fix issue with first-time api client permission toggling

salt/manager/sync_es_users.sls

@@ -20,13 +20,11 @@ sync_es_users:
       - /opt/so/saltstack/local/salt/elasticsearch/files/users
       - /opt/so/saltstack/local/salt/elasticsearch/files/users_roles
       - /opt/so/conf/soc/soc_users_roles
-      - /opt/so/conf/soc/soc_clients_roles
     - show_changes: False
     - require:
       - docker_container: so-kratos
       - http: wait_for_kratos
       - file: so-user.lock # require so-user.lock file to be missing
-      - file: so-client.lock # require so-client.lock file to be missing
 
 # we dont want this added too early in setup, so we add the onlyif to verify 'startup_states: highstate'
 # is in the minion config. That line is added before the final highstate during setup

salt/manager/tools/sbin/so-client

@@ -150,7 +150,7 @@ function createFile() {
 }
 
 function ensureRoleFileExists() {
-  if [[ ! -f "$socRolesFile" || ! -s "$socRolesFile" ]]; then
+  if [[ ! -f "$socRolesFile" ]]; then
     # Generate the new roles file
     rolesTmpFile="${socRolesFile}.tmp"
     createFile "$rolesTmpFile" "$soUID" "$soGID"