Skip to content
Snippets Groups Projects
Commit 28900fe3 authored by Art's avatar Art :lizard:
Browse files

Cleanup inactive users

parent bb9f99d1
No related branches found
No related tags found
No related merge requests found
import os
from django.conf import settings as django_settings
from datetime import timedelta
"""
......@@ -49,6 +50,10 @@ PREDEFINED_GROUPS = {
# {"superusers": [ssoauth.SUPERUSER_PERM_CODENAME]}
}
# if last login has been long ago then users are cleaned up
CLEANUP_DEACTIVATE_AFTER = timedelta(days=7) # people are getting suspicious because of the old users that still seem active according to django
CLEANUP_DELETE_USER_AFTER = timedelta(days=180)
"""
Settings you might want to change on development (don't change them for production):
......
......@@ -2,6 +2,10 @@ from django.apps import AppConfig
from django.contrib.auth.management import create_permissions
from django.core import management
from django.db.models.signals import post_migrate
from django.db.utils import OperationalError, ProgrammingError
from django.db.models import Q
from django.contrib.auth import get_user_model
from django.utils import timezone
from . import app_settings
from . import logger
from . import sso_utils
......@@ -13,7 +17,7 @@ class SSOAuthConfig(AppConfig):
def ready(self, *args, **kwargs):
if not checks:
raise RuntimeError("Checks are not imported.")
raise RuntimeError("Importing/running checks would be nice...")
super().ready(*args, **kwargs)
# OneLogin settings stuff
try:
......@@ -26,6 +30,11 @@ class SSOAuthConfig(AppConfig):
logger.warning(msg)
# default groups
post_migrate.connect(self.post_migrate_callback, sender=self)
# cleanup
try:
self.cleanup_users()
except (OperationalError, ProgrammingError,) as e:
return [Warning("ssoauth could not cleanup users. Not migrated yet?")]
@staticmethod
def post_migrate_callback(*args, **kwargs):
......@@ -34,3 +43,14 @@ class SSOAuthConfig(AppConfig):
# custom and compatibility groups and permissions
management.call_command("ssoauth_setup_groups_and_perms")
def cleanup_users(self):
for user in get_user_model().objects.filter(Q(last_login__isnull=True) | Q(last_login__lte=timezone.now() - app_settings.CLEANUP_DELETE_USER_AFTER)):
logger.info("Deleting inactive user: {0}".format(user))
user.delete()
for user in get_user_model().objects.filter(last_login__lte=timezone.now() - app_settings.CLEANUP_DEACTIVATE_AFTER).filter(Q(is_active=True) | Q(is_superuser=True) | Q(is_staff=True)):
logger.info("Deactivating user: {0}".format(user))
user.is_active = False
user.is_superuser = False
user.is_staff = False
user.save()
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment