feat(bkuser): update migrations for init local idp for default tenant (…

…#1389)

src/bk-user/bkuser/apps/data_source/migrations/0001_initial.py

@@ -1,4 +1,4 @@
-# Generated by Django 3.2.20 on 2023-11-13 09:45
+# Generated by Django 3.2.20 on 2023-11-14 02:40
 
 import bkuser.apps.data_source.constants
 import bkuser.utils.uuid
@@ -168,7 +168,7 @@ class Migration(migrations.Migration):
                 ('parent', mptt.fields.TreeForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='children', to='data_source.datasourcedepartmentrelation')),
             ],
             options={
-                'index_together': {('parent_id', 'tree_id', 'lft'), ('tree_id', 'lft', 'rght')},
+                'index_together': {('tree_id', 'lft', 'rght'), ('parent_id', 'tree_id', 'lft')},
             },
         ),
     ]

src/bk-user/bkuser/apps/data_source/migrations/0002_init_builtin_data_source_plugin.py

@@ -1,4 +1,13 @@
-# Generated by Django 3.2.20 on 2023-11-13 09:47
+# -*- coding: utf-8 -*-
+"""
+TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-用户管理(Bk-User) available.
+Copyright (C) 2017-2021 THL A29 Limited, a Tencent company. All rights reserved.
+Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.
+You may obtain a copy of the License at http://opensource.org/licenses/MIT
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
+an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
+specific language governing permissions and limitations under the License.
+"""
 from django.conf import settings
 from django.db import migrations
 
@@ -35,11 +44,8 @@ def forwards_func(apps, schema_editor):
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
-        ('data_source', '0001_initial'),
+        ("data_source", "0001_initial"),
     ]
 
-    operations = [
-        migrations.RunPython(forwards_func)
-    ]
+    operations = [migrations.RunPython(forwards_func)]

src/bk-user/bkuser/apps/idp/migrations/0001_initial.py

@@ -1,4 +1,4 @@
-# Generated by Django 3.2.20 on 2023-11-13 09:45
+# Generated by Django 3.2.20 on 2023-11-14 02:40
 
 import bkuser.apps.idp.constants
 import bkuser.utils.uuid

src/bk-user/bkuser/apps/idp/migrations/0002_init_builtin_idp_plugin.py

@@ -1,4 +1,13 @@
-# Generated by Django 3.2.20 on 2023-11-13 09:50
+# -*- coding: utf-8 -*-
+"""
+TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-用户管理(Bk-User) available.
+Copyright (C) 2017-2021 THL A29 Limited, a Tencent company. All rights reserved.
+Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.
+You may obtain a copy of the License at http://opensource.org/licenses/MIT
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
+an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
+specific language governing permissions and limitations under the License.
+"""
 from django.conf import settings
 from django.db import migrations
 
@@ -19,8 +28,8 @@ def forwards_func(apps, schema_editor):
         defaults={
             "name": BuiltinIdpPluginEnum.get_choice_label(BuiltinIdpPluginEnum.LOCAL),
             "description": "使用本地DB数据源提供的用户名和密码进行认证",
-            "logo": load_image_as_base64(settings.BASE_DIR / "bkuser/idp_plugins/local/logo.png")
-        }
+            "logo": load_image_as_base64(settings.BASE_DIR / "bkuser/idp_plugins/local/logo.png"),
+        },
     )
 
     # 企业微信认证源插件
@@ -30,17 +39,14 @@ def forwards_func(apps, schema_editor):
         defaults={
             "name": BuiltinIdpPluginEnum.get_choice_label(BuiltinIdpPluginEnum.WECOM),
             "description": "使用腾讯企业微信进行企业身份认证",
-            "logo": load_image_as_base64(settings.BASE_DIR / "bkuser/idp_plugins/wecom/logo.png")
-        }
+            "logo": load_image_as_base64(settings.BASE_DIR / "bkuser/idp_plugins/wecom/logo.png"),
+        },
     )
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
-        ('idp', '0001_initial'),
+        ("idp", "0001_initial"),
     ]
 
-    operations = [
-        migrations.RunPython(forwards_func)
-    ]
+    operations = [migrations.RunPython(forwards_func)]

src/bk-user/bkuser/apps/natural_user/migrations/0001_initial.py

@@ -1,4 +1,4 @@
-# Generated by Django 3.2.20 on 2023-11-13 09:45
+# Generated by Django 3.2.20 on 2023-11-14 02:40
 
 import bkuser.utils.uuid
 from django.db import migrations, models

src/bk-user/bkuser/apps/sync/migrations/0001_initial.py

@@ -1,4 +1,4 @@
-# Generated by Django 3.2.20 on 2023-11-13 09:45
+# Generated by Django 3.2.20 on 2023-11-14 02:40
 
 import bkuser.utils.uuid
 import datetime

src/bk-user/bkuser/apps/tenant/migrations/0002_init_builtin_user_fields.py

@@ -1,4 +1,13 @@
-# Generated by Django 3.2.20 on 2023-11-13 09:56
+# -*- coding: utf-8 -*-
+"""
+TencentBlueKing is pleased to support the open source community by making 蓝鲸智云-用户管理(Bk-User) available.
+Copyright (C) 2017-2021 THL A29 Limited, a Tencent company. All rights reserved.
+Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.
+You may obtain a copy of the License at http://opensource.org/licenses/MIT
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
+an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
+specific language governing permissions and limitations under the License.
+"""
 from django.db import migrations
 
