feat: user commands (#75)

* feat: eventstore repository * fix: remove gorm * version * feat: pkg * feat: add some files for project * feat: eventstore without eventstore-lib * rename files * gnueg * fix: key json * fix: add object * fix: change imports * fix: internal models * fix: some imports * fix: global model * feat: add global view functions * fix: add some functions on repo * feat(eventstore): sdk * fix(eventstore): search query * fix(eventstore): rename app to eventstore * delete empty test * remove unused func * merge master * fix(eventstore): tests * fix(models): delete unused struct * fix: some funcitons * feat(eventstore): implemented push events * fix: move project eventstore to project package * fix: change project eventstore funcs * feat(eventstore): overwrite context data * fix: change project eventstore * fix: add project repo to mgmt server * feat(types): SQL-config * fix: commented code * feat(eventstore): options to overwrite editor * feat: auth interceptor and cockroach migrations * fix: migrations * fix: fix filter * fix: not found on getbyid * fix: use global sql config * fix: add sequence * fix: add some tests * fix(eventstore): nullable sequence * fix: add some tests * merge * fix: add some tests * fix(migrations): correct statements for sequence * fix: add some tests * fix: add some tests * fix: changes from mr * fix: changes from mr * fix: add some tests * Update internal/eventstore/models/field.go Co-Authored-By: livio-a <livio.a@gmail.com> * fix(eventstore): code quality * fix: add types to aggregate/Event-types * fix: try tests * fix(eventstore): rename modifier* to editor* * fix(eventstore): delete editor_org * fix(migrations): remove editor_org field, rename modifier_* to editor_* * fix: query tests * fix: use prepare funcs * fix: go mod * fix: generate files * fix(eventstore): tests * fix(eventstore): rename modifier to editor * fix(migrations): add cluster migration, fix(migrations): fix typo of host in clean clsuter * fix(eventstore): move health * fix(eventstore): AggregateTypeFilter aggregateType as param * code quality * fix: go tests * feat: add member funcs * feat: add member model * feat: add member events * feat: add member repo model * fix: better error func testing * fix: project member funcs * fix: add tests * fix: add tests * feat: implement member requests * fix: merge master * fix: merge master * fix: read existing in project repo * fix: fix tests * feat: add internal cache * feat: add cache mock * fix: return values of cache mock * feat: add project role * fix: add cache config * fix: add role to eventstore * fix: use eventstore sdk * fix: use eventstore sdk * fix: add project role grpc requests * fix: fix getby id * fix: changes for mr * fix: change value to interface * feat: add app event creations * fix: searchmethods * Update internal/project/model/project_member.go Co-Authored-By: Silvan <silvan.reusser@gmail.com> * fix: use get project func * fix: append events * fix: check if value is string on equal ignore case * fix: add changes test * fix: add go mod * fix: add some tests * fix: return err not nil * fix: return err not nil * fix: add aggregate funcs and tests * fix: add oidc aggregate funcs and tests * fix: add oidc * fix: add some tests * fix: tests * fix: oidc validation * fix: generate client secret * fix: generate client id * fix: test change app * fix: deactivate/reactivate application * fix: change oidc config * fix: change oidc config secret * fix: implement grpc app funcs * fix: add application requests * fix: converter * fix: converter * fix: converter and generate clientid * fix: tests * feat: project grant aggregate * feat: project grant * fix: project grant check if role existing * fix: project grant requests * fix: project grant fixes * fix: project grant member model * fix: project grant member aggregate * fix: project grant member eventstore * fix: project grant member requests * feat: user model * feat: user command side * user command side * profile requests * local config with gopass and more * Update internal/user/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/address.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/address.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/email.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/email.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/email.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/mfa.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/mfa.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/password.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/password.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/password.