2021-03-19 10:12:56 +00:00
|
|
|
package command
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
2022-04-20 14:59:37 +00:00
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"golang.org/x/text/language"
|
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/repository/member"
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/org"
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/project"
|
2021-03-19 10:12:56 +00:00
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/command/preparation"
|
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
|
|
caos_errs "github.com/zitadel/zitadel/internal/errors"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore/repository"
|
|
|
|
"github.com/zitadel/zitadel/internal/id"
|
|
|
|
"github.com/zitadel/zitadel/internal/query"
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/instance"
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/user"
|
2021-03-19 10:12:56 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestCommandSide_UsernameChange(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type (
|
|
|
|
args struct {
|
|
|
|
ctx context.Context
|
|
|
|
orgID string
|
|
|
|
userID string
|
|
|
|
username string
|
|
|
|
}
|
|
|
|
)
|
|
|
|
type res struct {
|
|
|
|
want *domain.ObjectDetails
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "",
|
|
|
|
username: "username",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "orgid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "",
|
|
|
|
userID: "user1",
|
|
|
|
username: "username",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "username missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
username: "",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user removed, not found error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
username: "username",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "username not changed, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
username: "username",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "org iam policy not found, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
username: "username",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "invalid username, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectFilter(),
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
2022-03-28 08:05:09 +00:00
|
|
|
instance.NewDomainPolicyAddedEvent(context.Background(),
|
2021-03-19 10:12:56 +00:00
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
true,
|
2022-04-13 09:24:03 +00:00
|
|
|
true,
|
2022-05-16 14:08:47 +00:00
|
|
|
true,
|
2021-03-19 10:12:56 +00:00
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
username: "test@test.ch",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "change username, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectFilter(),
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
2022-03-28 08:05:09 +00:00
|
|
|
instance.NewDomainPolicyAddedEvent(context.Background(),
|
2021-03-19 10:12:56 +00:00
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
true,
|
2022-04-13 09:24:03 +00:00
|
|
|
true,
|
2022-05-16 14:08:47 +00:00
|
|
|
true,
|
2021-03-19 10:12:56 +00:00
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUsernameChangedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"username1",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
uniqueConstraintsFromEventConstraint(user.NewRemoveUsernameUniqueConstraint("username", "org1", true)),
|
|
|
|
uniqueConstraintsFromEventConstraint(user.NewAddUsernameUniqueConstraint("username1", "org1", true)),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
username: "username1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
|
|
|
got, err := r.ChangeUsername(tt.args.ctx, tt.args.orgID, tt.args.userID, tt.args.username)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCommandSide_DeactivateUser(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type (
|
|
|
|
args struct {
|
|
|
|
ctx context.Context
|
|
|
|
orgID string
|
|
|
|
userID string
|
|
|
|
}
|
|
|
|
)
|
|
|
|
type res struct {
|
|
|
|
want *domain.ObjectDetails
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user not existing, not found error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user already inactive, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserDeactivatedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "deactivate user, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserDeactivatedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
|
|
|
