TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 20:37:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: split users into human and machine (#470)

Browse Source 
* feat(management): service accounts

* chore: current go version

* init

* refactor: apis

* feat(internal): start impl of service account

* chore: start impl of machine/human users

* code compiles

* fix: tests

* fix: tests

* fix: add new event types to switches

* chore: add cases to event types

* fix(management): definitive proto messages

* fix: machine/human

* fix: add missing tables as todos

* fix: remove unused permissions

* fix: refactoring

* fix: refactor

* fix: human registered

* fix: user id

* fix: logid

* fix: proto remove //equal

* chore(management): remove no comment

* fix: human mfas

* fix: user subobjects

* chore: rename existing to better name

* fix: username in user (#634)

* fix: username in user

* fix: username

* fix remove unused code

* fix add validations

* fix: use new user in all apis

* fix: regexp for username in api

* fix: fill user data for human and machine (#638)

* fix: fill Display name grant/member handlers
fix: add description to grant/member objects in api
fix: check if user is human in login

* fix: remove description from member and grant

* chore: remove todos

* feat: machine keys

* fix: implement missing parts

* feat: machine key management view

* fix: remove keys from machine view

* fix: set default expiration date

* fix: get key by ids

* feat: add machine keys in proto

* feat: machine keys

* fix: add migration

* fix: mig

* fix: correct method name

* feat: user search

* feat: user search

* fix: log ids

* fix partial authconfig prompt, domain c perm

* membership read check

* contributor refresh trigger, observe org write

* fix: migrations

* fix(console): machine build (#660)

* frontend 1

* fix html bindings

* trailing comma

* user permissions, project deactivate

* fix(console): human view (#661)

* fix search user view, user detail form

* rm log

* feat(console): user services list and create (#663)

* fix search user view, user detail form

* rm log

* machine list

* generic table component

* create user service

* proove table for undefined values

* tmp disable user link if machine

* lint

* lint styles

* user table lint

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)

* service users for sidenav, routing

* i18n

* back routes

* machine detail form

* update machine detail, fix svc user grants

* keys table

* add key dialog, timestamp creation

* check permission on create, delete, fix selection

* lint ts, scss

* Update console/src/assets/i18n/de.json

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

* allow user grants for project.write

* management service

* fix mgmt service

* feat: Machine keys (#655)

* fix: memberships (#633)

* feat: add iam members to memberships

* fix: search project grants

* fix: rename

* feat: idp and login policy configurations (#619)

* feat: oidc config

* fix: oidc configurations

* feat: oidc idp config

* feat: add oidc config test

* fix: tests

* fix: tests

* feat: translate new events

* feat: idp eventstore

* feat: idp eventstore

* fix: tests

* feat: command side idp

* feat: query side idp

* feat: idp config on org

* fix: tests

* feat: authz idp on org

* feat: org idps

* feat: login policy

* feat: login policy

* feat: login policy

* feat: add idp func on login policy

* feat: add validation to loginpolicy and idp provider

* feat: add default login policy

* feat: login policy on org

* feat: login policy on org

* fix: id config handlers

* fix: id config handlers

* fix: create idp on org

* fix: create idp on org

* fix: not existing idp config

* fix: default login policy

* fix: add login policy on org

* fix: idp provider search on org

* fix: test

* fix: remove idp on org

* fix: test

* fix: test

* fix: remove admin idp

* fix: logo src as byte

* fix: migration

* fix: tests

* Update internal/iam/repository/eventsourcing/iam.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/org/repository/eventsourcing/org_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: pr comments

* fix: tests

* Update types.go

* fix: merge request changes

* fix: reduce optimization

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: reread user mfas, preferred loginname as otp account name (#636)

* fix: reread user mfas

* fix: use preferred login name as otp account name

* fix: tests

* fix: reduce (#635)

* fix: management reduce optimization

* fix: reduce optimization

* fix: reduce optimization

* fix: merge master

* chore(deps): bump github.com/gorilla/schema from 1.1.0 to 1.2.0 (#627)

Bumps [github.com/gorilla/schema](https://github.com/gorilla/schema) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/gorilla/schema/releases)
- [Commits](https://github.com/gorilla/schema/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/gorilla/mux from 1.7.4 to 1.8.0 (#624)

Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.4 to 1.8.0.
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0 (#591)

Bumps [github.com/DATA-DOG/go-sqlmock](https://github.com/DATA-DOG/go-sqlmock) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/DATA-DOG/go-sqlmock/releases)
- [Commits](https://github.com/DATA-DOG/go-sqlmock/compare/v1.4.1...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: auto assign issues and PR to ZTIADEL project board (#643)

* Create main.yml

* Update main.yml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix(console): project grant members, update deps (#645)

* fix: searchprojectgrantmembers

* chore(deps-dev): bump @angular/cli from 10.0.6 to 10.0.7 in /console (#622)

Bumps [@angular/cli](https://github.com/angular/angular-cli) from 10.0.6 to 10.0.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v10.0.6...v10.0.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @angular-devkit/build-angular in /console (#626)

Bumps [@angular-devkit/build-angular](https://github.com/angular/angular-cli) from 0.1000.6 to 0.1000.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>

* chore(deps-dev): bump @types/jasmine from 3.5.12 to 3.5.13 in /console (#623)

Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.5.12 to 3.5.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump ts-node from 8.10.2 to 9.0.0 in /console (#629)

Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 8.10.2 to 9.0.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v8.10.2...v9.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* update packlock

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: delete main.yml (#648)

* fix: usergrant (#650)

* fix(console): mfa refresh after verification, member eventemitter (#651)

* refresh mfa

* fix: detail link from contributors

* lint

* feat: add domain verification notification (#649)

* fix: dont (re)generate client secret with auth type none

* fix(cors): allow Origin from request

* feat: add origin allow list and fix some core issues

* rename migration

* fix UserIDsByDomain

* feat: send email to users after domain claim

* username

* check origin on userinfo

* update oidc pkg

* fix: add migration 1.6

* change username

* change username

* remove unique email aggregate

* change username in mgmt

* search global user by login name

* fix test

* change user search in angular

* fix tests

* merge

* userview in angular

* fix merge

* Update pkg/grpc/management/proto/management.proto

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/notification/static/i18n/de.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix: translation (#647)

* fix: translation

* fix: translation

* fix: translation

* fix: remove unused code

* fix: log err

* fix: migration numbers (#652)

* chore: issue / feature templates (#642)

* feat: machine keys

* fix: implement missing parts

* feat: machine key management view

* fix: remove keys from machine view

* feat: global org read (#657)

* fix: set default expiration date

* fix: get key by ids

* feat: add machine keys in proto

* feat: machine keys

* fix: add migration

* fix: mig

* fix: correct method name

* feat: user search

* feat: user search

* fix: log ids

* fix: migrations

* fix(console): machine build (#660)

* frontend 1

* fix html bindings

* trailing comma

* fix(console): human view (#661)

* fix search user view, user detail form

* rm log

* feat(console): user services list and create (#663)

* fix search user view, user detail form

* rm log

* machine list

* generic table component

* create user service

* proove table for undefined values

* tmp disable user link if machine

* lint

* lint styles

* user table lint

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)

* service users for sidenav, routing

* i18n

* back routes

* machine detail form

* update machine detail, fix svc user grants

* keys table

* add key dialog, timestamp creation

* check permission on create, delete, fix selection

* lint ts, scss

* Update console/src/assets/i18n/de.json

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

* refactor: protos

* fix(management): key expiration date

* fix: check if user is human

* fix: marshal key details

* fix: correct generate login names

* fix: logid

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>

* fix: naming

* refactor: findings

* fix: username

* fix: mfa upper case

* fix: tests

* fix: add translations

* reactivatemyorg req typeö

* fix: projectType for console

* fix: user changes

* fix: translate events

* fix: event type translation

* fix: remove unused types

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
Silvan 2020-08-31 17:48:01 +02:00 committed by GitHub
parent c1c85e632b
commit 5abd5b0505
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
207 changed files with 52837 additions and 26745 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cmd/zitadel/system-defaults.yaml
View File

@ -44,6 +44,7 @@ SystemDefaults:
IncludeUpperLetters: true
IncludeDigits: true
IncludeSymbols: false
MachineKeySize: 2048
Multifactors:
OTP:
Issuer: 'Zitadel'

2
console/src/app/app-routing.module.ts
View File

@ -34,7 +34,7 @@ const routes: Routes = [
canActivate: [AuthGuard],
children: [
{
path: 'all',
path: 'list',
loadChildren: () => import('src/app/pages/users/user-list/user-list.module')
.then(m => m.UserListModule),
canActivate: [RoleGuard],

13
console/src/app/app.component.html
View File

@ -117,9 +117,16 @@
</div>
<a @navitem class="nav-item" [routerLinkActive]="['active']"
[routerLink]="[ '/users/all']" [routerLinkActiveOptions]="{ exact: true }">
<i class="icon las la-users"></i>
<span class="label">{{ 'MENU.USER' | translate }}</span>
[routerLink]="[ '/users/list/humans']" [routerLinkActiveOptions]="{ exact: true }">
<i class="icon las la-user-friends"></i>
<span class="label">{{ 'MENU.HUMANUSERS' | translate }}</span>
</a>
<a @navitem class="nav-item" [routerLinkActive]="['active']"
[routerLink]="[ '/users/list/machines']"
[routerLinkActiveOptions]="{ exact: true }">
<i class="icon las la-users-cog"></i>
<span class="label">{{ 'MENU.MACHINEUSERS' | translate }}</span>
</a>
</ng-template>
</div>

2
console/src/app/app.module.ts
View File

@ -5,6 +5,7 @@ import localeDe from '@angular/common/locales/de';
import { APP_INITIALIZER, NgModule } from '@angular/core';
import { MatButtonModule } from '@angular/material/button';
import { MatCardModule } from '@angular/material/card';
import { MatNativeDateModule } from '@angular/material/core';
import { MatDialogModule } from '@angular/material/dialog';
import { MatIconModule } from '@angular/material/icon';
import { MatMenuModule } from '@angular/material/menu';
@ -90,6 +91,7 @@ const authConfig: AuthConfig = {
deps: [HttpClient],
},
}),
MatNativeDateModule,
QuicklinkModule,
AccountsCardModule,
HasRoleModule,

2
console/src/app/modules/accounts-card/accounts-card.component.html
View File

@ -3,7 +3,7 @@
[name]="profile.displayName ? profile.displayName : (profile.firstName + ' '+ profile.lastName)" [size]="80">
</app-avatar>
<span class="u-name">{{profile.displayName ? profile.displayName : profile.userName}}</span>
<span class="u-name">{{profile.displayName ? profile.displayName : profile.preferredLoginName}}</span>
<span class="u-email">{{profile?.preferredLoginName}}</span>
<span class="iamuser" *ngIf="iamuser">IAM USER</span>

6
console/src/app/modules/search-user-autocomplete/search-user-autocomplete.component.html
View File

@ -8,7 +8,9 @@
<mat-chip-list *ngIf="!singleOutput" #chipList aria-label="loginname selection">
<mat-chip class="chip" *ngFor="let selecteduser of users" [selectable]="selectable" [removable]="removable"
(removed)="remove(selecteduser)">
{{ selecteduser?.firstName }} {{selecteduser.lastName}} | <small> {{selecteduser.preferredLoginName}}</small>
{{ selecteduser?.human ? (selecteduser.human.firstName + ' ' + selecteduser.human.lastName) : selecteduser?.machine?.name}}
| <small>
{{selecteduser.preferredLoginName}}</small>
<mat-icon matChipRemove *ngIf="removable">cancel</mat-icon>
</mat-chip>
<input placeholder="{{'ORG_DETAIL.MEMBER.LOGINNAME' | translate}}" #usernameInput [formControl]="myControl"
@ -22,7 +24,7 @@
<mat-spinner diameter="30"></mat-spinner>
</mat-option>
<mat-option *ngFor="let user of filteredUsers" [value]="user">
{{user.firstName}} {{user.lastName}}
{{user.human? user.human.firstName : user.machine?.name}}
<small>{{user.preferredLoginName}}</small>
</mat-option>
</mat-autocomplete>

3
console/src/app/modules/user-grants/user-grants.component.ts
View File

@ -84,6 +84,9 @@ export class UserGrantsComponent implements OnInit, AfterViewInit {
default:
this.routerLink = ['/grant-create'];
}
console.log(this.routerLink);
this.dataSource.loadGrants(this.context, 0, 25, {
projectId: this.projectId,
grantId: this.grantId,

2
console/src/app/pages/home/home.component.html
View File

@ -86,7 +86,7 @@
<span class="fill-space"></span>
<div class="footer">
<a color="primary" mat-stroked-button
[routerLink]="['/users/all']">{{'HOME.USERS_BUTTON' | translate}}</a>
[routerLink]="['/users/list/humans']">{{'HOME.USERS_BUTTON' | translate}}</a>
</div>
</app-card>
</ng-template>

4
console/src/app/pages/iam/iam-members/iam-members.component.ts
View File

@ -7,7 +7,7 @@ import { MatTable } from '@angular/material/table';
import { tap } from 'rxjs/operators';
import { CreationType, MemberCreateDialogComponent } from 'src/app/modules/add-member-dialog/member-create-dialog.component';
import { IamMember, IamMemberView } from 'src/app/proto/generated/admin_pb';
import { ProjectMember, ProjectType, User } from 'src/app/proto/generated/management_pb';
import { ProjectMember, ProjectType, UserView } from 'src/app/proto/generated/management_pb';
import { AdminService } from 'src/app/services/admin.service';
import { ToastService } from 'src/app/services/toast.service';
@ -112,7 +112,7 @@ export class IamMembersComponent implements AfterViewInit {
dialogRef.afterClosed().subscribe(resp => {
if (resp) {
const users: User.AsObject[] = resp.users;
const users: UserView.AsObject[] = resp.users;
const roles: string[] = resp.roles;
if (users && users.length && roles && roles.length) {

4
console/src/app/pages/iam/iam.component.ts
View File

@ -4,7 +4,7 @@ import { Router } from '@angular/router';
import { BehaviorSubject, from, Observable, of } from 'rxjs';
import { catchError, finalize, map } from 'rxjs/operators';
import { CreationType, MemberCreateDialogComponent } from 'src/app/modules/add-member-dialog/member-create-dialog.component';
import { OrgMemberView, User } from 'src/app/proto/generated/management_pb';
import { OrgMemberView, UserView } from 'src/app/proto/generated/management_pb';
import { AdminService } from 'src/app/services/admin.service';
import { ToastService } from 'src/app/services/toast.service';
@ -49,7 +49,7 @@ export class IamComponent {
dialogRef.afterClosed().subscribe(resp => {
if (resp) {
const users: User.AsObject[] = resp.users;
const users: UserView.AsObject[] = resp.users;
const roles: string[] = resp.roles;
if (users && users.length && roles && roles.length) {

21
console/src/app/pages/orgs/org-create/org-create.component.ts
View File

@ -6,7 +6,7 @@ import { MatSlideToggleChange } from '@angular/material/slide-toggle';
import { Router } from '@angular/router';
import { take } from 'rxjs/operators';
import { lowerCaseValidator, numberValidator, symbolValidator, upperCaseValidator } from 'src/app/pages/validators';
import { CreateOrgRequest, CreateUserRequest, Gender, OrgSetUpResponse } from 'src/app/proto/generated/admin_pb';
import { CreateHumanRequest, CreateOrgRequest, Gender, OrgSetUpResponse } from 'src/app/proto/generated/admin_pb';
import { PasswordComplexityPolicy } from 'src/app/proto/generated/auth_pb';
import { AdminService } from 'src/app/services/admin.service';
import { GrpcAuthService } from 'src/app/services/grpc-auth.service';
@ -92,21 +92,20 @@ export class OrgCreateComponent {
createOrgRequest.setName(this.name?.value);
createOrgRequest.setDomain(this.domain?.value);
const registerUserRequest: CreateUserRequest = new CreateUserRequest();
registerUserRequest.setUserName(this.userName?.value);
registerUserRequest.setEmail(this.email?.value);
registerUserRequest.setFirstName(this.firstName?.value);
registerUserRequest.setLastName(this.lastName?.value);
registerUserRequest.setNickName(this.nickName?.value);
registerUserRequest.setGender(this.gender?.value);
registerUserRequest.setPreferredLanguage(this.preferredLanguage?.value);
const humanRequest: CreateHumanRequest = new CreateHumanRequest();
humanRequest.setEmail(this.email?.value);
humanRequest.setFirstName(this.firstName?.value);
humanRequest.setLastName(this.lastName?.value);
humanRequest.setNickName(this.nickName?.value);
humanRequest.setGender(this.gender?.value);
humanRequest.setPreferredLanguage(this.preferredLanguage?.value);
if (this.usePassword && this.password) {
registerUserRequest.setPassword(this.password?.value);
humanRequest.setPassword(this.password?.value);
}
this.adminService
.SetUpOrg(createOrgRequest, registerUserRequest)
.SetUpOrg(createOrgRequest, humanRequest)
.then((data: OrgSetUpResponse) => {
this.router.navigate(['orgs', data.toObject().org?.id]);
})

4
console/src/app/pages/orgs/org-detail/org-detail.component.ts
View File

@ -17,7 +17,7 @@ import {
OrgMemberSearchResponse,
OrgMemberView,
OrgState,
User,
UserView,
} from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
@ -163,7 +163,7 @@ export class OrgDetailComponent implements OnInit, OnDestroy {
dialogRef.afterClosed().subscribe(resp => {
if (resp) {
const users: User.AsObject[] = resp.users;
const users: UserView.AsObject[] = resp.users;
const roles: string[] = resp.roles;
if (users && users.length && roles && roles.length) {

4
console/src/app/pages/orgs/org-members/org-members.component.ts
View File

@ -5,7 +5,7 @@ import { MatPaginator } from '@angular/material/paginator';
import { MatSelectChange } from '@angular/material/select';
import { tap } from 'rxjs/operators';
import { CreationType, MemberCreateDialogComponent } from 'src/app/modules/add-member-dialog/member-create-dialog.component';
import { Org, OrgMemberView, ProjectType, User } from 'src/app/proto/generated/management_pb';
import { Org, OrgMemberView, ProjectType, UserView } from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
@ -107,7 +107,7 @@ export class OrgMembersComponent implements AfterViewInit {
dialogRef.afterClosed().subscribe(resp => {
if (resp) {
const users: User.AsObject[] = resp.users;
const users: UserView.AsObject[] = resp.users;
const roles: string[] = resp.roles;
if (users && users.length && roles && roles.length) {

4
console/src/app/pages/projects/granted-projects/granted-project-detail/granted-project-detail.component.ts
View File

@ -21,8 +21,8 @@ import {
ProjectRoleSearchResponse,
ProjectState,
ProjectType,
User,
UserGrantSearchKey,
UserView,
} from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
@ -140,7 +140,7 @@ export class GrantedProjectDetailComponent implements OnInit, OnDestroy {
dialogRef.afterClosed().subscribe(resp => {
if (resp) {
const users: User.AsObject[] = resp.users;
const users: UserView.AsObject[] = resp.users;
const roles: string[] = resp.roles;
if (users && users.length && roles && roles.length) {

8
console/src/app/pages/projects/owned-projects/owned-project-detail/owned-project-detail.component.html
View File

@ -21,10 +21,12 @@
<span class="fill-space"></span>
<button mat-stroked-button color="warn" [disabled]="isZitadel"
<button mat-stroked-button color="warn"
[disabled]="isZitadel || (['project.write', 'project.write'+ project.projectId]| hasRole | async) == false"
*ngIf="project?.state === ProjectState.PROJECTSTATE_ACTIVE" class="state-button"
(click)="changeState(ProjectState.PROJECTSTATE_INACTIVE)">{{'PROJECT.TABLE.DEACTIVATE' | translate}}</button>
<button mat-stroked-button color="warn" [disabled]="isZitadel"
<button mat-stroked-button color="warn"
[disabled]="isZitadel || (['project.write', 'project.write'+ project.projectId]| hasRole | async) == false"
*ngIf="project?.state === ProjectState.PROJECTSTATE_INACTIVE" class="state-button"
(click)="changeState(ProjectState.PROJECTSTATE_ACTIVE)">{{'PROJECT.TABLE.ACTIVATE' | translate}}</button>
@ -87,7 +89,7 @@
<app-card *ngIf="project?.projectId" title="{{ 'GRANTS.PROJECT.TITLE' | translate }}"
description="{{'GRANTS.PROJECT.DESCRIPTION' | translate }}">
<app-user-grants [context]="userGrantContext" [projectId]="projectId"
[disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE"
[disabled]="project?.state !== ProjectState.PROJECTSTATE_ACTIVE || (['project.write', 'project.write'+ project.projectId]| hasRole | async) == false"
[allowCreate]="(['user.grant.write'] | hasRole) | async"
[allowDelete]="(['user.grant.delete'] | hasRole) | async">
</app-user-grants>

4
console/src/app/pages/projects/owned-projects/project-grant-detail/project-grant-members/project-grant-members-create-dialog/project-grant-members-create-dialog.component.ts
View File

@ -1,7 +1,7 @@
import { Component, Inject } from '@angular/core';
import { FormGroup } from '@angular/forms';
import { MAT_DIALOG_DATA, MatDialogRef } from '@angular/material/dialog';
import { User } from 'src/app/proto/generated/management_pb';
import { UserView } from 'src/app/proto/generated/management_pb';
export interface ProjectGrantMembersCreateDialogExportType {
userIds: string[];
@ -22,7 +22,7 @@ export class ProjectGrantMembersCreateDialogComponent {
@Inject(MAT_DIALOG_DATA) public data: any,
) { }
public selectUsers(users: User.AsObject[]): void {
public selectUsers(users: UserView.AsObject[]): void {
this.userIds = users.map(user => user.id);
}

10
console/src/app/pages/user-grant-create/user-grant-create.component.ts
View File

@ -4,7 +4,7 @@ import { ActivatedRoute, Params } from '@angular/router';
import { Subscription } from 'rxjs';
import { UserGrantContext } from 'src/app/modules/user-grants/user-grants-datasource';
import { Org } from 'src/app/proto/generated/auth_pb';
import { ProjectGrantView, ProjectRole, ProjectView, User, UserGrant } from 'src/app/proto/generated/management_pb';
import { ProjectGrantView, ProjectRole, ProjectView, UserGrant, UserView } from 'src/app/proto/generated/management_pb';
import { GrpcAuthService } from 'src/app/services/grpc-auth.service';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
@ -55,7 +55,7 @@ export class UserGrantCreateComponent implements OnDestroy {
this.context = UserGrantContext.GRANTED_PROJECT;
this.mgmtService.GetGrantedProjectByID(this.projectId, this.grantId).then(resp => {
this.grantRolesKeyList = resp.toObject().roleKeysList;
}).catch(error => {
}).catch((error: any) => {
this.toast.showError(error);
});
}
@ -80,7 +80,7 @@ export class UserGrantCreateComponent implements OnDestroy {
).then((data: UserGrant) => {
this.toast.showInfo('PROJECT.GRANT.TOAST.PROJECTGRANTADDED', true);
this.close();
}).catch(error => {
}).catch((error: any) => {
this.toast.showError(error);
});
break;
@ -93,7 +93,7 @@ export class UserGrantCreateComponent implements OnDestroy {
).then((data: UserGrant) => {
this.toast.showInfo('PROJECT.GRANT.TOAST.PROJECTGRANTUSERGRANTADDED', true);
this.close();
}).catch(error => {
}).catch((error: any) => {
this.toast.showError(error);
});
break;
@ -105,7 +105,7 @@ export class UserGrantCreateComponent implements OnDestroy {
this.projectId = project.projectId;
}
public selectUser(user: User.AsObject): void {
public selectUser(user: UserView.AsObject): void {
this.userId = user.id;
}

