TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 03:24:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
e000fdd792
zitadel/internal/authz/repository/eventsourcing/eventstore/user_membership.go

91 lines
2.7 KiB
Go
Raw Normal View History

fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
package eventstore
import (
"context"
chore(v2): move to new org (#3499) * chore: move to new org * logging * fix: org rename caos -> zitadel Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
"github.com/zitadel/zitadel/internal/api/authz"
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
"github.com/zitadel/zitadel/internal/query"
fix(tracing): parsing of fraction (#3705) * fix(tracing): parsing of fraction * log id
2022-05-24 09:18:25 +00:00
"github.com/zitadel/zitadel/internal/telemetry/tracing"
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
)
type UserMembershipRepo struct {
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
Queries *query.Queries
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
}
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func (repo *UserMembershipRepo) SearchMyMemberships(ctx context.Context, orgID string, shouldTriggerBulk bool) (_ []*authz.Membership, err error) {
fix(tracing): parsing of fraction (#3705) * fix(tracing): parsing of fraction * log id
2022-05-24 09:18:25 +00:00
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
memberships, err := repo.searchUserMemberships(ctx, orgID, shouldTriggerBulk)
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
if err != nil {
return nil, err
}
return userMembershipsToMemberships(memberships), nil
}
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func (repo *UserMembershipRepo) searchUserMemberships(ctx context.Context, orgID string, shouldTriggerBulk bool) (_ []*query.Membership, err error) {
fix(tracing): parsing of fraction (#3705) * fix(tracing): parsing of fraction * log id
2022-05-24 09:18:25 +00:00
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
ctxData := authz.GetCtxData(ctx)
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
userIDQuery, err := query.NewMembershipUserIDQuery(ctxData.UserID)
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
if err != nil {
return nil, err
}
feat: user v2alpha email API (#5708) * chore(proto): update versions * change protoc plugin * some cleanups * define api for setting emails in new api * implement user.SetEmail * move SetEmail buisiness logic into command * resuse newCryptoCode * command: add ChangeEmail unit tests Not complete, was not able to mock the generator. * Revert "resuse newCryptoCode" This reverts commit c89e90ae35ae924a3f706a0a7394f933910c2e65. * undo change to crypto code generators * command: use a generator so we can test properly * command: reorganise ChangeEmail improve test coverage * implement VerifyEmail including unit tests * add URL template tests * proto: change context to object * remove old auth option * remove old auth option * fix linting errors run gci on modified files * add permission checks and fix some errors * comments * comments --------- Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 07:02:29 +00:00
orgIDsQuery, err := query.NewMembershipResourceOwnersSearchQuery(orgID, authz.GetInstance(ctx).InstanceID())
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
if err != nil {
return nil, err
}
feat: user v2alpha email API (#5708) * chore(proto): update versions * change protoc plugin * some cleanups * define api for setting emails in new api * implement user.SetEmail * move SetEmail buisiness logic into command * resuse newCryptoCode * command: add ChangeEmail unit tests Not complete, was not able to mock the generator. * Revert "resuse newCryptoCode" This reverts commit c89e90ae35ae924a3f706a0a7394f933910c2e65. * undo change to crypto code generators * command: use a generator so we can test properly * command: reorganise ChangeEmail improve test coverage * implement VerifyEmail including unit tests * add URL template tests * proto: change context to object * remove old auth option * remove old auth option * fix linting errors run gci on modified files * add permission checks and fix some errors * comments * comments --------- Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 07:02:29 +00:00
grantedIDQuery, err := query.NewMembershipGrantedOrgIDSearchQuery(orgID)
fix: project grants (#4031) * fix: filter granted memberships correctly * fix: only show changes of granted project * Apply suggestions from code review Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * Update internal/query/user_membership.go Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-27 07:55:44 +00:00
if err != nil {
return nil, err
}
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
