mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 05:07:31 +00:00
fix(app): move queries to query package (#2612)
* fix: move queries to query package * fix(auth): switch project role requests to query pkg * refactor: delete unused project role code * remove repo * implement sql queries * fix(database): oidc config change type to int2 * fix(queries): implement app queries * refactor: simplify code * fix: correct app query * Update app.go * fix token check * fix mock * test: app prepares * test: oidc compliance * test: OIDCOriginAllowList * fix: converter * resolve unsupported oidc version Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Silvan
@@ -2,11 +2,8 @@ package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/caos/zitadel/internal/project/model"
|
||||
)
|
||||
|
||||
type ApplicationRepository interface {
|
||||
ApplicationByClientID(ctx context.Context, clientID string) (*model.ApplicationView, error)
|
||||
AuthorizeClientIDSecret(ctx context.Context, clientID, secret string) error
|
||||
}
|
||||
|
||||
@@ -3,35 +3,25 @@ package eventstore
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
|
||||
"github.com/caos/zitadel/internal/command"
|
||||
"github.com/caos/zitadel/internal/project/model"
|
||||
proj_view_model "github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/query"
|
||||
"github.com/caos/zitadel/internal/telemetry/tracing"
|
||||
)
|
||||
|
||||
type ApplicationRepo struct {
|
||||
Commands *command.Commands
|
||||
View *view.View
|
||||
}
|
||||
|
||||
func (a *ApplicationRepo) ApplicationByClientID(ctx context.Context, clientID string) (*model.ApplicationView, error) {
|
||||
app, err := a.View.ApplicationByClientID(ctx, clientID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return proj_view_model.ApplicationViewToModel(app), nil
|
||||
Query *query.Queries
|
||||
}
|
||||
|
||||
func (a *ApplicationRepo) AuthorizeClientIDSecret(ctx context.Context, clientID, secret string) (err error) {
|
||||
ctx, span := tracing.NewSpan(ctx)
|
||||
defer func() { span.EndWithError(err) }()
|
||||
|
||||
app, err := a.View.ApplicationByClientID(ctx, clientID)
|
||||
app, err := a.Query.AppByOIDCClientID(ctx, clientID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if app.IsOIDC {
|
||||
if app.OIDCConfig != nil {
|
||||
return a.Commands.VerifyOIDCClientSecret(ctx, app.ProjectID, app.ID, secret)
|
||||
}
|
||||
return a.Commands.VerifyAPIClientSecret(ctx, app.ProjectID, app.ID, secret)
|
||||
|
||||
@@ -29,6 +29,7 @@ import (
|
||||
|
||||
type AuthRequestRepo struct {
|
||||
Command *command.Commands
|
||||
Query *query.Queries
|
||||
AuthRequests cache.AuthRequestCache
|
||||
View *view.View
|
||||
Eventstore v1.Eventstore
|
||||
@@ -101,12 +102,12 @@ type orgViewProvider interface {
|
||||
}
|
||||
|
||||
type userGrantProvider interface {
|
||||
ApplicationByClientID(context.Context, string) (*project_view_model.ApplicationView, error)
|
||||
ProjectByOIDCClientID(context.Context, string) (*query.Project, error)
|
||||
UserGrantsByProjectAndUserID(string, string) ([]*grant_view_model.UserGrantView, error)
|
||||
}
|
||||
|
||||
type projectProvider interface {
|
||||
ApplicationByClientID(context.Context, string) (*project_view_model.ApplicationView, error)
|
||||
ProjectByOIDCClientID(context.Context, string) (*query.Project, error)
|
||||
OrgProjectMappingByIDs(orgID, projectID string) (*project_view_model.OrgProjectMapping, error)
|
||||
}
|
||||
|
||||
@@ -122,18 +123,22 @@ func (repo *AuthRequestRepo) CreateAuthRequest(ctx context.Context, request *dom
|
||||
return nil, err
|
||||
}
|
||||
request.ID = reqID
|
||||
app, err := repo.View.ApplicationByClientID(ctx, request.ApplicationID)
|
||||
project, err := repo.ProjectProvider.ProjectByOIDCClientID(ctx, request.ApplicationID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
appIDs, err := repo.View.AppIDsFromProjectID(ctx, app.ProjectID)
|
||||
projectIDQuery, err := query.NewAppProjectIDSearchQuery(project.ID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
appIDs, err := repo.Query.SearchAppIDs(ctx, &query.AppSearchQueries{Queries: []query.SearchQuery{projectIDQuery}})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
request.Audience = appIDs
|
||||