got, err := r.DeactivateUser(tt.args.ctx, tt.args.userID, tt.args.orgID)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCommandSide_ReactivateUser(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type (
|
|
|
|
args struct {
|
|
|
|
ctx context.Context
|
|
|
|
orgID string
|
|
|
|
userID string
|
|
|
|
}
|
|
|
|
)
|
|
|
|
type res struct {
|
|
|
|
want *domain.ObjectDetails
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user not existing, not found error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user already active, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "reactivate user, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserDeactivatedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserReactivatedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
|
|
|
got, err := r.ReactivateUser(tt.args.ctx, tt.args.userID, tt.args.orgID)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCommandSide_LockUser(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type (
|
|
|
|
args struct {
|
|
|
|
ctx context.Context
|
|
|
|
orgID string
|
|
|
|
userID string
|
|
|
|
}
|
|
|
|
)
|
|
|
|
type res struct {
|
|
|
|
want *domain.ObjectDetails
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user not existing, not found error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user already locked, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserLockedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "lock user, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserLockedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
|
|
|
got, err := r.LockUser(tt.args.ctx, tt.args.userID, tt.args.orgID)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCommandSide_UnlockUser(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type (
|
|
|
|
args struct {
|
|
|
|
ctx context.Context
|
|
|
|
orgID string
|
|
|
|
userID string
|
|
|
|
}
|
|
|
|
)
|
|
|
|
type res struct {
|
|
|
|
want *domain.ObjectDetails
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user not existing, not found error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user already active, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "unlock user, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserLockedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserUnlockedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
|
|
|
got, err := r.UnlockUser(tt.args.ctx, tt.args.userID, tt.args.orgID)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCommandSide_RemoveUser(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type (
|
|
|
|
args struct {
|
2021-06-07 05:20:47 +00:00
|
|
|
ctx context.Context
|
2022-04-05 05:58:09 +00:00
|
|
|
instanceID string
|
2021-06-07 05:20:47 +00:00
|
|
|
orgID string
|
|
|
|
userID string
|
2022-01-13 07:58:14 +00:00
|
|
|
cascadeUserMemberships []*query.Membership
|
2021-06-07 05:20:47 +00:00
|
|
|
cascadeUserGrants []string
|
2021-03-19 10:12:56 +00:00
|
|
|
}
|
|
|
|
)
|
|
|
|
type res struct {
|
|
|
|
want *domain.ObjectDetails
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user not existing, not found error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "org iam policy not found, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectFilter(),
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsPreconditionFailed,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "remove user, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectFilter(),
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
2022-03-28 08:05:09 +00:00
|
|
|
instance.NewDomainPolicyAddedEvent(context.Background(),
|
2021-03-19 10:12:56 +00:00
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
true,
|
2022-04-13 09:24:03 +00:00
|
|
|
true,
|
2022-05-16 14:08:47 +00:00
|
|
|
true,
|
2021-03-19 10:12:56 +00:00
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserRemovedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
2021-08-24 07:22:21 +00:00
|
|
|
nil,
|
2021-03-19 10:12:56 +00:00
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
uniqueConstraintsFromEventConstraint(user.NewRemoveUsernameUniqueConstraint("username", "org1", true)),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-08-24 07:22:21 +00:00
|
|
|
{
|
|
|
|
name: "remove user with erxternal idp, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
2021-11-02 09:08:47 +00:00
|
|
|
user.NewUserIDPLinkAddedEvent(context.Background(),
|
2021-08-24 07:22:21 +00:00
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"idpConfigID",
|
|
|
|
"displayName",
|
|
|
|
"externalUserID",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectFilter(),
