TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 11:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(import/export): fix for deactivated user/organization beung imported as active

Browse Source
This commit is contained in:
Iraq Jaber
2025-06-02 11:06:46 +02:00
parent 5e87fafadf
commit 384ae8f497
10 changed files with 70 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/api/grpc/admin/export.go
View File

@@ -65,7 +65,7 @@ func (s *Server) ExportData(ctx context.Context, req *admin_pb.ExportDataRequest
/******************************************************************************************************************
Organization
******************************************************************************************************************/
org := &admin_pb.DataOrg{OrgId: queriedOrg.ID, Org: &management_pb.AddOrgRequest{Name: queriedOrg.Name}}
org := &admin_pb.DataOrg{OrgId: queriedOrg.ID, OrgState: int32(queriedOrg.State), Org: &management_pb.AddOrgRequest{Name: queriedOrg.Name}}
orgs[i] = org
}
@@ -567,6 +567,7 @@ func (s *Server) getUsers(ctx context.Context, org string, withPasswords bool, w
case domain.UserTypeHuman:
dataUser := &v1_pb.DataHumanUser{
UserId: user.ID,
State: int32(user.State),
User: &management_pb.ImportHumanUserRequest{
UserName: user.Username,
Profile: &management_pb.ImportHumanUserRequest_Profile{
@@ -620,6 +621,7 @@ func (s *Server) getUsers(ctx context.Context, org string, withPasswords bool, w
case domain.UserTypeMachine:
machineUsers = append(machineUsers, &v1_pb.DataMachineUser{
UserId: user.ID,
State: int32(user.State),
User: &management_pb.AddMachineUserRequest{
UserName: user.Username,
Name: user.Machine.Name,
@@ -647,7 +649,6 @@ func (s *Server) getUsers(ctx context.Context, org string, withPasswords bool, w
ExpirationDate: timestamppb.New(key.Expiration),
PublicKey: key.PublicKey,
})
}
}
@@ -888,7 +889,6 @@ func (s *Server) getNecessaryProjectGrantMembersForOrg(ctx context.Context, org
break
}
}
}
}
}
@@ -940,7 +940,6 @@ func (s *Server) getNecessaryOrgMembersForOrg(ctx context.Context, org string, p
}
func (s *Server) getNecessaryProjectGrantsForOrg(ctx context.Context, org string, processedOrgs []string, processedProjects []string) ([]*v1_pb.DataProjectGrant, error) {
projectGrantSearchOrg, err := query.NewProjectGrantResourceOwnerSearchQuery(org)
if err != nil {
return nil, err
@@ -991,7 +990,7 @@ func (s *Server) getNecessaryUserGrantsForOrg(ctx context.Context, org string, p
for _, userGrant := range queriedUserGrants.UserGrants {
for _, projectID := range processedProjects {
if projectID == userGrant.ProjectID {
//if usergrant is on a granted project
// if usergrant is on a granted project
if userGrant.GrantID != "" {
for _, grantID := range processedGrants {
if grantID == userGrant.GrantID {
@@ -1024,6 +1023,7 @@ func (s *Server) getNecessaryUserGrantsForOrg(ctx context.Context, org string, p
}
return userGrants, nil
}
func (s *Server) getCustomLoginTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomLoginTextsRequest, error) {
customTexts := make([]*management_pb.SetCustomLoginTextsRequest, 0, len(languages))
for _, lang := range languages {

