API cleanup: remove emailer service implementation (#6661)

* API cleanup: remove emailer * remove config defaults
treeverse · Oct 1, 2023 · e47b687 · e47b687
1 parent eaed646
commit e47b687
Show file tree

Hide file tree

Showing 22 changed files with 39 additions and 576 deletions.
diff --git a/cmd/lakefs/cmd/run.go b/cmd/lakefs/cmd/run.go
@@ -22,7 +22,6 @@ import (
 	"github.com/treeverse/lakefs/pkg/api"
 	"github.com/treeverse/lakefs/pkg/auth"
 	"github.com/treeverse/lakefs/pkg/auth/crypt"
-	"github.com/treeverse/lakefs/pkg/auth/email"
 	authparams "github.com/treeverse/lakefs/pkg/auth/params"
 	authremote "github.com/treeverse/lakefs/pkg/auth/remoteauthenticator"
 	"github.com/treeverse/lakefs/pkg/block"
@@ -106,11 +105,6 @@ var runCmd = &cobra.Command{
 			logger.WithError(err).Fatal("Failure on schema validation")
 		}
 
-		emailer, err := email.NewEmailer(email.Params(cfg.Email))
-		if err != nil {
-			logger.WithError(err).Fatal("Emailer has not been properly configured, check the values in sender field")
-		}
-
 		migrator := kv.NewDatabaseMigrator(kvParams)
 		multipartTracker := multipart.NewTracker(kvStore)
 		actionsStore := actions.NewActionsKVStore(kvStore)
@@ -124,17 +118,11 @@ var runCmd = &cobra.Command{
 			logger.WithError(err).Fatal("Unsupported auth mode")
 		}
 		if cfg.IsAuthTypeAPI() {
-			var apiEmailer *email.Emailer
-			if !cfg.Auth.API.SupportsInvites {
-				// invites not supported by API - delegate it to emailer
-				apiEmailer = emailer
-			}
 			authService, err = auth.NewAPIAuthService(
 				cfg.Auth.API.Endpoint,
 				cfg.Auth.API.Token.SecureValue(),
 				crypt.NewSecretStore([]byte(cfg.Auth.Encrypt.SecretKey)),
 				authparams.ServiceCache(cfg.Auth.Cache),
-				apiEmailer,
 				logger.WithField("service", "auth_api"),
 			)
 			if err != nil {
@@ -144,7 +132,6 @@ var runCmd = &cobra.Command{
 			authService = auth.NewAuthService(
 				kvStore,
 				crypt.NewSecretStore([]byte(cfg.Auth.Encrypt.SecretKey)),
-				emailer,
 				authparams.ServiceCache(cfg.Auth.Cache),
 				logger.WithField("service", "auth_service"),
 			)
@@ -263,7 +250,6 @@ var runCmd = &cobra.Command{
 			actionsService,
 			auditChecker,
 			logger.WithField("service", "api_gateway"),
-			emailer,
 			cfg.Gateways.S3.DomainNames,
 			cfg.UISnippets(),
 			upload.DefaultPathProvider,
@@ -279,14 +265,6 @@ var runCmd = &cobra.Command{
 			}
 		}
 
-		lakefsBaseURL := cfg.Email.LakefsBaseURL
-		if lakefsBaseURL != "" {
-			_, err := url.Parse(lakefsBaseURL)
-			if err != nil {
-				logger.WithError(err).Warn("Failed to parse configured lakefs base url for email")
-			}
-		}
-
 		// setup authenticator for s3 gateway to also support swagger auth
 		oidcConfig := api.OIDCConfig(cfg.Auth.OIDC)
 		cookieAuthConfig := api.CookieAuthConfig(cfg.Auth.CookieAuthVerification)

