mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 01:37:31 +00:00
Merge branch 'master' into new-eventstore
# Conflicts: # go.mod # internal/admin/repository/eventsourcing/eventstore/iam.go # internal/authz/repository/eventsourcing/repository.go # internal/eventstore/eventstore.go # internal/setup/config.go # pkg/grpc/management/mock/management.proto.mock.go
This commit is contained in:
Livio Amstutz
@@ -30,6 +30,4 @@ type AuthRequestRepository interface {
|
||||
LinkExternalUsers(ctx context.Context, authReqID, userAgentID string, info *model.BrowserInfo) error
|
||||
AutoRegisterExternalUser(ctx context.Context, user *user_model.User, externalIDP *user_model.ExternalIDP, member *org_model.OrgMember, authReqID, userAgentID, resourceOwner string, info *model.BrowserInfo) error
|
||||
ResetLinkingUsers(ctx context.Context, authReqID, userAgentID string) error
|
||||
|
||||
GetOrgByPrimaryDomain(primaryDomain string) (*org_model.OrgView, error)
|
||||
}
|
||||
|
||||
@@ -110,6 +110,9 @@ func (repo *AuthRequestRepo) CreateAuthRequest(ctx context.Context, request *mod
|
||||
}
|
||||
request.Audience = appIDs
|
||||
request.AppendAudIfNotExisting(app.ProjectID)
|
||||
if err := setOrgID(repo.OrgViewProvider, request); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if request.LoginHint != "" {
|
||||
err = repo.checkLoginName(ctx, request, request.LoginHint)
|
||||
logging.LogWithFields("EVENT-aG311", "login name", request.LoginHint, "id", request.ID, "applicationID", request.ApplicationID, "traceID", tracing.TraceIDFromCtx(ctx)).OnError(err).Debug("login hint invalid")
|
||||
@@ -238,6 +241,9 @@ func (repo *AuthRequestRepo) SelectUser(ctx context.Context, id, userID, userAge
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if request.RequestedOrgID != "" && request.RequestedOrgID != user.ResourceOwner {
|
||||
return errors.ThrowPreconditionFailed(nil, "EVENT-fJe2a", "Errors.User.NotAllowedOrg")
|
||||
}
|
||||
request.SetUserInfo(user.ID, user.PreferredLoginName, user.DisplayName, user.ResourceOwner)
|
||||
return repo.AuthRequests.UpdateAuthRequest(ctx, request)
|
||||
}
|
||||
@@ -442,16 +448,9 @@ func (repo *AuthRequestRepo) getLoginPolicyAndIDPProviders(ctx context.Context,
|
||||
}
|
||||
|
||||
func (repo *AuthRequestRepo) fillLoginPolicy(ctx context.Context, request *model.AuthRequest) error {
|
||||
orgID := request.UserOrgID
|
||||
orgID := request.RequestedOrgID
|
||||
if orgID == "" {
|
||||
primaryDomain := request.GetScopeOrgPrimaryDomain()
|
||||
if primaryDomain != "" {
|
||||
org, err := repo.GetOrgByPrimaryDomain(primaryDomain)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
orgID = org.ID
|
||||
}
|
||||
orgID = request.UserOrgID
|
||||
}
|
||||
if orgID == "" {
|
||||
orgID = repo.IAMID
|
||||
@@ -469,19 +468,9 @@ func (repo *AuthRequestRepo) fillLoginPolicy(ctx context.Context, request *model
|
||||
}
|
||||
|
||||
func (repo *AuthRequestRepo) checkLoginName(ctx context.Context, request *model.AuthRequest, loginName string) (err error) {
|
||||
primaryDomain := request.GetScopeOrgPrimaryDomain()
|
||||
orgID := ""
|
||||
if primaryDomain != "" {
|
||||
org, err := repo.GetOrgByPrimaryDomain(primaryDomain)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
orgID = org.ID
|
||||
}
|
||||
|
||||
user := new(user_view_model.UserView)
|
||||
if orgID != "" {
|
||||
user, err = repo.View.UserByLoginNameAndResourceOwner(loginName, orgID)
|
||||
if request.RequestedOrgID != "" {
|
||||
user, err = repo.View.UserByLoginNameAndResourceOwner(loginName, request.RequestedOrgID)
|
||||
} else {
|
||||
user, err = repo.View.UserByLoginName(loginName)
|
||||
if err == nil {
|
||||
@@ -499,14 +488,6 @@ func (repo *AuthRequestRepo) checkLoginName(ctx context.Context, request *model.
|
||||
return nil
|
||||
}
|
||||
|
||||
func (repo AuthRequestRepo) GetOrgByPrimaryDomain(primaryDomain string) (*org_model.OrgView, error) {
|
||||
org, err := repo.OrgViewProvider.OrgByPrimaryDomain(primaryDomain)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return org_view_model.OrgToModel(org), nil
|
||||
}
|
||||
|
||||
func (repo AuthRequestRepo) checkLoginPolicyWithResourceOwner(ctx context.Context, request *model.AuthRequest, user *user_view_model.UserView) error {
|
||||
loginPolicy, idpProviders, err := repo.getLoginPolicyAndIDPProviders(ctx, user.ResourceOwner)
|
||||
if err != nil {
|
||||
@@ -537,15 +518,9 @@ func (repo *AuthRequestRepo) checkSelectedExternalIDP(request *model.AuthRequest
|
||||
}
|
||||
|
||||
func (repo *AuthRequestRepo) checkExternalUserLogin(request *model.AuthRequest, idpConfigID, externalUserID string) (err error) {
|
||||
primaryDomain := request.GetScopeOrgPrimaryDomain()
|
||||
externalIDP := new(user_view_model.ExternalIDPView)
|
||||
org := new(org_model.OrgView)
|
||||
if primaryDomain != "" {
|
||||
org, err = repo.GetOrgByPrimaryDomain(primaryDomain)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
externalIDP, err = repo.View.ExternalIDPByExternalUserIDAndIDPConfigIDAndResourceOwner(externalUserID, idpConfigID, org.ID)
|
||||
if request.RequestedOrgID != "" {
|
||||
externalIDP, err = repo.View.ExternalIDPByExternalUserIDAndIDPConfigIDAndResourceOwner(externalUserID, idpConfigID, request.RequestedOrgID)
|
||||
} else {
|
||||
externalIDP, err = repo.View.ExternalIDPByExternalUserIDAndIDPConfigID(externalUserID, idpConfigID)
|
||||
}
|
||||
@@ -653,10 +628,11 @@ func (repo *AuthRequestRepo) usersForUserSelection(request *model.AuthRequest) (
|
||||
users := make([]model.UserSelection, len(userSessions))
|
||||
for i, session := range userSessions {
|
||||
users[i] = model.UserSelection{
|
||||
UserID: session.UserID,
|
||||
DisplayName: session.DisplayName,
|
||||
LoginName: session.LoginName,
|
||||
UserSessionState: session.State,
|
||||
UserID: session.UserID,
|
||||
DisplayName: session.DisplayName,
|
||||
LoginName: session.LoginName,
|
||||
UserSessionState: session.State,
|
||||
SelectionPossible: request.RequestedOrgID == "" || request.RequestedOrgID == session.ResourceOwner,
|
||||
}
|
||||
}
|
||||
return users, nil
|
||||
@@ -667,24 +643,28 @@ func (repo *AuthRequestRepo) firstFactorChecked(request *model.AuthRequest, user
|
||||
return &model.InitUserStep{PasswordSet: user.PasswordSet}
|
||||
}
|
||||
|
||||
if user.IsPasswordlessReady() {
|
||||
