policies implemented

2025-12-01 13:32:41 +00:00 · 2020-11-06 22:09:19 +01:00
parent f7f810caa5
commit 57fc3ddd16
22 changed files with 667 additions and 87 deletions
--- a/internal/v2/repository/policy/events_label.go
+++ b/internal/v2/repository/policy/events_label.go
@@ -7,9 +7,18 @@ import (
 )

 const (
-	LabelPolicyAddedEventType = "policy.label.added"
+	LabelPolicyAddedEventType   = "policy.label.added"
+	LabelPolicyChangedEventType = "policy.label.changed"
+	LabelPolicyRemovedEventType = "policy.label.removed"
 )

+type LabelPolicyAggregate struct {
+	eventstore.Aggregate
+
+	PrimaryColor   string
+	SecondaryColor string
+}
+
 type LabelPolicyAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

@@ -27,7 +36,6 @@ func (e *LabelPolicyAddedEvent) Data() interface{} {

 func NewLabelPolicyAddedEvent(
 	ctx context.Context,
-	service string,
 	primaryColor,
 	secondaryColor string,
 ) *LabelPolicyAddedEvent {
@@ -35,10 +43,72 @@ func NewLabelPolicyAddedEvent(
 	return &LabelPolicyAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
 			ctx,
-			service,
 			LabelPolicyAddedEventType,
 		),
 		PrimaryColor:   primaryColor,
 		SecondaryColor: secondaryColor,
 	}
 }
+
+type LabelPolicyChangedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	current *LabelPolicyAggregate
+	changed *LabelPolicyAggregate
+}
+
+func (e *LabelPolicyChangedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *LabelPolicyChangedEvent) Data() interface{} {
+	changes := map[string]interface{}{}
+	if e.current.PrimaryColor != e.changed.PrimaryColor {
+		changes["primaryColor"] = e.changed.PrimaryColor
+	}
+	if e.current.SecondaryColor != e.changed.SecondaryColor {
+		changes["secondaryColor"] = e.changed.SecondaryColor
+	}
+
+	return changes
+}
+
+func NewLabelPolicyChangedEvent(
+	ctx context.Context,
+	current,
+	changed *LabelPolicyAggregate,
+) *LabelPolicyChangedEvent {
+
+	return &LabelPolicyChangedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			LabelPolicyChangedEventType,
+		),
+		current: current,
+		changed: changed,
+	}
+}
+
+type LabelPolicyRemovedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+}
+
+func (e *LabelPolicyRemovedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *LabelPolicyRemovedEvent) Data() interface{} {
+	return nil
+}
+
+func NewLabelPolicyRemovedEvent(
+	ctx context.Context,
+) *LabelPolicyRemovedEvent {
+
+	return &LabelPolicyRemovedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			LabelPolicyChangedEventType,
+		),
+	}
+}
--- a/internal/v2/repository/policy/events_login.go
+++ b/internal/v2/repository/policy/events_login.go
@@ -7,9 +7,19 @@ import (
 )

 const (
-	LoginPolicyAddedEventType = "policy.login.added"
+	LoginPolicyAddedEventType   = "policy.login.added"
+	LoginPolicyChangedEventType = "policy.login.changed"
+	LoginPolicyRemovedEventType = "policy.login.removed"
 )

+type LoginPolicyAggregate struct {
+	eventstore.Aggregate
+
+	AllowUserNamePassword bool
+	AllowRegister         bool
+	AllowExternalIDP      bool
+}
+
 type LoginPolicyAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

