Self registration (#1640)

* Added DB file for self registration

* Check api for self registration

* imported user service to add emailid

* working self registration

* changed response of check

* changed sequence number for sql script

Co-authored-by: nikeshDevtron <[email protected]>

Author: pghildiyal

214

@@ -103,6 +103,7 @@ func InitializeApp() (*App, error) {
 	wire.Build(
 		// ----- wireset start
 		sql.PgSqlWireSet,
+		user.SelfRegistrationWireSet,
 		externalLink.ExternalLinkWireSet,
 		team.TeamsWireSet,
 		AuthWireSet,

Wire.go

@@ -102,6 +102,7 @@ type MuxRouter struct {
 	dashboardTelemetryRouter         dashboardEvent.DashboardTelemetryRouter
 	commonDeploymentRouter           appStoreDeployment.CommonDeploymentRouter
 	externalLinkRouter               externalLink.ExternalLinkRouter
+	selfRegistrationRolesRouter      user.SelfRegistrationRolesRouter
 	moduleRouter                     module.ModuleRouter
 	serverRouter                     server.ServerRouter
 }
@@ -126,7 +127,7 @@ func NewMuxRouter(logger *zap.SugaredLogger, HelmRouter HelmRouter, PipelineConf
 	commonRouter CommonRouter, grafanaRouter GrafanaRouter, ssoLoginRouter sso.SsoLoginRouter, telemetryRouter TelemetryRouter, telemetryWatcher telemetry.TelemetryEventClient, bulkUpdateRouter BulkUpdateRouter, webhookListenerRouter WebhookListenerRouter, appLabelsRouter AppLabelRouter,
 	coreAppRouter CoreAppRouter, helmAppRouter client.HelmAppRouter, k8sApplicationRouter k8s.K8sApplicationRouter,
 	pProfRouter PProfRouter, deploymentConfigRouter deployment.DeploymentConfigRouter, dashboardTelemetryRouter dashboardEvent.DashboardTelemetryRouter,
-	commonDeploymentRouter appStoreDeployment.CommonDeploymentRouter, externalLinkRouter externalLink.ExternalLinkRouter, moduleRouter module.ModuleRouter,
+	commonDeploymentRouter appStoreDeployment.CommonDeploymentRouter, externalLinkRouter externalLink.ExternalLinkRouter, moduleRouter module.ModuleRouter, selfRegistrationRolesRouter user.SelfRegistrationRolesRouter,
 	serverRouter server.ServerRouter) *MuxRouter {
 	r := &MuxRouter{
 		Router:                           mux.NewRouter(),
@@ -184,6 +185,7 @@ func NewMuxRouter(logger *zap.SugaredLogger, HelmRouter HelmRouter, PipelineConf
 		dashboardTelemetryRouter:         dashboardTelemetryRouter,
 		commonDeploymentRouter:           commonDeploymentRouter,
 		externalLinkRouter:               externalLinkRouter,
+		selfRegistrationRolesRouter:      selfRegistrationRolesRouter,
 		moduleRouter:                     moduleRouter,
 		serverRouter:                     serverRouter,
 	}
@@ -359,6 +361,9 @@ func (r MuxRouter) Init() {
 	externalLinkRouter := r.Router.PathPrefix("/orchestrator/external-links").Subrouter()
 	r.externalLinkRouter.InitExternalLinkRouter(externalLinkRouter)
 
+	selfRegistrationRolesRouter := r.Router.PathPrefix("/orchestrator/self-register").Subrouter()
+	r.selfRegistrationRolesRouter.InitSelfRegistrationRolesRouter(selfRegistrationRolesRouter)
+
 	// module router
 	moduleRouter := r.Router.PathPrefix("/orchestrator/module").Subrouter()
 	r.moduleRouter.Init(moduleRouter)