if !checkVerificationTime(userSession.PasswordlessVerification, repo.MultiFactorCheckLifeTime) {
|
||||
return &model.PasswordlessStep{}
|
||||
var step model.NextStep
|
||||
if request.LoginPolicy.PasswordlessType != iam_model.PasswordlessTypeNotAllowed && user.IsPasswordlessReady() {
|
||||
if checkVerificationTime(userSession.PasswordlessVerification, repo.MultiFactorCheckLifeTime) {
|
||||
request.AuthTime = userSession.PasswordlessVerification
|
||||
return nil
|
||||
}
|
||||
request.AuthTime = userSession.PasswordlessVerification
|
||||
return nil
|
||||
step = &model.PasswordlessStep{}
|
||||
}
|
||||
|
||||
if !user.PasswordSet {
|
||||
return &model.InitPasswordStep{}
|
||||
}
|
||||
|
||||
if !checkVerificationTime(userSession.PasswordVerification, repo.PasswordCheckLifeTime) {
|
||||
return &model.PasswordStep{}
|
||||
if checkVerificationTime(userSession.PasswordVerification, repo.PasswordCheckLifeTime) {
|
||||
request.PasswordVerified = true
|
||||
request.AuthTime = userSession.PasswordVerification
|
||||
return nil
|
||||
}
|
||||
request.PasswordVerified = true
|
||||
request.AuthTime = userSession.PasswordVerification
|
||||
return nil
|
||||
if step != nil {
|
||||
return step
|
||||
}
|
||||
return &model.PasswordStep{}
|
||||
}
|
||||
|
||||
func (repo *AuthRequestRepo) mfaChecked(userSession *user_model.UserSessionView, request *model.AuthRequest, user *user_model.UserView) (model.NextStep, bool, error) {
|
||||
@@ -753,6 +733,21 @@ func (repo *AuthRequestRepo) getLoginPolicy(ctx context.Context, orgID string) (
|
||||
return iam_es_model.LoginPolicyViewToModel(policy), err
|
||||
}
|
||||
|
||||
func setOrgID(orgViewProvider orgViewProvider, request *model.AuthRequest) error {
|
||||
primaryDomain := request.GetScopeOrgPrimaryDomain()
|
||||
if primaryDomain == "" {
|
||||
return nil
|
||||
}
|
||||
|
||||
org, err := orgViewProvider.OrgByPrimaryDomain(primaryDomain)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
request.RequestedOrgID = org.ID
|
||||
request.RequestedOrgName = org.Name
|
||||
return nil
|
||||
}
|
||||
|
||||
func getLoginPolicyIDPProviders(provider idpProviderViewProvider, iamID, orgID string, defaultPolicy bool) ([]*iam_model.IDPProviderView, error) {
|
||||
if defaultPolicy {
|
||||
idpProviders, err := provider.IDPProvidersByAggregateIDAndState(iamID, iam_model.IDPConfigStateActive)
|
||||
@@ -824,9 +819,8 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
|
||||
case es_model.UserRemoved:
|
||||
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-dG2fe", "Errors.User.NotActive")
|
||||
}
|
||||
if err := sessionCopy.AppendEvent(event); err != nil {
|
||||
return user_view_model.UserSessionToModel(&sessionCopy), nil
|
||||
}
|
||||
err := sessionCopy.AppendEvent(event)
|
||||
logging.Log("EVENT-qbhj3").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("error appending event")
|
||||
}
|
||||
return user_view_model.UserSessionToModel(&sessionCopy), nil
|
||||
}
|
||||
|
||||
@@ -56,8 +56,9 @@ type mockViewUserSession struct {
|
||||
}
|
||||
|
||||
type mockUser struct {
|
||||
UserID string
|
||||
LoginName string
|
||||
UserID string
|
||||
LoginName string
|
||||
ResourceOwner string
|
||||
}
|
||||
|
||||
func (m *mockViewUserSession) UserSessionByIDs(string, string) (*user_view_model.UserSessionView, error) {
|
||||
@@ -74,8 +75,9 @@ func (m *mockViewUserSession) UserSessionsByAgentID(string) ([]*user_view_model.
|
||||
sessions := make([]*user_view_model.UserSessionView, len(m.Users))
|
||||
for i, user := range m.Users {
|
||||
sessions[i] = &user_view_model.UserSessionView{
|
||||
UserID: user.UserID,
|
||||
LoginName: user.LoginName,
|
||||
UserID: user.UserID,
|
||||
LoginName: user.LoginName,
|
||||
ResourceOwner: user.ResourceOwner,
|
||||
}
|
||||
}
|
||||
return sessions, nil
|
||||
@@ -270,10 +272,12 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
{
|
||||
"id1",
|
||||
"loginname1",
|
||||
"orgID1",
|
||||
},
|
||||
{
|
||||
"id2",
|
||||
"loginname2",
|
||||
"orgID2",
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -285,12 +289,52 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
&model.SelectUserStep{
|
||||
Users: []model.UserSelection{
|
||||
{
|
||||
UserID: "id1",
|
||||
LoginName: "loginname1",
|
||||
UserID: "id1",
|
||||
LoginName: "loginname1",
|
||||
SelectionPossible: true,
|
||||
},
|
||||
{
|
||||
UserID: "id2",
|
||||
LoginName: "loginname2",
|
||||
UserID: "id2",
|
||||
LoginName: "loginname2",
|
||||
SelectionPossible: true,
|
||||
},
|
||||
},
|
||||
}},
|
||||
nil,
|
||||
},
|
||||
{
|
||||
"user not set, primary domain set, prompt select account, login and select account steps",
|
||||
fields{
|
||||
userSessionViewProvider: &mockViewUserSession{
|
||||
Users: []mockUser{
|
||||
{
|
||||
"id1",
|
||||
"loginname1",
|
||||
"orgID1",
|
||||
},
|
||||
{
|
||||
"id2",
|
||||
"loginname2",
|
||||
"orgID2",
|
||||
},
|
||||
},
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
},
|
||||
args{&model.AuthRequest{Prompt: model.PromptSelectAccount, RequestedOrgID: "orgID1"}, false},
|
||||
[]model.NextStep{
|
||||
&model.LoginStep{},
|
||||
&model.SelectUserStep{
|
||||
Users: []model.UserSelection{
|
||||
{
|
||||
UserID: "id1",
|
||||
LoginName: "loginname1",
|
||||
SelectionPossible: true,
|
||||
},
|
||||
{
|
||||
UserID: "id2",
|
||||
LoginName: "loginname2",
|
||||
SelectionPossible: false,
|
||||
},
|
||||
},
|
||||
}},
|
||||
@@ -386,7 +430,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: org_model.OrgStateActive},
|
||||
},
|
||||
args{&model.AuthRequest{UserID: "UserID"}, false},
|
||||
args{&model.AuthRequest{UserID: "UserID", LoginPolicy: &iam_model.LoginPolicyView{}}, false},
|
||||
[]model.NextStep{&model.PasswordStep{}},
|
||||
nil,
|
||||
},
|
||||
@@ -431,7 +475,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
orgViewProvider: &mockViewOrg{State: org_model.OrgStateActive},
|
||||
MultiFactorCheckLifeTime: 10 * time.Hour,
|
||||
},
|
||||
args{&model.AuthRequest{UserID: "UserID"}, false},
|
||||
args{&model.AuthRequest{UserID: "UserID", LoginPolicy: &iam_model.LoginPolicyView{PasswordlessType: iam_model.PasswordlessTypeAllowed}}, false},
|
||||
[]model.NextStep{&model.PasswordlessStep{}},
|
||||
nil,
|
||||
},
|
||||
@@ -456,7 +500,8 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
