feat(mail-group): Refactor mail group management UI and functionality

- Replaced DropdownComponent with SelectComponent for better user experience.
- Updated the layout to use a more streamlined inline form for creating new mail groups.
- Enhanced the display of mail groups in a table format with improved actions and status indicators.
- Added retention settings management for mail groups with caching for better performance.
- Implemented user management enhancements, including subdomain display and input in user creation.
- Updated styles for better responsiveness and visual consistency.
- Added new utility methods in AuthService for subdomain retrieval.
- Adjusted CSS variable names for select components to improve clarity.

Author: Timothy Dodd

src/MailVoidApi/Controllers/MailController.cs

@@ -55,14 +55,13 @@ await db.ExecuteAsync(
     public async Task<IEnumerable<MailBox>> GetBoxes(bool showAll = false)
     {
         var currentUserId = _userService.GetUserId();
-        var role = _userService.GetRole();
-        var isAdmin = role == "Admin";
+        var isAdmin = _userService.IsAdmin();
+        var userSubdomain = _userService.GetSubdomain();
 
         using var db = await _db.GetConnectionAsync();
 
-        // Get distinct mailboxes with their mail group info using a simpler approach
         string sql;
-        if (isAdmin && showAll)
+        if (isAdmin)
         {
             sql = @"SELECT DISTINCT m.`To`, m.MailGroupPath, mg.Subdomain, mg.IsPublic, mg.OwnerUserId
                     FROM Mail m
@@ -73,12 +72,12 @@ FROM Mail m
             sql = @"SELECT DISTINCT m.`To`, m.MailGroupPath, mg.Subdomain, mg.IsPublic, mg.OwnerUserId
                     FROM Mail m
                     LEFT JOIN MailGroup mg ON m.MailGroupPath = mg.Path
-                    WHERE (mg.IsPublic = 1 OR mg.OwnerUserId = @UserId
-                           OR EXISTS (SELECT 1 FROM MailGroupUser mgu WHERE mgu.MailGroupId = mg.Id AND mgu.UserId = @UserId))
-                           OR (mg.Id IS NULL AND @IsAdmin = 1)";
+                    WHERE mg.OwnerUserId = @UserId
+                           OR mg.Subdomain = @UserSubdomain
+                           OR EXISTS (SELECT 1 FROM MailGroupUser mgu WHERE mgu.MailGroupId = mg.Id AND mgu.UserId = @UserId)";
         }
 
-        var mailboxes = await db.QueryAsync<dynamic>(sql, new { UserId = currentUserId, IsAdmin = isAdmin });
+        var mailboxes = await db.QueryAsync<dynamic>(sql, new { UserId = currentUserId, UserSubdomain = userSubdomain });
 
         var result = new List<MailBox>();
         foreach (var mailbox in mailboxes)
@@ -109,8 +108,8 @@ AND NOT EXISTS (SELECT 1 FROM UserMailRead umr WHERE umr.MailId = m.Id AND umr.U
     public async Task<PagedResults<MailWithReadStatus>> GetMails([FromBody(EmptyBodyBehavior = EmptyBodyBehavior.Allow)] FilterOptions? options = null)
     {
         var currentUserId = _userService.GetUserId();
-        var role = _userService.GetRole();
-        var isAdmin = role == "Admin";
+        var isAdmin = _userService.IsAdmin();
+        var userSubdomain = _userService.GetSubdomain();
 
         var results = new PagedResults<MailWithReadStatus>();
         options ??= new FilterOptions();
@@ -120,21 +119,19 @@ public async Task<PagedResults<MailWithReadStatus>> GetMails([FromBody(EmptyBody
         var whereClauses = new List<string>();
         var parameters = new DynamicParameters();
         parameters.Add("UserId", currentUserId);
-        parameters.Add("IsAdmin", isAdmin);
+        parameters.Add("UserSubdomain", userSubdomain);
 
         if (!string.IsNullOrEmpty(options.To))
         {
             whereClauses.Add("m.`To` = @To");
             parameters.Add("To", options.To);
         }
 
