Skip to content

Commit

Permalink
Fix logic of SELECT FOR UDPDATE to only lock records that will be upd…
Browse files Browse the repository at this point in the history 
…ated
  • Loading branch information
@Ricardoalso
Ricardoalso committed May 14, 2024
1 parent 966f4f4 commit ce1e5d2
Showing 1 changed file with 22 additions and 8 deletions.
30 changes: 22 additions & 8 deletions auth_saml/models/auth_saml_provider.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -411,21 +411,35 @@ def action_refresh_metadata_from_url(self):
)
if not providers:
return False

providers_to_update = {}
for provider in providers:
document = requests.get(provider.idp_metadata_url, timeout=5)
if document.status_code != 200:
raise UserError(
f"Unable to download the metadata for {provider.name}: {document.reason}"
)
if document.text != provider.idp_metadata:
providers_to_update[provider.id] = document.text

if not providers_to_update:
return False

# lock the records we might update, so that multiple simultaneous login
# attempts will not cause concurrent updates
provider_ids = tuple(providers_to_update.keys())
self.env.cr.execute(
"SELECT id FROM auth_saml_provider WHERE id in %s FOR UPDATE",
(tuple(providers.ids),),
(tuple(provider_ids),),
)
updated = False
for provider in providers:
document = requests.get(provider.idp_metadata_url)
if document.status_code != 200:
raise UserError(
f"Unable to download the metadata for {provider.name}: {document.reason}"
if provider.id in providers_to_update:
provider.idp_metadata = providers_to_update[provider.id]
_logger.info(
"Updated metadata for provider %s from %s",
provider.name,
)
if document.text != provider.idp_metadata:
provider.idp_metadata = document.text
_logger.info("Updated provider metadata for %s", provider.name)
updated = True

return updated

0 comments on commit ce1e5d2

Please sign in to comment.