Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update API to return 'source_id' for users #29718

Merged
merged 35 commits into from
Apr 16, 2024
Merged

Update API to return 'source_id' for users #29718

merged 35 commits into from
Apr 16, 2024

Conversation

tobiasbp
Copy link
Contributor

Using the API, a user's source_id can be set in the CreateUserOption model, but the field is not returned in the User model.

This PR updates the User model to include the field source_id (The ID of the Authentication Source).


The name source_id is a bit confusing since it does not hint at any relation with the login_name field. Perhaps login_source_id or login_id would be a better name? If a different name than source_id was to be used, the name should also be updated in the CreateUserOption and EditUserOptions models.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Mar 11, 2024
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Mar 11, 2024
@lunny
Copy link
Member

lunny commented Mar 12, 2024

You need to generate swagger docs.

@pull-request-size pull-request-size bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Mar 12, 2024
@github-actions github-actions bot added the modifies/api This PR adds API routes or modifies them label Mar 12, 2024
@pull-request-size pull-request-size bot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Mar 12, 2024
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Mar 14, 2024
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 14, 2024
@lunny lunny added type/enhancement An improvement of existing functionality reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. labels Mar 14, 2024
@lunny lunny added this to the 1.22.0 milestone Mar 14, 2024
@github-actions github-actions bot added the modifies/go Pull requests that update Go code label Mar 14, 2024
@techknowlogick
Copy link
Member

I agree re The name source_id is a bit confusing since it does not hint at any relation with the login_name field, but I think, at least for now, keeping it the same is fine, especially since you have it documented in the swagger docs to denote the relationship.

@delvh
Copy link
Member

delvh commented Apr 2, 2024

So, did you come to a conclusion which name to use?

@tobiasbp
Copy link
Contributor Author

tobiasbp commented Apr 2, 2024

So, did you come to a conclusion which name to use?

I proposed this earlier: #29718 (comment)

@tobiasbp
Copy link
Contributor Author

tobiasbp commented Apr 3, 2024

So, what do you think of my suggestion @delvh @techknowlogick ?
#29718 (comment)

@lunny
Copy link
Member

lunny commented Apr 3, 2024

Suddenly, I have another idea. Since we have the opportunity to refactor the user system. Maybe we should remove login_source_id in the user table but put it into external_account because one user could bind multiple auth systems. So if we merge this PR, we need to deprecate it later.

@tobiasbp
Copy link
Contributor Author

tobiasbp commented Apr 3, 2024

Suddenly, I have another idea. Since we have the opportunity to refactor the user system. Maybe we should remove login_source_id in the user table but put it into external_account because one user could bind multiple auth systems. So if we merge this PR, we need to deprecate it later.

I'm not sure we are talking about the same thing here. A user can only have a single authentication source .

image

@lunny
Copy link
Member

lunny commented Apr 3, 2024

This is the current design but I think the user can also login with some OAuth2.

@tobiasbp
Copy link
Contributor Author

tobiasbp commented Apr 3, 2024

This is the current design but I think the user can also login with some OAuth2.

I have this set up with two openID authentication sources for two different types of users. Since I can not get the auth source ID from the API, I can not (easily) tell the users apart.

Is this system going to change in the next version of Gitea?

@lunny
Copy link
Member

lunny commented Apr 3, 2024

This is the current design but I think the user can also login with some OAuth2.

I have this set up with two openID authentication sources for two different types of users. Since I can not get the auth source ID from the API, I can not (easily) tell the users apart.

Is this system going to change in the next version of Gitea?

I think it will not be in next version of Gitea but we know it has the problem and would like to do a new design like that.

Maybe we can have a new API to get a user's all auth sources so it will look compatible with backend.
Sorry for the confusions.

@tobiasbp
Copy link
Contributor Author

tobiasbp commented Apr 4, 2024

I think it will not be in next version of Gitea but we know it has the problem and would like to do a new design like that.

Hmmm.... I'm now really confused @lunny . I think you are saying one of these things:

  1. The next release of Gitea (1.22.0) will have the use of authentication sources redesigned in a way that will allow users to have more than one authentication source. This feature changes the API in way that will make this PR obsolete. We should reject this PR.