-        // Filter by mail group access - user must have access to the mail group
-        // Admins can see all, others can only see emails in groups they have access to
         if (!isAdmin)
         {
             whereClauses.Add(@"(
-                mg.IsPublic = 1
-                OR mg.OwnerUserId = @UserId
+                mg.OwnerUserId = @UserId
+                OR mg.Subdomain = @UserSubdomain
                 OR EXISTS (SELECT 1 FROM MailGroupUser mgu WHERE mgu.MailGroupId = mg.Id AND mgu.UserId = @UserId)
             )");
         }
@@ -150,7 +147,7 @@ OR EXISTS (SELECT 1 FROM MailGroupUser mgu WHERE mgu.MailGroupId = mg.Id AND mgu
         var offset = (options.Page - 1) * options.PageSize;
         var mails = await db.QueryAsync<Mail>(
             $"SELECT m.* FROM Mail m LEFT JOIN MailGroup mg ON m.MailGroupPath = mg.Path {whereClause} ORDER BY m.CreatedOn DESC LIMIT @Limit OFFSET @Offset",
-            new { Limit = options.PageSize, Offset = offset, To = options.To, UserId = currentUserId, IsAdmin = isAdmin });
+            new { Limit = options.PageSize, Offset = offset, To = options.To, UserId = currentUserId, UserSubdomain = userSubdomain });
 
         var mailList = mails.ToList();
         var mailIds = mailList.Select(m => m.Id).ToList();
@@ -201,15 +198,28 @@ public async Task<IActionResult> DeleteBox([FromBody] FilterOptions options)
     public async Task<IActionResult> GetMailGroups()
     {
         var userId = _userService.GetUserId();
+        var isAdmin = _userService.IsAdmin();
+        var userSubdomain = _userService.GetSubdomain();
         using var db = await _db.GetConnectionAsync();
 
-        var groups = await db.QueryAsync<dynamic>(
-            @"SELECT mg.Id, mg.Path, mg.Subdomain, mg.Description, mg.IsPublic, mg.CreatedAt, mg.LastActivity, mg.OwnerUserId, mg.IsUserPrivate
-              FROM MailGroup mg
-              WHERE mg.Subdomain IS NOT NULL AND mg.IsUserPrivate = 0
-              AND (mg.IsPublic = 1 OR mg.OwnerUserId = @UserId
-                   OR EXISTS (SELECT 1 FROM MailGroupUser mgu WHERE mgu.MailGroupId = mg.Id AND mgu.UserId = @UserId))",
-            new { UserId = userId });
+        string sql;
+        if (isAdmin)
+        {
+            sql = @"SELECT mg.Id, mg.Path, mg.Subdomain, mg.Description, mg.IsPublic, mg.CreatedAt, mg.LastActivity, mg.OwnerUserId, mg.IsUserPrivate
+                    FROM MailGroup mg
+                    WHERE mg.Subdomain IS NOT NULL AND mg.IsUserPrivate = 0";
+        }
+        else
+        {
+            sql = @"SELECT mg.Id, mg.Path, mg.Subdomain, mg.Description, mg.IsPublic, mg.CreatedAt, mg.LastActivity, mg.OwnerUserId, mg.IsUserPrivate
+                    FROM MailGroup mg
+                    WHERE mg.Subdomain IS NOT NULL AND mg.IsUserPrivate = 0
+                    AND (mg.OwnerUserId = @UserId
+                         OR mg.Subdomain = @UserSubdomain
+                         OR EXISTS (SELECT 1 FROM MailGroupUser mgu WHERE mgu.MailGroupId = mg.Id AND mgu.UserId = @UserId))";
+        }
+
+        var groups = await db.QueryAsync<dynamic>(sql, new { UserId = userId, UserSubdomain = userSubdomain });
 
         var result = groups.Select(mg => new
         {
@@ -367,7 +377,8 @@ public async Task<IActionResult> GetUsers()
             u.Id,
             u.UserName,
             u.Role,
-            u.TimeStamp
+            u.TimeStamp,
+            u.Subdomain
         }).ToList();
 
         return Ok(result);

src/MailVoidApi/Controllers/UserManagementController.cs

@@ -34,7 +34,8 @@ public async Task<ActionResult<List<UserDto>>> GetAllUsers()
             Id = u.Id.ToString(),
             UserName = u.UserName,
             Role = u.Role,
-            TimeStamp = u.TimeStamp
+            TimeStamp = u.TimeStamp,
+            Subdomain = u.Subdomain
         }).ToList();
 
         return Ok(userDtos);
@@ -61,7 +62,8 @@ public async Task<ActionResult<UserDto>> GetUser(Guid id)
             Id = user.Id.ToString(),
             UserName = user.UserName,
             Role = user.Role,
-            TimeStamp = user.TimeStamp
+            TimeStamp = user.TimeStamp,
+            Subdomain = user.Subdomain
         };
 
         return Ok(userDto);
@@ -87,10 +89,19 @@ public async Task<ActionResult<UserDto>> CreateUser(CreateUserDto createUserDto)
             return BadRequest("Username already exists.");
         }
 
