diff --git a/authentik/brands/api.py b/authentik/brands/api.py index 80e6f3d20..d17a5e604 100644 --- a/authentik/brands/api.py +++ b/authentik/brands/api.py @@ -17,7 +17,6 @@ from authentik.api.authorization import SecretKeyFilter from authentik.brands.models import Brand from authentik.core.api.used_by import UsedByMixin from authentik.core.api.utils import PassiveSerializer -from authentik.lib.config import CONFIG from authentik.tenants.utils import get_current_tenant diff --git a/authentik/brands/migrations_tmp/0001_initial.py b/authentik/brands/migrations_tmp/0001_initial.py deleted file mode 100644 index 6f396a6d0..000000000 --- a/authentik/brands/migrations_tmp/0001_initial.py +++ /dev/null @@ -1,119 +0,0 @@ -# Generated by Django 4.2.7 on 2023-11-06 19:48 - -import uuid - -import django.db.models.deletion -from django.db import migrations, models - -import authentik.lib.utils.time - - -class Migration(migrations.Migration): - initial = True - - operations = [ - migrations.CreateModel( - name="Brand", - fields=[ - ( - "brand_uuid", - models.UUIDField( - default=uuid.uuid4, editable=False, primary_key=True, serialize=False - ), - ), - ( - "domain", - models.TextField( - help_text="Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`" - ), - ), - ("default", models.BooleanField(default=False)), - ("branding_title", models.TextField(default="authentik")), - ( - "branding_logo", - models.TextField(default="/static/dist/assets/icons/icon_left_brand.svg"), - ), - ( - "branding_favicon", - models.TextField(default="/static/dist/assets/icons/icon.png"), - ), - ( - "event_retention", - models.TextField( - default="days=365", - help_text="Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).", - validators=[authentik.lib.utils.time.timedelta_string_validator], - ), - ), - ("attributes", models.JSONField(blank=True, default=dict)), - ( - "flow_authentication", - models.ForeignKey( - null=True, - on_delete=django.db.models.deletion.SET_NULL, - related_name="brand_authentication", - to="authentik_flows.flow", - ), - ), - ( - "flow_device_code", - models.ForeignKey( - null=True, - on_delete=django.db.models.deletion.SET_NULL, - related_name="brand_device_code", - to="authentik_flows.flow", - ), - ), - ( - "flow_invalidation", - models.ForeignKey( - null=True, - on_delete=django.db.models.deletion.SET_NULL, - related_name="brand_invalidation", - to="authentik_flows.flow", - ), - ), - ( - "flow_recovery", - models.ForeignKey( - null=True, - on_delete=django.db.models.deletion.SET_NULL, - related_name="brand_recovery", - to="authentik_flows.flow", - ), - ), - ( - "flow_unenrollment", - models.ForeignKey( - null=True, - on_delete=django.db.models.deletion.SET_NULL, - related_name="brand_unenrollment", - to="authentik_flows.flow", - ), - ), - ( - "flow_user_settings", - models.ForeignKey( - null=True, - on_delete=django.db.models.deletion.SET_NULL, - related_name="brand_user_settings", - to="authentik_flows.flow", - ), - ), - ( - "web_certificate", - models.ForeignKey( - default=None, - help_text="Web Certificate used by the authentik Core webserver.", - null=True, - on_delete=django.db.models.deletion.SET_DEFAULT, - to="authentik_crypto.certificatekeypair", - ), - ), - ], - options={ - "verbose_name": "Brand", - "verbose_name_plural": "Brands", - }, - ), - ] diff --git a/authentik/brands/migrations_tmp/0002_dependency.py b/authentik/brands/migrations_tmp/0002_dependency.py deleted file mode 100644 index 90efce8d9..000000000 --- a/authentik/brands/migrations_tmp/0002_dependency.py +++ /dev/null @@ -1,14 +0,0 @@ -from django.db import migrations - - -class Migration(migrations.Migration): - """ - Noop migration to make sure that data has been migrated from the old tenant system to this before changing this table any further. - """ - - dependencies = [ - ("authentik_brands", "0001_initial"), - ("authentik_tenants", "0005_tenant_to_brand"), - ] - - operations = [] diff --git a/authentik/brands/migrations_tmp/__init__.py b/authentik/brands/migrations_tmp/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/authentik/brands/tests.py b/authentik/brands/tests.py index 3c5ee8e77..b7d7d62ee 100644 --- a/authentik/brands/tests.py +++ b/authentik/brands/tests.py @@ -7,7 +7,6 @@ from authentik.brands.api import Themes from authentik.brands.models import Brand from authentik.core.tests.utils import create_test_admin_user, create_test_brand from authentik.events.models import Event, EventAction -from authentik.lib.config import CONFIG from authentik.lib.utils.time import timedelta_from_string diff --git a/authentik/brands/utils.py