From 8f9c54f6c2208a50cb7f9ae4d08e0386ca24b238 Mon Sep 17 00:00:00 2001
From: bcmmbaga <bethuelmbaga12@gmail.com>
Date: Wed, 18 Sep 2024 17:03:04 +0300
Subject: [PATCH] remove GetUserByID from account manager

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
---
 management/server/account.go                        | 3 ++-
 management/server/http/handler.go                   | 2 +-
 management/server/http/middleware/access_control.go | 6 +++---
 management/server/mock_server/account_mock.go       | 9 ---------
 management/server/user.go                           | 5 -----
 5 files changed, 6 insertions(+), 19 deletions(-)

diff --git a/management/server/account.go b/management/server/account.go
index 037a92ad8..48a38916a 100644
--- a/management/server/account.go
+++ b/management/server/account.go
@@ -81,7 +81,6 @@ type AccountManager interface {
 	GetAccountFromPAT(ctx context.Context, pat string) (*Account, *User, *PersonalAccessToken, error)
 	DeleteAccount(ctx context.Context, accountID, userID string) error
 	MarkPATUsed(ctx context.Context, tokenID string) error
-	GetUserByID(ctx context.Context, userID string) (*User, error)
 	GetUser(ctx context.Context, claims jwtclaims.AuthorizationClaims) (*User, error)
 	ListUsers(ctx context.Context, accountID string) ([]*User, error)
 	GetPeers(ctx context.Context, accountID, userID string) ([]*nbpeer.Peer, error)
@@ -2208,6 +2207,8 @@ func extractJWTGroups(ctx context.Context, claimName string, claims jwtclaims.Au
 				}
 			}
 		}
+	} else {
+		log.WithContext(ctx).Debugf("JWT claim %q is not a string array", claimName)
 	}
 
 	return userJWTGroups
diff --git a/management/server/http/handler.go b/management/server/http/handler.go
index 4dd3ecef1..ef94f22b9 100644
--- a/management/server/http/handler.go
+++ b/management/server/http/handler.go
@@ -66,7 +66,7 @@ func APIHandler(ctx context.Context, accountManager s.AccountManager, LocationMa
 	acMiddleware := middleware.NewAccessControl(
 		authCfg.Audience,
 		authCfg.UserIDClaim,
-		accountManager.GetUserByID)
+		accountManager.GetUser)
 
 	rootRouter := mux.NewRouter()
 	metricsMiddleware := appMetrics.HTTPMiddleware()
diff --git a/management/server/http/middleware/access_control.go b/management/server/http/middleware/access_control.go
index d774eb72a..0ad250f43 100644
--- a/management/server/http/middleware/access_control.go
+++ b/management/server/http/middleware/access_control.go
@@ -15,8 +15,8 @@ import (
 	"github.com/netbirdio/netbird/management/server/jwtclaims"
 )
 
-// GetUser function defines a function to fetch user from Account by user id.
-type GetUser func(ctx context.Context, id string) (*server.User, error)
+// GetUser function defines a function to fetch user from Account by jwtclaims.AuthorizationClaims
+type GetUser func(ctx context.Context, claims jwtclaims.AuthorizationClaims) (*server.User, error)
 
 // AccessControl middleware to restrict to make POST/PUT/DELETE requests by admin only
 type AccessControl struct {
@@ -47,7 +47,7 @@ func (a *AccessControl) Handler(h http.Handler) http.Handler {
 
 		claims := a.claimsExtract.FromRequestContext(r)
 
-		user, err := a.getUser(r.Context(), claims.UserId)
+		user, err := a.getUser(r.Context(), claims)
 		if err != nil {
 			log.WithContext(r.Context()).Errorf("failed to get user from claims: %s", err)
 			util.WriteError(r.Context(), status.Errorf(status.Unauthorized, "invalid JWT"), w)
diff --git a/management/server/mock_server/account_mock.go b/management/server/mock_server/account_mock.go
index ad587665d..9ef42bff2 100644
--- a/management/server/mock_server/account_mock.go
+++ b/management/server/mock_server/account_mock.go
@@ -27,7 +27,6 @@ type MockAccountManager struct {
 		expiresIn time.Duration, autoGroups []string, usageLimit int, userID string, ephemeral bool) (*server.SetupKey, error)
 	GetSetupKeyFunc                     func(ctx context.Context, accountID, userID, keyID string) (*server.SetupKey, error)
 	GetAccountByUserOrAccountIdFunc     func(ctx context.Context, userId, accountId, domain string) (*server.Account, error)
-	GetUserByIDFunc                     func(ctx context.Context, userID string) (*server.User, error)
 	GetUserFunc                         func(ctx context.Context, claims jwtclaims.AuthorizationClaims) (*server.User, error)
 	ListUsersFunc                       func(ctx context.Context, accountID string) ([]*server.User, error)
 	GetPeersFunc                        func(ctx context.Context, accountID, userID string) ([]*nbpeer.Peer, error)
@@ -409,14 +408,6 @@ func (am *MockAccountManager) UpdatePeerMeta(ctx context.Context, peerID string,
 	return status.Errorf(codes.Unimplemented, "method UpdatePeerMeta is not implemented")
 }
 
-// GetUserByID mock implementation of GetUserByID from server.AccountManager interface
-func (am *MockAccountManager) GetUserByID(ctx context.Context, userID string) (*server.User, error) {
-	if am.GetUserByIDFunc != nil {
-		return am.GetUserByIDFunc(ctx, userID)
-	}
-	return nil, status.Errorf(codes.Unimplemented, "method GetUser is not implemented")
-}
-
 // GetUser mock implementation of GetUser from server.AccountManager interface
 func (am *MockAccountManager) GetUser(ctx context.Context, claims jwtclaims.AuthorizationClaims) (*server.User, error) {
 	if am.GetUserFunc != nil {
diff --git a/management/server/user.go b/management/server/user.go
index b2263db1d..7e5574e4b 100644
--- a/management/server/user.go
+++ b/management/server/user.go
@@ -357,11 +357,6 @@ func (am *DefaultAccountManager) inviteNewUser(ctx context.Context, accountID, u
 	return newUser.ToUserInfo(idpUser, account.Settings)
 }
 
-// GetUserByID looks up a user by provided user id.
-func (am *DefaultAccountManager) GetUserByID(ctx context.Context, id string) (*User, error) {
-	return am.Store.GetUserByUserID(ctx, LockingStrengthShare, id)
-}
-
 // GetUser looks up a user by provided authorization claims.
 // It will also create an account if didn't exist for this user before.
 func (am *DefaultAccountManager) GetUser(ctx context.Context, claims jwtclaims.AuthorizationClaims) (*User, error) {