perf: hide the switch of local identity authentication (#3562)

#### What type of PR is this? /kind improvement /area console #### What this PR does / why we need it: 在身份认证的列表中隐藏本地身份认证的启用/禁用开关。 <img width="1402" alt="image" src="https://user-images.githubusercontent.com/21301288/226804384-e12ea447-d7ad-4429-82bc-2621fcca84dc.png"> #### Which issue(s) this PR fixes: Fixes #3557 #### Does this PR introduce a user-facing change? ```release-note None ```
2023-03-27 16:02:20 +08:00 · 2023-03-27 16:02:20 +08:00 · fbe8e627e8
parent 5b3b473cb3
commit fbe8e627e8
9 changed files with 66 additions and 10 deletions
--- a/api/src/main/java/run/halo/app/core/extension/AuthProvider.java
+++ b/api/src/main/java/run/halo/app/core/extension/AuthProvider.java
@ -23,6 +23,8 @@ import run.halo.app.extension.GVK;
    singular = "authprovider", plural = "authproviders")
 public class AuthProvider extends AbstractExtension {
    public static final String PRIVILEGED_LABEL = "auth.halo.run/privileged";
    @Schema(requiredMode = REQUIRED)
    private AuthProviderSpec spec;
--- a/application/src/main/java/run/halo/app/security/AuthProviderServiceImpl.java
+++ b/application/src/main/java/run/halo/app/security/AuthProviderServiceImpl.java
@ -9,6 +9,7 @@ import java.util.Set;
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
 import lombok.RequiredArgsConstructor;
 import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.lang.NonNull;
 import org.springframework.security.core.context.ReactiveSecurityContextHolder;
@ -18,6 +19,7 @@ import reactor.core.publisher.Mono;
 import run.halo.app.core.extension.AuthProvider;
 import run.halo.app.core.extension.UserConnection;
 import run.halo.app.extension.ConfigMap;
 import run.halo.app.extension.MetadataUtil;
 import run.halo.app.extension.ReactiveExtensionClient;
 import run.halo.app.infra.SystemSetting;
 import run.halo.app.infra.utils.JsonUtils;
@ -104,13 +106,28 @@ public class AuthProviderServiceImpl implements AuthProviderService {
        return client.fetch(ConfigMap.class, SystemSetting.SYSTEM_CONFIG)
            .flatMap(configMap -> {
                SystemSetting.AuthProvider authProvider = getAuthProvider(configMap);
                final Map<String, String> data = configMap.getData();
                consumer.accept(authProvider.getEnabled());
-                data.put(SystemSetting.AuthProvider.GROUP, JsonUtils.objectToJson(authProvider));
+                return fetchPrivilegedProviders()
                    .doOnNext(privileged -> {
                        authProvider.getEnabled().addAll(privileged);
                    })
                    .then(Mono.defer(() -> {
                        final Map<String, String> data = configMap.getData();
                        data.put(SystemSetting.AuthProvider.GROUP,
                            JsonUtils.objectToJson(authProvider));
                        return client.update(configMap);
                    }));
            });
    }
    private Mono<List<String>> fetchPrivilegedProviders() {
        return client.list(AuthProvider.class,
                provider -> privileged(provider),
                null)
            .map(provider -> provider.getMetadata().getName())
            .collectList();
    }
    private ListedAuthProvider convertTo(AuthProvider authProvider) {
        return ListedAuthProvider.builder()
            .name(authProvider.getMetadata().getName())
@ -124,9 +141,15 @@ public class AuthProviderServiceImpl implements AuthProviderService {
            .unbindingUrl(authProvider.getSpec().getUnbindUrl())
            .isBound(false)
            .enabled(false)
            .privileged(privileged(authProvider))
            .build();
    }
    private boolean privileged(AuthProvider authProvider) {
        return BooleanUtils.TRUE.equals(MetadataUtil.nullSafeLabels(authProvider)
            .get(AuthProvider.PRIVILEGED_LABEL));
    }
    @NonNull
    private static SystemSetting.AuthProvider getAuthProvider(ConfigMap configMap) {
        if (configMap.getData() == null) {
@ -146,8 +169,6 @@ public class AuthProviderServiceImpl implements AuthProviderService {
        if (authProvider.getEnabled() == null) {
            authProvider.setEnabled(new HashSet<>());
        }
        // default enable local auth provider
        authProvider.getEnabled().add("local");
        return authProvider;
    }
 }
--- a/application/src/main/java/run/halo/app/security/ListedAuthProvider.java
+++ b/application/src/main/java/run/halo/app/security/ListedAuthProvider.java
@ -38,4 +38,6 @@ public class ListedAuthProvider {
    Boolean isBound;
    Boolean enabled;
    Boolean privileged;
 }
--- a/application/src/main/resources/extensions/authproviders.yaml
+++ b/application/src/main/resources/extensions/authproviders.yaml
@ -2,6 +2,8 @@ apiVersion: auth.halo.run/v1alpha1
 kind: AuthProvider
 metadata:
  name: local
  labels:
    auth.halo.run/privileged: "true"
  finalizers:
    - system-protection
 spec:
