2021-01-04 13:52:13 +00:00
|
|
|
package query
|
|
|
|
|
|
|
|
|
|
import (
|
2021-02-23 14:13:04 +00:00
|
|
|
"github.com/caos/zitadel/internal/domain"
|
|
|
|
|
"github.com/caos/zitadel/internal/eventstore"
|
|
|
|
|
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
2021-01-04 13:52:13 +00:00
|
|
|
"github.com/caos/zitadel/internal/iam/model"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func readModelToIAM(readModel *ReadModel) *model.IAM {
|
|
|
|
|
return &model.IAM{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.ReadModel),
|
|
|
|
|
GlobalOrgID: readModel.GlobalOrgID,
|
|
|
|
|
IAMProjectID: readModel.ProjectID,
|
|
|
|
|
SetUpDone: readModel.SetUpDone,
|
|
|
|
|
SetUpStarted: readModel.SetUpStarted,
|
|
|
|
|
Members: readModelToMembers(&readModel.Members),
|
|
|
|
|
DefaultLabelPolicy: readModelToLabelPolicy(&readModel.DefaultLabelPolicy),
|
|
|
|
|
DefaultLoginPolicy: readModelToLoginPolicy(&readModel.DefaultLoginPolicy),
|
|
|
|
|
DefaultOrgIAMPolicy: readModelToOrgIAMPolicy(&readModel.DefaultOrgIAMPolicy),
|
|
|
|
|
DefaultPasswordAgePolicy: readModelToPasswordAgePolicy(&readModel.DefaultPasswordAgePolicy),
|
|
|
|
|
DefaultPasswordComplexityPolicy: readModelToPasswordComplexityPolicy(&readModel.DefaultPasswordComplexityPolicy),
|
|
|
|
|
DefaultPasswordLockoutPolicy: readModelToPasswordLockoutPolicy(&readModel.DefaultPasswordLockoutPolicy),
|
|
|
|
|
IDPs: readModelToIDPConfigs(&readModel.IDPs),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-05 08:33:45 +00:00
|
|
|
func readModelToIDPConfigView(rm *IAMIDPConfigReadModel) *domain.IDPConfigView {
|
|
|
|
|
converted := &domain.IDPConfigView{
|
|
|
|
|
AggregateID: rm.AggregateID,
|
|
|
|
|
ChangeDate: rm.ChangeDate,
|
|
|
|
|
CreationDate: rm.CreationDate,
|
|
|
|
|
IDPConfigID: rm.ConfigID,
|
|
|
|
|
IDPProviderType: rm.ProviderType,
|
|
|
|
|
IsOIDC: rm.OIDCConfig != nil,
|
|
|
|
|
Name: rm.Name,
|
|
|
|
|
Sequence: rm.ProcessedSequence,
|
|
|
|
|
State: rm.State,
|
|
|
|
|
StylingType: rm.StylingType,
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
2021-01-05 08:33:45 +00:00
|
|
|
if rm.OIDCConfig != nil {
|
|
|
|
|
converted.OIDCClientID = rm.OIDCConfig.ClientID
|
|
|
|
|
converted.OIDCClientSecret = rm.OIDCConfig.ClientSecret
|
|
|
|
|
converted.OIDCIDPDisplayNameMapping = rm.OIDCConfig.IDPDisplayNameMapping
|
|
|
|
|
converted.OIDCIssuer = rm.OIDCConfig.Issuer
|
|
|
|
|
converted.OIDCScopes = rm.OIDCConfig.Scopes
|
|
|
|
|
converted.OIDCUsernameMapping = rm.OIDCConfig.UserNameMapping
|
2021-07-06 14:39:48 +00:00
|
|
|
converted.OAuthAuthorizationEndpoint = rm.OIDCConfig.AuthorizationEndpoint
|
|
|
|
|
converted.OAuthTokenEndpoint = rm.OIDCConfig.TokenEndpoint
|
2021-01-05 08:33:45 +00:00
|
|
|
}
|
|
|
|
|
return converted
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToMember(readModel *MemberReadModel) *model.IAMMember {
|
|
|
|
|
return &model.IAMMember{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.ReadModel),
|
|
|
|
|
Roles: readModel.Roles,
|
|
|
|
|
UserID: readModel.UserID,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToMembers(readModel *IAMMembersReadModel) []*model.IAMMember {
|
|
|
|
|
members := make([]*model.IAMMember, len(readModel.Members))
|
|
|
|
|
|
|
|
|
|
for i, member := range readModel.Members {
|
|
|
|
|
members[i] = &model.IAMMember{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(member.ReadModel),
|
|
|
|
|
Roles: member.Roles,
|
|
|
|
|
UserID: member.UserID,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return members
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToLabelPolicy(readModel *IAMLabelPolicyReadModel) *model.LabelPolicy {
|
|
|
|
|
return &model.LabelPolicy{
|
feat: label policy (#1708)
* feat: label policy proto extension
* feat: label policy and activate event
* feat: label policy asset events
* feat: label policy asset commands
* feat: add storage key
* feat: storage key validation
* feat: label policy asset tests
* feat: label policy query side
* feat: avatar
* feat: avatar event
* feat: human avatar
* feat: avatar read side
* feat: font on iam label policy
* feat: label policy font
* feat: possiblity to create bucket on put file
* uplaoder
* login policy logo
* set bucket prefix
* feat: avatar upload
* feat: avatar upload
* feat: use assets on command side
* feat: fix human avatar removed event
* feat: remove human avatar
* feat: mock asset storage
* feat: remove human avatar
* fix(operator): add configuration of asset storage to zitadel operator
