2021-01-04 13:52:13 +00:00
|
|
|
package command
|
|
|
|
|
|
|
|
import (
|
2021-02-23 14:13:04 +00:00
|
|
|
"github.com/caos/zitadel/internal/eventstore"
|
2021-01-12 11:59:51 +00:00
|
|
|
"strings"
|
|
|
|
|
2021-02-23 14:13:04 +00:00
|
|
|
"github.com/caos/zitadel/internal/domain"
|
2021-01-07 15:06:45 +00:00
|
|
|
caos_errors "github.com/caos/zitadel/internal/errors"
|
2021-02-23 14:13:04 +00:00
|
|
|
"github.com/caos/zitadel/internal/repository/user"
|
2021-01-04 13:52:13 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type UserWriteModel struct {
|
|
|
|
eventstore.WriteModel
|
|
|
|
|
|
|
|
UserName string
|
|
|
|
UserState domain.UserState
|
|
|
|
}
|
|
|
|
|
2021-01-12 11:59:51 +00:00
|
|
|
func NewUserWriteModel(userID, resourceOwner string) *UserWriteModel {
|
2021-01-04 13:52:13 +00:00
|
|
|
return &UserWriteModel{
|
|
|
|
WriteModel: eventstore.WriteModel{
|
2021-01-12 11:59:51 +00:00
|
|
|
AggregateID: userID,
|
|
|
|
ResourceOwner: resourceOwner,
|
2021-01-04 13:52:13 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (wm *UserWriteModel) Reduce() error {
|
|
|
|
for _, event := range wm.Events {
|
|
|
|
switch e := event.(type) {
|
|
|
|
case *user.HumanAddedEvent:
|
|
|
|
wm.UserName = e.UserName
|
2021-03-22 13:40:25 +00:00
|
|
|
wm.UserState = domain.UserStateActive
|
2021-01-04 13:52:13 +00:00
|
|
|
case *user.HumanRegisteredEvent:
|
|
|
|
wm.UserName = e.UserName
|
2021-03-22 13:40:25 +00:00
|
|
|
wm.UserState = domain.UserStateActive
|
|
|
|
case *user.HumanInitialCodeAddedEvent:
|
2021-01-04 13:52:13 +00:00
|
|
|
wm.UserState = domain.UserStateInitial
|
2021-02-08 10:30:30 +00:00
|
|
|
case *user.HumanInitializedCheckSucceededEvent:
|
|
|
|
wm.UserState = domain.UserStateActive
|
2021-01-04 13:52:13 +00:00
|
|
|
case *user.MachineAddedEvent:
|
|
|
|
wm.UserName = e.UserName
|
|
|
|
wm.UserState = domain.UserStateActive
|
2021-01-07 15:06:45 +00:00
|
|
|
case *user.UsernameChangedEvent:
|
|
|
|
wm.UserName = e.UserName
|
2021-01-04 13:52:13 +00:00
|
|
|
case *user.UserLockedEvent:
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
wm.UserState = domain.UserStateLocked
|
|
|
|
}
|
|
|
|
case *user.UserUnlockedEvent:
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
wm.UserState = domain.UserStateActive
|
|
|
|
}
|
|
|
|
case *user.UserDeactivatedEvent:
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
wm.UserState = domain.UserStateInactive
|
|
|
|
}
|
|
|
|
case *user.UserReactivatedEvent:
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
wm.UserState = domain.UserStateActive
|
|
|
|
}
|
|
|
|
case *user.UserRemovedEvent:
|
|
|
|
wm.UserState = domain.UserStateDeleted
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return wm.WriteModel.Reduce()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (wm *UserWriteModel) Query() *eventstore.SearchQueryBuilder {
|
2021-01-28 05:35:26 +00:00
|
|
|
query := eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent, user.AggregateType).
|
2021-02-18 13:48:27 +00:00
|
|
|
AggregateIDs(wm.AggregateID).
|
|
|
|
EventTypes(
|
|
|
|
user.HumanAddedType,
|
|
|
|
user.HumanRegisteredType,
|
|
|
|
user.HumanInitializedCheckSucceededType,
|
|
|
|
user.MachineAddedEventType,
|
|
|
|
user.UserUserNameChangedType,
|
|
|
|
user.MachineChangedEventType,
|
|
|
|
user.UserLockedType,
|
|
|
|
user.UserUnlockedType,
|
|
|
|
user.UserDeactivatedType,
|
|
|
|
user.UserReactivatedType,
|
2021-04-06 07:57:58 +00:00
|
|
|
user.UserRemovedType,
|
|
|
|
user.UserV1AddedType,
|
|
|
|
user.UserV1RegisteredType,
|
|
|
|
user.UserV1InitializedCheckSucceededType)
|
2021-01-28 05:35:26 +00:00
|
|
|
if wm.ResourceOwner != "" {
|
|
|
|
query.ResourceOwner(wm.ResourceOwner)
|
|
|
|
}
|
|
|
|
return query
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
2021-02-18 13:48:27 +00:00
|
|
|
func UserAggregateFromWriteModel(wm *eventstore.WriteModel) *eventstore.Aggregate {
|
|
|
|
return eventstore.AggregateFromWriteModel(wm, user.AggregateType, user.AggregateVersion)
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
2021-01-07 15:06:45 +00:00
|
|
|
|
|
|
|
func CheckOrgIAMPolicyForUserName(userName string, policy *domain.OrgIAMPolicy) error {
|
|
|
|
if policy == nil {
|
|
|
|
return caos_errors.ThrowPreconditionFailed(nil, "COMMAND-3Mb9s", "Errors.Users.OrgIamPolicyNil")
|
|
|
|
}
|
|
|
|
if policy.UserLoginMustBeDomain && strings.Contains(userName, "@") {
|
|
|
|
return caos_errors.ThrowPreconditionFailed(nil, "COMMAND-4M9vs", "Errors.User.EmailAsUsernameNotAllowed")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
2021-02-18 13:48:27 +00:00
|
|
|
|
|
|
|
func isUserStateExists(state domain.UserState) bool {
|
|
|
|
return !hasUserState(state, domain.UserStateDeleted, domain.UserStateUnspecified)
|
|
|
|
}
|
|
|
|
|
|
|
|
func isUserStateInactive(state domain.UserState) bool {
|
|
|
|
return hasUserState(state, domain.UserStateInactive)
|
|
|
|
}
|
|
|
|
|
|
|
|
func hasUserState(check domain.UserState, states ...domain.UserState) bool {
|
|
|
|
for _, state := range states {
|
|
|
|
if check == state {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
}
|