Add /console/userdata endpoint (#2137)

Provides initial set of data, necessary to start the UI

core/src/main/java/google/registry/module/frontend/FrontendRequestComponent.java

@@ -26,6 +26,7 @@ import google.registry.request.RequestComponentBuilder;
 import google.registry.request.RequestModule;
 import google.registry.request.RequestScope;
 import google.registry.ui.server.console.ConsoleDomainGetAction;
+import google.registry.ui.server.console.ConsoleUserDataAction;
 import google.registry.ui.server.console.RegistrarsAction;
 import google.registry.ui.server.console.settings.ContactAction;
 import google.registry.ui.server.console.settings.SecurityAction;
@@ -52,28 +53,29 @@ import google.registry.ui.server.registrar.RegistryLockVerifyAction;
       WhiteboxModule.class,
     })
 interface FrontendRequestComponent {
+  ConsoleDomainGetAction consoleDomainGetAction();
+
   ConsoleOteSetupAction consoleOteSetupAction();
   ConsoleRegistrarCreatorAction consoleRegistrarCreatorAction();
   ConsoleUiAction consoleUiAction();
+
+  ConsoleUserDataAction consoleUserDataAction();
+
+  ContactAction contactAction();
+
   EppTlsAction eppTlsAction();
   FlowComponent.Builder flowComponentBuilder();
   OteStatusAction oteStatusAction();
+
+  RegistrarsAction registrarsAction();
+
   RegistrarSettingsAction registrarSettingsAction();
 
   RegistryLockGetAction registryLockGetAction();
 
   RegistryLockPostAction registryLockPostAction();
-
   RegistryLockVerifyAction registryLockVerifyAction();
-
-  ConsoleDomainGetAction consoleDomainGetAction();
-
-  ContactAction contactAction();
-
-  RegistrarsAction registrarsAction();
-
   SecurityAction securityAction();
-
   WhoisRegistrarFieldsAction whoisRegistrarFieldsAction();
 
   @Subcomponent.Builder

core/src/main/java/google/registry/ui/server/console/ConsoleUserDataAction.java

@@ -0,0 +1,83 @@
+// Copyright 2023 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.ui.server.console;
+
+import static google.registry.request.Action.Method.GET;
+
+import com.google.api.client.http.HttpStatusCodes;
+import com.google.common.collect.ImmutableMap;
+import google.registry.config.RegistryConfig.Config;
+import google.registry.model.console.User;
+import google.registry.request.Action;
+import google.registry.request.Response;
+import google.registry.request.auth.Auth;
+import google.registry.request.auth.AuthResult;
+import google.registry.request.auth.UserAuthInfo;
+import google.registry.ui.server.registrar.JsonGetAction;
+import javax.inject.Inject;
+import org.json.JSONObject;
+
+@Action(
+    service = Action.Service.DEFAULT,
+    path = ConsoleUserDataAction.PATH,
+    method = {GET},
+    auth = Auth.AUTH_PUBLIC_LOGGED_IN)
+public class ConsoleUserDataAction implements JsonGetAction {
+
+  public static final String PATH = "/console-api/userdata";
+
+  private final AuthResult authResult;
+  private final Response response;
+  private final String technicalDocsUrl;
+
+  @Inject
+  public ConsoleUserDataAction(
+      AuthResult authResult,
+      Response response,
+      @Config("technicalDocsUrl") String technicalDocsUrl) {
+    this.response = response;
+    this.authResult = authResult;
+    this.technicalDocsUrl = technicalDocsUrl;
+  }
+
+  @Override
+  public void run() {
+    UserAuthInfo authInfo = authResult.userAuthInfo().get();
+    if (!authInfo.consoleUser().isPresent()) {
+      response.setStatus(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
+      return;
+    }
+    User user = authInfo.consoleUser().get();
+
+    JSONObject json =
+        new JSONObject(
+            ImmutableMap.of(
+                // Both isAdmin and globalRole flags are used by UI as an indicator to hide / show
+                // specific set of widgets and screens.
+                // For example:
+                // - Admin sees everything and can create other users
+                // - Empty global role indicates registrar user, with access to registrar specific
+                // screens and widgets.
+                // This however is merely for visual representation, as any back-end action contains
+                // auth checks.
+                "isAdmin", user.getUserRoles().isAdmin(),
+                "globalRole", user.getUserRoles().getGlobalRole(),
+                // Is used by UI to construct a link to registry resources
+                "technicalDocsUrl", technicalDocsUrl));
+
+    response.setPayload(json.toString());
+    response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
+  }
+}

core/src/test/java/google/registry/ui/server/console/ConsoleUserDataActionTest.java