-        var user = await _userManagementService.CreateUserAsync(
-            createUserDto.UserName,
-            createUserDto.Password,
-            createUserDto.Role);
+        User? user;
+        try
+        {
+            user = await _userManagementService.CreateUserAsync(
+                createUserDto.UserName,
+                createUserDto.Password,
+                createUserDto.Role,
+                createUserDto.Subdomain);
+        }
+        catch (InvalidOperationException ex)
+        {
+            return BadRequest(ex.Message);
+        }
 
         if (user == null)
         {
@@ -102,7 +113,8 @@ public async Task<ActionResult<UserDto>> CreateUser(CreateUserDto createUserDto)
             Id = user.Id.ToString(),
             UserName = user.UserName,
             Role = user.Role,
-            TimeStamp = user.TimeStamp
+            TimeStamp = user.TimeStamp,
+            Subdomain = user.Subdomain
         };
 
         return CreatedAtAction(nameof(GetUser), new { id = user.Id }, userDto);
@@ -193,13 +205,15 @@ public class UserDto
     public required string UserName { get; set; }
     public Role Role { get; set; }
     public DateTime TimeStamp { get; set; }
+    public string? Subdomain { get; set; }
 }
 
 public class CreateUserDto
 {
     public required string UserName { get; set; }
     public required string Password { get; set; }
     public Role Role { get; set; } = Role.User;
+    public string? Subdomain { get; set; }
 }
 
 public class UpdateRoleDto

src/MailVoidApi/Models/User.cs

@@ -24,4 +24,8 @@ public class User
 
     [Required]
     public Role Role { get; set; } = Role.User;
+
+    [StringLength(255)]
+    [Index("IX_User_Subdomain", IsUnique = true)]
+    public string? Subdomain { get; set; }
 }

src/MailVoidApi/Services/AuthService.cs

@@ -53,6 +53,11 @@ public string GenerateJwtToken(User user)
             new Claim(ClaimTypes.Role, user.Role.ToString()),
         };
 
+        if (!string.IsNullOrEmpty(user.Subdomain))
+        {
+            claims.Add(new Claim("subdomain", user.Subdomain));
+        }
+
         // Create token using JwtSecurityToken directly for more control
         var token = new JwtSecurityToken(
             issuer: issuer,

src/MailVoidApi/Services/MailGroupService.cs

@@ -84,7 +84,7 @@ public async Task<MailGroup> GetOrCreateMailGroup(string subdomain, Guid? userId
             Path = path,
             Subdomain = subdomain,
             OwnerUserId = adminUser.Id,
-            IsPublic = true,
+            IsPublic = false,
             Description = $"Auto-generated group for {subdomain} subdomain"
         };
 

src/MailVoidApi/Services/UserManagementService.cs

@@ -29,7 +29,7 @@ public async Task<List<User>> GetAllUsersAsync()
         return await db.SingleByIdAsync<User>(userId);
     }
 
-    public async Task<User?> CreateUserAsync(string userName, string password, Role role = Role.User)
+    public async Task<User?> CreateUserAsync(string userName, string password, Role role = Role.User, string? subdomain = null)
     {
         using var db = await _db.GetConnectionAsync();
 
@@ -41,13 +41,25 @@ public async Task<List<User>> GetAllUsersAsync()
             return null; // Username already exists
         }
 
+        // Check if subdomain is already taken
+        if (!string.IsNullOrWhiteSpace(subdomain))
+        {
+            subdomain = subdomain.Trim().ToLowerInvariant();
+            var existingSubdomain = await db.ExistsAsync<User>(u => u.Subdomain == subdomain);
+            if (existingSubdomain)
+            {
+                throw new InvalidOperationException("Subdomain is already assigned to another user.");
+            }
+        }
+
         var user = new User
         {
             Id = Guid.NewGuid(),
             UserName = userName,
             PasswordHash = "", // Will be set below
             TimeStamp = DateTime.UtcNow,
-            Role = role
+            Role = role,
+            Subdomain = subdomain
         };
 
         // Hash the password

src/MailVoidApi/Services/UserService.cs

@@ -58,10 +58,20 @@ public bool IsAdmin()
         }
     }
 
+    public string? GetSubdomain()
+    {
+        var httpContext = _httpContextAccessor.HttpContext;
+        if (httpContext?.User?.Identity is not ClaimsIdentity identity)
+            return null;
+
+        var subdomainClaim = identity.FindFirst("subdomain");
+        return subdomainClaim?.Value;
+    }
 }
 public interface IUserService
 {
     Guid GetUserId();
     string GetRole();
     bool IsAdmin();
+    string? GetSubdomain();
 }