fix(chalice): changed s-permissions

fix(DB): changed s-permissions

(cherry picked from commit 389ec4a8fc)

ee/api/auth/auth_jwt.py

@@ -20,8 +20,6 @@ def _get_current_auth_context(request: Request, jwt_payload: dict) -> schemas.Cu
         logger.warning("User not found.")
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="User not found.")
     request.state.authorizer_identity = "jwt"
-    if user["serviceAccount"]:
-        user["permissions"] = [p.value for p in schemas.ServicePermissions]
     request.state.currentContext = schemas.CurrentContext(tenantId=jwt_payload.get("tenantId", -1),
                                                           userId=jwt_payload.get("userId", -1),
                                                           email=user["email"],

ee/api/chalicelib/core/roles.py

@@ -121,6 +121,7 @@ def get_roles(tenant_id):
                                                           AND projects.deleted_at ISNULL ) AS role_projects ON (TRUE)
                                WHERE tenant_id =%(tenant_id)s
                                     AND deleted_at IS NULL
+                                    AND not service_role
                                ORDER BY role_id;""",
                             {"tenant_id": tenant_id})
         cur.execute(query=query)

ee/scripts/schema/db/init_dbs/postgresql/1.18.0/1.18.0.sql

@@ -29,6 +29,10 @@ ALTER TABLE IF EXISTS public.sessions
 CREATE INDEX IF NOT EXISTS graphql_session_id_idx ON events.graphql (session_id);
 CREATE INDEX IF NOT EXISTS crashes_session_id_idx ON events_common.crashes (session_id);
 
+UPDATE public.roles
+SET permissions='{SERVICE_SESSION_REPLAY,SERVICE_DEV_TOOLS,SERVICE_ASSIST_LIVE,SERVICE_ASSIST_CALL}'
+WHERE service_role;
+
 COMMIT;
 
 \elif :is_next