Merge branch '191-allow-removing-user-app-role-from-cli' into 'main'

Resolve "Allow removing user app role from CLI" Closes #191 See merge request !172

Merge branch '191-allow-removing-user-app-role-from-cli' into 'main'
Resolve "Allow removing user app role from CLI" Closes #191 See merge request !172
97d464fe · Arie Peterson · 1c3b33e6 · a72ea912 · 97d464fe
Commit 97d464fe authored 1 year ago by Arie Peterson
--- a/backend/cliapp/cliapp/cli.py
+++ b/backend/cliapp/cliapp/cli.py
@@ -207,8 +207,8 @@ def setrole(email, app_slug, role):
    # Find user
    user = KratosUser.find_by_email(kratos_identity_api, email)
-    if role not in ("admin", "user"):
+    if role not in ("admin", "user", "none"):
-        print("At this point only the roles 'admin' and 'user' are accepted")
+        print("At this point the only accepted roles are 'admin', 'user' and 'none'.")
        sys.exit(1)
    if not user:
@@ -227,17 +227,21 @@ def setrole(email, app_slug, role):
        .first()
    )
+    # Always delete the old role for this app and user if it exists.
    if role_obj:
        db.session.delete(role_obj)
-    role = Role.query.filter(func.lower(Role.name) == func.lower(role)).first()
+    # If the new role is not "none", add it.
+    if role in ("admin", "user"):
+        role = Role.query.filter(func.lower(Role.name) == func.lower(role)).first()
-    obj = AppRole()
+        obj = AppRole()
-    obj.user_id = user.uuid
+        obj.user_id = user.uuid
-    obj.app_id = app_obj.id
+        obj.app_id = app_obj.id
-    obj.role_id = role.id if role else None
+        obj.role_id = role.id if role else None
+        db.session.add(obj)
-    db.session.add(obj)
    db.session.commit()