args{&model.AuthRequest{
|
||||
UserID: "UserID",
|
||||
LoginPolicy: &iam_model.LoginPolicyView{
|
||||
MultiFactors: []iam_model.MultiFactorType{iam_model.MultiFactorTypeU2FWithPIN},
|
||||
PasswordlessType: iam_model.PasswordlessTypeAllowed,
|
||||
MultiFactors: []iam_model.MultiFactorType{iam_model.MultiFactorTypeU2FWithPIN},
|
||||
},
|
||||
}, false},
|
||||
[]model.NextStep{&model.VerifyEMailStep{}},
|
||||
@@ -470,7 +515,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: org_model.OrgStateActive},
|
||||
},
|
||||
args{&model.AuthRequest{UserID: "UserID"}, false},
|
||||
args{&model.AuthRequest{UserID: "UserID", LoginPolicy: &iam_model.LoginPolicyView{}}, false},
|
||||
[]model.NextStep{&model.InitPasswordStep{}},
|
||||
nil,
|
||||
},
|
||||
@@ -534,7 +579,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
orgViewProvider: &mockViewOrg{State: org_model.OrgStateActive},
|
||||
PasswordCheckLifeTime: 10 * 24 * time.Hour,
|
||||
},
|
||||
args{&model.AuthRequest{UserID: "UserID"}, false},
|
||||
args{&model.AuthRequest{UserID: "UserID", LoginPolicy: &iam_model.LoginPolicyView{}}, false},
|
||||
[]model.NextStep{&model.PasswordStep{}},
|
||||
nil,
|
||||
},
|
||||
@@ -566,6 +611,35 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
[]model.NextStep{&model.RedirectToCallbackStep{}},
|
||||
nil,
|
||||
},
|
||||
{
|
||||
"password verified, passwordless set up, mfa not verified, mfa check step",
|
||||
fields{
|
||||
userSessionViewProvider: &mockViewUserSession{
|
||||
PasswordVerification: time.Now().UTC().Add(-5 * time.Minute),
|
||||
},
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
PasswordlessTokens: user_view_model.WebAuthNTokens{&user_view_model.WebAuthNView{ID: "id", State: int32(user_model.MFAStateReady)}},
|
||||
OTPState: int32(user_model.MFAStateReady),
|
||||
MFAMaxSetUp: int32(model.MFALevelMultiFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: org_model.OrgStateActive},
|
||||
PasswordCheckLifeTime: 10 * 24 * time.Hour,
|
||||
SecondFactorCheckLifeTime: 18 * time.Hour,
|
||||
},
|
||||
args{
|
||||
&model.AuthRequest{
|
||||
UserID: "UserID",
|
||||
LoginPolicy: &iam_model.LoginPolicyView{
|
||||
SecondFactors: []iam_model.SecondFactorType{iam_model.SecondFactorTypeOTP},
|
||||
},
|
||||
}, false},
|
||||
[]model.NextStep{&model.MFAVerificationStep{
|
||||
MFAProviders: []model.MFAType{model.MFATypeOTP},
|
||||
}},
|
||||
nil,
|
||||
},
|
||||
{
|
||||
"mfa not verified, mfa check step",
|
||||
fields{
|
||||
@@ -843,6 +917,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
args{
|
||||
&model.AuthRequest{
|
||||
UserID: "UserID",
|
||||
LoginPolicy: &iam_model.LoginPolicyView{},
|
||||
SelectedIDPConfigID: "IDPConfigID",
|
||||
LinkingUsers: []*model.ExternalUser{{IDPConfigID: "IDPConfigID", ExternalUserID: "UserID", DisplayName: "DisplayName"}},
|
||||
}, false},
|
||||
|
||||
@@ -36,7 +36,7 @@ type OrgRepository struct {
|
||||
|
||||
func (repo *OrgRepository) SearchOrgs(ctx context.Context, request *org_model.OrgSearchRequest) (*org_model.OrgSearchResult, error) {
|
||||
request.EnsureLimit(repo.SearchLimit)
|
||||
sequence, err := repo.View.GetLatestOrgSequence()
|
||||
sequence, err := repo.View.GetLatestOrgSequence("")
|
||||
logging.Log("EVENT-7Udhz").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest org sequence")
|
||||
members, count, err := repo.View.SearchOrgs(request)
|
||||
if err != nil {
|
||||
|
||||
@@ -109,7 +109,7 @@ func (repo *UserRepo) ChangeMyProfile(ctx context.Context, profile *model.Profil
|
||||
|
||||
func (repo *UserRepo) SearchMyExternalIDPs(ctx context.Context, request *model.ExternalIDPSearchRequest) (*model.ExternalIDPSearchResponse, error) {
|
||||
request.EnsureLimit(repo.SearchLimit)
|
||||
sequence, seqErr := repo.View.GetLatestExternalIDPSequence()
|
||||
sequence, seqErr := repo.View.GetLatestExternalIDPSequence("")
|
||||
logging.Log("EVENT-5Jsi8").OnError(seqErr).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest user sequence")
|
||||
request.AppendUserQuery(authz.GetCtxData(ctx).UserID)
|
||||
externalIDPS, count, err := repo.View.SearchExternalIDPs(request)
|
||||
@@ -303,11 +303,26 @@ func (repo *UserRepo) RemoveMyMFAOTP(ctx context.Context) error {
|
||||
}
|
||||
|
||||
func (repo *UserRepo) AddMFAU2F(ctx context.Context, userID string) (*model.WebAuthNToken, error) {
|
||||
return repo.UserEvents.AddU2F(ctx, userID, true)
|
||||
accountName := ""
|
||||
user, err := repo.UserByID(ctx, userID)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-DAqe1").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get user for loginname")
|
||||
} else {
|
||||
accountName = user.PreferredLoginName
|
||||
}
|
||||
return repo.UserEvents.AddU2F(ctx, userID, accountName, true)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) AddMyMFAU2F(ctx context.Context) (*model.WebAuthNToken, error) {
|
||||
return repo.UserEvents.AddU2F(ctx, authz.GetCtxData(ctx).UserID, false)
|
||||
userID := authz.GetCtxData(ctx).UserID
|
||||
accountName := ""
|
||||
user, err := repo.UserByID(ctx, userID)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-Ghwl1").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get user for loginname")
|
||||
} else {
|
||||
accountName = user.PreferredLoginName
|
||||
}
|
||||
return repo.UserEvents.AddU2F(ctx, userID, accountName, false)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) VerifyMFAU2FSetup(ctx context.Context, userID, tokenName, userAgentID string, credentialData []byte) error {
|
||||
@@ -326,12 +341,35 @@ func (repo *UserRepo) RemoveMyMFAU2F(ctx context.Context, webAuthNTokenID string
|
||||
return repo.UserEvents.RemoveU2FToken(ctx, authz.GetCtxData(ctx).UserID, webAuthNTokenID)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) GetPasswordless(ctx context.Context, userID string) ([]*model.WebAuthNToken, error) {
|
||||
return repo.UserEvents.GetPasswordless(ctx, userID)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) AddPasswordless(ctx context.Context, userID string) (*model.WebAuthNToken, error) {
|
||||
return repo.UserEvents.AddPasswordless(ctx, userID, true)
|
||||
accountName := ""
|
||||
user, err := repo.UserByID(ctx, userID)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-Vj2k1").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get user for loginname")