@@ -0,0 +1,85 @@
+// Copyright 2023 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.ui.server.console;
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.mockito.Mockito.mock;
+
+import com.google.api.client.http.HttpStatusCodes;
+import com.google.gson.Gson;
+import google.registry.model.console.GlobalRole;
+import google.registry.model.console.User;
+import google.registry.model.console.UserRoles;
+import google.registry.model.registrar.RegistrarPoc;
+import google.registry.persistence.transaction.JpaTestExtensions;
+import google.registry.request.RequestModule;
+import google.registry.request.auth.AuthResult;
+import google.registry.request.auth.AuthSettings.AuthLevel;
+import google.registry.request.auth.UserAuthInfo;
+import google.registry.testing.FakeResponse;
+import java.io.IOException;
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.RegisterExtension;
+
+/** Tests for {@link google.registry.ui.server.console.ConsoleUserDataAction}. */
+class ConsoleUserDataActionTest {
+
+  private final HttpServletRequest request = mock(HttpServletRequest.class);
+  private RegistrarPoc testRegistrarPoc;
+  private static final Gson GSON = RequestModule.provideGson();
+  private FakeResponse response = new FakeResponse();
+
+  @RegisterExtension
+  final JpaTestExtensions.JpaIntegrationTestExtension jpa =
+      new JpaTestExtensions.Builder().buildIntegrationTestExtension();
+
+  @Test
+  void testSuccess_getContactInfo() throws IOException {
+    User user =
+        new User.Builder()
+            .setEmailAddress("email@email.com")
+            .setGaiaId("gaiaId")
+            .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.FTE).build())
+            .build();
+
+    ConsoleUserDataAction action =
+        createAction(AuthResult.create(AuthLevel.USER, UserAuthInfo.create(user)));
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_OK);
+    Map jsonObject = GSON.fromJson(response.getPayload(), Map.class);
+    assertThat(jsonObject)
+        .containsExactly("isAdmin", false, "technicalDocsUrl", "test", "globalRole", "FTE");
+  }
+
+  @Test
+  void testFailure_notAConsoleUser() throws IOException {
+    ConsoleUserDataAction action =
+        createAction(
+            AuthResult.create(
+                AuthLevel.USER,
+                UserAuthInfo.create(
+                    new com.google.appengine.api.users.User(
+                        "JohnDoe@theregistrar.com", "theregistrar.com"),
+                    false)));
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(HttpStatusCodes.STATUS_CODE_UNAUTHORIZED);
+  }
+
+  private ConsoleUserDataAction createAction(AuthResult authResult) throws IOException {
+    return new ConsoleUserDataAction(authResult, response, "test");
+  }
+}

core/src/test/resources/google/registry/module/frontend/frontend_routing.txt

@@ -5,6 +5,7 @@ PATH                               CLASS                         METHODS  OK AUT
 /console-api/settings/contacts     ContactAction                 GET,POST n  API,LEGACY   USER PUBLIC
 /console-api/settings/security     SecurityAction                POST     n  API,LEGACY   USER PUBLIC
 /console-api/settings/whois-fields WhoisRegistrarFieldsAction    POST     n  API,LEGACY   USER PUBLIC
+/console-api/userdata              ConsoleUserDataAction         GET      n  API,LEGACY   USER PUBLIC
 /registrar                         ConsoleUiAction               GET      n  API,LEGACY   NONE PUBLIC
 /registrar-create                  ConsoleRegistrarCreatorAction POST,GET n  API,LEGACY   NONE PUBLIC
 /registrar-ote-setup               ConsoleOteSetupAction         POST,GET n  API,LEGACY   NONE PUBLIC