Skip to content

Commit

Permalink
Allow user patch API 404 exceptions for superusers.
Browse files Browse the repository at this point in the history
Addresses issue with Appsembler superuser users who are associated with
a different Tenant than the one being used.  Helps keep from having to proliferate
a ton of admin accounts just to match with each customer Tenant.
  • Loading branch information
bryanlandia committed Jul 3, 2023
1 parent c84a12d commit 6e04057
Showing 1 changed file with 24 additions and 6 deletions.
30 changes: 24 additions & 6 deletions tahoe_idp/api.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,11 @@
* For breaking changes, new functions should be created
"""

import contextlib
from datetime import datetime
import logging
import pytz
from requests import exceptions as requests_exceptions
from social_django.models import UserSocialAuth

from urllib.parse import urlencode
Expand All @@ -26,6 +28,21 @@
log = logging.getLogger(__name__)


@contextlib.contextmanager
def with_user_api_allowed_error_conditions(user):
"""API function context manager to handle allowable error conditions."""

try:
yield
except requests_exceptions.HTTPError:
# Superusers may be associated with Tenants other than the one
# matching the domain in the request context.
if user.is_superuser:
log.info('Catching 404 from IdP for Tahoe superuser {}'.format(user.username))
else:
raise


def request_password_reset(email):
"""
Start password reset email for Username|Password Database Connection users.
Expand Down Expand Up @@ -92,12 +109,13 @@ def update_user(user, properties):
if idp_user_id is None:
return

client_response = api_client.patch_user(
user_id=idp_user_id,
request=properties,
)
http_response = helpers.get_successful_fusion_auth_http_response(client_response)
return http_response
with with_user_api_allowed_error_conditions(user):
client_response = api_client.patch_user(
user_id=idp_user_id,
request=properties,
)
http_response = helpers.get_successful_fusion_auth_http_response(client_response)
return http_response


def update_user_email(user, email, set_email_as_verified=False):
Expand Down

0 comments on commit 6e04057

Please sign in to comment.