diff --git a/cmd/lakefs/cmd/setup.go b/cmd/lakefs/cmd/setup.go
@@ -74,7 +74,7 @@ var setupCmd = &cobra.Command{
 		defer kvStore.Close()
 		logger := logging.ContextUnavailable()
 		authLogger := logger.WithField("service", "auth_service")
-		authService = auth.NewAuthService(kvStore, crypt.NewSecretStore([]byte(cfg.Auth.Encrypt.SecretKey)), nil, authparams.ServiceCache(cfg.Auth.Cache), authLogger)
+		authService = auth.NewAuthService(kvStore, crypt.NewSecretStore([]byte(cfg.Auth.Encrypt.SecretKey)), authparams.ServiceCache(cfg.Auth.Cache), authLogger)
 		metadataManager = auth.NewKVMetadataManager(version.Version, cfg.Installation.FixedID, cfg.Database.Type, kvStore)
 
 		cloudMetadataProvider := stats.BuildMetadataProvider(logger, cfg)

diff --git a/cmd/lakefs/cmd/superuser.go b/cmd/lakefs/cmd/superuser.go
@@ -59,7 +59,7 @@ var superuserCmd = &cobra.Command{
 			fmt.Printf("Failed to open KV store: %s\n", err)
 			os.Exit(1)
 		}
-		authService := auth.NewAuthService(kvStore, crypt.NewSecretStore([]byte(cfg.Auth.Encrypt.SecretKey)), nil, authparams.ServiceCache(cfg.Auth.Cache), logger.WithField("service", "auth_service"))
+		authService := auth.NewAuthService(kvStore, crypt.NewSecretStore([]byte(cfg.Auth.Encrypt.SecretKey)), authparams.ServiceCache(cfg.Auth.Cache), logger.WithField("service", "auth_service"))
 		authMetadataManager := auth.NewKVMetadataManager(version.Version, cfg.Installation.FixedID, cfg.Database.Type, kvStore)
 
 		metadataProvider := stats.BuildMetadataProvider(logger, cfg)

diff --git a/docs/assets/js/swagger.yml b/docs/assets/js/swagger.yml
@@ -77,7 +77,7 @@ components:
         application/json:
           schema:
             $ref: "#/components/schemas/ErrorNoACL"
-            
+
     Unauthorized:
       description: Unauthorized
       content:
@@ -1250,7 +1250,7 @@ components:
           example: s3://my-bucket/production/collections/
         destination:
           type: string
-          description: Destination for the imported objects on the branch 
+          description: Destination for the imported objects on the branch
           example: collections/
 
     ImportCreation:
@@ -1323,14 +1323,14 @@ components:
       required:
         - update_time
         - completed
-    
+
     ImportCreationResponse:
       type: object
       properties:
         id:
           description: The id of the import process
           type: string
-      required: 
+      required:
         - id
 
     MetaRangeCreation:
@@ -4084,7 +4084,7 @@ paths:
           $ref: "#/components/responses/NotFound"
         default:
           $ref: "#/components/responses/ServerError"
-    
+
     post:
       tags:
         - retention

diff --git a/pkg/api/controller.go b/pkg/api/controller.go
@@ -27,7 +27,6 @@ import (
 	"github.com/treeverse/lakefs/pkg/api/apiutil"
 	"github.com/treeverse/lakefs/pkg/auth"
 	"github.com/treeverse/lakefs/pkg/auth/acl"
-	"github.com/treeverse/lakefs/pkg/auth/email"
 	"github.com/treeverse/lakefs/pkg/auth/model"
 	"github.com/treeverse/lakefs/pkg/auth/setup"
 	"github.com/treeverse/lakefs/pkg/block"
@@ -92,7 +91,6 @@ type Controller struct {
 	Actions               actionsHandler
 	AuditChecker          AuditChecker
 	Logger                logging.Logger
-	Emailer               *email.Emailer
 	sessionStore          sessions.Store
 	PathProvider          upload.PathProvider
 	otfDiffService        *tablediff.Service
@@ -149,11 +147,9 @@ func (c *Controller) PrepareGarbageCollectionUncommitted(w http.ResponseWriter,
 }
 
 func (c *Controller) GetAuthCapabilities(w http.ResponseWriter, r *http.Request) {
-	inviteSupported := c.Auth.IsInviteSupported()
-	emailSupported := c.Emailer.Params.SMTPHost != ""
+	_, inviteSupported := c.Auth.(auth.EmailInviter)
 	writeResponse(w, r, http.StatusOK, apigen.AuthCapabilities{
-		InviteUser:     &inviteSupported,
-		ForgotPassword: &emailSupported,
+		InviteUser: &inviteSupported,
 	})
 }
 
