zitadel/internal/v2/command/user_human.go

package command

import (
	"context"
	caos_errs "github.com/caos/zitadel/internal/errors"
	"github.com/caos/zitadel/internal/v2/domain"
	"github.com/caos/zitadel/internal/v2/repository/user"
)

func (r *CommandSide) AddHuman(ctx context.Context, orgID, username string, human *domain.Human) (*domain.Human, error) {
	if !human.IsValid() {
		return nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-4M90d", "Errors.User.Invalid")
	}
	userID, err := r.idGenerator.Next()
	if err != nil {
		return nil, err
	}
	human.AggregateID = userID
	orgIAMPolicy, err := r.GetOrgIAMPolicy(ctx, orgID)
	if err != nil {
		return nil, err
	}
	pwPolicy, err := r.GetOrgPasswordComplexityPolicy(ctx, orgID)
	if err != nil {
		return nil, err
	}

	addedHuman := NewHumanWriteModel(human.AggregateID)
	//TODO: Check Unique Username
	human.CheckOrgIAMPolicy(username, orgIAMPolicy)
	human.SetNamesAsDisplayname()
	human.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg, true)

	userAgg := UserAggregateFromWriteModel(&addedHuman.WriteModel)
	addEvent := user.NewHumanAddedEvent(
		ctx,
		username,
		human.FirstName,
		human.LastName,
		human.NickName,
		human.DisplayName,
		human.PreferredLanguage,
		human.Gender,
		human.EmailAddress,
	)
	if human.Phone != nil {
		addEvent.AddPhoneData(human.PhoneNumber)
	}
	if human.Address != nil {
		addEvent.AddAddressData(
			human.Country,
			human.Locality,
			human.PostalCode,
			human.Region,
			human.StreetAddress)
	}
	if human.Password != nil {
		addEvent.AddPasswordData(human.SecretCrypto, human.ChangeRequired)
	}
	userAgg.PushEvents(addEvent)

	if human.IsInitialState() {
		initCode, err := domain.NewInitUserCode(r.initializeUserCode)
		if err != nil {
			return nil, err
		}
		user.NewHumanInitialCodeAddedEvent(ctx, initCode.Code, initCode.Expiry)
	}
	if human.Email != nil && human.EmailAddress != "" && human.IsEmailVerified {
		userAgg.PushEvents(user.NewHumanEmailVerifiedEvent(ctx))
	}
	if human.Phone != nil && human.PhoneNumber != "" && !human.IsPhoneVerified {
		phoneCode, err := domain.NewPhoneCode(r.phoneVerificationCode)
		if err != nil {
			return nil, err
		}
		user.NewHumanPhoneCodeAddedEvent(ctx, phoneCode.Code, phoneCode.Expiry)
	} else if human.Phone != nil && human.PhoneNumber != "" && human.IsPhoneVerified {
		userAgg.PushEvents(user.NewHumanPhoneVerifiedEvent(ctx))
	}

	err = r.eventstore.PushAggregate(ctx, addedHuman, userAgg)
	if err != nil {
		return nil, err
	}

	return writeModelToHuman(addedHuman), nil
}

func (r *CommandSide) RegisterHuman(ctx context.Context, orgID, username string, human *domain.Human, externalIDP *domain.ExternalIDP) (*domain.Human, error) {
	if !human.IsValid() || externalIDP == nil && (human.Password == nil || human.SecretString == "") {
		return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-9dk45", "Errors.User.Invalid")
	}
	userID, err := r.idGenerator.Next()
	if err != nil {
		return nil, err
	}
	human.AggregateID = userID
	orgIAMPolicy, err := r.GetOrgIAMPolicy(ctx, orgID)
	if err != nil {
		return nil, err
	}
	pwPolicy, err := r.GetOrgPasswordComplexityPolicy(ctx, orgID)
	if err != nil {
		return nil, err
	}

	addedHuman := NewHumanWriteModel(human.AggregateID)
	//TODO: Check Unique Username or unique external idp
	human.CheckOrgIAMPolicy(username, orgIAMPolicy)
	human.SetNamesAsDisplayname()
	human.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg, true)

