Initial tenant role and force tenant sync on privilege changes
diff --git a/xos/core/fixtures/core_initial_data.json b/xos/core/fixtures/core_initial_data.json
index 86658bb..e4f86f9 100644
--- a/xos/core/fixtures/core_initial_data.json
+++ b/xos/core/fixtures/core_initial_data.json
@@ -65,6 +65,34 @@
},
{
"fields": {
+ "updated": "2015-02-17T22:06:38.620Z",
+ "policed": null,
+ "created": "2015-02-17T22:06:38.620Z",
+ "deleted": false,
+ "backend_register": "{}",
+ "role": "admin",
+ "backend_status": "0 - Provisioning in progress",
+ "enacted": null
+ },
+ "model": "core.tenantrole",
+ "pk": 1
+},
+{
+ "fields": {
+ "updated": "2015-02-17T22:06:38.620Z",
+ "policed": null,
+ "created": "2015-02-17T22:06:38.620Z",
+ "deleted": false,
+ "backend_register": "{}",
+ "role": "access",
+ "backend_status": "0 - Provisioning in progress",
+ "enacted": null
+ },
+ "model": "core.tenantrole",
+ "pk": 2
+},
+{
+ "fields": {
"accessControl": "allow all",
"updated": "2015-02-17T22:06:37.789Z",
"policed": null,
diff --git a/xos/services/vpn/admin.py b/xos/services/vpn/admin.py
index 9f1ceda..f0b8f7c 100644
--- a/xos/services/vpn/admin.py
+++ b/xos/services/vpn/admin.py
@@ -262,6 +262,8 @@
certificate = self.certificate_name(obj)
VPNService.execute_easyrsa_command(
obj.tenant.pki_dir, "revoke " + certificate)
+ obj.tenant.enacted = None
+ obj.tenant.save()
# TODO(jermowery): determine if this is necessary.
# if type(obj) is VPNTenant:
# if the tenant was deleted revoke all certs assoicated
@@ -274,6 +276,8 @@
VPNService.execute_easyrsa_command(
obj.tenant.pki_dir,
"build-client-full " + certificate + " nopass")
+ obj.tenant.enacted = None
+ obj.tenant.save()
# Associate the admin forms with the models.
admin.site.register(VPNService, VPNServiceAdmin)