cardo-python-utils 0.5.dev30__tar.gz → 0.5.dev32__tar.gz

cardo_python_utils-0.5.dev32/MANIFEST.in

@@ -0,0 +1,5 @@
+include LICENSE
+include README.rst
+include python_utils/django/admin/templates/user_groups_changelist.html
+include python_utils/django/README.md
+recursive-exclude tests *

{cardo_python_utils-0.5.dev30/cardo_python_utils.egg-info → cardo_python_utils-0.5.dev32}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cardo-python-utils
-Version: 0.5.dev30
+Version: 0.5.dev32
 Summary: Python library enhanced with a wide range of functions for different scenarios.
 Author-email: CardoAI <hello@cardoai.com>
 License: MIT
@@ -27,12 +27,14 @@ License-File: LICENSE
 Provides-Extra: django-keycloak
 Requires-Dist: PyJWT>=2.10.1; extra == "django-keycloak"
 Requires-Dist: mozilla-django-oidc>=4.0.1; extra == "django-keycloak"
+Requires-Dist: requests; extra == "django-keycloak"
 Provides-Extra: django-keycloak-groups
 Requires-Dist: python-keycloak>=5.8.1; extra == "django-keycloak-groups"
 Provides-Extra: all
 Requires-Dist: PyJWT>=2.10.1; extra == "all"
 Requires-Dist: mozilla-django-oidc>=4.0.1; extra == "all"
 Requires-Dist: python-keycloak>=5.8.1; extra == "all"
+Requires-Dist: requests; extra == "all"
 Provides-Extra: dev
 Requires-Dist: pytest>=7.0; extra == "dev"
 Requires-Dist: pytest-django>=4.5; extra == "dev"

{cardo_python_utils-0.5.dev30 → cardo_python_utils-0.5.dev32/cardo_python_utils.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cardo-python-utils
-Version: 0.5.dev30
+Version: 0.5.dev32
 Summary: Python library enhanced with a wide range of functions for different scenarios.
 Author-email: CardoAI <hello@cardoai.com>
 License: MIT
@@ -27,12 +27,14 @@ License-File: LICENSE
 Provides-Extra: django-keycloak
 Requires-Dist: PyJWT>=2.10.1; extra == "django-keycloak"
 Requires-Dist: mozilla-django-oidc>=4.0.1; extra == "django-keycloak"
+Requires-Dist: requests; extra == "django-keycloak"
 Provides-Extra: django-keycloak-groups
 Requires-Dist: python-keycloak>=5.8.1; extra == "django-keycloak-groups"
 Provides-Extra: all
 Requires-Dist: PyJWT>=2.10.1; extra == "all"
 Requires-Dist: mozilla-django-oidc>=4.0.1; extra == "all"
 Requires-Dist: python-keycloak>=5.8.1; extra == "all"
+Requires-Dist: requests; extra == "all"
 Provides-Extra: dev
 Requires-Dist: pytest>=7.0; extra == "dev"
 Requires-Dist: pytest-django>=4.5; extra == "dev"

cardo_python_utils-0.5.dev32/cardo_python_utils.egg-info/SOURCES.txt

@@ -0,0 +1,58 @@
+LICENSE
+MANIFEST.in
+README.rst
+pyproject.toml
+cardo_python_utils.egg-info/PKG-INFO
+cardo_python_utils.egg-info/SOURCES.txt
+cardo_python_utils.egg-info/dependency_links.txt
+cardo_python_utils.egg-info/requires.txt
+cardo_python_utils.egg-info/top_level.txt
+python_utils/__init__.py
+python_utils/choices.py
+python_utils/data_structures.py
+python_utils/db.py
+python_utils/django_utils.py
+python_utils/esma_choices.py
+python_utils/exceptions.py
+python_utils/imports.py
+python_utils/math.py
+python_utils/text.py
+python_utils/time.py
+python_utils/types_hinting.py
+python_utils/django/README.md
+python_utils/django/__init__.py
+python_utils/django/apps.py
+python_utils/django/oidc_settings.py
+python_utils/django/settings.py
+python_utils/django/tenant_context.py
+python_utils/django/admin/__init__.py
+python_utils/django/admin/auth.py
+python_utils/django/admin/user_group.py
+python_utils/django/admin/views.py
+python_utils/django/admin/templates/__init__.py
+python_utils/django/admin/templates/user_groups_changelist.html
+python_utils/django/api/__init__.py
+python_utils/django/api/drf.py
+python_utils/django/api/ninja.py
+python_utils/django/api/utils.py
+python_utils/django/auth/service.py
+python_utils/django/celery/__init__.py
+python_utils/django/celery/tenant_aware_task.py
+python_utils/django/db/__init__.py
+python_utils/django/db/routers.py
+python_utils/django/db/transaction.py
+python_utils/django/db/utils.py
+python_utils/django/management/__init__.py
+python_utils/django/management/commands/__init__.py
+python_utils/django/management/commands/migrateall.py
+python_utils/django/management/commands/tenant_aware_command.py
+python_utils/django/middleware/__init__.py
+python_utils/django/middleware/tenant_aware_http_middleware.py
+python_utils/django/models/__init__.py
+python_utils/django/models/user_group.py
+python_utils/django/redis/__init__.py
+python_utils/django/redis/key_function.py
+python_utils/django/storage/__init__.py
+python_utils/django/storage/tenant_aware_storage.py
+python_utils/django/tests/__init__.py
+python_utils/django/tests/conftest.py

