feat: new es testing2 (#1428)

* fix: org tests * fix: org tests * fix: user grant test * fix: user grant test * fix: project and project role test * fix: project grant test * fix: project grant test * fix: project member, grant member, app changed tests * fix: application tests * fix: application tests * fix: add oidc app test * fix: add oidc app test * fix: add api keys test * fix: iam policies * fix: iam and org member tests * fix: idp config tests * fix: iam tests * fix: user tests * fix: user tests * fix: user tests * fix: user tests * fix: user tests * fix: user tests * fix: user tests * fix: user tests * fix: user tests * fix: user tests * fix: org domain test * fix: org tests * fix: org tests * fix: implement org idps * fix: pr requests * fix: email tests * fix: fix idp check * fix: fix user profile
2025-08-11 21:37:32 +00:00 · 2021-03-19 11:12:56 +01:00
parent b01f277e4b
commit 3f345b1ade
102 changed files with 17481 additions and 269 deletions
--- a/internal/domain/factors.go
+++ b/internal/domain/factors.go
@@ -6,6 +6,8 @@ const (
 	SecondFactorTypeUnspecified SecondFactorType = iota
 	SecondFactorTypeOTP
 	SecondFactorTypeU2F
+
+	secondFactorCount
 )

 type MultiFactorType int32
@@ -13,6 +15,8 @@ type MultiFactorType int32
 const (
 	MultiFactorTypeUnspecified MultiFactorType = iota
 	MultiFactorTypeU2FWithPIN
+
+	multiFactorCount
 )

 type FactorState int32
@@ -25,6 +29,14 @@ const (
 	factorStateCount
 )

+func (f SecondFactorType) Valid() bool {
+	return f > 0 && f < secondFactorCount
+}
+
+func (f MultiFactorType) Valid() bool {
+	return f > 0 && f < multiFactorCount
+}
+
 func (f FactorState) Valid() bool {
 	return f >= 0 && f < factorStateCount
 }
--- a/internal/domain/human.go
+++ b/internal/domain/human.go
@@ -18,12 +18,7 @@ type Human struct {
 	*Email
 	*Phone
 	*Address
-	ExternalIDPs       []*ExternalIDP
-	OTP                *OTP
-	U2FTokens          []*WebAuthNToken
-	PasswordlessTokens []*WebAuthNToken
-	U2FLogins          []*WebAuthNLogin
-	PasswordlessLogins []*WebAuthNLogin
+	ExternalIDPs []*ExternalIDP
 }

 func (h Human) GetUsername() string {
@@ -57,7 +52,7 @@ func (f Gender) Valid() bool {
 }

 func (u *Human) IsValid() bool {
-	return u.Profile != nil && u.FirstName != "" && u.LastName != "" && u.Email != nil && u.Email.IsValid() && u.Phone == nil || (u.Phone != nil && u.Phone.PhoneNumber != "" && u.Phone.IsValid())
+	return u.Profile != nil && u.Profile.IsValid() && u.Email != nil && u.Email.IsValid() && u.Phone == nil || (u.Phone != nil && u.Phone.PhoneNumber != "" && u.Phone.IsValid())
 }

 func (u *Human) CheckOrgIAMPolicy(policy *OrgIAMPolicy) error {
--- a/internal/domain/human_email.go
+++ b/internal/domain/human_email.go
@@ -3,9 +3,12 @@ package domain
 import (
 	"github.com/caos/zitadel/internal/crypto"
 	es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
+	"regexp"
 	"time"
 )

+var emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
+
 type Email struct {
 	es_models.ObjectRoot

@@ -21,7 +24,7 @@ type EmailCode struct {
 }

 func (e *Email) IsValid() bool {
-	return e.EmailAddress != ""
+	return e.EmailAddress != "" && emailRegex.MatchString(e.EmailAddress)
 }

 func NewEmailCode(emailGenerator crypto.Generator) (*EmailCode, error) {
--- a/internal/domain/human_email_test.go
+++ b/internal/domain/human_email_test.go
@@ -0,0 +1,74 @@
+package domain
+
+import (
+	"testing"
+)
+
+func TestEmailValid(t *testing.T) {
+	type args struct {
+		email *Email
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result bool
+	}{
+		{
+			name: "empty email, invalid",
+			args: args{
+				email: &Email{},
+			},
+			result: false,
+		},
+		{
+			name: "only letters email, invalid",
+			args: args{
+				email: &Email{EmailAddress: "testemail"},
+			},
+			result: false,
+		},
+		{
+			name: "nothing after @, invalid",
+			args: args{
+				email: &Email{EmailAddress: "testemail@"},
+			},
+			result: false,
+		},
+		{
+			name: "email, valid",
+			args: args{
+				email: &Email{EmailAddress: "testemail@gmail.com"},
+			},
+			result: true,
+		},
+		{
+			name: "email, valid",
+			args: args{
+				email: &Email{EmailAddress: "test.email@gmail.com"},
+			},
+			result: true,
+		},
+		{
+			name: "email, valid",
+			args: args{
+				email: &Email{EmailAddress: "test/email@gmail.com"},
+			},
+			result: true,
+		},
+		{
+			name: "email, valid",
+			args: args{
+				email: &Email{EmailAddress: "test/email@gmail.com"},
+			},
+			result: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := tt.args.email.IsValid()
+			if result != tt.result {
+				t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result, result)
+			}
+		})
+	}
+}
--- a/internal/domain/human_external_idp.go
+++ b/internal/domain/human_external_idp.go
@@ -11,7 +11,7 @@ type ExternalIDP struct {
 }