12
internal/api/grpc/admin/import.go
View File

@@ -305,7 +305,8 @@ func importOrg1(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataEr
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
_, err = s.command.AddOrgWithID(ctx, org.GetOrg().GetName(), ctxData.UserID, ctxData.ResourceOwner, org.GetOrgId(), []string{})
setOrgInactive := domain.OrgState(org.OrgState) == domain.OrgStateInactive
_, err = s.command.AddOrgWithID(ctx, org.GetOrg().GetName(), ctxData.UserID, ctxData.ResourceOwner, org.GetOrgId(), setOrgInactive, []string{})
if err != nil {
*errors = append(*errors, &admin_pb.ImportDataError{Type: "org", Id: org.GetOrgId(), Message: err.Error()})
if _, err := s.query.OrgByID(ctx, true, org.OrgId); err != nil {
@@ -474,7 +475,8 @@ func importHumanUsers(ctx context.Context, s *Server, errors *[]*admin_pb.Import
logging.Debugf("import user: %s", user.GetUserId())
human, passwordless, links := management.ImportHumanUserRequestToDomain(user.User)
human.AggregateID = user.UserId
_, _, err := s.command.ImportHuman(ctx, org.GetOrgId(), human, passwordless, links, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode)
setHumanToInactive := domain.UserState(user.State) == domain.UserStateInactive
_, _, err := s.command.ImportHuman(ctx, org.GetOrgId(), human, passwordless, setHumanToInactive, links, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode)
if err != nil {
*errors = append(*errors, &admin_pb.ImportDataError{Type: "human_user", Id: user.GetUserId(), Message: err.Error()})
if isCtxTimeout(ctx) {
@@ -510,7 +512,8 @@ func importMachineUsers(ctx context.Context, s *Server, errors *[]*admin_pb.Impo
}
for _, user := range org.GetMachineUsers() {
logging.Debugf("import user: %s", user.GetUserId())
_, err := s.command.AddMachine(ctx, management.AddMachineUserRequestToCommand(user.GetUser(), org.GetOrgId()))
setMachineUserInactive := domain.UserState(user.State) == domain.UserStateInactive
_, err := s.command.AddMachine(ctx, management.AddMachineUserRequestToCommand(user.GetUser(), org.GetOrgId()), setMachineUserInactive)
if err != nil {
*errors = append(*errors, &admin_pb.ImportDataError{Type: "machine_user", Id: user.GetUserId(), Message: err.Error()})
if isCtxTimeout(ctx) {
@@ -609,7 +612,6 @@ func importUserLinks(ctx context.Context, s *Server, errors *[]*admin_pb.ImportD
successOrg.UserLinks = append(successOrg.UserLinks, &admin_pb.ImportDataSuccessUserLinks{UserId: userLinks.GetUserId(), IdpId: userLinks.GetIdpId(), ExternalUserId: userLinks.GetProvidedUserId(), DisplayName: userLinks.GetProvidedUserName()})
}
return nil
}
func importProjects(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) {
@@ -750,6 +752,7 @@ func importActions(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDat
}
return nil
}
func importProjectRoles(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
@@ -805,6 +808,7 @@ func importResources(ctx context.Context, s *Server, errors *[]*admin_pb.ImportD
importDomainClaimedMessageTexts(ctx, s, errors, org)
importPasswordlessRegistrationMessageTexts(ctx, s, errors, org)
importInviteUserMessageTexts(ctx, s, errors, org)
if err := importHumanUsers(ctx, s, errors, successOrg, org, count, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode); err != nil {
return err
}

