fix: user metadata check if already existing

2025-08-11 13:19:21 +00:00 · 2025-08-08 19:57:15 +02:00
parent 0c5dbe1d2f
commit 213f15164d
9 changed files with 254 additions and 91 deletions
--- a/internal/command/org.go
+++ b/internal/command/org.go
@@ -321,7 +321,7 @@ func (c *Commands) addOrgWithIDAndMember(ctx context.Context, name, userID, reso
 	if err != nil {
 		return nil, err
 	}
-	err = c.checkUserExists(ctx, userID, resourceOwner)
+	_, err = c.checkUserExists(ctx, userID, resourceOwner)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/command/project_grant_member.go
+++ b/internal/command/project_grant_member.go
@@ -21,7 +21,7 @@ func (c *Commands) AddProjectGrantMember(ctx context.Context, member *domain.Pro
 	if len(domain.CheckForInvalidRoles(member.Roles, domain.ProjectGrantRolePrefix, c.zitadelRoles)) > 0 {
 		return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-m9gKK", "Errors.Project.Grant.Member.Invalid")
 	}
-	err = c.checkUserExists(ctx, member.UserID, "")
+	_, err = c.checkUserExists(ctx, member.UserID, "")
 	if err != nil {
 		return nil, err
 	}
--- a/internal/command/project_member.go
+++ b/internal/command/project_member.go
@@ -45,7 +45,7 @@ func (c *Commands) addProjectMember(ctx context.Context, projectAgg *eventstore.
 		return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-3m9ds", "Errors.Project.Member.Invalid")
 	}
-	err = c.checkUserExists(ctx, addedMember.UserID, "")
+	_, err = c.checkUserExists(ctx, addedMember.UserID, "")
 	if err != nil {
 		return nil, err
 	}
--- a/internal/command/user.go
+++ b/internal/command/user.go
@@ -327,18 +327,18 @@ func (c *Commands) UserDomainClaimedSent(ctx context.Context, orgID, userID stri
 	return err
 }
-func (c *Commands) checkUserExists(ctx context.Context, userID, resourceOwner string) (err error) {
+func (c *Commands) checkUserExists(ctx context.Context, userID, resourceOwner string) (_ string, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()
 	existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner)
 	if err != nil {
-		return err
+		return "", err
 	}
 	if !isUserStateExists(existingUser.UserState) {
-		return zerrors.ThrowPreconditionFailed(nil, "COMMAND-uXHNj", "Errors.User.NotFound")
+		return "", zerrors.ThrowPreconditionFailed(nil, "COMMAND-uXHNj", "Errors.User.NotFound")
 	}
-	return nil
+	return existingUser.ResourceOwner, nil
 }
 func (c *Commands) userWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *UserWriteModel, err error) {
--- a/internal/command/user_grant.go
+++ b/internal/command/user_grant.go
@@ -299,7 +299,7 @@ func (c *Commands) checkUserGrantPreCondition(ctx context.Context, usergrant *do
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()
-	if err := c.checkUserExists(ctx, usergrant.UserID, ""); err != nil {
+	if _, err := c.checkUserExists(ctx, usergrant.UserID, ""); err != nil {
 		return err
 	}
 	existingRoleKeys, err := c.searchUserGrantPreConditionState(ctx, usergrant, resourceOwner)
--- a/internal/command/user_human_otp.go
+++ b/internal/command/user_human_otp.go