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/phone.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/phone.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/phone.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/usergrant/repository/eventsourcing/model/user_grant.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/usergrant/repository/eventsourcing/model/user_grant.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/usergrant/repository/eventsourcing/user_grant.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/user_test.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/eventstore_mock_test.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * changes from mr review * save files into basedir * changes from mr review * changes from mr review * Update internal/usergrant/repository/eventsourcing/cache.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/usergrant/repository/eventsourcing/cache.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * changes requested on mr * fix generate codes * fix return if no events * password code * Update internal/user/repository/eventsourcing/model/password.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * requests of mr * check email Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: livio-a <livio.a@gmail.com>
2025-08-12 04:17:32 +00:00 · 2020-05-11 10:16:27 +02:00
parent 380e4d0643
commit 49d86fdabb
71 changed files with 12791 additions and 2916 deletions
--- a/internal/user/model/address.go
+++ b/internal/user/model/address.go
@@ -0,0 +1,13 @@
+package model
+
+import es_models "github.com/caos/zitadel/internal/eventstore/models"
+
+type Address struct {
+	es_models.ObjectRoot
+
+	Country       string
+	Locality      string
+	PostalCode    string
+	Region        string
+	StreetAddress string
+}
--- a/internal/user/model/email.go
+++ b/internal/user/model/email.go
@@ -0,0 +1,44 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/crypto"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"time"
+)
+
+type Email struct {
+	es_models.ObjectRoot
+
+	EmailAddress    string
+	IsEmailVerified bool
+}
+
+type EmailCode struct {
+	es_models.ObjectRoot
+
+	Code   *crypto.CryptoValue
+	Expiry time.Duration
+}
+
+func (e *Email) IsValid() bool {
+	return e.EmailAddress != ""
+}
+
+func (e *Email) GenerateEmailCodeIfNeeded(emailGenerator crypto.Generator) (*EmailCode, error) {
+	var emailCode *EmailCode
+	if e.IsEmailVerified {
+		return emailCode, nil
+	}
+	emailCode = new(EmailCode)
+	return emailCode, emailCode.GenerateEmailCode(emailGenerator)
+}
+
+func (code *EmailCode) GenerateEmailCode(emailGenerator crypto.Generator) error {
+	emailCodeCrypto, _, err := crypto.NewCode(emailGenerator)
+	if err != nil {
+		return err
+	}
+	code.Code = emailCodeCrypto
+	code.Expiry = emailGenerator.Expiry()
+	return nil
+}
--- a/internal/user/model/mfa.go
+++ b/internal/user/model/mfa.go
@@ -0,0 +1,23 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/crypto"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+)
+
+type OTP struct {
+	es_models.ObjectRoot
+
+	Secret       *crypto.CryptoValue
+	SecretString string
+	Url          string
+	State        MfaState
+}
+
+type MfaState int32
+
+const (
+	MFASTATE_UNSPECIFIED MfaState = iota
+	MFASTATE_NOTREADY
+	MFASTATE_READY
+)
--- a/internal/user/model/password.go
+++ b/internal/user/model/password.go
@@ -0,0 +1,47 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/crypto"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"time"
+)
+
+type Password struct {
+	es_models.ObjectRoot
+
+	SecretString   string
+	SecretCrypto   *crypto.CryptoValue
+	ChangeRequired bool
+}
+
+type PasswordCode struct {
+	es_models.ObjectRoot
+
+	Code             *crypto.CryptoValue
+	Expiry           time.Duration
+	NotificationType NotificationType
+}
+
+type NotificationType int32
+
+const (
+	NOTIFICATIONTYPE_EMAIL NotificationType = iota
+	NOTIFICATIONTYPE_SMS
+)
+
+func (p *Password) IsValid() bool {
+	return p.AggregateID != "" && p.SecretString != ""
+}
+
+func (p *Password) HashPasswordIfExisting(passwordAlg crypto.HashAlgorithm, onetime bool) error {
+	if p.SecretString == "" {
+		return nil
+	}
+	secret, err := crypto.Hash([]byte(p.SecretString), passwordAlg)
+	if err != nil {
+		return err
+	}
+	p.SecretCrypto = secret
+	p.ChangeRequired = onetime
+	return nil
+}
--- a/internal/user/model/phone.go
+++ b/internal/user/model/phone.go
@@ -0,0 +1,67 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/crypto"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"time"
+)
+
+type Phone struct {
+	es_models.ObjectRoot
+
+	PhoneNumber     string
+	IsPhoneVerified bool
+}
+
