From b83a448e94c6558ae8657545badb947d93784d2a Mon Sep 17 00:00:00 2001
From: dettlaff <dettlaff@riseup.net>
Date: Mon, 23 Dec 2024 16:47:35 +0400
Subject: [PATCH] fix: from review

---
 nixos/module.nix                                      |  2 +-
 selfprivacy_api/actions/users.py                      | 11 +++++------
 .../repositories/users/kanidm_user_repository.py      |  2 +-
 3 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/nixos/module.nix b/nixos/module.nix
index 3208501..35bea4e 100644
--- a/nixos/module.nix
+++ b/nixos/module.nix
@@ -82,7 +82,7 @@ in
         pkgs.util-linux
         pkgs.e2fsprogs
         pkgs.iproute2
-          pkgs.kanidm
+        pkgs.kanidm
       ];
       after = [ "network-online.target" ];
       wants = [ "network-online.target" ];
diff --git a/selfprivacy_api/actions/users.py b/selfprivacy_api/actions/users.py
index d142c2d..bf1e571 100644
--- a/selfprivacy_api/actions/users.py
+++ b/selfprivacy_api/actions/users.py
@@ -9,7 +9,7 @@ from selfprivacy_api.utils.strings import PLEASE_UPDATE_APP_TEXT
 from selfprivacy_api.models.group import Group
 from selfprivacy_api.models.user import UserDataUser, UserDataUserOrigin
 
-from selfprivacy_api.utils import is_username_forbidden
+from selfprivacy_api.utils import get_domain, is_username_forbidden
 from selfprivacy_api.actions.ssh import get_ssh_keys
 
 
@@ -27,8 +27,9 @@ from selfprivacy_api.repositories.users.exceptions import (
     InvalidConfiguration,
 )
 
+domain = get_domain()
 
-DEFAULT_GROUPS = ["idm_all_persons@bloodwine.cyou", "idm_all_accounts@bloodwine.cyou"]
+DEFAULT_GROUPS = [f"idm_all_persons@{domain}", "idm_all_accounts@{domain}"]
 
 logger = logging.getLogger(__name__)
 
@@ -89,9 +90,7 @@ def create_user(
     if password:
         logger.error(PLEASE_UPDATE_APP_TEXT)
 
-    if (
-        displayname and len(displayname) >= 32
-    ):  # we don't know the limitations of each service
+    if displayname and len(displayname) >= 255:
         raise DisplaynameTooLong
 
     # need to maintain the logic of the old repository, since ssh management uses it.
@@ -148,7 +147,7 @@ def update_user(
     if displayname:
         if isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):
             raise ApiUsingWrongUserRepository
-        if len(displayname) >= 512:  # we don't know the limitations of each service
+        if len(displayname) >= 255:
             raise DisplaynameTooLong
 
         ACTIVE_USERS_PROVIDER.update_user(
diff --git a/selfprivacy_api/repositories/users/kanidm_user_repository.py b/selfprivacy_api/repositories/users/kanidm_user_repository.py
index fd15657..9d8303b 100644
--- a/selfprivacy_api/repositories/users/kanidm_user_repository.py
+++ b/selfprivacy_api/repositories/users/kanidm_user_repository.py
@@ -32,7 +32,7 @@ from selfprivacy_api.repositories.users.abstract_user_repository import (
 REDIS_TOKEN_KEY = "kanidm:token"
 
 KANIDM_URL = "https://127.0.0.1:3013"
-ADMIN_GROUPS = ["idm_admins@bloodwine.cyou"]
+ADMIN_GROUPS = ["sp.admin"]
 
 redis = RedisPool().get_connection()