feat: fix /api/send-email API for app user

* feat(helm): support for extraVolumes and extraVolumeMounts

* ci(helm): run helm unittests

.github/workflows/helm.yml

@@ -5,7 +5,7 @@ on:
     branches:
       - master
     paths:
-      - 'manifests/casdoor/Chart.yaml'
+      - "manifests/casdoor/**"
 
 jobs:
   release-helm-chart:
@@ -18,6 +18,12 @@ jobs:
       - name: Set up Helm
         uses: azure/setup-helm@v3
 
+      - name: Run helm unittest
+        id: unittest
+        run: |
+          helm plugin install https://github.com/helm-unittest/helm-unittest.git
+          helm unittest manifests/casdoor
+
       - name: Log in to Docker Hub
         uses: docker/login-action@v3
         with:
@@ -37,4 +43,4 @@ jobs:
       - name: Commit updated helm index.yaml
         uses: stefanzweifel/git-auto-commit-action@v5
         with:
-          commit_message: 'ci: update helm index.yaml'
+          commit_message: "ci: update helm index.yaml"

.gitignore

@@ -18,7 +18,7 @@ bin/
 
 .idea/
 *.iml
-.vscode/
+.vscode/settings.json
 
 tmp/
 tmpFiles/
@@ -31,3 +31,6 @@ commentsRouter*.go
 # ignore build result
 casdoor
 server
+
+# include helm-chart
+!manifests/casdoor

.vscode/launch.json

@@ -0,0 +1,15 @@
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Debug",
+            "type": "go",
+            "request": "launch",
+            "mode": "auto",
+            "program": "${workspaceFolder}",
+            "cwd": "${workspaceFolder}",
+            "debugAdapter": "dlv-dap",
+            "args": ["--createDatabase=true"]
+        }
+    ]
+}

Makefile

@@ -86,6 +86,9 @@ docker-build: ## Build docker image with the manager.
 docker-push: ## Push docker image with the manager.
 	docker push ${REGISTRY}/${IMG}:${IMG_TAG}
 
+deps: ## Run dependencies for local development
+	docker compose up -d db
+
 lint-install: ## Install golangci-lint
 	@# The following installs a specific version of golangci-lint, which is appropriate for a CI server to avoid different results from build to build
 	go get github.com/golangci/golangci-lint/cmd/golangci-lint@v1.40.1

controllers/casbin_api.go

@@ -30,6 +30,7 @@ import (
 // @Param   permissionId    query   string  false   "permission id"
 // @Param   modelId    query   string  false   "model id"
 // @Param   resourceId    query   string  false   "resource id"
+// @Param   owner    query   string  false   "owner"
 // @Success 200 {object} controllers.Response The Response object
 // @router /enforce [post]
 func (c *ApiController) Enforce() {
@@ -37,6 +38,7 @@ func (c *ApiController) Enforce() {
 	modelId := c.Input().Get("modelId")
 	resourceId := c.Input().Get("resourceId")
 	enforcerId := c.Input().Get("enforcerId")
+	owner := c.Input().Get("owner")
 
 	if len(c.Ctx.Input.RequestBody) == 0 {
 		c.ResponseError("The request body should not be empty")
@@ -117,6 +119,8 @@ func (c *ApiController) Enforce() {
 			c.ResponseError(err.Error())
 			return
 		}
+	} else if owner != "" {
+		permissions, err = object.GetPermissions(owner)
 	} else {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
@@ -152,12 +156,14 @@ func (c *ApiController) Enforce() {
 // @Param   body    body   []string  true   "array of casbin requests"
 // @Param   permissionId    query   string  false   "permission id"
 // @Param   modelId    query   string  false   "model id"
+// @Param   owner    query   string  false   "owner"
 // @Success 200 {object} controllers.Response The Response object
 // @router /batch-enforce [post]
 func (c *ApiController) BatchEnforce() {
 	permissionId := c.Input().Get("permissionId")
 	modelId := c.Input().Get("modelId")
 	enforcerId := c.Input().Get("enforcerId")
+	owner := c.Input().Get("owner")
 