request.AppendAudIfNotExisting(app.ProjectID)
|
||||
request.ApplicationResourceOwner = app.ResourceOwner
|
||||
request.PrivateLabelingSetting = app.PrivateLabelingSetting
|
||||
request.AppendAudIfNotExisting(project.ID)
|
||||
request.ApplicationResourceOwner = project.ResourceOwner
|
||||
request.PrivateLabelingSetting = project.PrivateLabelingSetting
|
||||
if err := setOrgID(repo.OrgViewProvider, request); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -1175,20 +1180,20 @@ func linkingIDPConfigExistingInAllowedIDPs(linkingUsers []*domain.ExternalUser,
|
||||
}
|
||||
|
||||
func userGrantRequired(ctx context.Context, request *domain.AuthRequest, user *user_model.UserView, userGrantProvider userGrantProvider) (_ bool, err error) {
|
||||
var app *project_view_model.ApplicationView
|
||||
var project *query.Project
|
||||
switch request.Request.Type() {
|
||||
case domain.AuthRequestTypeOIDC:
|
||||
app, err = userGrantProvider.ApplicationByClientID(ctx, request.ApplicationID)
|
||||
project, err = userGrantProvider.ProjectByOIDCClientID(ctx, request.ApplicationID)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
default:
|
||||
return false, errors.ThrowPreconditionFailed(nil, "EVENT-dfrw2", "Errors.AuthRequest.RequestTypeNotSupported")
|
||||
}
|
||||
if !app.ProjectRoleCheck {
|
||||
if !project.ProjectRoleCheck {
|
||||
return false, nil
|
||||
}
|
||||
grants, err := userGrantProvider.UserGrantsByProjectAndUserID(app.ProjectID, user.ID)
|
||||
grants, err := userGrantProvider.UserGrantsByProjectAndUserID(project.ID, user.ID)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
@@ -1196,20 +1201,20 @@ func userGrantRequired(ctx context.Context, request *domain.AuthRequest, user *u
|
||||
}
|
||||
|
||||
func projectRequired(ctx context.Context, request *domain.AuthRequest, projectProvider projectProvider) (_ bool, err error) {
|
||||
var app *project_view_model.ApplicationView
|
||||
var project *query.Project
|
||||
switch request.Request.Type() {
|
||||
case domain.AuthRequestTypeOIDC:
|
||||
app, err = projectProvider.ApplicationByClientID(ctx, request.ApplicationID)
|
||||
project, err = projectProvider.ProjectByOIDCClientID(ctx, request.ApplicationID)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
default:
|
||||
return false, errors.ThrowPreconditionFailed(nil, "EVENT-dfrw2", "Errors.AuthRequest.RequestTypeNotSupported")
|
||||
}
|
||||
if !app.HasProjectCheck {
|
||||
if !project.HasProjectCheck {
|
||||
return false, nil
|
||||
}
|
||||
_, err = projectProvider.OrgProjectMappingByIDs(request.UserOrgID, app.ProjectID)
|
||||
_, err = projectProvider.OrgProjectMappingByIDs(request.UserOrgID, project.ID)
|
||||
if errors.IsNotFound(err) {
|
||||
return true, nil
|
||||
}
|
||||
|
||||
@@ -212,8 +212,8 @@ type mockUserGrants struct {
|
||||
userGrants int
|
||||
}
|
||||
|
||||
func (m *mockUserGrants) ApplicationByClientID(ctx context.Context, s string) (*proj_view_model.ApplicationView, error) {
|
||||
return &proj_view_model.ApplicationView{ProjectRoleCheck: m.roleCheck}, nil
|
||||
func (m *mockUserGrants) ProjectByOIDCClientID(ctx context.Context, s string) (*query.Project, error) {
|
||||
return &query.Project{ProjectRoleCheck: m.roleCheck}, nil
|
||||
}
|
||||
|
||||
func (m *mockUserGrants) UserGrantsByProjectAndUserID(s string, s2 string) ([]*grant_view_model.UserGrantView, error) {
|
||||
@@ -229,8 +229,8 @@ type mockProject struct {
|
||||
projectCheck bool
|
||||
}
|
||||
|
||||
func (m *mockProject) ApplicationByClientID(ctx context.Context, s string) (*proj_view_model.ApplicationView, error) {
|
||||
return &proj_view_model.ApplicationView{HasProjectCheck: m.projectCheck}, nil
|
||||
func (m *mockProject) ProjectByOIDCClientID(ctx context.Context, s string) (*query.Project, error) {
|
||||
return &query.Project{HasProjectCheck: m.projectCheck}, nil
|
||||
}
|
||||
|
||||
func (m *mockProject) OrgProjectMappingByIDs(orgID, projectID string) (*proj_view_model.OrgProjectMapping, error) {
|
||||
|
||||
@@ -1,168 +0,0 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"context"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1"
|
||||
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