{cardo_python_utils-0.5.dev30 → cardo_python_utils-0.5.dev32}/cardo_python_utils.egg-info/requires.txt

@@ -3,6 +3,7 @@
 PyJWT>=2.10.1
 mozilla-django-oidc>=4.0.1
 python-keycloak>=5.8.1
+requests
 
 [dev]
 pytest>=7.0
@@ -13,6 +14,7 @@ tox>=3.25
 [django-keycloak]
 PyJWT>=2.10.1
 mozilla-django-oidc>=4.0.1
+requests
 
 [django-keycloak-groups]
 python-keycloak>=5.8.1

{cardo_python_utils-0.5.dev30 → cardo_python_utils-0.5.dev32}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "cardo-python-utils"
-version = "0.5.dev30"
+version = "0.5.dev32"
 description = "Python library enhanced with a wide range of functions for different scenarios."
 readme = "README.rst"
 requires-python = ">=3.8"
@@ -34,6 +34,7 @@ dependencies = []
 django-keycloak = [
     "PyJWT>=2.10.1",
     "mozilla-django-oidc>=4.0.1",
+    "requests",
 ]
 django-keycloak-groups = [
     "python-keycloak>=5.8.1",
@@ -42,6 +43,7 @@ all = [
     "PyJWT>=2.10.1",
     "mozilla-django-oidc>=4.0.1",
     "python-keycloak>=5.8.1",
+    "requests",
 ]
 dev = [
     "pytest>=7.0",