18
console/src/app/pages/users/user-create-machine/user-create-machine-routing.module.ts Normal file
View File

@ -0,0 +1,18 @@
import { NgModule } from '@angular/core';
import { RouterModule, Routes } from '@angular/router';
import { UserCreateMachineComponent } from './user-create-machine.component';
const routes: Routes = [
{
path: '',
component: UserCreateMachineComponent,
data: { animation: 'DetailPage' },
},
];
@NgModule({
imports: [RouterModule.forChild(routes)],
exports: [RouterModule],
})
export class UserCreateMachineRoutingModule { }

34
console/src/app/pages/users/user-create-machine/user-create-machine.component.html Normal file
View File

@ -0,0 +1,34 @@
<app-detail-layout [backRouterLink]="[ '/users/list/machines']" title="{{ 'USER.CREATE.TITLE' | translate }}"
description="{{ 'USER.CREATE.DESCRIPTION' | translate }}">
<mat-progress-bar *ngIf="loading" color="accent" mode="indeterminate"></mat-progress-bar>
<form *ngIf="userForm" [formGroup]="userForm" (ngSubmit)="createUser()" class="form">
<div class="content">
<mat-form-field class="formfield">
<mat-label>{{ 'USER.MACHINE.USERNAME' | translate }}</mat-label>
<input matInput formControlName="userName" required />
<mat-error *ngIf="userName?.invalid && userName?.errors?.required">
{{ 'USER.VALIDATION.REQUIRED' | translate }}
</mat-error>
<mat-error *ngIf="userName?.invalid && userName?.errors?.noEmailValidator">
{{ 'USER.VALIDATION.NOEMAIL' | translate }}
</mat-error>
</mat-form-field>
<mat-form-field class="formfield">
<mat-label>{{ 'USER.MACHINE.NAME' | translate }}</mat-label>
<input matInput formControlName="name" required />
<mat-error *ngIf="name?.invalid && name?.errors?.required">
{{ 'USER.VALIDATION.REQUIRED' | translate }}
</mat-error>
</mat-form-field>
<mat-form-field class="formfield">
<mat-label>{{ 'USER.MACHINE.DESCRIPTION' | translate }}</mat-label>
<input matInput formControlName="description" />
</mat-form-field>
</div>
<div class="btn-container">
<button color="primary" [disabled]="userForm.invalid" type="submit"
mat-raised-button>{{ 'ACTIONS.CREATE' | translate }}</button>
</div>
</form>
</app-detail-layout>

33
console/src/app/pages/users/user-create-machine/user-create-machine.component.scss Normal file
View File

@ -0,0 +1,33 @@
.form {
width: 100%;
padding-top: 1rem;
.btn-container {
button {
margin-top: 3rem;
display: block;
padding: .5rem 4rem;
border-radius: .5rem;
}
}
}
.content {
width: 100%;
display: flex wrap;
flex-direction: row;
margin: 0 -.5rem;
.section {
padding: .5rem;
flex-basis: 100%;
color: #8795a1;
font-size: .9rem;
}
.formfield {
flex: 1 0 33%;
margin: 0 .5rem;
}
}

25
console/src/app/pages/users/user-create-machine/user-create-machine.component.spec.ts Normal file
View File

@ -0,0 +1,25 @@
import { async, ComponentFixture, TestBed } from '@angular/core/testing';
import { UserCreateMachineComponent } from './user-create-machine.component';
describe('UserCreateMachineComponent', () => {
let component: UserCreateMachineComponent;
let fixture: ComponentFixture<UserCreateMachineComponent>;
beforeEach(async(() => {
TestBed.configureTestingModule({
declarations: [UserCreateMachineComponent],
})
.compileComponents();
}));
beforeEach(() => {
fixture = TestBed.createComponent(UserCreateMachineComponent);
component = fixture.componentInstance;
fixture.detectChanges();
});
it('should create', () => {
expect(component).toBeTruthy();
});
});

100
console/src/app/pages/users/user-create-machine/user-create-machine.component.ts Normal file
View File

@ -0,0 +1,100 @@
import { Component, OnDestroy } from '@angular/core';
import { AbstractControl, FormBuilder, FormGroup, Validators } from '@angular/forms';
import { Router } from '@angular/router';
import { Subscription } from 'rxjs';
import { CreateMachineRequest } from 'src/app/proto/generated/admin_pb';
import { UserResponse } from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
function noEmailValidator(c: AbstractControl): any {
const EMAIL_REGEXP: RegExp = /^((?!@).)*$/gm;
if (!c.parent || !c) {
return;
}
const username = c.parent.get('userName');
if (!username) {
return;
}
return EMAIL_REGEXP.test(username.value) ? null : {
noEmailValidator: {
valid: false,
},
};
}
@Component({
selector: 'app-user-create-machine',
templateUrl: './user-create-machine.component.html',
styleUrls: ['./user-create-machine.component.scss'],
})
export class UserCreateMachineComponent implements OnDestroy {
public user: CreateMachineRequest.AsObject = new CreateMachineRequest().toObject();
public userForm!: FormGroup;
private sub: Subscription = new Subscription();
public loading: boolean = false;
constructor(
private router: Router,
private toast: ToastService,
public userService: ManagementService,
private fb: FormBuilder,
) {
this.initForm();
}
private initForm(): void {
this.userForm = this.fb.group({
userName: ['',
[
Validators.required,
Validators.minLength(2),
],
],
name: ['', [Validators.required]],
description: ['', []],
});
}
public createUser(): void {
this.user = this.userForm.value;
this.loading = true;
const machineReq = new CreateMachineRequest();
machineReq.setDescription(this.description?.value);
machineReq.setName(this.name?.value);
this.userService
.CreateUserMachine(this.userName?.value, machineReq)
.then((data: UserResponse) => {
this.loading = false;
this.toast.showInfo('USER.TOAST.CREATED', true);
const id = data.getId();
if (id) {
this.router.navigate(['users', id]);
}
})
.catch((error: any) => {
this.loading = false;
this.toast.showError(error);
});
}
ngOnDestroy(): void {
this.sub.unsubscribe();
}
public get name(): AbstractControl | null {
return this.userForm.get('name');
}
public get description(): AbstractControl | null {
return this.userForm.get('description');
}
public get userName(): AbstractControl | null {
return this.userForm.get('userName');
}
}

41
console/src/app/pages/users/user-create-machine/user-create-machine.module.ts Normal file
View File

@ -0,0 +1,41 @@
import { CommonModule } from '@angular/common';
import { NgModule } from '@angular/core';
import { FormsModule, ReactiveFormsModule } from '@angular/forms';
import { MatButtonModule } from '@angular/material/button';
import { MatCheckboxModule } from '@angular/material/checkbox';
import { MatFormFieldModule } from '@angular/material/form-field';
import { MatIconModule } from '@angular/material/icon';
import { MatInputModule } from '@angular/material/input';
import { MatProgressBarModule } from '@angular/material/progress-bar';
import { MatProgressSpinnerModule } from '@angular/material/progress-spinner';
import { MatSelectModule } from '@angular/material/select';
import { MatTooltipModule } from '@angular/material/tooltip';
import { TranslateModule } from '@ngx-translate/core';
import { DetailLayoutModule } from 'src/app/modules/detail-layout/detail-layout.module';
import { UserCreateMachineRoutingModule } from './user-create-machine-routing.module';
import { UserCreateMachineComponent } from './user-create-machine.component';
@NgModule({
declarations: [UserCreateMachineComponent],
imports: [
UserCreateMachineRoutingModule,
CommonModule,
FormsModule,
ReactiveFormsModule,
MatInputModule,
MatFormFieldModule,
MatSelectModule,
MatButtonModule,
MatIconModule,
MatProgressSpinnerModule,
MatProgressBarModule,
MatCheckboxModule,
MatTooltipModule,
TranslateModule,
DetailLayoutModule,
],
})
export class UserCreateMachineModule { }

2
console/src/app/pages/users/user-create/user-create.component.html
View File

@ -1,4 +1,4 @@
<app-detail-layout [backRouterLink]="[ '/users/all']" title="{{ 'USER.CREATE.TITLE' | translate }}"
<app-detail-layout [backRouterLink]="[ '/users/list/humans']" title="{{ 'USER.CREATE.TITLE' | translate }}"
description="{{ 'USER.CREATE.DESCRIPTION' | translate }}">
<mat-progress-bar *ngIf="loading" color="accent" mode="indeterminate"></mat-progress-bar>

22
console/src/app/pages/users/user-create/user-create.component.ts
View File

@ -2,7 +2,7 @@ import { Component, OnDestroy } from '@angular/core';
import { AbstractControl, FormBuilder, FormGroup, Validators } from '@angular/forms';
import { Router } from '@angular/router';
import { Subscription } from 'rxjs';
import { CreateUserRequest, Gender, User } from 'src/app/proto/generated/management_pb';
import { CreateHumanRequest, CreateUserRequest, Gender, UserResponse } from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
@ -75,11 +75,6 @@ export class UserCreateComponent implements OnDestroy {
gender: [Gender.GENDER_UNSPECIFIED],
preferredLanguage: [''],
phone: [''],
streetAddress: [''],
postalCode: [''],
locality: [''],
region: [''],
country: [''],
});
}
@ -87,9 +82,20 @@ export class UserCreateComponent implements OnDestroy {
this.user = this.userForm.value;
this.loading = true;
const humanReq = new CreateHumanRequest();
humanReq.setFirstName(this.firstName?.value);
humanReq.setLastName(this.lastName?.value);
humanReq.setNickName(this.nickName?.value);
humanReq.setPreferredLanguage(this.preferredLanguage?.value);
humanReq.setEmail(this.email?.value);
humanReq.setPhone(this.phone?.value);
humanReq.setGender(this.gender?.value);
humanReq.setCountry(this.country?.value);
this.userService
.CreateUser(this.user)
.then((data: User) => {
.CreateUserHuman(this.userName?.value, humanReq)
.then((data: UserResponse) => {
this.loading = false;
this.toast.showInfo('USER.TOAST.CREATED', true);
this.router.navigate(['users', data.getId()]);

36
console/src/app/pages/users/user-detail/auth-user-detail/auth-user-detail.component.html
View File

@ -22,8 +22,8 @@
<div class="col" *ngIf="user">
<app-card class="app-card" title="{{ 'USER.PROFILE.TITLE' | translate }}">
<app-detail-form [genders]="genders" [languages]="languages" [profile]="user"
(changedLanguage)="changedLanguage($event)" (submitData)="saveProfile($event)">
<app-detail-form [genders]="genders" [languages]="languages" [username]="user.userName"
[user]="user.human" (changedLanguage)="changedLanguage($event)" (submitData)="saveProfile($event)">
</app-detail-form>
</app-card>
@ -51,11 +51,11 @@
<ng-container *ngIf="!emailEditState; else emailEdit">
<div class="actions">
<span class="name">{{user?.email}}</span>
<mat-icon class="icon" *ngIf="user?.isEmailVerified" color="primary" aria-hidden="false"
aria-label="verified icon">
<span class="name">{{user?.human?.email}}</span>
<mat-icon class="icon" *ngIf="user?.human?.isEmailVerified" color="primary"
aria-hidden="false" aria-label="verified icon">
check_circle_outline</mat-icon>
<ng-container *ngIf="user?.email && !user?.isEmailVerified">
<ng-container *ngIf="user?.human?.email && !user?.human?.isEmailVerified">
<mat-icon class="icon" color="warn" aria-hidden="false" aria-label="not verified icon">
highlight_off
</mat-icon>
@ -73,13 +73,14 @@
<ng-template #emailEdit>
<mat-form-field class="name">
<mat-label>{{ 'USER.EMAIL' | translate }}</mat-label>
<input matInput [(ngModel)]="user.email" />
<input *ngIf="user.human && user.human.email" matInput [(ngModel)]="user.human.email" />
</mat-form-field>
<button (click)="emailEditState = false" mat-icon-button>
<mat-icon class="icon">close</mat-icon>
</button>
<button [disabled]="!user.email" class="submit-button" type="button" color="primary"
(click)="saveEmail()" mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
<button *ngIf="user.human" [disabled]="!user.human.email" class="submit-button" type="button"
color="primary" (click)="saveEmail()"
mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
</ng-template>
</div>
@ -88,11 +89,11 @@
<ng-container *ngIf="!phoneEditState; else phoneEdit">
<div class="actions">
<span class="name">{{user?.phone}}</span>
<mat-icon class="icon" *ngIf="user?.isPhoneVerified" color="primary" aria-hidden="false"
aria-label="verified icon">
<span class="name">{{user?.human?.phone}}</span>
<mat-icon class="icon" *ngIf="user?.human?.isPhoneVerified" color="primary"
aria-hidden="false" aria-label="verified icon">
check_circle_outline</mat-icon>
<ng-container *ngIf="user?.phone && !user?.isPhoneVerified">
<ng-container *ngIf="user?.human?.phone && !user?.human?.isPhoneVerified">
<mat-icon class="icon" color="warn" aria-hidden="false" aria-label="not verified icon">
highlight_off
</mat-icon>
@ -113,16 +114,17 @@
<ng-template #phoneEdit>
<mat-form-field class="name">
<mat-label>{{ 'USER.PHONE' | translate }}</mat-label>
<input matInput [(ngModel)]="user.phone" />
<input *ngIf="user.human && user.human.phone" matInput [(ngModel)]="user.human.phone" />
</mat-form-field>
<button (click)="phoneEditState = false" mat-icon-button>
<mat-icon class="icon">close</mat-icon>
</button>
<button *ngIf="user.phone" color="warn" (click)="deletePhone()" mat-icon-button>
<button *ngIf="user.human && user.human.phone" color="warn" (click)="deletePhone()"
mat-icon-button>
<i class="las la-trash"></i>
</button>
<button [disabled]="!user.phone" type="button" color="primary" (click)="savePhone()"
mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
<button *ngIf="user.human" [disabled]="!user.human.phone" type="button" color="primary"
(click)="savePhone()" mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
</ng-template>
</div>
</div>

139
console/src/app/pages/users/user-detail/auth-user-detail/auth-user-detail.component.ts
View File

@ -53,60 +53,69 @@ export class AuthUserDetailComponent implements OnDestroy {
}
public saveProfile(profileData: UserProfile.AsObject): void {
this.user.firstName = profileData.firstName;
this.user.lastName = profileData.lastName;
this.user.nickName = profileData.nickName;
this.user.displayName = profileData.displayName;
this.user.gender = profileData.gender;
this.user.preferredLanguage = profileData.preferredLanguage;
this.userService
.SaveMyUserProfile(
this.user.firstName,
this.user.lastName,
this.user.nickName,
this.user.preferredLanguage,
this.user.gender,
)
.then((data: UserProfile) => {
this.toast.showInfo('USER.TOAST.SAVED', true);
this.user = Object.assign(this.user, data.toObject());
})
.catch(error => {
this.toast.showError(error);
});
if (this.user.human) {
this.user.human.firstName = profileData.firstName;
this.user.human.lastName = profileData.lastName;
this.user.human.nickName = profileData.nickName;
this.user.human.displayName = profileData.displayName;
this.user.human.gender = profileData.gender;
this.user.human.preferredLanguage = profileData.preferredLanguage;
this.userService
.SaveMyUserProfile(
this.user.human.firstName,
this.user.human.lastName,
this.user.human.nickName,
this.user.human.preferredLanguage,
this.user.human.gender,
)
.then((data: UserProfile) => {
this.toast.showInfo('USER.TOAST.SAVED', true);
this.user = Object.assign(this.user, data.toObject());
})
.catch(error => {
this.toast.showError(error);
});
}
}
public saveEmail(): void {
this.emailEditState = false;
this.userService
.SaveMyUserEmail(this.user.email).then((data: UserEmail) => {
this.toast.showInfo('USER.TOAST.EMAILSAVED', true);
this.user.email = data.toObject().email;
this.emailEditState = false;
}).catch(error => {
this.toast.showError(error);
this.emailEditState = false;
});
if (this.user.human) {
this.userService
.SaveMyUserEmail(this.user.human.email).then((data: UserEmail) => {
this.toast.showInfo('USER.TOAST.EMAILSAVED', true);
if (this.user.human) {
this.user.human.email = data.toObject().email;
}
this.emailEditState = false;
}).catch(error => {
this.toast.showError(error);
this.emailEditState = false;
});
}
}
public enterCode(): void {
const dialogRef = this.dialog.open(CodeDialogComponent, {
data: {
number: this.user.phone,
},
width: '400px',
});
if (this.user.human) {
const dialogRef = this.dialog.open(CodeDialogComponent, {
data: {
number: this.user.human.phone,
},
width: '400px',
});
dialogRef.afterClosed().subscribe(code => {
if (code) {
this.userService.VerifyMyUserPhone(code).then(() => {
this.toast.showInfo('USER.TOAST.PHONESAVED', true);
}).catch(error => {
this.toast.showError(error);
});
}
});
dialogRef.afterClosed().subscribe(code => {
if (code) {
this.userService.VerifyMyUserPhone(code).then(() => {
this.toast.showInfo('USER.TOAST.PHONESAVED', true);
}).catch(error => {
this.toast.showError(error);
});
}
});
}
}
public changedLanguage(language: string): void {
@ -130,25 +139,33 @@ export class AuthUserDetailComponent implements OnDestroy {
}
public deletePhone(): void {
this.userService.RemoveMyUserPhone().then(() => {
this.toast.showInfo('USER.TOAST.PHONEREMOVED', true);
this.user.phone = '';
this.phoneEditState = false;
}).catch(error => {
this.toast.showError(error);
});
if (this.user.human) {
this.userService.RemoveMyUserPhone().then(() => {
this.toast.showInfo('USER.TOAST.PHONEREMOVED', true);
if (this.user.human) {
this.user.human.phone = '';
}
this.phoneEditState = false;
}).catch(error => {
this.toast.showError(error);
});
}
}
public savePhone(): void {
this.phoneEditState = false;
this.userService
.SaveMyUserPhone(this.user.phone).then((data: UserPhone) => {
this.toast.showInfo('USER.TOAST.PHONESAVED', true);
this.user.phone = data.toObject().phone;
this.phoneEditState = false;
}).catch(error => {
this.toast.showError(error);
this.phoneEditState = false;
});
if (this.user.human) {
this.userService
.SaveMyUserPhone(this.user.human.phone).then((data: UserPhone) => {
this.toast.showInfo('USER.TOAST.PHONESAVED', true);
if (this.user.human) {
this.user.human.phone = data.toObject().phone;
}
this.phoneEditState = false;
}).catch(error => {
this.toast.showError(error);
this.phoneEditState = false;
});
}
}
}

29
console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.html Normal file
View File

@ -0,0 +1,29 @@
<form [formGroup]="machineForm" *ngIf="machineForm" (ngSubmit)="submitForm()">
<div class="content">
<mat-form-field class="formfield">
<mat-label>{{ 'USER.MACHINE.USERNAME' | translate }}</mat-label>
<input matInput formControlName="userName" required />
<mat-error *ngIf="userName?.invalid && userName?.errors?.required">
{{ 'USER.VALIDATION.REQUIRED' | translate }}
</mat-error>
<mat-error *ngIf="userName?.invalid && userName?.errors?.noEmailValidator">
{{ 'USER.VALIDATION.NOEMAIL' | translate }}
</mat-error>
</mat-form-field>
<mat-form-field class="formfield">
<mat-label>{{ 'USER.MACHINE.NAME' | translate }}</mat-label>
<input matInput formControlName="name" required />
<mat-error *ngIf="name?.invalid && name?.errors?.required">
{{ 'USER.VALIDATION.REQUIRED' | translate }}
</mat-error>
</mat-form-field>
<mat-form-field class="formfield">
<mat-label>{{ 'USER.MACHINE.DESCRIPTION' | translate }}</mat-label>
<input matInput formControlName="description" />
</mat-form-field>
</div>
<div class="btn-container">
<button class="submit-button" type="submit" color="primary"
mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
</div>
</form>

21
console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.scss Normal file
View File

@ -0,0 +1,21 @@
.content {
display: flex;
flex-direction: row;
flex-wrap: wrap;
margin: 0 -.5rem;
.formfield {
flex: 1 1 33%;
margin: 0 .5rem;
}
}
.btn-container {
display: flex;
justify-content: flex-end;
.submit-button {
border-radius: .5rem;
}
}

25
console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.spec.ts Normal file
View File

@ -0,0 +1,25 @@
import { async, ComponentFixture, TestBed } from '@angular/core/testing';
import { DetailFormComponent } from './detail-form.component';
describe('DetailFormComponent', () => {
let component: DetailFormComponent;
let fixture: ComponentFixture<DetailFormComponent>;
beforeEach(async(() => {
TestBed.configureTestingModule({
declarations: [DetailFormComponent],
})
.compileComponents();
}));
beforeEach(() => {
fixture = TestBed.createComponent(DetailFormComponent);
component = fixture.componentInstance;
fixture.detectChanges();
});
it('should create', () => {
expect(component).toBeTruthy();
});
});

55
console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.ts Normal file
View File

@ -0,0 +1,55 @@
import { Component, EventEmitter, Input, OnDestroy, OnInit, Output } from '@angular/core';
import { AbstractControl, FormBuilder, FormGroup, Validators } from '@angular/forms';
import { Subscription } from 'rxjs';
import { UserView } from '../../../../proto/generated/management_pb';
@Component({
selector: 'app-detail-form-machine',
templateUrl: './detail-form-machine.component.html',
styleUrls: ['./detail-form-machine.component.scss'],
})
export class DetailFormMachineComponent implements OnInit, OnDestroy {
@Input() public username!: string;
@Input() public user!: UserView;
@Input() public disabled: boolean = false;
@Output() public submitData: EventEmitter<any> = new EventEmitter<any>();
public machineForm!: FormGroup;
private sub: Subscription = new Subscription();
constructor(private fb: FormBuilder) {
this.machineForm = this.fb.group({
userName: [{ value: '', disabled: true }, [
Validators.required,
]],
name: [{ value: '', disabled: true }, Validators.required],
description: [{ value: '', disabled: this.disabled }],
});
}
public ngOnInit(): void {
this.machineForm.patchValue({ userName: this.username, ...this.user });
}
public ngOnDestroy(): void {
this.sub.unsubscribe();
}
public submitForm(): void {
this.submitData.emit(this.machineForm.value);
}
public get name(): AbstractControl | null {
return this.machineForm.get('name');
}
public get description(): AbstractControl | null {
return this.machineForm.get('description');
}
public get userName(): AbstractControl | null {
return this.machineForm.get('userName');
}
}

34
console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.module.ts Normal file
View File

