sources: sync: use send_on_save
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
This commit is contained in:
Marc 'risson' Schmitt
@ -148,12 +148,14 @@ class KerberosSource(ScheduledModel, Source):
|
|||||||
uid=self.pk,
|
uid=self.pk,
|
||||||
args=(self.pk,),
|
args=(self.pk,),
|
||||||
crontab=f"{fqdn_rand('kerberos_sync/' + str(self.pk))} */2 * * *",
|
crontab=f"{fqdn_rand('kerberos_sync/' + str(self.pk))} */2 * * *",
|
||||||
|
send_on_save=True,
|
||||||
),
|
),
|
||||||
ScheduleSpec(
|
ScheduleSpec(
|
||||||
actor=kerberos_connectivity_check,
|
actor=kerberos_connectivity_check,
|
||||||
uid=self.pk,
|
uid=self.pk,
|
||||||
args=(self.pk,),
|
args=(self.pk,),
|
||||||
crontab=f"{fqdn_rand('kerberos_connectivity_check/' + str(self.pk))} * * * *",
|
crontab=f"{fqdn_rand('kerberos_connectivity_check/' + str(self.pk))} * * * *",
|
||||||
|
send_on_save=True,
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|||||||
@ -10,23 +10,13 @@ from authentik.core.models import User
|
|||||||
from authentik.core.signals import password_changed
|
from authentik.core.signals import password_changed
|
||||||
from authentik.events.models import Event, EventAction
|
from authentik.events.models import Event, EventAction
|
||||||
from authentik.sources.kerberos.models import (
|
from authentik.sources.kerberos.models import (
|
||||||
KerberosSource,
|
|
||||||
Krb5ConfContext,
|
Krb5ConfContext,
|
||||||
UserKerberosSourceConnection,
|
UserKerberosSourceConnection,
|
||||||
)
|
)
|
||||||
from authentik.sources.kerberos.tasks import kerberos_connectivity_check
|
|
||||||
|
|
||||||
LOGGER = get_logger()
|
LOGGER = get_logger()
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=KerberosSource)
|
|
||||||
def sync_kerberos_source_on_save(sender, instance: KerberosSource, **_):
|
|
||||||
"""Ensure that source is synced on save (if enabled)"""
|
|
||||||
if not instance.enabled or not instance.sync_users:
|
|
||||||
return
|
|
||||||
kerberos_connectivity_check.send(instance.pk)
|
|
||||||
|
|
||||||
|
|
||||||
@receiver(password_changed)
|
@receiver(password_changed)
|
||||||
def kerberos_sync_password(sender, user: User, password: str, **_):
|
def kerberos_sync_password(sender, user: User, password: str, **_):
|
||||||
"""Connect to kerberos and update password."""
|
"""Connect to kerberos and update password."""
|
||||||
|
|||||||
@ -172,12 +172,14 @@ class LDAPSource(ScheduledModel, Source):
|
|||||||
uid=self.pk,
|
uid=self.pk,
|
||||||
args=(self.pk,),
|
args=(self.pk,),
|
||||||
crontab=f"{fqdn_rand('ldap_sync/' + str(self.pk))} */2 * * *",
|
crontab=f"{fqdn_rand('ldap_sync/' + str(self.pk))} */2 * * *",
|
||||||
|
send_on_save=True,
|
||||||
),
|
),
|
||||||
ScheduleSpec(
|
ScheduleSpec(
|
||||||
actor=ldap_connectivity_check,
|
actor=ldap_connectivity_check,
|
||||||
uid=self.pk,
|
uid=self.pk,
|
||||||
args=(self.pk,),
|
args=(self.pk,),
|
||||||
crontab=f"{fqdn_rand('ldap_connectivity_check/' + str(self.pk))} * * * *",
|
crontab=f"{fqdn_rand('ldap_connectivity_check/' + str(self.pk))} * * * *",
|
||||||
|
send_on_save=True,
|
||||||
),
|
),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|||||||
@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
from typing import Any
|
from typing import Any
|
||||||
|
|
||||||
from django.db.models.signals import post_save
|
|
||||||
from django.dispatch import receiver
|
from django.dispatch import receiver
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from ldap3.core.exceptions import LDAPOperationResult
|
from ldap3.core.exceptions import LDAPOperationResult
|
||||||
@ -20,16 +19,6 @@ from authentik.stages.prompt.signals import password_validate
|
|||||||
LOGGER = get_logger()
|
LOGGER = get_logger()
|
||||||
|
|
||||||
|
|
||||||
@receiver(post_save, sender=LDAPSource)
|
|
||||||
def sync_ldap_source_on_save(sender, instance: LDAPSource, created: bool, **_):
|
|
||||||
"""Ensure that source is synced on save (if enabled)"""
|
|
||||||
# On creation, schedules are automatically run
|
|
||||||
if created or not instance.enabled:
|
|
||||||
return
|
|
||||||
for schedule in instance.schedules.all():
|
|
||||||
schedule.send()
|
|
||||||
|
|
||||||
|
|
||||||
@receiver(password_validate)
|
@receiver(password_validate)
|
||||||
def ldap_password_validate(sender, password: str, plan_context: dict[str, Any], **__):
|
def ldap_password_validate(sender, password: str, plan_context: dict[str, Any], **__):
|
||||||
"""if there's an LDAP Source with enabled password sync, check the password"""
|
"""if there's an LDAP Source with enabled password sync, check the password"""
|
||||||
|
|||||||
@ -54,7 +54,7 @@ def ldap_connectivity_check(pk: str | None = None):
|
|||||||
)
|
)
|
||||||
def ldap_sync(source_pk: str):
|
def ldap_sync(source_pk: str):
|
||||||
"""Sync a single source"""
|
"""Sync a single source"""
|
||||||
source: LDAPSource = LDAPSource.objects.filter(pk=source_pk).first()
|
source: LDAPSource = LDAPSource.objects.filter(pk=source_pk, enabled=True).first()
|
||||||
if not source:
|
if not source:
|
||||||
return
|
return
|
||||||
with source.sync_lock as lock_acquired:
|
with source.sync_lock as lock_acquired:
|
||||||
|
|||||||
@ -5,7 +5,7 @@ from authentik.tasks.schedules.models import ScheduledModel
|
|||||||
|
|
||||||
|
|
||||||
@receiver(post_save)
|
@receiver(post_save)
|
||||||
def post_save_schedule_mixin(sender, instance: ScheduledModel, **_):
|
def post_save_scheduled_model(sender, instance, **_):
|
||||||
if not isinstance(instance, ScheduledModel):
|
if not isinstance(instance, ScheduledModel):
|
||||||
return
|
return
|
||||||
for spec in instance.schedule_specs:
|
for spec in instance.schedule_specs:
|
||||||
|
|||||||
Reference in New Issue
Block a user