@@ -29,7 +39,6 @@ func (e *LoginPolicyAddedEvent) Data() interface{} {

 func NewLoginPolicyAddedEvent(
 	ctx context.Context,
-	service string,
 	allowUserNamePassword,
 	allowRegister,
 	allowExternalIDP bool,
@@ -38,7 +47,6 @@ func NewLoginPolicyAddedEvent(
 	return &LoginPolicyAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
 			ctx,
-			service,
 			LoginPolicyAddedEventType,
 		),
 		AllowExternalIDP:      allowExternalIDP,
@@ -46,3 +54,64 @@ func NewLoginPolicyAddedEvent(
 		AllowUserNamePassword: allowUserNamePassword,
 	}
 }
+
+type LoginPolicyChangedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	current *LoginPolicyAggregate
+	changed *LoginPolicyAggregate
+}
+
+func (e *LoginPolicyChangedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *LoginPolicyChangedEvent) Data() interface{} {
+	changes := map[string]interface{}{}
+	if e.current.AllowExternalIDP != e.changed.AllowExternalIDP {
+		changes["allowUsernamePassword"] = e.changed.AllowExternalIDP
+	}
+	if e.current.AllowRegister != e.changed.AllowRegister {
+		changes["allowRegister"] = e.changed.AllowExternalIDP
+	}
+	if e.current.AllowExternalIDP != e.changed.AllowExternalIDP {
+		changes["allowExternalIdp"] = e.changed.AllowExternalIDP
+	}
+
+	return changes
+}
+
+func NewLoginPolicyChangedEvent(
+	ctx context.Context,
+	current,
+	changed *LoginPolicyAggregate,
+) *LoginPolicyChangedEvent {
+
+	return &LoginPolicyChangedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			LoginPolicyChangedEventType,
+		),
+	}
+}
+
+type LoginPolicyRemovedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+}
+
+func (e *LoginPolicyRemovedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *LoginPolicyRemovedEvent) Data() interface{} {
+	return nil
+}
+
+func NewLoginPolicyRemovedEvent(ctx context.Context) *LoginPolicyRemovedEvent {
+	return &LoginPolicyRemovedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			LoginPolicyRemovedEventType,
+		),
+	}
+}
--- a/internal/v2/repository/policy/events_org_iam.go
+++ b/internal/v2/repository/policy/events_org_iam.go
@@ -26,14 +26,12 @@ func (e *OrgIAMPolicyAddedEvent) Data() interface{} {

 func NewOrgIAMPolicyAddedEvent(
 	ctx context.Context,
-	service string,
 	userLoginMustBeDomain bool,
 ) *OrgIAMPolicyAddedEvent {

 	return &OrgIAMPolicyAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
 			ctx,
-			service,
 			OrgIAMPolicyAddedEventType,
 		),
 		UserLoginMustBeDomain: userLoginMustBeDomain,
--- a/internal/v2/repository/policy/events_password_age.go
+++ b/internal/v2/repository/policy/events_password_age.go
@@ -7,9 +7,18 @@ import (
 )

 const (
-	PasswordAgePolicyAddedEventType = "policy.password.age.added"
+	PasswordAgePolicyAddedEventType   = "policy.password.age.added"
+	PasswordAgePolicyChangedEventType = "policy.password.age.changed"
+	PasswordAgePolicyRemovedEventType = "policy.password.age.removed"
 )

+type PasswordAgePolicyAggregate struct {
+	eventstore.Aggregate
+
+	ExpireWarnDays int
+	MaxAgeDays     int
+}
+
 type PasswordAgePolicyAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