@ -0,0 +1,34 @@
import { CommonModule } from '@angular/common';
import { NgModule } from '@angular/core';
import { FormsModule, ReactiveFormsModule } from '@angular/forms';
import { MatButtonModule } from '@angular/material/button';
import { MatFormFieldModule } from '@angular/material/form-field';
import { MatIconModule } from '@angular/material/icon';
import { MatInputModule } from '@angular/material/input';
import { MatSelectModule } from '@angular/material/select';
import { TranslateModule } from '@ngx-translate/core';
import { DetailFormMachineComponent } from './detail-form-machine.component';
@NgModule({
declarations: [
DetailFormMachineComponent,
],
imports: [
CommonModule,
FormsModule,
ReactiveFormsModule,
TranslateModule,
MatFormFieldModule,
MatInputModule,
MatSelectModule,
MatButtonModule,
MatIconModule,
TranslateModule,
],
exports: [
DetailFormMachineComponent,
],
})
export class DetailFormMachineModule { }

13
console/src/app/pages/users/user-detail/detail-form/detail-form.component.ts
View File

@ -1,8 +1,8 @@
import { Component, EventEmitter, Input, OnDestroy, OnInit, Output } from '@angular/core';
import { AbstractControl, FormBuilder, FormGroup, Validators } from '@angular/forms';
import { Subscription } from 'rxjs';
import { Gender as authGender, UserProfile as authUP } from 'src/app/proto/generated/auth_pb';
import { Gender as mgmtGender, UserProfile as mgmtUP } from 'src/app/proto/generated/management_pb';
import { Gender as authGender, UserProfile as authUP, UserView as authUV } from 'src/app/proto/generated/auth_pb';
import { Gender as mgmtGender, UserProfile as mgmtUP, UserView as mgmtUV } from 'src/app/proto/generated/management_pb';
@Component({
@ -11,11 +11,12 @@ import { Gender as mgmtGender, UserProfile as mgmtUP } from 'src/app/proto/gener
styleUrls: ['./detail-form.component.scss'],
})
export class DetailFormComponent implements OnInit, OnDestroy {
@Input() public profile!: mgmtUP | authUP;
@Input() public username!: string;
@Input() public user!: mgmtUV | authUV;
@Input() public disabled: boolean = false;
@Input() public genders: mgmtGender[] | authGender[] = [];
@Input() public languages: string[] = ['de', 'en'];
@Output() public submitData: EventEmitter<any> = new EventEmitter<any>();
@Output() public submitData: EventEmitter<mgmtUP | authUP> = new EventEmitter<mgmtUP | authUP>();
@Output() public changedLanguage: EventEmitter<string> = new EventEmitter<string>();
public profileForm!: FormGroup;
@ -36,7 +37,7 @@ export class DetailFormComponent implements OnInit, OnDestroy {
}
public ngOnInit(): void {
this.profileForm.patchValue(this.profile);
this.profileForm.patchValue({ userName: this.username, ...this.user });
if (this.preferredLanguage) {
this.sub = this.preferredLanguage.valueChanges.subscribe(value => {
@ -52,9 +53,11 @@ export class DetailFormComponent implements OnInit, OnDestroy {
public submitForm(): void {
this.submitData.emit(this.profileForm.value);
}
public get userName(): AbstractControl | null {
return this.profileForm.get('userName');
}
public get firstName(): AbstractControl | null {
return this.profileForm.get('firstName');
}

30
console/src/app/pages/users/user-detail/machine-keys/add-key-dialog/add-key-dialog.component.html Normal file
View File

@ -0,0 +1,30 @@
<span class="title" mat-dialog-title>{{'USER.MACHINE.ADD.TITLE' | translate}}</span>
<div mat-dialog-content>
<p class="desc"> {{'USER.MACHINE.ADD.DESCRIPTION' | translate}}</p>
<mat-form-field class="form-field" appearance="outline">
<mat-label>{{'USER.MACHINE.TYPE' | translate}}</mat-label>
<mat-select [(ngModel)]="type">
<mat-option *ngFor="let t of types" [value]="t">
{{'USER.MACHINE.KEYTYPES.'+t | translate}}
</mat-option>
</mat-select>
</mat-form-field>
<mat-form-field class="form-field" appearance="outline">
<mat-label>{{'USER.MACHINE.CHOOSEEXPIRY' | translate}}</mat-label>
<input matInput [matDatepicker]="picker" [(ngModel)]="date">
<mat-datepicker-toggle matSuffix [for]="picker"></mat-datepicker-toggle>
<mat-datepicker #picker></mat-datepicker>
</mat-form-field>
</div>
<div mat-dialog-actions class="action">
<button mat-button (click)="closeDialog()">
{{'ACTIONS.CANCEL' | translate}}
</button>
<button color="primary" mat-raised-button class="ok-button" [disabled]="type == undefined"
(click)="closeDialogWithSuccess()">
{{'ACTIONS.ADD' | translate}}
</button>
</div>

26
console/src/app/pages/users/user-detail/machine-keys/add-key-dialog/add-key-dialog.component.scss Normal file
View File

@ -0,0 +1,26 @@
.title {
font-size: 1.2rem;
margin-top: 0;
}
.desc {
color: #8795a1;
font-size: .9rem;
}
.form-field {
width: 100%;
}
.action {
display: flex;
justify-content: flex-end;
.ok-button {
margin-left: .5rem;
}
button {
border-radius: .5rem;
}
}

25
console/src/app/pages/users/user-detail/machine-keys/add-key-dialog/add-key-dialog.component.spec.ts Normal file
View File

@ -0,0 +1,25 @@
import { async, ComponentFixture, TestBed } from '@angular/core/testing';
import { AddKeyDialogComponent } from './add-key-dialog.component';
describe('AddKeyDialogComponent', () => {
let component: AddKeyDialogComponent;
let fixture: ComponentFixture<AddKeyDialogComponent>;
beforeEach(async(() => {
TestBed.configureTestingModule({
declarations: [AddKeyDialogComponent],
})
.compileComponents();
}));
beforeEach(() => {
fixture = TestBed.createComponent(AddKeyDialogComponent);
component = fixture.componentInstance;
fixture.detectChanges();
});
it('should create', () => {
expect(component).toBeTruthy();
});
});

32
console/src/app/pages/users/user-detail/machine-keys/add-key-dialog/add-key-dialog.component.ts Normal file
View File

@ -0,0 +1,32 @@
import { Component, Inject, OnInit } from '@angular/core';
import { MAT_DIALOG_DATA, MatDialogRef } from '@angular/material/dialog';
import { MachineKeyType } from 'src/app/proto/generated/management_pb';
@Component({
selector: 'app-add-key-dialog',
templateUrl: './add-key-dialog.component.html',
styleUrls: ['./add-key-dialog.component.scss'],
})
export class AddKeyDialogComponent implements OnInit {
types: MachineKeyType[] = [
MachineKeyType.MACHINEKEY_JSON,
];
date: any;
public type: MachineKeyType = MachineKeyType.MACHINEKEY_JSON;
constructor(
public dialogRef: MatDialogRef<AddKeyDialogComponent>,
@Inject(MAT_DIALOG_DATA) public data: any,
) { }
ngOnInit(): void {
}
public closeDialog(): void {
this.dialogRef.close(false);
}
public closeDialogWithSuccess(): void {
this.dialogRef.close({ type: this.type, date: this.date });
}
}

28
console/src/app/pages/users/user-detail/machine-keys/add-key-dialog/add-key-dialog.module.ts Normal file
View File

@ -0,0 +1,28 @@
import { CommonModule } from '@angular/common';
import { NgModule } from '@angular/core';
import { FormsModule } from '@angular/forms';
import { MatButtonModule } from '@angular/material/button';
import { MatDatepickerModule } from '@angular/material/datepicker';
import { MatFormFieldModule } from '@angular/material/form-field';
import { MatIconModule } from '@angular/material/icon';
import { MatInputModule } from '@angular/material/input';
import { MatSelectModule } from '@angular/material/select';
import { TranslateModule } from '@ngx-translate/core';
import { AddKeyDialogComponent } from './add-key-dialog.component';
@NgModule({
declarations: [AddKeyDialogComponent],
imports: [
CommonModule,
TranslateModule,
MatButtonModule,
MatFormFieldModule,
MatSelectModule,
MatInputModule,
MatIconModule,
FormsModule,
MatDatepickerModule,
],
})
export class AddKeyDialogModule { }

65
console/src/app/pages/users/user-detail/machine-keys/machine-keys.component.html Normal file
View File

@ -0,0 +1,65 @@
<app-refresh-table [loading]="loading$ | async" (refreshed)="refreshPage()" [dataSize]="dataSource.data.length"
[timestamp]="keyResult?.viewTimestamp" [selection]="selection">
<ng-template appHasRole [appHasRole]="['user.write']" actions>
<button color="warn" [disabled]="([('user.write:' + userId), 'user.write'] | hasRole | async) == false"
(click)="deleteSelectedKeys()" matTooltip="{{'ACTIONS.DELETE' | translate}}" class="icon-button"
mat-icon-button *ngIf="selection.hasValue()">
<i class="las la-trash"></i>
</button>
<a class="add-button" [disabled]="([('user.write:' + userId), 'user.write'] | hasRole | async) == false"
color="primary" mat-raised-button (click)="openAddKey()">
<mat-icon class="icon">add</mat-icon>{{ 'ACTIONS.NEW' | translate }}
</a>
</ng-template>
<div class="table-wrapper">
<table class="table background-style" mat-table [dataSource]="dataSource">
<ng-container matColumnDef="select">
<th mat-header-cell *matHeaderCellDef>
<mat-checkbox color="primary" (change)="$event ? masterToggle() : null"
[checked]="selection.hasValue() && isAllSelected()"
[indeterminate]="selection.hasValue() && !isAllSelected()">
</mat-checkbox>
</th>
<td mat-cell *matCellDef="let key">
<mat-checkbox color="primary" (click)="$event.stopPropagation()"
(change)="$event ? selection.toggle(key) : null" [checked]="selection.isSelected(key)">
</mat-checkbox>
</td>
</ng-container>
<ng-container matColumnDef="id">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.MACHINE.ID' | translate }} </th>
<td mat-cell *matCellDef="let key"> {{key?.id}} </td>
</ng-container>
<ng-container matColumnDef="type">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.MACHINE.TYPE' | translate }} </th>
<td mat-cell *matCellDef="let key"> {{'USER.MACHINE.KEYTYPES.'+key?.type | translate}} </td>
</ng-container>
<ng-container matColumnDef="creationDate">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.MACHINE.CREATIONDATE' | translate }} </th>
<td mat-cell *matCellDef="let key">
{{key.creationDate | timestampToDate | localizedDate: 'EEE dd. MMM, HH:mm'}}
</td>
</ng-container>
<ng-container matColumnDef="expirationDate">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.MACHINE.EXPIRYDATE' | translate }} </th>
<td mat-cell *matCellDef="let key">
{{key.expirationDate | timestampToDate | localizedDate: 'EEE dd. MMM, HH:mm'}}
</td>
</ng-container>
<tr mat-header-row *matHeaderRowDef="displayedColumns"></tr>
<tr class="data-row" mat-row *matRowDef="let row; columns: displayedColumns;"
[routerLink]="row.id ? ['/users', row.id ]: null">
</tr>
</table>
<mat-paginator #paginator class="paginator background-style" [length]="keyResult?.totalResult || 0"
[pageSize]="10" [pageSizeOptions]="[5, 10, 20]" (page)="changePage($event)"></mat-paginator>
</div>
</app-refresh-table>

39
console/src/app/pages/users/user-detail/machine-keys/machine-keys.component.scss Normal file
View File

@ -0,0 +1,39 @@
.table-wrapper {
overflow: auto;
.table,
.paginator {
width: 100%;
td,
th {
padding: 0 1rem;
&:first-child {
padding-left: 0;
padding-right: 1rem;
}
&:last-child {
padding-right: 0;
}
}
.data-row {
cursor: pointer;
&:hover {
background-color: #ffffff05;
}
}
}
}
tr {
outline: none;
}
.add-button {
border-radius: .5rem;
}

25
console/src/app/pages/users/user-detail/machine-keys/machine-keys.component.spec.ts Normal file
View File

@ -0,0 +1,25 @@
import { async, ComponentFixture, TestBed } from '@angular/core/testing';
import { MachineKeysComponent } from './machine-keys.component';
describe('MachineKeysComponent', () => {
let component: MachineKeysComponent;
let fixture: ComponentFixture<MachineKeysComponent>;
beforeEach(async(() => {
TestBed.configureTestingModule({
declarations: [MachineKeysComponent],
})
.compileComponents();
}));
beforeEach(() => {
fixture = TestBed.createComponent(MachineKeysComponent);
component = fixture.componentInstance;
fixture.detectChanges();
});
it('should create', () => {
expect(component).toBeTruthy();
});
});

124
console/src/app/pages/users/user-detail/machine-keys/machine-keys.component.ts Normal file
View File

@ -0,0 +1,124 @@
import { SelectionModel } from '@angular/cdk/collections';
import { Component, EventEmitter, Input, OnInit, Output, ViewChild } from '@angular/core';
import { MatDialog } from '@angular/material/dialog';
import { MatPaginator, PageEvent } from '@angular/material/paginator';
import { MatTableDataSource } from '@angular/material/table';
import { TranslateService } from '@ngx-translate/core';
import { Timestamp } from 'google-protobuf/google/protobuf/timestamp_pb';
import { BehaviorSubject, Observable } from 'rxjs';
import { MachineKeySearchResponse, MachineKeyType, MachineKeyView } from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
import { AddKeyDialogComponent } from './add-key-dialog/add-key-dialog.component';
@Component({
selector: 'app-machine-keys',
templateUrl: './machine-keys.component.html',
styleUrls: ['./machine-keys.component.scss'],
})
export class MachineKeysComponent implements OnInit {
@Input() userId!: string;
@ViewChild(MatPaginator) public paginator!: MatPaginator;
public dataSource: MatTableDataSource<MachineKeyView.AsObject> = new MatTableDataSource<MachineKeyView.AsObject>();
public selection: SelectionModel<MachineKeyView.AsObject> = new SelectionModel<MachineKeyView.AsObject>(true, []);
public keyResult!: MachineKeySearchResponse.AsObject;
private loadingSubject: BehaviorSubject<boolean> = new BehaviorSubject<boolean>(false);
public loading$: Observable<boolean> = this.loadingSubject.asObservable();
@Input() public displayedColumns: string[] = ['select', 'id', 'type', 'creationDate', 'expirationDate'];
@Output() public changedSelection: EventEmitter<Array<MachineKeyView.AsObject>> = new EventEmitter();
constructor(public translate: TranslateService, private userService: ManagementService, private dialog: MatDialog,
private toast: ToastService) {
this.selection.changed.subscribe(() => {
this.changedSelection.emit(this.selection.selected);
});
}
public ngOnInit(): void {
this.getData(10, 0);
}
public isAllSelected(): boolean {
const numSelected = this.selection.selected.length;
const numRows = this.dataSource.data.length;
return numSelected === numRows;
}
public masterToggle(): void {
this.isAllSelected() ?
this.selection.clear() :
this.dataSource.data.forEach(row => this.selection.select(row));
}
public changePage(event: PageEvent): void {
this.getData(event.pageSize, event.pageIndex * event.pageSize);
}
public deleteSelectedKeys(): void {
Promise.all(this.selection.selected.map(value => {
return this.userService.DeleteMachineKey(value.id, this.userId);
})).then(() => {
this.selection.clear();
this.toast.showInfo('USER.TOAST.SELECTEDKEYSDELETED', true);
this.getData(10, 0);
});
}
public openAddKey(): void {
const dialogRef = this.dialog.open(AddKeyDialogComponent, {
data: {},
width: '400px',
});
dialogRef.afterClosed().subscribe(resp => {
if (resp) {
const type: MachineKeyType = resp.type;
let date: Timestamp | undefined;
if (resp.date as Date) {
const ts = new Timestamp();
const milliseconds = resp.date.getTime();
const seconds = Math.abs(milliseconds / 1000);
const nanos = (milliseconds - seconds * 1000) * 1000 * 1000;
ts.setSeconds(seconds);
ts.setNanos(nanos);
date = ts;
console.log(date.toObject());
}
if (type) {
console.log(this.userId, type, date);
return this.userService.AddMachineKey(this.userId, type, date).then(() => {
this.toast.showInfo('ORG.TOAST.MEMBERADDED', true);
}).catch((error: any) => {
this.toast.showError(error);
});
}
}
});
}
private async getData(limit: number, offset: number): Promise<void> {
this.loadingSubject.next(true);
this.userService.SearchMachineKeys(this.userId, limit, offset).then(resp => {
this.keyResult = resp.toObject();
this.dataSource.data = this.keyResult.resultList;
console.log(this.keyResult.resultList);
this.loadingSubject.next(false);
}).catch((error: any) => {
this.toast.showError(error);
this.loadingSubject.next(false);
});
}
public refreshPage(): void {
this.getData(this.paginator.pageSize, this.paginator.pageIndex * this.paginator.pageSize);
}
}

7
console/src/app/pages/users/user-detail/membership-detail/membership-detail.component.html
View File

@ -1,14 +1,9 @@
<app-detail-layout [backRouterLink]="[ '/users', user?.id]"
title="{{user?.displayName}} {{ 'USER.MEMBERSHIPS.TITLE' | translate }}"
title="{{user?.human?.displayName}} {{ 'USER.MEMBERSHIPS.TITLE' | translate }}"
description="{{ 'USER.MEMBERSHIPS.DESCRIPTION' | translate }}">
<app-refresh-table class="refresh-table" (refreshed)="refreshPage()" [dataSize]="dataSource?.totalResult"
[timestamp]="dataSource?.viewTimestamp" [selection]="selection" [loading]="dataSource?.loading$ | async">
<!-- <button actions (click)="removeSelectedMemberships()" matTooltip="{{'USER.MEMBERSHIPS.REMOVE' | translate}}"
class="icon-button" mat-icon-button *ngIf="selection.hasValue()" color="warn">
<i class="las la-trash"></i>
</button> -->
<a actions color="primary" class="add-button" (click)="addMember()" color="primary" mat-raised-button>
<mat-icon class="icon">add</mat-icon>{{ 'ACTIONS.NEW' | translate }}
</a>

10
console/src/app/pages/users/user-detail/membership-detail/membership-detail.component.ts
View File

@ -6,7 +6,7 @@ import { MatTable } from '@angular/material/table';
import { ActivatedRoute } from '@angular/router';
import { tap } from 'rxjs/operators';
import { CreationType, MemberCreateDialogComponent } from 'src/app/modules/add-member-dialog/member-create-dialog.component';
import { User, UserMembershipSearchResponse, UserMembershipView, UserView } from 'src/app/proto/generated/management_pb';
import { UserMembershipSearchResponse, UserMembershipView, UserView } from 'src/app/proto/generated/management_pb';
import { AdminService } from 'src/app/services/admin.service';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
@ -124,7 +124,7 @@ export class MembershipDetailComponent implements AfterViewInit {
}
public createIamMember(response: any): void {
const users: User.AsObject[] = response.users;
const users: UserView.AsObject[] = response.users;
const roles: string[] = response.roles;
if (users && users.length && roles && roles.length) {
@ -139,7 +139,7 @@ export class MembershipDetailComponent implements AfterViewInit {
}
private createOrgMember(response: any): void {
const users: User.AsObject[] = response.users;
const users: UserView.AsObject[] = response.users;
const roles: string[] = response.roles;
if (users && users.length && roles && roles.length) {
@ -154,7 +154,7 @@ export class MembershipDetailComponent implements AfterViewInit {
}
private createGrantedProjectMember(response: any): void {
const users: User.AsObject[] = response.users;
const users: UserView.AsObject[] = response.users;
const roles: string[] = response.roles;
if (users && users.length && roles && roles.length) {
@ -174,7 +174,7 @@ export class MembershipDetailComponent implements AfterViewInit {
}
private createOwnedProjectMember(response: any): void {
const users: User.AsObject[] = response.users;
const users: UserView.AsObject[] = response.users;
const roles: string[] = response.roles;
if (users && users.length && roles && roles.length) {

8
console/src/app/pages/users/user-detail/user-detail-routing.module.ts
View File

@ -16,6 +16,14 @@ const routes: Routes = [
roles: ['user.write'],
},
},
{
path: 'create-machine',
loadChildren: () => import('../user-create-machine/user-create-machine.module').then(m => m.UserCreateMachineModule),
canActivate: [AuthGuard, RoleGuard],
data: {
roles: ['user.write'],
},
},
{
path: 'me',
component: AuthUserDetailComponent,

12
console/src/app/pages/users/user-detail/user-detail.module.ts
View File

@ -2,6 +2,7 @@ import { CommonModule } from '@angular/common';
import { NgModule } from '@angular/core';
import { FormsModule, ReactiveFormsModule } from '@angular/forms';
import { MatButtonModule } from '@angular/material/button';
import { MatCheckboxModule } from '@angular/material/checkbox';
import { MatDialogModule } from '@angular/material/dialog';
import { MatFormFieldModule } from '@angular/material/form-field';
import { MatIconModule } from '@angular/material/icon';
@ -25,13 +26,18 @@ import { RefreshTableModule } from 'src/app/modules/refresh-table/refresh-table.
import { SharedModule } from 'src/app/modules/shared/shared.module';
import { UserGrantsModule } from 'src/app/modules/user-grants/user-grants.module';
import { HasRolePipeModule } from 'src/app/pipes/has-role-pipe.module';
import { LocalizedDatePipeModule } from 'src/app/pipes/localized-date-pipe.module';
import { TimestampToDatePipeModule } from 'src/app/pipes/timestamp-to-date-pipe.module';
import { AuthUserDetailComponent } from './auth-user-detail/auth-user-detail.component';
import { AuthUserMfaComponent } from './auth-user-detail/auth-user-mfa/auth-user-mfa.component';
import { CodeDialogComponent } from './auth-user-detail/code-dialog/code-dialog.component';
import { DialogOtpComponent } from './auth-user-detail/dialog-otp/dialog-otp.component';
import { ThemeSettingComponent } from './auth-user-detail/theme-setting/theme-setting.component';
import { DetailFormMachineModule } from './detail-form-machine/detail-form-machine.module';
import { DetailFormModule } from './detail-form/detail-form.module';
import { AddKeyDialogModule } from './machine-keys/add-key-dialog/add-key-dialog.module';
import { MachineKeysComponent } from './machine-keys/machine-keys.component';
import { MembershipsComponent } from './memberships/memberships.component';
import { PasswordComponent } from './password/password.component';
import { UserDetailRoutingModule } from './user-detail-routing.module';
@ -49,6 +55,7 @@ import { UserMfaComponent } from './user-detail/user-mfa/user-mfa.component';
PasswordComponent,
CodeDialogComponent,
MembershipsComponent,
MachineKeysComponent,
],
imports: [
UserDetailRoutingModule,
@ -57,9 +64,12 @@ import { UserMfaComponent } from './user-detail/user-mfa/user-mfa.component';
FormsModule,
ReactiveFormsModule,
DetailFormModule,
DetailFormMachineModule,
MatDialogModule,
QRCodeModule,
MetaLayoutModule,
AddKeyDialogModule,
MatCheckboxModule,
HasRolePipeModule,
MatFormFieldModule,
UserGrantsModule,
@ -80,6 +90,8 @@ import { UserMfaComponent } from './user-detail/user-mfa/user-mfa.component';
DetailLayoutModule,
PasswordComplexityViewModule,
MemberCreateDialogModule,
TimestampToDatePipeModule,
LocalizedDatePipeModule,
],
})
export class UserDetailModule { }

