feat(frontier): add SetOrganizationMemberRole RPC

[whoAbhishekSah]

Summary

Adds SetOrganizationMemberRole RPC for atomic role assignment to org members.

rpc SetOrganizationMemberRole(SetOrganizationMemberRoleRequest) returns (SetOrganizationMemberRoleResponse);

message SetOrganizationMemberRoleRequest {
  string org_id = 1;
  string user_id = 2;
  string role_id = 3;
}

message SetOrganizationMemberRoleResponse {}

Related

• Frontier PR: feat: add SetOrganizationMemberRole RPC frontier#1471
• Frontier issue: Add SetOrganizationMemberRole RPC to replace client-side policy manipulation frontier#1459

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features
  • Added ability to assign and modify organization member roles via the API, enabling administrators to set or update a team member's role within an organization.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 981ed480-e5ff-48c4-ac39-c9e8dfd36e24

📥 Commits

Reviewing files that changed from the base of the PR and between 1af5125 and ea182dd.

📒 Files selected for processing (1)

• raystack/frontier/v1beta1/frontier.proto

---

📝 Walkthrough

Walkthrough

Added a new SetOrganizationMemberRole RPC to FrontierService with corresponding SetOrganizationMemberRoleRequest (fields: org_id, user_id, role_id, each validated as UUID) and an empty SetOrganizationMemberRoleResponse in the protobuf.

Changes

Cohort / File(s)	Summary
Protobuf API Definition raystack/frontier/v1beta1/frontier.proto	Inserted SetOrganizationMemberRole RPC between RemoveOrganizationUser and GetOrganizationKyc. Added SetOrganizationMemberRoleRequest with org_id, user_id, role_id fields validated as UUIDs, and an empty SetOrganizationMemberRoleResponse.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related issues

• Add SetOrganizationMemberRole RPC to replace client-side policy manipulation frontier#1459: Directly implements the SetOrganizationMemberRole RPC method and corresponding request/response messages as specified in the issue.

Poem

🐰 I hop into the proto glade,
I add a role, no fuss, no trade,
Org, user, role — UUIDs in place,
A tidy RPC, a hop, and grace. 🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and accurately describes the main change: adding a new SetOrganizationMemberRole RPC method to the FrontierService.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/set-organization-member-role

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

raystack/frontier/v1beta1/frontier.proto (1)

1934-1940: Consider aligning field naming with peer messages.

The use of org_id differs from similar messages like RemoveOrganizationUserRequest and AddOrganizationUsersRequest which use id for the organization identifier:

// RemoveOrganizationUserRequest uses `id` for org:
message RemoveOrganizationUserRequest {
  string id = 1 [(validate.rules).string.min_len = 3];
  string user_id = 2;
}

However, using org_id is more explicit and self-documenting, especially since this message contains three distinct ID fields (org_id, user_id, role_id). If this is a deliberate choice for clarity, the implementation is acceptable.

The validation rules (min_len = 3) are consistent with existing patterns, and the empty response message aligns with similar operations.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@raystack/frontier/v1beta1/frontier.proto` around lines 1934 - 1940, Rename
the org_id field in message SetOrganizationMemberRoleRequest to id to match peer
messages (e.g., RemoveOrganizationUserRequest/AddOrganizationUsersRequest):
replace org_id with id while keeping the existing validation tag
[(validate.rules).string.min_len = 3]; update any references in RPC handlers,
serializers, tests, and generated code that currently reference
SetOrganizationMemberRoleRequest.org_id to use
SetOrganizationMemberRoleRequest.id to avoid breakage; leave user_id and role_id
unchanged.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@raystack/frontier/v1beta1/frontier.proto`:
- Around line 1934-1940: Rename the org_id field in message
SetOrganizationMemberRoleRequest to id to match peer messages (e.g.,
RemoveOrganizationUserRequest/AddOrganizationUsersRequest): replace org_id with
id while keeping the existing validation tag [(validate.rules).string.min_len =
3]; update any references in RPC handlers, serializers, tests, and generated
code that currently reference SetOrganizationMemberRoleRequest.org_id to use
SetOrganizationMemberRoleRequest.id to avoid breakage; leave user_id and role_id
unchanged.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: afe1cd27-e0a1-4a9d-bd15-ed72f32b4039

📥 Commits

Reviewing files that changed from the base of the PR and between 6af92c6 and 1af5125.

📒 Files selected for processing (1)

• raystack/frontier/v1beta1/frontier.proto

[whoAbhishekSah]

Updated all three fields to use UUID validation as suggested.