fix: handle UserLoginMustBeDomain changes correctly (#4765)

* fix: handle UserLoginMustBeDomain changes correctly * fix: remove verified domains (and not only primary) as suffix * fix: ensure testability by changing map to slice * cleanup * reduce complexity of DomainPolicyUsernamesWriteModel.Reduce() * add test for removed org policy
2025-08-12 03:37:34 +00:00 · 2022-12-06 09:01:31 +01:00
parent 97fe041a86
commit 3539418a4a
12 changed files with 1042 additions and 332 deletions
--- a/internal/command/user_domain_policy.go
+++ b/internal/command/user_domain_policy.go
@@ -10,40 +10,74 @@ import (

 func domainPolicyWriteModel(ctx context.Context, filter preparation.FilterToQueryReducer) (*PolicyDomainWriteModel, error) {
 	wm, err := orgDomainPolicy(ctx, filter)
-	if err != nil || wm != nil && wm.State.Exists() {
-		return wm, err
+	if err != nil {
+		return nil, err
 	}
-	wm, err = instanceDomainPolicy(ctx, filter)
-	if err != nil || wm != nil {
-		return wm, err
+	if wm != nil && wm.State.Exists() {
+		return &wm.PolicyDomainWriteModel, err
+	}
+	instanceWriteModel, err := instanceDomainPolicy(ctx, filter)
+	if err != nil {
+		return nil, err
+	}
+	if instanceWriteModel != nil && instanceWriteModel.State.Exists() {
+		return &instanceWriteModel.PolicyDomainWriteModel, err
 	}
 	return nil, errors.ThrowInternal(nil, "USER-Ggk9n", "Errors.Internal")
 }

-func orgDomainPolicy(ctx context.Context, filter preparation.FilterToQueryReducer) (*PolicyDomainWriteModel, error) {
+func orgDomainPolicy(ctx context.Context, filter preparation.FilterToQueryReducer) (*OrgDomainPolicyWriteModel, error) {
 	policy := NewOrgDomainPolicyWriteModel(authz.GetCtxData(ctx).OrgID)
 	events, err := filter(ctx, policy.Query())
 	if err != nil {
 		return nil, err
 	}
 	if len(events) == 0 {
-		return nil, nil
+		return policy, nil
 	}
 	policy.AppendEvents(events...)
 	err = policy.Reduce()
-	return &policy.PolicyDomainWriteModel, err
+	return policy, err
 }

-func instanceDomainPolicy(ctx context.Context, filter preparation.FilterToQueryReducer) (*PolicyDomainWriteModel, error) {
+func instanceDomainPolicy(ctx context.Context, filter preparation.FilterToQueryReducer) (*InstanceDomainPolicyWriteModel, error) {
 	policy := NewInstanceDomainPolicyWriteModel(ctx)
 	events, err := filter(ctx, policy.Query())
 	if err != nil {
 		return nil, err
 	}
 	if len(events) == 0 {
-		return nil, nil
+		return policy, nil
 	}
 	policy.AppendEvents(events...)
 	err = policy.Reduce()
-	return &policy.PolicyDomainWriteModel, err
+	return policy, err
+}
+
+func domainPolicyUsernames(ctx context.Context, filter preparation.FilterToQueryReducer, orgID string) (*DomainPolicyUsernamesWriteModel, error) {
+	policy := NewDomainPolicyUsernamesWriteModel(orgID)
+	events, err := filter(ctx, policy.Query())
+	if err != nil {
+		return nil, err
+	}
+	if len(events) == 0 {
+		return policy, nil
+	}
+	policy.AppendEvents(events...)
+	err = policy.Reduce()
+	return policy, err
+}
+
+func domainPolicyOrgs(ctx context.Context, filter preparation.FilterToQueryReducer) (*DomainPolicyOrgsWriteModel, error) {
+	policy := NewDomainPolicyOrgsWriteModel()
+	events, err := filter(ctx, policy.Query())
+	if err != nil {
+		return nil, err
+	}
+	if len(events) == 0 {
+		return policy, nil
+	}
+	policy.AppendEvents(events...)
+	err = policy.Reduce()
+	return policy, err
 }