TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 07:37:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: improve user grants precondition checks (#4237)

Browse Source 
* fix: improve user grants precondition checks

* build rc

* fix prerelease

* fix: build image

* remove branch from releaserc
This commit is contained in:
Livio Spring
2022-08-24 11:38:59 +02:00
committed by GitHub
parent 06fd70d457
commit 4c26665b93
3 changed files with 116 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/command/user_grant.go
View File

@@ -33,7 +33,7 @@ func (c *Commands) addUserGrant(ctx context.Context, userGrant *domain.UserGrant
if !userGrant.IsValid() {
return nil, nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-4M0fs", "Errors.UserGrant.Invalid")
}
err = c.checkUserGrantPreCondition(ctx, userGrant)
err = c.checkUserGrantPreCondition(ctx, userGrant, resourceOwner)
if err != nil {
return nil, nil, err
}
@@ -91,7 +91,7 @@ func (c *Commands) changeUserGrant(ctx context.Context, userGrant *domain.UserGr
}
userGrant.ProjectID = existingUserGrant.ProjectID
userGrant.ProjectGrantID = existingUserGrant.ProjectGrantID
err = c.checkUserGrantPreCondition(ctx, userGrant)
err = c.checkUserGrantPreCondition(ctx, userGrant, resourceOwner)
if err != nil {
return nil, nil, err
}
@@ -285,8 +285,8 @@ func (c *Commands) userGrantWriteModelByID(ctx context.Context, userGrantID, res
return writeModel, nil
}
func (c *Commands) checkUserGrantPreCondition(ctx context.Context, usergrant *domain.UserGrant) error {
preConditions := NewUserGrantPreConditionReadModel(usergrant.UserID, usergrant.ProjectID, usergrant.ProjectGrantID)
func (c *Commands) checkUserGrantPreCondition(ctx context.Context, usergrant *domain.UserGrant, resourceOwner string) error {
preConditions := NewUserGrantPreConditionReadModel(usergrant.UserID, usergrant.ProjectID, usergrant.ProjectGrantID, resourceOwner)
err := c.eventstore.FilterToQueryReducer(ctx, preConditions)
if err != nil {
return err
@@ -294,7 +294,7 @@ func (c *Commands) checkUserGrantPreCondition(ctx context.Context, usergrant *do
if !preConditions.UserExists {
return caos_errs.ThrowPreconditionFailed(err, "COMMAND-4f8sg", "Errors.User.NotFound")
}
if !preConditions.ProjectExists {
if usergrant.ProjectGrantID == "" && !preConditions.ProjectExists {
return caos_errs.ThrowPreconditionFailed(err, "COMMAND-3n77S", "Errors.Project.NotFound")
}
if usergrant.ProjectGrantID != "" && !preConditions.ProjectGrantExists {