feat: org and policies commands (#1167)

* add setup steps * refactoring * omitempty * cleanup * begin org * create org * setup org * setup org * merge * fixes * fixes * fixes * add project * add oidc application * fix app creation * add resourceOwner to writemodels * resource owner * cleanup * global org, iam project and iam member in setup * logs * logs * logs * cleanup * Update internal/v2/command/project.go Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * check project state * add org domain commands * add org status changes and member commands * fixes * policies * login policy * fix iam project event * mapper * label policy * change to command * fix * fix * handle change event differently and lot of fixes * fixes * changedEvent handling Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2025-08-12 03:47:33 +00:00 · 2021-01-18 11:24:15 +01:00
parent 959530ddad
commit 3eb909c4b4
88 changed files with 2586 additions and 518 deletions
--- a/internal/api/grpc/admin/iam_member_converter.go
+++ b/internal/api/grpc/admin/iam_member_converter.go
@@ -11,17 +11,11 @@ import (
 )

 func addIamMemberToDomain(member *admin.AddIamMemberRequest) *domain.Member {
-	return &domain.Member{
-		UserID: member.UserId,
-		Roles:  member.Roles,
-	}
+	return domain.NewMember(domain.IAMID, member.UserId, member.Roles...)
 }

 func changeIamMemberToDomain(member *admin.ChangeIamMemberRequest) *domain.Member {
-	return &domain.Member{
-		UserID: member.UserId,
-		Roles:  member.Roles,
-	}
+	return domain.NewMember(domain.IAMID, member.UserId, member.Roles...)
 }

 func iamMemberFromDomain(member *domain.Member) *admin.IamMember {
--- a/internal/api/grpc/admin/idp_config.go
+++ b/internal/api/grpc/admin/idp_config.go
@@ -47,9 +47,8 @@ func (s *Server) ReactivateIdpConfig(ctx context.Context, id *admin.IdpID) (*adm
 	return idpFromDomain(config), nil
 }

-//TODO: Change To V2
 func (s *Server) RemoveIdpConfig(ctx context.Context, id *admin.IdpID) (*empty.Empty, error) {
-	err := s.iam.RemoveIDPConfig(ctx, id.Id)
+	err := s.command.RemoveDefaultIDPConfig(ctx, id.Id)
 	return &empty.Empty{}, err
 }

--- a/internal/api/grpc/admin/login_policy.go
+++ b/internal/api/grpc/admin/login_policy.go
@@ -38,9 +38,8 @@ func (s *Server) AddIdpProviderToDefaultLoginPolicy(ctx context.Context, provide
 	return idpProviderFromDomain(result), nil
 }

-//TODO: Change to v2
 func (s *Server) RemoveIdpProviderFromDefaultLoginPolicy(ctx context.Context, provider *admin.IdpProviderID) (*empty.Empty, error) {
-	err := s.iam.RemoveIDPProviderFromLoginPolicy(ctx, idpProviderToModel(provider))
+	err := s.command.RemoveIDPProviderFromDefaultLoginPolicy(ctx, idpProviderToDomain(provider))
 	return &empty.Empty{}, err
 }

@@ -53,15 +52,15 @@ func (s *Server) GetDefaultLoginPolicySecondFactors(ctx context.Context, _ *empt
 }

 func (s *Server) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, mfa *admin.SecondFactor) (*admin.SecondFactor, error) {
-	result, err := s.command.AddSecondFactorToDefaultLoginPolicy(ctx, secondFactorTypeToModel(mfa))
+	result, err := s.command.AddSecondFactorToDefaultLoginPolicy(ctx, secondFactorTypeToDomain(mfa))
 	if err != nil {
 		return nil, err
 	}
-	return secondFactorFromModel(result), nil
+	return secondFactorFromDomain(result), nil
 }

 func (s *Server) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Context, mfa *admin.SecondFactor) (*empty.Empty, error) {
-	err := s.command.RemoveSecondFactorFromDefaultLoginPolicy(ctx, secondFactorTypeToModel(mfa))
+	err := s.command.RemoveSecondFactorFromDefaultLoginPolicy(ctx, secondFactorTypeToDomain(mfa))
 	return &empty.Empty{}, err
 }