@@ -26,7 +26,7 @@ func (c *Commands) ImportHumanTOTP(ctx context.Context, userID, userAgentID, res
 	if err != nil {
 		return err
 	}
-	if err = c.checkUserExists(ctx, userID, resourceOwner); err != nil {
+	if _, err = c.checkUserExists(ctx, userID, resourceOwner); err != nil {
 		return err
 	}
--- a/internal/command/user_idp_link.go
+++ b/internal/command/user_idp_link.go
@@ -56,7 +56,7 @@ func (c *Commands) BulkAddedUserIDPLinks(ctx context.Context, userID, resourceOw
 		return zerrors.ThrowInvalidArgument(nil, "COMMAND-Ek9s", "Errors.User.ExternalIDP.MinimumExternalIDPNeeded")
 	}
-	if err := c.checkUserExists(ctx, userID, resourceOwner); err != nil {
+	if _, err := c.checkUserExists(ctx, userID, resourceOwner); err != nil {
 		return err
 	}
--- a/internal/command/user_metadata.go
+++ b/internal/command/user_metadata.go
@@ -1,6 +1,7 @@
 package command
 import (
 	"bytes"
 	"context"
 	"github.com/zitadel/zitadel/internal/domain"
@@ -14,12 +15,21 @@ func (c *Commands) SetUserMetadata(ctx context.Context, metadata *domain.Metadat
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()
-	err = c.checkUserExists(ctx, userID, resourceOwner)
+	userResourceOwner, err := c.checkUserExists(ctx, userID, resourceOwner)
 	if err != nil {
 		return nil, err
 	}
 	setMetadata, err := c.getUserMetadataModelByID(ctx, userID, userResourceOwner, metadata.Key)
 	if err != nil {
 		return nil, err
 	}
 	setMetadata := NewUserMetadataWriteModel(userID, resourceOwner, metadata.Key)
 	userAgg := UserAggregateFromWriteModel(&setMetadata.WriteModel)
 	// return if no change in the metadata
 	if bytes.Equal(setMetadata.Value, metadata.Value) {
 		return writeModelToUserMetadata(setMetadata), nil
 	}
 	event, err := c.setUserMetadata(ctx, userAgg, metadata)
 	if err != nil {
 		return nil, err
@@ -40,20 +50,31 @@ func (c *Commands) BulkSetUserMetadata(ctx context.Context, userID, resourceOwne
 	if len(metadatas) == 0 {
 		return nil, zerrors.ThrowPreconditionFailed(nil, "META-9mm2d", "Errors.Metadata.NoData")
 	}
-	err = c.checkUserExists(ctx, userID, resourceOwner)
+	userResourceOwner, err := c.checkUserExists(ctx, userID, resourceOwner)
 	if err != nil {
 		return nil, err
 	}
-	events := make([]eventstore.Command, len(metadatas))
+	events := make([]eventstore.Command, 0)
-	setMetadata := NewUserMetadataListWriteModel(userID, resourceOwner)
+	setMetadata, err := c.getUserMetadataListModelByID(ctx, userID, userResourceOwner)
 	if err != nil {
 		return nil, err
 	}
 	userAgg := UserAggregateFromWriteModel(&setMetadata.WriteModel)
-	for i, data := range metadatas {
+	for _, data := range metadatas {
 		// if no change to metadata no event has to be pushed
 		if existingValue, ok := setMetadata.metadataList[data.Key]; ok && bytes.Equal(existingValue, data.Value) {
 			continue
 		}
 		event, err := c.setUserMetadata(ctx, userAgg, data)
 		if err != nil {
 			return nil, err
 		}
-		events[i] = event
+		events = append(events, event)
 	}
 	// no changes for the metadata
 	if len(events) == 0 {
 		return writeModelToObjectDetails(&setMetadata.WriteModel), nil
 	}
 	pushedEvents, err := c.eventstore.Push(ctx, events...)