cardo_python_utils-0.5.dev32/python_utils/django/README.md

@@ -0,0 +1,122 @@
+This package provides utilities for facilitating IDP communication and multi-tenancy support.
+
+# Usage
+
+
+## Environment variables to set
+
+- AWS_STORAGE_TENANT_BUCKET_NAMES
+    - A JSON dictionary where each key is the tenant name and the value is the bucket name.
+- DATABASE_CONFIG
+    - A dictionary where each key is the tenant name and the value is a dict with the datase config.
+    - If multiple 'DATABASE_CONFIG'-prefixed variables are set, they will be merged into a single dictionary. 
+- KEYCLOAK_SERVER_URL
+    - The URL of the Keycloak deployment
+- KEYCLOAK_CONFIDENTIAL_CLIENT_ID
+    - The id of the confidential client of the backend service
+
+## settings.py file
+
+### For multi-tenancy
+
+```python3
+INSTALLED_APPS = [
+    ...
+    "python_utils.django",
+    ...
+]
+
+MIDDLEWARE = [
+    "python_utils.django.middleware.TenantAwareHttpMiddleware",
+    ...
+]
+
+# Include the database configuration for each tenant in the DATABASES setting.
+# You can use the get_database_configs() function from python_utils.django.db.utils as a helper.
+DATABASES = {
+    'tenant1': { ... },
+    'tenant2': { ... },
+    ...
+}
+
+# If you want to override the database alias to use for local development (when DEBUG is True).
+# By default, the first database defined in DATABASES is used.
+DEVELOPMENT_TENANT = "development"
+
+# This is required to use the tenant context when routing database queries
+DATABASE_ROUTERS = [
+    "python_utils.django.db.routers.TenantAwareRouter"
+]
+
+# If using celery, set the task class to TenantAwareTask:
+CELERY_TASK_CLS = "python_utils.django.celery.TenantAwareTask"
+
+# If using Redis caching, configure the cache backend as follows:
+CACHES = {
+    "default": {
+        "BACKEND": "django_redis.cache.RedisCache",
+        "LOCATION": REDIS_LOCATION,
+        "KEY_FUNCTION": "python_utils.django.redis.make_tenant_aware_key",
+        **OPTIONS,
+    }
+}
+
+# If using Django Storages with S3, configure the storage backends as follows:
+STORAGES = {
+    "default": {
+        "BACKEND": "python_utils.django.storage.TenantAwarePrivateS3Storage",
+    },
+}
+
+# If you want to exclude certain paths from tenant processing, use TENANT_AWARE_EXCLUDED_PATHS:
+# They are considered as prefixes, so all paths starting with the given strings will be excluded.
+TENANT_AWARE_EXCLUDED_PATHS = ("/some/path",)
+```
+
+### For OIDC auth
+
+```python3
+from python_utils.django.admin.templates import TEMPLATE_PATH
+
+INSTALLED_APPS.append("mozilla_django_oidc")
+TEMPLATES[0]["DIRS"].append(TEMPLATE_PATH)
+
+JWT_AUDIENCE = "myapp"
+JWT_SCOPE_PREFIX = "myapp"
+
+# If using DRF
+REST_FRAMEWORK.update(
+    {
+        "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
+        "DEFAULT_AUTHENTICATION_CLASSES": ("python_utils.django.api.drf.AuthenticationBackend",),
+        "DEFAULT_PERMISSION_CLASSES": (
+            "rest_framework.permissions.IsAuthenticated",
+            "python_utils.django.api.drf.HasScope",
+        ),
+    }
+)
+
+# Admin auth backends
+AUTHENTICATION_BACKENDS = [
+    "django.contrib.auth.backends.ModelBackend",
+    "python_utils.django.admin.auth.AdminAuthenticationBackend",
+]
+
+# If user groups are used for Row Level Security (RLS)
+KEYCLOAK_USER_GROUP_MODEL = "myapp.UserGroup"
+
+KEYCLOAK_CONFIDENTIAL_CLIENT_ID = os.getenv("KEYCLOAK_CONFIDENTIAL_CLIENT_ID", f"{JWT_AUDIENCE}_confidential")
+
+OIDC_RP_CLIENT_ID = KEYCLOAK_CONFIDENTIAL_CLIENT_ID
+OIDC_RP_CLIENT_SECRET = None
+OIDC_RP_SIGN_ALGO = "RS256"
+OIDC_CREATE_USER = True
+
+LOGIN_REDIRECT_URL = "/admin"
+SESSION_COOKIE_AGE = 60 * 30  # 30 minutes
+SESSION_SAVE_EVERY_REQUEST = True  # Extend session on each request
+```
+
+## With django-ninja
+
+If using `django-ninja`, apart from the settings configured above, auth utils are provided in the django/api/ninja.py module.

cardo_python_utils-0.5.dev32/python_utils/django/__init__.py

@@ -0,0 +1 @@
+default_app_config = "python_utils.django.apps.DjangoAppConfig"

{cardo_python_utils-0.5.dev30/python_utils/keycloak → cardo_python_utils-0.5.dev32/python_utils}/django/admin/auth.py

@@ -1,17 +1,48 @@
 from django.conf import settings
 from mozilla_django_oidc.auth import OIDCAuthenticationBackend
 
-from ...utils import get_keycloak_confidential_client_token
+from ..oidc_settings import (
+    get_oidc_confidential_client_token,
+    get_oidc_op_token_endpoint,
+    get_oidc_op_user_endpoint,
+    get_oidc_op_jwks_endpoint,
+)
 
 
 class AdminAuthenticationBackend(OIDCAuthenticationBackend):
+    """
+    Tenant-aware OIDC authentication backend for Django admin.
+
+    This backend dynamically resolves OIDC endpoints based on the current
+    tenant context, allowing each tenant to authenticate against their
+    own Keycloak realm.
+    """
+
+    @property
+    def OIDC_OP_TOKEN_ENDPOINT(self):
+        """Dynamically get the token endpoint for the current tenant."""
+
+        return get_oidc_op_token_endpoint()
+
+    @property
+    def OIDC_OP_USER_ENDPOINT(self):
+        """Dynamically get the userinfo endpoint for the current tenant."""
+
+        return get_oidc_op_user_endpoint()
+
+    @property
+    def OIDC_OP_JWKS_ENDPOINT(self):
+        """Dynamically get the JWKS endpoint for the current tenant."""
+
+        return get_oidc_op_jwks_endpoint()
+
     def get_token(self, payload):
         # Instead of passing client_id and client_secret,
         # client_assertion with service account token will be used
         payload.pop("client_id", None)
         payload.pop("client_secret", None)
 
