2022-02-08 08:37:28 +00:00
|
|
|
package projection
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
|
2022-08-31 07:52:43 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/database"
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore/handler"
|
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore/handler/crdb"
|
2022-10-20 12:36:52 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/repository/instance"
|
2022-11-30 16:01:17 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/repository/org"
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/repository/user"
|
2022-02-08 08:37:28 +00:00
|
|
|
)
|
|
|
|
|
|
2022-03-23 08:02:39 +00:00
|
|
|
const (
|
2022-11-30 16:01:17 +00:00
|
|
|
PersonalAccessTokenProjectionTable = "projections.personal_access_tokens3"
|
2022-03-23 08:02:39 +00:00
|
|
|
|
|
|
|
|
PersonalAccessTokenColumnID = "id"
|
|
|
|
|
PersonalAccessTokenColumnCreationDate = "creation_date"
|
|
|
|
|
PersonalAccessTokenColumnChangeDate = "change_date"
|
|
|
|
|
PersonalAccessTokenColumnSequence = "sequence"
|
|
|
|
|
PersonalAccessTokenColumnResourceOwner = "resource_owner"
|
|
|
|
|
PersonalAccessTokenColumnInstanceID = "instance_id"
|
|
|
|
|
PersonalAccessTokenColumnUserID = "user_id"
|
|
|
|
|
PersonalAccessTokenColumnExpiration = "expiration"
|
|
|
|
|
PersonalAccessTokenColumnScopes = "scopes"
|
2022-11-30 16:01:17 +00:00
|
|
|
PersonalAccessTokenColumnOwnerRemoved = "owner_removed"
|
2022-03-23 08:02:39 +00:00
|
|
|
)
|
|
|
|
|
|
2022-06-14 05:51:00 +00:00
|
|
|
type personalAccessTokenProjection struct {
|
2022-02-08 08:37:28 +00:00
|
|
|
crdb.StatementHandler
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-14 05:51:00 +00:00
|
|
|
func newPersonalAccessTokenProjection(ctx context.Context, config crdb.StatementHandlerConfig) *personalAccessTokenProjection {
|
|
|
|
|
p := new(personalAccessTokenProjection)
|
2022-02-08 08:37:28 +00:00
|
|
|
config.ProjectionName = PersonalAccessTokenProjectionTable
|
|
|
|
|
config.Reducers = p.reducers()
|
2022-03-23 08:02:39 +00:00
|
|
|
config.InitCheck = crdb.NewTableCheck(
|
|
|
|
|
crdb.NewTable([]*crdb.Column{
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnID, crdb.ColumnTypeText),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnCreationDate, crdb.ColumnTypeTimestamp),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnChangeDate, crdb.ColumnTypeTimestamp),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnSequence, crdb.ColumnTypeInt64),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnResourceOwner, crdb.ColumnTypeText),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnInstanceID, crdb.ColumnTypeText),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnUserID, crdb.ColumnTypeText),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnExpiration, crdb.ColumnTypeTimestamp),
|
|
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnScopes, crdb.ColumnTypeTextArray, crdb.Nullable()),
|
2022-11-30 16:01:17 +00:00
|
|
|
crdb.NewColumn(PersonalAccessTokenColumnOwnerRemoved, crdb.ColumnTypeBool, crdb.Default(false)),
|
2022-03-23 08:02:39 +00:00
|
|
|
},
|
|
|
|
|
crdb.NewPrimaryKey(PersonalAccessTokenColumnInstanceID, PersonalAccessTokenColumnID),
|
2022-11-30 16:01:17 +00:00
|
|
|
crdb.WithIndex(crdb.NewIndex("user_id", []string{PersonalAccessTokenColumnUserID})),
|
|
|
|
|
crdb.WithIndex(crdb.NewIndex("resource_owner", []string{PersonalAccessTokenColumnResourceOwner})),
|
|
|
|
|
crdb.WithIndex(crdb.NewIndex("owner_removed", []string{PersonalAccessTokenColumnOwnerRemoved})),
|
2022-03-23 08:02:39 +00:00
|
|
|
),
|
|
|
|
|
)
|
|
|
|
|
|
2022-02-08 08:37:28 +00:00
|
|
|
p.StatementHandler = crdb.NewStatementHandler(ctx, config)
|
|
|
|
|
return p
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-14 05:51:00 +00:00
|
|
|
func (p *personalAccessTokenProjection) reducers() []handler.AggregateReducer {
|
2022-02-08 08:37:28 +00:00
|
|
|
return []handler.AggregateReducer{
|
|
|
|
|
{
|
|
|
|
|
Aggregate: user.AggregateType,
|
|
|
|
|
EventRedusers: []handler.EventReducer{
|
|
|
|
|
{
|
|
|
|
|
Event: user.PersonalAccessTokenAddedType,
|
|
|
|
|
Reduce: p.reducePersonalAccessTokenAdded,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Event: user.PersonalAccessTokenRemovedType,
|
|
|
|
|
Reduce: p.reducePersonalAccessTokenRemoved,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Event: user.UserRemovedType,
|
|
|
|
|
Reduce: p.reduceUserRemoved,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2022-11-30 16:01:17 +00:00
|
|
|
{
|
|
|
|
|
Aggregate: org.AggregateType,
|
|
|
|
|
EventRedusers: []handler.EventReducer{
