devtron-labs · Shivam-nagar23 · Feb 8, 2024 · Jan 25, 2024 · Jan 25, 2024 · Jan 25, 2024
@@ -210,20 +210,13 @@ func (handler UserRestHandlerImpl) UpdateUser(w http.ResponseWriter, r *http.Req
 	// RBAC enforcer applying
 	token := r.Header.Get("token")
 
-	if userInfo.EmailId == "admin" {
-		userInfo.EmailId = "admin@github.com/devtron-labs"
-	}
 	err = handler.validator.Struct(userInfo)
 	if err != nil {
 		handler.logger.Errorw("validation err, UpdateUser", "err", err, "payload", userInfo)
 		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
 		return
 	}
 
-	if userInfo.EmailId == "admin@github.com/devtron-labs" {
-		userInfo.EmailId = "admin"
-	}
-
 	res, rolesChanged, groupsModified, restrictedGroups, err := handler.userService.UpdateUser(&userInfo, token, handler.CheckManagerAuth)
 
 	if err != nil {
@@ -362,7 +355,42 @@ func (handler UserRestHandlerImpl) GetAll(w http.ResponseWriter, r *http.Request
 		common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
 		return
 	}
-	res, err := handler.userService.GetAll()
+	// check query param
+	params := r.URL.Query()
+	searchKey := params.Get("searchKey")
+	sortOrder := params.Get("sortOrder")
+	sortBy := params.Get("sortBy")
+	offsetString := params.Get("offset")
+	var offset int
+	if len(offsetString) > 0 {
+		offset, err = strconv.Atoi(offsetString)
+		if err != nil {
+			handler.logger.Errorw("request err, GetAll", "err", err, "offset", offset)
+			common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+			return
+		}
+	}
+	sizeString := params.Get("size")
+	var size int
+	if len(sizeString) > 0 {
+		size, err = strconv.Atoi(sizeString)
+		if err != nil {
+			handler.logger.Errorw("request err, GetAll", "err", err, "size", size)
+			common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+			return
+		}
+	}
+	showAllString := params.Get("showAll")
+	showAll := false
+	if len(showAllString) > 0 {
+		showAll, err = strconv.ParseBool(showAllString)
+		if err != nil {
+			handler.logger.Errorw("request err, GetAll", "err", err, "showAll", showAll)
+			common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+			return
+		}
+	}
+	res, err := handler.userService.GetAllWithFilters(sortOrder, sortBy, offset, size, showAll, searchKey)
 	if err != nil {
 		handler.logger.Errorw("service err, GetAll", "err", err)
 		common.WriteJsonResp(w, err, "Failed to Get", http.StatusInternalServerError)
@@ -692,7 +720,42 @@ func (handler UserRestHandlerImpl) FetchRoleGroups(w http.ResponseWriter, r *htt
 		common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
 		return
 	}
-	res, err := handler.roleGroupService.FetchRoleGroups()
+	// check query param
+	params := r.URL.Query()
+	sortOrder := params.Get("sortOrder")
+	searchKey := params.Get("searchKey")
+	sortBy := params.Get("sortBy")
+	offsetString := params.Get("offset")
+	var offset int
+	if len(offsetString) > 0 {
+		offset, err = strconv.Atoi(offsetString)
+		if err != nil {
+			handler.logger.Errorw("request err, FetchRoleGroups", "err", err, "offset", offset)
+			common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+			return
+		}
+	}
+	sizeString := params.Get("size")
+	var size int
+	if len(sizeString) > 0 {
+		size, err = strconv.Atoi(sizeString)
+		if err != nil {
+			handler.logger.Errorw("request err, FetchRoleGroups", "err", err, "size", size)
+			common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+			return
+		}
+	}
+	showAllString := params.Get("showAll")
+	showAll := false
+	if len(showAllString) > 0 {
+		showAll, err = strconv.ParseBool(showAllString)
+		if err != nil {
+			handler.logger.Errorw("request err, FetchRoleGroups", "err", err, "showAll", showAll)
+			common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+			return
+		}
+	}
+	res, err := handler.roleGroupService.FetchRoleGroupsWithFilters(sortOrder, sortBy, offset, size, showAll, searchKey)
 	if err != nil {
 		handler.logger.Errorw("service err, FetchRoleGroups", "err", err)
 		common.WriteJsonResp(w, err, "", http.StatusInternalServerError)