api/router/router.go

@@ -0,0 +1,52 @@
+package user
+
+import (
+	"encoding/json"
+	"github.com/devtron-labs/devtron/api/bean"
+	"github.com/devtron-labs/devtron/api/restHandler/common"
+	"github.com/devtron-labs/devtron/pkg/user"
+	"go.uber.org/zap"
+	"net/http"
+)
+
+type SelfRegistrationRolesHandler interface {
+	SelfRegister(w http.ResponseWriter, r *http.Request)
+	SelfRegisterCheck(w http.ResponseWriter, r *http.Request)
+}
+
+type SelfRegistrationRolesHandlerImpl struct {
+	logger                       *zap.SugaredLogger
+	selfRegistrationRolesService user.SelfRegistrationRolesService
+}
+
+func NewSelfRegistrationRolesHandlerImpl(logger *zap.SugaredLogger,
+	selfRegistrationRolesService user.SelfRegistrationRolesService) *SelfRegistrationRolesHandlerImpl {
+	return &SelfRegistrationRolesHandlerImpl{
+		logger:                       logger,
+		selfRegistrationRolesService: selfRegistrationRolesService,
+	}
+}
+
+func (impl *SelfRegistrationRolesHandlerImpl) SelfRegister(w http.ResponseWriter, r *http.Request) {
+
+	decoder := json.NewDecoder(r.Body)
+	var userInfo bean.UserInfo
+	err := decoder.Decode(&userInfo)
+	if err != nil {
+		impl.logger.Errorw("request err, selfRegister", "err", err, "payload", userInfo)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	impl.selfRegistrationRolesService.SelfRegister(userInfo.EmailId)
+	common.WriteJsonResp(w, nil, map[string]string{"status": "ok"}, http.StatusOK)
+}
+
+func (impl *SelfRegistrationRolesHandlerImpl) SelfRegisterCheck(w http.ResponseWriter, r *http.Request) {
+	res, err := impl.selfRegistrationRolesService.Check()
+	if err != nil {
+		impl.logger.Errorw("service err, Check", "err", err)
+		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		return
+	}
+	common.WriteJsonResp(w, err, map[string]bool{"enabled": res.Enabled}, http.StatusOK)
+}

api/user/SelfRegistrationRolesHandler.go

@@ -0,0 +1,30 @@
+package user
+
+import (
+	"github.com/gorilla/mux"
+	"go.uber.org/zap"
+)
+
+type SelfRegistrationRolesRouter interface {
+	InitSelfRegistrationRolesRouter(router *mux.Router)
+}
+
+type SelfRegistrationRolesRouterImpl struct {
+	logger                       *zap.SugaredLogger
+	selfRegistrationRolesHandler SelfRegistrationRolesHandler
+}
+
+func NewSelfRegistrationRolesRouterImpl(logger *zap.SugaredLogger, selfRegistrationRolesHandler SelfRegistrationRolesHandler) *SelfRegistrationRolesRouterImpl {
+	return &SelfRegistrationRolesRouterImpl{
+		logger:                       logger,
+		selfRegistrationRolesHandler: selfRegistrationRolesHandler,
+	}
+}
+
+func (impl *SelfRegistrationRolesRouterImpl) InitSelfRegistrationRolesRouter(router *mux.Router) {
+	router.Path("").
+		HandlerFunc(impl.selfRegistrationRolesHandler.SelfRegister).Methods("POST")
+	router.Path("/check").
+		HandlerFunc(impl.selfRegistrationRolesHandler.SelfRegisterCheck).Methods("GET")
+
+}

api/user/SelfRegistrationRolesRouter.go

@@ -0,0 +1,22 @@
+package user
+
+import (
+	"github.com/devtron-labs/devtron/pkg/user"
+	"github.com/devtron-labs/devtron/pkg/user/repository"
+	"github.com/google/wire"
+)
+
+//depends on sql,
+//TODO integrate user auth module
+
+var SelfRegistrationWireSet = wire.NewSet(
+	repository.NewSelfRegistrationRolesRepositoryImpl,
+	wire.Bind(new(repository.SelfRegistrationRolesRepository), new(*repository.SelfRegistrationRolesRepositoryImpl)),
+
+	user.NewSelfRegistrationRolesServiceImpl,
+	wire.Bind(new(user.SelfRegistrationRolesService), new(*user.SelfRegistrationRolesServiceImpl)),
+	NewSelfRegistrationRolesHandlerImpl,
+	wire.Bind(new(SelfRegistrationRolesHandler), new(*SelfRegistrationRolesHandlerImpl)),
+	NewSelfRegistrationRolesRouterImpl,
+	wire.Bind(new(SelfRegistrationRolesRouter), new(*SelfRegistrationRolesRouterImpl)),
+)