-        return get_keycloak_confidential_client_token(**payload)
+        return get_oidc_confidential_client_token(**payload)
 
     def _get_user_data(self, claims) -> dict:
         client_roles = (

cardo_python_utils-0.5.dev32/python_utils/django/admin/templates/__init__.py

@@ -0,0 +1,3 @@
+import os
+
+TEMPLATE_PATH = os.path.dirname(__file__)

{cardo_python_utils-0.5.dev30/python_utils/keycloak → cardo_python_utils-0.5.dev32/python_utils}/django/admin/user_group.py

@@ -5,7 +5,7 @@ from django.db.models import Count
 from django.urls import path
 from django.shortcuts import redirect
 
-from ..service import KeycloakService
+from ..auth.service import KeycloakService
 
 
 class UserGroupAdminMetaclass(forms.MediaDefiningClass):
@@ -134,7 +134,7 @@ class UserGroupAdminBase(admin.ModelAdmin, metaclass=UserGroupAdminMetaclass):
         ]
 
     @staticmethod
-    def sync_groups_with_keycloak(request):  # noqa
+    def sync_groups_with_keycloak(request):
         """Syncs user groups with Keycloak"""
 
         try:

cardo_python_utils-0.5.dev32/python_utils/django/admin/views.py

@@ -0,0 +1,63 @@
+"""
+Tenant-aware OIDC views for mozilla-django-oidc.
+
+These views override the default mozilla-django-oidc views to dynamically
+resolve OIDC endpoints based on the current tenant context.
+"""
+
+from mozilla_django_oidc.views import (
+    OIDCAuthenticationCallbackView,
+    OIDCAuthenticationRequestView,
+    OIDCLogoutView,
+)
+
+from ..oidc_settings import (
+    get_oidc_op_authorization_endpoint,
+    get_oidc_op_logout_endpoint,
+)
+
+
+class TenantAwareOIDCAuthenticationRequestView(OIDCAuthenticationRequestView):
+    """
+    Tenant-aware OIDC authentication request view.
+
+    Dynamically resolves the authorization endpoint based on the current tenant.
+    """
+
+    @property
+    def OIDC_OP_AUTH_ENDPOINT(self):
+        """Dynamically get the authorization endpoint for the current tenant."""
+        return get_oidc_op_authorization_endpoint()
+
+    def get_settings(self, attr, *args):
+        if attr == "OIDC_OP_AUTHORIZATION_ENDPOINT":
+            return self.OIDC_OP_AUTH_ENDPOINT
+        return super().get_settings(attr, *args)
+
+
+class TenantAwareOIDCAuthenticationCallbackView(OIDCAuthenticationCallbackView):
+    """
+    Tenant-aware OIDC authentication callback view.
+
+    Uses the tenant-aware authentication backend.
+    """
+
+    pass
+
+
+class TenantAwareOIDCLogoutView(OIDCLogoutView):
+    """
+    Tenant-aware OIDC logout view.
+
+    Dynamically resolves the logout endpoint based on the current tenant.
+    """
+
+    @property
+    def OIDC_OP_LOGOUT_ENDPOINT(self):
+        """Dynamically get the logout endpoint for the current tenant."""
+        return get_oidc_op_logout_endpoint()
+
+    def get_settings(self, attr, *args):
+        if attr == "OIDC_OP_LOGOUT_ENDPOINT":
+            return self.OIDC_OP_LOGOUT_ENDPOINT
+        return super().get_settings(attr, *args)

{cardo_python_utils-0.5.dev30/python_utils/keycloak → cardo_python_utils-0.5.dev32/python_utils}/django/api/utils.py

@@ -4,10 +4,26 @@ from django.conf import settings
 from django.contrib.auth import get_user_model
 from jwt import decode, PyJWKClient
 