@@ -74,14 +73,14 @@ func (s *Server) GetDefaultLoginPolicyMultiFactors(ctx context.Context, _ *empty
 }

 func (s *Server) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, mfa *admin.MultiFactor) (*admin.MultiFactor, error) {
-	result, err := s.command.AddMultiFactorToDefaultLoginPolicy(ctx, multiFactorTypeToModel(mfa))
+	result, err := s.command.AddMultiFactorToDefaultLoginPolicy(ctx, multiFactorTypeToDomain(mfa))
 	if err != nil {
 		return nil, err
 	}
-	return multiFactorFromModel(result), nil
+	return multiFactorFromDomain(result), nil
 }

 func (s *Server) RemoveMultiFactorFromDefaultLoginPolicy(ctx context.Context, mfa *admin.MultiFactor) (*empty.Empty, error) {
-	err := s.command.RemoveMultiFactorFromDefaultLoginPolicy(ctx, multiFactorTypeToModel(mfa))
+	err := s.command.RemoveMultiFactorFromDefaultLoginPolicy(ctx, multiFactorTypeToDomain(mfa))
 	return &empty.Empty{}, err
 }
--- a/internal/api/grpc/admin/login_policy_converter.go
+++ b/internal/api/grpc/admin/login_policy_converter.go
@@ -128,9 +128,20 @@ func secondFactorsResultFromModel(result *iam_model.SecondFactorsSearchResponse)
 	}
 }

-func secondFactorFromModel(mfaType iam_model.SecondFactorType) *admin.SecondFactor {
+func secondFactorFromDomain(mfaType domain.SecondFactorType) *admin.SecondFactor {
 	return &admin.SecondFactor{
-		SecondFactor: secondFactorTypeFromModel(mfaType),
+		SecondFactor: secondFactorTypeFromDomain(mfaType),
+	}
+}
+
+func secondFactorTypeFromDomain(mfaType domain.SecondFactorType) admin.SecondFactorType {
+	switch mfaType {
+	case domain.SecondFactorTypeOTP:
+		return admin.SecondFactorType_SECONDFACTORTYPE_OTP
+	case domain.SecondFactorTypeU2F:
+		return admin.SecondFactorType_SECONDFACTORTYPE_U2F
+	default:
+		return admin.SecondFactorType_SECONDFACTORTYPE_UNSPECIFIED
 	}
 }

@@ -145,14 +156,14 @@ func secondFactorTypeFromModel(mfaType iam_model.SecondFactorType) admin.SecondF
 	}
 }

-func secondFactorTypeToModel(mfaType *admin.SecondFactor) iam_model.SecondFactorType {
+func secondFactorTypeToDomain(mfaType *admin.SecondFactor) domain.SecondFactorType {
 	switch mfaType.SecondFactor {
 	case admin.SecondFactorType_SECONDFACTORTYPE_OTP:
-		return iam_model.SecondFactorTypeOTP
+		return domain.SecondFactorTypeOTP
 	case admin.SecondFactorType_SECONDFACTORTYPE_U2F:
-		return iam_model.SecondFactorTypeU2F
+		return domain.SecondFactorTypeU2F
 	default:
-		return iam_model.SecondFactorTypeUnspecified
+		return domain.SecondFactorTypeUnspecified
 	}
 }

@@ -184,9 +195,18 @@ func multiFactorResultFromModel(result *iam_model.MultiFactorsSearchResponse) *a
 	}
 }

-func multiFactorFromModel(mfaType iam_model.MultiFactorType) *admin.MultiFactor {
+func multiFactorFromDomain(mfaType domain.MultiFactorType) *admin.MultiFactor {
 	return &admin.MultiFactor{
-		MultiFactor: multiFactorTypeFromModel(mfaType),
+		MultiFactor: multiFactorTypeFromDomain(mfaType),
+	}
+}
+
+func multiFactorTypeFromDomain(mfaType domain.MultiFactorType) admin.MultiFactorType {
+	switch mfaType {
+	case domain.MultiFactorTypeU2FWithPIN:
+		return admin.MultiFactorType_MULTIFACTORTYPE_U2F_WITH_PIN
+	default:
+		return admin.MultiFactorType_MULTIFACTORTYPE_UNSPECIFIED
 	}
 }

@@ -199,11 +219,11 @@ func multiFactorTypeFromModel(mfaType iam_model.MultiFactorType) admin.MultiFact
 	}
 }

-func multiFactorTypeToModel(mfaType *admin.MultiFactor) iam_model.MultiFactorType {
+func multiFactorTypeToDomain(mfaType *admin.MultiFactor) domain.MultiFactorType {
 	switch mfaType.MultiFactor {
 	case admin.MultiFactorType_MULTIFACTORTYPE_U2F_WITH_PIN:
-		return iam_model.MultiFactorTypeU2FWithPIN
+		return domain.MultiFactorTypeU2FWithPIN
 	default:
-		return iam_model.MultiFactorTypeUnspecified
+		return domain.MultiFactorTypeUnspecified
 	}
 }
--- a/internal/api/grpc/admin/org.go
+++ b/internal/api/grpc/admin/org.go
@@ -81,6 +81,6 @@ func (s *Server) UpdateOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyR
 }

 func (s *Server) RemoveOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyID) (_ *empty.Empty, err error) {
-	err = s.org.RemoveOrgIAMPolicy(ctx, in.OrgId)
+	err = s.command.RemoveOrgIAMPolicy(ctx, in.OrgId)
 	return &empty.Empty{}, err
 }