Follow-up issues for disabled organizations and deactivated devices
Federico Capoano
We recently completed the first phase of work to ensure deactivated devices behave consistently in OpenWISP.
The controller now has generic enforcement for deactivated devices, so device configuration, provisioning, and related controller operations can stop acting on devices that have been intentionally decommissioned.
While reviewing that work, we also audited other OpenWISP modules using the OpenWISP Device Operation Analysis spreadsheet.
The goal was to identify operations that may still act on deactivated devices, or on disabled organizations (whose is_active flag is set to False).
This is needed because several OpenWISP modules perform work outside the normal admin or REST API request flow.
Examples include Celery tasks, scheduled jobs, signal handlers, key-auth ingestion endpoints, monitoring workflows, firmware upgrade jobs, RADIUS accounting, notifications, and topology/device integration logic. These paths can bypass UI-level filtering unless explicit checks are added in the model, task, or service layer.
The intended policy is:
- disabled organizations should remain readable and deletable where appropriate;
- disabled organizations should not receive new writes or automated processing;
- deactivated devices should not be selected for new operational work;
- cleanup and status synchronization should continue when needed to keep data consistent.
I wanted to inform you about this because we found out OpenWISP modules do not always behave consistently in regards to these two aspects (deactivated devices and disabled organizations) but we're working to fix this.
Recent completed work:
openwisp/openwisp-controller#1365: [change] Added generic enforcement of deactivated devices #1338
The open issues below track the remaining work across repositories:
openwisp/openwisp-controller#1393: [change] Limit controller operations on disabled organizationsopenwisp/openwisp-users#522: [change] Make disabled organizations readonly but deletableopenwisp/openwisp-notifications#472: [change] Do not generate notifications for disabled organizationsopenwisp/openwisp-firmware-upgrader#382: [bug] Upgrade operations should not include deactivated devicesopenwisp/openwisp-firmware-upgrader#445: [change] Enforce disabled-organization rules in firmware upgradesopenwisp/openwisp-monitoring#811: [change] Prevent monitoring operations on deactivated devicesopenwisp/openwisp-monitoring#812: [change] Enforce disabled-organization rules in monitoringopenwisp/openwisp-radius#729: [change] Enforce disabled-organization rules in RADIUSopenwisp/openwisp-network-topology#302: [change] Respect disabled organizations and deactivated devices in topology operations