 	var requests [][]string
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &requests)
@@ -227,6 +233,8 @@ func (c *ApiController) BatchEnforce() {
 			c.ResponseError(err.Error())
 			return
 		}
+	} else if owner != "" {
+		permissions, err = object.GetPermissions(owner)
 	} else {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return

controllers/service.go

@@ -54,7 +54,7 @@ type NotificationForm struct {
 // @Success 200 {object} controllers.Response The Response object
 // @router /api/send-email [post]
 func (c *ApiController) SendEmail() {
-	user, ok := c.RequireSignedInUser()
+	userId, ok := c.RequireSignedIn()
 	if !ok {
 		return
 	}
@@ -116,8 +116,17 @@ func (c *ApiController) SendEmail() {
 
 	// "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes."
 	content := strings.Replace(provider.Content, "%s", code, 1)
-	if user != nil {
-		content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
+	if !strings.HasPrefix(userId, "app/") {
+		var user *object.User
+		user, err = object.GetUser(userId)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+
+		if user != nil {
+			content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
+		}
 	}
 
 	for _, receiver := range emailForm.Receivers {

manifests/casdoor/Chart.yaml

@@ -21,4 +21,4 @@ version: 0.3.0
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.18.0"
+appVersion: "v1.492.0"

manifests/casdoor/index.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+entries:
+  casdoor-helm-charts:
+  - apiVersion: v2
+    appVersion: v1.492.0
+    created: "2024-01-06T19:31:03.561298242Z"
+    description: A Helm chart for Kubernetes
+    digest: 164782e0dee310005588317160890465694aa17502765496cb796ec0778d9bfd
+    name: casdoor-helm-charts
+    type: application
+    urls:
+    - oci://registry-1.docker.io/casbin/casdoor-helm-charts-0.3.0.tgz
+    version: 0.3.0
+generated: "2024-01-06T19:31:03.56073909Z"

manifests/casdoor/templates/deployment.yaml

@@ -57,21 +57,27 @@ spec:
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
           volumeMounts:
-          - name: config-volume
-            mountPath: /conf
+            - name: config-volume
+              mountPath: /conf
+            {{- if .Values.extraVolumeMounts }}
+            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+            {{- end }}
         {{ if .Values.extraContainersEnabled }}
           {{- .Values.extraContainers | nindent 8 }}
         {{- end }}
       volumes:
-       - name: config-volume
-         projected:
-           defaultMode: 420
-           sources:
-           - configMap:
-               items:
-               - key: app.conf
-                 path: app.conf
-               name: {{ printf "%s-config" (include "casdoor.fullname" .) }}
+        - name: config-volume
+          projected:
+            defaultMode: 420
+            sources:
+              - configMap:
+                  name: {{ printf "%s-config" (include "casdoor.fullname" .) }}
+                  items:
+                    - key: app.conf
+                      path: app.conf
+        {{- if .Values.extraVolumes }}
+        {{- toYaml .Values.extraVolumes | nindent 8 }}
+        {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

manifests/casdoor/templates/hpa.yaml

@@ -1,5 +1,5 @@
 {{- if .Values.autoscaling.enabled }}
-apiVersion: autoscaling/v2beta1
+apiVersion: autoscaling/v2
 kind: HorizontalPodAutoscaler
 metadata:
   name: {{ include "casdoor.fullname" . }}
@@ -17,12 +17,15 @@ spec:
     - type: Resource
       resource:
         name: cpu
-        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
     {{- end }}
     {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
     - type: Resource
       resource:
         name: memory
-        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+        target:
+          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
     {{- end }}
 {{- end }}