	userAgg := UserAggregateFromWriteModel(&addedHuman.WriteModel)
	addEvent := user.NewHumanRegisteredEvent(
		ctx,
		username,
		human.FirstName,
		human.LastName,
		human.NickName,
		human.DisplayName,
		human.PreferredLanguage,
		human.Gender,
		human.EmailAddress,
	)
	if human.Phone != nil {
		addEvent.AddPhoneData(human.PhoneNumber)
	}
	if human.Address != nil {
		addEvent.AddAddressData(
			human.Country,
			human.Locality,
			human.PostalCode,
			human.Region,
			human.StreetAddress)
	}
	if human.Password != nil {
		addEvent.AddPasswordData(human.SecretCrypto, human.ChangeRequired)
	}
	userAgg.PushEvents(addEvent)
	//TODO: Add External IDP Event
	if human.IsInitialState() {
		initCode, err := domain.NewInitUserCode(r.initializeUserCode)
		if err != nil {
			return nil, err
		}
		user.NewHumanInitialCodeAddedEvent(ctx, initCode.Code, initCode.Expiry)
	}

	if human.Email != nil && human.EmailAddress != "" && human.IsEmailVerified {
		userAgg.PushEvents(user.NewHumanEmailVerifiedEvent(ctx))
	}
	if human.Phone != nil && human.PhoneNumber != "" && !human.IsPhoneVerified {
		phoneCode, err := domain.NewPhoneCode(r.phoneVerificationCode)
		if err != nil {
			return nil, err
		}
		user.NewHumanPhoneCodeAddedEvent(ctx, phoneCode.Code, phoneCode.Expiry)
	}

	err = r.eventstore.PushAggregate(ctx, addedHuman, userAgg)
	if err != nil {
		return nil, err
	}

	return writeModelToHuman(addedHuman), nil
}
new pkg structure (#1150) * fix: split command query side * fix: split command query side * fix: members in correct pkg structure * fix: label policy in correct pkg structure * fix: structure * fix: structure of login policy * fix: identityprovider structure * fix: org iam policy structure * fix: password age policy structure * fix: password complexity policy structure * fix: password lockout policy structure * fix: idp structure * fix: user events structure * fix: user write model * fix: profile email changed command * fix: address changed command * fix: user states * fix: user * fix: org structure and add human * begin iam setup command side * setup * step2 * step2 * fix: add user * step2 * isvalid * fix: folder structure v2 business Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> 2021-01-04 14:52:13 +01:00			`package command`

			`import (`
			`"context"`
			`caos_errs "github.com/caos/zitadel/internal/errors"`
			`"github.com/caos/zitadel/internal/v2/domain"`
			`"github.com/caos/zitadel/internal/v2/repository/user"`
			`)`

