"""Grant admin role to a user by email (SSO users).

Usage:
    docker compose exec app python scripts/grant_admin.py user@oliver.agency
"""
import asyncio
import sys

from sqlalchemy import func, select

from src.database import async_session_factory
from src.models import User


async def grant_admin(email: str) -> None:
    email = email.strip().lower()
    async with async_session_factory() as db:
        result = await db.execute(select(User).where(func.lower(User.email) == email))
        user = result.scalar_one_or_none()
        if user is None:
            print(f"User {email!r} not found. They must log in via SSO first.")
            sys.exit(1)
        user.role = "admin"
        await db.commit()
        print(f"Granted admin to {user.email} (id={user.id})")


if __name__ == "__main__":
    if len(sys.argv) != 2:
        print("Usage: python scripts/grant_admin.py user@oliver.agency")
        sys.exit(1)
    asyncio.run(grant_admin(sys.argv[1]))