Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement database-based multi user system for Web UI #1539

Merged
merged 11 commits into from
Aug 16, 2024
Merged

Implement database-based multi user system for Web UI #1539

merged 11 commits into from
Aug 16, 2024

Conversation

goekay
Copy link
Member

@goekay goekay commented Aug 11, 2024

my take on #991 to be compared with #1165

FYI @fnkbsi @juherr

@goekay goekay changed the title Fnkbs multi users goekay Implement database-based multi user system for Web UI Aug 11, 2024
juherr
juherr approved these changes Aug 11, 2024
View reviewed changes
Copy link
Contributor

@juherr juherr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, it will be an awesome feature.

I've just shared some ideas.

src/main/java/de/rwth/idsg/steve/config/SecurityConfiguration.java Outdated Show resolved Hide resolved
src/main/java/de/rwth/idsg/steve/config/SecurityConfiguration.java Outdated Show resolved Hide resolved
src/main/java/de/rwth/idsg/steve/config/SecurityConfiguration.java Outdated Show resolved Hide resolved
@goekay goekay marked this pull request as ready for review August 12, 2024 22:04
@goekay goekay mentioned this pull request Aug 12, 2024
Closed
3 tasks
@goekay
Copy link
Member Author

goekay commented Aug 13, 2024

@fnkbsi how do you want to continue from here. we have your solution/branch and my solution/branch.

would you be okay with me merging this first, and you could rebase your branch to add the missing and web-related stuff on top?

@fnkbsi
Copy link
Contributor

fnkbsi commented Aug 14, 2024

@fnkbsi how do you want to continue from here. we have your solution/branch and my solution/branch.

would you be okay with me merging this first, and you could rebase your branch to add the missing and web-related stuff on top?

@goekay: Go ahead

@fnkbsi
Copy link
Contributor

fnkbsi commented Aug 14, 2024

One more idea to discuss. Do we want a optional link (foreign_key) between user and web_user?

@juherr
Copy link
Contributor

juherr commented Aug 14, 2024

@fnkbsi I don't see value add to link user and webuser, do you?

@fnkbsi
Copy link
Contributor

fnkbsi commented Aug 14, 2024

@fnkbsi I don't see value add to link user and webuser, do you?

Maybe in some businesses cases. If a user gets also an web_user, the user can be managed on one website. If the user will be deleted, the web_user could be automatically deleted too.

I just want to address this idea before the db is changed.

@juherr
Copy link
Contributor

juherr commented Aug 14, 2024

In my understanding, Steve serves as a CPO layer that manages the stations and where the web users act as the operators.

Currently, Steve is not a multi-tenant software, meaning all users have the same permissions across all stations.

However, if we were to link specific users or tags to web users, it would open the door to the EMSP world, making the system more intricate.
Please don't! 🙏

@goekay
Copy link
Member Author

goekay commented Aug 14, 2024

@fnkbsi i think this is an interesting proposition. maybe we can do it in future, if we want to expand the capabilities of steve.

i added the token column as a preparation in 93c9cc0, because i think web users and api clients are within the same realm of "technical/operator user". one is human, the other is computer.

connecting a "web user" with a "user" would connect the technical world with the ocpp world (business). careful planning would be needed, if we want to. therefore, i would not want to rush it.

@juherr i know what this means. it would be a big undertaking. i am not categorically against it. it is just a matter of resources (i.e. time, active developers etc.).

@juherr
Copy link
Contributor

juherr commented Aug 14, 2024

IMO, if you go that way, you should start by linking web users to stations 🤷🏼‍♂️

@goekay
Copy link
Member Author

goekay commented Aug 15, 2024

FYI to the readers of this PR from the future:

if you are using a version of steve with this PR included, your auth.user and auth.password settings from internal/external properties file will be migrated to database during the first ever start-up. afterwards, only database contents will be used/respected. meaning: if you change these two fields from properties file afterwards, they will not be used/respected.

i plan to remove these two fields from properties file in a later version.

@goekay
add UserDetailsService impl using Jooq
6f725ad
@goekay
improve impl such that it is in a working condition
cc31d24
@goekay
refactor: make github action checks happy
3184cc1
@goekay
force data type JSON in Jooq for web_user.authorities
c082c0d 
reason: our build matrix fails for mysql, but succeeds for mariadb.
Jooq infers data type org.jooq.JSON for web_user.authorities for mysql.
on the other hand, it is String for mariadb.

example: https://github.com/steve-community/steve/actions/runs/10339451112
@goekay
tighten json logic
cfe8f4a 
* add check for validating that "authorities" is an array
* store a sorted set of authorities without duplicates
@goekay
add method to delete web user by database id
b5f75de 
reason: to be used by web pages. a better way than doing with username,
and is consistent with other delete operations we do.
@goekay
PR feedback: skip default admin user creation, if "any" admin already…
09a5f0d 
… exists
@goekay
refactor: PR feedback
f759291
@goekay
prepare database for #1540
163de00
juherr
juherr approved these changes Aug 16, 2024
View reviewed changes
Copy link
Contributor

@juherr juherr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@goekay goekay merged commit ecf9007 into master Aug 16, 2024
45 checks passed
@goekay goekay deleted the fnkbs_MultiUsers_goekay branch August 16, 2024 14:24
faculoyarte pushed a commit to faculoyarte/steve that referenced this pull request Sep 4, 2024
@goekay @faculoyarte
Implement database-based multi user system for Web UI (steve-communit…
89e55fc 
…y#1539)

* add UserDetailsService impl using Jooq

* improve impl such that it is in a working condition

* refactor: make github action checks happy

* force data type JSON in Jooq for web_user.authorities

reason: our build matrix fails for mysql, but succeeds for mariadb.
Jooq infers data type org.jooq.JSON for web_user.authorities for mysql.
on the other hand, it is String for mariadb.

example: https://github.com/steve-community/steve/actions/runs/10339451112

* tighten json logic

* add check for validating that "authorities" is an array
* store a sorted set of authorities without duplicates

* add method to delete web user by database id

reason: to be used by web pages. a better way than doing with username,
and is consistent with other delete operations we do.

* PR feedback: skip default admin user creation, if "any" admin already exists

* refactor: PR feedback

* prepare database for steve-community#1540

* PR feedback

* add license header where missing
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fnkbsi fnkbsi fnkbsi left review comments

@juherr juherr juherr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@goekay @fnkbsi @juherr