zitadel/internal/query/iam_member.go

package query

import (
	"context"
	"database/sql"

	sq "github.com/Masterminds/squirrel"
	"github.com/lib/pq"

	"github.com/caos/zitadel/internal/errors"
	"github.com/caos/zitadel/internal/query/projection"
)

var (
	iamMemberTable = table{
		name:  projection.IAMMemberProjectionTable,
		alias: "members",
	}
	IAMMemberUserID = Column{
		name:  projection.MemberUserIDCol,
		table: iamMemberTable,
	}
	IAMMemberRoles = Column{
		name:  projection.MemberRolesCol,
		table: iamMemberTable,
	}
	IAMMemberCreationDate = Column{
		name:  projection.MemberCreationDate,
		table: iamMemberTable,
	}
	IAMMemberChangeDate = Column{
		name:  projection.MemberChangeDate,
		table: iamMemberTable,
	}
	IAMMemberSequence = Column{
		name:  projection.MemberSequence,
		table: iamMemberTable,
	}
	IAMMemberResourceOwner = Column{
		name:  projection.MemberResourceOwner,
		table: iamMemberTable,
	}
	IAMMemberIAMID = Column{
		name:  projection.IAMMemberIAMIDCol,
		table: iamMemberTable,
	}
)

type IAMMembersQuery struct {
	MembersQuery
}

func (q *IAMMembersQuery) toQuery(query sq.SelectBuilder) sq.SelectBuilder {
	return q.MembersQuery.
		toQuery(query)
}

func (q *Queries) IAMMembers(ctx context.Context, queries *IAMMembersQuery) (*Members, error) {
	query, scan := prepareIAMMembersQuery()
	stmt, args, err := queries.toQuery(query).ToSql()
	if err != nil {
		return nil, errors.ThrowInvalidArgument(err, "QUERY-USNwM", "Errors.Query.InvalidRequest")
	}

	currentSequence, err := q.latestSequence(ctx, iamMemberTable)
	if err != nil {
		return nil, err
	}

	rows, err := q.client.QueryContext(ctx, stmt, args...)
	if err != nil {
		return nil, errors.ThrowInternal(err, "QUERY-Pdg1I", "Errors.Internal")
	}
	members, err := scan(rows)
	if err != nil {
		return nil, err
	}
	members.LatestSequence = currentSequence
	return members, err
}

func prepareIAMMembersQuery() (sq.SelectBuilder, func(*sql.Rows) (*Members, error)) {
	return sq.Select(
			IAMMemberCreationDate.identifier(),
			IAMMemberChangeDate.identifier(),
			IAMMemberSequence.identifier(),
			IAMMemberResourceOwner.identifier(),
			IAMMemberUserID.identifier(),
			IAMMemberRoles.identifier(),
			LoginNameNameCol.identifier(),
			HumanEmailCol.identifier(),
			HumanFirstNameCol.identifier(),
			HumanLastNameCol.identifier(),
			HumanDisplayNameCol.identifier(),
			MachineNameCol.identifier(),
			HumanAvatarURLCol.identifier(),
			countColumn.identifier(),
		).From(iamMemberTable.identifier()).
			LeftJoin(join(HumanUserIDCol, IAMMemberUserID)).
			LeftJoin(join(MachineUserIDCol, IAMMemberUserID)).
			LeftJoin(join(LoginNameUserIDCol, IAMMemberUserID)).
			Where(
				sq.Eq{LoginNameIsPrimaryCol.identifier(): true},
			).PlaceholderFormat(sq.Dollar),
		func(rows *sql.Rows) (*Members, error) {
			members := make([]*Member, 0)
			var count uint64

			for rows.Next() {
				member := new(Member)
				roles := pq.StringArray{}

				var (
					preferredLoginName = sql.NullString{}
					email              = sql.NullString{}
					firstName          = sql.NullString{}
					lastName           = sql.NullString{}
					displayName        = sql.NullString{}
					machineName        = sql.NullString{}
					avatarURL          = sql.NullString{}
				)

				err := rows.Scan(
					&member.CreationDate,
					&member.ChangeDate,
					&member.Sequence,
					&member.ResourceOwner,
					&member.UserID,
					&roles,
					&preferredLoginName,
					&email,
					&firstName,
					&lastName,
					&displayName,
					&machineName,
					&avatarURL,

					&count,
				)

				if err != nil {
					return nil, err
				}

				member.Roles = roles
				member.PreferredLoginName = preferredLoginName.String
				member.Email = email.String
				member.FirstName = firstName.String
				member.LastName = lastName.String
				member.AvatarURL = avatarURL.String
				if displayName.Valid {
					member.DisplayName = displayName.String
				} else {
					member.DisplayName = machineName.String
				}

				members = append(members, member)
			}

			if err := rows.Close(); err != nil {
				return nil, errors.ThrowInternal(err, "QUERY-EqJFc", "Errors.Query.CloseRows")
			}

			return &Members{
				Members: members,
				SearchResponse: SearchResponse{
					Count: count,
				},
			}, nil
		}
}
feat(queries): user membership (#2768) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test 2021-12-14 07:19:02 +00:00			`package query`

feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members 2021-12-16 13:25:38 +00:00			`import (`
			`"context"`
			`"database/sql"`