57
console/src/app/pages/users/user-detail/user-detail/user-detail.component.html
View File

@ -4,7 +4,7 @@
<a (click)="navigateBack()" mat-icon-button>
<mat-icon class="icon">arrow_back</mat-icon>
</a>
<h1>{{user?.displayName}}</h1>
<h1>{{user.human ? user.human?.displayName : user.machine?.name}}</h1>
<span class="fill-space"></span>
@ -37,14 +37,27 @@
</app-card>
<ng-template appHasRole [appHasRole]="['user.read', 'user.read:'+user?.id]">
<app-card title="{{ 'USER.PROFILE.TITLE' | translate }}">
<app-card *ngIf="user.human" title="{{ 'USER.PROFILE.TITLE' | translate }}">
<app-detail-form [disabled]="(['user.write:' + user?.id, 'user.write'] | hasRole | async) == false"
[genders]="genders" [languages]="languages" [profile]="user" (submitData)="saveProfile($event)">
[genders]="genders" [languages]="languages" [username]="user.userName" [user]="user.human"
(submitData)="saveProfile($event)">
</app-detail-form>
</app-card>
<app-card *ngIf="user.machine" title="{{ 'USER.MACHINE.TITLE' | translate }}">
<app-detail-form-machine
[disabled]="(['user.write:' + user?.id, 'user.write'] | hasRole | async) == false"
[username]="user.userName" [user]="user.machine" (submitData)="saveMachine($event)">
</app-detail-form-machine>
</app-card>
<app-card *ngIf="user.id" title="{{ 'USER.MACHINE.KEYSTITLE' | translate }}"
description="{{ 'USER.MACHINE.KEYSDESC' | translate }}">
<app-machine-keys [userId]="user.id"></app-machine-keys>
</app-card>
</ng-template>
<app-card title="{{ 'USER.LOGINMETHODS.TITLE' | translate }}"
<app-card *ngIf="user.human" title="{{ 'USER.LOGINMETHODS.TITLE' | translate }}"
description="{{ 'USER.LOGINMETHODS.DESCRIPTION' | translate }}">
<div class="method-col">
<div class="method-row">
@ -65,11 +78,11 @@
<ng-container *ngIf="!emailEditState; else emailEdit">
<div class="actions">
<span class="name">{{user?.email}}</span>
<mat-icon class="icon" *ngIf="user?.isEmailVerified" color="primary" aria-hidden="false"
aria-label="verified icon">
<span class="name">{{user?.human?.email}}</span>
<mat-icon class="icon" *ngIf="user?.human?.isEmailVerified" color="primary"
aria-hidden="false" aria-label="verified icon">
check_circle_outline</mat-icon>
<ng-container *ngIf="user?.email && !user?.isEmailVerified">
<ng-container *ngIf="user?.human?.email && !user?.human?.isEmailVerified">
<mat-icon class="icon" color="warn" aria-hidden="false" aria-label="not verified icon">
highlight_off
</mat-icon>
@ -87,13 +100,15 @@
<ng-template #emailEdit>
<mat-form-field class="name">
<mat-label>{{ 'USER.EMAIL' | translate }}</mat-label>
<input matInput [(ngModel)]="user.email" />
<input matInput *ngIf="user.human && user.human.email" [(ngModel)]="user.human.email" />
</mat-form-field>
<button (click)="emailEditState = false" mat-icon-button>
<mat-icon class="icon">close</mat-icon>
</button>
<button [disabled]="!user.email" class="submit-button" type="button" color="primary"
(click)="saveEmail()" mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
<button *ngIf="user.human"
[disabled]="!user.human.email || (['user.write','user.write' + user.id] | hasRole | async) == false"
class="submit-button" type="button" color="primary" (click)="saveEmail()"
mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
</ng-template>
</div>
@ -102,11 +117,11 @@
<ng-container *ngIf="!phoneEditState; else phoneEdit">
<div class="actions">
<span class="name">{{user?.phone}}</span>
<mat-icon class="icon" *ngIf="user?.isPhoneVerified" color="primary" aria-hidden="false"
aria-label="verified icon">
<span class="name">{{user?.human?.phone}}</span>
<mat-icon class="icon" *ngIf="user?.human?.isPhoneVerified" color="primary"
aria-hidden="false" aria-label="verified icon">
check_circle_outline</mat-icon>
<ng-container *ngIf="user?.phone && !user?.isPhoneVerified">
<ng-container *ngIf="user?.human?.phone && !user?.human?.isPhoneVerified">
<mat-icon class="icon" color="warn" aria-hidden="false" aria-label="not verified icon">
highlight_off
</mat-icon>
@ -125,22 +140,24 @@
<ng-template #phoneEdit>
<mat-form-field class="name">
<mat-label>{{ 'USER.PHONE' | translate }}</mat-label>
<input matInput [(ngModel)]="user.phone" />
<input *ngIf="user.human && user.human.phone" matInput [(ngModel)]="user.human.phone" />
</mat-form-field>
<button (click)="phoneEditState = false" mat-icon-button>
<mat-icon class="icon">close</mat-icon>
</button>
<button *ngIf="user.phone" color="warn" (click)="deletePhone()" mat-icon-button>
<button *ngIf="user.human?.phone" color="warn" (click)="deletePhone()" mat-icon-button>
<i class="las la-trash"></i>
</button>
<button [disabled]="!user.phone" type="button" color="primary" (click)="savePhone()"
mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
<button *ngIf="user.human"
[disabled]="!user.human.phone || (['user.write', 'user.write'+ user.id]| hasRole | async) == false"
type="button" color="primary" (click)="savePhone()" mat-raised-button>
{{ 'ACTIONS.SAVE' | translate }}</button>
</ng-template>
</div>
</div>
</app-card>
<app-user-mfa *ngIf="user" [user]="user"></app-user-mfa>
<app-user-mfa *ngIf="user && user.human" [user]="user"></app-user-mfa>
<app-card *ngIf="user?.id" title="{{ 'GRANTS.USER.TITLE' | translate }}"
description="{{'GRANTS.USER.DESCRIPTION' | translate }}">

107
console/src/app/pages/users/user-detail/user-detail/user-detail.component.ts
View File

@ -6,6 +6,8 @@ import { Subscription } from 'rxjs';
import { ChangeType } from 'src/app/modules/changes/changes.component';
import {
Gender,
MachineResponse,
MachineView,
NotificationType,
UserEmail,
UserPhone,
@ -79,27 +81,48 @@ export class UserDetailComponent implements OnInit, OnDestroy {
}
public saveProfile(profileData: UserProfile.AsObject): void {
this.user.firstName = profileData.firstName;
this.user.lastName = profileData.lastName;
this.user.nickName = profileData.nickName;
this.user.displayName = profileData.displayName;
this.user.gender = profileData.gender;
this.user.preferredLanguage = profileData.preferredLanguage;
this.mgmtUserService
.SaveUserProfile(
this.user.id,
this.user.firstName,
this.user.lastName,
this.user.nickName,
this.user.preferredLanguage,
this.user.gender)
.then((data: UserProfile) => {
this.toast.showInfo('USER.TOAST.SAVED', true);
this.user = Object.assign(this.user, data.toObject());
})
.catch(error => {
this.toast.showError(error);
});
if (this.user.human) {
this.user.human.firstName = profileData.firstName;
this.user.human.lastName = profileData.lastName;
this.user.human.nickName = profileData.nickName;
this.user.human.displayName = profileData.displayName;
this.user.human.gender = profileData.gender;
this.user.human.preferredLanguage = profileData.preferredLanguage;
this.mgmtUserService
.SaveUserProfile(
this.user.id,
this.user.human.firstName,
this.user.human.lastName,
this.user.human.nickName,
this.user.human.preferredLanguage,
this.user.human.gender)
.then((data: UserProfile) => {
this.toast.showInfo('USER.TOAST.SAVED', true);
this.user = Object.assign(this.user, data.toObject());
})
.catch(error => {
this.toast.showError(error);
});
}
}
public saveMachine(machineData: MachineView.AsObject): void {
if (this.user.machine) {
this.user.machine.name = machineData.name;
this.user.machine.description = machineData.description;
this.mgmtUserService
.UpdateUserMachine(
this.user.id,
this.user.machine.description)
.then((data: MachineResponse) => {
this.toast.showInfo('USER.TOAST.SAVED', true);
this.user = Object.assign(this.user, data.toObject());
})
.catch(error => {
this.toast.showError(error);
});
}
}
public resendVerification(): void {
@ -121,7 +144,9 @@ export class UserDetailComponent implements OnInit, OnDestroy {
public deletePhone(): void {
this.mgmtUserService.RemoveUserPhone(this.user.id).then(() => {
this.toast.showInfo('USER.TOAST.PHONEREMOVED', true);
this.user.phone = '';
if (this.user.human) {
this.user.human.phone = '';
}
this.phoneEditState = false;
}).catch(error => {
this.toast.showError(error);
@ -130,25 +155,33 @@ export class UserDetailComponent implements OnInit, OnDestroy {
public saveEmail(): void {
this.emailEditState = false;
this.mgmtUserService
.SaveUserEmail(this.user.id, this.user.email).then((data: UserEmail) => {
this.toast.showInfo('USER.TOAST.EMAILSENT', true);
this.user.email = data.toObject().email;
}).catch(error => {
this.toast.showError(error);
});
if (this.user && this.user.human?.phone) {
this.mgmtUserService
.SaveUserEmail(this.user.id, this.user.human.email).then((data: UserEmail) => {
this.toast.showInfo('USER.TOAST.EMAILSENT', true);
if (this.user.human) {
this.user.human.email = data.toObject().email;
}
}).catch(error => {
this.toast.showError(error);
});
}
}
public savePhone(): void {
this.phoneEditState = false;
this.mgmtUserService
.SaveUserPhone(this.user.id, this.user.phone).then((data: UserPhone) => {
this.toast.showInfo('USER.TOAST.PHONESAVED', true);
this.user.phone = data.toObject().phone;
this.phoneEditState = false;
}).catch(error => {
this.toast.showError(error);
});
if (this.user && this.user.human?.phone) {
this.mgmtUserService
.SaveUserPhone(this.user.id, this.user.human.phone).then((data: UserPhone) => {
this.toast.showInfo('USER.TOAST.PHONESAVED', true);
if (this.user.human) {
this.user.human.phone = data.toObject().phone;
}
this.phoneEditState = false;
}).catch(error => {
this.toast.showError(error);
});
}
}
public navigateBack(): void {

17
console/src/app/pages/users/user-list/user-list-routing.module.ts
View File

@ -1,14 +1,25 @@
import { NgModule } from '@angular/core';
import { RouterModule, Routes } from '@angular/router';
import { UserListComponent } from './user-list.component';
import { UserListComponent, UserType } from './user-list.component';
const routes: Routes = [
{
path: '',
path: 'humans',
component: UserListComponent,
data: { animation: 'HomePage' },
data: {
animation: 'HomePage',
type: UserType.HUMAN,
},
},
{
path: 'machines',
component: UserListComponent,
data: {
animation: 'HomePage',
type: UserType.MACHINE,
},
},
];

83
console/src/app/pages/users/user-list/user-list.component.html
View File

@ -1,74 +1,17 @@
<div class="max-width-container">
<h1>{{ 'USER.PAGES.LIST' | translate }}</h1>
<p class="sub">{{ 'USER.PAGES.DESCRIPTION' | translate }}</p>
<div class="max-width-container" [ngSwitch]="type">
<ng-container *ngSwitchCase="UserType.HUMAN">
<h1>{{ 'USER.PAGES.LIST' | translate }}</h1>
<p class="sub">{{ 'USER.PAGES.DESCRIPTION' | translate }}</p>
<app-refresh-table [loading]="loading$ | async" (refreshed)="refreshPage()" [dataSize]="dataSource.data.length"
[timestamp]="userResult?.viewTimestamp">
<ng-template appHasRole [appHasRole]="['user.write']" actions>
<button (click)="deactivateSelectedUsers()" matTooltip="{{'ORG_DETAIL.TABLE.DEACTIVATE' | translate}}"
class="icon-button" mat-icon-button *ngIf="selection.hasValue()">
<mat-icon svgIcon="mdi_account_cancel"></mat-icon>
</button>
<button (click)="reactivateSelectedUsers()" matTooltip="{{'ORG_DETAIL.TABLE.ACTIVATE' | translate}}"
class="icon-button" mat-icon-button *ngIf="selection.hasValue()">
<mat-icon svgIcon="mdi_account_check_outline"></mat-icon>
</button>
<a class="add-button" [routerLink]="[ '/users', 'create']" color="primary" mat-raised-button>
<mat-icon class="icon">add</mat-icon>{{ 'ACTIONS.NEW' | translate }}
</a>
</ng-template>
<app-user-table [userType]="UserType.HUMAN"></app-user-table>
</ng-container>
<div class="table-wrapper">
<table class="table background-style" mat-table [dataSource]="dataSource">
<ng-container matColumnDef="select">
<th mat-header-cell *matHeaderCellDef>
<mat-checkbox color="primary" (change)="$event ? masterToggle() : null"
[checked]="selection.hasValue() && isAllSelected()"
[indeterminate]="selection.hasValue() && !isAllSelected()">
</mat-checkbox>
</th>
<td mat-cell *matCellDef="let user">
<mat-checkbox color="primary" (click)="$event.stopPropagation()"
(change)="$event ? selection.toggle(user) : null" [checked]="selection.isSelected(user)">
<app-avatar *ngIf="user && user.displayName" class="avatar" [name]="user.displayName"
[size]="32">
</app-avatar>
</mat-checkbox>
</td>
</ng-container>
<ng-container *ngSwitchCase="UserType.MACHINE">
<h1>{{ 'USER.PAGES.LISTMACHINE' | translate }}</h1>
<p class="sub">{{ 'USER.PAGES.DESCRIPTIONMACHINE' | translate }}</p>
<ng-container matColumnDef="firstname">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.PROFILE.FIRSTNAME' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user.firstName}} </td>
</ng-container>
<ng-container matColumnDef="lastname">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.PROFILE.LASTNAME' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user.lastName}} </td>
</ng-container>
<ng-container matColumnDef="username">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.PROFILE.USERNAME' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user.userName}} </td>
</ng-container>
<ng-container matColumnDef="email">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.EMAIL' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user.email}} </td>
</ng-container>
<ng-container matColumnDef="state">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.DATA.STATE' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{ 'USER.DATA.STATE'+user.state | translate }} </td>
</ng-container>
<tr mat-header-row *matHeaderRowDef="displayedColumns"></tr>
<tr class="data-row" mat-row *matRowDef="let row; columns: displayedColumns;"
[routerLink]="['/users', row.id]">
</tr>
</table>
<mat-paginator #paginator class="paginator background-style" [length]="userResult?.totalResult || 0"
[pageSize]="10" [pageSizeOptions]="[5, 10, 20]" (page)="changePage($event)"></mat-paginator>
</div>
</app-refresh-table>
<app-user-table [userType]="UserType.MACHINE"
[displayedColumns]="['select','name', 'username', 'description','state']">
</app-user-table>
</ng-container>
</div>

39
console/src/app/pages/users/user-list/user-list.component.scss
View File

@ -6,42 +6,3 @@ h1 {
color: #8795a1;
margin-bottom: 2rem;
}
.add-button {
border-radius: .5rem;
}
.table-wrapper {
overflow: auto;
.table,
.paginator {
width: 100%;
td,
th {
padding: 0 1rem;
&:first-child {
padding-left: 0;
padding-right: 1rem;
}
&:last-child {
padding-right: 0;
}
}
.data-row {
cursor: pointer;
&:hover {
background-color: #ffffff05;
}
}
}
}
tr {
outline: none;
}

93
console/src/app/pages/users/user-list/user-list.component.ts
View File

@ -1,91 +1,24 @@
import { SelectionModel } from '@angular/cdk/collections';
import { Component, EventEmitter, OnDestroy, Output, ViewChild } from '@angular/core';
import { MatPaginator, PageEvent } from '@angular/material/paginator';
import { MatTableDataSource } from '@angular/material/table';
import { Component } from '@angular/core';
import { ActivatedRoute } from '@angular/router';
import { TranslateService } from '@ngx-translate/core';
import { BehaviorSubject, Observable, Subscription } from 'rxjs';
import { User, UserSearchResponse } from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
import { take } from 'rxjs/operators';
export enum UserType {
HUMAN = 'human',
MACHINE = 'machine',
}
@Component({
selector: 'app-user-list',
templateUrl: './user-list.component.html',
styleUrls: ['./user-list.component.scss'],
})
export class UserListComponent implements OnDestroy {
@ViewChild(MatPaginator) public paginator!: MatPaginator;
public dataSource: MatTableDataSource<User.AsObject> = new MatTableDataSource<User.AsObject>();
public userResult!: UserSearchResponse.AsObject;
private loadingSubject: BehaviorSubject<boolean> = new BehaviorSubject<boolean>(false);
public loading$: Observable<boolean> = this.loadingSubject.asObservable();
public displayedColumns: string[] = ['select', 'firstname', 'lastname', 'username', 'email', 'state'];
public selection: SelectionModel<User.AsObject> = new SelectionModel<User.AsObject>(true, []);
@Output() public changedSelection: EventEmitter<Array<User.AsObject>> = new EventEmitter();
private subscription?: Subscription;
constructor(public translate: TranslateService, private route: ActivatedRoute, private userService: ManagementService,
private toast: ToastService) {
this.subscription = this.route.params.subscribe(() => this.getData(10, 0));
this.selection.changed.subscribe(() => {
this.changedSelection.emit(this.selection.selected);
export class UserListComponent {
public UserType: any = UserType;
public type: UserType = UserType.HUMAN;
constructor(public translate: TranslateService, activatedRoute: ActivatedRoute) {
activatedRoute.data.pipe(take(1)).subscribe(params => {
const { type } = params;
this.type = type;
});
}
public isAllSelected(): boolean {
const numSelected = this.selection.selected.length;
const numRows = this.dataSource.data.length;
return numSelected === numRows;
}
public masterToggle(): void {
this.isAllSelected() ?
this.selection.clear() :
this.dataSource.data.forEach(row => this.selection.select(row));
}
public ngOnDestroy(): void {
this.subscription?.unsubscribe();
}
public changePage(event: PageEvent): void {
this.getData(event.pageSize, event.pageIndex * event.pageSize);
}
public deactivateSelectedUsers(): void {
Promise.all(this.selection.selected.map(value => {
return this.userService.DeactivateUser(value.id);
})).then(() => {
this.toast.showInfo('USER.TOAST.SELECTEDDEACTIVATED', true);
this.getData(10, 0);
});
}
public reactivateSelectedUsers(): void {
Promise.all(this.selection.selected.map(value => {
return this.userService.ReactivateUser(value.id);
})).then(() => {
this.toast.showInfo('USER.TOAST.SELECTEDREACTIVATED', true);
this.getData(10, 0);
});
}
private async getData(limit: number, offset: number): Promise<void> {
this.loadingSubject.next(true);
this.userService.SearchUsers(limit, offset).then(resp => {
this.userResult = resp.toObject();
this.dataSource.data = this.userResult.resultList;
this.loadingSubject.next(false);
}).catch(error => {
this.toast.showError(error);
this.loadingSubject.next(false);
});
}
public refreshPage(): void {
this.getData(this.paginator.pageSize, this.paginator.pageIndex * this.paginator.pageSize);
}
}

2
console/src/app/pages/users/user-list/user-list.module.ts
View File

@ -18,11 +18,13 @@ import { SharedModule } from 'src/app/modules/shared/shared.module';
import { UserListRoutingModule } from './user-list-routing.module';
import { UserListComponent } from './user-list.component';
import { UserTableComponent } from './user-table/user-table.component';
@NgModule({
declarations: [
UserListComponent,
UserTableComponent,
],
imports: [
AvatarModule,

80
console/src/app/pages/users/user-list/user-table/user-table.component.html Normal file
View File

@ -0,0 +1,80 @@
<app-refresh-table [loading]="loading$ | async" (refreshed)="refreshPage()" [dataSize]="dataSource.data.length"
[timestamp]="userResult?.viewTimestamp" [selection]="selection">
<ng-template appHasRole [appHasRole]="['user.write']" actions>
<button (click)="deactivateSelectedUsers()" matTooltip="{{'ORG_DETAIL.TABLE.DEACTIVATE' | translate}}"
class="icon-button" mat-icon-button *ngIf="selection.hasValue()">
<mat-icon svgIcon="mdi_account_cancel"></mat-icon>
</button>
<button (click)="reactivateSelectedUsers()" matTooltip="{{'ORG_DETAIL.TABLE.ACTIVATE' | translate}}"
class="icon-button" mat-icon-button *ngIf="selection.hasValue()">
<mat-icon svgIcon="mdi_account_check_outline"></mat-icon>
</button>
<a class="add-button" [routerLink]="[ '/users',userType == UserType.HUMAN ? 'create' : 'create-machine']"
color="primary" mat-raised-button>
<mat-icon class="icon">add</mat-icon>{{ 'ACTIONS.NEW' | translate }}
</a>
</ng-template>
<div class="table-wrapper">
<table class="table background-style" mat-table [dataSource]="dataSource">
<ng-container matColumnDef="select">
<th mat-header-cell *matHeaderCellDef>
<mat-checkbox color="primary" (change)="$event ? masterToggle() : null"
[checked]="selection.hasValue() && isAllSelected()"
[indeterminate]="selection.hasValue() && !isAllSelected()">
</mat-checkbox>
</th>
<td mat-cell *matCellDef="let user">
<mat-checkbox color="primary" (click)="$event.stopPropagation()"
(change)="$event ? selection.toggle(user) : null" [checked]="selection.isSelected(user)">
<app-avatar *ngIf="user[userType] && user[userType].displayName" class="avatar"
[name]="user[userType].displayName" [size]="32">
</app-avatar>
</mat-checkbox>
</td>
</ng-container>
<ng-container matColumnDef="firstname">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.PROFILE.FIRSTNAME' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user[userType]?.firstName}} </td>
</ng-container>
<ng-container matColumnDef="lastname">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.PROFILE.LASTNAME' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user[userType]?.lastName}} </td>
</ng-container>
<ng-container matColumnDef="name">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.MACHINE.NAME' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user[userType]?.name}} </td>
</ng-container>
<ng-container matColumnDef="description">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.MACHINE.DESCRIPTION' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user[userType]?.description}} </td>
</ng-container>
<ng-container matColumnDef="username">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.PROFILE.USERNAME' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user.userName}} </td>
</ng-container>
<ng-container matColumnDef="email">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.EMAIL' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{user[userType]?.email}} </td>
</ng-container>
<ng-container matColumnDef="state">
<th mat-header-cell *matHeaderCellDef> {{ 'USER.DATA.STATE' | translate }} </th>
<td mat-cell *matCellDef="let user"> {{ 'USER.DATA.STATE'+user.state | translate }} </td>
</ng-container>
<tr mat-header-row *matHeaderRowDef="displayedColumns"></tr>
<tr class="data-row" mat-row *matRowDef="let row; columns: displayedColumns;"
[routerLink]="row.id ? ['/users', row.id ]: null">
</tr>
</table>
<mat-paginator #paginator class="paginator background-style" [length]="userResult?.totalResult || 0"
[pageSize]="10" [pageSizeOptions]="[5, 10, 20]" (page)="changePage($event)"></mat-paginator>
</div>
</app-refresh-table>

