Move system admin creation

Make the system admin creation code part of the core system, and
simply call it from the script(s). This will help with maintenance,
since the changes are done in a single place only.

1 files changed, 23 insertions, 0 deletions

diff --git a/gn_auth/auth/authorisation/users/admin/models.py b/gn_auth/auth/authorisation/users/admin/models.py
new file mode 100644
index 0000000..36f3c09
--- /dev/null
+++ b/gn_auth/auth/authorisation/users/admin/models.py
@@ -0,0 +1,23 @@
+"""Major function for handling admin users."""
+from gn_auth.auth.db import sqlite3 as db
+from gn_auth.auth.authentication.users import User
+
+def make_sys_admin(cursor: db.DbCursor, user: User) -> User:
+    """Make a given user into an system admin."""
+    cursor.execute(
+            "SELECT * FROM roles WHERE role_name='system-administrator'")
+    admin_role = cursor.fetchone()
+    cursor.execute(
+            "SELECT * FROM resources AS r "
+            "INNER JOIN resource_categories AS rc "
+            "ON r.resource_category_id=rc.resource_category_id "
+            "WHERE resource_category_key='system'")
+    the_system = cursor.fetchone()
+    cursor.execute(
+        "INSERT INTO user_roles VALUES (:user_id, :role_id, :resource_id)",
+        {
+            "user_id": str(user.user_id),
+            "role_id": admin_role["role_id"],
+            "resource_id": the_system["resource_id"]
+        })
+    return user