 

src/bk-user/bkuser/apps/tenant/migrations/0004_init_default_tenant.py → src/bk-user/bkuser/apps/tenant/migrations/0003_init_default_tenant.py

@@ -18,6 +18,9 @@
 from bkuser.common.hashers import make_password
 from bkuser.plugins.base import get_default_plugin_cfg
 from bkuser.plugins.constants import DataSourcePluginEnum
+from bkuser.idp_plugins.constants import BuiltinIdpPluginEnum
+from bkuser.idp_plugins.local.plugin import LocalIdpPluginConfig
+from bkuser.apps.idp.data_models import gen_data_source_match_rule_of_local
 
 logger = logging.getLogger(__name__)
 
@@ -29,14 +32,18 @@ def forwards_func(apps, schema_editor):
     if not (admin_username and admin_password):
         raise RuntimeError("INITIAL_ADMIN_USERNAME and INITIAL_ADMIN_PASSWORD must be set in environment variables")
 
-    logger.info("start initialize default tenant & data source with admin user [%s]...", admin_username)
+    logger.info(
+        "start initialize default tenant & data source with admin user [%s]...",
+        admin_username,
+    )
 
     Tenant = apps.get_model("tenant", "Tenant")
     TenantUser = apps.get_model("tenant", "TenantUser")
     TenantManager = apps.get_model("tenant", "TenantManager")
     DataSource = apps.get_model("data_source", "DataSource")
     DataSourceUser = apps.get_model("data_source", "DataSourceUser")
     LocalDataSourceIdentityInfo = apps.get_model("data_source", "LocalDataSourceIdentityInfo")
+    Idp = apps.get_model("idp", "Idp")
 
     default_tenant = Tenant.objects.create(id="default", name="默认租户", is_default=True)
     data_source = DataSource.objects.create(
@@ -47,7 +54,10 @@ def forwards_func(apps, schema_editor):
     )
 
     data_source_user = DataSourceUser.objects.create(
-        data_source=data_source, code=admin_username, username=admin_username, full_name=admin_username
+        data_source=data_source,
+        code=admin_username,
+        username=admin_username,
+        full_name=admin_username,
     )
     LocalDataSourceIdentityInfo.objects.create(
         user=data_source_user,
@@ -65,12 +75,23 @@ def forwards_func(apps, schema_editor):
     )
     TenantManager.objects.create(tenant=default_tenant, tenant_user=tenant_user)
 
-    logger.info("initialize default tenant & data source with admin user [%s] success", admin_username)
+    Idp.objects.create(
+        name="default",
+        plugin_id=BuiltinIdpPluginEnum.LOCAL,
+        owner_tenant_id=default_tenant.id,
+        plugin_config=LocalIdpPluginConfig(data_source_ids=[data_source.id]).model_dump(),
+        data_source_match_rules=[gen_data_source_match_rule_of_local(data_source.id).model_dump()],
+    )
+
+    logger.info(
+        "initialize default tenant & data source with admin user [%s] success",
+        admin_username,
+    )
 
 
 class Migration(migrations.Migration):
     dependencies = [
-        ("tenant", "0003_auto_20231113_2017"),
+        ("tenant", "0002_init_builtin_user_fields"),
         ("data_source", "0002_init_builtin_data_source_plugin"),
         ("idp", "0002_init_builtin_idp_plugin"),
     ]

src/bk-user/bkuser/common/constants.py

@@ -18,8 +18,10 @@ class BkLanguageEnum(str, StructuredEnum):
     EN = EnumField("en", label="英文")
 
 
-# 永久：2100-01-01 00:00:00
-PERMANENT_TIME = datetime.datetime(year=2100, month=1, day=1, hour=0, minute=0, second=0)
+# 永久：2100-01-01 00:00:00 UTC
+PERMANENT_TIME = datetime.datetime(
+    year=2100, month=1, day=1, hour=0, minute=0, second=0, tzinfo=datetime.timezone.utc
+)
 
 # 敏感信息掩码（7 位 * 是故意的，避免遇到用户输入 6/8 位 * 的情况）
 SENSITIVE_MASK = "*******"