TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-22 01:57:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
.codecov
.github
build
cmd
console
docs
guides
hack
internal
admin
api
auth
auth_request
authz
cache
command
auth_checks.go
command.go
converter.go
custom_login_text.go
custom_login_text_model.go
custom_message_text_model.go
custom_text_model.go
existing_label_policies_model.go
features_model.go
iam.go
iam_converter.go
iam_custom_login_text.go
iam_custom_login_text_model.go
iam_custom_login_text_test.go
iam_custom_message_text.go
iam_custom_message_text_model.go
iam_custom_message_text_test.go
iam_custom_text.go
iam_custom_text_model.go
iam_features.go
iam_features_model.go
iam_idp_config.go
iam_idp_config_model.go
iam_idp_config_test.go
iam_idp_oidc_config.go
iam_idp_oidc_config_model.go
iam_idp_oidc_config_test.go
iam_member.go
iam_member_model.go
iam_member_test.go
iam_model.go
iam_policy_label.go
iam_policy_label_model.go
iam_policy_label_test.go
iam_policy_login.go
iam_policy_login_factors_model.go
iam_policy_login_identity_provider_model.go
iam_policy_login_model.go
iam_policy_login_test.go
iam_policy_mail_template.go
iam_policy_mail_template_model.go
iam_policy_mail_template_test.go
iam_policy_org_iam.go
iam_policy_org_iam_model.go
iam_policy_org_iam_test.go
iam_policy_password_age.go
iam_policy_password_age_model.go
iam_policy_password_age_test.go
iam_policy_password_complexity.go
iam_policy_password_complexity_model.go
iam_policy_password_complexity_test.go
iam_policy_password_lockout.go
iam_policy_password_lockout_model.go
iam_policy_password_lockout_test.go
iam_policy_privacy.go
iam_policy_privacy_model.go
iam_policy_privacy_test.go
identity_provider_model.go
idp_config_model.go
key_pair.go
key_pair_model.go
main_test.go
member_model.go
oidc_config_model.go
org.go
org_converter.go
org_custom_login_text.go
org_custom_login_text_model.go
org_custom_login_text_test.go
org_custom_message_model.go
org_custom_message_text.go
org_custom_message_text_test.go
org_domain.go
org_domain_model.go
org_domain_test.go
org_features.go
org_features_model.go
org_features_test.go
org_idp_config.go
org_idp_config_model.go
org_idp_config_test.go
org_idp_oidc_config.go
org_idp_oidc_config_model.go
org_idp_oidc_config_test.go
org_member.go
org_member_model.go
org_member_test.go
org_model.go
org_policy_label.go
org_policy_label_model.go
org_policy_label_test.go
org_policy_login.go
org_policy_login_factors_model.go
org_policy_login_identity_provider_model.go
org_policy_login_model.go
org_policy_login_test.go
org_policy_mail_template.go
org_policy_mail_template_model.go
org_policy_mail_template_test.go
org_policy_org_iam.go
org_policy_org_iam_model.go
org_policy_org_iam_test.go
org_policy_password_age.go
org_policy_password_age_model.go
org_policy_password_age_test.go
org_policy_password_complexity.go
org_policy_password_complexity_model.go
org_policy_password_complexity_test.go
org_policy_password_lockout.go
org_policy_password_lockout_model.go
org_policy_password_lockout_test.go
org_policy_privacy.go
org_policy_privacy_model.go
org_policy_privacy_test.go
org_test.go
policy_label_model.go
policy_login_factors_model.go
policy_login_model.go
policy_mail_template_model.go
policy_org_iam_model.go
policy_password_age_model.go
policy_password_complexity_model.go
policy_password_lockout_model.go
policy_privacy_model.go
project.go
project_application.go
project_application_api.go
project_application_api_model.go
project_application_api_test.go
project_application_key.go
project_application_key_model.go
project_application_key_test.go
project_application_model.go
project_application_oidc.go
project_application_oidc_model.go
project_application_oidc_test.go
project_application_test.go
project_converter.go
project_grant.go
project_grant_member.go
project_grant_member_model.go
project_grant_member_test.go
project_grant_model.go
project_grant_test.go
project_member.go
project_member_model.go
project_member_test.go
project_model.go
project_role.go
project_role_model.go