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
2022-03-28 08:05:09 +00:00
|
|
|
instance.NewDomainPolicyAddedEvent(context.Background(),
|
2021-08-24 07:22:21 +00:00
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
true,
|
2022-04-13 09:24:03 +00:00
|
|
|
true,
|
2022-05-16 14:08:47 +00:00
|
|
|
true,
|
2021-08-24 07:22:21 +00:00
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserRemovedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
nil,
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
uniqueConstraintsFromEventConstraint(user.NewRemoveUsernameUniqueConstraint("username", "org1", true)),
|
2021-11-02 09:08:47 +00:00
|
|
|
uniqueConstraintsFromEventConstraint(user.NewRemoveUserIDPLinkUniqueConstraint("idpConfigID", "externalUserID")),
|
2021-08-24 07:22:21 +00:00
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-06-07 05:20:47 +00:00
|
|
|
{
|
|
|
|
name: "remove user with user memberships, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectFilter(),
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
2022-03-28 08:05:09 +00:00
|
|
|
instance.NewDomainPolicyAddedEvent(context.Background(),
|
2021-06-07 05:20:47 +00:00
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
true,
|
2022-04-13 09:24:03 +00:00
|
|
|
true,
|
2022-05-16 14:08:47 +00:00
|
|
|
true,
|
2021-06-07 05:20:47 +00:00
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserRemovedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
2021-08-24 07:22:21 +00:00
|
|
|
nil,
|
2021-06-07 05:20:47 +00:00
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
2022-03-24 16:21:34 +00:00
|
|
|
instance.NewMemberCascadeRemovedEvent(context.Background(),
|
2022-04-05 05:58:09 +00:00
|
|
|
&instance.NewAggregate("INSTANCE").Aggregate,
|
2021-06-07 05:20:47 +00:00
|
|
|
"user1",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
|
|
|
org.NewMemberCascadeRemovedEvent(context.Background(),
|
2022-04-20 14:59:37 +00:00
|
|
|
&org.NewAggregate("org1").Aggregate,
|
2021-06-07 05:20:47 +00:00
|
|
|
"user1",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
|
|
|
project.NewProjectMemberCascadeRemovedEvent(context.Background(),
|
|
|
|
&project.NewAggregate("project1", "org1").Aggregate,
|
|
|
|
"user1",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
eventFromEventPusher(
|
|
|
|
project.NewProjectGrantMemberCascadeRemovedEvent(context.Background(),
|
|
|
|
&project.NewAggregate("project1", "org1").Aggregate,
|
|
|
|
"user1",
|
|
|
|
"grant1",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
uniqueConstraintsFromEventConstraint(user.NewRemoveUsernameUniqueConstraint("username", "org1", true)),
|
2022-04-05 05:58:09 +00:00
|
|
|
uniqueConstraintsFromEventConstraint(member.NewRemoveMemberUniqueConstraint("INSTANCE", "user1")),
|
2021-06-07 05:20:47 +00:00
|
|
|
uniqueConstraintsFromEventConstraint(member.NewRemoveMemberUniqueConstraint("org1", "user1")),
|
|
|
|
uniqueConstraintsFromEventConstraint(member.NewRemoveMemberUniqueConstraint("project1", "user1")),
|
|
|
|
uniqueConstraintsFromEventConstraint(project.NewRemoveProjectGrantMemberUniqueConstraint("project1", "user1", "grant1")),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
2022-01-13 07:58:14 +00:00
|
|
|
cascadeUserMemberships: []*query.Membership{
|
2021-06-07 05:20:47 +00:00
|
|
|
{
|
2022-01-13 07:58:14 +00:00
|
|
|
IAM: &query.IAMMembership{
|
2022-04-05 05:58:09 +00:00
|
|
|
IAMID: "INSTANCE",
|
2022-01-13 07:58:14 +00:00
|
|
|
},
|
2021-06-07 05:20:47 +00:00
|
|
|
UserID: "user1",
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
{
|
2022-01-13 07:58:14 +00:00
|
|
|
Org: &query.OrgMembership{
|
|
|
|
OrgID: "org1",
|
|
|
|
},
|
2021-06-07 05:20:47 +00:00
|
|
|
UserID: "user1",
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
{
|
2022-01-13 07:58:14 +00:00
|
|
|
|
|
|
|
Project: &query.ProjectMembership{
|
|
|
|
ProjectID: "project1",
|
|
|
|
},
|
2021-06-07 05:20:47 +00:00
|
|
|
UserID: "user1",
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
{
|
2022-01-13 07:58:14 +00:00
|
|
|
ProjectGrant: &query.ProjectGrantMembership{
|
|
|
|
ProjectID: "project1",
|
|
|
|
GrantID: "grant1",
|
|
|
|
},
|
2021-06-07 05:20:47 +00:00
|
|
|
UserID: "user1",
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
want: &domain.ObjectDetails{
|
|
|
|
ResourceOwner: "org1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-03-19 10:12:56 +00:00
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
2021-06-07 05:20:47 +00:00
|
|
|
got, err := r.RemoveUser(tt.args.ctx, tt.args.userID, tt.args.orgID, tt.args.cascadeUserMemberships, tt.args.cascadeUserGrants...)