api/user/wire_selfRegistration.go

@@ -42,4 +42,5 @@ var UserWireSet = wire.NewSet(
 
 	user.NewUserCommonServiceImpl,
 	wire.Bind(new(user.UserCommonService), new(*user.UserCommonServiceImpl)),
+
 )

api/user/wire_user.go

@@ -0,0 +1,91 @@
+package user
+
+import (
+	"github.com/devtron-labs/devtron/api/bean"
+	"github.com/devtron-labs/devtron/pkg/user/repository"
+	"go.uber.org/zap"
+)
+
+type SelfRegistrationRolesService interface {
+	Check() (CheckResponse, error)
+	SelfRegister(emailId string)
+}
+
+type SelfRegistrationRolesServiceImpl struct {
+	logger                          *zap.SugaredLogger
+	selfRegistrationRolesRepository repository.SelfRegistrationRolesRepository
+	userService                     UserService
+}
+
+func NewSelfRegistrationRolesServiceImpl(logger *zap.SugaredLogger,
+	selfRegistrationRolesRepository repository.SelfRegistrationRolesRepository, userService UserService) *SelfRegistrationRolesServiceImpl {
+	return &SelfRegistrationRolesServiceImpl{
+		logger:                          logger,
+		selfRegistrationRolesRepository: selfRegistrationRolesRepository,
+		userService:                     userService,
+	}
+}
+
+func (impl *SelfRegistrationRolesServiceImpl) GetAll() ([]string, error) {
+	roleEntries, err := impl.selfRegistrationRolesRepository.GetAll()
+	if err != nil {
+		impl.logger.Errorf("error fetching all role %+v", err)
+		return nil, err
+	}
+	var roles []string
+	for _, role := range roleEntries {
+		if role.Role != "" {
+			roles = append(roles, role.Role)
+		}
+	}
+	return roles, nil
+}
+
+type CheckResponse struct {
+	Enabled bool     `json:"enabled"`
+	Roles   []string `json:"roles"`
+}
+
+func (impl *SelfRegistrationRolesServiceImpl) Check() (CheckResponse, error) {
+	roleEntries, err := impl.selfRegistrationRolesRepository.GetAll()
+	var checkResponse CheckResponse
+	if err != nil {
+		impl.logger.Errorf("error fetching all role %+v", err)
+		checkResponse.Enabled = false
+		return checkResponse, err
+	}
+	//var roles []string
+	if roleEntries != nil {
+		for _, role := range roleEntries {
+			if role.Role != "" {
+				checkResponse.Roles = append(checkResponse.Roles, role.Role)
+				checkResponse.Enabled = true
+				//return checkResponse, err
+			}
+		}
+		if checkResponse.Enabled == true {
+			return checkResponse, err
+		}
+		checkResponse.Enabled = false
+		return checkResponse, err
+	}
+	checkResponse.Enabled = false
+	return checkResponse, nil
+}
+func (impl *SelfRegistrationRolesServiceImpl) SelfRegister(emailId string) {
+
+	roles, err := impl.Check()
+	if err != nil || roles.Enabled == false {
+		return
+	}
+
+	userInfo := &bean.UserInfo{
+		EmailId:    emailId,
+		Roles:      roles.Roles,
+		SuperAdmin: false,
+	}
+	_, err = impl.userService.SelfRegisterUserIfNotExists(userInfo)
+	if err != nil {
+		impl.logger.Errorw("error while register user", "error", err)
+	}
+}

pkg/user/SelfRegistrationRolesService.go

@@ -36,6 +36,7 @@ import (
 
 type UserService interface {
 	CreateUser(userInfo *bean.UserInfo) ([]*bean.UserInfo, error)
+	SelfRegisterUserIfNotExists(userInfo *bean.UserInfo) ([]*bean.UserInfo, error)
 	UpdateUser(userInfo *bean.UserInfo) (*bean.UserInfo, error)
 	GetById(id int32) (*bean.UserInfo, error)
 	GetAll() ([]bean.UserInfo, error)
@@ -101,6 +102,114 @@ func (impl UserServiceImpl) validateUserRequest(userInfo *bean.UserInfo) (bool,
 	return true, nil
 }
 
