[PR #812] [MERGED] feat(signup): add default user groups and claims for new users #613

New Issue

OVERLORD · 2025-10-08T00:13:54+03:00

OVERLORD commented

2025-10-08 00:13:54 +03:00

📋 Pull Request Information

Original PR: https://github.com/pocket-id/pocket-id/pull/812
Author: @zeedif
Created: 8/6/2025
Status: ✅ Merged
Merged: 8/22/2025
Merged by: @stonith404

Base: main ← Head: claims_groups_signup

📝 Commits (10+)

c79d6be feat(signup): add default groups and claims for new signups
2932f85 refactor(signup): consolidate signup settings and fix E2E tests
82bf6ea fix(signup): update translation keys for signup settings and fix tests
8acfcb2 Merge branch 'main' into claims_groups_signup
e626eb4 Merge branch 'main' into claims_groups_signup
61879bd fix(user): ensure atomicity and add validation for signup defaults
af264b5 handle parsing of json config variables more generic
11d9f64 respect pagination and enable search for user group input
5c0d1eb fix e2e tests
db90ab1 show user creation options when sign up disabled

📊 Changes

18 files changed (+703 additions, -276 deletions)

View changed files

📝 backend/internal/bootstrap/services_bootstrap.go (+1 -1)
📝 backend/internal/dto/app_config_dto.go (+2 -0)
📝 backend/internal/model/app_config.go (+9 -7)
📝 backend/internal/service/app_config_service.go (+9 -7)
📝 backend/internal/service/custom_claim_service.go (+34 -14)
📝 backend/internal/service/user_service.go (+59 -12)
📝 frontend/messages/en.json (+7 -2)
📝 frontend/messages/es.json (+6 -1)
➕ frontend/src/lib/components/form/searchable-multi-select.svelte (+140 -0)
📝 frontend/src/lib/services/app-config-service.ts (+18 -3)
📝 frontend/src/lib/types/application-configuration.ts (+4 -0)
📝 frontend/src/routes/settings/admin/application-configuration/+page.svelte (+13 -1)
📝 frontend/src/routes/settings/admin/application-configuration/forms/app-config-general-form.svelte (+0 -66)
➕ frontend/src/routes/settings/admin/application-configuration/forms/app-config-signup-defaults-form.svelte (+176 -0)
📝 tests/specs/application-configuration.spec.ts (+70 -11)
📝 tests/specs/ldap.spec.ts (+1 -1)
📝 tests/specs/user-group.spec.ts (+6 -0)
📝 tests/specs/user-signup.spec.ts (+148 -150)

📄 Description

Summary

This Pull Request resolves issue #755 by implementing a feature that allows administrators to define default user groups and custom claims for new users who register via Open Signup or Signup Tokens.

The primary motivation is to streamline the onboarding process for applications integrated via OIDC, such as Kavita, which may require specific roles (like a Login role) to be present for a user to be granted access. Previously, an administrator had to manually assign a user to a group after they registered, creating a delay and an extra administrative step.

With these changes, new users are automatically configured with the necessary permissions upon creation, allowing them to log into third-party services immediately.

Implementation Details

Backend:
- Two new settings, signupDefaultUserGroupIDs and signupDefaultCustomClaims, have been added to the AppConfig model.
- The UserService's createUserInternal method has been updated to read these settings and apply them to the new user.
- The CustomClaimService has been refactored to allow its claim update logic to be executed within an existing database transaction, ensuring the user creation process remains atomic.
Frontend:
- A new "Signup Defaults" card has been added to the "Application Configuration" page in the admin panel.
- This new section allows administrators to:
  - Select one or more default user groups from a multi-select list.
  - Define a list of default custom claims (key-value pairs).
- The AppConfigService on the frontend has been updated to correctly handle the serialization and deserialization of these new settings, which are stored as JSON strings in the database.

A Note on Contribution

I would like to note that I implemented these changes with the assistance of AI, as I am not deeply proficient in Go or the Svelte framework.

I have tested these changes locally, and they appear to function as expected, resolving the issue for my use case. However, I would greatly appreciate a thorough review from the maintainers to identify any potential improvements, style inconsistencies, or bugs I may have missed.

I am fully open to feedback and ready to make any required changes to get this PR merged. Thank you for considering my contribution