|
||||
} else {
|
||||
accountName = user.PreferredLoginName
|
||||
}
|
||||
return repo.UserEvents.AddPasswordless(ctx, userID, accountName, true)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) GetMyPasswordless(ctx context.Context) ([]*model.WebAuthNToken, error) {
|
||||
return repo.UserEvents.GetPasswordless(ctx, authz.GetCtxData(ctx).UserID)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) AddMyPasswordless(ctx context.Context) (*model.WebAuthNToken, error) {
|
||||
return repo.UserEvents.AddPasswordless(ctx, authz.GetCtxData(ctx).UserID, false)
|
||||
userID := authz.GetCtxData(ctx).UserID
|
||||
accountName := ""
|
||||
user, err := repo.UserByID(ctx, userID)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-AEq21").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get user for loginname")
|
||||
} else {
|
||||
accountName = user.PreferredLoginName
|
||||
}
|
||||
return repo.UserEvents.AddPasswordless(ctx, authz.GetCtxData(ctx).UserID, accountName, false)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) VerifyPasswordlessSetup(ctx context.Context, userID, tokenName, userAgentID string, credentialData []byte) error {
|
||||
|
||||
@@ -29,7 +29,7 @@ type UserGrantRepo struct {
|
||||
|
||||
func (repo *UserGrantRepo) SearchMyUserGrants(ctx context.Context, request *grant_model.UserGrantSearchRequest) (*grant_model.UserGrantSearchResponse, error) {
|
||||
request.EnsureLimit(repo.SearchLimit)
|
||||
sequence, err := repo.View.GetLatestUserGrantSequence()
|
||||
sequence, err := repo.View.GetLatestUserGrantSequence("")
|
||||
logging.Log("EVENT-Hd7s3").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest user grant sequence")
|
||||
request.Queries = append(request.Queries, &grant_model.UserGrantSearchQuery{Key: grant_model.UserGrantSearchKeyUserID, Method: global_model.SearchMethodEquals, Value: authz.GetCtxData(ctx).UserID})
|
||||
grants, count, err := repo.View.SearchUserGrants(request)
|
||||
|
||||
@@ -5,7 +5,9 @@ import (
|
||||
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
"github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
||||
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
||||
@@ -13,19 +15,52 @@ import (
|
||||
view_model "github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
)
|
||||
|
||||
type Application struct {
|
||||
handler
|
||||
projectEvents *proj_event.ProjectEventstore
|
||||
}
|
||||
|
||||
const (
|
||||
applicationTable = "auth.applications"
|
||||
)
|
||||
|
||||
type Application struct {
|
||||
handler
|
||||
projectEvents *proj_event.ProjectEventstore
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newApplication(handler handler, projectEvents *proj_event.ProjectEventstore) *Application {
|
||||
h := &Application{
|
||||
handler: handler,
|
||||
projectEvents: projectEvents,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (a *Application) subscribe() {
|
||||
a.subscription = a.es.Subscribe(a.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range a.subscription.Events {
|
||||
query.ReduceEvent(a, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (a *Application) ViewModel() string {
|
||||
return applicationTable
|
||||
}
|
||||
|
||||
func (_ *Application) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{es_model.ProjectAggregate}
|
||||
}
|
||||
|
||||
func (a *Application) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := a.view.GetLatestApplicationSequence()
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (a *Application) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := a.view.GetLatestApplicationSequence()
|
||||
if err != nil {
|
||||
@@ -65,30 +100,33 @@ func (a *Application) Reduce(event *models.Event) (err error) {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return a.view.DeleteApplication(app.ID, event.Sequence, event.CreationDate)
|
||||
return a.view.DeleteApplication(app.ID, event)
|
||||
case es_model.ProjectChanged:
|
||||
apps, err := a.view.ApplicationsByProjectID(event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if len(apps) == 0 {
|
||||
return a.view.ProcessedApplicationSequence(event.Sequence, event.CreationDate)
|
||||
return a.view.ProcessedApplicationSequence(event)
|
||||
}
|
||||
for _, app := range apps {
|
||||
if err := app.AppendEvent(event); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return a.view.PutApplications(apps, event.Sequence, event.CreationDate)
|
||||
return a.view.PutApplications(apps, event)
|
||||
case es_model.ProjectRemoved:
|
||||
return a.view.DeleteApplicationsByProjectID(event.AggregateID)
|
||||
err = a.view.DeleteApplicationsByProjectID(event.AggregateID)
|
||||
if err == nil {
|
||||
return a.view.ProcessedApplicationSequence(event)
|
||||
}
|
||||
default:
|
||||
return a.view.ProcessedApplicationSequence(event.Sequence, event.CreationDate)
|
||||
return a.view.ProcessedApplicationSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return a.view.PutApplication(app, event.CreationDate)
|
||||
return a.view.PutApplication(app, event)
|
||||
}
|
||||
|
||||
func (a *Application) OnError(event *models.Event, spoolerError error) error {
|
||||
|
||||
@@ -26,6 +26,12 @@ type handler struct {
|
||||
bulkLimit uint64
|
||||
cycleDuration time.Duration
|
||||
errorCountUntilSkip uint64
|
||||
|
||||
es eventstore.Eventstore
|
||||
}
|
||||
|
||||
func (h *handler) Eventstore() eventstore.Eventstore {
|
||||
return h.es
|
||||
}
|
||||
|
||||
type EventstoreRepos struct {
|
||||
@@ -35,39 +41,65 @@ type EventstoreRepos struct {
|
||||
IamEvents *iam_events.IAMEventstore
|
||||
}
|
||||
|
||||
func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, eventstore eventstore.Eventstore, repos EventstoreRepos, systemDefaults sd.SystemDefaults) []query.Handler {
|
||||
func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es eventstore.Eventstore, repos EventstoreRepos, systemDefaults sd.SystemDefaults) []query.Handler {
|
||||
return []query.Handler{
|
||||
&User{handler: handler{view, bulkLimit, configs.cycleDuration("User"), errorCount},
|
||||
orgEvents: repos.OrgEvents, iamEvents: repos.IamEvents, iamID: systemDefaults.IamID},
|
||||
&UserSession{handler: handler{view, bulkLimit, configs.cycleDuration("UserSession"), errorCount}, userEvents: repos.UserEvents},
|
||||