project_role_test.go
project_test.go
setup.go
setup_step1.go
setup_step10.go
setup_step11.go
setup_step12.go
setup_step13.go
setup_step14.go
setup_step15.go
setup_step16.go
setup_step17.go
setup_step2.go
setup_step3.go
setup_step4.go
setup_step5.go
setup_step6.go
setup_step7.go
setup_step8.go
setup_step9.go
statics.go
unique_constraints_model.go
user.go
user_converter.go
user_grant.go
user_grant_converter.go
user_grant_model.go
user_grant_test.go
user_human.go
user_human_address.go
user_human_address_model.go
user_human_adress_test.go
user_human_avatar.go
user_human_avatar_test.go
user_human_email.go
user_human_email_model.go
user_human_email_test.go
user_human_externalidp.go
user_human_externalidp_model.go
user_human_externalidp_test.go
user_human_init.go
user_human_init_model.go
user_human_init_test.go
user_human_model.go
user_human_otp.go
user_human_otp_model.go
user_human_otp_test.go
user_human_password.go
user_human_password_model.go
user_human_password_test.go
user_human_phone.go
user_human_phone_model.go
user_human_phone_test.go
user_human_profile.go
user_human_profile_model.go
user_human_profile_test.go
user_human_refresh_token.go
user_human_refresh_token_model.go
user_human_refresh_token_test.go
user_human_test.go
user_human_webauthn.go
user_human_webauthn_model.go
user_machine.go
user_machine_key.go
user_machine_key_model.go
user_machine_model.go
user_machine_test.go
user_membership.go
user_model.go
user_test.go
config
crypto
domain
errors
eventstore
features
form
i18n
iam
id
key
management
notification
org
project
proto
protoc
qrcode
query
renderer
repository
setup
static
statik
telemetry
test
ui
user
usergrant
view
webauthn
k8s
migrations
openapi
operator
pkg
proto
scripts
tools
.dockerignore
.gitignore
.releaserc.js
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
README.md
SECURITY.md
changelog.config.js
go.mod
go.sum
e546988d2f624815e62cdb92e941c7a645e4df77
zitadel/internal/command/org_policy_privacy.go

136 lines
4.6 KiB
Go
Raw Normal View History

feat: Privacy policy (#1957) * feat: command side privacy policy * feat: add privacy policy to api * feat: add privacy policy query side * fix: add privacy policy to mgmt api * fix: add privacy policy to auth and base data * feat: use privacyPolicy in login gui * feat: use privacyPolicy in login gui * feat: test org fatures * feat: typos * feat: tos in register
2021-07-05 10:36:51 +02:00
package command
import (
"context"
"github.com/caos/zitadel/internal/domain"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/repository/org"
)
func (c *Commands) getOrgPrivacyPolicy(ctx context.Context, orgID string) (*domain.PrivacyPolicy, error) {
policy, err := c.orgPrivacyPolicyWriteModelByID(ctx, orgID)
if err != nil {
return nil, err
}
if policy.State == domain.PolicyStateActive {
return orgWriteModelToPrivacyPolicy(policy), nil
}
return c.getDefaultPrivacyPolicy(ctx)
}
func (c *Commands) orgPrivacyPolicyWriteModelByID(ctx context.Context, orgID string) (*OrgPrivacyPolicyWriteModel, error) {
policy := NewOrgPrivacyPolicyWriteModel(orgID)
err := c.eventstore.FilterToQueryReducer(ctx, policy)
if err != nil {
return nil, err
}
return policy, nil
}
func (c *Commands) AddPrivacyPolicy(ctx context.Context, resourceOwner string, policy *domain.PrivacyPolicy) (*domain.PrivacyPolicy, error) {
if resourceOwner == "" {
return nil, caos_errs.ThrowInvalidArgument(nil, "Org-MMk9fs", "Errors.ResourceOwnerMissing")
}
addedPolicy := NewOrgPrivacyPolicyWriteModel(resourceOwner)
err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy)
if err != nil {
return nil, err
}
if addedPolicy.State == domain.PolicyStateActive {
return nil, caos_errs.ThrowAlreadyExists(nil, "Org-0oLpd", "Errors.Org.PrivacyPolicy.AlreadyExists")
}
orgAgg := OrgAggregateFromWriteModel(&addedPolicy.WriteModel)
pushedEvents, err := c.eventstore.PushEvents(
ctx,
org.NewPrivacyPolicyAddedEvent(
ctx,
orgAgg,
policy.TOSLink,
policy.PrivacyLink))
if err != nil {
return nil, err
}
err = AppendAndReduce(addedPolicy, pushedEvents...)
