diff --git a/Makefile b/Makefile index af230833c..4a81c563c 100644 --- a/Makefile +++ b/Makefile @@ -32,7 +32,7 @@ freeze: venv $(PIP) freeze > requirements.txt tests: - $(COMPOSE) exec -i $(SERVICE) python manage.py test --keepdb + $(COMPOSE) exec -i $(SERVICE) python manage.py test --keepdb $(TEST) linters: ruff format; \ diff --git a/poms/bootstrap/apps.py b/poms/bootstrap/apps.py index 091eb0b7b..ef9a0e4b0 100644 --- a/poms/bootstrap/apps.py +++ b/poms/bootstrap/apps.py @@ -221,6 +221,7 @@ def sync_space_data(): # noqa: PLR0915 # TODO improve logic for Community Edition owner_username = settings.ADMIN_USERNAME + owner_password = settings.ADMIN_PASSWORD owner_email = os.environ.get("ADMIN_EMAIL", "admin@finmars.com") master_user_name = "Local" backend_status = None @@ -285,13 +286,18 @@ def sync_space_data(): # noqa: PLR0915 # Non-Authorizer related bootstrap logic goes below try: - user, created = User.objects.using(settings.DB_DEFAULT).get_or_create( - username=owner_username, - defaults=dict( + user = User.objects.using(settings.DB_DEFAULT).filter(username=owner_username).first() + if user is None: + user = User.objects.db_manager(settings.DB_DEFAULT).create_user( + username=owner_username, email=owner_email, - password=generate_random_string(10), - ), - ) + password=owner_password if owner_password else generate_random_string(10), + is_staff=True, + is_superuser=True, + ) + created = True + else: + created = False _l.info(f"{log} owner {owner_username} {'created' if created else 'exists'}") user_profile, created = UserProfile.objects.using(settings.DB_DEFAULT).get_or_create(user_id=user.pk) diff --git a/poms/users/serializers.py b/poms/users/serializers.py index f10076522..f7df7fbd0 100644 --- a/poms/users/serializers.py +++ b/poms/users/serializers.py @@ -650,7 +650,7 @@ def create(self, validated_data): _l.info(f"member create {validated_data}") username = validated_data.get("username") - status = Member.STATUS_INVITED + status = self.context.get("member_status", Member.STATUS_INVITED) validated_data["status"] = status member = super().create(validated_data) diff --git a/poms/users/views.py b/poms/users/views.py index 83c3d1df9..26e6e72ba 100644 --- a/poms/users/views.py +++ b/poms/users/views.py @@ -873,10 +873,13 @@ def get_object(self): return super().get_object() def create(self, request, *args, **kwargs): + member_status = Member.STATUS_INVITED if settings.EDITION_TYPE == "community": - raise PermissionDenied("Community edition does not support this feature") + member_status = Member.STATUS_ACTIVE - serializer = self.get_serializer(data=request.data) + serializer = self.get_serializer( + data=request.data, context={**self.get_serializer_context(), "member_status": member_status} + ) serializer.is_valid(raise_exception=True) with transaction.atomic(): @@ -885,12 +888,13 @@ def create(self, request, *args, **kwargs): member = serializer.instance try: - AuthorizerService().invite_member( - member=member, - from_user=request.user, - realm_code=request.realm_code, - space_code=request.space_code, - ) + if settings.EDITION_TYPE == "entreprise": + AuthorizerService().invite_member( + member=member, + from_user=request.user, + realm_code=request.realm_code, + space_code=request.space_code, + ) headers = self.get_success_headers(serializer.data) return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers) except Exception as err: @@ -916,9 +920,6 @@ def _handle_authorizer_error(request, member, err): ) def update(self, request, *args, **kwargs): - if settings.EDITION_TYPE == "community": - raise PermissionDenied("Community edition does not support this feature") - serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) @@ -945,14 +946,15 @@ def update(self, request, *args, **kwargs): raise ValidationError("Could not remove admin rights from owner") if member.is_admin != form_data_is_admin or member.is_owner != form_data_is_owner: - authorizer = AuthorizerService() - authorizer.update_member( - member, - request.realm_code, - request.space_code, - is_admin=form_data_is_admin, - is_owner=form_data_is_owner, - ) + if settings.EDITION_TYPE == "entreprise": + authorizer = AuthorizerService() + authorizer.update_member( + member, + request.realm_code, + request.space_code, + is_admin=form_data_is_admin, + is_owner=form_data_is_owner, + ) if not member.is_owner and form_data_is_owner is True: master_user = MasterUser.objects.get(space_code=kwargs["space_code"]) @@ -977,9 +979,6 @@ def validate_member_settings(request): raise ValidationError("Could not remove owner rights from yourself") def destroy(self, request, *args, **kwargs): - if settings.EDITION_TYPE == "community": - raise PermissionDenied("Community edition does not support this feature") - if self.get_object().username == "finmars_bot": raise PermissionDenied() @@ -991,15 +990,12 @@ def destroy(self, request, *args, **kwargs): return Response(status=status.HTTP_204_NO_CONTENT) def perform_destroy(self, instance, request): - if settings.EDITION_TYPE == "community": - raise PermissionDenied("Community edition does not support this feature") - if instance.is_owner: raise PermissionDenied() - authorizer = AuthorizerService() - - authorizer.kick_member(instance, request.realm_code, request.space_code) + if settings.EDITION_TYPE == "entreprise": + authorizer = AuthorizerService() + authorizer.kick_member(instance, request.realm_code, request.space_code) instance.status = Member.STATUS_DELETED instance.save() @@ -1008,9 +1004,6 @@ def perform_destroy(self, instance, request): @action(detail=True, methods=["put"], url_path="send-invite") def send_invite(self, request, pk=None, realm_code=None, space_code=None): - if settings.EDITION_TYPE == "community": - raise PermissionDenied("Community edition does not support this feature") - member = self.get_object() if not member.is_deleted and member.status != Member.STATUS_INVITE_DECLINED: @@ -1019,14 +1012,15 @@ def send_invite(self, request, pk=None, realm_code=None, space_code=None): member.status = Member.STATUS_INVITED member.save() - authorizer = AuthorizerService() + if settings.EDITION_TYPE == "entreprise": + authorizer = AuthorizerService() - authorizer.invite_member( - member=member, - from_user=request.user, - realm_code=request.realm_code, - space_code=request.space_code, - ) + authorizer.invite_member( + member=member, + from_user=request.user, + realm_code=request.realm_code, + space_code=request.space_code, + ) return Response({"status": "ok"}) diff --git a/poms_app/settings.py b/poms_app/settings.py index e395e98ff..20c12373a 100644 --- a/poms_app/settings.py +++ b/poms_app/settings.py @@ -828,6 +828,7 @@ traces_sample_rate=1.0, send_default_pii=True, profiles_sample_rate=1.0, + enable_logs=True, ) INSTRUMENT_TYPE_PREFIX = ENV_STR(