✨ Support create user and update user

conf/config-dev.yaml

@@ -78,6 +78,8 @@ http:
   # if http.tls.enabled is true, internalEndpoint should start with https://
   # eg: http://sigma.test.io, http://sigma.test.io:3000, https://sigma.test.io:30080
   internalEndpoint: http://192.168.31.198:3000
+  # eg: http://sigma-distribution:3000
+  internalDistributionEndpoint:
   tls:
     enabled: false
     certificate: ./conf/sigma.test.io.crt

conf/config-full.yaml

@@ -77,6 +77,8 @@ http:
   # if http.tls.enabled is true, internalEndpoint should start with https://
   # eg: http://sigma.test.io, http://sigma.test.io:3000, https://sigma.test.io:30080
   internalEndpoint:
+  # eg: http://sigma-distribution:3000
+  internalDistributionEndpoint:
   tls:
     enabled: false
     certificate: ./conf/sigma.test.io.crt

conf/config.yaml

@@ -80,10 +80,13 @@ http:
   # if http.tls.enabled is true, internalEndpoint should start with https://
   # eg: http://sigma.test.io, http://sigma.test.io:3000, https://sigma.test.io:30080
   internalEndpoint:
+  # eg: http://sigma-distribution:3000
+  internalDistributionEndpoint:
   tls:
     enabled: false
     certificate: ./conf/sigma.test.io.crt
     key: ./conf/sigma.test.io.key
+
 storage:
   rootdirectory: ./storage
   type: filesystem

pkg/configs/configuration.go

@@ -165,9 +165,10 @@ type ConfigurationHttpTLS struct {
 
 // ConfigurationHTTP ...
 type ConfigurationHTTP struct {
-	Endpoint         string               `yaml:"endpoint"`
-	InternalEndpoint string               `yaml:"internalEndpoint"`
-	TLS              ConfigurationHttpTLS `yaml:"tls"`
+	Endpoint                     string               `yaml:"endpoint"`
+	InternalEndpoint             string               `yaml:"internalEndpoint"`
+	InternalDistributionEndpoint string               `yaml:"internalDistributionEndpoint"`
+	TLS                          ConfigurationHttpTLS `yaml:"tls"`
 }
 
 // ConfigurationStorageFilesystem ...

pkg/configs/default.go

@@ -18,6 +18,8 @@ import (
 	"time"
 
 	"github.com/spf13/viper"
+
+	"github.com/go-sigma/sigma/pkg/types/enums"
 )
 
 func defaultSettings() {
@@ -36,4 +38,13 @@ func defaultSettings() {
 	if configuration.HTTP.InternalEndpoint == "" {
 		configuration.HTTP.InternalEndpoint = "http://127.0.0.1:3000"
 	}
+	if configuration.Auth.Jwt.Ttl == 0 {
+		configuration.Auth.Jwt.Ttl = time.Hour
+	}
+	if configuration.Auth.Jwt.RefreshTtl == 0 {
+		configuration.Auth.Jwt.RefreshTtl = time.Hour * 24
+	}
+	if configuration.Namespace.Visibility.String() == "" {
+		configuration.Namespace.Visibility = enums.VisibilityPrivate
+	}
 }

pkg/consts/consts.go

@@ -20,6 +20,8 @@ import (
 	"time"
 
 	pwdvalidate "github.com/wagslane/go-password-validator"
+
+	"github.com/go-sigma/sigma/pkg/version"
 )
 
 const (
@@ -63,7 +65,7 @@ const (
 )
 
 // UserAgent represents the user agent
-var UserAgent = fmt.Sprintf("sigma/%s (https://github.com/go-sigma/sigma)", APIVersion)
+var UserAgent = fmt.Sprintf("sigma/%s (https://github.com/go-sigma/sigma)", version.Version)
 
 const (
 	// AuthModel represents the auth model
@@ -82,7 +84,7 @@ const (
 	e = some(where (p.eft == allow)) && !some(where (p.eft == deny))
 