@@ -27,17 +36,82 @@ func (e *PasswordAgePolicyAddedEvent) Data() interface{} {

 func NewPasswordAgePolicyAddedEvent(
 	ctx context.Context,
-	service string,
 	expireWarnDays,
 	maxAgeDays int,
 ) *PasswordAgePolicyAddedEvent {
+
 	return &PasswordAgePolicyAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
 			ctx,
-			service,
 			PasswordAgePolicyAddedEventType,
 		),
 		ExpireWarnDays: expireWarnDays,
 		MaxAgeDays:     maxAgeDays,
 	}
 }
+
+type PasswordAgePolicyChangedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	current *PasswordAgePolicyAggregate
+	changed *PasswordAgePolicyAggregate
+}
+
+func (e *PasswordAgePolicyChangedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *PasswordAgePolicyChangedEvent) Data() interface{} {
+	changes := map[string]interface{}{}
+
+	if e.current.ExpireWarnDays != e.changed.ExpireWarnDays {
+		changes["expireWarnDays"] = e.changed.ExpireWarnDays
+	}
+	if e.current.MaxAgeDays != e.changed.MaxAgeDays {
+		changes["maxAgeDays"] = e.changed.ExpireWarnDays
+	}
+
+	return changes
+}
+
+func NewPasswordAgePolicyChangedEvent(
+	ctx context.Context,
+	current,
+	changed *PasswordAgePolicyAggregate,
+) *PasswordAgePolicyChangedEvent {
+
+	return &PasswordAgePolicyChangedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			PasswordAgePolicyChangedEventType,
+		),
+		current: current,
+		changed: changed,
+	}
+}
+
+type PasswordAgePolicyRemovedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+}
+
+func (e *PasswordAgePolicyRemovedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *PasswordAgePolicyRemovedEvent) Data() interface{} {
+	return nil
+}
+
+func NewPasswordAgePolicyRemovedEvent(
+	ctx context.Context,
+	current,
+	changed *PasswordAgePolicyRemovedEvent,
+) *PasswordAgePolicyChangedEvent {
+
+	return &PasswordAgePolicyChangedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			PasswordAgePolicyChangedEventType,
+		),
+	}
+}
--- a/internal/v2/repository/policy/events_password_complexity.go
+++ b/internal/v2/repository/policy/events_password_complexity.go
@@ -7,9 +7,19 @@ import (
 )

 const (
-	PasswordComplexityPolicyAddedEventType = "policy.password.complexity.added"
+	PasswordComplexityPolicyAddedEventType   = "policy.password.complexity.added"
+	PasswordComplexityPolicyChangedEventType = "policy.password.complexity.changed"
+	PasswordComplexityPolicyRemovedEventType = "policy.password.complexity.removed"
 )

+type PasswordComplexityPolicyAggregate struct {
+	MinLength    int
+	HasLowercase bool
+	HasUpperCase bool
+	HasNumber    bool
+	HasSymbol    bool
+}
+
 type PasswordComplexityPolicyAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

@@ -30,7 +40,6 @@ func (e *PasswordComplexityPolicyAddedEvent) Data() interface{} {

 func NewPasswordComplexityPolicyAddedEvent(
 	ctx context.Context,
-	service string,
 	hasLowerCase,
 	hasUpperCase,
 	hasNumber,
@@ -41,7 +50,6 @@ func NewPasswordComplexityPolicyAddedEvent(
 	return &PasswordComplexityPolicyAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
 			ctx,
-			service,
 			PasswordComplexityPolicyAddedEventType,
 		),
 		HasLowercase: hasLowerCase,
@@ -51,3 +59,76 @@ func NewPasswordComplexityPolicyAddedEvent(
 		MinLength:    minLength,
 	}
 }
+
+type PasswordComplexityPolicyChangedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	current *PasswordComplexityPolicyAggregate
+	changed *PasswordComplexityPolicyAggregate
+}
+
+func (e *PasswordComplexityPolicyChangedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *PasswordComplexityPolicyChangedEvent) Data() interface{} {
+	changes := map[string]interface{}{}
+
+	if e.current.MinLength != e.changed.MinLength {
+		changes["minLength"] = e.changed.MinLength
+	}
+	if e.current.HasLowercase != e.changed.HasLowercase {
+		changes["hasLowercase"] = e.changed.HasLowercase
+	}
+	if e.current.HasUpperCase != e.changed.HasUpperCase {
+		changes["hasUppercase"] = e.changed.HasUpperCase
+	}
+	if e.current.HasNumber != e.changed.HasNumber {
+		changes["hasNumber"] = e.changed.HasNumber
+	}
+	if e.current.HasSymbol != e.changed.HasSymbol {
+		changes["hasSymbol"] = e.changed.HasSymbol
+	}
+
+	return changes
+}
+
+func NewPasswordComplexityPolicyChangedEvent(
+	ctx context.Context,
+	current,
+	changed *PasswordComplexityPolicyAggregate,
+) *PasswordComplexityPolicyChangedEvent {
+
+	return &PasswordComplexityPolicyChangedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			PasswordComplexityPolicyAddedEventType,
+		),
+		current: current,
+		changed: changed,
+	}
+}
+
+type PasswordComplexityPolicyRemovedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+}
+
+func (e *PasswordComplexityPolicyRemovedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *PasswordComplexityPolicyRemovedEvent) Data() interface{} {
+	return nil
+}
+
+func NewPasswordComplexityPolicyRemovedEvent(
+	ctx context.Context,
+) *PasswordComplexityPolicyRemovedEvent {
+
+	return &PasswordComplexityPolicyRemovedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			PasswordComplexityPolicyChangedEventType,
+		),
+	}
+}
--- a/internal/v2/repository/policy/events_password_lockout.go
+++ b/internal/v2/repository/policy/events_password_lockout.go
@@ -10,6 +10,13 @@ const (
 	PasswordLockoutPolicyAddedEventType = "policy.password.lockout.added"
 )

