I’ve been in a battle with on-site AI, who keeps giving me broken code. I am frustrated by the changes to the ManagementClient for NodeJS which seems to have removed a lot of functionality or forced it into direct API calls.
In short, I have a web interface where “admin” users are changing the roles on other users. The backend uses the ManagementClient to update the users. I found work arounds for all the functionality until I get to the last step where I want to replace role “A” with role “B”. I can assign Roles, but not delete them.
Here’s the old code that worked (abridged):
const ROLES = [
process.env.ROLE_ADMIN_ID,
process.env.ROLE_INACTIVE_ID,
process.env.ROLE_PUBLIC_ID
]
let manager = new ManagementClient({
domain: process.env.DOMAIN,
clientId: process.env.CLIENTID,
clientSecret: process.env.CLIENT_SECRET,
scope:
"create:users read:users read:user_idp_tokens update:users delete:users read:roles create:roles update:roles delete:roles"
})
router.get("/getAllUsers", async function (req, res, next) {
// ...
const fetchUsersInRoles = ROLES.map((id) =>
manager.getUsersInRole({id}))
// ...
router.post("/assignRole", async function (req, res, next) {
// ...
manager.assignRolestoUser({id: userid}, {roles: [roleID]})
.then((result) => {
const dataObj = {
roles: ROLES.filter(
(justAdded) => justAdded !== roleID)
}
manager.removeRolesFromUser({id: userid}, dataObj)
.then((resp2) => {
res.status(200)
.send(`role was successfully assigned to the user`))
})
This looks mostly like what the AI keeps recommending. By investigating the classes in the Auth0 code, I discovered a few workarounds…
manager.getUsersInRole became manager.roles.getUsers
manager.assignRolestoUser became manager.users.assignRoles
but manager.users.removeRoles does not exist! The AI finally said I could use manager.resourceServers.delete({ id: users/${userid}/roles, data }) but when I added the delete:resource_servers` scope to my ManagementClient, I still got the 401 error saying that I didn’t.
I’m so frustrated. I’ve lost two days and now I’ve got lots of users with conflicting roles that I can’t fix unless I manually make the changes. What am I missing? Something obvious must be here. Is there a unassignRoles or nukeRoles that I am not seeing?