#!/usr/bin/env python3 """ Assign Role to User in Aumentum Database Assigns a role to an existing user """ import sys from aumentum_browser_service import AumentumBrowserService, DEFAULT_DB_CONFIG, DEFAULT_CONTENTSTORE_BASE def assign_role_to_user(username: str, role_name: str) -> bool: """ Assign a role to a user Args: username: Username role_name: Role name (e.g., 'ROLE_INDEXING_OFFICER') Returns: True if successful, False otherwise """ service = AumentumBrowserService( db_config=DEFAULT_DB_CONFIG, contentstore_base=DEFAULT_CONTENTSTORE_BASE ) conn = service._get_db_connection() cursor = conn.cursor() try: db_type = service.db_config.get("type", "mssql").lower() # Get user ID if db_type == "mysql": cursor.execute("SELECT id FROM alf_authority WHERE authority = %s AND authority NOT LIKE 'ROLE_%%' AND authority NOT LIKE 'GROUP_%%'", (username,)) else: cursor.execute("SELECT id FROM LRSAdmin.alf_authority WHERE authority = ? AND authority NOT LIKE 'ROLE_%' AND authority NOT LIKE 'GROUP_%'", (username,)) user_row = cursor.fetchone() if not user_row: print(f"❌ User '{username}' not found!") return False user_id = user_row[0] # Get role ID if db_type == "mysql": cursor.execute("SELECT id FROM alf_authority WHERE authority = %s", (role_name,)) else: cursor.execute("SELECT id FROM LRSAdmin.alf_authority WHERE authority = ?", (role_name,)) role_row = cursor.fetchone() if not role_row: print(f"❌ Role '{role_name}' not found! Create it first using: PYTHONPATH=. python scripts/create_roles.py") return False role_id = role_row[0] # Check if link already exists if db_type == "mysql": cursor.execute(""" SELECT id FROM alf_authority_alias WHERE auth_id = %s AND alias_id = %s """, (user_id, role_id)) else: cursor.execute(""" SELECT id FROM LRSAdmin.alf_authority_alias WHERE auth_id = ? AND alias_id = ? """, (user_id, role_id)) if cursor.fetchone(): print(f"✅ User '{username}' already has role '{role_name}'") return True # Get next alias ID if db_type == "mysql": cursor.execute("SELECT MAX(id) FROM alf_authority_alias") else: cursor.execute("SELECT MAX(id) FROM LRSAdmin.alf_authority_alias") max_alias_id = cursor.fetchone()[0] alias_id = (max_alias_id or 0) + 1 # Create link if db_type == "mysql": cursor.execute(""" INSERT INTO alf_authority_alias (id, version, auth_id, alias_id) VALUES (%s, 1, %s, %s) """, (alias_id, user_id, role_id)) else: cursor.execute(""" INSERT INTO LRSAdmin.alf_authority_alias (id, version, auth_id, alias_id) VALUES (?, 1, ?, ?) """, (alias_id, user_id, role_id)) conn.commit() print(f"✅ Role '{role_name}' assigned to user '{username}' successfully!") return True except Exception as e: conn.rollback() print(f"❌ Error assigning role: {e}") import traceback traceback.print_exc() return False finally: cursor.close() conn.close() if __name__ == "__main__": import argparse parser = argparse.ArgumentParser(description="Assign role to user in Aumentum database") parser.add_argument("username", help="Username") parser.add_argument("role", help="Role name (e.g., ROLE_INDEXING_OFFICER)") args = parser.parse_args() print("="*70) print("ASSIGN ROLE TO USER") print("="*70) print(f"\nAssigning role '{args.role}' to user '{args.username}'...") success = assign_role_to_user(args.username, args.role) if success: print("\n" + "="*70) print("✅ SUCCESS!") print("="*70) sys.exit(0) else: print("\n" + "="*70) print("❌ FAILED") print("="*70) sys.exit(1)