disable email and providers based on workspace

Thomasr · ludomikula · commit b7277b0d4625 · 2024-10-28T18:25:25.000+01:00
diff --git a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/authentication/AuthenticationServiceImpl.java b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/authentication/AuthenticationServiceImpl.java
@@ -53,15 +53,15 @@ private Mono<FindAuthConfig> findAuthConfig(String orgId, Function<AbstractAuthC
     public Flux<FindAuthConfig> findAllAuthConfigs(String orgId, boolean enableOnly) {
 
         Mono<FindAuthConfig> emailAuthConfigMono = orgMemberService.doesAtleastOneAdminExist()
-                .map(doesAtleastOneAdminExist -> {
+                .flatMap(doesAtleastOneAdminExist -> {
                     boolean shouldEnableRegister;
                     if(doesAtleastOneAdminExist) {
                         shouldEnableRegister = authProperties.getEmail().getEnableRegister();
                     } else {
                         shouldEnableRegister = Boolean.TRUE;
                     }
-                    return new FindAuthConfig
-                            (new EmailAuthConfig(AuthSourceConstants.EMAIL, authProperties.getEmail().isEnable(), shouldEnableRegister), null);
+                    if(orgId == null) return Mono.just(new FindAuthConfig(new EmailAuthConfig(AuthSourceConstants.EMAIL, authProperties.getEmail().isEnable(), shouldEnableRegister), null));
+                    else return organizationService.getById(orgId).map(organization -> new FindAuthConfig(new EmailAuthConfig(AuthSourceConstants.EMAIL, !organization.getIsEmailDisabled(), shouldEnableRegister), null));
                 });
 
 
diff --git a/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/organization/model/Organization.java b/server/api-service/lowcoder-domain/src/main/java/org/lowcoder/domain/organization/model/Organization.java
@@ -51,6 +51,13 @@ public class Organization extends HasIdAndAuditing implements BeforeMongodbWrite
 
     private String contactPhoneNumber;
 
+    private Boolean isEmailDisabled;
+
+    public Boolean getIsEmailDisabled() {
+        if(isEmailDisabled == null) return false;
+        else return isEmailDisabled;
+    }
+
     @JsonIgnore
     private String logoAssetId;
 
diff --git a/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java b/server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/authentication/service/AuthenticationApiServiceImpl.java
@@ -246,9 +246,13 @@ public Mono<Boolean> enableAuthConfig(AuthConfigRequest authConfigRequest) {
                 .then(sessionUserService.getVisitorOrgMemberCache())
                 .flatMap(orgMember -> organizationService.getById(orgMember.getOrgId()))
                 .doOnNext(organization -> {
-                    boolean duplicateAuthType = addOrUpdateNewAuthConfig(organization, authConfigFactory.build(authConfigRequest, true));
-                    if(duplicateAuthType) {
-                        deferredError(DUPLICATE_AUTH_CONFIG_ADDITION, "DUPLICATE_AUTH_CONFIG_ADDITION");
+                    if(authConfigRequest.getId().equals("EMAIL")) {
+                        organization.setIsEmailDisabled(false);
+                    } else {
+                        boolean duplicateAuthType = addOrUpdateNewAuthConfig(organization, authConfigFactory.build(authConfigRequest, true));
+                        if (duplicateAuthType) {
+                            deferredError(DUPLICATE_AUTH_CONFIG_ADDITION, "DUPLICATE_AUTH_CONFIG_ADDITION");
+                        }
                     }
                 })
                 .flatMap(organization -> organizationService.update(organization.getId(), organization));
@@ -346,22 +350,15 @@ private Mono<Void> checkIfAdmin() {
      * If true, throw an exception to avoid disabling the last effective connection way.
      */
     private Mono<Void> checkIfOnlyEffectiveCurrentUserConnections(String authId) {
-        Mono<List<String>> userConnectionAuthConfigIdListMono = sessionUserService.getVisitor()
-                .flatMapIterable(User::getConnections)
-                .filter(connection -> StringUtils.isNotBlank(connection.getAuthId()))
-                .map(Connection::getAuthId)
-                .collectList();
-        Mono<List<String>> orgAuthIdListMono = authenticationService.findAllAuthConfigs(null, true)
-                .map(FindAuthConfig::authConfig)
-                .map(AbstractAuthConfig::getId)
-                .collectList();
-        return Mono.zip(userConnectionAuthConfigIdListMono, orgAuthIdListMono)
-                .delayUntil(tuple -> {
-                    List<String> userConnectionAuthConfigIds = tuple.getT1();
-                    List<String> orgAuthConfigIds = tuple.getT2();
-                    userConnectionAuthConfigIds.retainAll(orgAuthConfigIds);
-                    userConnectionAuthConfigIds.remove(authId);
-                    if (CollectionUtils.isEmpty(userConnectionAuthConfigIds)) {
+        return sessionUserService.getVisitorOrgMemberCache()
+                .map(OrgMember::getOrgId)
+                .flatMap(orgId -> authenticationService.findAllAuthConfigs(orgId, true)
+                        .map(FindAuthConfig::authConfig)
+                        .map(AbstractAuthConfig::getId)
+                        .collectList())
+                .delayUntil(orgAuthConfigIds -> {
+                    orgAuthConfigIds.remove(authId);
+                    if (CollectionUtils.isEmpty(orgAuthConfigIds)) {
                         return Mono.error(new BizException(DISABLE_AUTH_CONFIG_FORBIDDEN, "DISABLE_AUTH_CONFIG_FORBIDDEN"));
                     }
                     return Mono.empty();
@@ -370,26 +367,29 @@ private Mono<Void> checkIfOnlyEffectiveCurrentUserConnections(String authId) {
     }
 
     private void disableAuthConfig(Organization organization, String authId, boolean delete) {
-
-        Predicate<AbstractAuthConfig> authConfigPredicate = abstractAuthConfig -> Objects.equals(abstractAuthConfig.getId(), authId);
-
-        if(delete) {
-            List<AbstractAuthConfig> abstractAuthConfigs = Optional.of(organization)
-                    .map(Organization::getAuthConfigs)
-                    .orElse(Collections.emptyList());
-
-            abstractAuthConfigs.removeIf(authConfigPredicate);
-
-            organization.getOrganizationDomain().setConfigs(abstractAuthConfigs);
-
+        if(authId.equals("EMAIL")) {
+            organization.setIsEmailDisabled(true);
         } else {
-            Optional.of(organization)
-                    .map(Organization::getAuthConfigs)
-                    .orElse(Collections.emptyList()).stream()
-                    .filter(authConfigPredicate)
-                    .forEach(abstractAuthConfig -> {
-                        abstractAuthConfig.setEnable(false);
-                    });
+            Predicate<AbstractAuthConfig> authConfigPredicate = abstractAuthConfig -> Objects.equals(abstractAuthConfig.getId(), authId);
+
+            if (delete) {
+                List<AbstractAuthConfig> abstractAuthConfigs = Optional.of(organization)
+                        .map(Organization::getAuthConfigs)
+                        .orElse(Collections.emptyList());
+
+                abstractAuthConfigs.removeIf(authConfigPredicate);
+
+                organization.getOrganizationDomain().setConfigs(abstractAuthConfigs);
+
+            } else {
+                Optional.of(organization)
+                        .map(Organization::getAuthConfigs)
+                        .orElse(Collections.emptyList()).stream()
+                        .filter(authConfigPredicate)
+                        .forEach(abstractAuthConfig -> {
+                            abstractAuthConfig.setEnable(false);
+                        });
+            }
         }
     }
 