@@ -84,11 +105,12 @@ func (c *Commands) RemoveUserMetadata(ctx context.Context, metadataKey, userID,
 	if metadataKey == "" {
 		return nil, zerrors.ThrowInvalidArgument(nil, "META-2n0fs", "Errors.Metadata.Invalid")
 	}
-	err = c.checkUserExists(ctx, userID, resourceOwner)
+	userResourceOwner, err := c.checkUserExists(ctx, userID, resourceOwner)
 	if err != nil {
 		return nil, err
 	}
-	removeMetadata, err := c.getUserMetadataModelByID(ctx, userID, resourceOwner, metadataKey)
+
 	removeMetadata, err := c.getUserMetadataModelByID(ctx, userID, userResourceOwner, metadataKey)
 	if err != nil {
 		return nil, err
 	}
@@ -116,13 +138,13 @@ func (c *Commands) BulkRemoveUserMetadata(ctx context.Context, userID, resourceO
 	if len(metadataKeys) == 0 {
 		return nil, zerrors.ThrowPreconditionFailed(nil, "META-9mm2d", "Errors.Metadata.NoData")
 	}
-	err = c.checkUserExists(ctx, userID, resourceOwner)
+	userResourceOwner, err := c.checkUserExists(ctx, userID, resourceOwner)
 	if err != nil {
 		return nil, err
 	}
 	events := make([]eventstore.Command, len(metadataKeys))
-	removeMetadata, err := c.getUserMetadataListModelByID(ctx, userID, resourceOwner)
+	removeMetadata, err := c.getUserMetadataListModelByID(ctx, userID, userResourceOwner)
 	if err != nil {
 		return nil, err
 	}
@@ -153,24 +175,6 @@ func (c *Commands) BulkRemoveUserMetadata(ctx context.Context, userID, resourceO
 	return writeModelToObjectDetails(&removeMetadata.WriteModel), nil
 }
 func (c *Commands) removeUserMetadataFromOrg(ctx context.Context, resourceOwner string) ([]eventstore.Command, error) {
 	existingUserMetadata, err := c.getUserMetadataByOrgListModelByID(ctx, resourceOwner)
 	if err != nil {
 		return nil, err
 	}
 	if len(existingUserMetadata.UserMetadata) == 0 {
 		return nil, nil
 	}
 	events := make([]eventstore.Command, 0)
 	for key, value := range existingUserMetadata.UserMetadata {
 		if len(value) == 0 {
 			continue
 		}
 		events = append(events, user.NewMetadataRemovedAllEvent(ctx, &user.NewAggregate(key, resourceOwner).Aggregate))
 	}
 	return events, nil
 }
 func (c *Commands) removeUserMetadata(ctx context.Context, userAgg *eventstore.Aggregate, metadataKey string) (command eventstore.Command, err error) {
 	command = user.NewMetadataRemovedEvent(
 		ctx,
@@ -197,12 +201,3 @@ func (c *Commands) getUserMetadataListModelByID(ctx context.Context, userID, res
 	}
 	return userMetadataWriteModel, nil
 }
 func (c *Commands) getUserMetadataByOrgListModelByID(ctx context.Context, resourceOwner string) (*UserMetadataByOrgListWriteModel, error) {
 	userMetadataWriteModel := NewUserMetadataByOrgListWriteModel(resourceOwner)
 	err := c.eventstore.FilterToQueryReducer(ctx, userMetadataWriteModel)
 	if err != nil {
 		return nil, err
 	}
 	return userMetadataWriteModel, nil
 }
--- a/internal/command/user_metadata_test.go
+++ b/internal/command/user_metadata_test.go
@@ -16,7 +16,8 @@ import (
 func TestCommandSide_SetUserMetadata(t *testing.T) {
 	type fields struct {
-		eventstore *eventstore.Eventstore
+		eventstore      func(t *testing.T) *eventstore.Eventstore
 		checkPermission domain.PermissionCheck
 	}
 	type (
 		args struct {
@@ -39,10 +40,10 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 		{
 			name: "user not existing, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
@@ -60,8 +61,7 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 		{
 			name: "invalid metadata, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -78,7 +78,17 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 							),
 						),
 					),
 					expectFilter(
 						eventFromEventPusher(
 							user.NewMetadataSetEvent(context.Background(),
 								&user.NewAggregate("user1", "org1").Aggregate,
 								"key",
 								[]byte("value"),
 							),
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
@@ -95,8 +105,7 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 		{
 			name: "add metadata, ok",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -113,6 +122,7 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 							),
 						),
 					),
 					expectFilter(),
 					expectPush(
 						user.NewMetadataSetEvent(context.Background(),
 							&user.NewAggregate("user1", "org1").Aggregate,
@@ -121,6 +131,164 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
 				orgID:  "org1",
 				userID: "user1",
 				metadata: &domain.Metadata{
 					Key:   "key",
 					Value: []byte("value"),
 				},
 			},
 			res: res{
 				want: &domain.Metadata{
 					ObjectRoot: models.ObjectRoot{
 						AggregateID:   "user1",
 						ResourceOwner: "org1",
 					},
 					Key:   "key",
 					Value: []byte("value"),
 					State: domain.MetadataStateActive,
 				},
 			},
 		},
 		{
 			name: "add metadata, reset, invalid",
 			fields: fields{
 				eventstore: expectEventstore(
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
 								&user.NewAggregate("user1", "org1").Aggregate,
 								"username",
