From 89f6b81a4d44448ca4f7b29bc6c09fd6205e11f4 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Fri, 10 Feb 2023 11:08:57 +0300
Subject: auth: CLI: Provide a way to set an existing user as a system admin

Provide a way to set a user as a system administrator via CLI.

This method was chosen rather that using the WebUI since most users will not
have access to the CLI. It also means that assigning system administration
privileges will not be an accident, since one has to actually run the command
manually on the CLI.
---
 main.py | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/main.py b/main.py
index 1c810a1..fc12755 100644
--- a/main.py
+++ b/main.py
@@ -1,5 +1,8 @@
 """Main entry point for project"""
+import sys
+import uuid
 import json
+import click
 from math import ceil
 from datetime import datetime
 
@@ -84,6 +87,26 @@ def init_dev_clients():
     with db.connection(app.config["AUTH_DB"]) as conn, db.cursor(conn) as cursor:
         cursor.executemany(dev_clients_query, dev_clients)
 
+
+@app.cli.command()
+@click.argument("user_id", type=click.UUID)
+def assign_system_admin(user_id: uuid.UUID):
+    dburi = app.config["AUTH_DB"]
+    with db.connection(dburi) as conn, db.cursor(conn) as cursor:
+        cursor.execute("SELECT * FROM users WHERE user_id=?",
+                       (str(user_id),))
+        row = cursor.fetchone()
+        if row:
+            cursor.execute(
+                "SELECT * FROM roles WHERE role_name='system-administrator'")
+            admin_role = cursor.fetchone()
+            cursor.execute("INSERT INTO user_roles VALUES (?,?)",
+                           (str(user_id), admin_role["role_id"]))
+            return 0
+        print(f"ERROR: Could not find user with ID {user_id}",
+              file=sys.stderr)
+        sys.exit(1)
+
 ##### END: CLI Commands #####
 
 if __name__ == '__main__':
-- 
cgit v1.2.3