fix: 使用外部认证系统时，外部系统未实现的功能在用户使用时提示用户功能未实现 (#1135)

## 使用外部认证系统时，外部系统未实现的功能在用户使用时提示用户功能未实现 ### 主要是增加了修改密码、修改邮箱、新增用户的提示
PKUHPC · Feb 23, 2024 · 08359cb · 08359cb
1 parent a535126
commit 08359cb
Show file tree

Hide file tree

Showing 23 changed files with 141 additions and 37 deletions.
diff --git a/.changeset/heavy-flies-repair.md b/.changeset/heavy-flies-repair.md
@@ -0,0 +1,8 @@
+---
+"@scow/mis-server": patch
+"@scow/portal-web": patch
+"@scow/mis-web": patch
+"@scow/auth": patch
+---
+
+使用外部认证系统时，外部系统未实现的功能在用户使用时提示用户功能未实现
diff --git a/apps/auth/src/routes/changeEmail.ts b/apps/auth/src/routes/changeEmail.ts
@@ -47,13 +47,10 @@ export const changeEmailRoute = fp(async (f) => {
     },
     async (req, rep) => {
 
-
       if (!f.auth.changeEmail) {
-        return await rep.code(501).send(null);
+        return await rep.code(501).send({ code: "NOT_SUPPORTED" });
       }
 
-
-
       const { identityId, newEmail } = req.body;
 
       const result = await f.auth.changeEmail(identityId, newEmail, req);

diff --git a/apps/auth/src/routes/changePassword.ts b/apps/auth/src/routes/changePassword.ts
@@ -48,7 +48,7 @@ export const changePasswordRoute = fp(async (f) => {
     async (req, rep) => {
 
       if (!f.auth.changePassword) {
-        return await rep.code(501).send(null);
+        return await rep.code(501).send({ code: "NOT_SUPPORTED" });
       }
 
       const { identityId, newPassword } = req.body;

diff --git a/apps/auth/src/routes/checkPassword.ts b/apps/auth/src/routes/checkPassword.ts
@@ -41,7 +41,7 @@ export const checkPasswordRoute = fp(async (f) => {
     },
     async (req, rep) => {
       if (!f.auth.checkPassword) {
-        return await rep.code(501).send(null);
+        return await rep.code(501).send({ code: "NOT_SUPPORTED" });
       }
 
       const { identityId, password } = req.query;

diff --git a/apps/auth/src/routes/createUser.ts b/apps/auth/src/routes/createUser.ts
@@ -55,7 +55,7 @@ export const createUserRoute = fp(async (f) => {
     },
     async (req, rep) => {
       if (!f.auth.createUser) {
-        return await rep.code(501).send(null);
+        return await rep.code(501).send({ code: "NOT_SUPPORTED" });
       }
 
       const { ...rest } = req.body;

diff --git a/apps/auth/src/routes/getUser.ts b/apps/auth/src/routes/getUser.ts
@@ -44,7 +44,7 @@ export const getUserRoute = fp(async (f) => {
     },
     async (req, rep) => {
       if (!f.auth.getUser) {
-        return await rep.code(501).send(null);
+        return await rep.code(501).send({ code: "NOT_SUPPORTED" });
       }
 
       const { identityId } = req.query;

diff --git a/apps/mis-server/src/services/user.ts b/apps/mis-server/src/services/user.ts
@@ -753,10 +753,24 @@ export const userServiceServer = plugin((server) => {
           identityId: userId,
           newEmail,
         }, logger)
-          .catch(async () => {
-            throw <ServiceError> {
-              code: Status.UNKNOWN, message: "LDAP failed to change email",
-            };
+          .catch(async (e) => {
+            switch (e.status) {
+
+            case "NOT_FOUND":
+              throw <ServiceError>{
+                code: Status.NOT_FOUND, message: `User ${userId} is not found.`,
+              };
+
+            case "NOT_SUPPORTED":
+              throw <ServiceError>{
+                code: Status.UNIMPLEMENTED, message: "Changing email is not supported ",
+              };
+
+            default:
+              throw <ServiceError> {
+                code: Status.UNKNOWN, message: "LDAP failed to change email",
+              };
+            }
           });
       }
 