@@ -1080,6 +1076,7 @@ func (c *Controller) CreateUser(w http.ResponseWriter, r *http.Request, body api
 
 	var parsedEmail *string
 	if invite {
+		// Check that email is valid
 		addr, err := mail.ParseAddress(username)
 		if err != nil {
 			c.Logger.WithError(err).WithField("user_id", username).Warn("failed parsing email")
@@ -1100,7 +1097,12 @@ func (c *Controller) CreateUser(w http.ResponseWriter, r *http.Request, body api
 	ctx := r.Context()
 	c.LogAction(ctx, "create_user", r, "", "", "")
 	if invite {
-		err := c.Auth.InviteUser(ctx, *parsedEmail)
+		inviter, ok := c.Auth.(auth.EmailInviter)
+		if !ok {
+			writeError(w, r, http.StatusNotImplemented, "Not implemented")
+			return
+		}
+		err := inviter.InviteUser(ctx, *parsedEmail)
 		if c.handleAPIError(ctx, w, r, err) {
 			c.Logger.WithError(err).WithField("email", *parsedEmail).Warn("failed creating user")
 			return
@@ -4461,7 +4463,7 @@ func resolvePathList(objects, prefixes *[]string) []catalog.PathRecord {
 	return pathRecords
 }
 
-func NewController(cfg *config.Config, catalog catalog.Interface, authenticator auth.Authenticator, authService auth.Service, blockAdapter block.Adapter, metadataManager auth.MetadataManager, migrator Migrator, collector stats.Collector, cloudMetadataProvider cloud.MetadataProvider, actions actionsHandler, auditChecker AuditChecker, logger logging.Logger, emailer *email.Emailer, sessionStore sessions.Store, pathProvider upload.PathProvider, otfDiffService *tablediff.Service) *Controller {
+func NewController(cfg *config.Config, catalog catalog.Interface, authenticator auth.Authenticator, authService auth.Service, blockAdapter block.Adapter, metadataManager auth.MetadataManager, migrator Migrator, collector stats.Collector, cloudMetadataProvider cloud.MetadataProvider, actions actionsHandler, auditChecker AuditChecker, logger logging.Logger, sessionStore sessions.Store, pathProvider upload.PathProvider, otfDiffService *tablediff.Service) *Controller {
 	return &Controller{
 		Config:                cfg,
 		Catalog:               catalog,
@@ -4475,7 +4477,6 @@ func NewController(cfg *config.Config, catalog catalog.Interface, authenticator
 		Actions:               actions,
 		AuditChecker:          auditChecker,
 		Logger:                logger,
-		Emailer:               emailer,
 		sessionStore:          sessionStore,
 		PathProvider:          pathProvider,
 		otfDiffService:        otfDiffService,

diff --git a/pkg/api/serve.go b/pkg/api/serve.go
@@ -16,7 +16,6 @@ import (
 	"github.com/treeverse/lakefs/pkg/api/apiutil"
 	"github.com/treeverse/lakefs/pkg/api/params"
 	"github.com/treeverse/lakefs/pkg/auth"
-	"github.com/treeverse/lakefs/pkg/auth/email"
 	"github.com/treeverse/lakefs/pkg/block"
 	"github.com/treeverse/lakefs/pkg/catalog"
 	"github.com/treeverse/lakefs/pkg/cloud"
@@ -35,7 +34,7 @@ const (
 	extensionValidationExcludeBody = "x-validation-exclude-body"
 )
 