 								"firstname",
 								"lastname",
 								"",
 								"firstname lastname",
 								language.Und,
 								domain.GenderUnspecified,
 								"email@test.ch",
 								true,
 							),
 						),
 					),
 					expectFilter(
 						eventFromEventPusher(
 							user.NewMetadataSetEvent(context.Background(),
 								&user.NewAggregate("user1", "org1").Aggregate,
 								"key",
 								[]byte("value"),
 							),
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
 				orgID:  "org1",
 				userID: "user1",
 				metadata: &domain.Metadata{
 					Key: "key",
 				},
 			},
 			res: res{
 				err: zerrors.IsErrorInvalidArgument,
 			},
 		},
 		{
 			name: "add metadata, reset, ok",
 			fields: fields{
 				eventstore: expectEventstore(
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
 								&user.NewAggregate("user1", "org1").Aggregate,
 								"username",
 								"firstname",
 								"lastname",
 								"",
 								"firstname lastname",
 								language.Und,
 								domain.GenderUnspecified,
 								"email@test.ch",
 								true,
 							),
 						),
 					),
 					expectFilter(
 						eventFromEventPusher(
 							user.NewMetadataSetEvent(context.Background(),
 								&user.NewAggregate("user1", "org1").Aggregate,
 								"key",
 								[]byte("value"),
 							),
 						),
 					),
 					expectPush(
 						user.NewMetadataSetEvent(context.Background(),
 							&user.NewAggregate("user1", "org1").Aggregate,
 							"key",
 							[]byte("value2"),
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
 				orgID:  "org1",
 				userID: "user1",
 				metadata: &domain.Metadata{
 					Key:   "key",
 					Value: []byte("value2"),
 				},
 			},
 			res: res{
 				want: &domain.Metadata{
 					ObjectRoot: models.ObjectRoot{
 						AggregateID:   "user1",
 						ResourceOwner: "org1",
 					},
 					Key:   "key",
 					Value: []byte("value2"),
 					State: domain.MetadataStateActive,
 				},
 			},
 		},
 		{
 			name: "add metadata, reset, no change",
 			fields: fields{
 				eventstore: expectEventstore(
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
 								&user.NewAggregate("user1", "org1").Aggregate,
 								"username",
 								"firstname",
 								"lastname",
 								"",
 								"firstname lastname",
 								language.Und,
 								domain.GenderUnspecified,
 								"email@test.ch",
 								true,
 							),
 						),
 					),
 					expectFilter(
 						eventFromEventPusher(
 							user.NewMetadataSetEvent(context.Background(),
 								&user.NewAggregate("user1", "org1").Aggregate,
 								"key",
 								[]byte("value"),
 							),
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
@@ -147,7 +315,8 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			r := &Commands{
-				eventstore: tt.fields.eventstore,
+				eventstore:      tt.fields.eventstore(t),
 				checkPermission: tt.fields.checkPermission,
 			}
 			got, err := r.SetUserMetadata(tt.args.ctx, tt.args.metadata, tt.args.userID, tt.args.orgID)
 			if tt.res.err == nil {
@@ -165,7 +334,8 @@ func TestCommandSide_SetUserMetadata(t *testing.T) {
 func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 	type fields struct {
-		eventstore *eventstore.Eventstore
+		eventstore      func(t *testing.T) *eventstore.Eventstore
 		checkPermission domain.PermissionCheck
 	}
 	type (
 		args struct {
@@ -188,9 +358,7 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 		{
 			name: "empty meta data list, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(),
 					t,
 				),
 			},
 			args: args{
 				ctx:    context.Background(),
@@ -204,8 +372,7 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 		{
 			name: "user not existing, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(),
 				),
 			},
@@ -225,8 +392,7 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 		{
 			name: "invalid metadata, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -243,7 +409,9 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 							),
 						),
 					),
 					expectFilter(),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
@@ -261,8 +429,7 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 		{
 			name: "add metadata, ok",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -279,6 +446,7 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 							),
 						),
 					),
 					expectFilter(),
 					expectPush(
 						user.NewMetadataSetEvent(context.Background(),
 							&user.NewAggregate("user1", "org1").Aggregate,
@@ -292,6 +460,7 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:    context.Background(),
@@ -312,7 +481,8 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			r := &Commands{
-				eventstore: tt.fields.eventstore,
+				eventstore:      tt.fields.eventstore(t),
 				checkPermission: tt.fields.checkPermission,
 			}
 			got, err := r.BulkSetUserMetadata(tt.args.ctx, tt.args.userID, tt.args.orgID, tt.args.metadataList...)