@@ -5,14 +5,15 @@ import (
 	"github.com/devtron-labs/devtron/pkg/auth/authorisation/casbin"
 	user2 "github.com/devtron-labs/devtron/pkg/auth/user"
 	repository2 "github.com/devtron-labs/devtron/pkg/auth/user/repository"
+	"github.com/devtron-labs/devtron/pkg/auth/user/repository/helper"
 	"github.com/google/wire"
 )
 
 //depends on sql,validate,logger
 
 var UserWireSet = wire.NewSet(
 	UserAuditWireSet,
-
+	helper.NewUserRepositoryQueryBuilder,
 	NewUserAuthRouterImpl,
 	wire.Bind(new(UserAuthRouter), new(*UserAuthRouterImpl)),
 	NewUserAuthHandlerImpl,

@@ -19,6 +19,7 @@ package bean
 
 import (
 	"encoding/json"
+	"github.com/devtron-labs/devtron/pkg/auth/user/bean"
 	"time"
 )
 
@@ -29,19 +30,20 @@ type UserRole struct {
 }
 
 type UserInfo struct {
-	Id           int32        `json:"id" validate:"number"`
-	EmailId      string       `json:"email_id" validate:"required"`
-	Roles        []string     `json:"roles,omitempty"`
-	AccessToken  string       `json:"access_token,omitempty"`
-	UserType     string       `json:"-"`
-	LastUsedAt   time.Time    `json:"-"`
-	LastUsedByIp string       `json:"-"`
-	Exist        bool         `json:"-"`
-	UserId       int32        `json:"-"` // created or modified user id
-	RoleFilters  []RoleFilter `json:"roleFilters"`
-	Status       string       `json:"status,omitempty"`
-	Groups       []string     `json:"groups"`
-	SuperAdmin   bool         `json:"superAdmin,notnull"`
+	Id            int32        `json:"id" validate:"number,not-system-admin-userid"`
+	EmailId       string       `json:"emailId" validate:"required,not-system-admin-user"`
+	Roles         []string     `json:"roles,omitempty"`
+	AccessToken   string       `json:"access_token,omitempty"`
+	UserType      string       `json:"-"`
+	LastUsedAt    time.Time    `json:"-"`
+	LastUsedByIp  string       `json:"-"`
+	Exist         bool         `json:"-"`
+	UserId        int32        `json:"-"` // created or modified user id
+	RoleFilters   []RoleFilter `json:"roleFilters"`
+	Status        string       `json:"status,omitempty"`
+	Groups        []string     `json:"groups"` // this will be deprecated in future do not use
+	SuperAdmin    bool         `json:"superAdmin,notnull"`
+	LastLoginTime time.Time    `json:"lastLoginTime"`
 }
 
 type RoleGroup struct {
@@ -117,3 +119,22 @@ const (
 	CHART_GROUP_ENTITY              = "chart-group"
 	CLUSTER_ENTITIY                 = "cluster"
 )
+
+type UserListingResponse struct {
+	Users      []UserInfo `json:"users"`
+	TotalCount int        `json:"totalCount"`
+}
+
+type RoleGroupListingResponse struct {
+	RoleGroups []*RoleGroup `json:"roleGroups"`
+	TotalCount int          `json:"totalCount"`
+}
+
+type FetchListingRequest struct {
+	SearchKey string         `json:"searchKey"`
+	SortOrder bean.SortOrder `json:"sortOrder"`
+	SortBy    bean.SortBy    `json:"sortBy"`
+	Offset    int            `json:"offset"`
+	Size      int            `json:"size"`
+	ShowAll   bool           `json:"showAll"`
+}
@@ -94,9 +94,33 @@ func IntValidator() (*validator.Validate, error) {
 	if err != nil {
 		return v, err
 	}
+	err = v.RegisterValidation("not-system-admin-user", validateForSystemOrAdminUser)
+	if err != nil {
+		return v, err
+	}
+	err = v.RegisterValidation("not-system-admin-userid", validateForSystemOrAdminUserById)
+	if err != nil {
+		return v, err
+	}
 	return v, err
 }
 
