2022-12-14 07:17:36 +01:00
|
|
|
package command
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
|
|
"github.com/zitadel/zitadel/internal/command/preparation"
|
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/instance"
|
|
|
|
)
|
|
|
|
|
2024-02-28 12:21:11 +02:00
|
|
|
type SecurityPolicy struct {
|
|
|
|
EnableIframeEmbedding bool
|
|
|
|
AllowedOrigins []string
|
|
|
|
EnableImpersonation bool
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Commands) SetSecurityPolicy(ctx context.Context, policy *SecurityPolicy) (*domain.ObjectDetails, error) {
|
2022-12-14 07:17:36 +01:00
|
|
|
instanceAgg := instance.NewAggregate(authz.GetInstance(ctx).InstanceID())
|
2024-02-28 12:21:11 +02:00
|
|
|
validation := c.prepareSetSecurityPolicy(instanceAgg, policy)
|
2022-12-14 07:17:36 +01:00
|
|
|
cmds, err := preparation.PrepareCommands(ctx, c.eventstore.Filter, validation)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
events, err := c.eventstore.Push(ctx, cmds...)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &domain.ObjectDetails{
|
|
|
|
Sequence: events[len(events)-1].Sequence(),
|
2023-10-19 12:19:10 +02:00
|
|
|
EventDate: events[len(events)-1].CreatedAt(),
|
2022-12-14 07:17:36 +01:00
|
|
|
ResourceOwner: events[len(events)-1].Aggregate().InstanceID,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2024-02-28 12:21:11 +02:00
|
|
|
func (c *Commands) prepareSetSecurityPolicy(a *instance.Aggregate, policy *SecurityPolicy) preparation.Validation {
|
2022-12-14 07:17:36 +01:00
|
|
|
return func() (preparation.CreateCommands, error) {
|
|
|
|
return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) {
|
|
|
|
writeModel, err := c.getSecurityPolicyWriteModel(ctx, filter)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2024-02-28 12:21:11 +02:00
|
|
|
cmd, err := writeModel.NewSetEvent(ctx, &a.Aggregate, policy)
|
2022-12-14 07:17:36 +01:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return []eventstore.Command{cmd}, nil
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *Commands) getSecurityPolicyWriteModel(ctx context.Context, filter preparation.FilterToQueryReducer) (_ *InstanceSecurityPolicyWriteModel, err error) {
|
|
|
|
writeModel := NewInstanceSecurityPolicyWriteModel(ctx)
|
|
|
|
events, err := filter(ctx, writeModel.Query())
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if len(events) == 0 {
|
|
|
|
return writeModel, nil
|
|
|
|
}
|
|
|
|
writeModel.AppendEvents(events...)
|
|
|
|
err = writeModel.Reduce()
|
|
|
|
return writeModel, err
|
|
|
|
}
|