(ctx context.Context, req *adminv1.SetSuperuserRequest)
| 46 | } |
| 47 | |
| 48 | func (s *Server) SetSuperuser(ctx context.Context, req *adminv1.SetSuperuserRequest) (*adminv1.SetSuperuserResponse, error) { |
| 49 | observability.AddRequestAttributes(ctx, |
| 50 | attribute.String("args.email", req.Email), |
| 51 | attribute.Bool("args.superuser", req.Superuser), |
| 52 | ) |
| 53 | |
| 54 | claims := auth.GetClaims(ctx) |
| 55 | if !claims.Superuser(ctx) { |
| 56 | return nil, status.Error(codes.PermissionDenied, "only superusers can add/remove superuser") |
| 57 | } |
| 58 | |
| 59 | user, err := s.admin.DB.FindUserByEmail(ctx, req.Email) |
| 60 | if err != nil { |
| 61 | return nil, err |
| 62 | } |
| 63 | |
| 64 | err = s.admin.DB.UpdateSuperuser(ctx, user.ID, req.Superuser) |
| 65 | if err != nil { |
| 66 | return nil, err |
| 67 | } |
| 68 | |
| 69 | return &adminv1.SetSuperuserResponse{}, nil |
| 70 | } |
| 71 | |
| 72 | func (s *Server) SearchUsers(ctx context.Context, req *adminv1.SearchUsersRequest) (*adminv1.SearchUsersResponse, error) { |
| 73 | claims := auth.GetClaims(ctx) |
nothing calls this directly
no test coverage detected