[Extensions] Filter internal users for Service Accounts and add associated API

[stephen-crawford]

As a follow-up to #2594, a filtering option can be added to the existing internal users functionality. The filtering should allow a client to fetch just true internal user (not service) accounts or just service accounts. This filtering should be applied to the backend as well as the internal users list capabilities of the frontend code. An API route will need to be added to the handleGet method of the internalUsersAPI since there is not currently group filtering functionality.

The backend logic can look something like this inside the UserService:

public static List<String> listServiceAccounts() {

        final SecurityDynamicConfiguration<?> internalUsersConfiguration = load(getConfigName(), false);

        List<String> serviceAccounts = new ArrayList<>();
        for (Map.Entry<String, ?> entry : internalUsersConfiguration.getCEntries().entrySet()) {

            final InternalUserV7 internalUserEntry = (InternalUserV7) entry.getValue();
            final Map accountAttributes = internalUserEntry.getAttributes();
            final String accountName = entry.getKey();
            if (accountAttributes.containsKey("service") && accountAttributes.get("service") == "true") {
                serviceAccounts.add(accountName);
            }
        }
        return serviceAccounts;
    }

    public static List<String> listInternalUsers() {

        final SecurityDynamicConfiguration<?> internalUsersConfiguration = load(getConfigName(), false);

        List<String> internalUserAccounts = new ArrayList<>();
        for (Map.Entry<String, ?> entry : internalUsersConfiguration.getCEntries().entrySet()) {

            final InternalUserV7 internalUserEntry = (InternalUserV7) entry.getValue();
            final Map accountAttributes = internalUserEntry.getAttributes();
            final String accountName = entry.getKey();
            if (!accountAttributes.containsKey("service") || accountAttributes.get("service") == "false") {
                internalUserAccounts.add(accountName);
            }
        }
        return internalUserAccounts;
    }

    public static Set<String> listUserAccounts() {

        final SecurityDynamicConfiguration<?> internalUsersConfiguration = load(getConfigName(), false);
        return internalUsersConfiguration.getCEntries().keySet();
    }

For the frontend logic, the PR will need to extend the existing code that fetches the internal users and displays it as part of the Security tab.

Completion of this issue should look like two PR:

One in the backend code base that introduces the filtering capabilities shown above as well as the associated API routes.
One in the frontend code base that updates the internal users tab to allow for filtering the shown users based on whether they are service accounts or not.

[samuelcostae]

Hi @scrawfor99

The preliminary code that you provided in the issue description returns only the list of names of the accounts of the specified type, but the existing implementations on internalUsersAPI return the full account details.

Can you confirm if the objective on this is
1 - Just return the list of names
2 - Return the full account details.

I believe the latter is more appropriate to keep in line with existing functionality, but just want to confirm.

Thanks

[samuelcostae]

Confirmed during last week's call that the full account details is the correct approach. PR was refactored to reflect this