feat/internal apis for users (#1885)

* add internal endpoints for creation of user and org

* support internal api for users

* Apply suggestions from code review

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

* fix merge

* add idx and fk

* drop unique index on organisation name

* make it upsert org

* make endpoints behind flag

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>

Author: motatoes

backend/bootstrap/main.go

@@ -221,8 +221,12 @@ func Bootstrap(templates embed.FS, diggerController controllers.DiggerController
 	runsApiGroup.GET("/:run_id", controllers.RunDetails)
 	runsApiGroup.POST("/:run_id/approve", controllers.ApproveRun)
 
-	// internal endpoints not meant to be exposed to public and protected behing webhook secret
-	r.POST("_internal/update_repo_cache", middleware.WebhookAuth(), diggerController.UpdateRepoCache)
+	// internal endpoints not meant to be exposed to public and protected behind webhook secret
+	if enableInternal := os.Getenv("DIGGER_ENABLE_INTERNAL_ENDPOINTS"); enableInternal == "true" {
+		r.POST("_internal/update_repo_cache", middleware.InternalApiAuth(), diggerController.UpdateRepoCache)
+		r.POST("_internal/api/create_user", middleware.InternalApiAuth(), diggerController.CreateUserInternal)
+		r.POST("_internal/api/upsert_org", middleware.InternalApiAuth(), diggerController.UpsertOrgInternal)
+	}
 
 	fronteggWebhookProcessor.POST("/create-org-from-frontegg", controllers.CreateFronteggOrgFromWebhook)
 

backend/controllers/internal_users.go

@@ -0,0 +1,88 @@
+package controllers
+
+import (
+	"github.com/diggerhq/digger/backend/models"
+	"github.com/gin-gonic/gin"
+	"log"
+	"net/http"
+)
+
+func (d DiggerController) UpsertOrgInternal(c *gin.Context) {
+	type OrgCreateRequest struct {
+		Name           string `json:"org_name"`
+		ExternalSource string `json:"external_source"`
+		ExternalId     string `json:"external_id"`
+	}
+
+	var request OrgCreateRequest
+	err := c.BindJSON(&request)
+	if err != nil {
+		log.Printf("Error binding JSON: %v", err)
+		c.JSON(http.StatusBadRequest, gin.H{"error": "Error binding JSON"})
+		return
+	}
+
+	name := request.Name
+	externalSource := request.ExternalSource
+	externalId := request.ExternalId
+
+	log.Printf("creating org for %v %v %v", name, externalSource, externalId)
+	var org *models.Organisation
+	org, err = models.DB.GetOrganisation(externalId)
+	if err != nil {
+		log.Printf("Error while retriving org: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Error creating org"})
+		return
+	}
+
+	if org == nil {
+		org, err = models.DB.CreateOrganisation(name, externalSource, externalId)
+	}
+
+	if err != nil {
+		log.Printf("Error creating org: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Error creating org"})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{"status": "success", "org_id": org.ID})
+}
+
+func (d DiggerController) CreateUserInternal(c *gin.Context) {
+	type UserCreateRequest struct {
+		UserExternalSource string `json:"external_source"`
+		UserExternalId     string `json:"external_id"`
+		UserEmail          string `json:"email"`
+		OrgExternalId      string `json:"external_org_id"`
+	}
+
+	var request UserCreateRequest
+	err := c.BindJSON(&request)
+	if err != nil {
+		log.Printf("Error binding JSON: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Error binding JSON"})
+		return
+	}
+
+	extUserId := request.UserExternalId
+	extUserSource := request.UserExternalSource
+	userEmail := request.UserEmail
+	externalOrgId := request.OrgExternalId
+
+	org, err := models.DB.GetOrganisation(externalOrgId)
+	if err != nil {
+		log.Printf("Error retrieving org: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Error retrieving org"})
+	}
+
+	// for now using email for username since we want to deprecate that field
+	username := userEmail
+	user, err := models.DB.CreateUser(userEmail, extUserSource, extUserId, org.ID, username)
+	if err != nil {
+		log.Printf("Error creating user: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Error creating user"})
+		return
+	}
+
+	c.JSON(200, gin.H{"status": "success", "user_id": user.ID})
+}

backend/middleware/webhook.go

@@ -7,7 +7,7 @@ import (
 	"strings"
 )
 
-func WebhookAuth() gin.HandlerFunc {
+func InternalApiAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		webhookSecret := os.Getenv("DIGGER_INTERNAL_SECRET")
 		authHeader := c.Request.Header.Get("Authorization")

backend/migrations/20250220084846.sql

@@ -0,0 +1,2 @@
+-- Modify "users" table
+ALTER TABLE "public"."users" ADD COLUMN "email" text NULL, ADD COLUMN "external_id" text NULL, ADD COLUMN "org_id" bigint NULL;

backend/migrations/20250220172054.sql

@@ -0,0 +1,2 @@
+-- Modify "users" table
+ALTER TABLE "public"."users" ADD COLUMN "external_source" text NULL;

backend/migrations/20250220172321.sql

@@ -0,0 +1,2 @@
+-- Create index "idx_user_external_source" to table: "users"
+CREATE UNIQUE INDEX "idx_user_external_source" ON "public"."users" ("external_source", "external_id");