es_sdk "github.com/caos/zitadel/internal/eventstore/v1/sdk"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
||||
proj_model "github.com/caos/zitadel/internal/project/model"
|
||||
es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
proj_view "github.com/caos/zitadel/internal/project/repository/view"
|
||||
view_model "github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
)
|
||||
|
||||
const (
|
||||
applicationTable = "auth.applications"
|
||||
)
|
||||
|
||||
type Application struct {
|
||||
handler
|
||||
subscription *v1.Subscription
|
||||
}
|
||||
|
||||
func newApplication(handler handler) *Application {
|
||||
h := &Application{
|
||||
handler: handler,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (a *Application) subscribe() {
|
||||
a.subscription = a.es.Subscribe(a.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range a.subscription.Events {
|
||||
query.ReduceEvent(a, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (a *Application) ViewModel() string {
|
||||
return applicationTable
|
||||
}
|
||||
|
||||
func (a *Application) Subscription() *v1.Subscription {
|
||||
return a.subscription
|
||||
}
|
||||
|
||||
func (_ *Application) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{es_model.ProjectAggregate}
|
||||
}
|
||||
|
||||
func (a *Application) CurrentSequence() (uint64, error) {
|
||||
sequence, err := a.view.GetLatestApplicationSequence()
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (a *Application) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := a.view.GetLatestApplicationSequence()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return proj_view.ProjectQuery(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (a *Application) Reduce(event *models.Event) (err error) {
|
||||
app := new(view_model.ApplicationView)
|
||||
switch event.Type {
|
||||
case es_model.ApplicationAdded:
|
||||
project, err := a.getProjectByID(context.Background(), event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
app.ProjectRoleCheck = project.ProjectRoleCheck
|
||||
app.HasProjectCheck = project.HasProjectCheck
|
||||
app.ProjectRoleAssertion = project.ProjectRoleAssertion
|
||||
app.PrivateLabelingSetting = project.PrivateLabelingSetting
|
||||
|
||||
err = app.AppendEvent(event)
|
||||
case es_model.ApplicationChanged,
|
||||
es_model.OIDCConfigAdded,
|
||||
es_model.OIDCConfigChanged,
|
||||
es_model.APIConfigAdded,
|
||||
es_model.APIConfigChanged,
|
||||
es_model.ApplicationDeactivated,
|
||||
es_model.ApplicationReactivated:
|
||||
err = app.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
app, err = a.view.ApplicationByID(event.AggregateID, app.ID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = app.AppendEvent(event)
|
||||
case es_model.ApplicationRemoved:
|
||||
err = app.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return a.view.DeleteApplication(app.ID, event)
|
||||
case es_model.ProjectChanged:
|
||||
apps, err := a.view.ApplicationsByProjectID(event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if len(apps) == 0 {
|
||||
return a.view.ProcessedApplicationSequence(event)
|
||||
}
|
||||
for _, app := range apps {
|
||||
if err := app.AppendEvent(event); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return a.view.PutApplications(apps, event)
|
||||
case es_model.ProjectRemoved:
|
||||
err = a.view.DeleteApplicationsByProjectID(event.AggregateID)
|
||||
if err == nil {
|
||||
return a.view.ProcessedApplicationSequence(event)
|
||||
}
|
||||
default:
|
||||
return a.view.ProcessedApplicationSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return a.view.PutApplication(app, event)
|
||||
}
|
||||
|
||||
func (a *Application) OnError(event *models.Event, spoolerError error) error {
|
||||
logging.LogWithFields("SPOOL-ls9ew", "id", event.AggregateID).WithError(spoolerError).Warn("something went wrong in project app handler")
|
||||
return spooler.HandleError(event, spoolerError, a.view.GetLatestApplicationFailedEvent, a.view.ProcessedApplicationFailedEvent, a.view.ProcessedApplicationSequence, a.errorCountUntilSkip)
|
||||
}
|
||||
|
||||
func (a *Application) OnSuccess() error {
|
||||
return spooler.HandleSuccess(a.view.UpdateApplicationSpoolerRunTimestamp)
|
||||
}
|
||||
|
||||