b/authentik/brands/utils.py index 6dfb23496..ab1778148 100644 --- a/authentik/brands/utils.py +++ b/authentik/brands/utils.py @@ -8,7 +8,6 @@ from sentry_sdk.hub import Hub from authentik import get_full_version from authentik.brands.models import Brand -from authentik.lib.config import CONFIG from authentik.tenants.utils import get_current_tenant _q_default = Q(default=True) diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index 5f0392742..f8cb5d18f 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -78,7 +78,6 @@ from authentik.flows.exceptions import FlowNonApplicableException from authentik.flows.models import FlowToken from authentik.flows.planner import PLAN_CONTEXT_PENDING_USER, FlowPlanner from authentik.flows.views.executor import QS_KEY_TOKEN -from authentik.lib.config import CONFIG from authentik.stages.email.models import EmailStage from authentik.stages.email.tasks import send_mails from authentik.stages.email.utils import TemplateEmailMessage diff --git a/authentik/events/signals.py b/authentik/events/signals.py index 3e6f832db..4d66d7b52 100644 --- a/authentik/events/signals.py +++ b/authentik/events/signals.py @@ -13,7 +13,6 @@ from authentik.events.tasks import event_notification_handler, gdpr_cleanup from authentik.flows.models import Stage from authentik.flows.planner import PLAN_CONTEXT_SOURCE, FlowPlan from authentik.flows.views.executor import SESSION_KEY_PLAN -from authentik.lib.config import CONFIG from authentik.stages.invitation.models import Invitation from authentik.stages.invitation.signals import invitation_used from authentik.stages.password.stage import PLAN_CONTEXT_METHOD, PLAN_CONTEXT_METHOD_ARGS diff --git a/authentik/lib/avatars.py b/authentik/lib/avatars.py index 5fa63b985..61127e3b0 100644 --- a/authentik/lib/avatars.py +++ b/authentik/lib/avatars.py @@ -11,7 +11,7 @@ from lxml import etree # nosec from lxml.etree import Element, SubElement # nosec from requests.exceptions import RequestException -from authentik.lib.config import CONFIG, get_path_from_dict +from authentik.lib.config import get_path_from_dict from authentik.lib.utils.http import get_http_session from authentik.tenants.utils import get_current_tenant diff --git a/authentik/tenants/clone.py b/authentik/tenants/clone.py index b15a5bf01..c0d70edfe 100644 --- a/authentik/tenants/clone.py +++ b/authentik/tenants/clone.py @@ -1,7 +1,6 @@ from django.conf import settings from django.core.exceptions import ValidationError from django.db import connection, transaction -from django.db.utils import ProgrammingError from django_tenants.utils import schema_exists CLONE_SCHEMA_FUNCTION = r""" @@ -1225,7 +1224,7 @@ BEGIN --Fix#65 add another left join to distinguish child tables by inheritance -- Fix#86 add is_generated to column select -- Fix#91 add tblowner to the select - -- Fix#105 need a different kinda distint to avoid retrieving a table twice in the case of a table with multiple USER-DEFINED datatypes using DISTINCT ON instead of just DISTINCT + -- Fix#105 need a different kinda distinct to avoid retrieving a table twice in the case of a table with multiple USER-DEFINED datatypes using DISTINCT ON instead of just DISTINCT --SELECT DISTINCT c.relname, c.relpersistence, c.relispartition, c.relkind, co.data_type, co.udt_name, co.udt_schema, obj_description(c.oid), i.inhrelid, -- COALESCE(co.is_generated, ''), pg_catalog.pg_get_userbyid(c.relowner) as "Owner", CASE WHEN reltablespace = 0 THEN 'pg_default' ELSE ts.spcname END as tablespace -- fixed #108 by enclosing owner in double quotes to avoid errors for bad characters like #.@... @@ -1519,7 +1518,7 @@ BEGIN IF data_type = 'USER-DEFINED' OR isGenerated = 'ALWAYS' THEN -- RAISE WARNING 'Bypassing copying rows for table (%) with user-defined data types. You must copy them manually.', tblname; - -- wont work --> INSERT INTO clone1.address (id2, id3, addr) SELECT cast(id2 as clone1.udt_myint), cast(id3 as clone1.udt_myint), addr FROM sample.address; + -- won't work --> INSERT INTO clone1.address (id2, id3, addr) SELECT cast(id2 as clone1.udt_myint), cast(id3 as clone1.udt_myint), addr FROM sample.address; -- Issue#101 --> INSERT INTO clone1.address2 (id2, id3, addr) SELECT id2::text::clone1.udt_myint, id3::text::clone1.udt_myint, addr FROM sample.address; -- Issue#79 implementation follows @@ -1554,7 +1553,7 @@ BEGIN IF NOT bRelispart AND NOT bChild THEN -- Issue#75: Must defer population of tables until child tables have been added to parents -- Issue#101 Offer alternative of copy to/from file. Although originally intended for tables with UDTs, it