* feat(console): private labeling policy (#1697)
* private labeling component, routing, preview
* font, colors, upload, i18n
* show logo
* fix: uniqueness (#1710)
* fix: uniqueconstraint to lower
* feat: change org
* feat: org change test
* feat: change org
* fix: tests
* fix: handle domain claims correctly
* feat: update org
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: handle domain claimed event correctly for service users (#1711)
* fix: handle domain claimed event correctly on user view
* fix: ignore domain claimed events for email notifications
* fix: change org
* handle org changed in read models correctly
* fix: change org in user grant handler
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: correct value (#1695)
* docs(api): correct link (#1712)
* upload service
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: fix tests,
* feat: remove assets from label policy
* fix npm, set environment
* lint ts
* remove stylelinting
* fix(operator): add mapping for console with changed unit tests
* fix(operator): add secrets as env variables to pod
* feat: remove human avatar
* fix(operator): add secrets as env variables to pod
* feat: map label policy
* feat: labelpolicy, admin, mgmt, adv settings (#1715)
* fetch label policy, mgmt, admin service
* feat: advanced beh, links, add, update
* lint ts
* feat: watermark
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: custom css
* css
* css
* css
* css
* css
* getobject
* feat: dynamic handler
* feat: varibale css
* content info
* css overwrite
* feat: variablen css
* feat: generate css file
* feat: dark mode
* feat: dark mode
* fix logo css
* feat: upload logos
* dark mode with cookie
* feat: handle images in login
* avatar css and begin font
* feat: avatar
* feat: user avatar
* caching of static assets in login
* add avatar.js to main.html
* feat: header dont show logo if no url
* feat: label policy colors
* feat: mock asset storage
* feat: mock asset storage
* feat: fix tests
* feat: user avatar
* feat: header logo
* avatar
* avatar
* make it compatible with go 1.15
* feat: remove unused logos
* fix handler
* fix: styling error handling
* fonts
* fix: download func
* switch to mux
* fix: change upload api to assets
* fix build
* fix: download avatar
* fix: download logos
* fix: my avatar
* font
* fix: remove error msg popup possibility
* fix: docs
* fix: svalidate colors
* rem msg popup from frontend
* fix: email with private labeling
* fix: tests
* fix: email templates
* fix: change migration version
* fix: fix duplicate imports
* fix(console): assets, service url, upload, policy current and preview (#1781)
* upload endpoint, layout
* fetch current, preview, fix upload
* cleanup private labeling
* fix linting
* begin generated asset handler
* generate asset api in dockerfile
* features for label policy
* features for label policy
* features
* flag for asset generator
* change asset generator flag
* fix label policy view in grpc
* fix: layout, activate policy (#1786)
* theme switcher up on top
* change layout
* activate policy
* feat(console): label policy back color, layout (#1788)
* theme switcher up on top
* change layout
* activate policy
* fix overwrite value fc
* reset policy, reset service
* autosave policy, preview desc, layout impv
* layout, i18n
* background colors, inject material styles
* load images
* clean, lint
* fix layout
* set custom hex
* fix content size conversion
* remove font format in generated css
* fix features for assets
* fix(console): label policy colors, image downloads, preview (#1804)
* load images
* colors, images binding
* lint
* refresh emitter
* lint
* propagate font colors
* upload error handling
* label policy feature check
* add blob in csp for console
* log
* fix: feature edits for label policy, refresh state on upload (#1807)
* show error on load image, stop spinner
* fix merge
* fix migration versions
* fix assets
* fix csp
* fix background color
* scss
* fix build
* lint scss
* fix statik for console
* fix features check for label policy
* cleanup
* lint
* public links
* fix notifications
* public links
* feat: merge main
* feat: fix translation files
* fix migration
* set api domain
* fix logo in email
* font face in email
* font face in email
* validate assets on upload
* cleanup
* add missing translations
* add missing translations
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
2021-06-04 12:53:51 +00:00
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.LabelPolicyReadModel.ReadModel),
|
|
|
|
|
