centralcloud/oncall-engine
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make sure organization token is valid before sync (#4904)

Browse source 
Since we will be triggering sync for orgs without a `last_time_synced`
set, we need to make sure the token is valid (previously both,
`last_time_synced` and the token, were updated from the frontend plugin)
This commit is contained in:
Matias Bordese 2024-08-22 14:49:22 -03:00 committed by GitHub
parent 87dd5c6623
commit cd5e9955b9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 21 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
engine/apps/user_management/sync.py
View file

@ -37,6 +37,14 @@ def _sync_organization(organization: Organization) -> None:
grafana_api_client = GrafanaAPIClient(api_url=organization.grafana_url, api_token=organization.api_token)
gcom_client = GcomAPIClient(settings.GRAFANA_COM_ADMIN_API_TOKEN)
# check organization API token is valid
_, check_token_call_status = grafana_api_client.check_token()
if not check_token_call_status["connected"]:
organization.api_token_status = Organization.API_TOKEN_STATUS_FAILED
organization.save(update_fields=["api_token_status"])
logger.warning(f"Sync not successful org={organization.pk} token_status=FAILED")
return
rbac_is_enabled = organization.is_rbac_permissions_enabled
# Update organization's RBAC status if it's an open-source instance, or it's an active cloud instance.
# Don't update non-active cloud instances (e.g. paused) as they can return 200 OK but not have RBAC enabled.

14
engine/apps/user_management/tests/test_sync.py
View file

@ -10,7 +10,7 @@ from django.test import override_settings
from apps.alerts.models import AlertReceiveChannel
from apps.api.permissions import LegacyAccessControlRole
from apps.grafana_plugin.sync_data import SyncData, SyncSettings, SyncUser
from apps.user_management.models import User
from apps.user_management.models import Organization, User
from apps.user_management.sync import (
apply_sync_data,
cleanup_organization,
@ -269,6 +269,18 @@ def test_sync_organization(make_organization):
assert organization.is_grafana_labels_enabled is True
@pytest.mark.django_db
def test_sync_organization_invalid_api_token(make_organization):
organization = make_organization()
with patch("apps.user_management.sync.GrafanaAPIClient") as mock_grafana_api_client:
mock_grafana_api_client.return_value.check_token.return_value = (None, {"connected": False})
sync_organization(organization)
organization.refresh_from_db()
organization.api_token_status = Organization.API_TOKEN_STATUS_FAILED
@pytest.mark.parametrize(
"is_rbac_enabled_for_organization,expected",
[