diff --git a/apps/mis-web/src/i18n/en.ts b/apps/mis-web/src/i18n/en.ts
@@ -546,6 +546,8 @@ export default {
       oldPassword: "Old Password",
       newPassword: "New Password",
       confirmPassword: "Confirm Password",
+      userNotExist:"User Not Exist",
+      unavailable:"This feature is not available in the current configuration",
     },
     tenant: {
       accountWhitelistTable: {
@@ -904,6 +906,7 @@ export default {
           addCompleted: "Added Successfully!",
           createTenantFailMessage: "Failed to create tenant",
           createTenant: "Create Tenant",
+          unavailable:"This feature is not available in the current configuration",
         },
       },
       systemDebug: {

diff --git a/apps/mis-web/src/i18n/zh_cn.ts b/apps/mis-web/src/i18n/zh_cn.ts
@@ -546,6 +546,8 @@ export default {
       oldPassword:"原密码",
       newPassword:"新密码",
       confirmPassword:"确认密码",
+      userNotExist:"用户不存在",
+      unavailable:"本功能在当前配置下不可用",
     },
     tenant:{
       accountWhitelistTable:{
@@ -904,6 +906,7 @@ export default {
           addCompleted: "添加完成！",
           createTenantFailMessage: "创建租户失败",
           createTenant: "创建租户",
+          unavailable:"本功能在当前配置下不可用",
         },
       },
       systemDebug: {

diff --git a/apps/mis-web/src/pageComponents/profile/ChangeEmailModal.tsx b/apps/mis-web/src/pageComponents/profile/ChangeEmailModal.tsx
@@ -53,7 +53,9 @@ export const ChangeEmailModal: React.FC<Props> = ({
     setLoading(true);
 
     await api.changeEmail({ body: { userId:userStore.user?.identityId as string, newEmail } })
+      .httpError(404, () => { message.error(t(p("userNotExist"))); })
       .httpError(500, () => { message.error(t(p("changeEmailFail"))); })
+      .httpError(501, () => { message.error(t(p("unavailable"))); })
       .then(() => {
         form.resetFields();
         form.setFieldValue("oldEmail", newEmail);

diff --git a/apps/mis-web/src/pageComponents/profile/ChangePasswordModal.tsx b/apps/mis-web/src/pageComponents/profile/ChangePasswordModal.tsx
@@ -45,14 +45,25 @@ export const ChangePasswordModal: React.FC<Props> = ({
     const { oldPassword, newPassword } = await form.validateFields();
     setLoading(true);
     api.checkPassword({ query: { password: oldPassword } })
+      .httpError(404, () => {
+        message.error(t(p("userNotExist")));
+      })
+      .httpError(501, () => {
+        message.error(t(p("unavailable")));
+      })
       .then((result) => {
         if (result.success) {
           return api.changePassword({ body: { newPassword } })
+            .httpError(404, () => {
+              message.error(t(p("userNotExist")));
+            })
+            .httpError(501, () => {
+              message.error(t(p("unavailable")));
+            })
             .httpError(400, (e) => {
               if (e.code === "PASSWORD_NOT_VALID") {
                 message.error(getRuntimeI18nConfigText(languageId, "passwordPatternMessage"));
               };
-              throw e;
             })
             .then(() => {
               form.resetFields();

diff --git a/apps/mis-web/src/pages/admin/tenants/create.tsx b/apps/mis-web/src/pages/admin/tenants/create.tsx
@@ -85,22 +85,25 @@ const CreateTenantPageForm: React.FC = () => {
               userEmail,
               userPassword,
             },
-          }).httpError(409, (e) => {
-            modal.error({
-              title: t("common.addFail"),
-              content: t(p("existInSCOWDatabase"),
-                [e.code === "TENANT_ALREADY_EXISTS" ? t("common.tenant") : t("common.user")]),
-              okText: t("common.ok"),
-            });
-          }).httpError(400, (e) => {
-            if (e.code === "USERID_NOT_VALID") {
-              message.error(userIdRule?.message);
-            };
-            if (e.code === "PASSWORD_NOT_VALID") {
-              message.error(getRuntimeI18nConfigText(languageId, "passwordPatternMessage"));
-            };
-            throw e;
           })
+            .httpError(409, (e) => {
+              modal.error({
+                title: t("common.addFail"),
+                content: t(p("existInSCOWDatabase"),
+                  [e.code === "TENANT_ALREADY_EXISTS" ? t("common.tenant") : t("common.user")]),
+                okText: t("common.ok"),
+              });
+            })
+            .httpError(400, (e) => {
+              if (e.code === "USERID_NOT_VALID") {
+                message.error(userIdRule?.message);
+              };
+              if (e.code === "PASSWORD_NOT_VALID") {
+                message.error(getRuntimeI18nConfigText(languageId, "passwordPatternMessage"));
+              };
+              throw e;
+            })
+            .httpError(501, () => { message.error(t(p("unavailable"))); })
             .then((createdInAuth) => {
               !createdInAuth.createdInAuth ?
                 modal.info({

