refactor(pkg,api,cli): remove UserData struct

Author: heiytor

api/services/auth.go

@@ -310,7 +310,7 @@ func (s *service) AuthLocalUser(ctx context.Context, req *requests.AuthLocalUser
 		User:          user.Username,
 		Name:          user.Name,
 		Email:         user.Email,
-		RecoveryEmail: user.RecoveryEmail,
+		RecoveryEmail: user.Preferences.RecoveryEmail,
 		MFA:           user.MFA.Enabled,
 		Tenant:        tenantID,
 		Role:          role,
@@ -394,7 +394,7 @@ func (s *service) CreateUserToken(ctx context.Context, req *requests.CreateUserT
 		User:          user.Username,
 		Name:          user.Name,
 		Email:         user.Email,
-		RecoveryEmail: user.RecoveryEmail,
+		RecoveryEmail: user.Preferences.RecoveryEmail,
 		MFA:           user.MFA.Enabled,
 		Tenant:        tenantID,
 		Role:          role,

api/services/setup.go

@@ -31,17 +31,6 @@ func (s *service) Setup(ctx context.Context, req requests.Setup) error {
 		return NewErrSetupForbidden(err)
 	}
 
-	data := models.UserData{
-		Name:          req.Name,
-		Email:         req.Email,
-		Username:      req.Username,
-		RecoveryEmail: "",
-	}
-
-	if ok, err := s.validator.Struct(data); !ok || err != nil {
-		return NewErrUserInvalid(nil, err)
-	}
-
 	pwdDigest, err := hash.Do(req.Password)
 	if err != nil {
 		return NewErrUserPasswordInvalid(err)
@@ -53,14 +42,17 @@ func (s *service) Setup(ctx context.Context, req requests.Setup) error {
 
 	user := &models.User{
 		Origin:         models.UserOriginLocal,
-		UserData:       data,
+		Name:           req.Name,
+		Email:          req.Email,
+		Username:       req.Username,
 		PasswordDigest: pwdDigest,
 		// NOTE: user's created from the setup screen doesn't need to be confirmed.
 		Status:        models.UserStatusConfirmed,
 		CreatedAt:     clock.Now(),
 		MaxNamespaces: -1,
 		Preferences: models.UserPreferences{
-			AuthMethods: []models.UserAuthMethod{models.UserAuthMethodLocal},
+			AuthMethods:   []models.UserAuthMethod{models.UserAuthMethodLocal},
+			RecoveryEmail: "",
 		},
 	}
 

cli/services/users.go

@@ -13,19 +13,7 @@ import (
 // UserCreate adds a new user based on the provided user's data. This method validates data and
 // checks for conflicts.
 func (s *service) UserCreate(ctx context.Context, input *inputs.UserCreate) (*models.User, error) {
-	// TODO: convert username and email to lower case.
-	userData := models.UserData{
-		Name:     input.Username,
-		Email:    input.Email,
-		Username: input.Username,
-	}
-
-	// TODO: validate this at cmd layer
-	if ok, err := s.validator.Struct(userData); !ok || err != nil {
-		return nil, ErrUserDataInvalid
-	}
-
-	if conflicts, has, _ := s.store.UserConflicts(ctx, &models.UserConflicts{Email: userData.Email, Username: userData.Username}); has {
+	if conflicts, has, _ := s.store.UserConflicts(ctx, &models.UserConflicts{Email: input.Email, Username: input.Username}); has {
 		containsEmail := slices.Contains(conflicts, "email")
 		containsUsername := slices.Contains(conflicts, "username")
 
@@ -48,7 +36,9 @@ func (s *service) UserCreate(ctx context.Context, input *inputs.UserCreate) (*mo
 
 	user := &models.User{
 		Origin:         models.UserOriginLocal,
-		UserData:       userData,
+		Name:           input.Username,
+		Email:          input.Email,
+		Username:       input.Username,
 		PasswordDigest: pwdDigest,
 		Status:         models.UserStatusConfirmed,
 		CreatedAt:      clock.Now(),

pkg/models/user.go

@@ -70,7 +70,10 @@ type User struct {
 	CreatedAt      time.Time `json:"created_at" bson:"created_at"`
 	LastLogin      time.Time `json:"last_login" bson:"last_login"`
 	EmailMarketing bool      `json:"email_marketing" bson:"email_marketing"`
-	UserData       `bson:",inline"`
+
+	Name     string `json:"name" validate:"required,name"`
+	Username string `json:"username" bson:"username" validate:"required,username"`
+	Email    string `json:"email" bson:"email" validate:"required,email"`
 
 	// PasswordDigest stores the hashed password.
 	PasswordDigest string `json:"-"`
@@ -83,17 +86,6 @@ type User struct {
 	Preferences UserPreferences `json:"preferences" bson:"preferences"`
 }
 
-type UserData struct {
-	Name     string `json:"name" validate:"required,name"`
-	Username string `json:"username" bson:"username" validate:"required,username"`
-	Email    string `json:"email" bson:"email" validate:"required,email"`
-	// RecoveryEmail is a custom, non-unique email address that a user can use to recover their account
-	// when they lose access to all other methods. It must never be equal to [UserData.Email].
-	//
-	// NOTE: Recovery email is available as a cloud-only feature and must be ignored in community.
-	RecoveryEmail string `json:"recovery_email" bson:"recovery_email" validate:"omitempty,email"`
-}
-
 // UserMFA represents the attributes related to MFA for a user.
 type UserMFA struct {
 	// Enabled reports whether MFA is enabled for the user.
@@ -110,6 +102,12 @@ type UserPreferences struct {
 
 	// AuthMethods indicates the authentication methods that the user can use to authenticate.
 	AuthMethods []UserAuthMethod `json:"auth_methods" bson:"auth_methods"`
+
+	// RecoveryEmail is a custom, non-unique email address that a user can use to recover their account
+	// when they lose access to all other methods. It must never be equal to [UserData.Email].
+	//
+	// NOTE: Recovery email is available as a cloud-only feature and must be ignored in community.
+	RecoveryEmail string `json:"recovery_email" bson:"recovery_email" validate:"omitempty,email"`
 }
 
 // UserAuthIdentifier is an username or email used to authenticate.