manifests/casdoor/tests/__snapshot__/deployment_test.yaml.snap

@@ -0,0 +1,128 @@
+has extraVolume and extraVolumeMounts:
+  1: |
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      labels:
+        app.kubernetes.io/instance: RELEASE-NAME
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: casdoor-helm-charts
+        app.kubernetes.io/version: 1.2.3
+        helm.sh/chart: casdoor-helm-charts-1.0.0
+      name: RELEASE-NAME-casdoor-helm-charts
+    spec:
+      replicas: 1
+      selector:
+        matchLabels:
+          app.kubernetes.io/instance: RELEASE-NAME
+          app.kubernetes.io/name: casdoor-helm-charts
+      template:
+        metadata:
+          annotations:
+            checksum/config: 529bc7ea51d30d00fefc46d24be7446d0637939827bccc1c3f03755f70059470
+          labels:
+            app.kubernetes.io/instance: RELEASE-NAME
+            app.kubernetes.io/name: casdoor-helm-charts
+        spec:
+          containers:
+            - env:
+                - name: RUNNING_IN_DOCKER
+                  value: "true"
+              image: casbin/casdoor:1.2.3
+              imagePullPolicy: IfNotPresent
+              livenessProbe:
+                httpGet:
+                  path: /
+                  port: http
+              name: casdoor-helm-charts
+              ports:
+                - containerPort: 8000
+                  name: http
+                  protocol: TCP
+              readinessProbe:
+                httpGet:
+                  path: /
+                  port: http
+              resources: {}
+              securityContext: {}
+              volumeMounts:
+                - mountPath: /conf
+                  name: config-volume
+                - mountPath: /extra-volume
+                  name: extra-volume
+          securityContext: {}
+          serviceAccountName: RELEASE-NAME-casdoor-helm-charts
+          volumes:
+            - name: config-volume
+              projected:
+                defaultMode: 420
+                sources:
+                  - configMap:
+                      items:
+                        - key: app.conf
+                          path: app.conf
+                      name: RELEASE-NAME-casdoor-helm-charts-config
+            - emptyDir: {}
+              name: extra-volume
+manifest should match snapshot:
+  1: |
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      labels:
+        app.kubernetes.io/instance: RELEASE-NAME
+        app.kubernetes.io/managed-by: Helm
+        app.kubernetes.io/name: casdoor-helm-charts
+        app.kubernetes.io/version: 1.2.3
+        helm.sh/chart: casdoor-helm-charts-1.0.0
+      name: RELEASE-NAME-casdoor-helm-charts
+    spec:
+      replicas: 1
+      selector:
+        matchLabels:
+          app.kubernetes.io/instance: RELEASE-NAME
+          app.kubernetes.io/name: casdoor-helm-charts
+      template:
+        metadata:
+          annotations:
+            checksum/config: 529bc7ea51d30d00fefc46d24be7446d0637939827bccc1c3f03755f70059470
+          labels:
+            app.kubernetes.io/instance: RELEASE-NAME
+            app.kubernetes.io/name: casdoor-helm-charts
+        spec:
+          containers:
+            - env:
+                - name: RUNNING_IN_DOCKER
+                  value: "true"
+              image: casbin/casdoor:1.2.3
+              imagePullPolicy: IfNotPresent
+              livenessProbe:
+                httpGet:
+                  path: /
+                  port: http
+              name: casdoor-helm-charts
+              ports:
+                - containerPort: 8000
+                  name: http
+                  protocol: TCP
+              readinessProbe:
+                httpGet:
+                  path: /
+                  port: http
+              resources: {}
+              securityContext: {}
+              volumeMounts:
+                - mountPath: /conf
+                  name: config-volume
+          securityContext: {}
+          serviceAccountName: RELEASE-NAME-casdoor-helm-charts
+          volumes:
+            - name: config-volume
+              projected:
+                defaultMode: 420
+                sources:
+                  - configMap:
+                      items:
+                        - key: app.conf
+                          path: app.conf
+                      name: RELEASE-NAME-casdoor-helm-charts-config

