Add multi user for community edition

Makefile

@@ -32,7 +32,7 @@ freeze: venv
 	$(PIP) freeze > requirements.txt
 
 tests:
-	$(COMPOSE) exec -i $(SERVICE) python manage.py test --keepdb
+	$(COMPOSE) exec -i $(SERVICE) python manage.py test --keepdb $(TEST)
 
 linters:
 	ruff format; \

poms/bootstrap/apps.py

@@ -221,6 +221,7 @@ def sync_space_data():  # noqa: PLR0915
 
         # TODO improve logic for Community Edition
         owner_username = settings.ADMIN_USERNAME
+        owner_password = settings.ADMIN_PASSWORD
         owner_email = os.environ.get("ADMIN_EMAIL", "admin@finmars.com")
         master_user_name = "Local"
         backend_status = None
@@ -285,13 +286,18 @@ def sync_space_data():  # noqa: PLR0915
         # Non-Authorizer related bootstrap logic goes below
 
         try:
-            user, created = User.objects.using(settings.DB_DEFAULT).get_or_create(
-                username=owner_username,
-                defaults=dict(
+            user = User.objects.using(settings.DB_DEFAULT).filter(username=owner_username).first()
+            if user is None:
+                user = User.objects.db_manager(settings.DB_DEFAULT).create_user(
+                    username=owner_username,
                     email=owner_email,
-                    password=generate_random_string(10),
-                ),
-            )
+                    password=owner_password if owner_password else generate_random_string(10),
+                    is_staff=True,
+                    is_superuser=True,
+                )
+                created = True
+            else:
+                created = False
             _l.info(f"{log} owner {owner_username} {'created' if created else 'exists'}")
 
             user_profile, created = UserProfile.objects.using(settings.DB_DEFAULT).get_or_create(user_id=user.pk)

poms/users/serializers.py

@@ -650,7 +650,7 @@ def create(self, validated_data):
         _l.info(f"member create {validated_data}")
 
         username = validated_data.get("username")
-        status = Member.STATUS_INVITED
+        status = self.context.get("member_status", Member.STATUS_INVITED)
         validated_data["status"] = status
 
         member = super().create(validated_data)

poms/users/views.py

@@ -873,10 +873,13 @@ def get_object(self):
         return super().get_object()
 
     def create(self, request, *args, **kwargs):
+        member_status = Member.STATUS_INVITED
         if settings.EDITION_TYPE == "community":
-            raise PermissionDenied("Community edition does not support this feature")
+            member_status = Member.STATUS_ACTIVE
 
-        serializer = self.get_serializer(data=request.data)
+        serializer = self.get_serializer(
+            data=request.data, context={**self.get_serializer_context(), "member_status": member_status}
+        )
         serializer.is_valid(raise_exception=True)
 
         with transaction.atomic():
@@ -885,12 +888,13 @@ def create(self, request, *args, **kwargs):
             member = serializer.instance
 
             try:
-                AuthorizerService().invite_member(
-                    member=member,
-                    from_user=request.user,
-                    realm_code=request.realm_code,
-                    space_code=request.space_code,
-                )
+                if settings.EDITION_TYPE == "entreprise":
+                    AuthorizerService().invite_member(
+                        member=member,
+                        from_user=request.user,
+                        realm_code=request.realm_code,
+                        space_code=request.space_code,
+                    )
                 headers = self.get_success_headers(serializer.data)
                 return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
             except Exception as err:
@@ -916,9 +920,6 @@ def _handle_authorizer_error(request, member, err):
         )
 
     def update(self, request, *args, **kwargs):
-        if settings.EDITION_TYPE == "community":
-            raise PermissionDenied("Community edition does not support this feature")
-
         serializer = self.get_serializer(data=request.data)
         serializer.is_valid(raise_exception=True)
 
@@ -945,14 +946,15 @@ def update(self, request, *args, **kwargs):
             raise ValidationError("Could not remove admin rights from owner")
 
         if member.is_admin != form_data_is_admin or member.is_owner != form_data_is_owner:
-            authorizer = AuthorizerService()
-            authorizer.update_member(
-                member,
-                request.realm_code,
-                request.space_code,
-                is_admin=form_data_is_admin,
-                is_owner=form_data_is_owner,
-            )
+            if settings.EDITION_TYPE == "entreprise":
+                authorizer = AuthorizerService()
+                authorizer.update_member(
+                    member,
+                    request.realm_code,
+                    request.space_code,
+                    is_admin=form_data_is_admin,
+                    is_owner=form_data_is_owner,
+                )
 
         if not member.is_owner and form_data_is_owner is True:
             master_user = MasterUser.objects.get(space_code=kwargs["space_code"])
@@ -977,9 +979,6 @@ def validate_member_settings(request):
             raise ValidationError("Could not remove owner rights from yourself")
 
     def destroy(self, request, *args, **kwargs):
-        if settings.EDITION_TYPE == "community":
-            raise PermissionDenied("Community edition does not support this feature")
-
         if self.get_object().username == "finmars_bot":
             raise PermissionDenied()
 
@@ -991,15 +990,12 @@ def destroy(self, request, *args, **kwargs):
         return Response(status=status.HTTP_204_NO_CONTENT)
 
     def perform_destroy(self, instance, request):
-        if settings.EDITION_TYPE == "community":
-            raise PermissionDenied("Community edition does not support this feature")
-
         if instance.is_owner:
             raise PermissionDenied()
 
-        authorizer = AuthorizerService()
-
-        authorizer.kick_member(instance, request.realm_code, request.space_code)
+        if settings.EDITION_TYPE == "entreprise":
+            authorizer = AuthorizerService()
+            authorizer.kick_member(instance, request.realm_code, request.space_code)
 
         instance.status = Member.STATUS_DELETED
         instance.save()
@@ -1008,9 +1004,6 @@ def perform_destroy(self, instance, request):
 
     @action(detail=True, methods=["put"], url_path="send-invite")
     def send_invite(self, request, pk=None, realm_code=None, space_code=None):
-        if settings.EDITION_TYPE == "community":
-            raise PermissionDenied("Community edition does not support this feature")
-
         member = self.get_object()
 
         if not member.is_deleted and member.status != Member.STATUS_INVITE_DECLINED:
@@ -1019,14 +1012,15 @@ def send_invite(self, request, pk=None, realm_code=None, space_code=None):
         member.status = Member.STATUS_INVITED
         member.save()
 
-        authorizer = AuthorizerService()
+        if settings.EDITION_TYPE == "entreprise":
+            authorizer = AuthorizerService()
 
-        authorizer.invite_member(
-            member=member,
-            from_user=request.user,
-            realm_code=request.realm_code,
-            space_code=request.space_code,
-        )
+            authorizer.invite_member(
+                member=member,
+                from_user=request.user,
+                realm_code=request.realm_code,
+                space_code=request.space_code,
+            )
 
         return Response({"status": "ok"})
 

poms_app/settings.py

@@ -828,6 +828,7 @@
         traces_sample_rate=1.0,
         send_default_pii=True,
         profiles_sample_rate=1.0,
+        enable_logs=True,
     )
 
 INSTRUMENT_TYPE_PREFIX = ENV_STR(