memberships, err := repo.Queries.Memberships(ctx, &query.MembershipSearchQuery{
fix: project grants (#4031) * fix: filter granted memberships correctly * fix: only show changes of granted project * Apply suggestions from code review Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> * Update internal/query/user_membership.go Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-27 07:55:44 +00:00
Queries: []query.SearchQuery{userIDQuery, query.Or(orgIDsQuery, grantedIDQuery)},
perf: remove owner removed columns from projections for oidc (#6925) * fix: remove owner removed columns from login names projection * fix: remove owner removed columns from flow projection * fix: remove owner removed columns from project, projectgrant and member projections * fix: correct unit tests for session projection * fix: correct unit tests for session projection
2023-11-20 15:21:08 +00:00
}, shouldTriggerBulk)
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
if err != nil {
return nil, err
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
}
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
return memberships.Memberships, nil
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
}
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
func userMembershipToMembership(membership *query.Membership) *authz.Membership {
if membership.IAM != nil {
return &authz.Membership{
feat: add SYSTEM_OWNER role (#6765) * define roles and permissions * support system user memberships * don't limit system users * cleanup permissions * restrict memberships to aggregates * default to SYSTEM_OWNER * update unit tests * test: system user token test (#6778) * update unit tests * refactor: make authz testable * move session constants * cleanup * comment * comment * decode member type string to enum (#6780) * decode member type string to enum * handle all membership types * decode enums where necessary * decode member type in steps config * update system api docs * add technical advisory * tweak docs a bit * comment in comment * lint * extract token from Bearer header prefix * review changes * fix tests * fix: add fix for activityhandler * add isSystemUser * remove IsSystemUser from activity info * fix: add fix for activityhandler --------- Co-authored-by: Stefan Benz <stefan@caos.ch>
2023-10-25 15:10:45 +00:00
MemberType: authz.MemberTypeIAM,
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
AggregateID: membership.IAM.IAMID,
ObjectID: membership.IAM.IAMID,
Roles: membership.Roles,
}
}
if membership.Org != nil {
return &authz.Membership{
feat: add SYSTEM_OWNER role (#6765) * define roles and permissions * support system user memberships * don't limit system users * cleanup permissions * restrict memberships to aggregates * default to SYSTEM_OWNER * update unit tests * test: system user token test (#6778) * update unit tests * refactor: make authz testable * move session constants * cleanup * comment * comment * decode member type string to enum (#6780) * decode member type string to enum * handle all membership types * decode enums where necessary * decode member type in steps config * update system api docs * add technical advisory * tweak docs a bit * comment in comment * lint * extract token from Bearer header prefix * review changes * fix tests * fix: add fix for activityhandler * add isSystemUser * remove IsSystemUser from activity info * fix: add fix for activityhandler --------- Co-authored-by: Stefan Benz <stefan@caos.ch>
2023-10-25 15:10:45 +00:00
MemberType: authz.MemberTypeOrganization,
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
AggregateID: membership.Org.OrgID,
ObjectID: membership.Org.OrgID,
Roles: membership.Roles,
}
}
if membership.Project != nil {
return &authz.Membership{
MemberType: authz.MemberTypeProject,
AggregateID: membership.Project.ProjectID,
ObjectID: membership.Project.ProjectID,
Roles: membership.Roles,
}
}
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
return &authz.Membership{
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
MemberType: authz.MemberTypeProjectGrant,
AggregateID: membership.ProjectGrant.ProjectID,
ObjectID: membership.ProjectGrant.GrantID,
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
Roles: membership.Roles,
}
}
fix: check membership from projection (#3710) * fix: check membership from projection * remove authz setup
2022-05-25 12:07:16 +00:00
func userMembershipsToMemberships(memberships []*query.Membership) []*authz.Membership {
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse
2022-01-26 09:16:33 +00:00
result := make([]*authz.Membership, len(memberships))
for i, m := range memberships {
result[i] = userMembershipToMembership(m)
}
return result
}
Reference in New Issue Copy Permalink