diff --git a/apps/mis-web/src/pages/api/admin/changePassword.ts b/apps/mis-web/src/pages/api/admin/changePassword.ts
@@ -11,7 +11,7 @@
  */
 
 import { typeboxRoute, typeboxRouteSchema } from "@ddadaal/next-typed-api-routes-runtime";
-import { changePassword as libChangePassword } from "@scow/lib-auth";
+import { changePassword as libChangePassword, getCapabilities } from "@scow/lib-auth";
 import { Type } from "@sinclair/typebox";
 import { authenticate } from "src/auth/server";
 import { OperationResult, OperationType } from "src/models/operationLog";
@@ -56,6 +56,11 @@ export default /* #__PURE__*/typeboxRoute(
       return { 501: null };
     }
 
+    const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL);
+    if (!ldapCapabilities.changePassword) {
+      return { 501: null };
+    }
+
     const auth = authenticate((info) => info.platformRoles.includes(PlatformRole.PLATFORM_ADMIN));
 
     const info = await auth(req, res);

diff --git a/apps/mis-web/src/pages/api/profile/changeEmail.ts b/apps/mis-web/src/pages/api/profile/changeEmail.ts
@@ -13,10 +13,12 @@
 import { typeboxRoute, typeboxRouteSchema } from "@ddadaal/next-typed-api-routes-runtime";
 import { asyncClientCall } from "@ddadaal/tsgrpc-client";
 import { Status } from "@grpc/grpc-js/build/src/constants";
+import { getCapabilities } from "@scow/lib-auth";
 import { UserServiceClient } from "@scow/protos/build/server/user";
 import { Type } from "@sinclair/typebox";
 import { authenticate } from "src/auth/server";
 import { getClient } from "src/utils/client";
+import { runtimeConfig } from "src/utils/config";
 import { handlegRPCError } from "src/utils/server";
 
 
@@ -40,6 +42,9 @@ export const ChangeEmailSchema = typeboxRouteSchema({
 
     /** 修改失败 */
     500: Type.Null(),
+
+    /** 本功能在当前配置下不可用。 */
+    501: Type.Null(),
   },
 });
 
@@ -50,6 +55,11 @@ export default /* #__PURE__*/typeboxRoute(ChangeEmailSchema, async (req, res) =>
 
   if (!info) { return; }
 
+  const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL);
+  if (!ldapCapabilities.changeEmail) {
+    return { 501: null };
+  }
+
   const { userId, newEmail } = req.body;
 
   const client = getClient(UserServiceClient);
@@ -62,5 +72,6 @@ export default /* #__PURE__*/typeboxRoute(ChangeEmailSchema, async (req, res) =>
     .catch(handlegRPCError({
       [Status.NOT_FOUND]: () => ({ 404: null }),
       [Status.UNKNOWN]: () => ({ 500: null }),
+      [Status.UNIMPLEMENTED]: () => ({ 501: null }),
     }));
 });
diff --git a/apps/mis-web/src/pages/api/profile/changePassword.ts b/apps/mis-web/src/pages/api/profile/changePassword.ts
@@ -11,7 +11,7 @@
  */
 
 import { typeboxRoute, typeboxRouteSchema } from "@ddadaal/next-typed-api-routes-runtime";
-import { changePassword as libChangePassword } from "@scow/lib-auth";
+import { changePassword as libChangePassword, getCapabilities } from "@scow/lib-auth";
 import { Type } from "@sinclair/typebox";
 import { authenticate } from "src/auth/server";
 import { publicConfig, runtimeConfig } from "src/utils/config";
@@ -49,6 +49,11 @@ export default /* #__PURE__*/typeboxRoute(ChangePasswordSchema, async (req, res)
     return { 501: null };
   }
 