fix: use domain models for v2 eventstore (#1151) * fix: use domain models for v2 eventstore * fix: user domain model * Update internal/api/grpc/admin/login_policy_converter.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: converter Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-05 09:33:45 +01:00			`func (r CommandSide) AddHuman(ctx context.Context, orgID, username string, human domain.Human) (*domain.Human, error) {`
new pkg structure (#1150) * fix: split command query side * fix: split command query side * fix: members in correct pkg structure * fix: label policy in correct pkg structure * fix: structure * fix: structure of login policy * fix: identityprovider structure * fix: org iam policy structure * fix: password age policy structure * fix: password complexity policy structure * fix: password lockout policy structure * fix: idp structure * fix: user events structure * fix: user write model * fix: profile email changed command * fix: address changed command * fix: user states * fix: user * fix: org structure and add human * begin iam setup command side * setup * step2 * step2 * fix: add user * step2 * isvalid * fix: folder structure v2 business Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> 2021-01-04 14:52:13 +01:00			`if !human.IsValid() {`
			`return nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-4M90d", "Errors.User.Invalid")`
			`}`
			`userID, err := r.idGenerator.Next()`
			`if err != nil {`
			`return nil, err`
			`}`
			`human.AggregateID = userID`
			`orgIAMPolicy, err := r.GetOrgIAMPolicy(ctx, orgID)`
			`if err != nil {`
			`return nil, err`
			`}`
fix: use domain models for v2 eventstore (#1151) * fix: use domain models for v2 eventstore * fix: user domain model * Update internal/api/grpc/admin/login_policy_converter.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: converter Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-05 09:33:45 +01:00			`pwPolicy, err := r.GetOrgPasswordComplexityPolicy(ctx, orgID)`
			`if err != nil {`
			`return nil, err`
			`}`
new pkg structure (#1150) * fix: split command query side * fix: split command query side * fix: members in correct pkg structure * fix: label policy in correct pkg structure * fix: structure * fix: structure of login policy * fix: identityprovider structure * fix: org iam policy structure * fix: password age policy structure * fix: password complexity policy structure * fix: password lockout policy structure * fix: idp structure * fix: user events structure * fix: user write model * fix: profile email changed command * fix: address changed command * fix: user states * fix: user * fix: org structure and add human * begin iam setup command side * setup * step2 * step2 * fix: add user * step2 * isvalid * fix: folder structure v2 business Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> 2021-01-04 14:52:13 +01:00
			`addedHuman := NewHumanWriteModel(human.AggregateID)`
			`//TODO: Check Unique Username`
			`human.CheckOrgIAMPolicy(username, orgIAMPolicy)`
			`human.SetNamesAsDisplayname()`
fix: use domain models for v2 eventstore (#1151) * fix: use domain models for v2 eventstore * fix: user domain model * Update internal/api/grpc/admin/login_policy_converter.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: converter Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-05 09:33:45 +01:00			`human.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg, true)`
new pkg structure (#1150) * fix: split command query side * fix: split command query side * fix: members in correct pkg structure * fix: label policy in correct pkg structure * fix: structure * fix: structure of login policy * fix: identityprovider structure * fix: org iam policy structure * fix: password age policy structure * fix: password complexity policy structure * fix: password lockout policy structure * fix: idp structure * fix: user events structure * fix: user write model * fix: profile email changed command * fix: address changed command * fix: user states * fix: user * fix: org structure and add human * begin iam setup command side * setup * step2 * step2 * fix: add user * step2 * isvalid * fix: folder structure v2 business Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> 2021-01-04 14:52:13 +01:00
			`userAgg := UserAggregateFromWriteModel(&addedHuman.WriteModel)`
feat: New user (#1153) * fix: use pointer in events * fix: change user requests to command side * fix: org policy * fix: profile 2021-01-06 11:12:56 +01:00			`addEvent := user.NewHumanAddedEvent(`
			`ctx,`
			`username,`
			`human.FirstName,`
			`human.LastName,`
			`human.NickName,`
			`human.DisplayName,`
			`human.PreferredLanguage,`
			`human.Gender,`
			`human.EmailAddress,`
			`)`
			`if human.Phone != nil {`
			`addEvent.AddPhoneData(human.PhoneNumber)`
			`}`
			`if human.Address != nil {`
			`addEvent.AddAddressData(`
new pkg structure (#1150) * fix: split command query side * fix: split command query side * fix: members in correct pkg structure * fix: label policy in correct pkg structure * fix: structure * fix: structure of login policy * fix: identityprovider structure * fix: org iam policy structure * fix: password age policy structure * fix: password complexity policy structure * fix: password lockout policy structure * fix: idp structure * fix: user events structure * fix: user write model * fix: profile email changed command * fix: address changed command * fix: user states * fix: user * fix: org structure and add human * begin iam setup command side * setup * step2 * step2 * fix: add user * step2 * isvalid * fix: folder structure v2 business Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> 2021-01-04 14:52:13 +01:00			`human.Country,`
			`human.Locality,`
			`human.PostalCode,`
			`human.Region,`
feat: New user (#1153) * fix: use pointer in events * fix: change user requests to command side * fix: org policy * fix: profile 2021-01-06 11:12:56 +01:00			`human.StreetAddress)`
			`}`
			`if human.Password != nil {`
			`addEvent.AddPasswordData(human.SecretCrypto, human.ChangeRequired)`
			`}`
			`userAgg.PushEvents(addEvent)`

			`if human.IsInitialState() {`
			`initCode, err := domain.NewInitUserCode(r.initializeUserCode)`
			`if err != nil {`
			`return nil, err`
			`}`
			`user.NewHumanInitialCodeAddedEvent(ctx, initCode.Code, initCode.Expiry)`
			`}`
new pkg structure (#1150) * fix: split command query side * fix: split command query side * fix: members in correct pkg structure * fix: label policy in correct pkg structure * fix: structure * fix: structure of login policy * fix: identityprovider structure * fix: org iam policy structure * fix: password age policy structure * fix: password complexity policy structure * fix: password lockout policy structure * fix: idp structure * fix: user events structure * fix: user write model * fix: profile email changed command * fix: address changed command * fix: user states * fix: user * fix: org structure and add human * begin iam setup command side * setup * step2 * step2 * fix: add user * step2 * isvalid * fix: folder structure v2 business Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> 2021-01-04 14:52:13 +01:00			`if human.Email != nil && human.EmailAddress != "" && human.IsEmailVerified {`
			`userAgg.PushEvents(user.NewHumanEmailVerifiedEvent(ctx))`
			`}`
feat: New user (#1153) * fix: use pointer in events * fix: change user requests to command side * fix: org policy * fix: profile 2021-01-06 11:12:56 +01:00			`if human.Phone != nil && human.PhoneNumber != "" && !human.IsPhoneVerified {`
			`phoneCode, err := domain.NewPhoneCode(r.phoneVerificationCode)`
			`if err != nil {`
			`return nil, err`
			`}`
			`user.NewHumanPhoneCodeAddedEvent(ctx, phoneCode.Code, phoneCode.Expiry)`
			`} else if human.Phone != nil && human.PhoneNumber != "" && human.IsPhoneVerified {`
new pkg structure (#1150) * fix: split command query side * fix: split command query side * fix: members in correct pkg structure * fix: label policy in correct pkg structure * fix: structure * fix: structure of login policy * fix: identityprovider structure * fix: org iam policy structure * fix: password age policy structure * fix: password complexity policy structure * fix: password lockout policy structure * fix: idp structure * fix: user events structure * fix: user write model * fix: profile email changed command * fix: address changed command * fix: user states * fix: user * fix: org structure and add human * begin iam setup command side * setup * step2 * step2 * fix: add user * step2 * isvalid * fix: folder structure v2 business Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> 2021-01-04 14:52:13 +01:00			`userAgg.PushEvents(user.NewHumanPhoneVerifiedEvent(ctx))`
			`}`

