diff options
| author | Claude Sonnet 4.6 | 2026-06-03 00:00:00 +0000 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2026-06-03 13:23:11 -0500 |
| commit | 6d73fe3e0cad51d6525d75f763f0fb095c5d1a85 (patch) | |
| tree | 15d2cca80321388156a86f0f827a1d17350ef51b | |
| parent | abf7b88e44a2400f948fe6768fd217543c42678c (diff) | |
| download | gn-auth-6d73fe3e0cad51d6525d75f763f0fb095c5d1a85.tar.gz | |
wsgi: add delete-users CLI command
Add a delete-users command that removes one or more users by UUID, unconditionally bypassing the policy checks in the HTTP endpoint. Delegates to delete_users_by_id from the authorisation users models.
| -rw-r--r-- | gn_auth/wsgi.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/gn_auth/wsgi.py b/gn_auth/wsgi.py index 4950995..12c64fe 100644 --- a/gn_auth/wsgi.py +++ b/gn_auth/wsgi.py @@ -20,6 +20,7 @@ from gn_auth.auth.authentication.users import ( from gn_auth.auth.authorisation.roles.models import assign_default_roles from gn_auth.auth.authorisation.users.admin.models import ( make_sys_admin, grant_sysadmin_role) +from gn_auth.auth.authorisation.users.models import delete_users_by_id from gn_auth.scripts import register_sys_admin as rsysadm# type: ignore[import] @@ -213,6 +214,24 @@ def create_users(user_specs, output_path): __write_output__({"users": records}, output_path) + +@app.cli.command() +@click.option("--user-id", "user_ids", multiple=True, type=click.UUID, + help="UUID of a user to delete (repeatable)") +def delete_users(user_ids): + """Delete one or more users by ID, bypassing policy checks. + + Removes users unconditionally regardless of their roles or group + memberships. Use with care — intended for test teardown and administration. + """ + if not user_ids: + print("No user IDs specified.", file=sys.stderr) + sys.exit(1) + + with db.connection(app.config["AUTH_DB"]) as conn: + deleted = delete_users_by_id(conn, tuple(user_ids)) + print(f"Deleted {deleted} user(s).") + ##### END: CLI Commands ##### if __name__ == '__main__': |