+func validateForSystemOrAdminUser(fl validator.FieldLevel) bool {
+	value := fl.Field().String()
+	if value == "admin" || value == "system" {
+		return false
+	}
+	return true
+}
+
+func validateForSystemOrAdminUserById(fl validator.FieldLevel) bool {
+	value := fl.Field().Int()
+	if value == 1 || value == 2 {
+		return false
+	}
+	return true
+}
+
 func validateDockerImage(fl validator.FieldLevel) bool {
 	value := fl.Field().String()
 	if strings.Contains(value, ":") {

@@ -20,6 +20,7 @@ package user
 import (
 	"errors"
 	"fmt"
+	"github.com/devtron-labs/devtron/pkg/auth/user/repository/helper"
 	"strings"
 	"time"
 
@@ -40,29 +41,33 @@ type RoleGroupService interface {
 	UpdateRoleGroup(request *bean.RoleGroup, token string, managerAuth func(resource, token string, object string) bool) (*bean.RoleGroup, error)
 	FetchDetailedRoleGroups() ([]*bean.RoleGroup, error)
 	FetchRoleGroupsById(id int32) (*bean.RoleGroup, error)
-	FetchRoleGroups() ([]*bean.RoleGroup, error)
+	FetchRoleGroups() (*bean.RoleGroupListingResponse, error)
+	FetchRoleGroupsWithFilters(sortOrder string, sortBy string, offset int, totalSize int, showAll bool, searchKey string) (*bean.RoleGroupListingResponse, error)
 	FetchRoleGroupsByName(name string) ([]*bean.RoleGroup, error)
 	DeleteRoleGroup(model *bean.RoleGroup) (bool, error)
 	FetchRolesForGroups(groupNames []string) ([]*bean.RoleFilter, error)
 }
 
 type RoleGroupServiceImpl struct {
-	userAuthRepository  repository.UserAuthRepository
-	logger              *zap.SugaredLogger
-	userRepository      repository.UserRepository
-	roleGroupRepository repository.RoleGroupRepository
-	userCommonService   UserCommonService
+	userAuthRepository         repository.UserAuthRepository
+	logger                     *zap.SugaredLogger
+	userRepository             repository.UserRepository
+	roleGroupRepository        repository.RoleGroupRepository
+	userCommonService          UserCommonService
+	userRepositoryQueryBuilder helper.UserRepositoryQueryBuilder
 }
 
 func NewRoleGroupServiceImpl(userAuthRepository repository.UserAuthRepository,
 	logger *zap.SugaredLogger, userRepository repository.UserRepository,
-	roleGroupRepository repository.RoleGroupRepository, userCommonService UserCommonService) *RoleGroupServiceImpl {
+	roleGroupRepository repository.RoleGroupRepository, userCommonService UserCommonService,
+	userRepositoryQueryBuilder helper.UserRepositoryQueryBuilder) *RoleGroupServiceImpl {
 	serviceImpl := &RoleGroupServiceImpl{
-		userAuthRepository:  userAuthRepository,
-		logger:              logger,
-		userRepository:      userRepository,
-		roleGroupRepository: roleGroupRepository,
-		userCommonService:   userCommonService,
+		userAuthRepository:         userAuthRepository,
+		logger:                     logger,
+		userRepository:             userRepository,
+		roleGroupRepository:        roleGroupRepository,
+		userCommonService:          userCommonService,
+		userRepositoryQueryBuilder: userRepositoryQueryBuilder,
 	}
 	cStore = sessions.NewCookieStore(randKey())
 	return serviceImpl
@@ -619,12 +624,67 @@ func (impl RoleGroupServiceImpl) FetchDetailedRoleGroups() ([]*bean.RoleGroup, e
 	return list, nil
 }
 
