[Backend] Make New Users Viewers By Default [#2866]

[pattisdr]

Closes #2866

Code Changes

• When creating a brand new FidesUser, adjust the FidesUserPermissions object created in the background so it is given a VIEWER role by default.
• Update both POST and PUT {{host}}/user/{{user_id}}/permission endpoints to require an explicit "roles" key in the request to be intentional. An empty list value will remove the user's roles. (This doesn't have a practical effect in the UI - as it always has the roles key, and doesn't surface the option to remove roles entirely, but still technically allowing this in the backend). Also note that the UI does not hit the POST user permissions endpoint at all since create user adds the initial permissions resource already.

Steps to Confirm

• As the root user, login and navigate to user management http://localhost:3000/user-management
• Click "Add New User"
• Fill out username, firstname, last name, pw. Click Save
• Verify in the network tab that the followup request to the UI to fetch the user's permissions returns the viewer role that was automatically added by the b/e http://0.0.0.0:8080/api/v1/user/<user_id>/permission
• Click on the Permissions tab. Verify the Viewer tab is already selected as they are technically a Viewer

Pre-Merge Checklist

• All CI Pipelines Succeeded
• Documentation:
  • documentation complete, PR opened in fidesdocs
  • documentation issue created in fidesdocs
• Issue Requirements are Met
• Relevant Follow-Up Issues Created
• Update CHANGELOG.md
• For API changes, the Postman collection has been updated

Description Of Changes

Give new users a Viewer role by default. Also require that the get/create permissions endpoints specify a role key in the request (this is new behavior, it was previously given an empty list by default), and assert that an empty list will remove the users roles (this was existing behavior, just adding tests)

[cypress]

Passing run #977 ↗︎

0	3	0	0	0
⚠️ You've recorded test results over your free plan limit. Upgrade your plan to view test results.

Details:

Merge d10bb36 into dfabd1d...
Project: fides	Commit: 795f92aee7 ℹ️
Status: Passed	Duration: 00:37 💡
Started: Mar 24, 2023 2:17 AM	Ended: Mar 24, 2023 2:17 AM

_{This comment has been generated by cypress-bot as a result of this project's GitHub integration settings.}

[codecov]

Codecov Report

Patch coverage: 100.00% and no project coverage change.

Comparison is base (dfabd1d) 86.60% compared to head (d10bb36) 86.60%.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2900   +/-   ##
=======================================
  Coverage   86.60%   86.60%           
=======================================
  Files         299      299           
  Lines       16814    16815    +1     
  Branches     2148     2148           
=======================================
+ Hits        14562    14563    +1     
  Misses       1841     1841           
  Partials      411      411           

Impacted Files	Coverage Δ
src/fides/api/ops/schemas/user_permission.py	100.00% <100.00%> (ø)
src/fides/lib/oauth/api/routes/user_endpoints.py	95.40% <100.00%> (+0.05%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[allisonking]

ah, I'm relieved the UI picked up on the change without any problems 😌 thanks for the update!!

[pattisdr]

Really appreciate all the review you've been doing for me the last couple days @allisonking 🏆

[pattisdr]

Argh changelog 😠