def mutate(self, info, user, role, field): auth_user = info.context.user if not is_fieldadmin(auth_user, field): raise GraphQLError('Unauthorized') get_or_create(db.session, UserModel, defaults=None, shortname=user) if not validate_role_assignment(role, field): raise GraphQLError( 'The field does not exist, or the role is not a valid role') role_model = RoleModel.query.filter(RoleModel.user == user, RoleModel.field == field).first() if not role_model: role_model = RoleModel(user=user, field=field) role_model.role = role db.session.add(role_model) db.session.commit() return Role(user=user, field=field, role=role)