  2. Let's update the API for Gitea 1.22.0 in this request to add an endpoint that will return a users authentication source in a format that will be compatible with the plans to introduce the feature of users having several authentication sources in a version of Gitea beyond 1.22.0.

Thanks

@tobiasbp
Copy link
Contributor Author

tobiasbp commented Apr 9, 2024

Sorry to be pushy, but what are we going to do about this PR? I think it's quite the oversight, that you can currently use the API to set the source_id for a user, but not retrieve it. @lunny @delvh @techknowlogick

@techknowlogick
Copy link
Member

Yes, I agree. I think if we have a set, we need to have a get. And if/when a refactor happens then it'll also affect the set, so it'd already be breaking, so adding the get wouldn't affect things.
And thinking back about it, while a rename on the key would be nice, since it aligns with an already existing key for the set, then it would be probably best to keep the key name the same.

@tobiasbp
Copy link
Contributor Author

Yes, I agree. I think if we have a set, we need to have a get. And if/when a refactor happens then it'll also affect the set, so it'd already be breaking, so adding the get wouldn't affect things. And thinking back about it, while a rename on the key would be nice, since it aligns with an already existing key for the set, then it would be probably best to keep the key name the same.

Sounds good. Can you approve the PR please?

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/blocked A maintainer has reservations with the PR and thus it cannot be merged labels Apr 15, 2024
@techknowlogick techknowlogick added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Apr 15, 2024
@lunny lunny enabled auto-merge (squash) April 16, 2024 05:14
@lunny lunny merged commit 58b204b into go-gitea:main Apr 16, 2024
26 checks passed
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Apr 16, 2024
zjjhot added a commit to zjjhot/gitea that referenced this pull request Apr 17, 2024
* giteaofficial/main:
  Reduce unnecessary database queries on actions table (go-gitea#30509)
  [skip ci] Updated translations via Crowdin
  Tweak and fix toggle checkboxes (go-gitea#30527)
  Tweak repo buttons on mobile and labeled button border-radius (go-gitea#30503)
  Fix long branch name overflows (go-gitea#30345)
  Update API to return 'source_id' for users (go-gitea#29718)
  Allow `preferred_username` as username source for OIDC (go-gitea#30454)
  Fix empty field `login_name` in API response JSON when creating user (go-gitea#30511)
  feat(api): implement branch/commit comparison API (go-gitea#30349)
@wxiaoguang wxiaoguang modified the milestones: 1.23.0, 1.22.0 Apr 27, 2024
TKaxv-7S added a commit to TKaxv-7S/gitea that referenced this pull request May 29, 2024
This release stands as a monumental milestone in our development journey with a record-breaking incorporation of [1528](https://github.com/go-gitea/gitea/pulls?q=is%3Apr+milestone%3A1.22.0+is%3Amerged) pull requests. It marks the most extensive update in Gitea's history, showcasing a plethora of new features and infrastructure improvements.

Noteworthy advancements in this release include the introduction of `HTMX` and `Tailwind`, signaling a strategic shift as we gradually phase out `jquery` and `Fomantic UI`. These changes reflect our commitment to embracing modern technologies and enhancing the user experience.

Key highlights of this release encompass significant changes categorized under `BREAKING`, `FEATURES`, `ENHANCEMENTS`, and `PERFORMANCE`, each contributing to a more robust and efficient Gitea platform.