+type PasswordLockoutAggregate struct {
+	eventstore.Aggregate
+
+	MaxAttempts         int
+	ShowLockOutFailures bool
+}
+
 type PasswordLockoutPolicyAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

@@ -27,7 +34,6 @@ func (e *PasswordLockoutPolicyAddedEvent) Data() interface{} {

 func NewPasswordLockoutPolicyAddedEvent(
 	ctx context.Context,
-	service string,
 	maxAttempts int,
 	showLockOutFailures bool,
 ) *PasswordLockoutPolicyAddedEvent {
@@ -35,10 +41,73 @@ func NewPasswordLockoutPolicyAddedEvent(
 	return &PasswordLockoutPolicyAddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
 			ctx,
-			service,
 			LabelPolicyAddedEventType,
 		),
 		MaxAttempts:         maxAttempts,
 		ShowLockOutFailures: showLockOutFailures,
 	}
 }
+
+type PasswordLockoutPolicyChangedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	current *PasswordLockoutAggregate
+	changed *PasswordLockoutAggregate
+}
+
+func (e *PasswordLockoutPolicyChangedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *PasswordLockoutPolicyChangedEvent) Data() interface{} {
+	changes := map[string]interface{}{}
+
+	if e.current.MaxAttempts != e.changed.MaxAttempts {
+		changes["maxAttempts"] = e.changed.MaxAttempts
+	}
+	if e.current.ShowLockOutFailures != e.changed.ShowLockOutFailures {
+		changes["showLockOutFailures"] = e.changed.ShowLockOutFailures
+	}
+
+	return changes
+}
+
+func NewPasswordLockoutPolicyChangedEvent(
+	ctx context.Context,
+	current,
+	changed *PasswordLockoutAggregate,
+) *PasswordLockoutPolicyChangedEvent {
+
+	return &PasswordLockoutPolicyChangedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			LabelPolicyAddedEventType,
+		),
+		current: current,
+		changed: changed,
+	}
+}
+
+type PasswordLockoutPolicyRemovedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+}
+
+func (e *PasswordLockoutPolicyRemovedEvent) CheckPrevious() bool {
+	return true
+}
+
+func (e *PasswordLockoutPolicyRemovedEvent) Data() interface{} {
+	return nil
+}
+
+func NewPasswordLockoutPolicyRemovedEvent(
+	ctx context.Context,
+) *PasswordLockoutPolicyRemovedEvent {
+
+	return &PasswordLockoutPolicyRemovedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			LabelPolicyAddedEventType,
+		),
+	}
+}