+func (impl UserServiceImpl) SelfRegisterUserIfNotExists(userInfo *bean.UserInfo) ([]*bean.UserInfo, error) {
+	var pass []string
+	var userResponse []*bean.UserInfo
+	emailIds := strings.Split(userInfo.EmailId, ",")
+	dbConnection := impl.userRepository.GetConnection()
+	tx, err := dbConnection.Begin()
+	if err != nil {
+		return nil, err
+	}
+	// Rollback tx on error.
+	defer tx.Rollback()
+
+	var policies []casbin2.Policy
+	for _, emailId := range emailIds {
+		dbUser, err := impl.userRepository.FetchActiveOrDeletedUserByEmail(emailId)
+		if err != nil && err != pg.ErrNoRows {
+			impl.logger.Errorw("error while fetching user from db", "error", err)
+			return nil, err
+		}
+
+		//if found, update it with new roles
+		if dbUser != nil && dbUser.Id > 0 {
+			return nil, fmt.Errorf("existing user, cant self register")
+		}
+
+		// if not found, create new user
+		userInfo, err = impl.saveUser(userInfo, emailId)
+		if err != nil {
+			err = &util.ApiError{
+				Code:            constants.UserCreateDBFailed,
+				InternalMessage: "failed to create new user in db",
+				UserMessage:     fmt.Sprintf("requested by %d", userInfo.UserId),
+			}
+			return nil, err
+		}
+
+		roles, err := impl.userAuthRepository.GetRoleByRoles(userInfo.Roles)
+		if err != nil {
+			err = &util.ApiError{
+				Code:            constants.UserCreateDBFailed,
+				InternalMessage: "configured roles for selfregister are wrong",
+				UserMessage:     fmt.Sprintf("requested by %d", userInfo.UserId),
+			}
+			return nil, err
+		}
+		for _, roleModel := range roles {
+			userRoleModel := &repository2.UserRoleModel{UserId: userInfo.Id, RoleId: roleModel.Id}
+			userRoleModel, err = impl.userAuthRepository.CreateUserRoleMapping(userRoleModel, tx)
+			if err != nil {
+				return nil, err
+			}
+			policies = append(policies, casbin2.Policy{Type: "g", Sub: casbin2.Subject(userInfo.EmailId), Obj: casbin2.Object(roleModel.Role)})
+		}
+
+		pass = append(pass, emailId)
+		userInfo.EmailId = emailId
+		userInfo.Exist = dbUser.Active
+		userResponse = append(userResponse, &bean.UserInfo{Id: userInfo.Id, EmailId: emailId, Groups: userInfo.Groups, RoleFilters: userInfo.RoleFilters, SuperAdmin: userInfo.SuperAdmin})
+	}
+	if len(policies) > 0 {
+		pRes := casbin2.AddPolicy(policies)
+		println(pRes)
+	}
+	err = tx.Commit()
+	if err != nil {
+		return nil, err
+	}
+	return userResponse, nil
+}
+
+func (impl UserServiceImpl) saveUser(userInfo *bean.UserInfo, emailId string) (*bean.UserInfo, error) {
+	dbConnection := impl.userRepository.GetConnection()
+	tx, err := dbConnection.Begin()
+	if err != nil {
+		return nil, err
+	}
+	// Rollback tx on error.
+	defer tx.Rollback()
+
+	_, err = impl.validateUserRequest(userInfo)
+	if err != nil {
+		err = &util.ApiError{HttpStatusCode: http.StatusBadRequest, UserMessage: "Invalid request, please provide role filters"}
+		return nil, err
+	}
+
+	//create new user in our db on d basis of info got from google api or hex. assign a basic role
+	model := &repository2.UserModel{
+		EmailId:     emailId,
+		AccessToken: userInfo.AccessToken,
+	}
+	model.Active = true
+	model.CreatedBy = userInfo.UserId
+	model.UpdatedBy = userInfo.UserId
+	model.CreatedOn = time.Now()
+	model.UpdatedOn = time.Now()
+	model, err = impl.userRepository.CreateUser(model, tx)
+	if err != nil {
+		impl.logger.Errorw("error in creating new user", "error", err)
+		return nil, err
+	}
+	err = tx.Commit()
+	if err != nil {
+		return nil, err
+	}
+	userInfo.Id = model.Id
+	return userInfo, nil
+}
+
 func (impl UserServiceImpl) CreateUser(userInfo *bean.UserInfo) ([]*bean.UserInfo, error) {
 	var pass []string
 	var userResponse []*bean.UserInfo