 			if tt.res.err == nil {
@@ -330,7 +500,8 @@ func TestCommandSide_BulkSetUserMetadata(t *testing.T) {
 func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 	type fields struct {
-		eventstore *eventstore.Eventstore
+		eventstore      func(t *testing.T) *eventstore.Eventstore
 		checkPermission domain.PermissionCheck
 	}
 	type (
 		args struct {
@@ -353,8 +524,7 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 		{
 			name: "user not existing, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(),
 				),
 			},
@@ -371,9 +541,7 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 		{
 			name: "invalid metadata, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(),
 					t,
 				),
 			},
 			args: args{
 				ctx:         context.Background(),
@@ -388,8 +556,7 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 		{
 			name: "meta data not existing, not found error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -408,6 +575,7 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 					),
 					expectFilter(),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:         context.Background(),
@@ -422,8 +590,7 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 		{
 			name: "remove metadata, ok",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -456,6 +623,7 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:         context.Background(),
@@ -473,7 +641,8 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			r := &Commands{
-				eventstore: tt.fields.eventstore,
+				eventstore:      tt.fields.eventstore(t),
 				checkPermission: tt.fields.checkPermission,
 			}
 			got, err := r.RemoveUserMetadata(tt.args.ctx, tt.args.metadataKey, tt.args.userID, tt.args.orgID)
 			if tt.res.err == nil {
@@ -491,7 +660,8 @@ func TestCommandSide_UserRemoveMetadata(t *testing.T) {
 func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 	type fields struct {
-		eventstore *eventstore.Eventstore
+		eventstore      func(t *testing.T) *eventstore.Eventstore
 		checkPermission domain.PermissionCheck
 	}
 	type (
 		args struct {
@@ -514,9 +684,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 		{
 			name: "empty meta data list, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(),
 					t,
 				),
 			},
 			args: args{
 				ctx:    context.Background(),
@@ -530,8 +698,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 		{
 			name: "user not existing, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(),
 				),
 			},
@@ -548,8 +715,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 		{
 			name: "remove metadata keys not existing, precondition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -576,6 +742,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:          context.Background(),
@@ -590,8 +757,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 		{
 			name: "invalid metadata, pre condition error",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -625,6 +791,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:          context.Background(),
@@ -639,8 +806,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 		{
 			name: "remove metadata, ok",
 			fields: fields{
-				eventstore: eventstoreExpect(
+				eventstore: expectEventstore(
 					t,
 					expectFilter(
 						eventFromEventPusher(
 							user.NewHumanAddedEvent(context.Background(),
@@ -684,6 +850,7 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 						),
 					),
 				),
 				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx:          context.Background(),
@@ -701,7 +868,8 @@ func TestCommandSide_BulkRemoveUserMetadata(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			r := &Commands{
-				eventstore: tt.fields.eventstore,
+				eventstore:      tt.fields.eventstore(t),
 				checkPermission: tt.fields.checkPermission,
 			}
 			got, err := r.BulkRemoveUserMetadata(tt.args.ctx, tt.args.userID, tt.args.orgID, tt.args.metadataList...)
 			if tt.res.err == nil {