manifests/casdoor/tests/deployment_test.yaml

@@ -0,0 +1,20 @@
+suite: test deployment
+templates:
+  - deployment.yaml
+chart:
+  version: 1.0.0
+  appVersion: 1.2.3
+tests:
+  - it: manifest should match snapshot
+    asserts:
+      - matchSnapshot: {}
+  - it: has extraVolume and extraVolumeMounts
+    set:
+      extraVolumes:
+        - name: extra-volume
+          emptyDir: {}
+      extraVolumeMounts:
+        - name: extra-volume
+          mountPath: /extra-volume
+    asserts:
+      - matchSnapshot: {}

manifests/casdoor/values.yaml

@@ -114,4 +114,6 @@ extraContainersEnabled: false
 extraContainers: ""
 # extraContainers: |
 #  - name: ...
-#    image: ...
+#    image: ...
+extraVolumeMounts: []
+extraVolumes: []

object/application.go

@@ -664,7 +664,7 @@ func applicationChangeTrigger(oldName string, newName string) error {
 			}
 		}
 		permissions[i].Resources = permissionResoureces
-		_, err = session.Where("name=?", permissions[i].Name).Update(permissions[i])
+		_, err = session.Where("owner=?", permissions[i].Owner).Where("name=?", permissions[i].Name).Update(permissions[i])
 		if err != nil {
 			return err
 		}

object/ormer.go

@@ -36,16 +36,14 @@ import (
 )
 
 var (
-	ormer                   *Ormer = nil
-	isCreateDatabaseDefined        = false
-	createDatabase                 = true
+	ormer          *Ormer = nil
+	createDatabase        = true
+	configPath            = "conf/app.conf"
 )
 
 func InitFlag() {
-	if !isCreateDatabaseDefined {
-		isCreateDatabaseDefined = true
-		createDatabase = getCreateDatabaseFlag()
-	}
+	createDatabase = getCreateDatabaseFlag()
+	configPath = getConfigFlag()
 }
 
 func getCreateDatabaseFlag() bool {
@@ -54,6 +52,12 @@ func getCreateDatabaseFlag() bool {
 	return *res
 }
 
+func getConfigFlag() string {
+	res := flag.String("config", "conf/app.conf", "set it to \"/your/path/app.conf\" if your config file is not in: \"/conf/app.conf\"")
+	flag.Parse()
+	return *res
+}
+
 func InitConfig() {
 	err := beego.LoadAppConfig("ini", "../conf/app.conf")
 	if err != nil {
@@ -68,7 +72,7 @@ func InitConfig() {
 
 func InitAdapter() {
 	if conf.GetConfigString("driverName") == "" {
-		if !util.FileExist("conf/app.conf") {
+		if !util.FileExist(configPath) {
 			dir, err := os.Getwd()
 			if err != nil {
 				panic(err)

object/user.go

@@ -867,7 +867,8 @@ func GetUserInfo(user *User, scope string, aud string, host string) *Userinfo {
 	}
 	if strings.Contains(scope, "email") {
 		resp.Email = user.Email
-		resp.EmailVerified = user.EmailVerified
+		// resp.EmailVerified = user.EmailVerified
+		resp.EmailVerified = true
 	}
 	if strings.Contains(scope, "address") {
 		resp.Address = user.Location

web/src/auth/LoginPage.js

@@ -468,6 +468,10 @@ class LoginPage extends React.Component {
   }
 
   renderOtherFormProvider(application) {
+    if (Setting.inIframe()) {
+      return null;
+    }
+
     for (const providerConf of application.providers) {
       if (providerConf.provider?.type === "Google" && providerConf.rule === "OneTap" && this.props.preview !== "auto") {
         return (
@@ -475,6 +479,8 @@ class LoginPage extends React.Component {
         );
       }
     }
+
+    return null;
   }
 
   renderForm(application) {