func (a *Application) getProjectByID(ctx context.Context, projID string) (*proj_model.Project, error) {
|
||||
query, err := proj_view.ProjectByIDQuery(projID, 0)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
esProject := &es_model.Project{
|
||||
ObjectRoot: models.ObjectRoot{
|
||||
AggregateID: projID,
|
||||
},
|
||||
}
|
||||
err = es_sdk.Filter(ctx, a.Eventstore().FilterEvents, esProject.AppendEvents, query)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return nil, err
|
||||
}
|
||||
if esProject.Sequence == 0 {
|
||||
return nil, errors.ThrowNotFound(nil, "EVENT-DBf32", "Errors.Project.NotFound")
|
||||
}
|
||||
|
||||
return es_model.ProjectToModel(esProject), nil
|
||||
}
|
||||
@@ -44,7 +44,6 @@ func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es
|
||||
newKey(
|
||||
handler{view, bulkLimit, configs.cycleDuration("Key"), errorCount, es},
|
||||
keyChan),
|
||||
newApplication(handler{view, bulkLimit, configs.cycleDuration("Application"), errorCount, es}),
|
||||
newUserGrant(
|
||||
handler{view, bulkLimit, configs.cycleDuration("UserGrant"), errorCount, es},
|
||||
systemDefaults.IamID),
|
||||
|
||||
@@ -68,7 +68,7 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, co
|
||||
|
||||
assetsAPI := conf.APIDomain + "/assets/v1/"
|
||||
|
||||
view, err := auth_view.StartView(sqlClient, keyAlgorithm, idGenerator, assetsAPI)
|
||||
view, err := auth_view.StartView(sqlClient, keyAlgorithm, queries, idGenerator, assetsAPI)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -92,6 +92,14 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, co
|
||||
SystemDefaults: systemDefaults,
|
||||
PrefixAvatarURL: assetsAPI,
|
||||
}
|
||||
//TODO: remove as soon as possible
|
||||
queryView := struct {
|
||||
*query.Queries
|
||||
*auth_view.View
|
||||
}{
|
||||
queries,
|
||||
view,
|
||||
}
|
||||
return &EsRepository{
|
||||
spool,
|
||||
es,
|
||||
@@ -111,8 +119,9 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, co
|
||||
IDPProviderViewProvider: view,
|
||||
LockoutPolicyViewProvider: queries,
|
||||
LoginPolicyViewProvider: queries,
|
||||
UserGrantProvider: view,
|
||||
ProjectProvider: view,
|
||||
Query: queries,
|
||||
UserGrantProvider: queryView,
|
||||
ProjectProvider: queryView,
|
||||
IdGenerator: idGenerator,
|
||||
PasswordCheckLifeTime: systemDefaults.VerificationLifetimes.PasswordCheck.Duration,
|
||||
ExternalLoginCheckLifeTime: systemDefaults.VerificationLifetimes.PasswordCheck.Duration,
|
||||
@@ -143,7 +152,7 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, co
|
||||
},
|
||||
eventstore.ApplicationRepo{
|
||||
Commands: command,
|
||||
View: view,
|
||||
Query: queries,
|
||||
},
|
||||
|
||||
eventstore.UserSessionRepo{
|
||||
|
||||
@@ -1,133 +0,0 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"context"
|
||||
"github.com/caos/zitadel/internal/domain"
|
||||
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
proj_model "github.com/caos/zitadel/internal/project/model"
|
||||
"github.com/caos/zitadel/internal/project/repository/view"
|
||||
"github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
)
|
||||
|
||||
const (
|
||||
applicationTable = "auth.applications"
|
||||
)
|
||||
|
||||
func (v *View) ApplicationByID(projectID, appID string) (*model.ApplicationView, error) {
|
||||
return view.ApplicationByID(v.Db, applicationTable, projectID, appID)
|
||||
}
|
||||
|
||||
func (v *View) ApplicationsByProjectID(projectID string) ([]*model.ApplicationView, error) {
|
||||
return view.ApplicationsByProjectID(v.Db, applicationTable, projectID)
|
||||
}
|
||||
|
||||
func (v *View) SearchApplications(request *proj_model.ApplicationSearchRequest) ([]*model.ApplicationView, uint64, error) {
|
||||
return view.SearchApplications(v.Db, applicationTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutApplication(app *model.ApplicationView, event *models.Event) error {
|
||||
err := view.PutApplication(v.Db, applicationTable, app)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedApplicationSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutApplications(apps []*model.ApplicationView, event *models.Event) error {
|
||||