is now expanded to handle all cases for performance improvement perhaps for large tables. - -- Issue#106 buffer3 shouldnt be in the mix + -- Issue#106 buffer3 shouldn't be in the mix -- revisited: buffer3 should be in play for PG versions that handle IDENTITIES buffer2 := 'INSERT INTO ' || buffer || buffer3 || ' SELECT * FROM ' || quote_ident(source_schema) || '.' || quote_ident(tblname) || ';'; -- buffer2 := 'INSERT INTO ' || buffer || ' SELECT * FROM ' || quote_ident(source_schema) || '.' || quote_ident(tblname) || ';'; @@ -1602,7 +1601,7 @@ BEGIN --Fix#65 add another left join to distinguish child tables by inheritance -- Fix#86 add is_generated to column select -- Fix#91 add tblowner to the select - -- Fix#105 need a different kinda distint to avoid retrieving a table twice in the case of a table with multiple USER-DEFINED datatypes using DISTINCT ON instead of just DISTINCT + -- Fix#105 need a different kinda distinct to avoid retrieving a table twice in the case of a table with multiple USER-DEFINED datatypes using DISTINCT ON instead of just DISTINCT -- Fixed Issue#108: double quote roles to avoid problems with special characters in OWNER TO statements --SELECT DISTINCT c.relname, c.relpersistence, c.relispartition, c.relkind, co.data_type, co.udt_name, co.udt_schema, obj_description(c.oid), i.inhrelid, -- COALESCE(co.is_generated, ''), pg_catalog.pg_get_userbyid(c.relowner) as "Owner", CASE WHEN reltablespace = 0 THEN 'pg_default' ELSE ts.spcname END as tablespace @@ -1884,7 +1883,7 @@ BEGIN IF data_type = 'USER-DEFINED' OR isGenerated = 'ALWAYS' THEN -- RAISE WARNING 'Bypassing copying rows for table (%) with user-defined data types. You must copy them manually.', tblname; - -- wont work --> INSERT INTO clone1.address (id2, id3, addr) SELECT cast(id2 as clone1.udt_myint), cast(id3 as clone1.udt_myint), addr FROM sample.address; + -- won't work --> INSERT INTO clone1.address (id2, id3, addr) SELECT cast(id2 as clone1.udt_myint), cast(id3 as clone1.udt_myint), addr FROM sample.address; -- Issue#101 --> INSERT INTO clone1.address2 (id2, id3, addr) SELECT id2::text::clone1.udt_myint, id3::text::clone1.udt_myint, addr FROM sample.address; -- Issue#79 implementation follows @@ -2655,7 +2654,7 @@ BEGIN AND n.nspname = quote_ident(source_schema) COLLATE pg_catalog.default AND pg_catalog.obj_description(t.oid, 'pg_type') IS NOT NULL and t.typtype = 'c' UNION - -- FIX Isse#87 by adding double quotes around collation name + -- FIX Issue#87 by adding double quotes around collation name SELECT 'COMMENT ON COLLATION ' || dest_schema || '."' || c.collname || '" IS ''' || pg_catalog.obj_description(c.oid, 'pg_collation') || ''';' as ddl FROM pg_catalog.pg_collation c, pg_catalog.pg_namespace n WHERE n.oid = c.collnamespace AND c.collencoding IN (-1, pg_catalog.pg_char_to_encoding(pg_catalog.getdatabaseencoding())) @@ -3193,7 +3192,7 @@ BEGIN || quote_ident(dest_schema) || '.') || ';' FROM pg_constraint ct JOIN pg_class rn ON rn.oid = ct.conrelid - -- Issue#103 needed to addd this left join + -- Issue#103 needed to add this left join LEFT JOIN pg_inherits i ON (rn.oid = i.inhrelid) WHERE connamespace = src_oid AND rn.relkind = 'r' @@ -3263,7 +3262,7 @@ $BODY$ ALTER FUNCTION public.clone_schema(text, text, cloneparms[]) OWNER TO "{db_user}"; -- REVOKE ALL PRIVILEGES ON FUNCTION clone_schema(text, text, cloneparms[]) FROM public; -""" +""" # noqa class CloneSchema: diff --git a/authentik/tenants/models.py b/authentik/tenants/models.py index 06badaba0..c02fd00b0 100644 --- a/authentik/tenants/models.py +++ b/authentik/tenants/models.py @@ -2,18 +2,11 @@ from uuid import uuid4 from django.apps import apps -from django.conf import settings from django.core.management import call_command from django.db import connections, models -from django.db.models.base import ValidationError from django.dispatch import receiver from django.utils.translation import gettext_lazy as _ -from django_tenants.models import ( - DomainMixin, - TenantMixin, - post_schema_sync, - schema_needs_to_be_sync, -) +from django_tenants.models import DomainMixin, TenantMixin, post_schema_sync from django_tenants.postgresql_backend.base import _check_schema_name from django_tenants.utils import ( get_creation_fakes_migrations, @@ -56,7 +49,8 @@ class Tenant(TenantMixin, SerializerModel): ) gdpr_compliance = models.BooleanField( help_text=_( - "When enabled, all the events caused by a user will be deleted upon the user's deletion." + "When enabled, all the events caused by a user " + "will be deleted upon the user's deletion." ), default=True, )