authentik.providers.ldap.migrations.0004_alter_ldapprovider_options_and_more
1# Generated by Django 5.0.7 on 2024-07-25 14:59 2from django.apps.registry import Apps 3 4from django.db.backends.base.schema import BaseDatabaseSchemaEditor 5 6from django.db import migrations 7 8 9def migrate_search_group(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): 10 from django.apps import apps as real_apps 11 from django.contrib.auth.management import create_permissions 12 13 db_alias = schema_editor.connection.alias 14 15 # Permissions are only created _after_ migrations are run 16 # - https://github.com/django/django/blob/43cdfa8b20e567a801b7d0a09ec67ddd062d5ea4/django/contrib/auth/apps.py#L19 17 # - https://stackoverflow.com/a/72029063/1870445 18 create_permissions(real_apps.get_app_config("authentik_providers_ldap"), using=db_alias) 19 20 LDAPProvider = apps.get_model("authentik_providers_ldap", "ldapprovider") 21 Permission = apps.get_model("auth", "Permission") 22 UserObjectPermission = apps.get_model("guardian", "UserObjectPermission") 23 ContentType = apps.get_model("contenttypes", "ContentType") 24 25 new_prem = Permission.objects.using(db_alias).get(codename="search_full_directory") 26 ct = ContentType.objects.using(db_alias).get( 27 app_label="authentik_providers_ldap", 28 model="ldapprovider", 29 ) 30 31 for provider in LDAPProvider.objects.using(db_alias).all(): 32 if not provider.search_group: 33 continue 34 for user in provider.search_group.users.using(db_alias).all(): 35 UserObjectPermission.objects.using(db_alias).create( 36 user=user, 37 permission=new_prem, 38 object_pk=provider.pk, 39 content_type=ct, 40 ) 41 42 43class Migration(migrations.Migration): 44 45 dependencies = [ 46 ("authentik_providers_ldap", "0003_ldapprovider_mfa_support_and_more"), 47 ("guardian", "0002_generic_permissions_index"), 48 ] 49 50 operations = [ 51 migrations.AlterModelOptions( 52 name="ldapprovider", 53 options={ 54 "permissions": [("search_full_directory", "Search full LDAP directory")], 55 "verbose_name": "LDAP Provider", 56 "verbose_name_plural": "LDAP Providers", 57 }, 58 ), 59 migrations.RunPython(migrate_search_group), 60 migrations.RemoveField( 61 model_name="ldapprovider", 62 name="search_group", 63 ), 64 ]
def
migrate_search_group( apps: django.apps.registry.Apps, schema_editor: django.db.backends.base.schema.BaseDatabaseSchemaEditor):
10def migrate_search_group(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): 11 from django.apps import apps as real_apps 12 from django.contrib.auth.management import create_permissions 13 14 db_alias = schema_editor.connection.alias 15 16 # Permissions are only created _after_ migrations are run 17 # - https://github.com/django/django/blob/43cdfa8b20e567a801b7d0a09ec67ddd062d5ea4/django/contrib/auth/apps.py#L19 18 # - https://stackoverflow.com/a/72029063/1870445 19 create_permissions(real_apps.get_app_config("authentik_providers_ldap"), using=db_alias) 20 21 LDAPProvider = apps.get_model("authentik_providers_ldap", "ldapprovider") 22 Permission = apps.get_model("auth", "Permission") 23 UserObjectPermission = apps.get_model("guardian", "UserObjectPermission") 24 ContentType = apps.get_model("contenttypes", "ContentType") 25 26 new_prem = Permission.objects.using(db_alias).get(codename="search_full_directory") 27 ct = ContentType.objects.using(db_alias).get( 28 app_label="authentik_providers_ldap", 29 model="ldapprovider", 30 ) 31 32 for provider in LDAPProvider.objects.using(db_alias).all(): 33 if not provider.search_group: 34 continue 35 for user in provider.search_group.users.using(db_alias).all(): 36 UserObjectPermission.objects.using(db_alias).create( 37 user=user, 38 permission=new_prem, 39 object_pk=provider.pk, 40 content_type=ct, 41 )
class
Migration(django.db.migrations.migration.Migration):
44class Migration(migrations.Migration): 45 46 dependencies = [ 47 ("authentik_providers_ldap", "0003_ldapprovider_mfa_support_and_more"), 48 ("guardian", "0002_generic_permissions_index"), 49 ] 50 51 operations = [ 52 migrations.AlterModelOptions( 53 name="ldapprovider", 54 options={ 55 "permissions": [("search_full_directory", "Search full LDAP directory")], 56 "verbose_name": "LDAP Provider", 57 "verbose_name_plural": "LDAP Providers", 58 }, 59 ), 60 migrations.RunPython(migrate_search_group), 61 migrations.RemoveField( 62 model_name="ldapprovider", 63 name="search_group", 64 ), 65 ]
The base class for all migrations.
Migration files will import this from django.db.migrations.Migration and subclass it as a class called Migration. It will have one or more of the following attributes:
- operations: A list of Operation instances, probably from django.db.migrations.operations
- dependencies: A list of tuples of (app_path, migration_name)
- run_before: A list of tuples of (app_path, migration_name)
- replaces: A list of migration_names
Note that all migrations come out of migrations and into the Loader or Graph as instances, having been initialized with their app label and name.
dependencies =
[('authentik_providers_ldap', '0003_ldapprovider_mfa_support_and_more'), ('guardian', '0002_generic_permissions_index')]
operations =
[<AlterModelOptions name='ldapprovider', options={'permissions': [('search_full_directory', 'Search full LDAP directory')], 'verbose_name': 'LDAP Provider', 'verbose_name_plural': 'LDAP Providers'}>, <RunPython <function migrate_search_group>>, <RemoveField model_name='ldapprovider', name='search_group'>]