if err != nil {
return nil, err
}
return writeModelToPrivacyPolicy(&addedPolicy.PrivacyPolicyWriteModel), nil
}
func (c *Commands) ChangePrivacyPolicy(ctx context.Context, resourceOwner string, policy *domain.PrivacyPolicy) (*domain.PrivacyPolicy, error) {
if resourceOwner == "" {
return nil, caos_errs.ThrowInvalidArgument(nil, "Org-22N89f", "Errors.ResourceOwnerMissing")
}
existingPolicy := NewOrgPrivacyPolicyWriteModel(resourceOwner)
err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy)
if err != nil {
return nil, err
}
if existingPolicy.State == domain.PolicyStateUnspecified || existingPolicy.State == domain.PolicyStateRemoved {
return nil, caos_errs.ThrowNotFound(nil, "ORG-Ng8sf", "Errors.Org.PrivacyPolicy.NotFound")
}
orgAgg := OrgAggregateFromWriteModel(&existingPolicy.PrivacyPolicyWriteModel.WriteModel)
changedEvent, hasChanged := existingPolicy.NewChangedEvent(ctx, orgAgg, policy.TOSLink, policy.PrivacyLink)
if !hasChanged {
return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-4N9fs", "Errors.Org.PrivacyPolicy.NotChanged")
}
pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent)
if err != nil {
return nil, err
}
err = AppendAndReduce(existingPolicy, pushedEvents...)
if err != nil {
return nil, err
}
return writeModelToPrivacyPolicy(&existingPolicy.PrivacyPolicyWriteModel), nil
}
func (c *Commands) RemovePrivacyPolicy(ctx context.Context, orgID string) (*domain.ObjectDetails, error) {
if orgID == "" {
return nil, caos_errs.ThrowInvalidArgument(nil, "Org-Nf9sf", "Errors.ResourceOwnerMissing")
}
existingPolicy := NewOrgPrivacyPolicyWriteModel(orgID)
event, err := c.removePrivacyPolicy(ctx, existingPolicy)
if err != nil {
return nil, err
}
pushedEvents, err := c.eventstore.PushEvents(ctx, event)
if err != nil {
return nil, err
}
err = AppendAndReduce(existingPolicy, pushedEvents...)
if err != nil {
return nil, err
}
return writeModelToObjectDetails(&existingPolicy.PrivacyPolicyWriteModel.WriteModel), nil
}
func (c *Commands) removePrivacyPolicy(ctx context.Context, existingPolicy *OrgPrivacyPolicyWriteModel) (*org.PrivacyPolicyRemovedEvent, error) {
err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy)
if err != nil {
return nil, err
}
if existingPolicy.State == domain.PolicyStateUnspecified || existingPolicy.State == domain.PolicyStateRemoved {
return nil, caos_errs.ThrowNotFound(nil, "ORG-Ze9gs", "Errors.Org.PrivacyPolicy.NotFound")
}
orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel)
return org.NewPrivacyPolicyRemovedEvent(ctx, orgAgg), nil
}
func (c *Commands) removePrivacyPolicyIfExists(ctx context.Context, orgID string) (*org.PrivacyPolicyRemovedEvent, error) {
existingPolicy, err := c.orgPrivacyPolicyWriteModelByID(ctx, orgID)
if err != nil {
return nil, err
}
if existingPolicy.State != domain.PolicyStateActive {
return nil, nil
}
orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel)
return org.NewPrivacyPolicyRemovedEvent(ctx, orgAgg), nil
}
Reference in New Issue Copy Permalink