&UserMembership{handler: handler{view, bulkLimit, configs.cycleDuration("UserMembership"), errorCount}, orgEvents: repos.OrgEvents, projectEvents: repos.ProjectEvents},
|
||||
&Token{handler: handler{view, bulkLimit, configs.cycleDuration("Token"), errorCount}, ProjectEvents: repos.ProjectEvents},
|
||||
&Key{handler: handler{view, bulkLimit, configs.cycleDuration("Key"), errorCount}},
|
||||
&Application{handler: handler{view, bulkLimit, configs.cycleDuration("Application"), errorCount}, projectEvents: repos.ProjectEvents},
|
||||
&Org{handler: handler{view, bulkLimit, configs.cycleDuration("Org"), errorCount}},
|
||||
&UserGrant{
|
||||
handler: handler{view, bulkLimit, configs.cycleDuration("UserGrant"), errorCount},
|
||||
eventstore: eventstore,
|
||||
userEvents: repos.UserEvents,
|
||||
orgEvents: repos.OrgEvents,
|
||||
projectEvents: repos.ProjectEvents,
|
||||
iamEvents: repos.IamEvents,
|
||||
iamID: systemDefaults.IamID},
|
||||
&MachineKeys{handler: handler{view, bulkLimit, configs.cycleDuration("MachineKey"), errorCount}},
|
||||
&LoginPolicy{handler: handler{view, bulkLimit, configs.cycleDuration("LoginPolicy"), errorCount}},
|
||||
&IDPConfig{handler: handler{view, bulkLimit, configs.cycleDuration("IDPConfig"), errorCount}},
|
||||
&IDPProvider{handler: handler{view, bulkLimit, configs.cycleDuration("IDPProvider"), errorCount}, systemDefaults: systemDefaults, orgEvents: repos.OrgEvents, iamEvents: repos.IamEvents},
|
||||
&ExternalIDP{handler: handler{view, bulkLimit, configs.cycleDuration("ExternalIDP"), errorCount}, systemDefaults: systemDefaults, orgEvents: repos.OrgEvents, iamEvents: repos.IamEvents},
|
||||
&PasswordComplexityPolicy{handler: handler{view, bulkLimit, configs.cycleDuration("PasswordComplexityPolicy"), errorCount}},
|
||||
&OrgIAMPolicy{handler: handler{view, bulkLimit, configs.cycleDuration("OrgIAMPolicy"), errorCount}},
|
||||
&ProjectRole{handler: handler{view, bulkLimit, configs.cycleDuration("ProjectRole"), errorCount}, projectEvents: repos.ProjectEvents},
|
||||
newUser(
|
||||
handler{view, bulkLimit, configs.cycleDuration("User"), errorCount, es},
|
||||
repos.OrgEvents,
|
||||
repos.IamEvents,
|
||||
systemDefaults.IamID),
|
||||
newUserSession(
|
||||
handler{view, bulkLimit, configs.cycleDuration("UserSession"), errorCount, es},
|
||||
repos.UserEvents),
|
||||
newUserMembership(
|
||||
handler{view, bulkLimit, configs.cycleDuration("UserMembership"), errorCount, es},
|
||||
repos.OrgEvents,
|
||||
repos.ProjectEvents),
|
||||
newToken(
|
||||
handler{view, bulkLimit, configs.cycleDuration("Token"), errorCount, es},
|
||||
repos.ProjectEvents),
|
||||
newKey(
|
||||
handler{view, bulkLimit, configs.cycleDuration("Key"), errorCount, es}),
|
||||
newApplication(handler{view, bulkLimit, configs.cycleDuration("Application"), errorCount, es},
|
||||
repos.ProjectEvents),
|
||||
newOrg(
|
||||
handler{view, bulkLimit, configs.cycleDuration("Org"), errorCount, es}),
|
||||
newUserGrant(
|
||||
handler{view, bulkLimit, configs.cycleDuration("UserGrant"), errorCount, es},
|
||||
repos.ProjectEvents,
|
||||
repos.UserEvents,
|
||||
repos.OrgEvents,
|
||||
repos.IamEvents,
|
||||
systemDefaults.IamID),
|
||||
newMachineKeys(
|
||||
handler{view, bulkLimit, configs.cycleDuration("MachineKey"), errorCount, es}),
|
||||
newLoginPolicy(
|
||||
handler{view, bulkLimit, configs.cycleDuration("LoginPolicy"), errorCount, es}),
|
||||
newIDPConfig(
|
||||
handler{view, bulkLimit, configs.cycleDuration("IDPConfig"), errorCount, es}),
|
||||
newIDPProvider(
|
||||
handler{view, bulkLimit, configs.cycleDuration("IDPProvider"), errorCount, es},
|
||||
systemDefaults,
|
||||
repos.IamEvents,
|
||||
repos.OrgEvents),
|
||||
newExternalIDP(
|
||||
handler{view, bulkLimit, configs.cycleDuration("ExternalIDP"), errorCount, es},
|
||||
systemDefaults,
|
||||
repos.IamEvents,
|
||||
repos.OrgEvents),
|
||||
newPasswordComplexityPolicy(
|
||||
handler{view, bulkLimit, configs.cycleDuration("PasswordComplexityPolicy"), errorCount, es}),
|
||||
newOrgIAMPolicy(
|
||||
handler{view, bulkLimit, configs.cycleDuration("OrgIAMPolicy"), errorCount, es}),
|
||||
newProjectRole(handler{view, bulkLimit, configs.cycleDuration("ProjectRole"), errorCount, es},
|
||||
repos.ProjectEvents),
|
||||
}
|
||||
}
|
||||
|
||||
func (configs Configs) cycleDuration(viewModel string) time.Duration {
|
||||
c, ok := configs[viewModel]
|
||||
if !ok {
|
||||
return 1 * time.Second
|
||||
return 3 * time.Minute
|
||||
}
|
||||
return c.MinimumCycleDuration.Duration
|
||||
}
|
||||
@@ -76,6 +108,10 @@ func (h *handler) MinimumCycleDuration() time.Duration {
|
||||
return h.cycleDuration
|
||||
}
|
||||
|
||||
func (h *handler) LockDuration() time.Duration {
|
||||
return h.cycleDuration / 3
|
||||
}
|
||||
|
||||
func (h *handler) QueryLimit() uint64 {
|
||||
return h.bulkLimit
|
||||
}
|
||||
|
||||
@@ -2,8 +2,10 @@ package handler
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
@@ -11,25 +13,57 @@ import (
|
||||
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
)
|
||||
|
||||
type IDPConfig struct {
|
||||
handler
|
||||
}
|
||||
|
||||
const (
|
||||
idpConfigTable = "auth.idp_configs"
|
||||
)
|
||||
|
||||
type IDPConfig struct {
|
||||
handler
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newIDPConfig(h handler) *IDPConfig {
|
||||
idpConfig := &IDPConfig{
|
||||
handler: h,
|
||||
}
|
||||
|
||||
idpConfig.subscribe()
|
||||
|
||||
return idpConfig
|
||||
}
|
||||
|
||||
func (i *IDPConfig) subscribe() {
|
||||
i.subscription = i.es.Subscribe(i.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range i.subscription.Events {
|
||||
query.ReduceEvent(i, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (i *IDPConfig) ViewModel() string {
|
||||
return idpConfigTable
|
||||
}
|
||||
|
||||
func (_ *IDPConfig) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{model.OrgAggregate, iam_es_model.IAMAggregate}
|
||||
}
|
||||
|
||||
func (i *IDPConfig) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := i.view.GetLatestIDPConfigSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (i *IDPConfig) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := i.view.GetLatestIDPConfigSequence()
|
||||
sequence, err := i.view.GetLatestIDPConfigSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(model.OrgAggregate, iam_es_model.IAMAggregate).