PrimaryColor: readModel.PrimaryColor,
|
|
|
|
|
BackgroundColor: readModel.BackgroundColor,
|
|
|
|
|
WarnColor: readModel.WarnColor,
|
|
|
|
|
FontColor: readModel.FontColor,
|
|
|
|
|
PrimaryColorDark: readModel.PrimaryColorDark,
|
|
|
|
|
BackgroundColorDark: readModel.BackgroundColorDark,
|
|
|
|
|
WarnColorDark: readModel.WarnColorDark,
|
|
|
|
|
FontColorDark: readModel.FontColorDark,
|
|
|
|
|
Default: true,
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToLoginPolicy(readModel *IAMLoginPolicyReadModel) *model.LoginPolicy {
|
|
|
|
|
return &model.LoginPolicy{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.LoginPolicyReadModel.ReadModel),
|
|
|
|
|
AllowExternalIdp: readModel.AllowExternalIDP,
|
|
|
|
|
AllowRegister: readModel.AllowRegister,
|
|
|
|
|
AllowUsernamePassword: readModel.AllowUserNamePassword,
|
|
|
|
|
Default: true,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
func readModelToOrgIAMPolicy(readModel *IAMOrgIAMPolicyReadModel) *model.OrgIAMPolicy {
|
|
|
|
|
return &model.OrgIAMPolicy{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.OrgIAMPolicyReadModel.ReadModel),
|
|
|
|
|
UserLoginMustBeDomain: readModel.UserLoginMustBeDomain,
|
|
|
|
|
Default: true,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
func readModelToPasswordAgePolicy(readModel *IAMPasswordAgePolicyReadModel) *model.PasswordAgePolicy {
|
|
|
|
|
return &model.PasswordAgePolicy{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.PasswordAgePolicyReadModel.ReadModel),
|
2021-03-01 07:48:50 +00:00
|
|
|
ExpireWarnDays: readModel.ExpireWarnDays,
|
|
|
|
|
MaxAgeDays: readModel.MaxAgeDays,
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
func readModelToPasswordComplexityPolicy(readModel *IAMPasswordComplexityPolicyReadModel) *model.PasswordComplexityPolicy {
|
|
|
|
|
return &model.PasswordComplexityPolicy{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.PasswordComplexityPolicyReadModel.ReadModel),
|
|
|
|
|
HasLowercase: readModel.HasLowercase,
|
|
|
|
|
HasNumber: readModel.HasNumber,
|
|
|
|
|
HasSymbol: readModel.HasSymbol,
|
|
|
|
|
HasUppercase: readModel.HasUpperCase,
|
2021-03-01 07:48:50 +00:00
|
|
|
MinLength: readModel.MinLength,
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
func readModelToPasswordLockoutPolicy(readModel *IAMPasswordLockoutPolicyReadModel) *model.PasswordLockoutPolicy {
|
|
|
|
|
return &model.PasswordLockoutPolicy{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(readModel.PasswordLockoutPolicyReadModel.ReadModel),
|
2021-03-01 07:48:50 +00:00
|
|
|
MaxAttempts: readModel.MaxAttempts,
|
2021-01-04 13:52:13 +00:00
|
|
|
ShowLockOutFailures: readModel.ShowLockOutFailures,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToIDPConfigs(rm *IAMIDPConfigsReadModel) []*model.IDPConfig {
|
|
|
|
|
configs := make([]*model.IDPConfig, len(rm.Configs))
|
|
|
|
|
for i, config := range rm.Configs {
|
|
|
|
|
configs[i] = readModelToIDPConfig(&IAMIDPConfigReadModel{IDPConfigReadModel: *config})
|
|
|
|
|
}
|
|
|
|
|
return configs
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToIDPConfig(rm *IAMIDPConfigReadModel) *model.IDPConfig {
|
|
|
|
|
return &model.IDPConfig{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(rm.ReadModel),
|
|
|
|
|
OIDCConfig: readModelToIDPOIDCConfig(rm.OIDCConfig),
|
|
|
|
|
IDPConfigID: rm.ConfigID,
|
|
|
|
|
Name: rm.Name,
|
|
|
|
|
State: model.IDPConfigState(rm.State),
|
|
|
|
|
StylingType: model.IDPStylingType(rm.StylingType),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToIDPOIDCConfig(rm *OIDCConfigReadModel) *model.OIDCIDPConfig {
|
|
|
|
|
return &model.OIDCIDPConfig{
|
|
|
|
|
ObjectRoot: readModelToObjectRoot(rm.ReadModel),
|
|
|
|
|
ClientID: rm.ClientID,
|
|
|
|
|
ClientSecret: rm.ClientSecret,
|
|
|
|
|
ClientSecretString: string(rm.ClientSecret.Crypted),
|
|
|
|
|
IDPConfigID: rm.IDPConfigID,
|
|
|
|
|
IDPDisplayNameMapping: model.OIDCMappingField(rm.IDPDisplayNameMapping),
|
|
|
|
|
Issuer: rm.Issuer,
|
|
|
|
|
Scopes: rm.Scopes,
|
|
|
|
|
UsernameMapping: model.OIDCMappingField(rm.UserNameMapping),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func readModelToObjectRoot(readModel eventstore.ReadModel) models.ObjectRoot {
|
|
|
|
|
return models.ObjectRoot{
|
|
|
|
|
AggregateID: readModel.AggregateID,
|
|
|
|
|
ChangeDate: readModel.ChangeDate,
|
|
|
|
|
CreationDate: readModel.CreationDate,
|
|
|
|
|
ResourceOwner: readModel.ResourceOwner,
|
|
|
|
|
Sequence: readModel.ProcessedSequence,
|
|
|
|
|
}
|
|
|
|
|
}
|