NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-08-17 04:58:16 -06:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

In _record_object_deleted(), don't assert on SAML2 login deletions.

Browse Source 
Previously, the call to r.session.flush() in django-saml2-auth plugin raised this assertion, as the request session doesn't exist at this point in the flow.
This commit is contained in:
Anthony Eden 2019-05-22 18:11:54 +10:00
parent 04419e8eaa
commit 6c6eb6ffd0
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
netbox/extras/middleware.py
View File

@ -31,7 +31,9 @@ def _record_object_deleted(request, instance, **kwargs):
# Force resolution of request.user in case it's still a SimpleLazyObject. This seems to happen # Force resolution of request.user in case it's still a SimpleLazyObject. This seems to happen
# occasionally during tests, but haven't been able to determine why. # occasionally during tests, but haven't been able to determine why.
assert request.user.is_authenticated # Note: We exclude SAML2 login flow deletions, as the call to request.session.flush() throws this assertion
if request.path_info != '/saml2_auth/acs/':
assert request.user.is_authenticated
# Record that the object was deleted # Record that the object was deleted
if hasattr(instance, 'log_change'): if hasattr(instance, 'log_change'):