Moved service enable/disable functions to the update_access() function on the user profile

This will remove the need for the cronjob, but not totally, best still to run the cronjob to catch situations where the permission changes can be missed.

cronjobs.txt

@@ -1,5 +1,5 @@
 ROOT=$HOME/auth/auth/
 
-*/5	*	*	*	*	$ROOT/run-cron.py reddit.cron UpdateAPIs
+@daily					$ROOT/run-cron.py reddit.cron UpdateAPIs
 @daily 					$ROOT/run-cron.py eve_api.cron UpdateAPIs
-@hourly 				$ROOT/run-cron.py sso.cron RemoveInvalidUsers
+*/10	*	*	*	*	$ROOT/run-cron.py sso.cron RemoveInvalidUsers

run-cron.py

@@ -2,12 +2,13 @@
 """Executes a Django cronjob"""
 
 import sys
+import logging
 from django.core.management import setup_environ
 import settings
 
 setup_environ(settings)
 
-logging.basicConfig(level=logging.INFO)
+logging.basicConfig(level=logging.DEBUG)
 log = logging.getLogger('runcron')
 
 try:
@@ -19,11 +20,11 @@ for i in sys.argv[1].split(".")[1:]:
     mod = getattr(mod, i)
 cron_class = getattr(mod, sys.argv[2])()
 
-log.info("Starting Job %s in %s" % (sys.argv[2], sys.argv[1])
+log.info("Starting Job %s in %s" % (sys.argv[2], sys.argv[1]))
 
-try:
-    cron_class.job()
-except:
-    log.error("Error executing job, aborting.")
+#try:
+cron_class.job()
+#except:
+#    log.error("Error executing job, aborting.")
 
 log.info("Job complete")

sso/cron.py

@@ -23,30 +23,4 @@ class RemoveInvalidUsers():
                 # For each user, update access list based on Corp details
                 user.get_profile().update_access()
 
-                # Check each service account and disable access if they're not allowed
-                for servacc in ServiceAccount.objects.filter(user=user):
-                    if not (set(user.groups.all()) & set(servacc.service.groups.all())):
-                        if servacc.active:
-                            self._logger.info("User %s is not in allowed group for %s, deleting account" % (user.username, servacc.service))
-                            servacc.active = 0
-                            servacc.save()
-                            servacc.user.message_set.create(message="Your %s account has been disabled due to lack of permissions. If this is incorrect, check your API keys." % (servacc.service))
-                        pass
-                    else:
-                        if not servacc.active:
-                            self._logger.info("User %s is now in a allowed group for %s, enabling account" % (user.username, servacc.service))
-                            servacc.active = 1
-                            servacc.save()
-                            servacc.user.message_set.create(message="Your %s account has been re-enabled, you may need to reset your password to access this service again." % (servacc.service))
-                            pass
-
-                # For users set to not active, delete all accounts
-                if not user.is_active:
-                    print "User %s is inactive, disabling related service accounts" % user.username
-                    for servacc in ServiceAccount.objects.filter(user=user):
-                        servacc.active = 0
-                        servacc.save()
-                        pass
-
-
 

sso/models.py

@@ -1,5 +1,6 @@
 import re
 import unicodedata
+import logging
 
 from django.db import models
 from django.db.models import signals
@@ -36,10 +37,17 @@ class SSOUser(models.Model):
     icq = models.CharField("ICQ", max_length=15, blank=True)
     xmpp = models.CharField("XMPP", max_length=200, blank=True)
 
+    @property
+    def _log(self):
+        if not hasattr(self, '__log'):
+            self.__log = logging.getLogger(self.__class__.__name__)
+        return self.__log
+
     def update_access(self):
         """ Steps through each Eve API registered to the user and updates their group 
             access accordingly """
 
+        self._log.debug("Update - User %s" % self.user)
         # Create a list of all Corp groups
         corpgroups = []
         for corp in EVEPlayerCorporation.objects.all():
@@ -64,7 +72,30 @@ class SSOUser(models.Model):
         for g in addgroups:
             self.user.groups.add(g)
 
-        print "%s, Add: %s, Del: %s, Current: %s" % (self.user, addgroups, delgroups, self.user.groups.all())
+        # For users set to not active, delete all accounts
+        if not self.user.is_active:
+            self._log.debug("Inactive - User %s" % (self.user))
+            for servacc in ServiceAccount.objects.filter(user=self.user):
+                servacc.active = 0
+                servacc.save()
+                pass
+
+        # For each of the user's services, check they're in a valid group for it and enable/disable as needed.
+        for servacc in ServiceAccount.objects.filter(user=self.user):
+            if not (set(self.user.groups.all()) & set(servacc.service.groups.all())):
+                if servacc.active:
+                    servacc.active = 0
+                    servacc.save()
+                    self._log.debug("Disabled - User %s, Acc %s" % (self.user, servacc.service))
+                    servacc.user.message_set.create(message="Your %s account has been disabled due to lack of permissions. If this is incorrect, check your API keys to see if they are valid" % (servacc.service))
+                    pass
+            else:
+                if not servacc.active:
+                    servacc.active = 1
+                    servacc.save()
+                    self._log.debug("Enabled - User %s, Acc %s" % (self.user, servacc.service))
+                    servacc.user.message_set.create(message="Your %s account has been re-enabled, you may need to reset your password to access this service again" % (servacc.service))
+                    pass
 
     def __str__(self):
         return self.user.__str__()