 	[matchers]
-	m = g(r.sub, p.sub, r.ns) && keyMatch(r.ns, p.ns) && urlMatch(r.url, p.url) && regexMatch(r.visibility, p.visibility) && regexMatch(r.method, p.method) && p.effect == "allow" || r.sub == "admin"`
+	m = g(r.sub, p.sub, r.ns) && keyMatch(r.ns, p.ns) && urlMatch(r.url, p.url) && regexMatch(r.visibility, p.visibility) && regexMatch(r.method, p.method) && p.effect == "allow" || r.sub == "admin" || r.sub == "root"`
 )
 
 var (

pkg/dal/dao/user.go

@@ -45,6 +45,8 @@ type UserService interface {
 	UpdateUser3rdParty(ctx context.Context, id int64, updates map[string]any) error
 	// List all users with pagination
 	List(ctx context.Context, name *string, pagination types.Pagination, sort types.Sortable) ([]*models.User, int64, error)
+	// ListWithoutUsername all users with pagination, and without specific username
+	ListWithoutUsername(ctx context.Context, expect string, name *string, pagination types.Pagination, sort types.Sortable) ([]*models.User, int64, error)
 	// UpdateByID updates the namespace with the specified namespace ID.
 	UpdateByID(ctx context.Context, id int64, updates map[string]interface{}) error
 	// Count gets the total number of users.
@@ -131,6 +133,29 @@ func (s *userService) UpdateUser3rdParty(ctx context.Context, id int64, updates
 	return nil
 }
 
+// ListWithoutUsername all users with pagination, and without specific username
+func (s *userService) ListWithoutUsername(ctx context.Context, expect string, name *string, pagination types.Pagination, sort types.Sortable) ([]*models.User, int64, error) {
+	pagination = utils.NormalizePagination(pagination)
+	query := s.tx.User.WithContext(ctx).Where(s.tx.User.Username.Neq(expect))
+	if name != nil {
+		query = query.Where(s.tx.User.Username.Like(fmt.Sprintf("%%%s%%", ptr.To(name))))
+	}
+	field, ok := s.tx.User.GetFieldByName(ptr.To(sort.Sort))
+	if ok {
+		switch ptr.To(sort.Method) {
+		case enums.SortMethodDesc:
+			query = query.Order(field.Desc())
+		case enums.SortMethodAsc:
+			query = query.Order(field)
+		default:
+			query = query.Order(s.tx.User.UpdatedAt.Desc())
+		}
+	} else {
+		query = query.Order(s.tx.User.UpdatedAt.Desc())
+	}
+	return query.FindByPage(ptr.To(pagination.Limit)*(ptr.To(pagination.Page)-1), ptr.To(pagination.Limit))
+}
+
 // List all users with pagination
 func (s *userService) List(ctx context.Context, name *string, pagination types.Pagination, sort types.Sortable) ([]*models.User, int64, error) {
 	pagination = utils.NormalizePagination(pagination)

pkg/dal/migrations/mysql/0001_initialize.up.sql

@@ -3,10 +3,19 @@ CREATE TABLE IF NOT EXISTS `users` (
   `username` varchar(64) NOT NULL,
   `password` varchar(256),
   `email` varchar(256),
+  `last_login` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `namespace_limit` bigint NOT NULL DEFAULT 0,
+  `namespace_count` bigint NOT NULL DEFAULT 0,
+  `status` ENUM ('Active', 'Inactive') NOT NULL DEFAULT 'Active',
+  `role` ENUM ('Root', 'Admin', 'User') NOT NULL DEFAULT 'User',
   `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `deleted_at` bigint NOT NULL DEFAULT 0,
-  CONSTRAINT `users_unique_with_username` UNIQUE (`username`, `deleted_at`)
+  UNIQUE KEY `users_unique_with_username` (`username`, `deleted_at`),
+  KEY `users_idx_created_at` (`created_at`),
+  KEY `users_idx_status` (`status`),
+  KEY `users_idx_role` (`role`),
+  KEY `users_idx_last_login` (`last_login`)
 );
 
