fix: review feedback

Author: uniyalabhishek

cmd/rofl/set_admin.go

@@ -9,6 +9,7 @@ import (
 	"github.com/oasisprotocol/oasis-sdk/client-sdk/go/client"
 	"github.com/oasisprotocol/oasis-sdk/client-sdk/go/connection"
 	"github.com/oasisprotocol/oasis-sdk/client-sdk/go/modules/rofl"
+	"github.com/oasisprotocol/oasis-sdk/client-sdk/go/types"
 
 	buildRofl "github.com/oasisprotocol/cli/build/rofl"
 	"github.com/oasisprotocol/cli/cmd/common"
@@ -31,7 +32,6 @@ var setAdminCmd = &cobra.Command{
 			newAdminArg string
 			manifest    *buildRofl.Manifest
 			deployment  *buildRofl.Deployment
-			useManifest bool
 		)
 		switch len(args) {
 		case 2:
@@ -46,7 +46,6 @@ var setAdminCmd = &cobra.Command{
 				NeedAdmin: true,
 			})
 			rawAppID = deployment.AppID
-			useManifest = true
 		}
 
 		var appID rofl.AppID
@@ -70,62 +69,56 @@ var setAdminCmd = &cobra.Command{
 			cobra.CheckErr(err)
 		}
 
-		// Build the update body.
+		fmt.Printf("App ID:    %s\n", appID)
+
 		updateBody := rofl.Update{
 			ID:    appID,
 			Admin: newAdminAddr,
 		}
 
-		if useManifest {
+		var oldAdminAddr *types.Address
+		if manifest != nil {
 			// Manifest mode: use local policy, metadata, secrets.
 			if deployment.Policy == nil {
 				cobra.CheckErr("no policy configured in the manifest")
 			}
 
-			oldAdminAddr, _, err := common.ResolveLocalAccountOrAddress(npa.Network, deployment.Admin)
+			oldAdminAddr, _, err = common.ResolveLocalAccountOrAddress(npa.Network, deployment.Admin)
 			if err != nil {
 				cobra.CheckErr(fmt.Errorf("bad current administrator address: %w", err))
 			}
 
-			if *oldAdminAddr == *newAdminAddr {
-				fmt.Println("New admin is the same as the current admin, nothing to do.")
-				return
-			}
-
-			fmt.Printf("Old admin: %s\n", common.PrettyAddress(oldAdminAddr.String()))
-
 			updateBody.Policy = *deployment.Policy.AsDescriptor()
 			updateBody.Metadata = manifest.GetMetadata(roflCommon.DeploymentName)
 			updateBody.Secrets = buildRofl.PrepareSecrets(deployment.Secrets)
 		} else {
-			// Direct mode: fetch current app config from chain.
+			// Direct mode: reuse current policy, metadata, secrets from chain.
 			if txCfg.Offline {
 				cobra.CheckErr("direct mode requires network access")
 			}
 
 			appCfg, err := conn.Runtime(npa.ParaTime).ROFL.App(ctx, client.RoundLatest, appID)
 			cobra.CheckErr(err)
 
-			if appCfg.Admin != nil && *appCfg.Admin == *newAdminAddr {
-				fmt.Println("New admin is the same as the current admin, nothing to do.")
-				return
-			}
-
-			if appCfg.Admin != nil {
-				fmt.Printf("Old admin: %s\n", common.PrettyAddress(appCfg.Admin.String()))
-			}
-
+			oldAdminAddr = appCfg.Admin
 			updateBody.Policy = appCfg.Policy
 			updateBody.Metadata = appCfg.Metadata
 			updateBody.Secrets = appCfg.Secrets
 		}
 
+		if oldAdminAddr != nil {
+			if *oldAdminAddr == *newAdminAddr {
+				fmt.Println("New admin is the same as the current admin, nothing to do.")
+				return
+			}
+			fmt.Printf("Old admin: %s\n", common.PrettyAddress(oldAdminAddr.String()))
+		}
+
 		newAdminStr := newAdminAddr.String()
 		if newAdminEthAddr != nil {
 			newAdminStr = newAdminEthAddr.Hex()
 		}
 
-		fmt.Printf("App ID:    %s\n", appID)
 		fmt.Printf("New admin: %s\n", common.PrettyAddress(newAdminStr))
 
 		tx := rofl.NewUpdateTx(nil, &updateBody)

docs/rofl.md

@@ -328,7 +328,9 @@ their latest versions. This includes:
 ### Change ROFL app administrator {#set-admin}
 
 Run `rofl set-admin` to transfer ownership of a ROFL app to a new
-administrator. The transaction must be signed by the current admin.
+administrator. The ROFL app administrator owns the application, including
+upgrades, policy changes and removal. The transaction must be signed by the
+current admin.
 
 If the current directory contains a ROFL manifest, the manifest is updated with
 the new admin after a successful transaction.
@@ -338,30 +340,21 @@ the new admin after a successful transaction.
 To change the administrator directly on an existing app without a local
 manifest, run:
 
-```bash
-oasis rofl set-admin <app-id> <new-admin>
-```
+![code shell](../examples/rofl/set-admin-address.in.static)
 
-This mode requires network access and does not modify local files.
+This mode requires network access and does not modify the manifest.
 
 ### Change ROFL machine administrator {#machine-set-admin}
 
 Run `rofl machine set-admin` to change the administrator of an individual
-machine instance.
+machine instance. This is independent of the ROFL app administrator and only
+affects management of the specific machine instance.
 
 ![code shell](../examples/rofl/machine-set-admin.in.static)
 
-:::info ROFL admin vs machine admin
-
-The **ROFL admin** (changed via `oasis rofl set-admin`) owns the
-application — transfer ownership, upgrades, policy changes, removal.
+To change the administrator of the machine without a local manifest, run:
 
-The **machine admin** (changed via `oasis rofl machine set-admin`) manages
-an individual machine instance — execution, restarts, stops.
-
-These are independent roles.
-
-:::
+![code shell](../examples/rofl/machine-set-admin-address.in.static)
 
 ### Remove ROFL app from the network {#remove}
 

examples/rofl/machine-set-admin-address.in.static

@@ -0,0 +1 @@
+oasis rofl machine set-admin oasis1qp2ens0hsp7gh23wajxa4hpetkdek3swyyulyrmz:000000000000055c bob

examples/rofl/set-admin-address.in.static

@@ -0,0 +1 @@
+oasis rofl set-admin rofl1qpw7gxp7dqq72sdtpv4jrmdfys9nsp73wysglhue bob