-func Serve(cfg *config.Config, catalog catalog.Interface, middlewareAuthenticator auth.Authenticator, authService auth.Service, blockAdapter block.Adapter, metadataManager auth.MetadataManager, migrator Migrator, collector stats.Collector, cloudMetadataProvider cloud.MetadataProvider, actions actionsHandler, auditChecker AuditChecker, logger logging.Logger, emailer *email.Emailer, gatewayDomains []string, snippets []params.CodeSnippet, pathProvider upload.PathProvider, otfService *tablediff.Service) http.Handler {
+func Serve(cfg *config.Config, catalog catalog.Interface, middlewareAuthenticator auth.Authenticator, authService auth.Service, blockAdapter block.Adapter, metadataManager auth.MetadataManager, migrator Migrator, collector stats.Collector, cloudMetadataProvider cloud.MetadataProvider, actions actionsHandler, auditChecker AuditChecker, logger logging.Logger, gatewayDomains []string, snippets []params.CodeSnippet, pathProvider upload.PathProvider, otfService *tablediff.Service) http.Handler {
 	logger.Info("initialize OpenAPI server")
 	swagger, err := apigen.GetSwagger()
 	if err != nil {
@@ -57,7 +56,7 @@ func Serve(cfg *config.Config, catalog catalog.Interface, middlewareAuthenticato
 		AuthMiddleware(logger, swagger, middlewareAuthenticator, authService, sessionStore, &oidcConfig, &cookieAuthConfig),
 		MetricsMiddleware(swagger),
 	)
-	controller := NewController(cfg, catalog, middlewareAuthenticator, authService, blockAdapter, metadataManager, migrator, collector, cloudMetadataProvider, actions, auditChecker, logger, emailer, sessionStore, pathProvider, otfService)
+	controller := NewController(cfg, catalog, middlewareAuthenticator, authService, blockAdapter, metadataManager, migrator, collector, cloudMetadataProvider, actions, auditChecker, logger, sessionStore, pathProvider, otfService)
 	apigen.HandlerFromMuxWithBaseURL(controller, apiRouter, apiutil.BaseURL)
 
 	r.Mount("/_health", httputil.ServeHealth())

diff --git a/pkg/api/serve_test.go b/pkg/api/serve_test.go
@@ -20,7 +20,6 @@ import (
 	"github.com/treeverse/lakefs/pkg/api/apiutil"
 	"github.com/treeverse/lakefs/pkg/auth"
 	"github.com/treeverse/lakefs/pkg/auth/crypt"
-	"github.com/treeverse/lakefs/pkg/auth/email"
 	authmodel "github.com/treeverse/lakefs/pkg/auth/model"
 	authparams "github.com/treeverse/lakefs/pkg/auth/params"
 	"github.com/treeverse/lakefs/pkg/block"
@@ -146,7 +145,7 @@ func setupHandlerWithWalkerFactory(t testing.TB, factory catalog.WalkerFactory)
 	kvStore := kvtest.GetStore(ctx, t)
 	actionsStore := actions.NewActionsKVStore(kvStore)
 	idGen := &actions.DecreasingIDGenerator{}
-	authService := auth.NewAuthService(kvStore, crypt.NewSecretStore([]byte("some secret")), nil, authparams.ServiceCache{
+	authService := auth.NewAuthService(kvStore, crypt.NewSecretStore([]byte("some secret")), authparams.ServiceCache{
 		Enabled: false,
 	}, logging.ContextUnavailable())
 	meta := auth.NewKVMetadataManager("serve_test", cfg.Installation.FixedID, cfg.Database.Type, kvStore)
@@ -187,12 +186,11 @@ func setupHandlerWithWalkerFactory(t testing.TB, factory catalog.WalkerFactory)
 	})
 
 	auditChecker := version.NewDefaultAuditChecker(cfg.Security.AuditCheckURL, "", nil)
-	emailer, err := email.NewEmailer(email.Params(cfg.Email))
 
 	otfDiffService := tablediff.NewMockService()
 
 	testutil.Must(t, err)
-	handler := api.Serve(cfg, c, authenticator, authService, c.BlockAdapter, meta, migrator, collector, nil, actionsService, auditChecker, logging.ContextUnavailable(), emailer, nil, nil, upload.DefaultPathProvider, otfDiffService)
+	handler := api.Serve(cfg, c, authenticator, authService, c.BlockAdapter, meta, migrator, collector, nil, actionsService, auditChecker, logging.ContextUnavailable(), nil, nil, upload.DefaultPathProvider, otfDiffService)
 
 	return handler, &dependencies{
 		blocks:      c.BlockAdapter,

diff --git a/pkg/auth/email/emailer.go b/pkg/auth/email/emailer.go