39
console/src/app/pages/users/user-list/user-table/user-table.component.scss Normal file
View File

@ -0,0 +1,39 @@
.table-wrapper {
overflow: auto;
.table,
.paginator {
width: 100%;
td,
th {
padding: 0 1rem;
&:first-child {
padding-left: 0;
padding-right: 1rem;
}
&:last-child {
padding-right: 0;
}
}
.data-row {
cursor: pointer;
&:hover {
background-color: #ffffff05;
}
}
}
}
tr {
outline: none;
}
.add-button {
border-radius: .5rem;
}

25
console/src/app/pages/users/user-list/user-table/user-table.component.spec.ts Normal file
View File

@ -0,0 +1,25 @@
import { async, ComponentFixture, TestBed } from '@angular/core/testing';
import { UserTableComponent } from './user-table.component';
describe('UserTableComponent', () => {
let component: UserTableComponent;
let fixture: ComponentFixture<UserTableComponent>;
beforeEach(async(() => {
TestBed.configureTestingModule({
declarations: [UserTableComponent],
})
.compileComponents();
}));
beforeEach(() => {
fixture = TestBed.createComponent(UserTableComponent);
component = fixture.componentInstance;
fixture.detectChanges();
});
it('should create', () => {
expect(component).toBeTruthy();
});
});

98
console/src/app/pages/users/user-list/user-table/user-table.component.ts Normal file
View File

@ -0,0 +1,98 @@
import { SelectionModel } from '@angular/cdk/collections';
import { Component, EventEmitter, Input, OnInit, Output, ViewChild } from '@angular/core';
import { MatPaginator, PageEvent } from '@angular/material/paginator';
import { MatTableDataSource } from '@angular/material/table';
import { TranslateService } from '@ngx-translate/core';
import { BehaviorSubject, Observable } from 'rxjs';
import { UserView } from 'src/app/proto/generated/auth_pb';
import { UserSearchKey, UserSearchQuery, UserSearchResponse } from 'src/app/proto/generated/management_pb';
import { ManagementService } from 'src/app/services/mgmt.service';
import { ToastService } from 'src/app/services/toast.service';
import { UserType } from '../user-list.component';
@Component({
selector: 'app-user-table',
templateUrl: './user-table.component.html',
styleUrls: ['./user-table.component.scss'],
})
export class UserTableComponent implements OnInit {
public UserType: any = UserType;
@Input() userType: UserType = UserType.HUMAN;
@ViewChild(MatPaginator) public paginator!: MatPaginator;
public dataSource: MatTableDataSource<UserView.AsObject> = new MatTableDataSource<UserView.AsObject>();
public selection: SelectionModel<UserView.AsObject> = new SelectionModel<UserView.AsObject>(true, []);
public userResult!: UserSearchResponse.AsObject;
private loadingSubject: BehaviorSubject<boolean> = new BehaviorSubject<boolean>(false);
public loading$: Observable<boolean> = this.loadingSubject.asObservable();
@Input() public displayedColumns: string[] = ['select', 'firstname', 'lastname', 'username', 'email', 'state'];
@Output() public changedSelection: EventEmitter<Array<UserView.AsObject>> = new EventEmitter();
constructor(public translate: TranslateService, private userService: ManagementService,
private toast: ToastService) {
this.selection.changed.subscribe(() => {
this.changedSelection.emit(this.selection.selected);
});
}
ngOnInit(): void {
this.getData(10, 0, this.userType);
}
public isAllSelected(): boolean {
const numSelected = this.selection.selected.length;
const numRows = this.dataSource.data.length;
return numSelected === numRows;
}
public masterToggle(): void {
this.isAllSelected() ?
this.selection.clear() :
this.dataSource.data.forEach(row => this.selection.select(row));
}
public changePage(event: PageEvent): void {
this.getData(event.pageSize, event.pageIndex * event.pageSize, this.userType);
}
public deactivateSelectedUsers(): void {
Promise.all(this.selection.selected.map(value => {
return this.userService.DeactivateUser(value.id);
})).then(() => {
this.toast.showInfo('USER.TOAST.SELECTEDDEACTIVATED', true);
this.getData(10, 0, this.userType);
});
}
public reactivateSelectedUsers(): void {
Promise.all(this.selection.selected.map(value => {
return this.userService.ReactivateUser(value.id);
})).then(() => {
this.toast.showInfo('USER.TOAST.SELECTEDREACTIVATED', true);
this.getData(10, 0, this.userType);
});
}
private async getData(limit: number, offset: number, filterTypeValue: UserType): Promise<void> {
this.loadingSubject.next(true);
const query = new UserSearchQuery();
query.setKey(UserSearchKey.USERSEARCHKEY_TYPE);
query.setValue(filterTypeValue);
this.userService.SearchUsers(limit, offset).then(resp => {
this.userResult = resp.toObject();
this.dataSource.data = this.userResult.resultList;
console.log(this.userResult.resultList);
this.loadingSubject.next(false);
}).catch(error => {
this.toast.showError(error);
this.loadingSubject.next(false);
});
}
public refreshPage(): void {
this.getData(this.paginator.pageSize, this.paginator.pageIndex * this.paginator.pageSize, this.userType);
}
}

8
console/src/app/services/admin.service.ts
View File

@ -4,6 +4,7 @@ import { Empty } from 'google-protobuf/google/protobuf/empty_pb';
import {
AddIamMemberRequest,
ChangeIamMemberRequest,
CreateHumanRequest,
CreateOrgRequest,
CreateUserRequest,
FailedEventID,
@ -32,12 +33,15 @@ export class AdminService {
public async SetUpOrg(
createOrgRequest: CreateOrgRequest,
registerUserRequest: CreateUserRequest,
humanRequest: CreateHumanRequest,
): Promise<OrgSetUpResponse> {
const req: OrgSetUpRequest = new OrgSetUpRequest();
const userReq: CreateUserRequest = new CreateUserRequest();
userReq.setHuman(humanRequest);
req.setOrg(createOrgRequest);
req.setUser(registerUserRequest);
req.setUser(userReq);
return this.grpcService.admin.setUpOrg(req);
}

111
console/src/app/services/mgmt.service.ts
View File

@ -1,7 +1,10 @@
import { Injectable } from '@angular/core';
import { Empty } from 'google-protobuf/google/protobuf/empty_pb';
import { Timestamp } from 'google-protobuf/google/protobuf/timestamp_pb';
import {
AddMachineKeyRequest,
AddMachineKeyResponse,
AddOrgDomainRequest,
AddOrgMemberRequest,
Application,
@ -14,12 +17,19 @@ import {
ChangeOrgMemberRequest,
ChangeRequest,
Changes,
CreateHumanRequest,
CreateMachineRequest,
CreateUserRequest,
Domain,
Gender,
GrantedProjectSearchRequest,
Iam,
LoginName,
MachineKeyIDRequest,
MachineKeySearchRequest,
MachineKeySearchResponse,
MachineKeyType,
MachineResponse,
MultiFactors,
NotificationType,
OIDCApplicationCreate,
@ -35,7 +45,6 @@ import {
OrgDomainValidationResponse,
OrgDomainValidationType,
OrgIamPolicy,
OrgID,
OrgMember,
OrgMemberRoles,
OrgMemberSearchRequest,
@ -95,11 +104,11 @@ import {
RemoveOrgDomainRequest,
RemoveOrgMemberRequest,
SetPasswordNotificationRequest,
UpdateMachineRequest,
UpdateUserAddressRequest,
UpdateUserEmailRequest,
UpdateUserPhoneRequest,
UpdateUserProfileRequest,
User,
UserAddress,
UserEmail,
UserGrant,
@ -117,6 +126,7 @@ import {
UserMembershipSearchResponse,
UserPhone,
UserProfile,
UserResponse,
UserSearchQuery,
UserSearchRequest,
UserSearchResponse,
@ -134,6 +144,77 @@ export type ResponseMapper<TResp, TMappedResp> = (resp: TResp) => TMappedResp;
export class ManagementService {
constructor(private readonly grpcService: GrpcService) { }
public async CreateUserHuman(username: string, user: CreateHumanRequest): Promise<UserResponse> {
const req = new CreateUserRequest();
req.setUserName(username);
req.setHuman(user);
return this.grpcService.mgmt.createUser(req);
}
public async CreateUserMachine(username: string, user: CreateMachineRequest): Promise<UserResponse> {
const req = new CreateUserRequest();
req.setUserName(username);
req.setMachine(user);
return this.grpcService.mgmt.createUser(req);
}
public async UpdateUserMachine(
id: string,
description?: string,
): Promise<MachineResponse> {
const req = new UpdateMachineRequest();
req.setId(id);
if (description) {
req.setDescription(description);
}
return this.grpcService.mgmt.updateUserMachine(req);
}
public async AddMachineKey(
userId: string,
type: MachineKeyType,
date?: Timestamp,
): Promise<AddMachineKeyResponse> {
const req = new AddMachineKeyRequest();
req.setType(type);
req.setUserId(userId);
if (date) {
req.setExpirationDate(date);
}
return this.grpcService.mgmt.addMachineKey(req);
}
public async DeleteMachineKey(
keyId: string,
userId: string,
): Promise<Empty> {
const req = new MachineKeyIDRequest();
req.setKeyId(keyId);
req.setUserId(userId);
return this.grpcService.mgmt.deleteMachineKey(req);
}
public async SearchMachineKeys(
userId: string,
limit: number,
offset: number,
asc?: boolean,
): Promise<MachineKeySearchResponse> {
const req = new MachineKeySearchRequest();
req.setUserId(userId);
req.setLimit(limit);
req.setOffset(offset);
if (asc) {
req.setAsc(asc);
}
return this.grpcService.mgmt.searchMachineKeys(req);
}
public async GetIam(): Promise<Iam> {
const req = new Empty();
return this.grpcService.mgmt.getIam(req);
@ -238,7 +319,7 @@ export class ManagementService {
}
public async ReactivateMyOrg(): Promise<Org> {
const req = new OrgID();
const req = new Empty();
return this.grpcService.mgmt.reactivateMyOrg(req);
}
@ -400,25 +481,6 @@ export class ManagementService {
}
}
public async CreateUser(user: CreateUserRequest.AsObject): Promise<User> {
const req = new CreateUserRequest();
req.setEmail(user.email);
req.setUserName(user.userName);
req.setFirstName(user.firstName);
req.setLastName(user.lastName);
req.setNickName(user.nickName);
req.setPassword(user.password);
req.setPreferredLanguage(user.preferredLanguage);
req.setGender(user.gender);
req.setPhone(user.phone);
req.setStreetAddress(user.streetAddress);
req.setPostalCode(user.postalCode);
req.setLocality(user.locality);
req.setRegion(user.region);
req.setCountry(user.country);
return this.grpcService.mgmt.createUser(req);
}
public async GetUserByID(id: string): Promise<UserView> {
const req = new UserID();
req.setId(id);
@ -525,7 +587,7 @@ export class ManagementService {
return this.grpcService.mgmt.removeUserPhone(req);
}
public async DeactivateUser(id: string): Promise<UserPhone> {
public async DeactivateUser(id: string): Promise<UserResponse> {
const req = new UserID();
req.setId(id);
return this.grpcService.mgmt.deactivateUser(req);
@ -545,7 +607,8 @@ export class ManagementService {
return this.grpcService.mgmt.createUserGrant(req);
}
public async ReactivateUser(id: string): Promise<UserPhone> {
public async ReactivateUser(id: string): Promise<UserResponse> {
const req = new UserID();
req.setId(id);
return this.grpcService.mgmt.reactivateUser(req);

28
console/src/assets/i18n/de.json
View File

@ -30,7 +30,8 @@
"PROJECT": "Projekte",
"GRANTEDPROJECT":"Berechtigte Projekte",
"USERSECTION":"Benutzersektion",
"USER": "Benutzer",
"HUMANUSERS": "Benutzer",
"MACHINEUSERS":"Service Benutzer",
"LOGOUT": "Alle Benutzer abmelden",
"NEWORG":"Neue Organisation",
"IAMADMIN":"Du bist ein IAM Administrator. Achtung du hast erhöhte Rechte!",
@ -73,6 +74,8 @@
"LIST": "Benutzer",
"TITLE": "Benutzer",
"DESCRIPTION": "Erfasse und verwalte die Benutzer in deiner Organisation",
"LISTMACHINE": "Service Benutzer",
"DESCRIPTIONMACHINE": "Erfassen und verwalten Sie die Service Benutzer Ihrer Organisation",
"DETAIL": "Detail",
"CREATE": "Erstellen",
"MY": "Meine Informationen",
@ -143,6 +146,26 @@
"GENDER": "Geschlecht",
"PASSWORD":"Passwort"
},
"MACHINE": {
"TITLE":"Service Benutzer Details",
"USERNAME":"Benutzername",
"NAME":"Name",
"DESCRIPTION":"Beschreibung",
"KEYSTITLE":"Schlüssel",
"KEYSDESC":"Definieren Sie Ihre Schlüssel mit einem optionalen Ablaufdatum",
"ID":"Schlüssel Id",
"TYPE":"Typ",
"EXPIRYDATE":"Ablaufdatum",
"CHOOSEEXPIRY":"Definieren Sie ein Ablaufdatum",
"CREATIONDATE":"Erstelldatum",
"ADD": {
"TITLE":"Schlüssel hinzufügen",
"DESCRIPTION":"Wählen Sie den Typ und selektieren Sie ein optionales Ablaufdatum."
},
"KEYTYPES": {
"1":"JSON"
}
},
"PASSWORD": {
"TITLE": "Passwort",
"DESCRIPTION": "Gib das neue Password unter Einhaltung der Richtlinie für die Komplexität ein.",
@ -226,7 +249,8 @@
"REACTIVATED":"User reaktiviert!",
"DEACTIVATED":"User deaktiviert!",
"SELECTEDREACTIVATED":"Selektierte User reaktiviert!",
"SELECTEDDEACTIVATED":"Selektierte User deaktiviert!"
"SELECTEDDEACTIVATED":"Selektierte Benutzer deaktiviert!",
"SELECTEDKEYSDELETED":"Selektierte Schlüssel gelöscht!"
},
"MEMBERSHIPS": {
"TITLE":"Zitadel Manager Rollen",

28
console/src/assets/i18n/en.json
View File

@ -30,7 +30,8 @@
"PROJECT": "Projects",
"GRANTEDPROJECT":"Granted Projects",
"USERSECTION":"user section",
"USER": "Users",
"HUMANUSERS": "Users",
"MACHINEUSERS":"Service Users",
"LOGOUT": "Logout all users",
"NEWORG":"New Organisation",
"IAMADMIN":"You are an IAM Administrator. Note that you have extended permissions!",
@ -73,6 +74,8 @@
"LIST": "Users",
"TITLE": "User",
"DESCRIPTION": "Create new user in your organisation and manage existing ones.",
"LISTMACHINE": "Service Users",
"DESCRIPTIONMACHINE": "Create and manage Service Users of your organisation",
"DETAIL": "Detail",
"CREATE": "Create",
"MY": "My Informations",
@ -143,6 +146,26 @@
"GENDER": "Gender",
"PASSWORD":"Password"
},
"MACHINE": {
"TITLE":"Service User Details",
"USERNAME":"Username",
"NAME":"Name",
"DESCRIPTION":"Description",
"KEYSTITLE":"Keys",
"KEYSDESC":"Define your keys and add an optional expiration date.",
"ID":"Key Id",
"TYPE":"Type",
"EXPIRYDATE":"Expiration date",
"CHOOSEEXPIRY":"Select an expiration Date",
"CREATIONDATE":"Creation Date",
"ADD": {
"TITLE":"Add Key",
"DESCRIPTION":"Select your key type and choose an optional expiry date."
},
"KEYTYPES": {
"1":"JSON"
}
},
"PASSWORD": {
"TITLE": "Password",
"DESCRIPTION": "Enter the new password according to the policy below.",
@ -226,7 +249,8 @@
"REACTIVATED":"User reactivated",
"DEACTIVATED":"User deactivated",
"SELECTEDREACTIVATED":"Selected Users reactivated",
"SELECTEDDEACTIVATED":"Selected Users deactivated"
"SELECTEDDEACTIVATED":"Selected Users deactivated",
"SELECTEDKEYSDELETED":"Selected Keys deleted!"
},
"MEMBERSHIPS": {
"TITLE":"Zitadel Manager Roles",

2
go.mod
View File

@ -19,7 +19,7 @@ require (
github.com/caos/oidc v0.7.4
github.com/census-instrumentation/opencensus-proto v0.3.0 // indirect
github.com/cockroachdb/cockroach-go/v2 v2.0.5
github.com/envoyproxy/protoc-gen-validate v0.4.0
github.com/envoyproxy/protoc-gen-validate v0.4.1
github.com/ghodss/yaml v1.0.0
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
github.com/golang/mock v1.4.4

11
go.sum
View File

@ -103,8 +103,8 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/protoc-gen-validate v0.1.0 h1:EQciDnbrYxy13PgWoY8AqoxGiPrpgBZ1R8UNe3ddc+A=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/envoyproxy/protoc-gen-validate v0.4.0 h1:0Hedkeb8AtERQoi/wLDxdMr6iOU4g6Mw0RfB2IEpEhk=
github.com/envoyproxy/protoc-gen-validate v0.4.0/go.mod h1:amr46FC2KZvleZB2VXz+QeQDF+iIKKjQimiDrtp1rYA=
github.com/envoyproxy/protoc-gen-validate v0.4.1 h1:7dLaJvASGRD7X49jSCSXXHwKPm0ZN9r9kJD+p+vS7dM=
github.com/envoyproxy/protoc-gen-validate v0.4.1/go.mod h1:E+IEazqdaWv3FrnGtZIu3b9fPFMK8AzeTTrk9SfVwWs=
github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y=
github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0=
github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
@ -278,6 +278,7 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3
github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
@ -292,7 +293,7 @@ github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
github.com/lib/pq v1.4.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
github.com/lib/pq v1.8.0 h1:9xohqzkUwzR4Ga4ivdTcawVS89YSDVxXMa3xJX3cGzg=
github.com/lib/pq v1.8.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/lyft/protoc-gen-star v0.4.10/go.mod h1:mE8fbna26u7aEA2QCVvvfBU/ZrPgocG1206xAFPcs94=
github.com/lyft/protoc-gen-star v0.5.1/go.mod h1:9toiA3cC7z5uVbODF7kEQ91Xn7XNFkVUl+SrEe+ZORU=
github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
github.com/mattn/go-colorable v0.1.7 h1:bQGKb3vps/j0E9GfJQ03JyhRuxsvdAanXlT9BTw3mdw=
@ -320,6 +321,7 @@ github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFSt
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pquerna/otp v1.2.0 h1:/A3+Jn+cagqayeR3iHs/L62m5ue7710D35zl1zJ1kok=
@ -345,7 +347,8 @@ github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I
github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
github.com/sony/sonyflake v1.0.0 h1:MpU6Ro7tfXwgn2l5eluf9xQvQJDROTBImNCfRXn/YeM=
github.com/sony/sonyflake v1.0.0/go.mod h1:Jv3cfhf/UFtolOTTRd3q4Nl6ENqM+KfyZ5PseKfZGF4=
github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4=
github.com/spf13/afero v1.3.4/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=

18
internal/admin/repository/eventsourcing/handler/iam_member.go
View File

@ -82,7 +82,10 @@ func (m *IamMember) processIamMember(event *models.Event) (err error) {
func (m *IamMember) processUser(event *models.Event) (err error) {
switch event.Type {
case usr_es_model.UserProfileChanged,
usr_es_model.UserEmailChanged:
usr_es_model.UserEmailChanged,
usr_es_model.HumanProfileChanged,
usr_es_model.HumanEmailChanged,
usr_es_model.MachineChanged:
members, err := m.view.IAMMembersByUserID(event.AggregateID)
if err != nil {
return err
@ -115,10 +118,15 @@ func (m *IamMember) fillData(member *iam_model.IAMMemberView) (err error) {
func (m *IamMember) fillUserData(member *iam_model.IAMMemberView, user *usr_model.User) {
member.UserName = user.UserName
member.FirstName = user.FirstName
member.LastName = user.LastName
member.Email = user.EmailAddress
member.DisplayName = user.DisplayName
if user.Human != nil {
member.FirstName = user.FirstName
member.LastName = user.LastName
member.DisplayName = user.FirstName + " " + user.LastName
member.Email = user.EmailAddress
}
if user.Machine != nil {
member.DisplayName = user.Machine.Name
}
}
func (m *IamMember) OnError(event *models.Event, err error) error {
logging.LogWithFields("SPOOL-Ld9ow", "id", event.AggregateID).WithError(err).Warn("something went wrong in iammember handler")

24
internal/admin/repository/eventsourcing/handler/user.go
View File

@ -55,7 +55,10 @@ func (u *User) ProcessUser(event *models.Event) (err error) {
user := new(view_model.UserView)
switch event.Type {
case es_model.UserAdded,
es_model.UserRegistered:
es_model.UserRegistered,
es_model.HumanRegistered,
es_model.MachineAdded,
es_model.HumanAdded:
err = user.AppendEvent(event)
if err != nil {
return err
@ -72,9 +75,20 @@ func (u *User) ProcessUser(event *models.Event) (err error) {
es_model.UserReactivated,
es_model.UserLocked,
es_model.UserUnlocked,
es_model.MfaOtpAdded,
es_model.MfaOtpVerified,
es_model.MfaOtpRemoved:
es_model.MFAOTPAdded,
es_model.MFAOTPVerified,
es_model.MFAOTPRemoved,
es_model.HumanProfileChanged,
es_model.HumanEmailChanged,
es_model.HumanEmailVerified,
es_model.HumanPhoneChanged,
es_model.HumanPhoneVerified,
es_model.HumanPhoneRemoved,
es_model.HumanAddressChanged,
es_model.HumanMFAOTPAdded,
es_model.HumanMFAOTPVerified,
es_model.HumanMFAOTPRemoved,
es_model.MachineChanged:
user, err = u.view.UserByID(event.AggregateID)
if err != nil {
return err
@ -173,6 +187,6 @@ func (u *User) fillLoginNames(user *view_model.UserView) (err error) {
}
func (u *User) OnError(event *models.Event, err error) error {
logging.LogWithFields("SPOOL-is8wa", "id", event.AggregateID).WithError(err).Warn("something went wrong in user handler")
logging.LogWithFields("SPOOL-vLmwQ", "id", event.AggregateID).WithError(err).Warn("something went wrong in user handler")
return spooler.HandleError(event, err, u.view.GetLatestUserFailedEvent, u.view.ProcessedUserFailedEvent, u.view.ProcessedUserSequence, u.errorCountUntilSkip)
}

