Merge pull request #1202 from uc-cdis/feat/remove_role_from_admin_end…

…points Feat: remove role from POST /admin/user endpoint
uc-cdis · Nov 20, 2024 · d76a19c · d76a19c
2 parents aca9dc0 + 819405b
commit d76a19c
Show file tree

Hide file tree

Showing 4 changed files with 3 additions and 12 deletions.
diff --git a/fence/blueprints/admin.py b/fence/blueprints/admin.py
@@ -84,7 +84,6 @@ def create_user():
     Returns a json object
     """
     username = request.get_json().get("username", None)
-    role = request.get_json().get("role", None)
     email = request.get_json().get("email", None)
     display_name = request.get_json().get("display_name", None)
     phone_number = request.get_json().get("phone_number", None)
@@ -95,7 +94,6 @@ def create_user():
         admin.create_user(
             current_app.scoped_session(),
             username,
-            role,
             email,
             display_name,
             phone_number,

diff --git a/fence/resources/admin/admin_users.py b/fence/resources/admin/admin_users.py
@@ -98,7 +98,6 @@ def get_user_groups(current_session, username):
 def create_user(
     current_session,
     username,
-    role,
     email,
     display_name=None,
     phone_number=None,
@@ -136,9 +135,8 @@ def create_user(
                 )
             )
         logger.debug(f"User does not yet exist for: {username}. Creating a new one...")
-        is_admin = role == "admin"
         email_add = email
-        usr = User(username=username, active=True, is_admin=is_admin, email=email_add)
+        usr = User(username=username, active=True, email=email_add)
         usr.display_name = display_name
         usr.phone_number = phone_number
 

diff --git a/openapis/swagger.yaml b/openapis/swagger.yaml
@@ -1771,15 +1771,11 @@ components:
       type: object
       required:
         - username
-        - role
         - email
       properties:
         username:
           type: string
           description: 'This value is deprecated in favor of name.'
-        role:
-          type: string
-          description: 'Set to "admin" if the user should be given admin rights. Any other value is not parsed or used, and results in user being a normal/regular user.'
         email:
           type: string
           description: 'The email of the end-user'

diff --git a/tests/admin/test_admin_users.py b/tests/admin/test_admin_users.py
@@ -25,10 +25,10 @@ def test_get_user(db_session, awg_users):
 
 
 def test_create_user(db_session, oauth_client):
-    adm.create_user(db_session, "insert_user", "admin", "[email protected]")
+    adm.create_user(db_session, "insert_user", "[email protected]")
     user = db_session.query(User).filter(User.username == "insert_user").first()
     assert user.username == "insert_user"
-    assert user.is_admin == True
+    assert user.is_admin == False  # DEPRECATED field.
     assert user.email == "[email protected]"
     assert user.display_name is None
     assert user.phone_number is None
@@ -46,7 +46,6 @@ def test_create_user_with_all_fields_set(db_session, oauth_client):
     adm.create_user(
         db_session,
         "insert_user",
-        None,
         "[email protected]",
         "Dummy Name",
         "+310000",