* BREAKING
  * Improve reverse proxy documents and clarify the AppURL guessing behavior (go-gitea#31003) (go-gitea#31020)
  * Remember log in for a month by default (go-gitea#30150)
  * Breaking summary for template refactoring (go-gitea#29395)
    * All custom templates need to follow these changes
  * Recommend/convert to use case-sensitive collation for MySQL/MSSQL (go-gitea#28662)
  * Make offline mode as default to not connect external avatar service by default (go-gitea#28548)
  * Include public repos in the doer's dashboard for issue search (go-gitea#28304)
  * Use restricted sanitizer for repository description (go-gitea#28141)
  * Support storage base path as prefix (go-gitea#27827)
  * Enhanced auth token / remember me (go-gitea#27606)
  * Rename the default themes to `gitea-light`, `gitea-dark`, `gitea-auto` (go-gitea#27419)
    * If you didn't see the new themes, please remove the `[ui].THEMES` config option from `app.ini`
  * Require MySQL 8.0, PostgreSQL 12, MSSQL 2012 (go-gitea#27337)
* FEATURES
  * Allow everyone to read or write a wiki by a repo unit setting (go-gitea#30495)
  * Use raw Wiki links for non-renderable Wiki files (go-gitea#30273)
  * Render embedded code preview by permalink in markdown (go-gitea#30234) (go-gitea#30249)
  * Support repo code search without setting up an indexer (go-gitea#29998)
  * Support pasting URLs over markdown text (go-gitea#29566)
  * Allow to change primary email before account activation (go-gitea#29412)
  * Customizable "Open with" applications for repository clone (go-gitea#29320)
  * Allow options to disable user deletion from the interface on app.ini (go-gitea#29275)
  * Extend issue template YAML engine (go-gitea#29274)
  * Add support for `linguist-detectable` and `linguist-documentation` (go-gitea#29267)
  * Implement code frequency graph (go-gitea#29191)
  * Show commit status for releases (go-gitea#29149)
  * Add user blocking (go-gitea#29028)
  * Actions Artifacts v4 backend (go-gitea#28965)
  * Add merge style `fast-forward-only` (go-gitea#28954)
  * Retarget depending pulls when the parent branch is deleted (go-gitea#28686)
  * Add global setting on how timestamps should be rendered (go-gitea#28657)
  * Implement actions badge SVGs (go-gitea#28102)
  * Add skip ci functionality (go-gitea#28075)
  * Show latest commit for file (go-gitea#28067)
  * Allow to sync tags from the admin dashboard (go-gitea#28045)
  * Add Profile Readme for Organisations (go-gitea#27955)
  * Implement contributors graph (go-gitea#27882)
  * Artifact deletion in actions ui (go-gitea#27172)
  * Add API routes to get runner registration token (go-gitea#27144)
  * Add support for forking single branch (go-gitea#25821)
  * Add support for sha256 repositories (go-gitea#23894)
  * Add admin API route for managing user's badges (go-gitea#23106)
* ENHANCEMENTS
  * Make gitea webhooks openproject compatible (go-gitea#28435) (go-gitea#31081)
  * Support using label names when changing issue labels (go-gitea#30943) (go-gitea#30958)
  * Fix various problems around project board view (go-gitea#30696) (go-gitea#30902)
  * Improve context popup rendering (go-gitea#30824) (go-gitea#30829)
  * Allow to save empty comment (go-gitea#30706)
  * Prevent allow/reject reviews on merged/closed PRs (go-gitea#30686)
  * Initial support for colorblindness-friendly themes (go-gitea#30625)
  * Some NuGet package enhancements (go-gitea#30280) (go-gitea#30324)
  * Markup color and font size fixes (go-gitea#30282) (go-gitea#30310)
  * Show 12 lines in markup code preview (go-gitea#30255) (go-gitea#30257)
  * Add `[other].SHOW_FOOTER_POWERED_BY` setting to hide `Powered by` (go-gitea#30253)
  * Pulse page improvements (go-gitea#30149)
  * Render code tags in commit messages (go-gitea#30146)
  * Prevent re-review and dismiss review actions on closed and merged PRs (go-gitea#30065)
  * Cancel previous runs of the same PR automatically (go-gitea#29961)
  * Drag-and-drop improvements for projects and issue pins (go-gitea#29875)
  * Add default board to new projects, remove uncategorized pseudo-board (go-gitea#29874)
  * Prevent layout shift in `<overflow-menu>` items (go-gitea#29831)
  * Add skip ci support for pull request title (go-gitea#29774)
  * Add more stats tables (go-gitea#29730)
  * Update API to return 'source_id' for users (go-gitea#29718)
  * Determine fuzziness of bleve indexer by keyword length (go-gitea#29706)
  * Expose fuzzy search for issues/pulls (go-gitea#29701)
  * Put an edit file button on pull request files to allow a quick operation (go-gitea#29697)
  * Fix action runner offline label padding (go-gitea#29691)
  * Update allowed attachment types (go-gitea#29688)
  * Completely style the webkit autofill (go-gitea#29683)
  * Highlight archived labels (go-gitea#29680)
  * Add a warning for disallowed email domains (go-gitea#29658)
  * Set user's 24h preference from their current OS locale (go-gitea#29651)
  * Add setting to disable user features when user login type is not plain (go-gitea#29615)
  * Improve natural sort (go-gitea#29611)
  * Make wiki default branch name changeable (go-gitea#29603)
  * Unify search boxes (go-gitea#29530)
  * Add support for API blob upload of release attachments (go-gitea#29507)
  * Detect broken git hooks (go-gitea#29494)
  * Sync branches to DB immediately when handling git hook calling (go-gitea#29493)