backend/migrations/20250220173053.sql

@@ -0,0 +1,2 @@
+-- Create index "idx_users_email" to table: "users"
+CREATE UNIQUE INDEX "idx_users_email" ON "public"."users" ("email");

backend/migrations/20250220173439.sql

@@ -0,0 +1,4 @@
+-- Rename a column from "org_id" to "organisation_id"
+ALTER TABLE "public"."users" RENAME COLUMN "org_id" TO "organisation_id";
+-- Modify "users" table
+ALTER TABLE "public"."users" ADD CONSTRAINT "fk_users_organisation" FOREIGN KEY ("organisation_id") REFERENCES "public"."organisations" ("id") ON UPDATE NO ACTION ON DELETE NO ACTION;

backend/migrations/20250221044813.sql

@@ -0,0 +1,4 @@
+-- Drop index "idx_organisation" from table: "organisations"
+DROP INDEX "public"."idx_organisation";
+-- Create index "idx_organisation" to table: "organisations"
+CREATE INDEX "idx_organisation" ON "public"."organisations" ("name");

backend/migrations/atlas.sum

@@ -1,4 +1,4 @@
-h1:kHWmqYJMe9ZbdcztvM02SVEs5lyw/RFbKzZmqgbmSIk=
+h1:QQtQnP46bNFA5g3iD9R9tIJmWXQAue5yU7JTWucDhro=
 20231227132525.sql h1:43xn7XC0GoJsCnXIMczGXWis9d504FAWi4F1gViTIcw=
 20240115170600.sql h1:IW8fF/8vc40+eWqP/xDK+R4K9jHJ9QBSGO6rN9LtfSA=
 20240116123649.sql h1:R1JlUIgxxF6Cyob9HdtMqiKmx/BfnsctTl5rvOqssQw=
@@ -35,3 +35,9 @@ h1:kHWmqYJMe9ZbdcztvM02SVEs5lyw/RFbKzZmqgbmSIk=
 20241107172343.sql h1:E1j+7R5TZlyCKEpyYmH1mJ2zh+y5hVbtQ/PuEMJR7us=
 20241114202249.sql h1:P2DhJK8MLe8gSAAz+Y5KNmsvKVw8KfLQPCncynYXEfM=
 20241229112312.sql h1:Fr06uwt7LcQoLh6bjGzKB+uy9i8+uk8m6jfi+OBBbP4=
+20250220084846.sql h1:bsZFw5QWJWSdxCwJ3rrYaSRQmlfGRsXY4ZUCIvKdJPE=
+20250220172054.sql h1:YIHVpr7DyCpR9sK8Hml4wsFzRbZzSfHqJ4/x+dOTnds=
+20250220172321.sql h1:Th+twkqGEQx3cXpAhNI+VoNmxhxsOfrtexObCVwWHXM=
+20250220173053.sql h1:Ry/j04tOPQceff4o/uPM0I1r5ltMcP2vuJc6/SQBcac=
+20250220173439.sql h1:Dho4Gw361D8kuL5pB56hUj5hZM1NPTbMYVBjBW54DkE=
+20250221044813.sql h1:PPcVcoMaMY5DXyoptQYeBOEwofrzIfyKcWRd3S12I2U=

backend/models/orgs.go

@@ -7,7 +7,7 @@ import (
 
 type Organisation struct {
 	gorm.Model
-	Name           string `gorm:"uniqueIndex:idx_organisation"`
+	Name           string `gorm:"Index:idx_organisation"`
 	ExternalSource string `gorm:"uniqueIndex:idx_external_source"`
 	ExternalId     string `gorm:"uniqueIndex:idx_external_source"`
 }

backend/models/storage.go

@@ -1032,6 +1032,23 @@ func (db *Database) GetOrganisation(tenantId any) (*Organisation, error) {
 	return org, nil
 }
 
+func (db *Database) CreateUser(email string, externalSource string, externalId string, orgId uint, username string) (*User, error) {
+	user := &User{
+		Email:          email,
+		ExternalId:     externalId,
+		ExternalSource: externalSource,
+		OrganisationId: &orgId,
+		Username:       username,
+	}
+	result := db.GormDB.Save(user)
+	if result.Error != nil {
+		log.Printf("Failed to create user: %v, error: %v\n", externalId, result.Error)
+		return nil, result.Error
+	}
+	log.Printf("User (id: %v) has been created successfully\n", externalId)
+	return user, nil
+}
+
 func (db *Database) CreateOrganisation(name string, externalSource string, tenantId string) (*Organisation, error) {
 	org := &Organisation{Name: name, ExternalSource: externalSource, ExternalId: tenantId}
 	result := db.GormDB.Save(org)

backend/models/user.go

@@ -4,5 +4,11 @@ import "gorm.io/gorm"
 
 type User struct {
 	gorm.Model
-	Username string `gorm:"uniqueIndex:idx_user"`
+	Email          string `gorm:"uniqueIndex"`
+	ExternalSource string `gorm:"uniqueIndex:idx_user_external_source"`
+	ExternalId     string `gorm:"uniqueIndex:idx_user_external_source"`
+	// the default org currently in use by this user
+	OrganisationId *uint
+	Organisation   Organisation
+	Username       string `gorm:"uniqueIndex:idx_user"`
 }