|
2021-03-19 10:12:56 +00:00
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestCommandSide_AddUserToken(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
idGenerator id.Generator
|
|
|
|
}
|
|
|
|
type (
|
|
|
|
args struct {
|
|
|
|
ctx context.Context
|
|
|
|
orgID string
|
|
|
|
agentID string
|
|
|
|
clientID string
|
|
|
|
userID string
|
|
|
|
audience []string
|
|
|
|
scopes []string
|
|
|
|
lifetime time.Duration
|
|
|
|
}
|
|
|
|
)
|
|
|
|
type res struct {
|
|
|
|
want *domain.Token
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user not existing, not found error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
orgID: "org1",
|
|
|
|
userID: "user1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
idGenerator: tt.fields.idGenerator,
|
|
|
|
}
|
|
|
|
got, err := r.AddUserToken(tt.args.ctx, tt.args.orgID, tt.args.agentID, tt.args.clientID, tt.args.userID, tt.args.audience, tt.args.scopes, tt.args.lifetime)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-11-03 07:35:24 +00:00
|
|
|
func TestCommands_RevokeAccessToken(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type args struct {
|
|
|
|
ctx context.Context
|
|
|
|
userID string
|
|
|
|
orgID string
|
|
|
|
tokenID string
|
|
|
|
}
|
|
|
|
type res struct {
|
|
|
|
want *domain.ObjectDetails
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
"id missing error",
|
|
|
|
fields{
|
|
|
|
eventstoreExpect(t),
|
|
|
|
},
|
|
|
|
args{
|
|
|
|
context.Background(),
|
|
|
|
"userID",
|
|
|
|
"orgID",
|
|
|
|
"",
|
|
|
|
},
|
|
|
|
res{
|
|
|
|
nil,
|
|
|
|
caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"not active error",
|
|
|
|
fields{
|
|
|
|
eventstoreExpect(t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserTokenAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("userID", "orgID").Aggregate,
|
|
|
|
"tokenID",
|
|
|
|
"clientID",
|
|
|
|
"agentID",
|
|
|
|
"de",
|
|
|
|
"refreshTokenID",
|
|
|
|
[]string{"clientID"},
|
|
|
|
[]string{"openid"},
|
|
|
|
time.Now(),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args{
|
|
|
|
context.Background(),
|
|
|
|
"userID",
|
|
|
|
"orgID",
|
|
|
|
"tokenID",
|
|
|
|
},
|
|
|
|
res{
|
|
|
|
nil,
|
|
|
|
caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"active ok",
|
|
|
|
fields{
|
|
|
|
eventstoreExpect(t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewUserTokenAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("userID", "orgID").Aggregate,
|
|
|
|
"tokenID",
|
|
|
|
"clientID",
|
|
|
|
"agentID",
|
|
|
|
"de",
|
|
|
|
"refreshTokenID",
|
|
|
|
[]string{"clientID"},
|
|
|
|
[]string{"openid"},
|
|
|
|
time.Now().Add(5*time.Hour),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
eventPusherToEvents(
|
|
|
|
user.NewUserTokenRemovedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("userID", "orgID").Aggregate,
|
|
|
|
"tokenID",
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args{
|
|
|
|
context.Background(),
|
|
|
|
"userID",
|
|
|
|
"orgID",
|
|
|
|
"tokenID",
|
|
|
|
},
|
|
|
|
res{
|
|
|
|
&domain.ObjectDetails{
|
|
|
|
ResourceOwner: "orgID",
|
|
|
|
},
|
|
|
|
nil,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
c := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
|
|
|