|
||||
AggregateTypeFilter(i.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
@@ -66,14 +100,14 @@ func (i *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, eve
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.DeleteIDPConfig(idp.IDPConfigID, event.Sequence, event.CreationDate)
|
||||
return i.view.DeleteIDPConfig(idp.IDPConfigID, event)
|
||||
default:
|
||||
return i.view.ProcessedIDPConfigSequence(event.Sequence, event.CreationDate)
|
||||
return i.view.ProcessedIDPConfigSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.PutIDPConfig(idp, idp.Sequence, event.CreationDate)
|
||||
return i.view.PutIDPConfig(idp, event)
|
||||
}
|
||||
|
||||
func (i *IDPConfig) OnError(event *models.Event, err error) error {
|
||||
|
||||
@@ -2,42 +2,85 @@ package handler
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/config/systemdefaults"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/iam/repository/eventsourcing"
|
||||
org_es "github.com/caos/zitadel/internal/org/repository/eventsourcing"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
"github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
)
|
||||
|
||||
const (
|
||||
idpProviderTable = "auth.idp_providers"
|
||||
)
|
||||
|
||||
type IDPProvider struct {
|
||||
handler
|
||||
systemDefaults systemdefaults.SystemDefaults
|
||||
iamEvents *eventsourcing.IAMEventstore
|
||||
orgEvents *org_es.OrgEventstore
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
const (
|
||||
idpProviderTable = "auth.idp_providers"
|
||||
)
|
||||
func newIDPProvider(
|
||||
h handler,
|
||||
defaults systemdefaults.SystemDefaults,
|
||||
iamEvents *eventsourcing.IAMEventstore,
|
||||
orgEvents *org_es.OrgEventstore,
|
||||
) *IDPProvider {
|
||||
idpProvider := &IDPProvider{
|
||||
handler: h,
|
||||
systemDefaults: defaults,
|
||||
iamEvents: iamEvents,
|
||||
orgEvents: orgEvents,
|
||||
}
|
||||
|
||||
idpProvider.subscribe()
|
||||
|
||||
return idpProvider
|
||||
}
|
||||
|
||||
func (i *IDPProvider) subscribe() {
|
||||
i.subscription = i.es.Subscribe(i.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range i.subscription.Events {
|
||||
query.ReduceEvent(i, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (i *IDPProvider) ViewModel() string {
|
||||
return idpProviderTable
|
||||
}
|
||||
|
||||
func (_ *IDPProvider) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{model.IAMAggregate, org_es_model.OrgAggregate}
|
||||
}
|
||||
|
||||
func (i *IDPProvider) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := i.view.GetLatestIDPProviderSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (i *IDPProvider) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := i.view.GetLatestIDPProviderSequence()
|
||||
sequence, err := i.view.GetLatestIDPProviderSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(model.IAMAggregate, org_es_model.OrgAggregate).
|
||||
AggregateTypeFilter(i.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
@@ -64,7 +107,7 @@ func (i *IDPProvider) processIdpProvider(event *models.Event) (err error) {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.DeleteIDPProvider(event.AggregateID, provider.IDPConfigID, event.Sequence, event.CreationDate)
|
||||
return i.view.DeleteIDPProvider(event.AggregateID, provider.IDPConfigID, event)
|
||||
case model.IDPConfigChanged, org_es_model.IDPConfigChanged:
|
||||
esConfig := new(iam_view_model.IDPConfigView)
|
||||
providerType := iam_model.IDPProviderTypeSystem
|
||||
@@ -88,16 +131,16 @@ func (i *IDPProvider) processIdpProvider(event *models.Event) (err error) {
|
||||
for _, provider := range providers {
|
||||
i.fillConfigData(provider, config)
|
||||
}
|
||||
return i.view.PutIDPProviders(event.Sequence, event.CreationDate, providers...)
|
||||
return i.view.PutIDPProviders(event, providers...)