6
internal/api/authz/permissions.go
View File

@ -59,9 +59,9 @@ func addRoleContextIDToPerm(perm, roleContextID string) string {
return perm
}
func ExistsPerm(existing []string, perm string) bool {
for _, e := range existing {
if e == perm {
func ExistsPerm(existingPermissions []string, perm string) bool {
for _, existingPermission := range existingPermissions {
if existingPermission == perm {
return true
}
}

14
internal/api/authz/permissions_test.go
View File

@ -419,8 +419,8 @@ func Test_AddRoleContextIDToPerm(t *testing.T) {
func Test_ExistisPerm(t *testing.T) {
type args struct {
existing []string
perm string
existingPermissions []string
perm string
}
tests := []struct {
name string
@ -430,23 +430,23 @@ func Test_ExistisPerm(t *testing.T) {
{
name: "not existing perm",
args: args{
existing: []string{"perm1", "perm2", "perm3"},
perm: "perm4",
existingPermissions: []string{"perm1", "perm2", "perm3"},
perm: "perm4",
},
result: false,
},
{
name: "existing perm",
args: args{
existing: []string{"perm1", "perm2", "perm3"},
perm: "perm2",
existingPermissions: []string{"perm1", "perm2", "perm3"},
perm: "perm2",
},
result: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := ExistsPerm(tt.args.existing, tt.args.perm)
result := ExistsPerm(tt.args.existingPermissions, tt.args.perm)
if result != tt.result {
t.Errorf("got wrong result, expecting: %v, actual: %v ", tt.result, result)
}

75
internal/api/grpc/admin/org_converter.go
View File

@ -3,7 +3,6 @@ package admin
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
admin_model "github.com/caos/zitadel/internal/admin/model"
"github.com/caos/zitadel/internal/eventstore/models"
@ -32,39 +31,6 @@ func orgCreateRequestToModel(org *admin.CreateOrgRequest) *org_model.Org {
return o
}
func userCreateRequestToModel(user *admin.CreateUserRequest) *usr_model.User {
preferredLanguage, err := language.Parse(user.PreferredLanguage)
logging.Log("GRPC-30hwz").OnError(err).Debug("unable to parse language")
result := &usr_model.User{
Profile: &usr_model.Profile{
UserName: user.UserName,
FirstName: user.FirstName,
LastName: user.LastName,
NickName: user.NickName,
PreferredLanguage: preferredLanguage,
Gender: genderToModel(user.Gender),
},
Password: &usr_model.Password{
SecretString: user.Password,
},
Email: &usr_model.Email{
EmailAddress: user.Email,
IsEmailVerified: user.IsEmailVerified,
},
Address: &usr_model.Address{
Country: user.Country,
Locality: user.Locality,
PostalCode: user.PostalCode,
Region: user.Region,
StreetAddress: user.StreetAddress,
},
}
if user.Phone != "" {
result.Phone = &usr_model.Phone{PhoneNumber: user.Phone, IsPhoneVerified: user.IsPhoneVerified}
}
return result
}
func setUpOrgResponseFromModel(setUp *admin_model.SetupOrg) *admin.OrgSetUpResponse {
return &admin.OrgSetUpResponse{
Org: orgFromModel(setUp.Org),
@ -126,45 +92,6 @@ func orgViewFromModel(org *org_model.OrgView) *admin.Org {
}
}
func userFromModel(user *usr_model.User) *admin.User {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-8duwe").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(user.ChangeDate)
logging.Log("GRPC-ckoe3d").OnError(err).Debug("unable to parse timestamp")
converted := &admin.User{
Id: user.AggregateID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: user.Sequence,
UserName: user.UserName,
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage.String(),
Gender: genderFromModel(user.Gender),
}
if user.Email != nil {
converted.Email = user.EmailAddress
converted.IsEmailVerified = user.IsEmailVerified
}
if user.Phone != nil {
converted.Phone = user.PhoneNumber
converted.IsPhoneVerified = user.IsPhoneVerified
}
if user.Address != nil {
converted.Country = user.Country
converted.Locality = user.Locality
converted.PostalCode = user.PostalCode
converted.Region = user.Region
converted.StreetAddress = user.StreetAddress
}
return converted
}
func orgStateFromModel(state org_model.OrgState) admin.OrgState {
switch state {
case org_model.OrgStateActive:
@ -247,7 +174,7 @@ func orgQueryKeyToModel(key admin.OrgSearchKey) org_model.OrgSearchKey {
switch key {
case admin.OrgSearchKey_ORGSEARCHKEY_DOMAIN:
return org_model.OrgSearchKeyOrgDomain
case admin.OrgSearchKey_ORGSEARCHKEY_ORG_NAME:
case admin.OrgSearchKey_ORGSEARCHKEY_NAME:
return org_model.OrgSearchKeyOrgName
case admin.OrgSearchKey_ORGSEARCHKEY_STATE:
return org_model.OrgSearchKeyState

128
internal/api/grpc/admin/user_converter.go Normal file
View File

@ -0,0 +1,128 @@
package admin
import (
"github.com/caos/logging"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/grpc/admin"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
)
func userCreateRequestToModel(user *admin.CreateUserRequest) *usr_model.User {
var human *usr_model.Human
var machine *usr_model.Machine
if h := user.GetHuman(); h != nil {
human = humanCreateToModel(h)
}
if m := user.GetMachine(); m != nil {
machine = machineCreateToModel(m)
}
return &usr_model.User{
UserName: user.UserName,
Human: human,
Machine: machine,
}
}
func humanCreateToModel(u *admin.CreateHumanRequest) *usr_model.Human {
preferredLanguage, err := language.Parse(u.PreferredLanguage)
logging.Log("GRPC-1ouQc").OnError(err).Debug("language malformed")
human := &usr_model.Human{
Profile: &usr_model.Profile{
FirstName: u.FirstName,
LastName: u.LastName,
NickName: u.NickName,
PreferredLanguage: preferredLanguage,
Gender: genderToModel(u.Gender),
},
Email: &usr_model.Email{
EmailAddress: u.Email,
IsEmailVerified: u.IsEmailVerified,
},
Address: &usr_model.Address{
Country: u.Country,
Locality: u.Locality,
PostalCode: u.PostalCode,
Region: u.Region,
StreetAddress: u.StreetAddress,
},
}
if u.Password != "" {
human.Password = &usr_model.Password{SecretString: u.Password}
}
if u.Phone != "" {
human.Phone = &usr_model.Phone{PhoneNumber: u.Phone, IsPhoneVerified: u.IsPhoneVerified}
}
return human
}
func machineCreateToModel(machine *admin.CreateMachineRequest) *usr_model.Machine {
return &usr_model.Machine{
Name: machine.Name,
Description: machine.Description,
}
}
func userFromModel(user *usr_model.User) *admin.UserResponse {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-yo0FW").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(user.ChangeDate)
logging.Log("GRPC-jxoQr").OnError(err).Debug("unable to parse timestamp")
userResp := &admin.UserResponse{
Id: user.AggregateID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: user.Sequence,
UserName: user.UserName,
}
if user.Machine != nil {
userResp.User = &admin.UserResponse_Machine{Machine: machineFromModel(user.Machine)}
}
if user.Human != nil {
userResp.User = &admin.UserResponse_Human{Human: humanFromModel(user.Human)}
}
return userResp
}
func machineFromModel(account *usr_model.Machine) *admin.MachineResponse {
return &admin.MachineResponse{
Name: account.Name,
Description: account.Description,
}
}
func humanFromModel(user *usr_model.Human) *admin.HumanResponse {
human := &admin.HumanResponse{
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage.String(),
Gender: genderFromModel(user.Gender),
}
if user.Email != nil {
human.Email = user.EmailAddress
human.IsEmailVerified = user.IsEmailVerified
}
if user.Phone != nil {
human.Phone = user.PhoneNumber
human.IsPhoneVerified = user.IsPhoneVerified
}
if user.Address != nil {
human.Country = user.Country
human.Locality = user.Locality
human.PostalCode = user.PostalCode
human.Region = user.Region
human.StreetAddress = user.StreetAddress
}
return human
}

35
internal/api/grpc/auth/user_converter.go
View File

@ -27,37 +27,28 @@ func userViewFromModel(user *usr_model.UserView) *auth.UserView {
lastLogin, err := ptypes.TimestampProto(user.LastLogin)
logging.Log("GRPC-Gteh2").OnError(err).Debug("unable to parse timestamp")
passwordChanged, err := ptypes.TimestampProto(user.PasswordChanged)
logging.Log("GRPC-fgQFT").OnError(err).Debug("unable to parse timestamp")
return &auth.UserView{
userView := &auth.UserView{
Id: user.ID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
LastLogin: lastLogin,
PasswordChanged: passwordChanged,
UserName: user.UserName,
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage,
Gender: genderFromModel(user.Gender),
Email: user.Email,
IsEmailVerified: user.IsEmailVerified,
Phone: user.Phone,
IsPhoneVerified: user.IsPhoneVerified,
Country: user.Country,
Locality: user.Locality,
PostalCode: user.PostalCode,
Region: user.Region,
StreetAddress: user.StreetAddress,
Sequence: user.Sequence,
ResourceOwner: user.ResourceOwner,
LoginNames: user.LoginNames,
PreferredLoginName: user.PreferredLoginName,
}
if user.HumanView != nil {
userView.User = &auth.UserView_Human{Human: humanViewFromModel(user.HumanView)}
}
if user.MachineView != nil {
userView.User = &auth.UserView_Machine{Machine: machineViewFromModel(user.MachineView)}
}
return userView
}
func profileFromModel(profile *usr_model.Profile) *auth.UserProfile {
@ -72,7 +63,6 @@ func profileFromModel(profile *usr_model.Profile) *auth.UserProfile {
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: profile.Sequence,
UserName: profile.UserName,
FirstName: profile.FirstName,
LastName: profile.LastName,
DisplayName: profile.DisplayName,
@ -94,7 +84,6 @@ func profileViewFromModel(profile *usr_model.Profile) *auth.UserProfileView {
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: profile.Sequence,
UserName: profile.UserName,
FirstName: profile.FirstName,
LastName: profile.LastName,
DisplayName: profile.DisplayName,
@ -366,7 +355,7 @@ func userChangesToAPI(changes *usr_model.UserChanges) (_ []*auth.Change) {
EventType: message.NewLocalizedEventType(change.EventType),
Sequence: change.Sequence,
Data: data,
EditorId: change.ModifierId,
EditorId: change.ModifierID,
Editor: change.ModifierName,
}
}

32
internal/api/grpc/auth/user_human_converter.go Normal file
View File

@ -0,0 +1,32 @@
package auth
import (
"github.com/caos/logging"
usr_model "github.com/caos/zitadel/internal/user/model"
auth "github.com/caos/zitadel/pkg/grpc/auth"
"github.com/golang/protobuf/ptypes"
)
func humanViewFromModel(user *usr_model.HumanView) *auth.HumanView {
passwordChanged, err := ptypes.TimestampProto(user.PasswordChanged)
logging.Log("MANAG-h4ByY").OnError(err).Debug("unable to parse date")
return &auth.HumanView{
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage,
Gender: genderFromModel(user.Gender),
Email: user.Email,
IsEmailVerified: user.IsEmailVerified,
Phone: user.Phone,
IsPhoneVerified: user.IsPhoneVerified,
Country: user.Country,
Locality: user.Locality,
PostalCode: user.PostalCode,
Region: user.Region,
StreetAddress: user.StreetAddress,
PasswordChanged: passwordChanged,
}
}

51
internal/api/grpc/auth/user_machine_converter.go Normal file
View File

@ -0,0 +1,51 @@
package auth
import (
"github.com/caos/logging"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/grpc/auth"
"github.com/golang/protobuf/ptypes"
)
func machineViewFromModel(machine *usr_model.MachineView) *auth.MachineView {
lastKeyAdded, err := ptypes.TimestampProto(machine.LastKeyAdded)
logging.Log("MANAG-wGcAQ").OnError(err).Debug("unable to parse date")
return &auth.MachineView{
Description: machine.Description,
Name: machine.Name,
LastKeyAdded: lastKeyAdded,
}
}
func machineKeyViewsFromModel(keys ...*usr_model.MachineKeyView) []*auth.MachineKeyView {
keyViews := make([]*auth.MachineKeyView, len(keys))
for i, key := range keys {
keyViews[i] = machineKeyViewFromModel(key)
}
return keyViews
}
func machineKeyViewFromModel(key *usr_model.MachineKeyView) *auth.MachineKeyView {
creationDate, err := ptypes.TimestampProto(key.CreationDate)
logging.Log("MANAG-gluk7").OnError(err).Debug("unable to parse timestamp")
expirationDate, err := ptypes.TimestampProto(key.CreationDate)
logging.Log("MANAG-gluk7").OnError(err).Debug("unable to parse timestamp")
return &auth.MachineKeyView{
Id: key.ID,
CreationDate: creationDate,
ExpirationDate: expirationDate,
Sequence: key.Sequence,
Type: machineKeyTypeFromModel(key.Type),
}
}
func machineKeyTypeFromModel(typ usr_model.MachineKeyType) auth.MachineKeyType {
switch typ {
case usr_model.MachineKeyTypeJSON:
return auth.MachineKeyType_MACHINEKEY_JSON
default:
return auth.MachineKeyType_MACHINEKEY_UNSPECIFIED
}
}

21
internal/api/grpc/management/user.go
View File

@ -3,11 +3,10 @@ package management
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes/empty"
)
func (s *Server) GetUserByID(ctx context.Context, id *management.UserID) (*management.UserView, error) {
@ -52,7 +51,7 @@ func (s *Server) IsUserUnique(ctx context.Context, request *management.UniqueUse
return &management.UniqueUserResponse{IsUnique: unique}, nil
}
func (s *Server) CreateUser(ctx context.Context, in *management.CreateUserRequest) (*management.User, error) {
func (s *Server) CreateUser(ctx context.Context, in *management.CreateUserRequest) (*management.UserResponse, error) {
user, err := s.user.CreateUser(ctx, userCreateToModel(in))
if err != nil {
return nil, err
@ -60,7 +59,7 @@ func (s *Server) CreateUser(ctx context.Context, in *management.CreateUserReques
return userFromModel(user), nil
}
func (s *Server) DeactivateUser(ctx context.Context, in *management.UserID) (*management.User, error) {
func (s *Server) DeactivateUser(ctx context.Context, in *management.UserID) (*management.UserResponse, error) {
user, err := s.user.DeactivateUser(ctx, in.Id)
if err != nil {
return nil, err
@ -68,7 +67,7 @@ func (s *Server) DeactivateUser(ctx context.Context, in *management.UserID) (*ma
return userFromModel(user), nil
}
func (s *Server) ReactivateUser(ctx context.Context, in *management.UserID) (*management.User, error) {
func (s *Server) ReactivateUser(ctx context.Context, in *management.UserID) (*management.UserResponse, error) {
user, err := s.user.ReactivateUser(ctx, in.Id)
if err != nil {
return nil, err
@ -76,7 +75,7 @@ func (s *Server) ReactivateUser(ctx context.Context, in *management.UserID) (*ma
return userFromModel(user), nil
}
func (s *Server) LockUser(ctx context.Context, in *management.UserID) (*management.User, error) {
func (s *Server) LockUser(ctx context.Context, in *management.UserID) (*management.UserResponse, error) {
user, err := s.user.LockUser(ctx, in.Id)
if err != nil {
return nil, err
@ -84,7 +83,7 @@ func (s *Server) LockUser(ctx context.Context, in *management.UserID) (*manageme
return userFromModel(user), nil
}
func (s *Server) UnlockUser(ctx context.Context, in *management.UserID) (*management.User, error) {
func (s *Server) UnlockUser(ctx context.Context, in *management.UserID) (*management.UserResponse, error) {
user, err := s.user.UnlockUser(ctx, in.Id)
if err != nil {
return nil, err
@ -96,6 +95,14 @@ func (s *Server) DeleteUser(ctx context.Context, in *management.UserID) (*empty.
return nil, errors.ThrowUnimplemented(nil, "GRPC-as4fg", "Not implemented")
}
func (s *Server) UpdateUserMachine(ctx context.Context, in *management.UpdateMachineRequest) (*management.MachineResponse, error) {
machine, err := s.user.ChangeMachine(ctx, updateMachineToModel(in))
if err != nil {
return nil, err
}
return machineFromModel(machine), nil
}
func (s *Server) GetUserProfile(ctx context.Context, in *management.UserID) (*management.UserProfileView, error) {
profile, err := s.user.ProfileByID(ctx, in.Id)
if err != nil {

120
internal/api/grpc/management/user_converter.go
View File

@ -15,77 +15,48 @@ import (
"github.com/caos/zitadel/pkg/grpc/message"
)
func userFromModel(user *usr_model.User) *management.User {
func userFromModel(user *usr_model.User) *management.UserResponse {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-8duwe").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(user.ChangeDate)
logging.Log("GRPC-ckoe3d").OnError(err).Debug("unable to parse timestamp")
converted := &management.User{
Id: user.AggregateID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: user.Sequence,
UserName: user.UserName,
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage.String(),
Gender: genderFromModel(user.Gender),
userResp := &management.UserResponse{
Id: user.AggregateID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: user.Sequence,
UserName: user.UserName,
}
if user.Email != nil {
converted.Email = user.EmailAddress
converted.IsEmailVerified = user.IsEmailVerified
if user.Machine != nil {
userResp.User = &management.UserResponse_Machine{Machine: machineFromModel(user.Machine)}
}
if user.Phone != nil {
converted.Phone = user.PhoneNumber
converted.IsPhoneVerified = user.IsPhoneVerified
if user.Human != nil {
userResp.User = &management.UserResponse_Human{Human: humanFromModel(user.Human)}
}
if user.Address != nil {
converted.Country = user.Country
converted.Locality = user.Locality
converted.PostalCode = user.PostalCode
converted.Region = user.Region
converted.StreetAddress = user.StreetAddress
}
return converted
return userResp
}
func userCreateToModel(u *management.CreateUserRequest) *usr_model.User {
preferredLanguage, err := language.Parse(u.PreferredLanguage)
logging.Log("GRPC-cK5k2").OnError(err).Debug("language malformed")
func userCreateToModel(user *management.CreateUserRequest) *usr_model.User {
var human *usr_model.Human
var machine *usr_model.Machine
user := &usr_model.User{
Profile: &usr_model.Profile{
UserName: u.UserName,
FirstName: u.FirstName,
LastName: u.LastName,
NickName: u.NickName,
PreferredLanguage: preferredLanguage,
Gender: genderToModel(u.Gender),
},
Email: &usr_model.Email{
EmailAddress: u.Email,
IsEmailVerified: u.IsEmailVerified,
},
Address: &usr_model.Address{
Country: u.Country,
Locality: u.Locality,
PostalCode: u.PostalCode,
Region: u.Region,
StreetAddress: u.StreetAddress,
},
if h := user.GetHuman(); h != nil {
human = humanCreateToModel(h)
}
if u.Password != "" {
user.Password = &usr_model.Password{SecretString: u.Password}
if m := user.GetMachine(); m != nil {
machine = machineCreateToModel(m)
}
if u.Phone != "" {
user.Phone = &usr_model.Phone{PhoneNumber: u.Phone, IsPhoneVerified: u.IsPhoneVerified}
return &usr_model.User{
UserName: user.UserName,
Human: human,
Machine: machine,
}
return user
}
func passwordRequestToModel(r *management.PasswordRequest) *usr_model.Password {
@ -135,6 +106,8 @@ func userSearchKeyToModel(key management.UserSearchKey) usr_model.UserSearchKey
return usr_model.UserSearchKeyEmail
case management.UserSearchKey_USERSEARCHKEY_STATE:
return usr_model.UserSearchKeyState
case management.UserSearchKey_USERSEARCHKEY_TYPE:
return usr_model.UserSearchKeyType
default:
return usr_model.UserSearchKeyUnspecified
}
@ -187,7 +160,6 @@ func profileFromModel(profile *usr_model.Profile) *management.UserProfile {
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: profile.Sequence,
UserName: profile.UserName,
FirstName: profile.FirstName,
LastName: profile.LastName,
DisplayName: profile.DisplayName,
@ -209,7 +181,6 @@ func profileViewFromModel(profile *usr_model.Profile) *management.UserProfileVie
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: profile.Sequence,
UserName: profile.UserName,
FirstName: profile.FirstName,
LastName: profile.LastName,
DisplayName: profile.DisplayName,
@ -400,37 +371,26 @@ func userViewFromModel(user *usr_model.UserView) *management.UserView {
lastLogin, err := ptypes.TimestampProto(user.LastLogin)
logging.Log("GRPC-dksi3").OnError(err).Debug("unable to parse timestamp")
passwordChanged, err := ptypes.TimestampProto(user.PasswordChanged)
logging.Log("GRPC-dl9ws").OnError(err).Debug("unable to parse timestamp")
return &management.UserView{
userView := &management.UserView{
Id: user.ID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
LastLogin: lastLogin,
PasswordChanged: passwordChanged,
UserName: user.UserName,
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage,
Gender: genderFromModel(user.Gender),
Email: user.Email,
IsEmailVerified: user.IsEmailVerified,
Phone: user.Phone,
IsPhoneVerified: user.IsPhoneVerified,
Country: user.Country,
Locality: user.Locality,
PostalCode: user.PostalCode,
Region: user.Region,
StreetAddress: user.StreetAddress,
Sequence: user.Sequence,
ResourceOwner: user.ResourceOwner,
LoginNames: user.LoginNames,
PreferredLoginName: user.PreferredLoginName,
UserName: user.UserName,
}
if user.HumanView != nil {
userView.User = &management.UserView_Human{Human: humanViewFromModel(user.HumanView)}
}
if user.MachineView != nil {
userView.User = &management.UserView_Machine{Machine: machineViewFromModel(user.MachineView)}
}
return userView
}
func userMembershipSearchResponseFromModel(response *usr_model.UserMembershipSearchResponse) *management.UserMembershipSearchResponse {
@ -603,7 +563,7 @@ func userChangesToMgtAPI(changes *usr_model.UserChanges) (_ []*management.Change
EventType: message.NewLocalizedEventType(change.EventType),
Sequence: change.Sequence,
Data: data,
EditorId: change.ModifierId,
EditorId: change.ModifierID,
Editor: change.ModifierName,
}
}