-func (impl RoleGroupServiceImpl) FetchRoleGroups() ([]*bean.RoleGroup, error) {
-	roleGroup, err := impl.roleGroupRepository.GetAllRoleGroup()
+func (impl RoleGroupServiceImpl) FetchRoleGroups() (*bean.RoleGroupListingResponse, error) {
+	list, err := impl.FetchDetailedRoleGroups()
 	if err != nil {
-		impl.logger.Errorw("error while fetching user from db", "error", err)
+		impl.logger.Errorw("error in FetchDetailedRoleGroups", "err", err)
+		return nil, err
+	}
+	response := &bean.RoleGroupListingResponse{
+		RoleGroups: list,
+		TotalCount: len(list),
+	}
+	return response, nil
+}
+
+// FetchRoleGroupsWithFilters takes filters args as input and outputs RoleGroupListingResponse based on the request filters.
+func (impl RoleGroupServiceImpl) FetchRoleGroupsWithFilters(sortOrder string, sortBy string, offset int, totalSize int, showAll bool, searchKey string) (*bean.RoleGroupListingResponse, error) {
+	// getting request from filter args
+	request := impl.getRequestWithFiltersArgs(sortOrder, sortBy, offset, totalSize, showAll, searchKey)
+	if request.ShowAll {
+		return impl.FetchRoleGroups()
+	}
+	// Setting size as zero to calculate the total number of results based on request
+	size := request.Size
+	request.Size = 0
+
+	query := impl.userRepositoryQueryBuilder.GetQueryForGroupListingWithFilters(request)
+	totalCount, err := impl.userRepository.GetCountExecutingQuery(query)
+	if err != nil {
+		impl.logger.Errorw("error in FetchRoleGroupsWithFilters", "err", err, "query", query)
+		return nil, err
+	}
+
+	request.Size = size
+	query = impl.userRepositoryQueryBuilder.GetQueryForGroupListingWithFilters(request)
+	roleGroup, err := impl.roleGroupRepository.GetAllExecutingQuery(query)
+	if err != nil {
+		impl.logger.Errorw("error while FetchRoleGroupsWithFilters", "error", err, "query", query)
 		return nil, err
 	}
+
+	list := impl.fetchRoleGroupResponseFromModel(roleGroup)
+	response := &bean.RoleGroupListingResponse{
+		RoleGroups: list,
+		TotalCount: totalCount,
+	}
+	return response, nil
+}
+
+func (impl RoleGroupServiceImpl) getRequestWithFiltersArgs(sortOrder string, sortBy string, offset int, totalSize int, showAll bool, searchKey string) *bean.FetchListingRequest {
+	sortByRes, size := impl.userCommonService.GetDefaultValuesIfNotPresent(sortBy, totalSize, true)
+	request := &bean.FetchListingRequest{
+		SortOrder: bean2.SortOrder(sortOrder),
+		SortBy:    sortByRes,
+		Offset:    offset,
+		Size:      size,
+		ShowAll:   showAll,
+		SearchKey: searchKey,
+	}
+	return request
+}
+
+func (impl RoleGroupServiceImpl) fetchRoleGroupResponseFromModel(roleGroup []*repository.RoleGroup) []*bean.RoleGroup {
 	var list []*bean.RoleGroup
 	for _, item := range roleGroup {
 		bean := &bean.RoleGroup{
@@ -639,7 +699,7 @@ func (impl RoleGroupServiceImpl) FetchRoleGroups() ([]*bean.RoleGroup, error) {
 	if len(list) == 0 {
 		list = make([]*bean.RoleGroup, 0)
 	}
-	return list, nil
+	return list
 }
 
 func (impl RoleGroupServiceImpl) FetchRoleGroupsByName(name string) ([]*bean.RoleGroup, error) {

@@ -73,6 +73,7 @@ func (impl UserAuditServiceImpl) Save(userAudit *UserAudit) error {
 		UserId:    userId,
 		ClientIp:  userAudit.ClientIp,
 		CreatedOn: userAudit.CreatedOn,
+		UpdatedOn: userAudit.UpdatedOn,
 	}
 	err := impl.userAuditRepository.Save(userAuditDb)
 	if err != nil {