feat: add AdminRoleAssignmentViewSet for managing admin role assignments

Author: BryanttV

openedx_authz/urls.py

@@ -4,10 +4,11 @@
 
 from django.urls import re_path, include
 from rest_framework.routers import DefaultRouter
-from .views import LibraryViewSet
+from .views import LibraryViewSet, AdminRoleAssignmentViewSet
 
 router = DefaultRouter()
 router.register(r"libraries", LibraryViewSet, basename="library")
+router.register(r"admin-roles", AdminRoleAssignmentViewSet, basename="admin-roles")
 
 urlpatterns = [
     re_path(r"^api/", include(router.urls)),

openedx_authz/views.py

@@ -104,3 +104,36 @@ def destroy(self, request, pk=None):
             {"detail": f'Library "{library_title}" has been deleted.'},
             status=status.HTTP_204_NO_CONTENT,
         )
+
+
+class AdminRoleAssignmentViewSet(viewsets.ViewSet):
+    """
+    ViewSet for managing admin role assignments using Casbin.
+    """
+
+    def create(self, request):
+        """
+        POST /admin-roles/
+        Assign admin role to a user.
+
+        Example request body:
+        ```json
+        {
+            "username": "john_doe"
+        }
+        ```
+        """
+        username = request.data["username"]
+        enforcer.add_role_for_user(username, "admin")
+        enforcer.save_policy()
+        return Response(f"Admin role assigned to user {username}", status=status.HTTP_201_CREATED)
+
+    def destroy(self, request, pk=None):
+        """
+        DELETE /admin-roles/{username}/
+        Remove admin role from a user.
+        """
+        username = pk
+        enforcer.delete_role_for_user(username, "admin")
+        enforcer.save_policy()
+        return Response(f"Admin role removed from user {username}", status=status.HTTP_204_NO_CONTENT)