Merge pull request RedHatInsights#1454 from petracihalova/query_varia…

…tion [RHCLOUD-37156] Make reset import tenants admin endpoint use ready=false query instead of looking up all related objects
petracihalova · Jan 28, 2025 · 1b74db8 · 1b74db8
2 parents 21d1388 + aecf2cd
commit 1b74db8
Show file tree

Hide file tree

Showing 4 changed files with 298 additions and 41 deletions.
diff --git a/rbac/internal/specs/openapi.json b/rbac/internal/specs/openapi.json
@@ -1427,7 +1427,7 @@
           "200": {
             "description": "0 tenant with ready flag equal to false."
           },
-          "400":{
+          "400": {
             "description": "Invalid request, must supply the 'max_expected' query parameter.",
             "content": {
               "application/json": {
@@ -1460,6 +1460,133 @@
         }
       }
     },
+    "/api/utils/reset_imported_tenants/": {
+      "delete": {
+        "tags": [
+          "Tenants"
+        ],
+        "summary": "Remove tenants imported via user import job",
+        "description": "Remove tenants with the flag ready=false or tenants without related objects. To use this endpoint, destructive API operations must be enabled.",
+        "operationId": "RemoveImportedTenants",
+        "parameters": [
+          {
+            "name": "exclude_id",
+            "in": "query",
+            "required": false,
+            "description": "IDs of tenants to exclude from the reset operation. Can be specified multiple times.",
+            "explode": true,
+            "schema": {
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          },
+          {
+            "name": "only_ready_false_flag",
+            "in": "query",
+            "required": false,
+            "description": "If set to true, the query searches for tenants with the 'ready=false' flag; otherwise, it looks for tenants without related objects.",
+            "schema": {
+              "type": "boolean",
+              "default": true
+            }
+          },
+          {
+            "in": "query",
+            "name": "limit",
+            "required": false,
+            "description": "Parameter for selecting the amount of data removed.",
+            "schema": {
+              "type": "integer"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Tenants deleting in worker."
+          },
+          "400": {
+            "description": "Destructive operations disallowed."
+          },
+          "500": {
+            "description": "Unexpected Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Error"
+                }
+              }
+            }
+          }
+        }
+      },
+      "get": {
+        "tags": [
+          "Tenants"
+        ],
+        "summary": "Get count of tenants imported via user import job",
+        "description": "Returns the count of tenants with the flag ready=false or tenants without related objects.",
+        "operationId": "CountOfImportedTenants",
+        "parameters": [
+          {
+            "name": "exclude_id",
+            "in": "query",
+            "required": false,
+            "description": "IDs of tenants to exclude from the reset operation. Can be specified multiple times.",
+            "explode": true,
+            "schema": {
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          },
+          {
+            "name": "only_ready_false_flag",
+            "in": "query",
+            "required": false,
+            "description": "If set to true, the query searches for tenants with the 'ready=false' flag; otherwise, it looks for tenants without related objects.",
+            "schema": {
+              "type": "boolean",
+              "default": true
+            }
+          },
+          {
+            "in": "query",
+            "name": "limit",
+            "required": false,
+            "description": "Parameter for selecting the amount of data returned.",
+            "schema": {
+              "type": "integer"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Tenants count that would be deleted.",
+            "content": {
+              "text/plain": {
+                "schema": {
+                  "type": "string",
+                  "example": "2 tenants would be deleted"
+                }
+              }
+            }
+          },
+          "500": {
+            "description": "Unexpected Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Error"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/openapi.json": {
       "get": {
         "tags": [

diff --git a/rbac/internal/views.py b/rbac/internal/views.py
@@ -672,44 +672,51 @@ def reset_imported_tenants(request: HttpRequest) -> HttpResponse:
     # Request should accept a query parameter to exclude certain tenants so we can exclude the ~129
     excluded = request.GET.getlist("exclude_id", [])
 
+    # The default query created with "ready=false" flag otherwise is used query that checks that tenant
+    # does not have records in all tables.
+    only_ready_false_flag = request.GET.get("only_ready_false_flag", "true").strip().lower() == "true"
+
     query = "FROM api_tenant WHERE tenant_name <> 'public' "
 
     if excluded:
         query += "AND id NOT IN %s "
 
-    query += (
-        "AND NOT EXISTS (SELECT 1 FROM management_principal WHERE management_principal.tenant_id = api_tenant.id) "
-    )
-    query += """AND NOT (
-              EXISTS    (SELECT 1
-                         FROM   management_tenantmapping
-                         WHERE  management_tenantmapping.tenant_id = api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_access
-                         WHERE  management_access.tenant_id = api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_group
-                         WHERE  management_group.tenant_id = api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_permission
-                         WHERE  management_permission.tenant_id = api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_policy
-                         WHERE  management_policy.tenant_id = api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_resourcedefinition
-                         WHERE  management_resourcedefinition.tenant_id =
-                        api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_role
-                         WHERE  management_role.tenant_id = api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_auditlog
-                         WHERE  management_auditlog.tenant_id = api_tenant.id)
-              OR EXISTS (SELECT 1
-                         FROM   management_workspace
-                         WHERE  management_workspace.tenant_id = api_tenant.id)
-              )"""
+    if only_ready_false_flag:
+        query += "AND NOT ready"
+    else:
+        query += (
+            "AND NOT EXISTS (SELECT 1 FROM management_principal WHERE management_principal.tenant_id = api_tenant.id) "
+        )
+        query += """AND NOT (
+                  EXISTS    (SELECT 1
+                             FROM   management_tenantmapping
+                             WHERE  management_tenantmapping.tenant_id = api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_access
+                             WHERE  management_access.tenant_id = api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_group
+                             WHERE  management_group.tenant_id = api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_permission
+                             WHERE  management_permission.tenant_id = api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_policy
+                             WHERE  management_policy.tenant_id = api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_resourcedefinition
+                             WHERE  management_resourcedefinition.tenant_id =
+                            api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_role
+                             WHERE  management_role.tenant_id = api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_auditlog
+                             WHERE  management_auditlog.tenant_id = api_tenant.id)
+                  OR EXISTS (SELECT 1
+                             FROM   management_workspace
+                             WHERE  management_workspace.tenant_id = api_tenant.id)
+                  )"""
 
     try:
         limit = int(request.GET.get("limit", "-1"))