|
|
|
|
|
{
|
|
|
|
|
Event: org.OrgRemovedEventType,
|
|
|
|
|
Reduce: p.reduceOwnerRemoved,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2022-10-20 12:36:52 +00:00
|
|
|
{
|
|
|
|
|
Aggregate: instance.AggregateType,
|
|
|
|
|
EventRedusers: []handler.EventReducer{
|
|
|
|
|
{
|
|
|
|
|
Event: instance.InstanceRemovedEventType,
|
|
|
|
|
Reduce: reduceInstanceRemovedHelper(PersonalAccessTokenColumnInstanceID),
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
2022-02-08 08:37:28 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-14 05:51:00 +00:00
|
|
|
func (p *personalAccessTokenProjection) reducePersonalAccessTokenAdded(event eventstore.Event) (*handler.Statement, error) {
|
2022-02-08 08:37:28 +00:00
|
|
|
e, ok := event.(*user.PersonalAccessTokenAddedEvent)
|
|
|
|
|
if !ok {
|
2022-03-23 08:02:39 +00:00
|
|
|
return nil, errors.ThrowInvalidArgumentf(nil, "HANDL-DVgf7", "reduce.wrong.event.type %s", user.PersonalAccessTokenAddedType)
|
2022-02-08 08:37:28 +00:00
|
|
|
}
|
|
|
|
|
return crdb.NewCreateStatement(
|
|
|
|
|
e,
|
|
|
|
|
[]handler.Column{
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnID, e.TokenID),
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnCreationDate, e.CreationDate()),
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnChangeDate, e.CreationDate()),
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnResourceOwner, e.Aggregate().ResourceOwner),
|
2022-03-23 08:02:39 +00:00
|
|
|
handler.NewCol(PersonalAccessTokenColumnInstanceID, e.Aggregate().InstanceID),
|
2022-02-08 08:37:28 +00:00
|
|
|
handler.NewCol(PersonalAccessTokenColumnSequence, e.Sequence()),
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnUserID, e.Aggregate().ID),
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnExpiration, e.Expiration),
|
2022-08-31 07:52:43 +00:00
|
|
|
handler.NewCol(PersonalAccessTokenColumnScopes, database.StringArray(e.Scopes)),
|
2022-02-08 08:37:28 +00:00
|
|
|
},
|
|
|
|
|
), nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-14 05:51:00 +00:00
|
|
|
func (p *personalAccessTokenProjection) reducePersonalAccessTokenRemoved(event eventstore.Event) (*handler.Statement, error) {
|
2022-02-08 08:37:28 +00:00
|
|
|
e, ok := event.(*user.PersonalAccessTokenRemovedEvent)
|
|
|
|
|
if !ok {
|
2022-03-23 08:02:39 +00:00
|
|
|
return nil, errors.ThrowInvalidArgumentf(nil, "HANDL-g7u3F", "reduce.wrong.event.type %s", user.PersonalAccessTokenRemovedType)
|
2022-02-08 08:37:28 +00:00
|
|
|
}
|
|
|
|
|
return crdb.NewDeleteStatement(
|
|
|
|
|
e,
|
|
|
|
|
[]handler.Condition{
|
|
|
|
|
handler.NewCond(PersonalAccessTokenColumnID, e.TokenID),
|
2022-11-10 10:59:33 +00:00
|
|
|
handler.NewCond(PersonalAccessTokenColumnInstanceID, e.Aggregate().InstanceID),
|
2022-02-08 08:37:28 +00:00
|
|
|
},
|
|
|
|
|
), nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-14 05:51:00 +00:00
|
|
|
func (p *personalAccessTokenProjection) reduceUserRemoved(event eventstore.Event) (*handler.Statement, error) {
|
2022-02-08 08:37:28 +00:00
|
|
|
e, ok := event.(*user.UserRemovedEvent)
|
|
|
|
|
if !ok {
|
2022-03-23 08:02:39 +00:00
|
|
|
return nil, errors.ThrowInvalidArgumentf(nil, "HANDL-Dff3h", "reduce.wrong.event.type %s", user.UserRemovedType)
|
2022-02-08 08:37:28 +00:00
|
|
|
}
|
|
|
|
|
return crdb.NewDeleteStatement(
|
|
|
|
|
e,
|
|
|
|
|
[]handler.Condition{
|
|
|
|
|
handler.NewCond(PersonalAccessTokenColumnUserID, e.Aggregate().ID),
|
2022-11-10 10:59:33 +00:00
|
|
|
handler.NewCond(PersonalAccessTokenColumnInstanceID, e.Aggregate().InstanceID),
|
2022-02-08 08:37:28 +00:00
|
|
|
},
|
|
|
|
|
), nil
|
|
|
|
|
}
|
2022-11-30 16:01:17 +00:00
|
|
|
|
|
|
|
|
func (p *personalAccessTokenProjection) reduceOwnerRemoved(event eventstore.Event) (*handler.Statement, error) {
|
|
|
|
|
e, ok := event.(*org.OrgRemovedEvent)
|
|
|
|
|
if !ok {
|
|
|
|
|
return nil, errors.ThrowInvalidArgumentf(nil, "PROJE-zQVhl", "reduce.wrong.event.type %s", org.OrgRemovedEventType)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return crdb.NewUpdateStatement(
|
|
|
|
|
e,
|
|
|
|
|
[]handler.Column{
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnChangeDate, e.CreationDate()),
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnSequence, e.Sequence()),
|
|
|
|
|
handler.NewCol(PersonalAccessTokenColumnOwnerRemoved, true),
|
|
|
|
|
},
|
|
|
|
|
[]handler.Condition{
|
|
|
|
|
handler.NewCond(PersonalAccessTokenColumnInstanceID, e.Aggregate().InstanceID),
|
|
|
|
|
handler.NewCond(PersonalAccessTokenColumnResourceOwner, e.Aggregate().ID),
|
|
|
|
|
},
|
|
|
|
|
), nil
|
|
|
|
|
}
|