			`sq "github.com/Masterminds/squirrel"`
feat: user query (#3075) * user queries * user query * user query * user tests * remove old code * user metadata * cleanup * fix merge * cleanup * cleanup * fixes 2022-01-20 14:40:25 +00:00			`"github.com/lib/pq"`

feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members 2021-12-16 13:25:38 +00:00			`"github.com/caos/zitadel/internal/errors"`
			`"github.com/caos/zitadel/internal/query/projection"`
			`)`
feat(queries): user membership (#2768) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test 2021-12-14 07:19:02 +00:00
			`var (`
			`iamMemberTable = table{`
			`name: projection.IAMMemberProjectionTable,`
			`alias: "members",`
			`}`
			`IAMMemberUserID = Column{`
			`name: projection.MemberUserIDCol,`
			`table: iamMemberTable,`
			`}`
			`IAMMemberRoles = Column{`
			`name: projection.MemberRolesCol,`
			`table: iamMemberTable,`
			`}`
			`IAMMemberCreationDate = Column{`
			`name: projection.MemberCreationDate,`
			`table: iamMemberTable,`
			`}`
			`IAMMemberChangeDate = Column{`
			`name: projection.MemberChangeDate,`
			`table: iamMemberTable,`
			`}`
			`IAMMemberSequence = Column{`
			`name: projection.MemberSequence,`
			`table: iamMemberTable,`
			`}`
			`IAMMemberResourceOwner = Column{`
			`name: projection.MemberResourceOwner,`
			`table: iamMemberTable,`
			`}`
			`IAMMemberIAMID = Column{`
			`name: projection.IAMMemberIAMIDCol,`
			`table: iamMemberTable,`
			`}`
			`)`
feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members 2021-12-16 13:25:38 +00:00
			`type IAMMembersQuery struct {`
			`MembersQuery`
			`}`

			`func (q *IAMMembersQuery) toQuery(query sq.SelectBuilder) sq.SelectBuilder {`
			`return q.MembersQuery.`
			`toQuery(query)`
			`}`

			`func (q Queries) IAMMembers(ctx context.Context, queries IAMMembersQuery) (*Members, error) {`
			`query, scan := prepareIAMMembersQuery()`
			`stmt, args, err := queries.toQuery(query).ToSql()`
			`if err != nil {`
			`return nil, errors.ThrowInvalidArgument(err, "QUERY-USNwM", "Errors.Query.InvalidRequest")`
			`}`

			`currentSequence, err := q.latestSequence(ctx, iamMemberTable)`
			`if err != nil {`
			`return nil, err`
			`}`

			`rows, err := q.client.QueryContext(ctx, stmt, args...)`
			`if err != nil {`
			`return nil, errors.ThrowInternal(err, "QUERY-Pdg1I", "Errors.Internal")`
			`}`
			`members, err := scan(rows)`
			`if err != nil {`
			`return nil, err`
			`}`
			`members.LatestSequence = currentSequence`
			`return members, err`
			`}`

			`func prepareIAMMembersQuery() (sq.SelectBuilder, func(sql.Rows) (Members, error)) {`
			`return sq.Select(`
			`IAMMemberCreationDate.identifier(),`
			`IAMMemberChangeDate.identifier(),`
			`IAMMemberSequence.identifier(),`
			`IAMMemberResourceOwner.identifier(),`
			`IAMMemberUserID.identifier(),`
			`IAMMemberRoles.identifier(),`
			`LoginNameNameCol.identifier(),`
			`HumanEmailCol.identifier(),`
			`HumanFirstNameCol.identifier(),`
			`HumanLastNameCol.identifier(),`
			`HumanDisplayNameCol.identifier(),`
			`MachineNameCol.identifier(),`
feat: user query (#3075) * user queries * user query * user query * user tests * remove old code * user metadata * cleanup * fix merge * cleanup * cleanup * fixes 2022-01-20 14:40:25 +00:00			`HumanAvatarURLCol.identifier(),`
feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members 2021-12-16 13:25:38 +00:00			`countColumn.identifier(),`
			`).From(iamMemberTable.identifier()).`
			`LeftJoin(join(HumanUserIDCol, IAMMemberUserID)).`
			`LeftJoin(join(MachineUserIDCol, IAMMemberUserID)).`
			`LeftJoin(join(LoginNameUserIDCol, IAMMemberUserID)).`
			`Where(`
			`sq.Eq{LoginNameIsPrimaryCol.identifier(): true},`
			`).PlaceholderFormat(sq.Dollar),`
			`func(rows sql.Rows) (Members, error) {`
			`members := make([]*Member, 0)`
			`var count uint64`

			`for rows.Next() {`
			`member := new(Member)`
			`roles := pq.StringArray{}`

			`var (`
			`preferredLoginName = sql.NullString{}`
			`email = sql.NullString{}`
			`firstName = sql.NullString{}`
			`lastName = sql.NullString{}`
			`displayName = sql.NullString{}`
			`machineName = sql.NullString{}`
			`avatarURL = sql.NullString{}`
			`)`

			`err := rows.Scan(`
			`&member.CreationDate,`
			`&member.ChangeDate,`
			`&member.Sequence,`
			`&member.ResourceOwner,`
			`&member.UserID,`
			`&roles,`
			`&preferredLoginName,`
			`&email,`
			`&firstName,`
			`&lastName,`
			`&displayName,`
			`&machineName,`
			`&avatarURL,`

			`&count,`
			`)`

			`if err != nil {`
			`return nil, err`
			`}`

			`member.Roles = roles`
			`member.PreferredLoginName = preferredLoginName.String`
			`member.Email = email.String`
			`member.FirstName = firstName.String`
			`member.LastName = lastName.String`
			`member.AvatarURL = avatarURL.String`
			`if displayName.Valid {`
			`member.DisplayName = displayName.String`
			`} else {`
			`member.DisplayName = machineName.String`
			`}`

			`members = append(members, member)`
			`}`

			`if err := rows.Close(); err != nil {`
			`return nil, errors.ThrowInternal(err, "QUERY-EqJFc", "Errors.Query.CloseRows")`
			`}`

			`return &Members{`
			`Members: members,`
			`SearchResponse: SearchResponse{`
			`Count: count,`
			`},`
			`}, nil`
			`}`
			`}`