got, err := c.RevokeAccessToken(tt.args.ctx, tt.args.userID, tt.args.orgID, tt.args.tokenID)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.Equal(t, tt.res.want, got)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-19 10:12:56 +00:00
|
|
|
func TestCommandSide_UserDomainClaimedSent(t *testing.T) {
|
|
|
|
type fields struct {
|
|
|
|
eventstore *eventstore.Eventstore
|
|
|
|
}
|
|
|
|
type args struct {
|
|
|
|
ctx context.Context
|
|
|
|
userID string
|
|
|
|
resourceOwner string
|
|
|
|
}
|
|
|
|
type res struct {
|
|
|
|
err func(error) bool
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
fields fields
|
|
|
|
args args
|
|
|
|
res res
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "userid missing, invalid argument error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
resourceOwner: "org1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsErrorInvalidArgument,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user not existing, precondition error",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
userID: "user1",
|
|
|
|
resourceOwner: "org1",
|
|
|
|
},
|
|
|
|
res: res{
|
|
|
|
err: caos_errs.IsNotFound,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "code sent, ok",
|
|
|
|
fields: fields{
|
|
|
|
eventstore: eventstoreExpect(
|
|
|
|
t,
|
|
|
|
expectFilter(
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewHumanAddedEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
"username",
|
|
|
|
"firstname",
|
|
|
|
"lastname",
|
|
|
|
"nickname",
|
|
|
|
"displayname",
|
|
|
|
language.German,
|
|
|
|
domain.GenderUnspecified,
|
|
|
|
"email@test.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
),
|
|
|
|
expectPush(
|
|
|
|
[]*repository.Event{
|
|
|
|
eventFromEventPusher(
|
|
|
|
user.NewDomainClaimedSentEvent(context.Background(),
|
|
|
|
&user.NewAggregate("user1", "org1").Aggregate,
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
),
|
|
|
|
),
|
|
|
|
},
|
|
|
|
args: args{
|
|
|
|
ctx: context.Background(),
|
|
|
|
userID: "user1",
|
|
|
|
resourceOwner: "org1",
|
|
|
|
},
|
|
|
|
res: res{},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
r := &Commands{
|
|
|
|
eventstore: tt.fields.eventstore,
|
|
|
|
}
|
|
|
|
err := r.UserDomainClaimedSent(tt.args.ctx, tt.args.resourceOwner, tt.args.userID)
|
|
|
|
if tt.res.err == nil {
|
|
|
|
assert.NoError(t, err)
|
|
|
|
}
|
|
|
|
if tt.res.err != nil && !tt.res.err(err) {
|
|
|
|
t.Errorf("got wrong err: %v ", err)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2022-04-12 14:20:17 +00:00
|
|
|
|
|
|
|
func TestExistsUser(t *testing.T) {
|
|
|
|
type args struct {
|
|
|
|
filter preparation.FilterToQueryReducer
|
|
|
|
id string
|
|
|
|
resourceOwner string
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
args args
|
|
|
|
wantExists bool
|
|
|
|
wantErr bool
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
name: "no events",
|
|
|
|
args: args{
|
|
|
|
filter: func(_ context.Context, _ *eventstore.SearchQueryBuilder) ([]eventstore.Event, error) {
|
|
|
|
return []eventstore.Event{}, nil
|
|
|
|
},
|
|
|
|
id: "id",
|
|
|
|
resourceOwner: "ro",
|
|
|
|
},
|
|
|
|
wantExists: false,
|
|
|
|
wantErr: false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "human registered",
|
|
|
|
args: args{
|
|
|
|
filter: func(_ context.Context, _ *eventstore.SearchQueryBuilder) ([]eventstore.Event, error) {
|
|
|
|
return []eventstore.Event{
|
|
|
|
user.NewHumanRegisteredEvent(
|
|
|
|
