Merge pull request #18258 from vespa-engine/add_user_info

Additional fields to User - verified and lastLogin
author: Torbjørn Smørgrav <smorgrav@users.noreply.github.com> 2021-06-16 09:44:42 +0200
committer: GitHub <noreply@github.com> 2021-06-16 09:44:42 +0200
commit: 0f935dcc618eabdd29fa2509050de5e3719ea03b (patch)
tree: 4597443ef11765e64e938f424677402da6671e32
parent: 01049d0b94e54d70ab72fe08e4520a36984c4422 (diff)
parent: fd569aeb4e0c836d3f439dafe46eba3d76888d2a (diff)
8 files changed, 58 insertions, 12 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/User.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/User.java
index dcce25bda95..d3ed804e546 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/User.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/user/User.java
@@ -1,6 +1,7 @@
 // Copyright 2020 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.hosted.controller.api.integration.user;
 
+import java.time.LocalDate;
 import java.util.Objects;
 
 /**
@@ -9,17 +10,34 @@ import java.util.Objects;
 public class User {
 
     public static final String ATTRIBUTE_NAME = "vespa.user.attributes";
+    public static final LocalDate NO_DATE = LocalDate.EPOCH;
 
     private final String email;
     private final String name;
     private final String nickname;
     private final String picture;
+    private final boolean isVerified;
+    private final int loginCount;
+    private final LocalDate lastLogin;
 
     public User(String email, String name, String nickname, String picture) {
         this.email = Objects.requireNonNull(email);
         this.name = name;
         this.nickname = nickname;
         this.picture = picture;
+        this.isVerified = false;
+        this.loginCount = -1;
+        this.lastLogin = NO_DATE;
+    }
+
+    public User(String email, String name, String nickname, String picture, boolean isVerified, int loginCount, LocalDate lastLogin) {
+        this.email = Objects.requireNonNull(email);
+        this.name = name;
+        this.nickname = nickname;
+        this.picture = picture;
+        this.isVerified = isVerified;
+        this.loginCount = loginCount;
+        this.lastLogin = Objects.requireNonNull(lastLogin);
     }
 
     public String name() {
@@ -38,6 +56,12 @@ public class User {
         return picture;
     }
 
+    public LocalDate lastLogin() { return lastLogin; }
+
+    public boolean isVerified() { return isVerified; }
+
+    public int loginCount() { return loginCount; }
+
     @Override
     public boolean equals(Object o) {
         if (this == o) return true;
@@ -46,11 +70,14 @@ public class User {
         return Objects.equals(name, user.name) &&
                 Objects.equals(email, user.email) &&
                 Objects.equals(nickname, user.nickname) &&
-                Objects.equals(picture, user.picture);
+                Objects.equals(picture, user.picture) &&
+                Objects.equals(lastLogin, user.lastLogin) &&
+                loginCount == user.loginCount &&
+                isVerified == user.isVerified;
     }
 
     @Override
     public int hashCode() {
-        return Objects.hash(name, email, nickname, picture);
+        return Objects.hash(name, email, nickname, picture, lastLogin, loginCount, isVerified);
     }
 }
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java
index 6e069b2b5ec..e195401f03a 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/user/UserApiHandler.java
@@ -40,6 +40,8 @@ import com.yahoo.vespa.hosted.controller.tenant.Tenant;
 import com.yahoo.yolean.Exceptions;
 
 import java.security.PublicKey;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -136,12 +138,16 @@ public class UserApiHandler extends LoggingRequestHandler {
             RoleDefinition.hostedAccountant);
 
     private HttpResponse userMetadata(HttpRequest request) {
-        @SuppressWarnings("unchecked")
-        Map<String, String> userAttributes = (Map<String, String>) getAttribute(request, User.ATTRIBUTE_NAME, Map.class);
-        User user = new User(userAttributes.get("email"),
-                             userAttributes.get("name"),
-                             userAttributes.get("nickname"),
-                             userAttributes.get("picture"));
+        User user;
+        if (request.getJDiscRequest().context().get(User.ATTRIBUTE_NAME) instanceof User) {
+            user = getAttribute(request, User.ATTRIBUTE_NAME, User.class);
+        } else {
+            // Remove this after June 2021 (once all security filters are setting this)
+            @SuppressWarnings("unchecked")
+            Map<String, String> attr = (Map<String, String>) getAttribute(request, User.ATTRIBUTE_NAME, Map.class);
+            user = new User(attr.get("email"), attr.get("name"), attr.get("nickname"), attr.get("picture"));
+        }
+
         Set<Role> roles = getAttribute(request, SecurityContext.ATTRIBUTE_NAME, SecurityContext.class).roles();
 
