Skip to content

Commit e4d2411

Browse files
author
Nivedithaa Mahendran
committed
update
1 parent bf5edaa commit e4d2411

1 file changed

Lines changed: 7 additions & 4 deletions

File tree

src/mas/devops/users.py

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1662,11 +1662,13 @@ def create_initial_user_for_saas(self, user, user_type, groupreassign=None):
16621662
resource_id, _ = self.get_or_create_user(user_def)
16631663

16641664
# For version >= 9.1, we always need a Manage API key and resource_id to link user to local IDP
1665-
# For version < 9.1, we may need it later for manage_security_groups
1666-
if Version(self.mas_version) >= Version('9.1') or (len(manage_security_groups) > 0 and "manage" in self.mas_workspace_application_ids):
1665+
# For version < 9.1, link user to local IDP first, then create API key only if needed for manage_security_groups
1666+
maxadmin_manage_api_key = None
1667+
if Version(self.mas_version) >= Version('9.1'):
16671668
maxadmin_manage_api_key = self.create_or_get_manage_api_key_for_user(MASUserUtils.MAXADMIN, temporary=True)
16681669
self.link_user_to_local_idp(user_id, email_password=True, manage_api_key=maxadmin_manage_api_key, resource_id=resource_id)
16691670
else:
1671+
# For version < 9.1, link user to local IDP without manage_api_key and resource_id
16701672
self.link_user_to_local_idp(user_id, email_password=True)
16711673

16721674
self.add_user_to_workspace(user_id, is_workspace_admin=is_workspace_admin)
@@ -1688,10 +1690,11 @@ def create_initial_user_for_saas(self, user, user_type, groupreassign=None):
16881690

16891691
if len(manage_security_groups) > 0 and "manage" in self.mas_workspace_application_ids:
16901692
if Version(self.mas_version) < Version('9.1'):
1693+
maxadmin_manage_api_key = self.create_or_get_manage_api_key_for_user(MASUserUtils.MAXADMIN, temporary=True)
16911694
for manage_security_group in manage_security_groups:
16921695
self.add_user_to_manage_group(user_id, manage_security_group, maxadmin_manage_api_key)
1693-
if Version(self.mas_version) >= Version('9.1') and user_type == "PRIMARY" and groupreassign is not None:
1694-
if resource_id:
1696+
elif Version(self.mas_version) >= Version('9.1') and user_type == "PRIMARY" and groupreassign is not None:
1697+
if resource_id and maxadmin_manage_api_key:
16951698
self.set_user_group_reassignment_auth(user_id, resource_id, groupreassign, maxadmin_manage_api_key)
16961699
else:
16971700
self.logger.warning(f"Cannot set group reassignment auth: resource_id not found for user {user_id}")

0 commit comments

Comments
 (0)