fix(developers): add Mattermost team membership and role-aware Gitea provisioning

New users are now added to the SilverLABS Mattermost team after account creation. Gitea provisioning is skipped for Testers (only Developers get repo access). Role is parsed from ticket description and threaded through the entire approval/confirmation flow. Gitea API token is now configured. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-23 15:10:45 +00:00
parent dc9a60a7a2
commit cd2994d7eb
4 changed files with 82 additions and 21 deletions
--- a/BlazorApp/Endpoints/DeveloperEndpoints.cs
+++ b/BlazorApp/Endpoints/DeveloperEndpoints.cs
@@ -43,18 +43,22 @@ public static class DeveloperEndpoints
                return Results.Problem("Failed to fetch ticket from SilverDESK", statusCode: 502);

            var description = ticket.Value.GetProperty("description").GetString() ?? "";
-            var (fullName, email, desiredUsername) = ticketService.ParseApplicationFromDescription(description);
+            var (fullName, email, desiredUsername, role) = ticketService.ParseApplicationFromDescription(description);

            if (string.IsNullOrEmpty(fullName) || string.IsNullOrEmpty(email) || string.IsNullOrEmpty(desiredUsername))
                return Results.Problem("Could not parse applicant details from ticket description", statusCode: 422);

            // Generate confirmation token instead of provisioning immediately
-            var deployment = provisioningService.CreatePendingDeployment(desiredUsername, email, fullName, ticketId);
+            var deployment = provisioningService.CreatePendingDeployment(desiredUsername, email, fullName, ticketId, role);

            var siteBase = config["SiteBaseUrl"] ?? "https://silverlabs.uk";
            var confirmUrl = $"{siteBase}/developers/confirm/{deployment.Token}";

            // Send ticket reply with confirmation link
+            var giteaLine = string.Equals(role, "Developer", StringComparison.OrdinalIgnoreCase)
+                ? "\n- **Gitea**: Source code repository access"
+                : "";
+
            var replyContent = $"""
                Your application has been approved! To activate your accounts, please confirm your identity:

@@ -64,8 +68,7 @@ public static class DeveloperEndpoints

                Once confirmed, the following accounts will be created for you:
                - **Email**: {desiredUsername}@silverlabs.uk
-                - **Mattermost**: Team chat access
-                - **Gitea**: Source code repository access
+                - **Mattermost**: Team chat access{giteaLine}
                """;

            var (replyOk, replyMsg) = await provisioningService.SendTicketReplyAsync(ticketId, replyContent);
@@ -112,7 +115,15 @@ public static class DeveloperEndpoints

            // Provision all services with the user's password
            var (success, message) = await provisioningService.ProvisionWithPasswordAsync(
-                deployment.TicketId, deployment.Username, deployment.Email, deployment.FullName, request.Password);
+                deployment.TicketId, deployment.Username, deployment.Email, deployment.FullName, request.Password, deployment.Role);
+
+            var isDeveloper = string.Equals(deployment.Role, "Developer", StringComparison.OrdinalIgnoreCase);
+            var giteaSuccessSection = isDeveloper
+                ? $"\n\n**Gitea** (Source Code): [git.silverlabs.uk](https://git.silverlabs.uk)"
+                : "";
+            var giteaFailSection = isDeveloper
+                ? $"\n- **Gitea**: [git.silverlabs.uk](https://git.silverlabs.uk)"
+                : "";

            // Send follow-up ticket reply with results
            var resultContent = success
@@ -124,9 +135,7 @@ public static class DeveloperEndpoints
                    - IMAP: `mail.silverlined.uk:993` (SSL)
                    - SMTP: `mail.silverlined.uk:465` (SSL)

-                    **Mattermost** (Team Chat): [ops.silverlined.uk](https://ops.silverlined.uk)
-
-                    **Gitea** (Source Code): [git.silverlabs.uk](https://git.silverlabs.uk)
+                    **Mattermost** (Team Chat): [ops.silverlined.uk](https://ops.silverlined.uk){giteaSuccessSection}

                    **SilverDESK** (Support & Tickets): [silverdesk.silverlabs.uk](https://silverdesk.silverlabs.uk)

@@ -144,8 +153,7 @@ public static class DeveloperEndpoints

                    Once resolved, your services will be:
                    - **Email**: {deployment.Username}@silverlabs.uk — [mail.silverlined.uk](https://mail.silverlined.uk)
-                    - **Mattermost**: [ops.silverlined.uk](https://ops.silverlined.uk)
-                    - **Gitea**: [git.silverlabs.uk](https://git.silverlabs.uk)
+                    - **Mattermost**: [ops.silverlined.uk](https://ops.silverlined.uk){giteaFailSection}
                    """;

            await provisioningService.SendTicketReplyAsync(deployment.TicketId, resultContent, "close");