mirror of
https://github.com/nikdoof/test-auth.git
synced 2025-12-14 06:42:16 +00:00
Permission updates now disables accounts instead of deleting them,
This commit is contained in:
18
sso/cron.py
18
sso/cron.py
@@ -23,18 +23,28 @@ class RemoveInvalidUsers():
|
||||
# For each user, update access list based on Corp details
|
||||
user.get_profile().update_access()
|
||||
|
||||
# Check each service account and delete access if they're not allowed
|
||||
# Check each service account and disable access if they're not allowed
|
||||
for servacc in ServiceAccount.objects.filter(user=user):
|
||||
if not (set(user.groups.all()) & set(servacc.service.groups.all())):
|
||||
self._logger.info("User %s is not in allowed group for %s, deleting account" % (user.username, servacc.service))
|
||||
servacc.delete()
|
||||
servacc.active = 0
|
||||
servacc.save()
|
||||
servacc.user.message_set.create(message="Your %s account has been disabled due to lack of permissions. If this is incorrect, check your API keys." % (servacc.service))
|
||||
pass
|
||||
else:
|
||||
if not servacc.active:
|
||||
self._logger.info("User % is now in a allowed group for %s, enabling account" % (user.username, servacc.service))
|
||||
servacc.active = 1
|
||||
servacc.save()
|
||||
servacc.user.message_set.create(message="Your %s account has been re-enabled, you may need to reset your password to access this service again." % (servacc.service))
|
||||
pass
|
||||
|
||||
# For users set to not active, delete all accounts
|
||||
if not user.is_active:
|
||||
print "User %s is inactive, deleting related service accounts" % user.username
|
||||
print "User %s is inactive, disabling related service accounts" % user.username
|
||||
for servacc in ServiceAccount.objects.filter(user=user):
|
||||
servacc.delete()
|
||||
servacc.active = 0
|
||||
servacc.save()
|
||||
pass
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user