TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-10-16 10:41:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: mitigate overload risk in processProject on user grant (#2662)

Browse Source
This commit is contained in:
Livio Amstutz
2021-11-12 12:11:37 +01:00
committed by GitHub
parent 7324e776cf
commit 4fc2582b4c
3 changed files with 42 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
internal/management/repository/eventsourcing/handler/user_grant.go
View File

@@ -4,6 +4,7 @@ import (
"context"
"github.com/caos/logging"
caos_errs "github.com/caos/zitadel/internal/errors"
v1 "github.com/caos/zitadel/internal/eventstore/v1"
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
@@ -159,19 +160,20 @@ func (u *UserGrant) processUser(event *es_models.Event) (err error) {
func (u *UserGrant) processProject(event *es_models.Event) (err error) {
switch event.Type {
case proj_es_model.ProjectChanged:
proj := new(proj_es_model.Project)
err := proj.SetData(event)
if err != nil {
return err
}
if proj.Name == "" {
return u.view.ProcessedUserGrantSequence(event)
}
grants, err := u.view.UserGrantsByProjectID(event.AggregateID)
if err != nil {
return err
}
if len(grants) == 0 {
return u.view.ProcessedUserGrantSequence(event)
}
project, err := u.getProjectByID(context.Background(), event.AggregateID)
if err != nil {
return err
}
for _, grant := range grants {
u.fillProjectData(grant, project)
grant.ProjectName = proj.Name
}
return u.view.PutUserGrants(grants, event)
default: