nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-14 06:42:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3d40d387228c8eb076bf8013526010d9f0c9457a
test-auth/sso/cron.py

53 lines
2.3 KiB
Python
Raw Blame History

import logging
from django.contrib.auth.models import User, Group
from eve_api.models import EVEAccount
from sso.models import ServiceAccount
class RemoveInvalidUsers():
"""
Cycles through all users, check if their permissions are correct.
"""
# run every 2 hours
run_every = 7200
@property
def _logger(self):
if not hasattr(self, '__logger'):
self.__logger = logging.getLogger(__name__)
return self.__logger
def job(self):
for user in User.objects.all():
# For each user, update access list based on Corp details
user.get_profile().update_access()
# Check each service account and disable access if they're not allowed
for servacc in ServiceAccount.objects.filter(user=user):
if not (set(user.groups.all()) & set(servacc.service.groups.all())):
if servacc.active:
self._logger.info("User %s is not in allowed group for %s, deleting account" % (user.username, servacc.service))
servacc.active = 0
servacc.save()
servacc.user.message_set.create(message="Your %s account has been disabled due to lack of permissions. If this is incorrect, check your API keys." % (servacc.service))
pass
else:
if not servacc.active:
self._logger.info("User %s is now in a allowed group for %s, enabling account" % (user.username, servacc.service))
servacc.active = 1
servacc.save()
servacc.user.message_set.create(message="Your %s account has been re-enabled, you may need to reset your password to access this service again." % (servacc.service))
pass
# For users set to not active, delete all accounts
if not user.is_active:
print "User %s is inactive, disabling related service accounts" % user.username
for servacc in ServiceAccount.objects.filter(user=user):
servacc.active = 0
servacc.save()
pass
Reference in New Issue View Git Blame Copy Permalink