Fix saml conversion from ext_perm -> basic (#4343)

* fix saml conversion from ext_perm -> basic * quick nit * minor fix * finalize * update * quick fix
2025-09-08 16:05:32 +02:00 · 2025-03-26 13:36:51 -07:00
parent d37b427d52
commit 7c8e23aa54
7 changed files with 132 additions and 6 deletions
--- a/backend/onyx/server/manage/models.py
+++ b/backend/onyx/server/manage/models.py
@@ -132,6 +132,7 @@ class UserByEmail(BaseModel):
 class UserRoleUpdateRequest(BaseModel):
    user_email: str
    new_role: UserRole
+    explicit_override: bool = False


 class UserRoleResponse(BaseModel):
--- a/backend/onyx/server/manage/users.py
+++ b/backend/onyx/server/manage/users.py
@@ -102,6 +102,7 @@ def set_user_role(
    validate_user_role_update(
        requested_role=requested_role,
        current_role=current_role,
+        explicit_override=user_role_update_request.explicit_override,
    )

    if user_to_update.id == current_user.id:
@@ -122,6 +123,22 @@ def set_user_role(
    db_session.commit()


+class TestUpsertRequest(BaseModel):
+    email: str
+
+
+@router.post("/manage/users/test-upsert-user")
+async def test_upsert_user(
+    request: TestUpsertRequest,
+    _: User = Depends(current_admin_user),
+) -> None | FullUserSnapshot:
+    """Test endpoint for upsert_saml_user. Only used for integration testing."""
+    user = await fetch_ee_implementation_or_noop(
+        "onyx.server.saml", "upsert_saml_user", None
+    )(email=request.email)
+    return FullUserSnapshot.from_user_model(user) if user else None
+
+
@router.get("/manage/users/accepted")
 def list_accepted_users(
    q: str | None = Query(default=None),