8
internal/api/grpc/management/user.go
View File

@@ -273,7 +273,7 @@ func (s *Server) ImportHumanUser(ctx context.Context, req *mgmt_pb.ImportHumanUs
if err != nil {
return nil, err
}
addedHuman, code, err := s.command.ImportHuman(ctx, authz.GetCtxData(ctx).OrgID, human, passwordless, links, initCodeGenerator, phoneCodeGenerator, emailCodeGenerator, passwordlessInitCode)
addedHuman, code, err := s.command.ImportHuman(ctx, authz.GetCtxData(ctx).OrgID, human, passwordless, false, links, initCodeGenerator, phoneCodeGenerator, emailCodeGenerator, passwordlessInitCode)
if err != nil {
return nil, err
}
@@ -297,7 +297,7 @@ func (s *Server) ImportHumanUser(ctx context.Context, req *mgmt_pb.ImportHumanUs
func (s *Server) AddMachineUser(ctx context.Context, req *mgmt_pb.AddMachineUserRequest) (*mgmt_pb.AddMachineUserResponse, error) {
machine := AddMachineUserRequestToCommand(req, authz.GetCtxData(ctx).OrgID)
objectDetails, err := s.command.AddMachine(ctx, machine)
objectDetails, err := s.command.AddMachine(ctx, machine, false)
if err != nil {
return nil, err
}
@@ -901,6 +901,7 @@ func (s *Server) ListHumanLinkedIDPs(ctx context.Context, req *mgmt_pb.ListHuman
Details: obj_grpc.ToListDetails(res.Count, res.Sequence, res.LastRun),
}, nil
}
func (s *Server) RemoveHumanLinkedIDP(ctx context.Context, req *mgmt_pb.RemoveHumanLinkedIDPRequest) (*mgmt_pb.RemoveHumanLinkedIDPResponse, error) {
objectDetails, err := s.command.RemoveUserIDPLink(ctx, RemoveHumanLinkedIDPRequestToDomain(ctx, req))
if err != nil {
@@ -947,18 +948,21 @@ func cascadingIAMMembership(membership *query.IAMMembership) *command.CascadingI
}
return &command.CascadingIAMMembership{IAMID: membership.IAMID}
}
func cascadingOrgMembership(membership *query.OrgMembership) *command.CascadingOrgMembership {
if membership == nil {
return nil
}
return &command.CascadingOrgMembership{OrgID: membership.OrgID}
}
func cascadingProjectMembership(membership *query.ProjectMembership) *command.CascadingProjectMembership {
if membership == nil {
return nil
}
return &command.CascadingProjectMembership{ProjectID: membership.ProjectID}
}
func cascadingProjectGrantMembership(membership *query.ProjectGrantMembership) *command.CascadingProjectGrantMembership {
if membership == nil {
return nil

13
internal/command/org.go
View File

@@ -300,7 +300,7 @@ func (c *Commands) checkOrgExists(ctx context.Context, orgID string) error {
return nil
}
func (c *Commands) AddOrgWithID(ctx context.Context, name, userID, resourceOwner, orgID string, claimedUserIDs []string) (_ *domain.Org, err error) {
func (c *Commands) AddOrgWithID(ctx context.Context, name, userID, resourceOwner, orgID string, setOrgInactive bool, claimedUserIDs []string) (_ *domain.Org, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
@@ -312,7 +312,7 @@ func (c *Commands) AddOrgWithID(ctx context.Context, name, userID, resourceOwner
return nil, zerrors.ThrowNotFound(nil, "ORG-lapo2m", "Errors.Org.AlreadyExisting")
}
return c.addOrgWithIDAndMember(ctx, name, userID, resourceOwner, orgID, claimedUserIDs)
return c.addOrgWithIDAndMember(ctx, name, userID, resourceOwner, orgID, setOrgInactive, claimedUserIDs)
}
func (c *Commands) AddOrg(ctx context.Context, name, userID, resourceOwner string, claimedUserIDs []string) (*domain.Org, error) {
@@ -325,10 +325,10 @@ func (c *Commands) AddOrg(ctx context.Context, name, userID, resourceOwner strin
return nil, zerrors.ThrowInternal(err, "COMMA-OwciI", "Errors.Internal")
}
return c.addOrgWithIDAndMember(ctx, name, userID, resourceOwner, orgID, claimedUserIDs)
return c.addOrgWithIDAndMember(ctx, name, userID, resourceOwner, orgID, false, claimedUserIDs)
}
func (c *Commands) addOrgWithIDAndMember(ctx context.Context, name, userID, resourceOwner, orgID string, claimedUserIDs []string) (_ *domain.Org, err error) {
func (c *Commands) addOrgWithIDAndMember(ctx context.Context, name, userID, resourceOwner, orgID string, setOrgInactive bool, claimedUserIDs []string) (_ *domain.Org, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
@@ -346,10 +346,15 @@ func (c *Commands) addOrgWithIDAndMember(ctx context.Context, name, userID, reso
return nil, err
}
events = append(events, orgMemberEvent)
if setOrgInactive {
deactivateOrgEvent := org.NewOrgDeactivatedEvent(ctx, orgAgg)
events = append(events, deactivateOrgEvent)
}
pushedEvents, err := c.eventstore.Push(ctx, events...)
if err != nil {
return nil, err
}
err = AppendAndReduce(addedOrg, pushedEvents...)
if err != nil {
return nil, err