+  const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL);
+  if (!ldapCapabilities.changePassword) {
+    return { 501: null };
+  }
+
   const auth = authenticate(() => true);
 
   const info = await auth(req, res);

diff --git a/apps/mis-web/src/pages/api/profile/checkPassword.ts b/apps/mis-web/src/pages/api/profile/checkPassword.ts
@@ -11,7 +11,7 @@
  */
 
 import { typeboxRoute, typeboxRouteSchema } from "@ddadaal/next-typed-api-routes-runtime";
-import { checkPassword as libCheckPassword } from "@scow/lib-auth";
+import { checkPassword as libCheckPassword, getCapabilities } from "@scow/lib-auth";
 import { Type } from "@sinclair/typebox";
 import { authenticate } from "src/auth/server";
 import { runtimeConfig } from "src/utils/config";
@@ -40,6 +40,11 @@ export default typeboxRoute(CheckPasswordSchema, async (req, res) => {
 
   if (!info) { return; }
 
+  const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL);
+  if (!ldapCapabilities.checkPassword) {
+    return { 501: null };
+  }
+
   const { password } = req.query;
 
   return await libCheckPassword(runtimeConfig.AUTH_INTERNAL_URL, {

diff --git a/apps/mis-web/src/pages/api/tenant/changePassword.ts b/apps/mis-web/src/pages/api/tenant/changePassword.ts
@@ -12,7 +12,7 @@
 
 import { typeboxRoute, typeboxRouteSchema } from "@ddadaal/next-typed-api-routes-runtime";
 import { asyncClientCall } from "@ddadaal/tsgrpc-client";
-import { changePassword as libChangePassword } from "@scow/lib-auth";
+import { changePassword as libChangePassword, getCapabilities } from "@scow/lib-auth";
 import { GetUserInfoResponse, UserServiceClient } from "@scow/protos/build/server/user";
 import { Type } from "@sinclair/typebox";
 import { authenticate } from "src/auth/server";
@@ -59,6 +59,11 @@ export default /* #__PURE__*/typeboxRoute(
       return { 501: null };
     }
 
+    const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL);
+    if (!ldapCapabilities.changePassword) {
+      return { 501: null };
+    }
+
     const { identityId, newPassword } = req.body;
 
     const client = getClient(UserServiceClient);

diff --git a/apps/mis-web/src/pages/api/tenant/create.ts b/apps/mis-web/src/pages/api/tenant/create.ts
@@ -13,6 +13,7 @@
 import { typeboxRoute, typeboxRouteSchema } from "@ddadaal/next-typed-api-routes-runtime";
 import { asyncClientCall } from "@ddadaal/tsgrpc-client";
 import { status } from "@grpc/grpc-js";
+import { getCapabilities } from "@scow/lib-auth";
 import { getCurrentLanguageId } from "@scow/lib-web/build/utils/systemLanguage";
 import { TenantServiceClient } from "@scow/protos/build/server/tenant";
 import { Type } from "@sinclair/typebox";
@@ -21,7 +22,7 @@ import { OperationResult, OperationType } from "src/models/operationLog";
 import { PlatformRole } from "src/models/User";
 import { callLog } from "src/server/operationLog";
 import { getClient } from "src/utils/client";
-import { publicConfig } from "src/utils/config";
+import { publicConfig, runtimeConfig } from "src/utils/config";
 import { getUserIdRule } from "src/utils/createUser";
 import { handlegRPCError, parseIp } from "src/utils/server";
 
@@ -57,14 +58,20 @@ export const CreateTenantSchema = typeboxRouteSchema({
       message: Type.String(),
     }),
 
-    500: Type.Null(),
+    /** 本功能在当前配置下不可用。 */
+    501: Type.Null(),
   },
 });
 
 const passwordPattern = publicConfig.PASSWORD_PATTERN && new RegExp(publicConfig.PASSWORD_PATTERN);
 
 export default /* #__PURE__*/typeboxRoute(CreateTenantSchema, async (req, res) => {
 
+  const ldapCapabilities = await getCapabilities(runtimeConfig.AUTH_INTERNAL_URL);
+  if (!ldapCapabilities.createUser) {
+    return { 501: null };
+  }
+
   const { tenantName, userId, userName, userEmail, userPassword } = req.body;
 
   const languageId = getCurrentLanguageId(req, publicConfig.SYSTEM_LANGUAGE_CONFIG);

diff --git a/apps/portal-web/src/i18n/en.ts b/apps/portal-web/src/i18n/en.ts
@@ -66,6 +66,8 @@ export default {
         oldPassword: "Old Password",
         newPassword: "New Password",
         confirm: "Confirm Password",
+        userNotExist:"User Not Exist",
+        unavailable:"This feature is not available in the current configuration",
       },
     },
     // job

diff --git a/apps/portal-web/src/i18n/zh_cn.ts b/apps/portal-web/src/i18n/zh_cn.ts
@@ -66,6 +66,8 @@ export default {
         oldPassword:"原密码",
         newPassword: "新密码",
         confirm: "确认密码",
+        userNotExist:"用户不存在",
+        unavailable:"本功能在当前配置下不可用",
       },
     },
     // job