         Map<TenantName, List<TenantRole>> tenantRolesByTenantName = roles.stream()
@@ -241,6 +247,11 @@ public class UserApiHandler extends LoggingRequestHandler {
         userObject.setString("email", user.email());
         if (user.nickname() != null) userObject.setString("nickname", user.nickname());
         if (user.picture() != null) userObject.setString("picture", user.picture());
+        userObject.setBool("verified", user.isVerified());
+        if (!user.lastLogin().equals(User.NO_DATE))
+            userObject.setString("lastLogin", user.lastLogin().format(DateTimeFormatter.ISO_DATE));
+        if (user.loginCount() > -1)
+            userObject.setLong("loginCount", user.loginCount());
     }
 
     private HttpResponse addTenantRoleMember(String tenantName, HttpRequest request) {
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/application-roles.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/application-roles.json
index 9bd66c16308..ca437dba761 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/application-roles.json
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/application-roles.json
@@ -6,11 +6,13 @@
     {
       "name": "administrator@tenant",
       "email": "administrator@tenant",
+      "verified": false,
       "roles": {}
     },
     {
       "name": "developer@tenant",
       "email": "developer@tenant",
+      "verified": false,
       "roles": {}
     }
   ]
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/tenant-roles.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/tenant-roles.json
index 6a1c4c88878..bc921e4bdf4 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/tenant-roles.json
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/tenant-roles.json
@@ -9,6 +9,7 @@
     {
       "name": "administrator@tenant",
       "email": "administrator@tenant",
+      "verified": false,
       "roles": {
         "administrator": {
           "explicit": true,
@@ -27,6 +28,7 @@
     {
       "name": "developer@tenant",
       "email": "developer@tenant",
+      "verified": false,
       "roles": {
         "administrator": {
           "explicit": false,
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-athenz.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-athenz.json
index 2ae3514bec3..5d3a38334ad 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-athenz.json
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-athenz.json
@@ -6,7 +6,8 @@
   "user": {
     "name": "Joe Developer",
     "email": "dev@domail",
-    "nickname": "dev"
+    "nickname": "dev",
+    "verified": false
   },
   "tenants": {
     "sandbox": {
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-cloud.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-cloud.json
index 2d2a137c2ca..ae3dc68d9e3 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-cloud.json
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-with-applications-cloud.json
@@ -6,7 +6,8 @@
   "user": {
     "name": "Joe Developer",
     "email": "dev@domail",
-    "nickname": "dev"
+    "nickname": "dev",
+    "verified":false
   },
   "tenants": {
     "sandbox": {
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-applications.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-applications.json
index e03a18a1949..3bf999b490b 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-applications.json
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-applications.json
@@ -6,7 +6,8 @@
   "user": {
     "name": "Joe Developer",
     "email": "dev@domail",
-    "nickname": "dev"
+    "nickname": "dev",
+    "verified":false
   },
   "tenants": {},
   "operator": [
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-trial-capacity-cloud.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-trial-capacity-cloud.json
index a7410b14850..27242424579 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-trial-capacity-cloud.json
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/user/responses/user-without-trial-capacity-cloud.json
@@ -6,7 +6,8 @@
   "user": {
     "name": "Joe Developer",
     "email": "dev@domail",
-    "nickname": "dev"
+    "nickname": "dev",
+    "verified":false
   },
   "tenants": {}
 }
 \ No newline at end of file
author	Torbjørn Smørgrav <smorgrav@users.noreply.github.com>	2021-06-16 09:44:42 +0200
committer	GitHub <noreply@github.com>	2021-06-16 09:44:42 +0200
commit	0f935dcc618eabdd29fa2509050de5e3719ea03b (patch)
tree	4597443ef11765e64e938f424677402da6671e32
parent	01049d0b94e54d70ab72fe08e4520a36984c4422 (diff)
parent	fd569aeb4e0c836d3f439dafe46eba3d76888d2a (diff)