feat: add support for additional emails in user management and update related configurations

2025-11-25 18:30:16 +00:00
parent 07be2155be
commit 8c36a8dee4
10 changed files with 159 additions and 39 deletions
--- a/backend/internal/api/handlers/auth_handlers.go
+++ b/backend/internal/api/handlers/auth_handlers.go
@@ -45,12 +45,13 @@ func (h *AuthUserHandler) Get(c *gin.Context) {

 // CreateRequest represents the request body for creating an auth user
 type CreateAuthUserRequest struct {
-	Username   string `json:"username" binding:"required"`
-	Email      string `json:"email" binding:"required,email"`
-	Name       string `json:"name"`
-	Password   string `json:"password" binding:"required,min=8"`
-	Roles      string `json:"roles"`
-	MFAEnabled bool   `json:"mfa_enabled"`
+	Username         string `json:"username" binding:"required"`
+	Email            string `json:"email" binding:"required,email"`
+	Name             string `json:"name"`
+	Password         string `json:"password" binding:"required,min=8"`
+	Roles            string `json:"roles"`
+	MFAEnabled       bool   `json:"mfa_enabled"`
+	AdditionalEmails string `json:"additional_emails"`
 }

 // Create creates a new auth user
@@ -62,12 +63,13 @@ func (h *AuthUserHandler) Create(c *gin.Context) {
 	}

 	user := models.AuthUser{
-		Username:   req.Username,
-		Email:      req.Email,
-		Name:       req.Name,
-		Roles:      req.Roles,
-		MFAEnabled: req.MFAEnabled,
-		Enabled:    true,
+		Username:         req.Username,
+		Email:            req.Email,
+		Name:             req.Name,
+		Roles:            req.Roles,
+		MFAEnabled:       req.MFAEnabled,
+		AdditionalEmails: req.AdditionalEmails,
+		Enabled:          true,
 	}

 	if err := user.SetPassword(req.Password); err != nil {
@@ -85,12 +87,13 @@ func (h *AuthUserHandler) Create(c *gin.Context) {

 // UpdateRequest represents the request body for updating an auth user
 type UpdateAuthUserRequest struct {
-	Email      *string `json:"email,omitempty"`
-	Name       *string `json:"name,omitempty"`
-	Password   *string `json:"password,omitempty"`
-	Roles      *string `json:"roles,omitempty"`
-	Enabled    *bool   `json:"enabled,omitempty"`
-	MFAEnabled *bool   `json:"mfa_enabled,omitempty"`
+	Email            *string `json:"email,omitempty"`
+	Name             *string `json:"name,omitempty"`
+	Password         *string `json:"password,omitempty"`
+	Roles            *string `json:"roles,omitempty"`
+	Enabled          *bool   `json:"enabled,omitempty"`
+	MFAEnabled       *bool   `json:"mfa_enabled,omitempty"`
+	AdditionalEmails *string `json:"additional_emails,omitempty"`
 }

 // Update updates an existing auth user
@@ -133,6 +136,9 @@ func (h *AuthUserHandler) Update(c *gin.Context) {
 	if req.MFAEnabled != nil {
 		user.MFAEnabled = *req.MFAEnabled
 	}
+	if req.AdditionalEmails != nil {
+		user.AdditionalEmails = *req.AdditionalEmails
+	}

 	if err := h.db.Save(&user).Error; err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
--- a/backend/internal/api/handlers/auth_handlers_test.go
+++ b/backend/internal/api/handlers/auth_handlers_test.go
@@ -147,6 +147,28 @@ func TestAuthUserHandler_Create(t *testing.T) {
 		assert.True(t, result.Enabled)
 	})

+	t.Run("with additional emails", func(t *testing.T) {
+		body := map[string]interface{}{
+			"username":          "multiemail",
+			"email":             "primary@example.com",
+			"password":          "password123",
+			"additional_emails": "alt1@example.com,alt2@example.com",
+		}
+		jsonBody, _ := json.Marshal(body)
+
+		w := httptest.NewRecorder()
+		req, _ := http.NewRequest("POST", "/api/v1/security/users", bytes.NewBuffer(jsonBody))
+		req.Header.Set("Content-Type", "application/json")
+		router.ServeHTTP(w, req)
+
+		assert.Equal(t, http.StatusCreated, w.Code)
+
+		var result models.AuthUser
+		json.Unmarshal(w.Body.Bytes(), &result)
+		assert.Equal(t, "multiemail", result.Username)
+		assert.Equal(t, "alt1@example.com,alt2@example.com", result.AdditionalEmails)
+	})
+
 	t.Run("invalid email", func(t *testing.T) {
 		body := map[string]interface{}{
 			"username": "baduser",
@@ -192,6 +214,24 @@ func TestAuthUserHandler_Update(t *testing.T) {
 		assert.False(t, result.Enabled)
 	})

+	t.Run("update additional emails", func(t *testing.T) {
+		body := map[string]interface{}{
+			"additional_emails": "newalt@example.com",
+		}
+		jsonBody, _ := json.Marshal(body)
+
+		w := httptest.NewRecorder()
+		req, _ := http.NewRequest("PUT", "/api/v1/security/users/"+user.UUID, bytes.NewBuffer(jsonBody))
+		req.Header.Set("Content-Type", "application/json")
+		router.ServeHTTP(w, req)
+
+		assert.Equal(t, http.StatusOK, w.Code)
+
+		var result models.AuthUser
+		json.Unmarshal(w.Body.Bytes(), &result)
+		assert.Equal(t, "newalt@example.com", result.AdditionalEmails)
+	})
+
 	t.Run("not found", func(t *testing.T) {
 		body := map[string]interface{}{"name": "Test"}
 		jsonBody, _ := json.Marshal(body)