			`err = r.eventstore.PushAggregate(ctx, addedHuman, userAgg)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return writeModelToHuman(addedHuman), nil`
			`}`
feat: New user (#1153) * fix: use pointer in events * fix: change user requests to command side * fix: org policy * fix: profile 2021-01-06 11:12:56 +01:00
			`func (r CommandSide) RegisterHuman(ctx context.Context, orgID, username string, human domain.Human, externalIDP domain.ExternalIDP) (domain.Human, error) {`
			`if !human.IsValid() \|\| externalIDP == nil && (human.Password == nil \|\| human.SecretString == "") {`
			`return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-9dk45", "Errors.User.Invalid")`
			`}`
			`userID, err := r.idGenerator.Next()`
			`if err != nil {`
			`return nil, err`
			`}`
			`human.AggregateID = userID`
			`orgIAMPolicy, err := r.GetOrgIAMPolicy(ctx, orgID)`
			`if err != nil {`
			`return nil, err`
			`}`
			`pwPolicy, err := r.GetOrgPasswordComplexityPolicy(ctx, orgID)`
			`if err != nil {`
			`return nil, err`
			`}`

			`addedHuman := NewHumanWriteModel(human.AggregateID)`
			`//TODO: Check Unique Username or unique external idp`
			`human.CheckOrgIAMPolicy(username, orgIAMPolicy)`
			`human.SetNamesAsDisplayname()`
			`human.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg, true)`

			`userAgg := UserAggregateFromWriteModel(&addedHuman.WriteModel)`
			`addEvent := user.NewHumanRegisteredEvent(`
			`ctx,`
			`username,`
			`human.FirstName,`
			`human.LastName,`
			`human.NickName,`
			`human.DisplayName,`
			`human.PreferredLanguage,`
			`human.Gender,`
			`human.EmailAddress,`
			`)`
			`if human.Phone != nil {`
			`addEvent.AddPhoneData(human.PhoneNumber)`
			`}`
			`if human.Address != nil {`
			`addEvent.AddAddressData(`
			`human.Country,`
			`human.Locality,`
			`human.PostalCode,`
			`human.Region,`
			`human.StreetAddress)`
			`}`
			`if human.Password != nil {`
			`addEvent.AddPasswordData(human.SecretCrypto, human.ChangeRequired)`
			`}`
			`userAgg.PushEvents(addEvent)`
			`//TODO: Add External IDP Event`
			`if human.IsInitialState() {`
			`initCode, err := domain.NewInitUserCode(r.initializeUserCode)`
			`if err != nil {`
			`return nil, err`
			`}`
			`user.NewHumanInitialCodeAddedEvent(ctx, initCode.Code, initCode.Expiry)`
			`}`

			`if human.Email != nil && human.EmailAddress != "" && human.IsEmailVerified {`
			`userAgg.PushEvents(user.NewHumanEmailVerifiedEvent(ctx))`
			`}`
			`if human.Phone != nil && human.PhoneNumber != "" && !human.IsPhoneVerified {`
			`phoneCode, err := domain.NewPhoneCode(r.phoneVerificationCode)`
			`if err != nil {`
			`return nil, err`
			`}`
			`user.NewHumanPhoneCodeAddedEvent(ctx, phoneCode.Code, phoneCode.Expiry)`
			`}`

			`err = r.eventstore.PushAggregate(ctx, addedHuman, userAgg)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return writeModelToHuman(addedHuman), nil`
			`}`