46
internal/command/user_human.go
View File

@@ -428,7 +428,7 @@ func (h *AddHuman) shouldAddInitCode() bool {
}
// Deprecated: use commands.AddUserHuman
func (c *Commands) ImportHuman(ctx context.Context, orgID string, human *domain.Human, passwordless bool, links []*domain.UserIDPLink, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator crypto.Generator) (_ *domain.Human, passwordlessCode *domain.PasswordlessInitCode, err error) {
func (c *Commands) ImportHuman(ctx context.Context, orgID string, human *domain.Human, passwordless bool, setHumanToInactive bool, links []*domain.UserIDPLink, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator crypto.Generator) (_ *domain.Human, passwordlessCode *domain.PasswordlessInitCode, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
@@ -455,10 +455,14 @@ func (c *Commands) ImportHuman(ctx context.Context, orgID string, human *domain.
}
}
events, addedHuman, addedCode, code, err := c.importHuman(ctx, orgID, human, passwordless, links, domainPolicy, pwPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator)
events, userAgg, addedHuman, addedCode, code, err := c.importHuman(ctx, orgID, human, passwordless, links, domainPolicy, pwPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator)
if err != nil {
return nil, nil, err
}
if setHumanToInactive {
deactivateUserEvent := user.NewUserDeactivatedEvent(ctx, userAgg)
events = append(events, deactivateUserEvent)
}
pushedEvents, err := c.eventstore.Push(ctx, events...)
if err != nil {
return nil, nil, err
@@ -479,48 +483,48 @@ func (c *Commands) ImportHuman(ctx context.Context, orgID string, human *domain.
return writeModelToHuman(addedHuman), passwordlessCode, nil
}
func (c *Commands) importHuman(ctx context.Context, orgID string, human *domain.Human, passwordless bool, links []*domain.UserIDPLink, domainPolicy *domain.DomainPolicy, pwPolicy *domain.PasswordComplexityPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator crypto.Generator) (events []eventstore.Command, humanWriteModel *HumanWriteModel, passwordlessCodeWriteModel *HumanPasswordlessInitCodeWriteModel, code string, err error) {
func (c *Commands) importHuman(ctx context.Context, orgID string, human *domain.Human, passwordless bool, links []*domain.UserIDPLink, domainPolicy *domain.DomainPolicy, pwPolicy *domain.PasswordComplexityPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator crypto.Generator) (events []eventstore.Command, userAgg *eventstore.Aggregate, humanWriteModel *HumanWriteModel, passwordlessCodeWriteModel *HumanPasswordlessInitCodeWriteModel, code string, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
if orgID == "" {
return nil, nil, nil, "", zerrors.ThrowInvalidArgument(nil, "COMMAND-00p2b", "Errors.Org.Empty")
return nil, nil, nil, nil, "", zerrors.ThrowInvalidArgument(nil, "COMMAND-00p2b", "Errors.Org.Empty")
}
if err = human.Normalize(); err != nil {
return nil, nil, nil, "", err
return nil, nil, nil, nil, "", err
}
events, humanWriteModel, err = c.createHuman(ctx, orgID, human, links, passwordless, domainPolicy, pwPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator)
events, userAgg, humanWriteModel, err = c.createHuman(ctx, orgID, human, links, passwordless, domainPolicy, pwPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator)
if err != nil {
return nil, nil, nil, "", err
return nil, nil, nil, nil, "", err
}
if passwordless {
var codeEvent eventstore.Command
codeEvent, passwordlessCodeWriteModel, code, err = c.humanAddPasswordlessInitCode(ctx, human.AggregateID, orgID, true, passwordlessCodeGenerator)
if err != nil {
return nil, nil, nil, "", err
return nil, nil, nil, nil, "", err
}
events = append(events, codeEvent)
}
return events, humanWriteModel, passwordlessCodeWriteModel, code, nil
return events, userAgg, humanWriteModel, passwordlessCodeWriteModel, code, nil
}
