fix roles assigned in the ui for sso (#1017)

This commit fixes the ability to assign roles to people in the ui when the user is SSO. The idea is if a role is ever assigned via SSO it becomes a "SSO Role" or a "Third Party" Role. by setting third_party to true on the role object. Once a role is marked as third party it can no longer be controlled through the ui for SSO Users. (for ui users this poses no functional change). It must be controlled via SSO.
2017-12-11 14:51:45 -07:00
parent f0c895a008
commit 6edc5180c7
7 changed files with 71 additions and 11 deletions
--- a/lemur/migrations/versions/5bc47fa7cac4_.py
+++ b/lemur/migrations/versions/5bc47fa7cac4_.py
@ -0,0 +1,22 @@
+"""add third party roles to lemur
+
+Revision ID: 5bc47fa7cac4
+Revises: c05a8998b371
+Create Date: 2017-12-08 14:19:11.903864
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '5bc47fa7cac4'
+down_revision = 'c05a8998b371'
+
+from alembic import op
+import sqlalchemy as sa
+
+
+def upgrade():
+    op.add_column('roles', sa.Column('third_party', sa.Boolean(), nullable=True, default=False))
+
+
+def downgrade():
+    op.drop_column('roles', 'third_party')