Add configuration option for automatic assigning of "read-only user" role after registration
This commit is contained in:
parent
2ea14635d2
commit
01f956b6ce
5 changed files with 15 additions and 3 deletions
|
@ -12,6 +12,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Added `registration.type` configuration option (replaces `registrations_open`).
|
- Added `registration.type` configuration option (replaces `registrations_open`).
|
||||||
- Implemented roles & permissions.
|
- Implemented roles & permissions.
|
||||||
- Added "read-only user" role.
|
- Added "read-only user" role.
|
||||||
|
- Added configuration option for automatic assigning of "read-only user" role after registration.
|
||||||
|
|
||||||
### Deprecated
|
### Deprecated
|
||||||
|
|
||||||
|
|
|
@ -46,6 +46,9 @@ impl<'de> Deserialize<'de> for RegistrationType {
|
||||||
pub struct RegistrationConfig {
|
pub struct RegistrationConfig {
|
||||||
#[serde(rename = "type")]
|
#[serde(rename = "type")]
|
||||||
pub registration_type: RegistrationType,
|
pub registration_type: RegistrationType,
|
||||||
|
|
||||||
|
#[serde(default)]
|
||||||
|
pub default_role_read_only_user: bool, // default is false
|
||||||
}
|
}
|
||||||
|
|
||||||
fn default_log_level() -> LogLevel { LogLevel::Info }
|
fn default_log_level() -> LogLevel { LogLevel::Info }
|
||||||
|
|
|
@ -68,7 +68,7 @@ use crate::models::users::queries::{
|
||||||
get_user_by_did,
|
get_user_by_did,
|
||||||
is_valid_invite_code,
|
is_valid_invite_code,
|
||||||
};
|
};
|
||||||
use crate::models::users::types::UserCreateData;
|
use crate::models::users::types::{Role, UserCreateData};
|
||||||
use crate::utils::{
|
use crate::utils::{
|
||||||
caip2::ChainId,
|
caip2::ChainId,
|
||||||
canonicalization::canonicalize_object,
|
canonicalization::canonicalize_object,
|
||||||
|
@ -167,12 +167,18 @@ pub async fn create_account(
|
||||||
|
|
||||||
let AccountCreateData { username, invite_code, .. } =
|
let AccountCreateData { username, invite_code, .. } =
|
||||||
account_data.into_inner();
|
account_data.into_inner();
|
||||||
|
let role = if config.registration.default_role_read_only_user {
|
||||||
|
Role::ReadOnlyUser
|
||||||
|
} else {
|
||||||
|
Role::NormalUser
|
||||||
|
};
|
||||||
let user_data = UserCreateData {
|
let user_data = UserCreateData {
|
||||||
username,
|
username,
|
||||||
password_hash: maybe_password_hash,
|
password_hash: maybe_password_hash,
|
||||||
private_key_pem,
|
private_key_pem,
|
||||||
wallet_address: maybe_wallet_address,
|
wallet_address: maybe_wallet_address,
|
||||||
invite_code,
|
invite_code,
|
||||||
|
role,
|
||||||
};
|
};
|
||||||
let user = match create_user(db_client, user_data).await {
|
let user = match create_user(db_client, user_data).await {
|
||||||
Ok(user) => user,
|
Ok(user) => user,
|
||||||
|
|
|
@ -9,7 +9,7 @@ use crate::identity::{did::Did, did_pkh::DidPkh};
|
||||||
use crate::models::profiles::queries::create_profile;
|
use crate::models::profiles::queries::create_profile;
|
||||||
use crate::models::profiles::types::{DbActorProfile, ProfileCreateData};
|
use crate::models::profiles::types::{DbActorProfile, ProfileCreateData};
|
||||||
use crate::utils::currencies::Currency;
|
use crate::utils::currencies::Currency;
|
||||||
use super::types::{DbUser, Role, User, UserCreateData};
|
use super::types::{DbUser, User, UserCreateData};
|
||||||
use super::utils::generate_invite_code;
|
use super::utils::generate_invite_code;
|
||||||
|
|
||||||
pub async fn create_invite_code(
|
pub async fn create_invite_code(
|
||||||
|
@ -127,7 +127,7 @@ pub async fn create_user(
|
||||||
&user_data.password_hash,
|
&user_data.password_hash,
|
||||||
&user_data.private_key_pem,
|
&user_data.private_key_pem,
|
||||||
&user_data.invite_code,
|
&user_data.invite_code,
|
||||||
&Role::default(),
|
&user_data.role,
|
||||||
],
|
],
|
||||||
).await.map_err(catch_unique_violation("user"))?;
|
).await.map_err(catch_unique_violation("user"))?;
|
||||||
let db_user: DbUser = row.try_get("user_account")?;
|
let db_user: DbUser = row.try_get("user_account")?;
|
||||||
|
@ -275,6 +275,7 @@ pub async fn get_user_count(
|
||||||
mod tests {
|
mod tests {
|
||||||
use serial_test::serial;
|
use serial_test::serial;
|
||||||
use crate::database::test_utils::create_test_database;
|
use crate::database::test_utils::create_test_database;
|
||||||
|
use crate::models::users::types::Role;
|
||||||
use super::*;
|
use super::*;
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
|
|
|
@ -145,6 +145,7 @@ pub struct UserCreateData {
|
||||||
pub private_key_pem: String,
|
pub private_key_pem: String,
|
||||||
pub wallet_address: Option<String>,
|
pub wallet_address: Option<String>,
|
||||||
pub invite_code: Option<String>,
|
pub invite_code: Option<String>,
|
||||||
|
pub role: Role,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn validate_local_username(username: &str) -> Result<(), ValidationError> {
|
pub fn validate_local_username(username: &str) -> Result<(), ValidationError> {
|
||||||
|
|
Loading…
Reference in a new issue