32
internal/api/grpc/management/user_grant_converter.go
View File

@ -28,14 +28,6 @@ func usergrantFromModel(grant *grant_model.UserGrant) *management.UserGrant {
}
}
func userGrantCreateBulkToModel(u *management.UserGrantCreateBulk) []*grant_model.UserGrant {
grants := make([]*grant_model.UserGrant, len(u.UserGrants))
for i, grant := range u.UserGrants {
grants[i] = userGrantCreateToModel(grant)
}
return grants
}
func userGrantCreateToModel(u *management.UserGrantCreate) *grant_model.UserGrant {
return &grant_model.UserGrant{
ObjectRoot: models.ObjectRoot{AggregateID: u.UserId},
@ -46,14 +38,6 @@ func userGrantCreateToModel(u *management.UserGrantCreate) *grant_model.UserGran
}
}
func userGrantUpdateBulkToModel(u *management.UserGrantUpdateBulk) []*grant_model.UserGrant {
grants := make([]*grant_model.UserGrant, len(u.UserGrants))
for i, grant := range u.UserGrants {
grants[i] = userGrantUpdateToModel(grant)
}
return grants
}
func userGrantUpdateToModel(u *management.UserGrantUpdate) *grant_model.UserGrant {
return &grant_model.UserGrant{
ObjectRoot: models.ObjectRoot{AggregateID: u.Id},
@ -171,19 +155,3 @@ func usergrantStateFromModel(state grant_model.UserGrantState) management.UserGr
return management.UserGrantState_USERGRANTSTATE_UNSPECIFIED
}
}
func projectUserGrantSearchRequestsToModel(project *management.ProjectUserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
return &grant_model.UserGrantSearchRequest{
Offset: project.Offset,
Limit: project.Limit,
Queries: userGrantSearchQueriesToModel(project.Queries),
}
}
func projectGrantUserGrantSearchRequestsToModel(project *management.ProjectGrantUserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
return &grant_model.UserGrantSearchRequest{
Offset: project.Offset,
Limit: project.Limit,
Queries: userGrantSearchQueriesToModel(project.Queries),
}
}

94
internal/api/grpc/management/user_human_converter.go Normal file
View File

@ -0,0 +1,94 @@
package management
import (
"github.com/caos/logging"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
)
func humanFromModel(user *usr_model.Human) *management.HumanResponse {
human := &management.HumanResponse{
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage.String(),
Gender: genderFromModel(user.Gender),
}
if user.Email != nil {
human.Email = user.EmailAddress
human.IsEmailVerified = user.IsEmailVerified
}
if user.Phone != nil {
human.Phone = user.PhoneNumber
human.IsPhoneVerified = user.IsPhoneVerified
}
if user.Address != nil {
human.Country = user.Country
human.Locality = user.Locality
human.PostalCode = user.PostalCode
human.Region = user.Region
human.StreetAddress = user.StreetAddress
}
return human
}
func humanViewFromModel(user *usr_model.HumanView) *management.HumanView {
passwordChanged, err := ptypes.TimestampProto(user.PasswordChanged)
logging.Log("MANAG-h4ByY").OnError(err).Debug("unable to parse date")
return &management.HumanView{
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage,
Gender: genderFromModel(user.Gender),
Email: user.Email,
IsEmailVerified: user.IsEmailVerified,
Phone: user.Phone,
IsPhoneVerified: user.IsPhoneVerified,
Country: user.Country,
Locality: user.Locality,
PostalCode: user.PostalCode,
Region: user.Region,
StreetAddress: user.StreetAddress,
PasswordChanged: passwordChanged,
}
}
func humanCreateToModel(u *management.CreateHumanRequest) *usr_model.Human {
preferredLanguage, err := language.Parse(u.PreferredLanguage)
logging.Log("GRPC-cK5k2").OnError(err).Debug("language malformed")
human := &usr_model.Human{
Profile: &usr_model.Profile{
FirstName: u.FirstName,
LastName: u.LastName,
NickName: u.NickName,
PreferredLanguage: preferredLanguage,
Gender: genderToModel(u.Gender),
},
Email: &usr_model.Email{
EmailAddress: u.Email,
IsEmailVerified: u.IsEmailVerified,
},
Address: &usr_model.Address{
Country: u.Country,
Locality: u.Locality,
PostalCode: u.PostalCode,
Region: u.Region,
StreetAddress: u.StreetAddress,
},
}
if u.Password != "" {
human.Password = &usr_model.Password{SecretString: u.Password}
}
if u.Phone != "" {
human.Phone = &usr_model.Phone{PhoneNumber: u.Phone, IsPhoneVerified: u.IsPhoneVerified}
}
return human
}

37
internal/api/grpc/management/user_machine.go Normal file
View File

@ -0,0 +1,37 @@
package management
import (
"context"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes/empty"
)
func (s *Server) AddMachineKey(ctx context.Context, req *management.AddMachineKeyRequest) (*management.AddMachineKeyResponse, error) {
key, err := s.user.AddMachineKey(ctx, addMachineKeyToModel(req))
if err != nil {
return nil, err
}
return addMachineKeyFromModel(key), nil
}
func (s *Server) DeleteMachineKey(ctx context.Context, req *management.MachineKeyIDRequest) (*empty.Empty, error) {
err := s.user.RemoveMachineKey(ctx, req.UserId, req.KeyId)
return &empty.Empty{}, err
}
func (s *Server) GetMachineKey(ctx context.Context, req *management.MachineKeyIDRequest) (*management.MachineKeyView, error) {
key, err := s.user.GetMachineKey(ctx, req.UserId, req.KeyId)
if err != nil {
return nil, err
}
return machineKeyViewFromModel(key), nil
}
func (s *Server) SearchMachineKeys(ctx context.Context, req *management.MachineKeySearchRequest) (*management.MachineKeySearchResponse, error) {
result, err := s.user.SearchMachineKeys(ctx, machineKeySearchRequestToModel(req))
if err != nil {
return nil, err
}
return machineKeySearchResponseFromModel(result), nil
}

160
internal/api/grpc/management/user_machine_converter.go Normal file
View File

@ -0,0 +1,160 @@
package management
import (
"encoding/json"
"time"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/model"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes"
)
func machineCreateToModel(machine *management.CreateMachineRequest) *usr_model.Machine {
return &usr_model.Machine{
Name: machine.Name,
Description: machine.Description,
}
}
func updateMachineToModel(machine *management.UpdateMachineRequest) *usr_model.Machine {
return &usr_model.Machine{
ObjectRoot: models.ObjectRoot{AggregateID: machine.Id},
Description: machine.Description,
}
}
func machineFromModel(account *usr_model.Machine) *management.MachineResponse {
return &management.MachineResponse{
Name: account.Name,
Description: account.Description,
}
}
func machineViewFromModel(machine *usr_model.MachineView) *management.MachineView {
lastKeyAdded, err := ptypes.TimestampProto(machine.LastKeyAdded)
logging.Log("MANAG-wGcAQ").OnError(err).Debug("unable to parse date")
return &management.MachineView{
Description: machine.Description,
Name: machine.Name,
LastKeyAdded: lastKeyAdded,
}
}
func machineKeyViewsFromModel(keys ...*usr_model.MachineKeyView) []*management.MachineKeyView {
keyViews := make([]*management.MachineKeyView, len(keys))
for i, key := range keys {
keyViews[i] = machineKeyViewFromModel(key)
}
return keyViews
}
func machineKeyViewFromModel(key *usr_model.MachineKeyView) *management.MachineKeyView {
creationDate, err := ptypes.TimestampProto(key.CreationDate)
logging.Log("MANAG-gluk7").OnError(err).Debug("unable to parse timestamp")
expirationDate, err := ptypes.TimestampProto(key.ExpirationDate)
logging.Log("MANAG-gluk7").OnError(err).Debug("unable to parse timestamp")
return &management.MachineKeyView{
Id: key.ID,
CreationDate: creationDate,
ExpirationDate: expirationDate,
Sequence: key.Sequence,
Type: machineKeyTypeFromModel(key.Type),
}
}
func addMachineKeyToModel(key *management.AddMachineKeyRequest) *usr_model.MachineKey {
expirationDate := time.Time{}
if key.ExpirationDate != nil {
var err error
expirationDate, err = ptypes.Timestamp(key.ExpirationDate)
logging.Log("MANAG-iNshR").OnError(err).Debug("unable to parse expiration date")
}
return &usr_model.MachineKey{
ExpirationDate: expirationDate,
Type: machineKeyTypeToModel(key.Type),
ObjectRoot: models.ObjectRoot{AggregateID: key.UserId},
}
}
func addMachineKeyFromModel(key *usr_model.MachineKey) *management.AddMachineKeyResponse {
creationDate, err := ptypes.TimestampProto(key.CreationDate)
logging.Log("MANAG-dlb8m").OnError(err).Debug("unable to parse cretaion date")
expirationDate, err := ptypes.TimestampProto(key.ExpirationDate)
logging.Log("MANAG-dlb8m").OnError(err).Debug("unable to parse cretaion date")
detail, err := json.Marshal(struct {
Type string `json:"type"`
KeyID string `json:"keyId"`
Key []byte `json:"key"`
UserID string `json:"userId"`
}{
Type: "serviceaccount",
KeyID: key.KeyID,
Key: key.PrivateKey,
UserID: key.AggregateID,
})
logging.Log("MANAG-lFQ2g").OnError(err).Warn("unable to marshall key")
return &management.AddMachineKeyResponse{
Id: key.KeyID,
CreationDate: creationDate,
ExpirationDate: expirationDate,
Sequence: key.Sequence,
KeyDetails: detail,
Type: machineKeyTypeFromModel(key.Type),
}
}
func machineKeyTypeToModel(typ management.MachineKeyType) usr_model.MachineKeyType {
switch typ {
case management.MachineKeyType_MACHINEKEY_JSON:
return usr_model.MachineKeyTypeJSON
default:
return usr_model.MachineKeyTypeNONE
}
}
func machineKeyTypeFromModel(typ usr_model.MachineKeyType) management.MachineKeyType {
switch typ {
case usr_model.MachineKeyTypeJSON:
return management.MachineKeyType_MACHINEKEY_JSON
default:
return management.MachineKeyType_MACHINEKEY_UNSPECIFIED
}
}
func machineKeySearchRequestToModel(req *management.MachineKeySearchRequest) *usr_model.MachineKeySearchRequest {
return &usr_model.MachineKeySearchRequest{
Offset: req.Offset,
Limit: req.Limit,
Asc: req.Asc,
Queries: []*usr_model.MachineKeySearchQuery{
{
Key: usr_model.MachineKeyKeyUserID,
Method: model.SearchMethodEquals,
Value: req.UserId,
},
},
}
}
func machineKeySearchResponseFromModel(req *usr_model.MachineKeySearchResponse) *management.MachineKeySearchResponse {
viewTimestamp, err := ptypes.TimestampProto(req.Timestamp)
logging.Log("MANAG-Sk9ds").OnError(err).Debug("unable to parse cretaion date")
return &management.MachineKeySearchResponse{
Offset: req.Offset,
Limit: req.Limit,
TotalResult: req.TotalResult,
ProcessedSequence: req.Sequence,
ViewTimestamp: viewTimestamp,
Result: machineKeyViewsFromModel(req.Result...),
}
}

31
internal/api/grpc/server/middleware/validation_interceptor.go Normal file
View File

@ -0,0 +1,31 @@
package middleware
import (
"context"
"google.golang.org/grpc"
_ "github.com/caos/zitadel/internal/statik"
)
func ValidationHandler() grpc.UnaryServerInterceptor {
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
return validate(ctx, req, info, handler)
}
}
type validator interface {
Validate() error
}
func validate(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
validate, ok := req.(validator)
if !ok {
return handler(ctx, req)
}
err := validate.Validate()
if err != nil {
return nil, err
}
return handler(ctx, req)
}

1
internal/api/grpc/server/server.go
View File

@ -33,6 +33,7 @@ func CreateServer(verifier *authz.TokenVerifier, authConfig authz.Config, lang l
middleware.ErrorHandler(),
middleware.AuthorizationInterceptor(verifier, authConfig),
middleware.TranslationHandler(lang),
middleware.ValidationHandler(),
),
),
)

12
internal/auth/repository/eventsourcing/eventstore/auth_request.go
View File

@ -356,7 +356,12 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
es_model.MfaOtpCheckFailed,
es_model.SignedOut,
es_model.UserLocked,
es_model.UserDeactivated:
es_model.UserDeactivated,
es_model.HumanPasswordCheckSucceeded,
es_model.HumanPasswordCheckFailed,
es_model.HumanMfaOtpCheckSucceeded,
es_model.HumanMfaOtpCheckFailed,
es_model.HumanSignedOut:
eventData, err := user_view_model.UserSessionFromEvent(event)
if err != nil {
logging.Log("EVENT-sdgT3").WithError(err).Debug("error getting event data")
@ -378,6 +383,11 @@ func activeUserByID(ctx context.Context, userViewProvider userViewProvider, user
if err != nil {
return nil, err
}
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-Lm69x", "Errors.User.NotHuman")
}
if user.State == user_model.UserStateLocked || user.State == user_model.UserStateSuspend {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-FJ262", "Errors.User.Locked")
}

92
internal/auth/repository/eventsourcing/eventstore/auth_request_test.go
View File

@ -106,14 +106,18 @@ type mockViewUser struct {
func (m *mockViewUser) UserByID(string) (*user_view_model.UserView, error) {
return &user_view_model.UserView{
InitRequired: m.InitRequired,
PasswordSet: m.PasswordSet,
PasswordChangeRequired: m.PasswordChangeRequired,
IsEmailVerified: m.IsEmailVerified,
OTPState: m.OTPState,
MfaMaxSetUp: m.MfaMaxSetUp,
MfaInitSkipped: m.MfaInitSkipped,
State: int32(user_model.UserStateActive),
State: int32(user_model.UserStateActive),
UserName: "schofseckel",
HumanView: &user_view_model.HumanView{
FirstName: "schof",
InitRequired: m.InitRequired,
PasswordSet: m.PasswordSet,
PasswordChangeRequired: m.PasswordChangeRequired,
IsEmailVerified: m.IsEmailVerified,
OTPState: m.OTPState,
MfaMaxSetUp: m.MfaMaxSetUp,
MfaInitSkipped: m.MfaInitSkipped,
},
}, nil
}
@ -564,7 +568,9 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
args{
request: &model.AuthRequest{},
user: &user_model.UserView{
MfaMaxSetUp: model.MfaLevelNotSetUp,
HumanView: &user_model.HumanView{
MfaMaxSetUp: model.MfaLevelNotSetUp,
},
},
},
&model.MfaPromptStep{
@ -582,8 +588,10 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
args{
request: &model.AuthRequest{},
user: &user_model.UserView{
MfaMaxSetUp: model.MfaLevelNotSetUp,
MfaInitSkipped: time.Now().UTC(),
HumanView: &user_model.HumanView{
MfaMaxSetUp: model.MfaLevelNotSetUp,
MfaInitSkipped: time.Now().UTC(),
},
},
},
nil,
@ -597,8 +605,10 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
args{
request: &model.AuthRequest{},
user: &user_model.UserView{
MfaMaxSetUp: model.MfaLevelSoftware,
OTPState: user_model.MfaStateReady,
HumanView: &user_model.HumanView{
MfaMaxSetUp: model.MfaLevelSoftware,
OTPState: user_model.MfaStateReady,
},
},
userSession: &user_model.UserSessionView{MfaSoftwareVerification: time.Now().UTC().Add(-5 * time.Hour)},
},
@ -613,8 +623,10 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
args{
request: &model.AuthRequest{},
user: &user_model.UserView{
MfaMaxSetUp: model.MfaLevelSoftware,
OTPState: user_model.MfaStateReady,
HumanView: &user_model.HumanView{
MfaMaxSetUp: model.MfaLevelSoftware,
OTPState: user_model.MfaStateReady,
},
},
userSession: &user_model.UserSessionView{},
},
@ -658,7 +670,9 @@ func TestAuthRequestRepo_mfaSkippedOrSetUp(t *testing.T) {
"mfa set up, true",
fields{},
args{&user_model.UserView{
MfaMaxSetUp: model.MfaLevelSoftware,
HumanView: &user_model.HumanView{
MfaMaxSetUp: model.MfaLevelSoftware,
},
}},
true,
},
@ -668,8 +682,10 @@ func TestAuthRequestRepo_mfaSkippedOrSetUp(t *testing.T) {
MfaInitSkippedLifeTime: 30 * 24 * time.Hour,
},
args{&user_model.UserView{
MfaMaxSetUp: -1,
MfaInitSkipped: time.Now().UTC().Add(-10 * time.Hour),
HumanView: &user_model.HumanView{
MfaMaxSetUp: -1,
MfaInitSkipped: time.Now().UTC().Add(-10 * time.Hour),
},
}},
true,
},
@ -679,8 +695,10 @@ func TestAuthRequestRepo_mfaSkippedOrSetUp(t *testing.T) {
MfaInitSkippedLifeTime: 30 * 24 * time.Hour,
},
args{&user_model.UserView{
MfaMaxSetUp: -1,
MfaInitSkipped: time.Now().UTC().Add(-40 * 24 * time.Hour),
HumanView: &user_model.HumanView{
MfaMaxSetUp: -1,
MfaInitSkipped: time.Now().UTC().Add(-40 * 24 * time.Hour),
},
}},
false,
},
@ -735,7 +753,7 @@ func Test_userSessionByIDs(t *testing.T) {
userProvider: &mockViewUserSession{
PasswordVerification: time.Now().UTC().Round(1 * time.Second),
},
user: &user_model.UserView{ID: "id"},
user: &user_model.UserView{ID: "id", HumanView: &user_model.HumanView{FirstName: "schof"}},
eventProvider: &mockEventErrUser{},
},
&user_model.UserSessionView{
@ -752,7 +770,7 @@ func Test_userSessionByIDs(t *testing.T) {
PasswordVerification: time.Now().UTC().Round(1 * time.Second),
},
agentID: "agentID",
user: &user_model.UserView{ID: "id"},
user: &user_model.UserView{ID: "id", HumanView: &user_model.HumanView{FirstName: "schof"}},
eventProvider: &mockEventUser{
&es_models.Event{
AggregateType: user_es_model.UserAggregate,
@ -802,7 +820,7 @@ func Test_userSessionByIDs(t *testing.T) {
PasswordVerification: time.Now().UTC().Round(1 * time.Second),
},
agentID: "agentID",
user: &user_model.UserView{ID: "id"},
user: &user_model.UserView{ID: "id", HumanView: &user_model.HumanView{FirstName: "schof"}},
eventProvider: &mockEventUser{
&es_models.Event{
AggregateType: user_es_model.UserAggregate,
@ -884,8 +902,12 @@ func Test_userByID(t *testing.T) {
eventProvider: &mockEventErrUser{},
},
&user_model.UserView{
PasswordChangeRequired: true,
State: user_model.UserStateActive,
State: user_model.UserStateActive,
UserName: "schofseckel",
HumanView: &user_model.HumanView{
PasswordChangeRequired: true,
FirstName: "schof",
},
},
nil,
},
@ -905,8 +927,12 @@ func Test_userByID(t *testing.T) {
},
},
&user_model.UserView{
PasswordChangeRequired: true,
State: user_model.UserStateActive,
State: user_model.UserStateActive,
UserName: "schofseckel",
HumanView: &user_model.HumanView{
PasswordChangeRequired: true,
FirstName: "schof",
},
},
nil,
},
@ -929,10 +955,14 @@ func Test_userByID(t *testing.T) {
},
},
&user_model.UserView{
PasswordChangeRequired: false,
ChangeDate: time.Now().UTC().Round(1 * time.Second),
State: user_model.UserStateActive,
PasswordChanged: time.Now().UTC().Round(1 * time.Second),
ChangeDate: time.Now().UTC().Round(1 * time.Second),
State: user_model.UserStateActive,
UserName: "schofseckel",
HumanView: &user_model.HumanView{
PasswordChangeRequired: false,
PasswordChanged: time.Now().UTC().Round(1 * time.Second),
FirstName: "schof",
},
},
nil,
},

28
internal/auth/repository/eventsourcing/eventstore/user.go
View File

@ -74,7 +74,10 @@ func (repo *UserRepo) MyProfile(ctx context.Context) (*model.Profile, error) {
if err != nil {
return nil, err
}
return user.GetProfile(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-H2JIT", "Errors.User.NotHuman")
}
return user.GetProfile()
}
func (repo *UserRepo) ChangeMyProfile(ctx context.Context, profile *model.Profile) (*model.Profile, error) {
@ -89,7 +92,10 @@ func (repo *UserRepo) MyEmail(ctx context.Context) (*model.Email, error) {
if err != nil {
return nil, err
}
return user.GetEmail(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-oGRpc", "Errors.User.NotHuman")
}
return user.GetEmail()
}
func (repo *UserRepo) ChangeMyEmail(ctx context.Context, email *model.Email) (*model.Email, error) {
@ -120,7 +126,10 @@ func (repo *UserRepo) MyPhone(ctx context.Context) (*model.Phone, error) {
if err != nil {
return nil, err
}
return user.GetPhone(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-DTWJb", "Errors.User.NotHuman")
}
return user.GetPhone()
}
func (repo *UserRepo) ChangeMyPhone(ctx context.Context, phone *model.Phone) (*model.Phone, error) {
@ -147,7 +156,10 @@ func (repo *UserRepo) MyAddress(ctx context.Context) (*model.Address, error) {
if err != nil {
return nil, err
}
return user.GetAddress(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-Ok9nI", "Errors.User.NotHuman")
}
return user.GetAddress()
}
func (repo *UserRepo) ChangeMyAddress(ctx context.Context, address *model.Address) (*model.Address, error) {
@ -190,7 +202,7 @@ func (repo *UserRepo) AddMfaOTP(ctx context.Context, userID string) (*model.OTP,
accountName := ""
user, err := repo.UserByID(ctx, userID)
if err != nil {
logging.Log("EVENT-Fk93s").OnError(err).Debug("unable to get user for loginname")
logging.Log("EVENT-Fk93s").WithError(err).Debug("unable to get user for loginname")
} else {
accountName = user.PreferredLoginName
}
@ -201,7 +213,7 @@ func (repo *UserRepo) AddMyMfaOTP(ctx context.Context) (*model.OTP, error) {
accountName := ""
user, err := repo.UserByID(ctx, authz.GetCtxData(ctx).UserID)
if err != nil {
logging.Log("EVENT-Ml0sd").OnError(err).Debug("unable to get user for loginname")
logging.Log("EVENT-Ml0sd").WithError(err).Debug("unable to get user for loginname")
} else {
accountName = user.PreferredLoginName
}
@ -298,8 +310,8 @@ func (repo *UserRepo) MyUserChanges(ctx context.Context, lastSequence uint64, li
return nil, err
}
for _, change := range changes.Changes {
change.ModifierName = change.ModifierId
user, _ := repo.UserEvents.UserByID(ctx, change.ModifierId)
change.ModifierName = change.ModifierID
user, _ := repo.UserEvents.UserByID(ctx, change.ModifierID)
if user != nil {
change.ModifierName = user.DisplayName
}

10
internal/auth/repository/eventsourcing/handler/token.go
View File

@ -3,10 +3,8 @@ package handler
import (
"context"
"encoding/json"
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
"github.com/caos/logging"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/eventstore/models"
es_models "github.com/caos/zitadel/internal/eventstore/models"
@ -14,6 +12,7 @@ import (
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
project_es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
user_es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
)
type Token struct {
@ -44,7 +43,8 @@ func (u *Token) EventQuery() (*models.SearchQuery, error) {
func (u *Token) Reduce(event *models.Event) (err error) {
switch event.Type {
case user_es_model.UserProfileChanged:
case user_es_model.UserProfileChanged,
user_es_model.HumanProfileChanged:
user := new(view_model.UserView)
user.AppendEvent(event)
tokens, err := u.view.TokensByUserID(event.AggregateID)
@ -55,7 +55,8 @@ func (u *Token) Reduce(event *models.Event) (err error) {
token.PreferredLanguage = user.PreferredLanguage
}
return u.view.PutTokens(tokens, event.Sequence)
case user_es_model.SignedOut:
case user_es_model.SignedOut,
user_es_model.HumanSignedOut:
id, err := agentIDFromSession(event)
if err != nil {
return err
@ -86,7 +87,6 @@ func (u *Token) Reduce(event *models.Event) (err error) {
default:
return u.view.ProcessedTokenSequence(event.Sequence)
}
return nil
}
func (u *Token) OnError(event *models.Event, err error) error {

