fix: Reading role permissions generates 500 error backend

api/users/models.py

@@ -4,6 +4,7 @@
 from django.conf import settings
 from django.contrib.auth.base_user import BaseUserManager
 from django.contrib.auth.models import AbstractUser
+from django.core.exceptions import ImproperlyConfigured
 from django.core.mail import send_mail
 from django.db import models
 from django.db.models import Count, QuerySet
@@ -42,6 +43,9 @@
         InviteLink,
     )
 
+if settings.IS_RBAC_INSTALLED:
+    from rbac.models import UserRole
+
 logger = logging.getLogger(__name__)
 mailer_lite = MailerLite()
 
@@ -243,6 +247,14 @@ def get_user_organisation(
                 % (self.id, getattr(organisation, "id", organisation))
             )
 
+    def get_user_roles(self):
+        if not settings.IS_RBAC_INSTALLED:
+            raise ImproperlyConfigured(
+                "RBAC is not installed. Unable to retrieve user roles."
+            )
+
+        return UserRole.objects.filter(user=self)
+
     def get_permitted_projects(
         self, permission_key: str, tag_ids: typing.List[int] = None
     ) -> QuerySet[Project]:

api/users/serializers.py

@@ -1,10 +1,14 @@
+from django.conf import settings
 from djoser.serializers import UserSerializer as DjoserUserSerializer
 from rest_framework import serializers
 from rest_framework.exceptions import ValidationError
 
 from organisations.models import Organisation
 from organisations.serializers import UserOrganisationSerializer
 
+if settings.IS_RBAC_INSTALLED:
+    from rbac.serializers import UserRoleSerializer
+
 from .models import FFAdminUser, UserPermissionGroup
 
 
@@ -56,9 +60,15 @@ class Meta:
 class UserListSerializer(serializers.ModelSerializer):
     role = serializers.SerializerMethodField(read_only=True)
     join_date = serializers.SerializerMethodField(read_only=True)
+    if settings.IS_RBAC_INSTALLED:
+        roles = UserRoleSerializer(many=True, read_only=True, source="get_user_roles")
 
     default_fields = ("id", "email", "first_name", "last_name", "last_login")
-    organisation_users_fields = ("role", "date_joined")
+    organisation_users_fields = (
+        "role",
+        "date_joined",
+        *([] if not settings.IS_RBAC_INSTALLED else ["roles"]),
+    )
 
     class Meta:
         model = FFAdminUser