fix: new es testing (#1411)

* fix: org tests * fix: org tests * fix: user grant test * fix: user grant test * fix: project and project role test * fix: project grant test * fix: project grant test * fix: project member, grant member, app changed tests * fix: application tests * fix: application tests * fix: add oidc app test * fix: add oidc app test * fix: add api keys test * fix: iam policies * fix: iam and org member tests * fix: clock skew validation * revert crypto changes * fix: tests * fix project grant member commands Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-08-11 21:17:32 +00:00 · 2021-03-15 12:51:15 +01:00
parent e9eb5b7848
commit 2bd255106a
72 changed files with 14134 additions and 230 deletions
--- a/internal/command/user_grant_model.go
+++ b/internal/command/user_grant_model.go
@@ -3,6 +3,8 @@ package command
 import (
 	"github.com/caos/zitadel/internal/domain"
 	"github.com/caos/zitadel/internal/eventstore"
+	"github.com/caos/zitadel/internal/repository/project"
+	"github.com/caos/zitadel/internal/repository/user"
 	"github.com/caos/zitadel/internal/repository/usergrant"
 )

@@ -76,3 +78,85 @@ func (wm *UserGrantWriteModel) Query() *eventstore.SearchQueryBuilder {
 func UserGrantAggregateFromWriteModel(wm *eventstore.WriteModel) *eventstore.Aggregate {
 	return eventstore.AggregateFromWriteModel(wm, usergrant.AggregateType, usergrant.AggregateVersion)
 }
+
+type UserGrantPreConditionReadModel struct {
+	eventstore.WriteModel
+
+	UserID             string
+	ProjectID          string
+	ProjectGrantID     string
+	UserExists         bool
+	ProjectExists      bool
+	ProjectGrantExists bool
+	ExistingRoleKeys   []string
+}
+
+func NewUserGrantPreConditionReadModel(userID, projectID, projectGrantID string) *UserGrantPreConditionReadModel {
+	return &UserGrantPreConditionReadModel{
+		UserID:         userID,
+		ProjectID:      projectID,
+		ProjectGrantID: projectGrantID,
+	}
+}
+
+func (wm *UserGrantPreConditionReadModel) Reduce() error {
+	for _, event := range wm.Events {
+		switch e := event.(type) {
+		case *user.HumanAddedEvent:
+			wm.UserExists = true
+		case *user.MachineAddedEvent:
+			wm.UserExists = true
+		case *user.UserRemovedEvent:
+			wm.UserExists = false
+		case *project.ProjectAddedEvent:
+			wm.ProjectExists = true
+		case *project.ProjectRemovedEvent:
+			wm.ProjectExists = false
+		case *project.GrantAddedEvent:
+			if wm.ProjectGrantID == e.GrantID {
+				wm.ProjectGrantExists = true
+			}
+			wm.ExistingRoleKeys = e.RoleKeys
+		case *project.GrantChangedEvent:
+			wm.ExistingRoleKeys = e.RoleKeys
+		case *project.GrantRemovedEvent:
+			if wm.ProjectGrantID == e.GrantID {
+				wm.ProjectGrantExists = false
+			}
+			wm.ExistingRoleKeys = []string{}
+		case *project.RoleAddedEvent:
+			if wm.ProjectGrantID != "" {
+				continue
+			}
+			wm.ExistingRoleKeys = append(wm.ExistingRoleKeys, e.Key)
+		case *project.RoleRemovedEvent:
+			if wm.ProjectGrantID != "" {
+				continue
+			}
+			for i, key := range wm.ExistingRoleKeys {
+				if key == e.Key {
+					copy(wm.ExistingRoleKeys[i:], wm.ExistingRoleKeys[i+1:])
+					wm.ExistingRoleKeys[len(wm.ExistingRoleKeys)-1] = ""
+					wm.ExistingRoleKeys = wm.ExistingRoleKeys[:len(wm.ExistingRoleKeys)-1]
+					continue
+				}
+			}
+		}
+	}
+	return wm.WriteModel.Reduce()
+}
+
+func (wm *UserGrantPreConditionReadModel) Query() *eventstore.SearchQueryBuilder {
+	query := eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent, user.AggregateType, project.AggregateType).
+		AggregateIDs(wm.UserID, wm.ProjectID).
+		EventTypes(user.HumanAddedType,
+			user.MachineAddedEventType,
+			user.UserRemovedType,
+			project.ProjectAddedType,
+			project.ProjectRemovedType,
+			project.GrantAddedType,
+			project.GrantRemovedType,
+			project.RoleAddedType,
+			project.RoleRemovedType)
+	return query
+}