 func (idp *ExternalIDP) IsValid() bool {
-	return idp.AggregateID != "" && idp.IDPConfigID != "" && idp.ExternalUserID != ""
+	return idp.IDPConfigID != "" && idp.ExternalUserID != ""
 }

 type ExternalIDPState int32
--- a/internal/domain/human_phone.go
+++ b/internal/domain/human_phone.go
@@ -34,7 +34,7 @@ func (p *Phone) IsValid() bool {
 func (p *Phone) formatPhone() error {
 	phoneNr, err := libphonenumber.Parse(p.PhoneNumber, defaultRegion)
 	if err != nil {
-		return caos_errs.ThrowPreconditionFailed(nil, "EVENT-so0wa", "Errors.User.Phone.Invalid")
+		return caos_errs.ThrowInvalidArgument(nil, "EVENT-so0wa", "Errors.User.Phone.Invalid")
 	}
 	p.PhoneNumber = libphonenumber.Format(phoneNr, libphonenumber.E164)
 	return nil
--- a/internal/domain/human_phone_test.go
+++ b/internal/domain/human_phone_test.go
@@ -0,0 +1,107 @@
+package domain
+
+import (
+	"testing"
+
+	caos_errs "github.com/caos/zitadel/internal/errors"
+)
+
+func TestFormatPhoneNumber(t *testing.T) {
+	type args struct {
+		phone *Phone
+	}
+	tests := []struct {
+		name    string
+		args    args
+		result  *Phone
+		errFunc func(err error) bool
+	}{
+		{
+			name: "invalid phone number",
+			args: args{
+				phone: &Phone{
+					PhoneNumber: "PhoneNumber",
+				},
+			},
+			errFunc: caos_errs.IsErrorInvalidArgument,
+		},
+		{
+			name: "format phone 071...",
+			args: args{
+				phone: &Phone{
+					PhoneNumber: "0711234567",
+				},
+			},
+			result: &Phone{
+				PhoneNumber: "+41711234567",
+			},
+		},
+		{
+			name: "format phone 0041...",
+			args: args{
+				phone: &Phone{
+					PhoneNumber: "0041711234567",
+				},
+			},
+			result: &Phone{
+				PhoneNumber: "+41711234567",
+			},
+		},
+		{
+			name: "format phone 071 xxx xx xx",
+			args: args{
+				phone: &Phone{
+					PhoneNumber: "071 123 45 67",
+				},
+			},
+			result: &Phone{
+				PhoneNumber: "+41711234567",
+			},
+		},
+		{
+			name: "format phone +4171 xxx xx xx",
+			args: args{
+				phone: &Phone{
+					PhoneNumber: "+4171 123 45 67",
+				},
+			},
+			result: &Phone{
+				PhoneNumber: "+41711234567",
+			},
+		},
+		{
+			name: "format phone 004171 xxx xx xx",
+			args: args{
+				phone: &Phone{
+					PhoneNumber: "004171 123 45 67",
+				},
+			},
+			result: &Phone{
+				PhoneNumber: "+41711234567",
+			},
+		},
+		{
+			name: "format non swiss phone 004371 xxx xx xx",
+			args: args{
+				phone: &Phone{
+					PhoneNumber: "004371 123 45 67",
+				},
+			},
+			result: &Phone{
+				PhoneNumber: "+43711234567",
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := tt.args.phone.formatPhone()
+
+			if tt.errFunc == nil && tt.result.PhoneNumber != tt.args.phone.PhoneNumber {
+				t.Errorf("got wrong result: expected: %v, actual: %v ", tt.args.phone.PhoneNumber, tt.result.PhoneNumber)
+			}
+			if tt.errFunc != nil && !tt.errFunc(err) {
+				t.Errorf("got wrong err: %v ", err)
+			}
+		})
+	}
+}
--- a/internal/domain/machine.go
+++ b/internal/domain/machine.go
@@ -20,5 +20,5 @@ func (m Machine) GetState() UserState {
 }

 func (sa *Machine) IsValid() bool {
-	return sa.Name != ""
+	return sa.Name != "" && sa.Username != ""
 }
--- a/internal/domain/org_domain.go
+++ b/internal/domain/org_domain.go
@@ -17,7 +17,7 @@ type OrgDomain struct {
 }

 func (domain *OrgDomain) IsValid() bool {
-	return domain.AggregateID != "" && domain.Domain != ""
+	return domain.Domain != ""
 }

 func (domain *OrgDomain) GenerateVerificationCode(codeGenerator crypto.Generator) (string, error) {
--- a/internal/domain/policy.go
+++ b/internal/domain/policy.go
@@ -13,3 +13,7 @@ const (
 func (f PolicyState) Valid() bool {
 	return f >= 0 && f < policyStateCount
 }
+
+func (s PolicyState) Exists() bool {
+	return s != PolicyStateUnspecified && s != PolicyStateRemoved
+}
--- a/internal/domain/policy_login.go
+++ b/internal/domain/policy_login.go
@@ -27,6 +27,10 @@ type IDPProvider struct {
 	IDPState      IDPConfigState
 }

+func (p IDPProvider) IsValid() bool {
+	return p.IDPConfigID != ""
+}
+
 type PasswordlessType int32

 const (
--- a/internal/domain/user.go
+++ b/internal/domain/user.go
@@ -22,3 +22,7 @@ const (
 func (f UserState) Valid() bool {
 	return f >= 0 && f < userStateCount
 }
+
+func (s UserState) Exists() bool {
+	return s != UserStateUnspecified && s != UserStateDeleted
+}