|
||||
case org_es_model.LoginPolicyRemoved:
|
||||
return i.view.DeleteIDPProvidersByAggregateID(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return i.view.DeleteIDPProvidersByAggregateID(event.AggregateID, event)
|
||||
default:
|
||||
return i.view.ProcessedIDPProviderSequence(event.Sequence, event.CreationDate)
|
||||
return i.view.ProcessedIDPProviderSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.PutIDPProvider(provider, provider.Sequence, event.CreationDate)
|
||||
return i.view.PutIDPProvider(provider, event)
|
||||
}
|
||||
|
||||
func (i *IDPProvider) fillData(provider *iam_view_model.IDPProviderView) (err error) {
|
||||
|
||||
@@ -3,30 +3,62 @@ package handler
|
||||
import (
|
||||
"time"
|
||||
|
||||
es_model "github.com/caos/zitadel/internal/key/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
"github.com/caos/zitadel/internal/key/repository/eventsourcing"
|
||||
es_model "github.com/caos/zitadel/internal/key/repository/eventsourcing/model"
|
||||
view_model "github.com/caos/zitadel/internal/key/repository/view/model"
|
||||
)
|
||||
|
||||
type Key struct {
|
||||
handler
|
||||
}
|
||||
|
||||
const (
|
||||
keyTable = "auth.keys"
|
||||
)
|
||||
|
||||
type Key struct {
|
||||
handler
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newKey(handler handler) *Key {
|
||||
h := &Key{
|
||||
handler: handler,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (k *Key) subscribe() {
|
||||
k.subscription = k.es.Subscribe(k.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range k.subscription.Events {
|
||||
query.ReduceEvent(k, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (k *Key) ViewModel() string {
|
||||
return keyTable
|
||||
}
|
||||
|
||||
func (_ *Key) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{es_model.KeyPairAggregate}
|
||||
}
|
||||
|
||||
func (k *Key) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := k.view.GetLatestKeySequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (k *Key) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := k.view.GetLatestKeySequence()
|
||||
sequence, err := k.view.GetLatestKeySequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -41,11 +73,11 @@ func (k *Key) Reduce(event *models.Event) error {
|
||||
return err
|
||||
}
|
||||
if privateKey.Expiry.Before(time.Now()) && publicKey.Expiry.Before(time.Now()) {
|
||||
return k.view.ProcessedKeySequence(event.Sequence, event.CreationDate)
|
||||
return k.view.ProcessedKeySequence(event)
|
||||
}
|
||||
return k.view.PutKeys(privateKey, publicKey, event.Sequence, event.CreationDate)
|
||||
return k.view.PutKeys(privateKey, publicKey, event)
|
||||
default:
|
||||
return k.view.ProcessedKeySequence(event.Sequence, event.CreationDate)
|
||||
return k.view.ProcessedKeySequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,34 +2,68 @@ package handler
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
)
|
||||
|
||||
type LoginPolicy struct {
|
||||
handler
|
||||
}
|
||||
|
||||
const (
|
||||
loginPolicyTable = "auth.login_policies"
|
||||
)
|
||||
|
||||
type LoginPolicy struct {
|
||||
handler
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newLoginPolicy(handler handler) *LoginPolicy {
|
||||
h := &LoginPolicy{
|
||||
handler: handler,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (p *LoginPolicy) subscribe() {
|
||||
p.subscription = p.es.Subscribe(p.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range p.subscription.Events {
|
||||
query.ReduceEvent(p, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (p *LoginPolicy) ViewModel() string {
|
||||
return loginPolicyTable
|
||||
}
|
||||
|
||||
func (_ *LoginPolicy) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{model.OrgAggregate, iam_es_model.IAMAggregate}
|
||||
}
|
||||
|
||||
func (p *LoginPolicy) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := p.view.GetLatestLoginPolicySequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (p *LoginPolicy) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := p.view.GetLatestLoginPolicySequence()
|
||||
sequence, err := p.view.GetLatestLoginPolicySequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(model.OrgAggregate, iam_es_model.IAMAggregate).
|
||||
AggregateTypeFilter(p.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
@@ -57,14 +91,14 @@ func (p *LoginPolicy) processLoginPolicy(event *models.Event) (err error) {
|
||||
}
|
||||
err = policy.AppendEvent(event)
|
||||
case model.LoginPolicyRemoved:
|
||||
return p.view.DeleteLoginPolicy(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return p.view.DeleteLoginPolicy(event.AggregateID, event)
|
||||
default:
|
||||
return p.view.ProcessedLoginPolicySequence(event.Sequence, event.CreationDate)
|
||||
return p.view.ProcessedLoginPolicySequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return p.view.PutLoginPolicy(policy, policy.Sequence, event.CreationDate)
|
||||
return p.view.PutLoginPolicy(policy, event)
|
||||
}
|
||||
|
||||
func (p *LoginPolicy) OnError(event *models.Event, err error) error {
|
||||
|
||||
@@ -5,73 +5,107 @@ import (
|
||||
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
"github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
usr_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
type MachineKeys struct {
|
||||
handler
|
||||
}
|
||||
|
||||
const (
|
||||
machineKeysTable = "auth.machine_keys"
|
||||
)
|
||||
|
||||
func (d *MachineKeys) ViewModel() string {
|
||||
type MachineKeys struct {
|
||||
handler
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newMachineKeys(handler handler) *MachineKeys {
|
||||
h := &MachineKeys{
|
||||
handler: handler,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (k *MachineKeys) subscribe() {
|
||||
k.subscription = k.es.Subscribe(k.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range k.subscription.Events {
|
||||
query.ReduceEvent(k, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (k *MachineKeys) ViewModel() string {
|
||||
return machineKeysTable
|
||||
}
|
||||
|
||||
func (d *MachineKeys) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := d.view.GetLatestMachineKeySequence()
|
||||
func (_ *MachineKeys) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.UserAggregate}
|
||||
}
|
||||
|
||||
func (k *MachineKeys) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := k.view.GetLatestMachineKeySequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (k *MachineKeys) EventQuery() (*es_models.SearchQuery, error) {
|
||||
sequence, err := k.view.GetLatestMachineKeySequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(model.UserAggregate).