  * Allow options to disable user GPG key configuration from the interface on app.ini (go-gitea#29486)
  * Allow options to disable user SSH key configuration from the interface on app.ini (go-gitea#29447)
  * Use relative links for commits, mentions, and issues in markdown (go-gitea#29427)
  * Add `<overflow-menu>`, rename webcomponents (go-gitea#29400)
  * Include resource state events in Gitlab downloads (go-gitea#29382)
  * Properly migrate target branch change GitLab comment (go-gitea#29340)
  * Recolor dark theme to blue shade (go-gitea#29283)
  * Partially enable MSSQL case-sensitive collation support (go-gitea#29238)
  * Auto-update the system status in the admin dashboard (go-gitea#29163)
  * Integrate alpine `noarch` packages into other architectures index (go-gitea#29137)
  * Document how the TOC election process works (go-gitea#29135)
  * Tweak repo header (go-gitea#29134)
  * Make blockquote border size less aggressive (go-gitea#29124)
  * Downscale pasted PNG images based on metadata (go-gitea#29123)
  * Show `View at this point in history` for every commit (go-gitea#29122)
  * Add support for action artifact serve direct (go-gitea#29120)
  * Change webhook-type in create-view (go-gitea#29114)
  * Drop "@" from the email sender to avoid spam filters (go-gitea#29109)
  * Allow non-admin users to delete review requests (go-gitea#29057)
  * Improve user search display name (go-gitea#29002)
  * Include username in email headers (go-gitea#28981)
  * Show whether a PR is WIP inside popups (go-gitea#28975)
  * Also match weakly validated ETags (go-gitea#28957)
  * Support nuspec manifest download for Nuget packages (go-gitea#28921)
  * Fix hardcoded GitHub icon used as migrated release avatar (go-gitea#28910)
  * Propagate install_if and provider_priority to APKINDEX (go-gitea#28899)
  * Add artifacts v4 JWT to job message and accept it (go-gitea#28885)
  * Enable/disable owner and repo projects independently (go-gitea#28805)
  * Add non-JS fallback for reaction tooltips (go-gitea#28785)
  * Add the ability to see open and closed issues at the same time (go-gitea#28757)
  * Move sign-in labels to be above inputs (go-gitea#28753)
  * Display the latest sync time for pull mirrors on the repo page (go-gitea#28712)
  * Show in Web UI if the file is vendored and generated (go-gitea#28620)
  * Add orphaned topic consistency check (go-gitea#28507)
  * Add branch protection setting for ignoring stale approvals (go-gitea#28498)
  * Add option to set language in admin user view (go-gitea#28449)
  * Fix incorrect run order of action jobs (go-gitea#28367)
  * Add missing exclusive in advanced label options (go-gitea#28322)
  * Added instance-level variables (go-gitea#28115)
  * Add edit option for README.md (go-gitea#28071)
  * Fix link to `Code` tab on wiki commits (go-gitea#28041)
  * Allow to set explore page default sort (go-gitea#27951)
  * Improve PR diff view on mobile (go-gitea#27883)
  * Properly migrate automatic merge GitLab comments (go-gitea#27873)
  * Display issue task list on project cards (go-gitea#27865)
  * Add Index to pull_auto_merge.doer_id (go-gitea#27811)
  * Fix display member unit in the menu bar if there are no hidden members in public org (go-gitea#27795)
  * List all Debian package versions in `Packages` (go-gitea#27786)
  * Allow pull requests Manually Merged option to be used by non-admins (go-gitea#27780)
  * Only show diff file tree when more than one file changed (go-gitea#27775)
  * Show placeholder email in privacy popup (go-gitea#27770)
  * Revamp repo header (go-gitea#27760)
  * Add `must-change-password` command line parameter (go-gitea#27626)
  * Unify password changing and invalidate auth tokens (go-gitea#27625)
  * Add border to file tree 'sub-items' and add padding to 'item-file' (go-gitea#27593)
  * Add slow SQL query warning (go-gitea#27545)
  * Pre-register OAuth application for tea (go-gitea#27509)
  * Differentiate between `push` and `pull` `mirror sync in progress` (go-gitea#27390)
  * Link to file from its history (go-gitea#27354)
  * Add a shortcut to user's profile page to admin user details (go-gitea#27299)
  * Doctor: delete action entries without existing user (go-gitea#27292)
  * Show total TrackedTime on issue/pull/milestone lists (go-gitea#26672)
  * Don't show the new pull request button when the page is not compare pull (go-gitea#26431)
  * Add `Hide/Show all checks` button to commit status check (go-gitea#26284)
  * Improvements of releases list and tags list (go-gitea#25859)
* PERFORMANCE
  * Fix package list performance (go-gitea#30520) (go-gitea#30616)
  * Add commit status summary table to reduce query from commit status table (go-gitea#30223)
  * Refactor markup/csv: don't read all to memory (go-gitea#29760)
  * Lazy load object format with command line and don't do it in OpenRepository (go-gitea#29712)
  * Add cache for branch divergence on branch list page (go-gitea#29577)
  * Do some performance optimization for issues list and view issue/pull (go-gitea#29515)
  * Cache repository default branch commit status to reduce query on commit status table (go-gitea#29444)
  * Use `crypto/sha256` (go-gitea#29386)
  * Some performance optimization on the dashboard and issues page (go-gitea#29010)
  * Add combined index for issue_user.uid and issue_id (go-gitea#28080)