 CREATE TABLE IF NOT EXISTS `user_3rdparty` (

pkg/dal/migrations/postgresql/0001_initialize.up.sql

@@ -11,17 +11,41 @@ CREATE TYPE daemon_status AS ENUM (
   'Failed'
 );
 
+CREATE TYPE user_status AS ENUM (
+  'Active',
+  'Inactive'
+);
+
+CREATE TYPE user_role AS ENUM (
+  'Root',
+  'Admin',
+  'User'
+);
+
 CREATE TABLE IF NOT EXISTS "users" (
   "id" bigserial PRIMARY KEY,
   "username" varchar(64) NOT NULL,
   "password" varchar(256) NOT NULL,
   "email" varchar(256),
+  "last_login" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  "namespace_limit" bigint NOT NULL DEFAULT 0,
+  "namespace_count" bigint NOT NULL DEFAULT 0,
+  "status" user_status NOT NULL DEFAULT 'Active',
+  "role" user_role NOT NULL DEFAULT 'User',
   "created_at" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   "updated_at" timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   "deleted_at" bigint NOT NULL DEFAULT 0,
   CONSTRAINT "users_unique_with_username" UNIQUE ("username", "deleted_at")
 );
 
+CREATE INDEX "users_idx_created_at" ON "users" ("created_at");
+
+CREATE INDEX "users_idx_status" ON "users" ("status");
+
+CREATE INDEX "users_idx_role" ON "users" ("role");
+
+CREATE INDEX "users_idx_last_login" ON "users" ("last_login");
+
 CREATE TABLE IF NOT EXISTS "user_3rdparty" (
   "id" bigserial PRIMARY KEY,
   "user_id" bigint NOT NULL,

pkg/dal/migrations/sqlite3/0001_initialize.up.sql

@@ -3,12 +3,25 @@ CREATE TABLE IF NOT EXISTS `users` (
   `username` varchar(64) NOT NULL,
   `password` varchar(256),
   `email` varchar(256),
+  `last_login` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `namespace_limit` bigint NOT NULL DEFAULT 0,
+  `namespace_count` bigint NOT NULL DEFAULT 0,
+  `status` text CHECK (`status` IN ('Active', 'Inactive')) NOT NULL DEFAULT 'Active',
+  `role` text CHECK (`role` IN ('Root', 'Admin', 'User')) NOT NULL DEFAULT 'User',
   `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `updated_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
   `deleted_at` bigint NOT NULL DEFAULT 0,
   CONSTRAINT `users_unique_with_username` UNIQUE (`username`, `deleted_at`)
 );
 
+CREATE INDEX `users_idx_created_at` ON `users` (`created_at`);
+
+CREATE INDEX `users_idx_status` ON `users` (`status`);
+
+CREATE INDEX `users_idx_role` ON `users` (`role`);
+
+CREATE INDEX `users_idx_last_login` ON `users` (`last_login`);
+
 CREATE TABLE IF NOT EXISTS `user_3rdparty` (
   `id` integer PRIMARY KEY AUTOINCREMENT,
   `user_id` bigint NOT NULL,

pkg/dal/models/user.go

@@ -29,9 +29,14 @@ type User struct {
 	DeletedAt soft_delete.DeletedAt `gorm:"softDelete:milli"`
 	ID        int64                 `gorm:"primaryKey"`
 
-	Username string
-	Password *string
-	Email    *string
+	Username       string
+	Password       *string
+	Email          *string
+	LastLogin      time.Time        `gorm:"autoCreateTime"`
+	Status         enums.UserStatus `gorm:"default:Active"`
+	Role           enums.UserRole   `gorm:"default:User"`
+	NamespaceLimit int64            `gorm:"default:0"`
+	NamespaceCount int64            `gorm:"default:0"`
 }
 
 // User3rdParty ...