30
internal/auth/repository/eventsourcing/handler/user.go
View File

@ -56,7 +56,10 @@ func (u *User) ProcessUser(event *models.Event) (err error) {
user := new(view_model.UserView)
switch event.Type {
case es_model.UserAdded,
es_model.UserRegistered:
es_model.MachineAdded,
es_model.HumanAdded,
es_model.UserRegistered,
es_model.HumanRegistered:
err = user.AppendEvent(event)
if err != nil {
return err
@ -73,11 +76,24 @@ func (u *User) ProcessUser(event *models.Event) (err error) {
es_model.UserReactivated,
es_model.UserLocked,
es_model.UserUnlocked,
es_model.MfaOtpAdded,
es_model.MfaOtpVerified,
es_model.MfaOtpRemoved,
es_model.MfaInitSkipped,
es_model.UserPasswordChanged:
es_model.MFAOTPAdded,
es_model.MFAOTPVerified,
es_model.MFAOTPRemoved,
es_model.MFAInitSkipped,
es_model.UserPasswordChanged,
es_model.HumanProfileChanged,
es_model.HumanEmailChanged,
es_model.HumanEmailVerified,
es_model.HumanPhoneChanged,
es_model.HumanPhoneVerified,
es_model.HumanPhoneRemoved,
es_model.HumanAddressChanged,
es_model.HumanMFAOTPAdded,
es_model.HumanMFAOTPVerified,
es_model.HumanMFAOTPRemoved,
es_model.HumanMfaInitSkipped,
es_model.MachineChanged,
es_model.HumanPasswordChanged:
user, err = u.view.UserByID(event.AggregateID)
if err != nil {
return err
@ -176,6 +192,6 @@ func (u *User) fillPreferredLoginNamesOnOrgUsers(event *models.Event) error {
}
func (u *User) OnError(event *models.Event, err error) error {
logging.LogWithFields("SPOOL-is8wa", "id", event.AggregateID).WithError(err).Warn("something went wrong in user handler")
logging.LogWithFields("SPOOL-is8aAWima", "id", event.AggregateID).WithError(err).Warn("something went wrong in user handler")
return spooler.HandleError(event, err, u.view.GetLatestUserFailedEvent, u.view.ProcessedUserFailedEvent, u.view.ProcessedUserSequence, u.errorCountUntilSkip)
}

27
internal/auth/repository/eventsourcing/handler/user_grant.go
View File

@ -110,7 +110,10 @@ func (u *UserGrant) processUserGrant(event *models.Event) (err error) {
func (u *UserGrant) processUser(event *models.Event) (err error) {
switch event.Type {
case usr_es_model.UserProfileChanged,
usr_es_model.UserEmailChanged:
usr_es_model.UserEmailChanged,
usr_es_model.HumanProfileChanged,
usr_es_model.HumanEmailChanged,
usr_es_model.MachineChanged:
grants, err := u.view.UserGrantsByUserID(event.AggregateID)
if err != nil {
return err
@ -276,13 +279,13 @@ func suffixRoles(suffix string, roles []string) []string {
func mergeExistingRoles(rolePrefix, suffix string, existingRoles, newRoles []string) []string {
mergedRoles := make([]string, 0)
for _, existing := range existingRoles {
if !strings.HasPrefix(existing, rolePrefix) {
mergedRoles = append(mergedRoles, existing)
for _, existingRole := range existingRoles {
if !strings.HasPrefix(existingRole, rolePrefix) {
mergedRoles = append(mergedRoles, existingRole)
continue
}
if suffix != "" && !strings.HasSuffix(existing, suffix) {
mergedRoles = append(mergedRoles, existing)
if suffix != "" && !strings.HasSuffix(existingRole, suffix) {
mergedRoles = append(mergedRoles, existingRole)
}
}
return append(mergedRoles, newRoles...)
@ -325,9 +328,15 @@ func (u *UserGrant) fillData(grant *view_model.UserGrantView, resourceOwner stri
func (u *UserGrant) fillUserData(grant *view_model.UserGrantView, user *usr_model.User) {
grant.UserName = user.UserName
grant.FirstName = user.FirstName
grant.LastName = user.LastName
grant.Email = user.EmailAddress
if user.Human != nil {
grant.FirstName = user.FirstName
grant.LastName = user.LastName
grant.DisplayName = user.FirstName + " " + user.LastName
grant.Email = user.EmailAddress
}
if user.Machine != nil {
grant.DisplayName = user.Machine.Name
}
}
func (u *UserGrant) fillProjectData(grant *view_model.UserGrantView, project *proj_model.Project) {

12
internal/auth/repository/eventsourcing/handler/user_session.go
View File

@ -42,7 +42,12 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
es_model.UserPasswordCheckFailed,
es_model.MfaOtpCheckSucceeded,
es_model.MfaOtpCheckFailed,
es_model.SignedOut:
es_model.SignedOut,
es_model.HumanPasswordCheckSucceeded,
es_model.HumanPasswordCheckFailed,
es_model.HumanMfaOtpCheckSucceeded,
es_model.HumanMfaOtpCheckFailed,
es_model.HumanSignedOut:
eventData, err := view_model.UserSessionFromEvent(event)
if err != nil {
return err
@ -62,10 +67,13 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
}
return u.updateSession(session, event)
case es_model.UserPasswordChanged,
es_model.MfaOtpRemoved,
es_model.MFAOTPRemoved,
es_model.UserProfileChanged,
es_model.UserLocked,
es_model.UserDeactivated,
es_model.HumanPasswordChanged,
es_model.HumanMFAOTPRemoved,
es_model.HumanProfileChanged,
es_model.DomainClaimed,
es_model.UserUserNameChanged:
sessions, err := u.view.UserSessionsByUserID(event.AggregateID)

12
internal/authz/repository/eventsourcing/handler/user_grant.go
View File

@ -76,7 +76,6 @@ func (u *UserGrant) processProject(event *models.Event) (err error) {
default:
return u.view.ProcessedUserGrantSequence(event.Sequence)
}
return nil
}
func (u *UserGrant) processOrg(event *models.Event) (err error) {
@ -88,7 +87,6 @@ func (u *UserGrant) processOrg(event *models.Event) (err error) {
default:
return u.view.ProcessedUserGrantSequence(event.Sequence)
}
return nil
}
func (u *UserGrant) processIamMember(event *models.Event, rolePrefix string, suffix bool) error {
@ -194,13 +192,13 @@ func suffixRoles(suffix string, roles []string) []string {
func mergeExistingRoles(rolePrefix, suffix string, existingRoles, newRoles []string) []string {
mergedRoles := make([]string, 0)
for _, existing := range existingRoles {
if !strings.HasPrefix(existing, rolePrefix) {
mergedRoles = append(mergedRoles, existing)
for _, existingRole := range existingRoles {
if !strings.HasPrefix(existingRole, rolePrefix) {
mergedRoles = append(mergedRoles, existingRole)
continue
}
if suffix != "" && !strings.HasSuffix(existing, suffix) {
mergedRoles = append(mergedRoles, existing)
if suffix != "" && !strings.HasSuffix(existingRole, suffix) {
mergedRoles = append(mergedRoles, existingRole)
}
}
return append(mergedRoles, newRoles...)

1
internal/config/systemdefaults/system_defaults.go
View File

@ -40,6 +40,7 @@ type SecretGenerators struct {
EmailVerificationCode crypto.GeneratorConfig
PhoneVerificationCode crypto.GeneratorConfig
PasswordVerificationCode crypto.GeneratorConfig
MachineKeySize uint32
}
type MultifactorConfig struct {

3
internal/eventstore/models/aggregate.go
View File

@ -86,9 +86,6 @@ func (a *Aggregate) Validate() error {
return errors.ThrowPreconditionFailed(nil, "MODEL-eBYUW", "resource owner not set")
}
if a.Precondition != nil && (a.Precondition.Query == nil || a.Precondition.Validation == nil) {
if err := a.Precondition.Query.Validate(); err != nil {
return err
}
return errors.ThrowPreconditionFailed(nil, "MODEL-EEUvA", "invalid precondition")
}

4
internal/eventstore/spooler/spooler.go
View File

@ -90,7 +90,7 @@ func (s *spooledHandler) awaitError(cancel func(), errs chan error, workerID str
select {
case err := <-errs:
cancel()
logging.Log("SPOOL-K2lst").OnError(err).WithField("view", s.ViewModel()).WithField("worker", workerID).Debug("load canceled")
logging.Log("SPOOL-OT8di").OnError(err).WithField("view", s.ViewModel()).WithField("worker", workerID).Debug("load canceled")
}
}
@ -164,7 +164,7 @@ func (s *spooledHandler) lock(ctx context.Context, errs chan<- error, workerID s
case <-renewTimer:
logging.Log("SPOOL-K2lst").WithField("view", s.ViewModel()).WithField("worker", workerID).Debug("renew")
err := s.locker.Renew(workerID, s.ViewModel(), s.MinimumCycleDuration()*2)
logging.Log("SPOOL-K2lst").WithField("view", s.ViewModel()).WithField("worker", workerID).WithError(err).Debug("renew done")
logging.Log("SPOOL-u4j6k").WithField("view", s.ViewModel()).WithField("worker", workerID).WithError(err).Debug("renew done")
if err == nil {
locked <- true
renewTimer = time.After(renewDuration)

3
internal/iam/model/iam_member_view.go
View File

@ -1,8 +1,9 @@
package model
import (
"github.com/caos/zitadel/internal/model"
"time"
"github.com/caos/zitadel/internal/model"
)
type IAMMemberView struct {

9
internal/iam/repository/eventsourcing/eventstore.go
View File

@ -2,6 +2,7 @@ package eventsourcing
import (
"context"
"github.com/caos/zitadel/internal/cache/config"
sd "github.com/caos/zitadel/internal/config/systemdefaults"
"github.com/caos/zitadel/internal/crypto"
@ -190,12 +191,12 @@ func (es *IAMEventstore) RemoveIAMMember(ctx context.Context, member *iam_model.
if _, m := existing.GetMember(member.UserID); m == nil {
return caos_errs.ThrowPreconditionFailed(nil, "EVENT-29skr", "Errors.IAM.MemberNotExisting")
}
repoIam := model.IAMFromModel(existing)
repoIAM := model.IAMFromModel(existing)
repoMember := model.IAMMemberFromModel(member)
projectAggregate := IAMMemberRemovedAggregate(es.Eventstore.AggregateCreator(), repoIam, repoMember)
err = es_sdk.Push(ctx, es.PushAggregates, repoIam.AppendEvents, projectAggregate)
es.iamCache.cacheIAM(repoIam)
projectAggregate := IAMMemberRemovedAggregate(es.Eventstore.AggregateCreator(), repoIAM, repoMember)
err = es_sdk.Push(ctx, es.PushAggregates, repoIAM.AppendEvents, projectAggregate)
es.iamCache.cacheIAM(repoIAM)
return err
}

14
internal/iam/repository/eventsourcing/eventstore_test.go
View File

@ -554,10 +554,10 @@ func TestChangeIamMember(t *testing.T) {
func TestRemoveIamMember(t *testing.T) {
ctrl := gomock.NewController(t)
type args struct {
es *IAMEventstore
ctx context.Context
existing *model.IAM
member *iam_model.IAMMember
es *IAMEventstore
ctx context.Context
existingIAM *model.IAM
member *iam_model.IAMMember
}
type res struct {
result *iam_model.IAMMember
@ -573,7 +573,7 @@ func TestRemoveIamMember(t *testing.T) {
args: args{
es: GetMockManipulateIamWithMember(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
existing: &model.IAM{
existingIAM: &model.IAM{
ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1},
Members: []*model.IAMMember{{UserID: "UserID", Roles: []string{"Roles"}}},
},
@ -588,7 +588,7 @@ func TestRemoveIamMember(t *testing.T) {
args: args{
es: GetMockManipulateIam(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
existing: &model.IAM{
existingIAM: &model.IAM{
ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1},
Members: []*model.IAMMember{{UserID: "UserID", Roles: []string{"Roles"}}},
},
@ -603,7 +603,7 @@ func TestRemoveIamMember(t *testing.T) {
args: args{
es: GetMockManipulateIam(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
existing: &model.IAM{
existingIAM: &model.IAM{
ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1},
},
member: &iam_model.IAMMember{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1}, UserID: "UserID", Roles: []string{"Roles"}},

13
internal/iam/repository/eventsourcing/iam.go
View File

@ -2,6 +2,7 @@ package eventsourcing
import (
"context"
"github.com/caos/zitadel/internal/errors"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
@ -83,12 +84,12 @@ func IAMSetIamProjectAggregate(aggCreator *es_models.AggregateCreator, iam *mode
}
}
func IAMMemberAddedAggregate(aggCreator *es_models.AggregateCreator, existing *model.IAM, member *model.IAMMember) func(ctx context.Context) (*es_models.Aggregate, error) {
func IAMMemberAddedAggregate(aggCreator *es_models.AggregateCreator, existingIAM *model.IAM, member *model.IAMMember) func(ctx context.Context) (*es_models.Aggregate, error) {
return func(ctx context.Context) (*es_models.Aggregate, error) {
if member == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-9sope", "Errors.Internal")
}
agg, err := IAMAggregate(ctx, aggCreator, existing)
agg, err := IAMAggregate(ctx, aggCreator, existingIAM)
if err != nil {
return nil, err
}
@ -96,13 +97,13 @@ func IAMMemberAddedAggregate(aggCreator *es_models.AggregateCreator, existing *m
}
}
func IAMMemberChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.IAM, member *model.IAMMember) func(ctx context.Context) (*es_models.Aggregate, error) {
func IAMMemberChangedAggregate(aggCreator *es_models.AggregateCreator, existingIAM *model.IAM, member *model.IAMMember) func(ctx context.Context) (*es_models.Aggregate, error) {
return func(ctx context.Context) (*es_models.Aggregate, error) {
if member == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-38skf", "Errors.Internal")
}
agg, err := IAMAggregate(ctx, aggCreator, existing)
agg, err := IAMAggregate(ctx, aggCreator, existingIAM)
if err != nil {
return nil, err
}
@ -110,12 +111,12 @@ func IAMMemberChangedAggregate(aggCreator *es_models.AggregateCreator, existing
}
}
func IAMMemberRemovedAggregate(aggCreator *es_models.AggregateCreator, existing *model.IAM, member *model.IAMMember) func(ctx context.Context) (*es_models.Aggregate, error) {
func IAMMemberRemovedAggregate(aggCreator *es_models.AggregateCreator, existingIAM *model.IAM, member *model.IAMMember) func(ctx context.Context) (*es_models.Aggregate, error) {
return func(ctx context.Context) (*es_models.Aggregate, error) {
if member == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-90lsw", "Errors.Internal")
}
agg, err := IAMAggregate(ctx, aggCreator, existing)
agg, err := IAMAggregate(ctx, aggCreator, existingIAM)
if err != nil {
return nil, err
}

456
internal/iam/repository/eventsourcing/iam_test.go
View File

File diff suppressed because it is too large Load Diff

1
internal/key/repository/eventsourcing/eventstore.go
View File

@ -64,6 +64,7 @@ func (es *KeyEventstore) GenerateKeyPair(ctx context.Context, usage key_model.Ke
},
})
}
func (es *KeyEventstore) CreateKeyPair(ctx context.Context, pair *key_model.KeyPair) (*key_model.KeyPair, error) {
if !pair.IsValid() {
return nil, caos_errs.ThrowPreconditionFailed(nil, "EVENT-G34ga", "Name is required")

4
internal/management/repository/eventsourcing/eventstore/project.go
View File

@ -501,8 +501,8 @@ func (repo *ProjectRepo) ChangeProjectGrant(ctx context.Context, grant *proj_mod
ProjectID: grant.ProjectID,
UserID: grant.UserID,
}
existing := changed.RemoveRoleKeysIfExisting(removedRoles)
if existing {
roleDeleted := changed.RemoveRoleKeysIfExisting(removedRoles)
if roleDeleted {
_, agg, err := repo.UserGrantEvents.PrepareChangeUserGrant(ctx, changed, true)
if err != nil {
return nil, err

78
internal/management/repository/eventsourcing/eventstore/user.go
View File

@ -2,20 +2,20 @@ package eventstore
import (
"context"
"github.com/caos/zitadel/internal/config/systemdefaults"
caos_errs "github.com/caos/zitadel/internal/errors"
global_model "github.com/caos/zitadel/internal/model"
"github.com/caos/zitadel/internal/view/repository"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/config/systemdefaults"
"github.com/caos/zitadel/internal/errors"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
global_model "github.com/caos/zitadel/internal/model"
org_event "github.com/caos/zitadel/internal/org/repository/eventsourcing"
policy_event "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
usr_model "github.com/caos/zitadel/internal/user/model"
usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
"github.com/caos/zitadel/internal/user/repository/view/model"
"github.com/caos/zitadel/internal/view/repository"
)
type UserRepo struct {
@ -123,8 +123,8 @@ func (repo *UserRepo) UserChanges(ctx context.Context, id string, lastSequence u
return nil, err
}
for _, change := range changes.Changes {
change.ModifierName = change.ModifierId
user, _ := repo.UserEvents.UserByID(ctx, change.ModifierId)
change.ModifierName = change.ModifierID
user, _ := repo.UserEvents.UserByID(ctx, change.ModifierID)
if user != nil {
change.ModifierName = user.DisplayName
}
@ -149,6 +149,9 @@ func (repo *UserRepo) UserMfas(ctx context.Context, userID string) ([]*usr_model
if err != nil {
return nil, err
}
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-xx0hV", "Errors.User.NotHuman")
}
if user.OTPState == usr_model.MfaStateUnspecified {
return []*usr_model.MultiFactor{}, nil
}
@ -172,7 +175,51 @@ func (repo *UserRepo) ProfileByID(ctx context.Context, userID string) (*usr_mode
if err != nil {
return nil, err
}
return user.GetProfile(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-gDFC2", "Errors.User.NotHuman")
}
return user.GetProfile()
}
func (repo *UserRepo) ChangeMachine(ctx context.Context, machine *usr_model.Machine) (*usr_model.Machine, error) {
return repo.UserEvents.ChangeMachine(ctx, machine)
}
func (repo *UserRepo) GetMachineKey(ctx context.Context, userID, keyID string) (*usr_model.MachineKeyView, error) {
key, err := repo.View.MachineKeyByIDs(userID, keyID)
if err != nil {
return nil, err
}
return model.MachineKeyToModel(key), nil
}
func (repo *UserRepo) SearchMachineKeys(ctx context.Context, request *usr_model.MachineKeySearchRequest) (*usr_model.MachineKeySearchResponse, error) {
request.EnsureLimit(repo.SearchLimit)
sequence, seqErr := repo.View.GetLatestMachineKeySequence()
logging.Log("EVENT-Sk8fs").OnError(seqErr).Warn("could not read latest user sequence")
keys, count, err := repo.View.SearchMachineKeys(request)
if err != nil {
return nil, err
}
result := &usr_model.MachineKeySearchResponse{
Offset: request.Offset,
Limit: request.Limit,
TotalResult: count,
Result: model.MachineKeysToModel(keys),
}
if seqErr == nil {
result.Sequence = sequence.CurrentSequence
result.Timestamp = sequence.CurrentTimestamp
}
return result, nil
}
func (repo *UserRepo) AddMachineKey(ctx context.Context, key *usr_model.MachineKey) (*usr_model.MachineKey, error) {
return repo.UserEvents.AddMachineKey(ctx, key)
}
func (repo *UserRepo) RemoveMachineKey(ctx context.Context, userID, keyID string) error {
return repo.UserEvents.RemoveMachineKey(ctx, userID, keyID)
}
func (repo *UserRepo) ChangeProfile(ctx context.Context, profile *usr_model.Profile) (*usr_model.Profile, error) {
@ -192,7 +239,10 @@ func (repo *UserRepo) EmailByID(ctx context.Context, userID string) (*usr_model.
if err != nil {
return nil, err
}
return user.GetEmail(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-pt7HY", "Errors.User.NotHuman")
}
return user.GetEmail()
}
func (repo *UserRepo) ChangeEmail(ctx context.Context, email *usr_model.Email) (*usr_model.Email, error) {
@ -208,7 +258,10 @@ func (repo *UserRepo) PhoneByID(ctx context.Context, userID string) (*usr_model.
if err != nil {
return nil, err
}
return user.GetPhone(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-hliQl", "Errors.User.NotHuman")
}
return user.GetPhone()
}
func (repo *UserRepo) ChangePhone(ctx context.Context, email *usr_model.Phone) (*usr_model.Phone, error) {
@ -228,7 +281,10 @@ func (repo *UserRepo) AddressByID(ctx context.Context, userID string) (*usr_mode
if err != nil {
return nil, err
}
return user.GetAddress(), nil
if user.HumanView == nil {
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-LQh4I", "Errors.User.NotHuman")
}
return user.GetAddress()
}
func (repo *UserRepo) ChangeAddress(ctx context.Context, address *usr_model.Address) (*usr_model.Address, error) {

5
internal/management/repository/eventsourcing/handler/handler.go
View File

@ -1,13 +1,13 @@
package handler
import (
"github.com/caos/zitadel/internal/config/systemdefaults"
iam_event "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
"time"
"github.com/caos/zitadel/internal/config/systemdefaults"
"github.com/caos/zitadel/internal/config/types"
"github.com/caos/zitadel/internal/eventstore"
"github.com/caos/zitadel/internal/eventstore/query"
iam_event "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
"github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
org_event "github.com/caos/zitadel/internal/org/repository/eventsourcing"
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
@ -48,6 +48,7 @@ func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, ev
&OrgMember{handler: handler{view, bulkLimit, configs.cycleDuration("OrgMember"), errorCount}, userEvents: repos.UserEvents},
&OrgDomain{handler: handler{view, bulkLimit, configs.cycleDuration("OrgDomain"), errorCount}},
&UserMembership{handler: handler{view, bulkLimit, configs.cycleDuration("UserMembership"), errorCount}, orgEvents: repos.OrgEvents, projectEvents: repos.ProjectEvents},
&MachineKeys{handler: handler{view, bulkLimit, configs.cycleDuration("MachineKeys"), errorCount}},
&IDPConfig{handler: handler{view, bulkLimit, configs.cycleDuration("IDPConfig"), errorCount}},
&LoginPolicy{handler: handler{view, bulkLimit, configs.cycleDuration("LoginPolicy"), errorCount}},
&IDPProvider{handler: handler{view, bulkLimit, configs.cycleDuration("IDPProvider"), errorCount}, systemDefaults: defaults, iamEvents: repos.IamEvents, orgEvents: repos.OrgEvents},

Some files were not shown because too many files have changed in this diff Show More