|
# retoor <retoor@molodetz.nl>
|
|
|
|
import sys
|
|
from devplacepy.database import get_table, invalidate_admins_cache
|
|
from devplacepy.cli._shared import _audit_cli
|
|
|
|
|
|
def cmd_role_get(args):
|
|
users = get_table("users")
|
|
user = users.find_one(username=args.username)
|
|
if not user:
|
|
print(f"User '{args.username}' not found")
|
|
sys.exit(1)
|
|
print(user.get("role", "member").lower())
|
|
|
|
|
|
def cmd_role_set(args):
|
|
role = args.role.lower()
|
|
if role not in ("member", "admin"):
|
|
print("Role must be 'member' or 'admin'")
|
|
sys.exit(1)
|
|
|
|
users = get_table("users")
|
|
user = users.find_one(username=args.username)
|
|
if not user:
|
|
print(f"User '{args.username}' not found")
|
|
sys.exit(1)
|
|
|
|
old_role = user.get("role")
|
|
users.update({"uid": user["uid"], "role": role.capitalize()}, ["uid"])
|
|
invalidate_admins_cache()
|
|
from devplacepy.services.audit import record as audit
|
|
|
|
_audit_cli(
|
|
"cli.role.set",
|
|
f"CLI set role of user {args.username} from {old_role} to {role.capitalize()}",
|
|
metadata={"old": old_role, "new": role.capitalize()},
|
|
target_type="user",
|
|
target_uid=user["uid"],
|
|
target_label=args.username,
|
|
links=[audit.target("user", user["uid"], args.username)],
|
|
)
|
|
print(f"User '{args.username}' role set to '{role}'")
|
|
|
|
|
|
def register_roles(subparsers):
|
|
role = subparsers.add_parser("role", help="Manage user roles")
|
|
role_sub = role.add_subparsers(title="action", dest="action")
|
|
|
|
role_get = role_sub.add_parser("get", help="Get a user's role")
|
|
role_get.add_argument("username")
|
|
role_get.set_defaults(func=cmd_role_get)
|
|
|
|
role_set = role_sub.add_parser("set", help="Set a user's role")
|
|
role_set.add_argument("username")
|
|
role_set.add_argument("role", choices=["member", "admin"])
|
|
role_set.set_defaults(func=cmd_role_set)
|