From e0273ecc03a77128f21d2dc6a00a1307df4c3d7a Mon Sep 17 00:00:00 2001
From: Shrikant Sharat Kandula <shrikant@appsmith.com>
Date: Thu, 26 Aug 2021 06:35:32 +0530
Subject: [PATCH] Add form data support for superuser signup API (#6844)

The superuser signup api available at /users/super currently only supports JSON payload. This PR adds support for form-data payload at the same endpoint, and makes it consistent with the normal user's signup API endpoint.
---
 .../server/controllers/UserController.java    |  7 ++-
 .../appsmith/server/solutions/UserSignup.java | 47 ++++++++++++++++++-
 2 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/UserController.java b/app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/UserController.java
index fb9d7367b6..83d79c9a7e 100644
--- a/app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/UserController.java
+++ b/app/server/appsmith-server/src/main/java/com/appsmith/server/controllers/UserController.java
@@ -75,7 +75,7 @@ public class UserController extends BaseController<UserService, User, String> {
         return userSignup.signupAndLoginFromFormData(exchange);
     }
 
-    @PostMapping("/super")
+    @PostMapping(value = "/super", consumes = {MediaType.APPLICATION_JSON_VALUE})
     public Mono<ResponseDTO<User>> createSuperUser(
             @Valid @RequestBody UserSignupRequestDTO resource,
             ServerWebExchange exchange
@@ -84,6 +84,11 @@ public class UserController extends BaseController<UserService, User, String> {
                 .map(created -> new ResponseDTO<>(HttpStatus.CREATED.value(), created, null));
     }
 
+    @PostMapping(value = "/super", consumes = {MediaType.APPLICATION_FORM_URLENCODED_VALUE})
+    public Mono<Void> createSuperUserFromFormData(ServerWebExchange exchange) {
+        return userSignup.signupAndLoginSuperFromFormData(exchange);
+    }
+
     @PutMapping()
     public Mono<ResponseDTO<User>> update(@RequestBody User resource, ServerWebExchange exchange) {
         return service.updateCurrentUser(resource, exchange)
diff --git a/app/server/appsmith-server/src/main/java/com/appsmith/server/solutions/UserSignup.java b/app/server/appsmith-server/src/main/java/com/appsmith/server/solutions/UserSignup.java
index e858bcabf4..a57a74958a 100644
--- a/app/server/appsmith-server/src/main/java/com/appsmith/server/solutions/UserSignup.java
+++ b/app/server/appsmith-server/src/main/java/com/appsmith/server/solutions/UserSignup.java
@@ -125,7 +125,7 @@ public class UserSignup {
                 .map(formData -> {
                     final User user = new User();
                     user.setEmail(formData.getFirst(FieldName.EMAIL));
-                    user.setPassword(formData.getFirst("password"));
+                    user.setPassword(formData.getFirst(FieldName.PASSWORD));
                     if (formData.containsKey(FieldName.NAME)) {
                         user.setName(formData.getFirst(FieldName.NAME));
                     }
@@ -201,4 +201,49 @@ public class UserSignup {
                 });
     }
 
+    public Mono<Void> signupAndLoginSuperFromFormData(ServerWebExchange exchange) {
+        return exchange.getFormData()
+                .map(formData -> {
+                    final UserSignupRequestDTO user = new UserSignupRequestDTO();
+                    user.setEmail(formData.getFirst(FieldName.EMAIL));
+                    user.setPassword(formData.getFirst(FieldName.PASSWORD));
+                    user.setSource(LoginSource.FORM);
+                    user.setState(UserState.ACTIVATED);
+                    user.setEnabled(true);
+                    if (formData.containsKey(FieldName.NAME)) {
+                        user.setName(formData.getFirst(FieldName.NAME));
+                    }
+                    if (formData.containsKey("role")) {
+                        user.setRole(formData.getFirst("role"));
+                    }
+                    if (formData.containsKey("companyName")) {
+                        user.setCompanyName(formData.getFirst("companyName"));
+                    }
+                    if (formData.containsKey("allowCollectingAnonymousData")) {
+                        user.setAllowCollectingAnonymousData("true".equals(formData.getFirst("allowCollectingAnonymousData")));
+                    }
+                    if (formData.containsKey("signupForNewsletter")) {
+                        user.setSignupForNewsletter("true".equals(formData.getFirst("signupForNewsletter")));
+                    }
+                    return user;
+                })
+                .flatMap(user -> signupAndLoginSuper(user, exchange))
+                .then()
+                .onErrorResume(error -> {
+                    String referer = exchange.getRequest().getHeaders().getFirst("referer");
+                    if (referer == null) {
+                        referer = DEFAULT_ORIGIN_HEADER;
+                    }
+                    final URIBuilder redirectUriBuilder = new URIBuilder(URI.create(referer)).setParameter("error", error.getMessage());
+                    URI redirectUri;
+                    try {
+                        redirectUri = redirectUriBuilder.build();
+                    } catch (URISyntaxException e) {
+                        log.error("Error building redirect URI with error for signup, {}.", e.getMessage(), error);
+                        redirectUri = URI.create(referer);
+                    }
+                    return redirectStrategy.sendRedirect(exchange, redirectUri);
+                });
+    }
+
 }