-jwks_client = PyJWKClient(getattr(settings, "JWKS_URL", ""))
+from django.oidc_settings import get_oidc_op_jwks_endpoint
+
+from ..tenant_context import TenantContext
+
+JWKS_CLIENTS = {}  # Cache for PyJWKClient instances
+
+
+def get_jwks_client():
+    tenant = TenantContext.get()
+
+    if tenant not in JWKS_CLIENTS:
+        jwks_client = PyJWKClient(get_oidc_op_jwks_endpoint())
+        JWKS_CLIENTS[tenant] = jwks_client
+
+    return JWKS_CLIENTS[tenant]
+
 
 User = get_user_model()
 
+
 class TokenPayload(TypedDict, total=False):
     exp: int
     iat: int
@@ -35,6 +51,7 @@ def decode_jwt(token: str, audience: Optional[str] = None) -> TokenPayload:
         jwt.exceptions.PyJWKClientError: If there is an error fetching the signing key.
         jwt.exceptions.InvalidTokenError: If the token is invalid or cannot be decoded.
     """
+    jwks_client = get_jwks_client()
     signing_key = jwks_client.get_signing_key_from_jwt(token)
 
     if audience is None:

cardo_python_utils-0.5.dev32/python_utils/django/apps.py

@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class DjangoAppConfig(AppConfig):
+    name = "python_utils.django"

{cardo_python_utils-0.5.dev30/python_utils/keycloak/django → cardo_python_utils-0.5.dev32/python_utils/django/auth}/service.py

@@ -5,12 +5,12 @@ from keycloak import KeycloakAdmin
 from keycloak import KeycloakOpenIDConnection
 from keycloak.exceptions import KeycloakGetError
 
-from ..utils import (
+from ..oidc_settings import (
     KEYCLOAK_SERVER_URL,
-    KEYCLOAK_REALM,
     KEYCLOAK_CONFIDENTIAL_CLIENT_ID,
-    get_keycloak_confidential_client_token,
+    get_oidc_confidential_client_token,
 )
+from ..tenant_context import TenantContext
 
 
 def get_user_group_model():
@@ -67,12 +67,14 @@ class KeycloakService:
             deleted_groups.delete()
 
     def _get_keycloak_admin(self):
+        tenant = TenantContext.get()
+
         keycloak_connection = KeycloakOpenIDConnection(
             server_url=KEYCLOAK_SERVER_URL,
-            realm_name=KEYCLOAK_REALM,
-            user_realm_name=KEYCLOAK_REALM,
+            realm_name=tenant,
+            user_realm_name=tenant,
             client_id=KEYCLOAK_CONFIDENTIAL_CLIENT_ID,
-            token=get_keycloak_confidential_client_token(),
+            token=get_oidc_confidential_client_token(),
             verify=True,
         )
         return KeycloakAdmin(connection=keycloak_connection)

cardo_python_utils-0.5.dev32/python_utils/django/celery/__init__.py

@@ -0,0 +1,4 @@
+from .tenant_aware_task import TenantAwareTask
+
+
+__all__ = ["TenantAwareTask"]

cardo_python_utils-0.5.dev32/python_utils/django/celery/tenant_aware_task.py

@@ -0,0 +1,31 @@
+from celery import Task
+
+from ..settings import TENANT_KEY
+from ..tenant_context import TenantContext
+
+
+class TenantAwareTask(Task):
+    #: Enable argument checking.
+    #: You can set this to false if you don't want the signature to be
+    #: checked when calling the task.
+    #: Set to false because we are attaching a tenant to the task
+    #: and we don't want to check the signature.
+    #: Defaults to :attr:`app.strict_typing <@Celery.strict_typing>`.
+    typing = False
+
+    def __call__(self, *args, **kwargs):
+        """Override the __call__ method to set the tenant name in the thread namespace."""
+
+        # Celery backend_cleanup doesn't need a tenant and cannot be configured to pass the tenant kwarg
+        # because it is dynamically generated at @connect_on_app_finalize by celery itself
+        # ref: celery/app/builtins.py def add_backend_cleanup_task
+        if self.name != "celery.backend_cleanup":
+            tenant = kwargs.pop(TENANT_KEY)
+            TenantContext.set(tenant)
+
+        return self.run(*args, **kwargs)
+
+    def after_return(self, status, retval, task_id, args, kwargs, einfo):
+        """Clear the tenant from the thread namespace after the task has returned."""
+        TenantContext.clear()
+        super().after_return(status, retval, task_id, args, kwargs, einfo)