func (c *Commands) createHuman(ctx context.Context, orgID string, human *domain.Human, links []*domain.UserIDPLink, passwordless bool, domainPolicy *domain.DomainPolicy, pwPolicy *domain.PasswordComplexityPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator crypto.Generator) (events []eventstore.Command, addedHuman *HumanWriteModel, err error) {
func (c *Commands) createHuman(ctx context.Context, orgID string, human *domain.Human, links []*domain.UserIDPLink, passwordless bool, domainPolicy *domain.DomainPolicy, pwPolicy *domain.PasswordComplexityPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator crypto.Generator) (events []eventstore.Command, userAgg *eventstore.Aggregate, addedHuman *HumanWriteModel, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
if err = human.CheckDomainPolicy(domainPolicy); err != nil {
return nil, nil, err
return nil, nil, nil, err
}
human.Username = strings.TrimSpace(human.Username)
human.EmailAddress = human.EmailAddress.Normalize()
if err = c.userValidateDomain(ctx, orgID, human.Username, domainPolicy.UserLoginMustBeDomain); err != nil {
return nil, nil, err
return nil, nil, nil, err
}
if human.AggregateID == "" {
userID, err := c.idGenerator.Next()
if err != nil {
return nil, nil, err
return nil, nil, nil, err
}
human.AggregateID = userID
}
@@ -528,20 +532,20 @@ func (c *Commands) createHuman(ctx context.Context, orgID string, human *domain.
human.EnsureDisplayName()
if human.Password != nil {
if err := human.HashPasswordIfExisting(ctx, pwPolicy, c.userPasswordHasher, human.Password.ChangeRequired); err != nil {
return nil, nil, err
return nil, nil, nil, err
}
}
addedHuman = NewHumanWriteModel(human.AggregateID, orgID)
//TODO: adlerhurst maybe we could simplify the code below
userAgg := UserAggregateFromWriteModel(&addedHuman.WriteModel)
// TODO: adlerhurst maybe we could simplify the code below
userAgg = UserAggregateFromWriteModel(&addedHuman.WriteModel)
events = append(events, createAddHumanEvent(ctx, userAgg, human, domainPolicy.UserLoginMustBeDomain))
for _, link := range links {
event, err := c.addUserIDPLink(ctx, userAgg, link, false)
if err != nil {
return nil, nil, err
return nil, nil, nil, err
}
events = append(events, event)
}
@@ -549,7 +553,7 @@ func (c *Commands) createHuman(ctx context.Context, orgID string, human *domain.
if human.IsInitialState(passwordless, len(links) > 0) {
initCode, err := domain.NewInitUserCode(initCodeGenerator)
if err != nil {
return nil, nil, err
return nil, nil, nil, err
}
events = append(events, user.NewHumanInitialCodeAddedEvent(ctx, userAgg, initCode.Code, initCode.Expiry, ""))
} else {
@@ -558,7 +562,7 @@ func (c *Commands) createHuman(ctx context.Context, orgID string, human *domain.
} else {
emailCode, _, err := domain.NewEmailCode(emailCodeGenerator)
if err != nil {
return nil, nil, err
return nil, nil, nil, err
}
events = append(events, user.NewHumanEmailCodeAddedEvent(ctx, userAgg, emailCode.Code, emailCode.Expiry, ""))
}
@@ -567,14 +571,14 @@ func (c *Commands) createHuman(ctx context.Context, orgID string, human *domain.
if human.Phone != nil && human.PhoneNumber != "" && !human.IsPhoneVerified {
phoneCode, generatorID, err := c.newPhoneCode(ctx, c.eventstore.Filter, domain.SecretGeneratorTypeVerifyPhoneCode, c.userEncryption, c.defaultSecretGenerators.PhoneVerificationCode) //nolint:staticcheck
if err != nil {
return nil, nil, err
return nil, nil, nil, err
}
events = append(events, user.NewHumanPhoneCodeAddedEvent(ctx, userAgg, phoneCode.CryptedCode(), phoneCode.CodeExpiry(), generatorID))
} else if human.Phone != nil && human.PhoneNumber != "" && human.IsPhoneVerified {
events = append(events, user.NewHumanPhoneVerifiedEvent(ctx, userAgg))
}
return events, addedHuman, nil
return events, userAgg, addedHuman, nil
}
func (c *Commands) HumanSkipMFAInit(ctx context.Context, userID, resourceowner string) (err error) {

