Merge pull request #4836 from fosterseth/fix-4334-active-user-removed

check if User exists before saving UserSessionMembership

Reviewed-by: https://github.com/apps/softwarefactory-project-zuul

awx/main/signals.py

@@ -684,16 +684,18 @@ def save_user_session_membership(sender, **kwargs):
         return
     if UserSessionMembership.objects.filter(user=user_id, session=session).exists():
         return
-    UserSessionMembership(user_id=user_id, session=session, created=timezone.now()).save()
+    # check if user_id from session has an id match in User before saving
-    expired = UserSessionMembership.get_memberships_over_limit(user_id)
+    if User.objects.filter(id=int(user_id)).exists():
-    for membership in expired:
+        UserSessionMembership(user_id=user_id, session=session, created=timezone.now()).save()
-        Session.objects.filter(session_key__in=[membership.session_id]).delete()
+        expired = UserSessionMembership.get_memberships_over_limit(user_id)
-        membership.delete()
+        for membership in expired:
-    if len(expired):
+            Session.objects.filter(session_key__in=[membership.session_id]).delete()
-        consumers.emit_channel_notification(
+            membership.delete()
-            'control-limit_reached_{}'.format(user_id),
+        if len(expired):
-            dict(group_name='control', reason='limit_reached')
+            consumers.emit_channel_notification(
-        )
+                'control-limit_reached_{}'.format(user_id),
+                dict(group_name='control', reason='limit_reached')
+            )
 
 
 @receiver(post_save, sender=OAuth2AccessToken)