||||
# Make fields read-only
|
# Make fields read-only
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,35 @@
|
||||||
|
import djclick as click
|
||||||
|
import structlog
|
||||||
|
|
||||||
|
from vbv_lernwelt.sso.admin import sync_sso_roles_from_admin
|
||||||
|
from vbv_lernwelt.sso.models import SsoSyncError
|
||||||
|
|
||||||
|
logger = structlog.get_logger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
@click.command()
|
||||||
|
@click.option(
|
||||||
|
"--delete-sync-errors/--no-delete-sync-errors",
|
||||||
|
default=True,
|
||||||
|
help="`delete-sync-errors` to delete the erros after sync, `no-delete-sync-errors` to keep the SyncErrors objects. Default is `delete-sync-errors`.",
|
||||||
|
)
|
||||||
|
def command(delete_sync_errors: bool):
|
||||||
|
errors = SsoSyncError.objects.all()
|
||||||
|
processed_users = set()
|
||||||
|
errors_to_delete = []
|
||||||
|
|
||||||
|
for error in errors:
|
||||||
|
user = error.user
|
||||||
|
if user.id not in processed_users:
|
||||||
|
sync_sso_roles_from_admin(user, None)
|
||||||
|
processed_users.add(user.id)
|
||||||
|
logger.info(
|
||||||
|
"sso_sync_error",
|
||||||
|
user=user.id,
|
||||||
|
)
|
||||||
|
if delete_sync_errors:
|
||||||
|
errors_to_delete.append(error.id)
|
||||||
|
|
||||||
|
# Perform the bulk delete operation
|
||||||
|
if errors_to_delete:
|
||||||
|
SsoSyncError.objects.filter(id__in=errors_to_delete).delete()
|
||||||
Loading…
Reference in New Issue