1
|
|
|
""" |
2
|
|
|
byceps.cli.command.create_superuser |
3
|
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
4
|
|
|
|
5
|
|
|
Create a superuser with admin privileges. |
6
|
|
|
|
7
|
|
|
:Copyright: 2014-2024 Jochen Kupperschmidt |
8
|
|
|
:License: Revised BSD (see `LICENSE` file for details) |
9
|
|
|
""" |
10
|
|
|
|
11
|
|
|
import click |
12
|
|
|
from flask.cli import with_appcontext |
13
|
|
|
|
14
|
|
|
from byceps.services.authz import authz_service |
15
|
|
|
from byceps.services.authz.models import RoleID |
16
|
|
|
from byceps.services.user import ( |
17
|
|
|
user_command_service, |
18
|
|
|
user_creation_service, |
19
|
|
|
user_email_address_service, |
20
|
|
|
) |
21
|
|
|
from byceps.services.user.models.user import User |
22
|
|
|
|
23
|
|
|
|
24
|
|
|
@click.command() |
25
|
|
|
@click.option('--screen_name', prompt=True) |
26
|
|
|
@click.option('--email_address', prompt=True) |
27
|
|
|
@click.option('--password', prompt=True, hide_input=True) |
28
|
|
|
@with_appcontext |
29
|
|
|
def create_superuser(screen_name, email_address, password) -> None: |
30
|
|
|
"""Create a superuser with all roles assigned.""" |
31
|
|
|
click.echo(f'Creating user "{screen_name}" ... ', nl=False) |
32
|
|
|
user = _create_user(screen_name, email_address, password) |
33
|
|
|
click.secho('done.', fg='green') |
34
|
|
|
|
35
|
|
|
click.echo(f'Initializing user "{screen_name}" ... ', nl=False) |
36
|
|
|
user_command_service.initialize_account(user) |
37
|
|
|
click.secho('done.', fg='green') |
38
|
|
|
|
39
|
|
|
user_email_address_service.confirm_email_address( |
40
|
|
|
user, email_address |
41
|
|
|
).unwrap() |
42
|
|
|
|
43
|
|
|
role_ids = _get_role_ids() |
44
|
|
|
click.echo( |
45
|
|
|
f'Assigning {len(role_ids)} roles to user "{screen_name}" ... ', |
46
|
|
|
nl=False, |
47
|
|
|
) |
48
|
|
|
_assign_roles_to_user(role_ids, user) |
49
|
|
|
click.secho('done.', fg='green') |
50
|
|
|
|
51
|
|
|
|
52
|
|
|
def _create_user(screen_name: str, email_address: str, password: str) -> User: |
53
|
|
|
creation_result = user_creation_service.create_user( |
54
|
|
|
screen_name, |
55
|
|
|
email_address, |
56
|
|
|
password, |
57
|
|
|
creation_method='superuser creation command', |
58
|
|
|
) |
59
|
|
|
if creation_result.is_err(): |
60
|
|
|
error_message = creation_result.unwrap_err() |
61
|
|
|
raise click.UsageError(f'User creation failed: {error_message}') |
62
|
|
|
|
63
|
|
|
user, event = creation_result.unwrap() |
64
|
|
|
|
65
|
|
|
return user |
66
|
|
|
|
67
|
|
|
|
68
|
|
|
def _get_role_ids() -> set[RoleID]: |
69
|
|
|
return authz_service.get_all_role_ids() |
70
|
|
|
|
71
|
|
|
|
72
|
|
|
def _assign_roles_to_user(role_ids: set[RoleID], user: User) -> None: |
73
|
|
|
for role_id in role_ids: |
74
|
|
|
authz_service.assign_role_to_user(role_id, user) |
75
|
|
|
|