8
internal/command/user_human_test.go
View File

@@ -1200,7 +1200,8 @@ func TestCommandSide_AddHuman(t *testing.T) {
},
wantID: "user1",
},
}, {
},
{
name: "add human (with return code), ok",
fields: fields{
eventstore: expectEventstore(
@@ -1584,7 +1585,8 @@ func TestCommandSide_ImportHuman(t *testing.T) {
res: res{
err: zerrors.IsErrorInvalidArgument,
},
}, {
},
{
name: "add human (with password and initial code), ok",
given: func(t *testing.T) (fields, args) {
return fields{
@@ -2996,7 +2998,7 @@ func TestCommandSide_ImportHuman(t *testing.T) {
newEncryptedCodeWithDefault: f.newEncryptedCodeWithDefault,
defaultSecretGenerators: f.defaultSecretGenerators,
}
gotHuman, gotCode, err := r.ImportHuman(a.ctx, a.orgID, a.human, a.passwordless, a.links, a.secretGenerator, a.secretGenerator, a.secretGenerator, a.secretGenerator)
gotHuman, gotCode, err := r.ImportHuman(a.ctx, a.orgID, a.human, a.passwordless, false, a.links, a.secretGenerator, a.secretGenerator, a.secretGenerator, a.secretGenerator)
if tt.res.err == nil {
assert.NoError(t, err)
}

11
internal/command/user_machine.go
View File

@@ -67,7 +67,7 @@ func AddMachineCommand(a *user.Aggregate, machine *Machine) preparation.Validati
}
}
func (c *Commands) AddMachine(ctx context.Context, machine *Machine) (_ *domain.ObjectDetails, err error) {
func (c *Commands) AddMachine(ctx context.Context, machine *Machine, setMachineUserInactive bool) (_ *domain.ObjectDetails, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
@@ -79,12 +79,17 @@ func (c *Commands) AddMachine(ctx context.Context, machine *Machine) (_ *domain.
machine.AggregateID = userID
}
agg := user.NewAggregate(machine.AggregateID, machine.ResourceOwner)
cmds, err := preparation.PrepareCommands(ctx, c.eventstore.Filter, AddMachineCommand(agg, machine))
userAgg := user.NewAggregate(machine.AggregateID, machine.ResourceOwner)
cmds, err := preparation.PrepareCommands(ctx, c.eventstore.Filter, AddMachineCommand(userAgg, machine))
if err != nil {
return nil, err
}
if setMachineUserInactive {
deactivateUserEvent := user.NewUserDeactivatedEvent(ctx, &userAgg.Aggregate)
cmds = append(cmds, deactivateUserEvent)
}
events, err := c.eventstore.Push(ctx, cmds...)
if err != nil {
return nil, err

2
internal/command/user_machine_test.go
View File

@@ -201,7 +201,7 @@ func TestCommandSide_AddMachine(t *testing.T) {
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
}
got, err := r.AddMachine(tt.args.ctx, tt.args.machine)
got, err := r.AddMachine(tt.args.ctx, tt.args.machine, false)
if tt.res.err == nil {
assert.NoError(t, err)
}

1
proto/zitadel/admin.proto
View File

@@ -9007,6 +9007,7 @@ message DataOrg {
repeated zitadel.management.v1.SetCustomVerifySMSOTPMessageTextRequest verify_sms_otp_messages = 37;
repeated zitadel.management.v1.SetCustomVerifyEmailOTPMessageTextRequest verify_email_otp_messages = 38;
repeated zitadel.management.v1.SetCustomInviteUserMessageTextRequest invite_user_messages = 39;
int32 org_state = 40;
}
message ImportDataResponse{

2
proto/zitadel/v1.proto
View File

@@ -172,10 +172,12 @@ message DataOIDCApplication {
message DataHumanUser {
string user_id = 1;
zitadel.management.v1.ImportHumanUserRequest user = 2;
int32 state = 3;
}
message DataMachineUser {
string user_id = 1;
zitadel.management.v1.AddMachineUserRequest user = 2;
int32 state = 3;
}
message DataAction {
string action_id = 1;