systemprompt-cli 0.14.0

Unified CLI for systemprompt.io AI governance: agent orchestration, MCP governance, analytics, profiles, cloud deploy, and self-hosted operations.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

//! Role-management subcommands for users.
//!
//! [`RoleCommands`] covers assigning arbitrary roles plus the built-in admin
//! promote/demote shortcuts. All operations require full profile context, so
//! [`execute_with_pool`] rejects the bare-pool path.

mod assign;
mod demote;
mod promote;

use crate::cli_settings::CliConfig;
use crate::shared::render_result;
use anyhow::{Result, bail};
use clap::Subcommand;
use systemprompt_database::DbPool;

#[derive(Debug, Subcommand)]
pub enum RoleCommands {
    #[command(about = "Assign roles to a user")]
    Assign(assign::AssignArgs),

    #[command(
        about = "Promote a user to the admin role",
        long_about = "Promote a user to the admin role.\n\nThis command operates only on the \
                      built-in 'admin' role. To assign other roles use:\n  systemprompt admin \
                      users role assign <USER_ID> --roles <ROLE>..."
    )]
    Promote(promote::PromoteArgs),

    #[command(
        about = "Demote a user from the admin role",
        long_about = "Demote a user from the admin role.\n\nThis command operates only on the \
                      built-in 'admin' role. To revoke other roles use:\n  systemprompt admin \
                      users role assign <USER_ID> --roles <ROLE>..."
    )]
    Demote(demote::DemoteArgs),
}

pub(super) async fn execute(cmd: RoleCommands, config: &CliConfig) -> Result<()> {
    match cmd {
        RoleCommands::Assign(args) => {
            let result = assign::execute(args, config).await?;
            render_result(&result);
            Ok(())
        },
        RoleCommands::Promote(args) => {
            let result = promote::execute(args, config).await?;
            render_result(&result);
            Ok(())
        },
        RoleCommands::Demote(args) => {
            let result = demote::execute(args, config).await?;
            render_result(&result);
            Ok(())
        },
    }
}

pub(super) fn execute_with_pool(
    _cmd: RoleCommands,
    _pool: &DbPool,
    _config: &CliConfig,
) -> Result<()> {
    bail!("Role management operations require full profile context")
}