wsgi: add delete-test-users command
HEAD mainAdd delete-test-users which reads the credentials file produced by
create-test-users and deletes all listed users unconditionally via
delete_users_by_id, bypassing policy checks. Intended for CI teardown.
1 files changed, 25 insertions, 0 deletions
diff --git a/gn_auth/wsgi.py b/gn_auth/wsgi.py
index bc90210..2db44fe 100644
--- a/gn_auth/wsgi.py
+++ b/gn_auth/wsgi.py
@@ -462,6 +462,31 @@ def delete_oauth2_client(credentials_path):
delete_client(conn, the_client.value)
print(f"Deleted OAuth2 client {client_id}.")
+
+@app.cli.command()
+@click.option("--credentials", "credentials_path", required=True,
+ type=click.Path(exists=True),
+ help="Credentials file produced by create-test-users")
+def delete_test_users(credentials_path):
+ """Delete ephemeral test users using a credentials file.
+
+ Reads the credentials file produced by create-test-users and deletes
+ all listed users unconditionally, bypassing policy checks. Intended
+ for CI test teardown.
+ """
+ with open(credentials_path) as f:
+ data = json.load(f)
+
+ user_ids = tuple(
+ uuid.UUID(u["user_id"]) for u in data.get("users", []))
+ if not user_ids:
+ print("No users found in credentials file.", file=sys.stderr)
+ sys.exit(1)
+
+ with db.connection(app.config["AUTH_DB"]) as conn:
+ deleted = delete_users_by_id(conn, user_ids)
+ print(f"Deleted {deleted} user(s).")
+
##### END: CLI Commands #####
if __name__ == '__main__':
|
