diff --git a/common/utils/database.py b/common/utils/database.py index bb05d0f..a9479d4 100644 --- a/common/utils/database.py +++ b/common/utils/database.py @@ -24,6 +24,7 @@ class Database: """ schema = session.info.get("tenant_schema") if schema: + current_app.logger.debug(f"DBCTX tx_begin schema={schema}") try: connection.exec_driver_sql(f'SET LOCAL search_path TO "{schema}", public') # Optional visibility/logging for debugging diff --git a/common/utils/security.py b/common/utils/security.py index 7b24793..c5641cd 100644 --- a/common/utils/security.py +++ b/common/utils/security.py @@ -35,7 +35,8 @@ def is_valid_tenant(tenant_id): if tenant_id == 1: # The 'root' tenant, is always valid return True tenant = Tenant.query.get(tenant_id) - Database(tenant).switch_schema() + # Use the tenant_id (schema name), not the Tenant object, to switch schema + Database(tenant_id).switch_schema() if tenant is None: raise EveAITenantNotFound() elif tenant.type == 'Inactive': diff --git a/eveai_app/views/user_forms.py b/eveai_app/views/user_forms.py index f99916d..319f9ac 100644 --- a/eveai_app/views/user_forms.py +++ b/eveai_app/views/user_forms.py @@ -88,13 +88,13 @@ class BaseUserForm(FlaskForm): last_name = StringField('Last Name', validators=[DataRequired(), Length(max=80)]) valid_to = DateField('Valid to', id='form-control datepicker', validators=[Optional()]) tenant_id = IntegerField('Tenant ID', validators=[NumberRange(min=0)]) - roles = SelectMultipleField('Roles', coerce=int) + selected_role_ids = SelectMultipleField('Roles', coerce=int) is_primary_contact = BooleanField('Primary Contact') is_financial_contact = BooleanField('Financial Contact') def __init__(self, *args, **kwargs): super(BaseUserForm, self).__init__(*args, **kwargs) - self.roles.choices = UserServices.get_assignable_roles() + self.selected_role_ids.choices = UserServices.get_assignable_roles() class CreateUserForm(BaseUserForm): diff --git a/eveai_app/views/user_views.py b/eveai_app/views/user_views.py index 711a0b6..60c8fa3 100644 --- a/eveai_app/views/user_views.py +++ b/eveai_app/views/user_views.py @@ -217,21 +217,15 @@ def user(): if form.validate_on_submit(): current_app.logger.info(f"Adding User for tenant {session['tenant']['id']} ") - new_user = User(user_name=form.user_name.data, - email=form.email.data, - first_name=form.first_name.data, - last_name=form.last_name.data, - valid_to=form.valid_to.data, - tenant_id=form.tenant_id.data, - fs_uniquifier=uuid.uuid4().hex, - ) + new_user = User() + form.populate_obj(new_user) timestamp = dt.now(tz.utc) new_user.created_at = timestamp new_user.updated_at = timestamp # Add roles - for role_id in form.roles.data: + for role_id in form.selected_role_ids.data: the_role = Role.query.get(role_id) new_user.roles.append(the_role) @@ -266,18 +260,18 @@ def user(): @roles_accepted('Super User', 'Tenant Admin', 'Partner Admin') def edit_user(user_id): user = User.query.get_or_404(user_id) # This will return a 404 if no user is found + tenant_id = session.get('tenant').get('id') form = EditUserForm(obj=user) if form.validate_on_submit(): # Populate the user with form data - user.first_name = form.first_name.data - user.last_name = form.last_name.data - user.valid_to = form.valid_to.data - user.updated_at = dt.now(tz.utc) + form.populate_obj(user) + timestamp = dt.now(tz.utc) + user.updated_at = timestamp # Update roles current_roles = set(role.id for role in user.roles) - selected_roles = set(form.roles.data) + selected_roles = set(form.selected_role_ids.data) if UserServices.validate_role_assignments(selected_roles): # Add new roles for role_id in selected_roles - current_roles: @@ -303,7 +297,7 @@ def edit_user(user_id): else: form_validation_failed(request, form) - form.roles.data = [role.id for role in user.roles] + form.selected_role_ids.data = [role.id for role in user.roles] return render_template('user/edit_user.html', form=form, user_id=user_id)