+type PhoneCode struct {
+	es_models.ObjectRoot
+
+	Code   *crypto.CryptoValue
+	Expiry time.Duration
+}
+
+func (p *Phone) IsValid() bool {
+	return p.PhoneNumber != ""
+}
+
+func (u *User) appendUserPhoneChangedEvent(event *es_models.Event) error {
+	u.Phone = new(Phone)
+	u.Phone.setData(event)
+	u.IsPhoneVerified = false
+	return nil
+}
+
+func (u *User) appendUserPhoneVerifiedEvent() error {
+	u.IsPhoneVerified = true
+	return nil
+}
+
+func (p *Phone) setData(event *es_models.Event) error {
+	p.ObjectRoot.AppendEvent(event)
+	if err := json.Unmarshal(event.Data, p); err != nil {
+		logging.Log("EVEN-dlo9s").WithError(err).Error("could not unmarshal event data")
+		return err
+	}
+	return nil
+}
+
+func (p *Phone) GeneratePhoneCodeIfNeeded(phoneGenerator crypto.Generator) (*PhoneCode, error) {
+	var phoneCode *PhoneCode
+	if p.IsPhoneVerified {
+		return phoneCode, nil
+	}
+	phoneCode = new(PhoneCode)
+	return phoneCode, phoneCode.GeneratePhoneCode(phoneGenerator)
+}
+
+func (code *PhoneCode) GeneratePhoneCode(phoneGenerator crypto.Generator) error {
+	phoneCodeCrypto, _, err := crypto.NewCode(phoneGenerator)
+	if err != nil {
+		return err
+	}
+	code.Code = phoneCodeCrypto
+	code.Expiry = phoneGenerator.Expiry()
+	return nil
+}
--- a/internal/user/model/profile.go
+++ b/internal/user/model/profile.go
@@ -0,0 +1,22 @@
+package model
+
+import (
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"golang.org/x/text/language"
+)
+
+type Profile struct {
+	es_models.ObjectRoot
+
+	UserName          string
+	FirstName         string
+	LastName          string
+	NickName          string
+	DisplayName       string
+	PreferredLanguage language.Tag
+	Gender            Gender
+}
+
+func (p *Profile) IsValid() bool {
+	return p.FirstName != "" && p.LastName != ""
+}
--- a/internal/user/model/user.go
+++ b/internal/user/model/user.go
@@ -0,0 +1,126 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/crypto"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"time"
+)
+
+type User struct {
+	es_models.ObjectRoot
+
+	State UserState
+	*Password
+	*Profile
+	*Email
+	*Phone
+	*Address
+	InitCode     *InitUserCode
+	EmailCode    *EmailCode
+	PhoneCode    *PhoneCode
+	PasswordCode *PasswordCode
+	OTP          *OTP
+}
+
+type InitUserCode struct {
+	es_models.ObjectRoot
+
+	Code   *crypto.CryptoValue
+	Expiry time.Duration
+}
+
+type UserState int32
+
+const (
+	USERSTATE_UNSPECIFIED UserState = iota
+	USERSTATE_ACTIVE
+	USERSTATE_INACTIVE
+	USERSTATE_DELETED
+	USERSTATE_LOCKED
+	USERSTATE_SUSPEND
+	USERSTATE_INITIAL
+)
+
+type Gender int32
+
+const (
+	GENDER_UNDEFINED Gender = iota
+	GENDER_FEMALE
+	GENDER_MALE
+	GENDER_DIVERSE
+)
+
+func (u *User) SetEmailAsUsername() {
+	if u.Profile != nil && u.UserName == "" && u.Email != nil {
+		u.UserName = u.EmailAddress
+	}
+}
+
+func (u *User) IsValid() bool {
+	return u.Profile != nil && u.FirstName != "" && u.LastName != "" && u.UserName != "" && u.Email != nil && u.EmailAddress != ""
+}
+
+func (u *User) IsInitialState() bool {
+	return u.Email == nil || !u.IsEmailVerified || u.Password == nil || u.SecretString == ""
+}
+
+func (u *User) IsActive() bool {
+	return u.State == USERSTATE_ACTIVE
+}
+
+func (u *User) IsInitial() bool {
+	return u.State == USERSTATE_INITIAL
+}
+
+func (u *User) IsInactive() bool {
+	return u.State == USERSTATE_INACTIVE
+}
+
+func (u *User) IsLocked() bool {
+	return u.State == USERSTATE_LOCKED
+}
+
+func (u *User) IsOTPReady() bool {
+	return u.OTP != nil && u.OTP.State == MFASTATE_READY
+}
+
+func (u *User) HashPasswordIfExisting(passwordAlg crypto.HashAlgorithm, onetime bool) error {
+	if u.Password != nil {
+		return u.Password.HashPasswordIfExisting(passwordAlg, onetime)
+	}
+	return nil
+}
+
+func (u *User) GenerateInitCodeIfNeeded(initGenerator crypto.Generator) error {
+	u.InitCode = new(InitUserCode)
+	if !u.IsInitialState() {
+		return nil
+	}
+	return u.InitCode.GenerateInitUserCode(initGenerator)
+}
+
+func (u *User) GeneratePhoneCodeIfNeeded(phoneGenerator crypto.Generator) error {
+	u.PhoneCode = new(PhoneCode)
+	if u.Phone == nil || u.IsPhoneVerified {
+		return nil
+	}
+	return u.PhoneCode.GeneratePhoneCode(phoneGenerator)
+}
+
+func (u *User) GenerateEmailCodeIfNeeded(emailGenerator crypto.Generator) error {
+	u.EmailCode = new(EmailCode)
+	if u.Email == nil || u.IsEmailVerified {
+		return nil
+	}
+	return u.EmailCode.GenerateEmailCode(emailGenerator)
+}
+
+func (init *InitUserCode) GenerateInitUserCode(generator crypto.Generator) error {
+	initCodeCrypto, _, err := crypto.NewCode(generator)
+	if err != nil {
+		return err
+	}
+	init.Code = initCodeCrypto
+	init.Expiry = generator.Expiry()
+	return nil
+}