Summary by CodeRabbit

New Features
- New Signup settings in Admin > Application Configuration to control signup mode, default user groups, and default custom claims.
- New users automatically receive configured groups and claims on signup (non-LDAP).
Changes
- Signup mode moved from General configuration to the new Signup settings card.
- Updated success messages for Signup settings.
- Translation updates/additions for EN and ES.
Tests
- Reorganized and expanded signup end-to-end tests; added stability improvements and broader flow coverage.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/pocket-id/pocket-id/pull/812 **Author:** [@zeedif](https://github.com/zeedif) **Created:** 8/6/2025 **Status:** ✅ Merged **Merged:** 8/22/2025 **Merged by:** [@stonith404](https://github.com/stonith404) **Base:** `main` ← **Head:** `claims_groups_signup` --- ### 📝 Commits (10+) - [`c79d6be`](https://github.com/pocket-id/pocket-id/commit/c79d6beb17c63142f887b7dd662c1e14fcbc5277) feat(signup): add default groups and claims for new signups - [`2932f85`](https://github.com/pocket-id/pocket-id/commit/2932f85f5eedf4cbab33d99424e51026465f6111) refactor(signup): consolidate signup settings and fix E2E tests - [`82bf6ea`](https://github.com/pocket-id/pocket-id/commit/82bf6ea128bb9d60d822a7e53bb4c9e968d73a25) fix(signup): update translation keys for signup settings and fix tests - [`8acfcb2`](https://github.com/pocket-id/pocket-id/commit/8acfcb2f6a60a2bfe56ebb8f22fe30c2c7b6f628) Merge branch 'main' into claims_groups_signup - [`e626eb4`](https://github.com/pocket-id/pocket-id/commit/e626eb466c5391dd0ec7509cb388265396bbb575) Merge branch 'main' into claims_groups_signup - [`61879bd`](https://github.com/pocket-id/pocket-id/commit/61879bd04ff291bed1f30a962ca8e05d0ad9f133) fix(user): ensure atomicity and add validation for signup defaults - [`af264b5`](https://github.com/pocket-id/pocket-id/commit/af264b55ac8848fe029d0026b180cc97d34f66d0) handle parsing of json config variables more generic - [`11d9f64`](https://github.com/pocket-id/pocket-id/commit/11d9f64cb3b3ef58113810b8a2e8c641b92f8feb) respect pagination and enable search for user group input - [`5c0d1eb`](https://github.com/pocket-id/pocket-id/commit/5c0d1ebecce0ca980a81aac0392b2f7c600de311) fix e2e tests - [`db90ab1`](https://github.com/pocket-id/pocket-id/commit/db90ab11f650edb8e0eba26426114861c4da62db) show user creation options when sign up disabled ### 📊 Changes **18 files changed** (+703 additions, -276 deletions) <details> <summary>View changed files</summary> 📝 `backend/internal/bootstrap/services_bootstrap.go` (+1 -1) 📝 `backend/internal/dto/app_config_dto.go` (+2 -0) 📝 `backend/internal/model/app_config.go` (+9 -7) 📝 `backend/internal/service/app_config_service.go` (+9 -7) 📝 `backend/internal/service/custom_claim_service.go` (+34 -14) 📝 `backend/internal/service/user_service.go` (+59 -12) 📝 `frontend/messages/en.json` (+7 -2) 📝 `frontend/messages/es.json` (+6 -1) ➕ `frontend/src/lib/components/form/searchable-multi-select.svelte` (+140 -0) 📝 `frontend/src/lib/services/app-config-service.ts` (+18 -3) 📝 `frontend/src/lib/types/application-configuration.ts` (+4 -0) 📝 `frontend/src/routes/settings/admin/application-configuration/+page.svelte` (+13 -1) 📝 `frontend/src/routes/settings/admin/application-configuration/forms/app-config-general-form.svelte` (+0 -66) ➕ `frontend/src/routes/settings/admin/application-configuration/forms/app-config-signup-defaults-form.svelte` (+176 -0) 📝 `tests/specs/application-configuration.spec.ts` (+70 -11) 📝 `tests/specs/ldap.spec.ts` (+1 -1) 📝 `tests/specs/user-group.spec.ts` (+6 -0) 📝 `tests/specs/user-signup.spec.ts` (+148 -150) </details> ### 📄 Description ### Summary This Pull Request resolves issue #755 by implementing a feature that allows administrators to define default user groups and custom claims for new users who register via Open Signup or Signup Tokens. The primary motivation is to streamline the onboarding process for applications integrated via OIDC, such as Kavita, which may require specific roles (like a `Login` role) to be present for a user to be granted access. Previously, an administrator had to manually assign a user to a group after they registered, creating a delay and an extra administrative step. With these changes, new users are automatically configured with the necessary permissions upon creation, allowing them to log into third-party services immediately. ### Implementation Details - **Backend**: - Two new settings, `signupDefaultUserGroupIDs` and `signupDefaultCustomClaims`, have been added to the `AppConfig` model. - The `UserService`'s `createUserInternal` method has been updated to read these settings and apply them to the new user. - The `CustomClaimService` has been refactored to allow its claim update logic to be executed within an existing database transaction, ensuring the user creation process remains atomic. - **Frontend**: - A new "Signup Defaults" card has been added to the "Application Configuration" page in the admin panel. - This new section allows administrators to: - Select one or more default user groups from a multi-select list. - Define a list of default custom claims (key-value pairs). - The `AppConfigService` on the frontend has been updated to correctly handle the serialization and deserialization of these new settings, which are stored as JSON strings in the database. ### A Note on Contribution I would like to note that I implemented these changes with the assistance of AI, as I am not deeply proficient in Go or the Svelte framework. I have tested these changes locally, and they appear to function as expected, resolving the issue for my use case. However, I would greatly appreciate a thorough review from the maintainers to identify any potential improvements, style inconsistencies, or bugs I may have missed. I am fully open to feedback and ready to make any required changes to get this PR merged. Thank you for considering my contribution  ## Summary by CodeRabbit * New Features * New Signup settings in Admin > Application Configuration to control signup mode, default user groups, and default custom claims. * New users automatically receive configured groups and claims on signup (non-LDAP). * Changes * Signup mode moved from General configuration to the new Signup settings card. * Updated success messages for Signup settings. * Translation updates/additions for EN and ES. * Tests * Reorganized and expanded signup end-to-end tests; added stability improvements and broader flow coverage.  --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

OVERLORD added the pull-request label 2025-10-08 00:13:54 +03:00

OVERLORD closed this issue

2025-10-08 00:13:56 +03:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#613