restrict superuser to its specific tenant

[khixer]

Hi there,

I'm bit confused by the behavior of createsuperuser command providing the --schema flag. I've 3 three different schemas and I create 3 different superusers respectively by using command python manage.py createsuperuser --schema=schema1 (schema2 and schema3 etc).

Problem: superuser of schema1 can login to schema2's admin dashboard which is not the desired result.

Expected Behavior: superuser created with apt schema should only be allowed to logged in to its specific admin dashboard.

Any help would be appreciated!

[alxroots]

Your problem is on settings.py, you have to make sure that you put ' django.contrib.auth', 'django.contrib.contenttypes', ' django.contrib.admin' in your TENANT_APPS list. do not forget to migrate_schemas after all so that new tables will appear in your database.

[khixer]

Hi @alxroots Added the required apps but strangely no changes detected by makemigrations nor migrate_schemas created new tables and the problem persists.

Content of my settings file as follows:

INSTALLED_APPS = [
    "tenant_schemas",
    "django.contrib.admin",
    "django_extensions",
    "django.contrib.auth",
    "django.contrib.sites",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "my_app",
    "corsheaders",
    "rest_framework",
]

SHARED_APPS = (
    "tenant_schemas",  # mandatory, should always be before any django app
    "my_app",  # you must list the app where your tenant model resides in
    "django.contrib.contenttypes",

    # everything below here is optional
    "django.contrib.auth",
    "django.contrib.sites",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.admin",
)

TENANT_APPS = (
    "django.contrib.contenttypes",
    "django.contrib.auth",
    "django.contrib.admin",

    # your tenant-specific apps
    "my_app",
)

[alxroots]

Your code is right, try to create a new tenant and see if this new one has his on access to his admin area, just for testing... I got this error previously and as I was in the beginning of the project I reset my old migrations, delete my database and ran again makemigrations and migrate_schemas to work (it worked fine), maybe if you try this. If your project is in your local machine I'd suggest you using DBeaver or another database tool for see if the tables are really being created.

[khixer]

Still facing the same issue.

• created 2 new tenants and their superusers but they're able to login using one another credentials.

I'm afraid I can't drop/delete my database at this stage. Through dbshell, I can see auth tables are only created for my public schema but not for others.

Public Schema:

public | auth_group_id_seq                 | sequence | pg_user
public | auth_group_permissions_id_seq     | sequence | pg_user
public | auth_permission_id_seq            | sequence | pg_user
public | auth_user_groups_id_seq           | sequence | pg_user
public | auth_user_id_seq                  | sequence | pg_user
public | auth_user_user_permissions_id_seq | sequence | pg_user

Schema1:

schema1 | django_content_type_id_seq      | sequence | pg_user
schema1 | django_migrations_id_seq        | sequence | pg_user

Any idea how to solve this? Thanks!

[saileshkush95]

@khixer you need to delete database and recreate it again, it works