err := view.PutApplications(v.Db, applicationTable, apps...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedApplicationSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteApplication(appID string, event *models.Event) error {
|
||||
err := view.DeleteApplication(v.Db, applicationTable, appID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedApplicationSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteApplicationsByProjectID(projectID string) error {
|
||||
return view.DeleteApplicationsByProjectID(v.Db, applicationTable, projectID)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestApplicationSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(applicationTable)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedApplicationSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(applicationTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateApplicationSpoolerRunTimestamp() error {
|
||||
return v.updateSpoolerRunSequence(applicationTable)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestApplicationFailedEvent(sequence uint64) (*repository.FailedEvent, error) {
|
||||
return v.latestFailedEvent(applicationTable, sequence)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedApplicationFailedEvent(failedEvent *repository.FailedEvent) error {
|
||||
return v.saveFailedEvent(failedEvent)
|
||||
}
|
||||
|
||||
func (v *View) ApplicationByClientID(_ context.Context, clientID string) (*model.ApplicationView, error) {
|
||||
return view.ApplicationByOIDCClientID(v.Db, applicationTable, clientID)
|
||||
}
|
||||
|
||||
func (v *View) AppIDsFromProjectByClientID(ctx context.Context, clientID string) ([]string, error) {
|
||||
app, err := v.ApplicationByClientID(ctx, clientID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
req := &proj_model.ApplicationSearchRequest{
|
||||
Queries: []*proj_model.ApplicationSearchQuery{
|
||||
{
|
||||
Key: proj_model.AppSearchKeyProjectID,
|
||||
Method: domain.SearchMethodEquals,
|
||||
Value: app.ProjectID,
|
||||
},
|
||||
},
|
||||
}
|
||||
apps, _, err := view.SearchApplications(v.Db, applicationTable, req)
|
||||
if err != nil {
|
||||
return nil, errors.ThrowPreconditionFailed(err, "VIEW-Gd24q", "cannot find applications")
|
||||
}
|
||||
ids := make([]string, 0, len(apps))
|
||||
for _, app := range apps {
|
||||
if !app.IsOIDC {
|
||||
continue
|
||||
}
|
||||
ids = append(ids, app.OIDCClientID)
|
||||
}
|
||||
return ids, nil
|
||||
}
|
||||
|
||||
func (v *View) AppIDsFromProjectID(ctx context.Context, projectID string) ([]string, error) {
|
||||
req := &proj_model.ApplicationSearchRequest{
|
||||
Queries: []*proj_model.ApplicationSearchQuery{
|
||||
{
|
||||
Key: proj_model.AppSearchKeyProjectID,
|
||||
Method: domain.SearchMethodEquals,
|
||||
Value: projectID,
|
||||
},
|
||||
},
|
||||
}
|
||||
apps, _, err := view.SearchApplications(v.Db, applicationTable, req)
|
||||
if err != nil {
|
||||
return nil, errors.ThrowPreconditionFailed(err, "VIEW-Gd24q", "cannot find applications")
|
||||
}
|
||||
ids := make([]string, 0, len(apps))
|
||||
for _, app := range apps {
|
||||
if !app.IsOIDC {
|
||||
continue
|
||||
}
|
||||
ids = append(ids, app.OIDCClientID)
|
||||
}
|
||||
return ids, nil
|
||||
}
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
|
||||
"github.com/caos/zitadel/internal/crypto"
|
||||
"github.com/caos/zitadel/internal/id"
|
||||
"github.com/caos/zitadel/internal/query"
|
||||
)
|
||||
|
||||
type View struct {
|
||||
@@ -14,9 +15,10 @@ type View struct {
|
||||
keyAlgorithm crypto.EncryptionAlgorithm
|
||||
idGenerator id.Generator
|
||||
prefixAvatarURL string
|
||||
query *query.Queries
|
||||
}
|
||||
|
||||
func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, idGenerator id.Generator, prefixAvatarURL string) (*View, error) {
|
||||
func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queries *query.Queries, idGenerator id.Generator, prefixAvatarURL string) (*View, error) {
|
||||
gorm, err := gorm.Open("postgres", sqlClient)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -26,6 +28,7 @@ func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, idGen
|
||||
keyAlgorithm: keyAlgorithm,
|
||||
idGenerator: idGenerator,
|
||||
prefixAvatarURL: prefixAvatarURL,
|
||||
query: queries,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user