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEumb2f9c/cFjXEtMIw7fJG2Mvc4oFAmZUPBEACgkQw7fJG2Mv
# c4polxAAjJgg1UISxasNGbX/V4G2P9eeXam9lQ5DYAGS6d+RYdTcYdGSbOZujIGG
# cVqoZjYCJm7b3KuL1Jjrf7sIAjPB3E9gO8aJ3r+6PGjRpMwCACPUlCo8QWRPDhcU
# /eWleWFs59ZMxHnHT3oLH0TGwbdY4tc35/iKElUIc6sX8WBal0SsYScfBJrRTtS/
# DxBaovmkiG0RUWHK3mK0zHrRW9nJecz/4XFWIHgBjKzvCHlzSYrOjUPvytERlWtO
# o7i+1Wsret1JLWoW53L3ZQIXCwBBLYjsan9oq7YgSD0Usl9En3o0+S06+TVNiWMp
# MNbOQt2SQsIJPPP83pql+rPbKqAp1dibWXLF70mJrBVpdw/b0VHK2K8fIa5Eiilk
# EOR9D8uoOgjvxWVjNI9Gg+lzbT0KoQI90Iexwcloq22MDFPJC3EqirDpwBdkZFJA
# 5/6iGvPILD1SVkAzjdMD6Ukc8zWwPVLENwcTCVxr8H2q6/Jbo+29WIlCM+/0a0t3
# 1kN77Yx1So9VFUOqPjHsoO72Wc/Zved1ZDqg9UgqP6L2dH2ns0mh92QM+Pplqi2T
# NsJQih4NeZsfDQ7rm0oMcvFqV21a62zZYDi/KqFePRAs5D9K4PU2EmR7jcvf4uax
# ZRyHsqDh00/OSYE/CefriyIMshWmTVCDbT/I3/SCXZX1scrKa3k=
# =UO/N
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon, May 27, 2024  3:53:53 PM
# gpg:                using RSA key BA66F67FD73F7058D712D308C3B7C91B632F738A
# gpg: Can't check signature: No public key

# Conflicts:
#	.github/workflows/release-nightly.yml
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Jul 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/api This PR adds API routes or modifies them modifies/go Pull requests that update Go code size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. type/enhancement An improvement of existing functionality
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants