diff --git a/apiserver/paasng/paasng/core/tenant/user.py b/apiserver/paasng/paasng/core/tenant/user.py index 3a334ce52e..6e7c632dc0 100644 --- a/apiserver/paasng/paasng/core/tenant/user.py +++ b/apiserver/paasng/paasng/core/tenant/user.py @@ -62,7 +62,10 @@ def get_tenant(user: User) -> Tenant: try: _id = getattr(user, "tenant_id") except AttributeError: - raise ValueError("No tenant can be found") + raise ValueError("The user object doesn't have the tenant_id attribute") + if not _id: + raise ValueError("The tenant_id exists but its value is empty") + return Tenant(_id) diff --git a/apiserver/paasng/paasng/infras/accounts/models.py b/apiserver/paasng/paasng/infras/accounts/models.py index aa2f233bc4..df4ad9fdb8 100644 --- a/apiserver/paasng/paasng/infras/accounts/models.py +++ b/apiserver/paasng/paasng/infras/accounts/models.py @@ -65,7 +65,7 @@ class User(AbstractBaseUser): _("active"), default=True, help_text=_( - "Designates whether this user should be treated as active. " "Unselect this instead of deleting accounts." + "Designates whether this user should be treated as active. Unselect this instead of deleting accounts." ), ) date_joined = models.DateTimeField(_("date joined"), default=timezone.now) @@ -273,7 +273,13 @@ def get_scope(self) -> str: class PrivateTokenHolder(AuditedModel): - """Private Token for sourcectl""" + """Besides the OAuth2 token, the private token is also supported for authentication + with external code services, such as GitLab, etc. When a user (such as a system user) + cannot use OAuth2, the private token is a good alternative. + + Despite the name, the "private token" in this model is not related to the "UserPrivateToken" + model. + """ provider = models.CharField(max_length=32) private_token = EncryptField(default="") diff --git a/apiserver/paasng/paasng/infras/accounts/views.py b/apiserver/paasng/paasng/infras/accounts/views.py index dc009047e9..24a88f9a8f 100644 --- a/apiserver/paasng/paasng/infras/accounts/views.py +++ b/apiserver/paasng/paasng/infras/accounts/views.py @@ -264,7 +264,7 @@ def bind(self, request, backend): scope = token_params.pop("scope", None) try: Oauth2TokenHolder.objects.update_or_create( - provider=backend_name, user=user_profile, region="ieod", scope=scope, defaults=token_params + provider=backend_name, user=user_profile, scope=scope, defaults=token_params ) except Exception: msg = f"failed to save access token(from {backend}) to {user_profile.username}"