Add configuration option for automatic assigning of "read-only user" role after registration

2023-01-24 20:55:24 +00:00 · 2023-01-24 20:55:24 +00:00 · 01f956b6ce
parent 2ea14635d2
commit 01f956b6ce
5 changed files with 15 additions and 3 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -12,6 +12,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Added `registration.type` configuration option (replaces `registrations_open`).
 - Implemented roles & permissions.
 - Added "read-only user" role.
+- Added configuration option for automatic assigning of "read-only user" role after registration.

 ### Deprecated

--- a/src/config/main.rs
+++ b/src/config/main.rs
@ -46,6 +46,9 @@ impl<'de> Deserialize<'de> for RegistrationType {
 pub struct RegistrationConfig {
    #[serde(rename = "type")]
    pub registration_type: RegistrationType,
+
+    #[serde(default)]
+    pub default_role_read_only_user: bool, // default is false
 }

 fn default_log_level() -> LogLevel { LogLevel::Info }
--- a/src/mastodon_api/accounts/views.rs
+++ b/src/mastodon_api/accounts/views.rs
@ -68,7 +68,7 @@ use crate::models::users::queries::{
    get_user_by_did,
    is_valid_invite_code,
 };
-use crate::models::users::types::UserCreateData;
+use crate::models::users::types::{Role, UserCreateData};
 use crate::utils::{
    caip2::ChainId,
    canonicalization::canonicalize_object,
@ -167,12 +167,18 @@ pub async fn create_account(

    let AccountCreateData { username, invite_code, .. } =
        account_data.into_inner();
+    let role = if config.registration.default_role_read_only_user {
+        Role::ReadOnlyUser
+    } else {
+        Role::NormalUser
+    };
    let user_data = UserCreateData {
        username,
        password_hash: maybe_password_hash,
        private_key_pem,
        wallet_address: maybe_wallet_address,
        invite_code,
+        role,
    };
    let user = match create_user(db_client, user_data).await {
        Ok(user) => user,
--- a/src/models/users/queries.rs
+++ b/src/models/users/queries.rs
@ -9,7 +9,7 @@ use crate::identity::{did::Did, did_pkh::DidPkh};
 use crate::models::profiles::queries::create_profile;
 use crate::models::profiles::types::{DbActorProfile, ProfileCreateData};
 use crate::utils::currencies::Currency;
-use super::types::{DbUser, Role, User, UserCreateData};
+use super::types::{DbUser, User, UserCreateData};
 use super::utils::generate_invite_code;

 pub async fn create_invite_code(
@ -127,7 +127,7 @@ pub async fn create_user(
            &user_data.password_hash,
            &user_data.private_key_pem,
            &user_data.invite_code,
-            &Role::default(),
+            &user_data.role,
        ],
    ).await.map_err(catch_unique_violation("user"))?;
    let db_user: DbUser = row.try_get("user_account")?;
@ -275,6 +275,7 @@ pub async fn get_user_count(
 mod tests {
    use serial_test::serial;
    use crate::database::test_utils::create_test_database;
+    use crate::models::users::types::Role;
    use super::*;

    #[tokio::test]
--- a/src/models/users/types.rs
+++ b/src/models/users/types.rs
@ -145,6 +145,7 @@ pub struct UserCreateData {
    pub private_key_pem: String,
    pub wallet_address: Option<String>,
    pub invite_code: Option<String>,
+    pub role: Role,
 }

 pub fn validate_local_username(username: &str) -> Result<(), ValidationError> {