--- a/application/src/test/java/run/halo/app/security/AuthProviderServiceImplTest.java
+++ b/application/src/test/java/run/halo/app/security/AuthProviderServiceImplTest.java
@ -57,6 +57,10 @@ class AuthProviderServiceImplTest {
        when(client.fetch(eq(ConfigMap.class), eq(SystemSetting.SYSTEM_CONFIG)))
            .thenReturn(Mono.just(configMap));
        AuthProvider local = createAuthProvider("local");
        local.getMetadata().getLabels().put(AuthProvider.PRIVILEGED_LABEL, "true");
        when(client.list(eq(AuthProvider.class), any(), any())).thenReturn(Flux.just(local));
        // Call the method being tested
        Mono<AuthProvider> result = authProviderService.enable("github");
@ -78,6 +82,10 @@ class AuthProviderServiceImplTest {
        AuthProvider authProvider = createAuthProvider("github");
        when(client.get(eq(AuthProvider.class), eq("github"))).thenReturn(Mono.just(authProvider));
        AuthProvider local = createAuthProvider("local");
        local.getMetadata().getLabels().put(AuthProvider.PRIVILEGED_LABEL, "true");
        when(client.list(eq(AuthProvider.class), any(), any())).thenReturn(Flux.just(local));
        ArgumentCaptor<ConfigMap> captor = ArgumentCaptor.forClass(ConfigMap.class);
        when(client.update(captor.capture())).thenReturn(Mono.empty());
@ -135,19 +143,22 @@ class AuthProviderServiceImplTest {
                                "displayName": "github",
                                "bindingUrl": "fake-binding-url",
                                "enabled": true,
-                                "isBound": false
+                                "isBound": false,
                                "privileged": false
                            }, {
                                "name": "gitlab",
                                "displayName": "gitlab",
                                "bindingUrl": "fake-binding-url",
                                "enabled": false,
-                                "isBound": false
+                                "isBound": false,
                                "privileged": false
                            },{
                                "name": "gitee",
                                "displayName": "gitee",
                                "enabled": false,
-                                "isBound": false
+                                "isBound": false,
                                "privileged": false
                            }]
                            """,
                        JsonUtils.objectToJson(result),
@ -163,6 +174,7 @@ class AuthProviderServiceImplTest {
        AuthProvider authProvider = new AuthProvider();
        authProvider.setMetadata(new Metadata());
        authProvider.getMetadata().setName(name);
        authProvider.getMetadata().setLabels(new HashMap<>());
        authProvider.setSpec(new AuthProvider.AuthProviderSpec());
        authProvider.getSpec().setDisplayName(name);
        return authProvider;
--- a/console/packages/api-client/src/models/listed-auth-provider.ts
+++ b/console/packages/api-client/src/models/listed-auth-provider.ts
@ -72,6 +72,12 @@ export interface ListedAuthProvider {
   * @memberof ListedAuthProvider
   */
  name: string;
  /**
   *
   * @type {boolean}
   * @memberof ListedAuthProvider
   */
  privileged?: boolean;
  /**
   *
   * @type {string}
--- a/console/src/locales/en.yaml
+++ b/console/src/locales/en.yaml
@ -870,6 +870,8 @@ core:
        title: Are you sure you want to enable this identity authentication method?
      disable:
        title: Are you sure you want to disable this identity authentication method?
      disable_privileged:
        tooltip: The authentication method reserved by the system cannot be disabled
    detail:
      fields:
        display_name: Display name
--- a/console/src/locales/zh-CN.yaml
+++ b/console/src/locales/zh-CN.yaml
@ -870,6 +870,8 @@ core:
        title: 确定要启用该身份认证方式吗？
      disable:
        title: 确定要停用该身份认证方式吗？
      disable_privileged:
        tooltip: 系统保留的认证方式，无法禁用
    detail:
      fields:
        display_name: 名称
--- a/console/src/modules/system/auth-providers/components/AuthProviderListItem.vue
+++ b/console/src/modules/system/auth-providers/components/AuthProviderListItem.vue
@ -76,11 +76,18 @@ const handleChangeStatus = async () => {
      </VEntityField>
    </template>
    <template #end>
-      <VEntityField v-permission="['system:plugins:manage']">
+      <VEntityField>
        <template #description>
          <div class="flex items-center">
            <VSwitch
              v-tooltip="{
                disabled: !authProvider.privileged,
                content: $t(
                  'core.identity_authentication.operations.disable_privileged.tooltip'
                ),
              }"
              :model-value="authProvider.enabled"
              :disabled="authProvider.privileged"
              @click="handleChangeStatus"
            />
          </div>