context.Background(),
|
|
|
|
&user.NewAggregate("id", "ro").Aggregate,
|
|
|
|
"userName",
|
|
|
|
"firstName",
|
|
|
|
"lastName",
|
|
|
|
"nickName",
|
|
|
|
"displayName",
|
|
|
|
language.German,
|
|
|
|
domain.GenderFemale,
|
|
|
|
"support@zitadel.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
}, nil
|
|
|
|
},
|
|
|
|
id: "id",
|
|
|
|
resourceOwner: "ro",
|
|
|
|
},
|
|
|
|
wantExists: true,
|
|
|
|
wantErr: false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "human added",
|
|
|
|
args: args{
|
|
|
|
filter: func(_ context.Context, _ *eventstore.SearchQueryBuilder) ([]eventstore.Event, error) {
|
|
|
|
return []eventstore.Event{
|
|
|
|
user.NewHumanAddedEvent(
|
|
|
|
context.Background(),
|
|
|
|
&user.NewAggregate("id", "ro").Aggregate,
|
|
|
|
"userName",
|
|
|
|
"firstName",
|
|
|
|
"lastName",
|
|
|
|
"nickName",
|
|
|
|
"displayName",
|
|
|
|
language.German,
|
|
|
|
domain.GenderFemale,
|
|
|
|
"support@zitadel.ch",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
}, nil
|
|
|
|
},
|
|
|
|
id: "id",
|
|
|
|
resourceOwner: "ro",
|
|
|
|
},
|
|
|
|
wantExists: true,
|
|
|
|
wantErr: false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "machine added",
|
|
|
|
args: args{
|
|
|
|
filter: func(_ context.Context, _ *eventstore.SearchQueryBuilder) ([]eventstore.Event, error) {
|
|
|
|
return []eventstore.Event{
|
|
|
|
user.NewMachineAddedEvent(
|
|
|
|
context.Background(),
|
|
|
|
&user.NewAggregate("id", "ro").Aggregate,
|
|
|
|
"userName",
|
|
|
|
"name",
|
|
|
|
"description",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
}, nil
|
|
|
|
},
|
|
|
|
id: "id",
|
|
|
|
resourceOwner: "ro",
|
|
|
|
},
|
|
|
|
wantExists: true,
|
|
|
|
wantErr: false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "user removed",
|
|
|
|
args: args{
|
|
|
|
filter: func(_ context.Context, _ *eventstore.SearchQueryBuilder) ([]eventstore.Event, error) {
|
|
|
|
return []eventstore.Event{
|
|
|
|
user.NewMachineAddedEvent(
|
|
|
|
context.Background(),
|
|
|
|
&user.NewAggregate("removed", "ro").Aggregate,
|
|
|
|
"userName",
|
|
|
|
"name",
|
|
|
|
"description",
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
user.NewUserRemovedEvent(
|
|
|
|
context.Background(),
|
|
|
|
&user.NewAggregate("removed", "ro").Aggregate,
|
|
|
|
"userName",
|
|
|
|
nil,
|
|
|
|
true,
|
|
|
|
),
|
|
|
|
}, nil
|
|
|
|
},
|
|
|
|
id: "id",
|
|
|
|
resourceOwner: "ro",
|
|
|
|
},
|
|
|
|
wantExists: false,
|
|
|
|
wantErr: false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "error durring filter",
|
|
|
|
args: args{
|
|
|
|
filter: func(_ context.Context, _ *eventstore.SearchQueryBuilder) ([]eventstore.Event, error) {
|
|
|
|
return nil, errors.ThrowInternal(nil, "USER-Drebn", "Errors.Internal")
|
|
|
|
},
|
|
|
|
id: "id",
|
|
|
|
resourceOwner: "ro",
|
|
|
|
},
|
|
|
|
wantExists: false,
|
|
|
|
wantErr: true,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
gotExists, err := ExistsUser(context.Background(), tt.args.filter, tt.args.id, tt.args.resourceOwner)
|
|
|
|
if (err != nil) != tt.wantErr {
|
|
|
|
t.Errorf("ExistsUser() error = %v, wantErr %v", err, tt.wantErr)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if gotExists != tt.wantExists {
|
|
|
|
t.Errorf("ExistsUser() = %v, want %v", gotExists, tt.wantExists)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|