cardo_python_utils-0.5.dev32/python_utils/django/db/routers.py

@@ -0,0 +1,11 @@
+from ..tenant_context import TenantContext
+
+
+class TenantAwareRouter:
+    @staticmethod
+    def db_for_read(model, **hints):
+        return TenantContext.get()
+
+    @staticmethod
+    def db_for_write(model, **hints):
+        return TenantContext.get()

cardo_python_utils-0.5.dev32/python_utils/django/db/transaction.py

@@ -0,0 +1,26 @@
+from django.db.transaction import Atomic
+
+from ..tenant_context import TenantContext
+
+
+class TenantAtomic(Atomic):
+    """
+    A transaction that can be used in a multi-tenant application.
+    This transaction is bound to the current tenant.
+    The default implementation is to use the default database.
+    We want to override this by using the tenant database alias instead.
+    """
+
+    def __enter__(self):
+        self.using = TenantContext.get()
+        super().__enter__()
+
+
+def tenant_atomic(using=None, savepoint=True, durable=False):
+    # Bare decorator: @atomic -- although the first argument is called
+    # `using`, it's actually the function being decorated.
+    if callable(using):
+        return TenantAtomic(using=None, savepoint=savepoint, durable=durable)(using)
+    # Decorator: @atomic(...) or context manager: with atomic(...): ...
+    else:
+        return TenantAtomic(using, savepoint, durable)

cardo_python_utils-0.5.dev32/python_utils/django/db/utils.py

@@ -0,0 +1,66 @@
+from functools import reduce
+import json
+import os
+from typing import NotRequired, TypedDict
+from django.db import connections
+
+
+class DatabaseConfigData(TypedDict):
+    host: str
+    name: str
+    user: str
+    password: str
+    port: NotRequired[int]
+
+
+def get_connection(tenant: str = None):
+    """
+    Get the connection to the database with the given tenant or the default one.
+    Default value will be retrieved from TenantContext.get()
+    This uses the connections dict from django.db to get the required connection.
+
+    The default implementation of this function uses the 'default' alias
+    if not argument is given. We want to use the TenantContext class to
+    determine the correct alias.
+    Args:
+        tenant: Name of the tenant database alias
+
+    Returns:    The connection to the database
+
+    """
+    from ..tenant_context import TenantContext
+
+    database_alias = tenant or TenantContext.get()
+    connection = connections[database_alias]
+
+    return connection
+
+
+def get_database_configs() -> dict[str, DatabaseConfigData]:
+    """
+    The env variables prefixed with 'DATABASE_CONFIG' should be provided in the following format:
+    {
+        "tenant1": {
+            "host": "",
+            "name": "",
+            "user": "",
+            "password": "",
+            "port": 5432 / null
+        },
+        "tenant2": {
+            "host": "",
+            "name": "",
+            "user": "",
+            "password": ""
+        }
+    }
+    If multiple 'DATABASE_CONFIG'-prefixed variables are set, they will be merged into a single dictionary.
+    """
+    configs = [json.loads(v or "{}") for k, v in os.environ.items() if k.startswith("DATABASE_CONFIG")]
+    database_configs = reduce(lambda a, b: {**a, **b}, configs, {})
+    for tenant, db_config in database_configs.items():
+        for key in ["host", "name", "user", "password"]:
+            if key not in db_config:
+                raise ValueError(f"Missing required database config '{key}' for tenant {tenant}")
+
+    return database_configs

cardo_python_utils-0.5.dev32/python_utils/django/management/commands/migrateall.py

@@ -0,0 +1,25 @@
+from django.core.management.commands.migrate import Command as BaseMigrateCommand
+from django.db.models.signals import post_migrate, pre_migrate
+from django.dispatch import receiver
+
+from ...settings import TENANT_DATABASES
+from ...tenant_context import TenantContext
+
+
+@receiver(pre_migrate)
+def set_tenant_pre_migrate(sender, **kwargs):
+    database_alias = kwargs.get("using")
+    TenantContext.set(database_alias)
+
+
+@receiver(post_migrate)
+def clear_tenant_post_migrate(sender, **kwargs):
+    TenantContext.clear()
+
+
+class Command(BaseMigrateCommand):
+    def handle(self, *args, **options):
+        for tenant in TENANT_DATABASES:
+            self.stdout.write(f"Migrating tenant: {tenant}")
+            options["database"] = tenant
+            super().handle(*args, **options)