|
||||
AggregateTypeFilter(k.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (d *MachineKeys) Reduce(event *models.Event) (err error) {
|
||||
func (k *MachineKeys) Reduce(event *es_models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case model.UserAggregate:
|
||||
err = d.processMachineKeys(event)
|
||||
err = k.processMachineKeys(event)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (d *MachineKeys) processMachineKeys(event *models.Event) (err error) {
|
||||
func (k *MachineKeys) processMachineKeys(event *es_models.Event) (err error) {
|
||||
key := new(usr_model.MachineKeyView)
|
||||
switch event.Type {
|
||||
case model.MachineKeyAdded:
|
||||
err = key.AppendEvent(event)
|
||||
if key.ExpirationDate.Before(time.Now()) {
|
||||
return d.view.ProcessedMachineKeySequence(event.Sequence, event.CreationDate)
|
||||
return k.view.ProcessedMachineKeySequence(event)
|
||||
}
|
||||
case model.MachineKeyRemoved:
|
||||
err = key.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return d.view.DeleteMachineKey(key.ID, event.Sequence, event.CreationDate)
|
||||
return k.view.DeleteMachineKey(key.ID, event)
|
||||
case model.UserRemoved:
|
||||
return d.view.DeleteMachineKeysByUserID(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return k.view.DeleteMachineKeysByUserID(event.AggregateID, event)
|
||||
default:
|
||||
return d.view.ProcessedMachineKeySequence(event.Sequence, event.CreationDate)
|
||||
return k.view.ProcessedMachineKeySequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return d.view.PutMachineKey(key, key.Sequence, event.CreationDate)
|
||||
return k.view.PutMachineKey(key, event)
|
||||
}
|
||||
|
||||
func (d *MachineKeys) OnError(event *models.Event, err error) error {
|
||||
func (k *MachineKeys) OnError(event *es_models.Event, err error) error {
|
||||
logging.LogWithFields("SPOOL-S9fe", "id", event.AggregateID).WithError(err).Warn("something went wrong in machine key handler")
|
||||
return spooler.HandleError(event, err, d.view.GetLatestMachineKeyFailedEvent, d.view.ProcessedMachineKeyFailedEvent, d.view.ProcessedMachineKeySequence, d.errorCountUntilSkip)
|
||||
return spooler.HandleError(event, err, k.view.GetLatestMachineKeyFailedEvent, k.view.ProcessedMachineKeyFailedEvent, k.view.ProcessedMachineKeySequence, k.errorCountUntilSkip)
|
||||
}
|
||||
|
||||
func (d *MachineKeys) OnSuccess() error {
|
||||
return spooler.HandleSuccess(d.view.UpdateMachineKeySpoolerRunTimestamp)
|
||||
func (k *MachineKeys) OnSuccess() error {
|
||||
return spooler.HandleSuccess(k.view.UpdateMachineKeySpoolerRunTimestamp)
|
||||
}
|
||||
|
||||
@@ -3,27 +3,62 @@ package handler
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
"github.com/caos/zitadel/internal/org/repository/eventsourcing"
|
||||
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
org_model "github.com/caos/zitadel/internal/org/repository/view/model"
|
||||
)
|
||||
|
||||
type Org struct {
|
||||
handler
|
||||
}
|
||||
|
||||
const (
|
||||
orgTable = "auth.orgs"
|
||||
)
|
||||
|
||||
type Org struct {
|
||||
handler
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newOrg(handler handler) *Org {
|
||||
h := &Org{
|
||||
handler: handler,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (o *Org) subscribe() {
|
||||
o.subscription = o.es.Subscribe(o.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range o.subscription.Events {
|
||||
query.ReduceEvent(o, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (o *Org) ViewModel() string {
|
||||
return orgTable
|
||||
}
|
||||
|
||||
func (_ *Org) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.OrgAggregate}
|
||||
}
|
||||
|
||||
func (o *Org) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := o.view.GetLatestOrgSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (o *Org) EventQuery() (*es_models.SearchQuery, error) {
|
||||
sequence, err := o.view.GetLatestOrgSequence()
|
||||
sequence, err := o.view.GetLatestOrgSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -58,13 +93,13 @@ func (o *Org) Reduce(event *es_models.Event) (err error) {
|
||||
}
|
||||
org.Domain = domain.Domain
|
||||
default:
|
||||
return o.view.ProcessedOrgSequence(event.Sequence, event.CreationDate)
|
||||
return o.view.ProcessedOrgSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return o.view.PutOrg(org, event.CreationDate)
|
||||
return o.view.PutOrg(org, event)
|
||||
}
|
||||
|
||||
func (o *Org) OnError(event *es_models.Event, spoolerErr error) error {
|
||||
|
||||
@@ -2,68 +2,101 @@ package handler
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
)
|
||||
|
||||
type OrgIAMPolicy struct {
|
||||
handler
|
||||
}
|
||||
|
||||
const (
|
||||
orgIAMPolicyTable = "auth.org_iam_policies"
|
||||
)
|
||||
|
||||
type OrgIAMPolicy struct {
|
||||
handler
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newOrgIAMPolicy(handler handler) *OrgIAMPolicy {
|
||||
h := &OrgIAMPolicy{
|
||||
handler: handler,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) subscribe() {
|
||||
p.subscription = p.es.Subscribe(p.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range p.subscription.Events {
|
||||
query.ReduceEvent(p, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) ViewModel() string {
|
||||
return orgIAMPolicyTable
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := p.view.GetLatestOrgIAMPolicySequence()
|
||||
func (_ *OrgIAMPolicy) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{org_es_model.OrgAggregate, iam_es_model.IAMAggregate}
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := p.view.GetLatestOrgIAMPolicySequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) EventQuery() (*es_models.SearchQuery, error) {
|
||||
sequence, err := p.view.GetLatestOrgIAMPolicySequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(model.OrgAggregate, iam_es_model.IAMAggregate).
|
||||
AggregateTypeFilter(p.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) Reduce(event *models.Event) (err error) {
|
||||
func (p *OrgIAMPolicy) Reduce(event *es_models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case model.OrgAggregate, iam_es_model.IAMAggregate:
|
||||
case org_es_model.OrgAggregate, iam_es_model.IAMAggregate:
|
||||
err = p.processOrgIAMPolicy(event)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) processOrgIAMPolicy(event *models.Event) (err error) {
|
||||
func (p *OrgIAMPolicy) processOrgIAMPolicy(event *es_models.Event) (err error) {
|
||||
policy := new(iam_model.OrgIAMPolicyView)
|
||||
switch event.Type {
|
||||
case iam_es_model.OrgIAMPolicyAdded, model.OrgIAMPolicyAdded:
|
||||
case iam_es_model.OrgIAMPolicyAdded, org_es_model.OrgIAMPolicyAdded:
|
||||
err = policy.AppendEvent(event)
|
||||
case iam_es_model.OrgIAMPolicyChanged, model.OrgIAMPolicyChanged:
|
||||
case iam_es_model.OrgIAMPolicyChanged, org_es_model.OrgIAMPolicyChanged:
|
||||
policy, err = p.view.OrgIAMPolicyByAggregateID(event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = policy.AppendEvent(event)
|
||||
case model.OrgIAMPolicyRemoved:
|
||||
return p.view.DeleteOrgIAMPolicy(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
case org_es_model.OrgIAMPolicyRemoved:
|
||||
return p.view.DeleteOrgIAMPolicy(event.AggregateID, event)
|
||||
default:
|
||||
return p.view.ProcessedOrgIAMPolicySequence(event.Sequence, event.CreationDate)
|
||||
return p.view.ProcessedOrgIAMPolicySequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return p.view.PutOrgIAMPolicy(policy, policy.Sequence, event.CreationDate)
|
||||
return p.view.PutOrgIAMPolicy(policy, event)
|
||||
}
|
||||
|
||||
func (p *OrgIAMPolicy) OnError(event *models.Event, err error) error {
|
||||
func (p *OrgIAMPolicy) OnError(event *es_models.Event, err error) error {
|
||||
logging.LogWithFields("SPOOL-3Gj8s", "id", event.AggregateID).WithError(err).Warn("something went wrong in orgIAM policy handler")
|
||||
return spooler.HandleError(event, err, p.view.GetLatestOrgIAMPolicyFailedEvent, p.view.ProcessedOrgIAMPolicyFailedEvent, p.view.ProcessedOrgIAMPolicySequence, p.errorCountUntilSkip)
|
||||
}
|
||||
|
||||
@@ -2,68 +2,101 @@ package handler
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
)
|
||||
|
||||
type PasswordComplexityPolicy struct {
|
||||
handler
|
||||
}
|
||||
|
||||
const (
|
||||
passwordComplexityPolicyTable = "auth.password_complexity_policies"
|
||||
)
|
||||
|
||||
type PasswordComplexityPolicy struct {
|
||||
handler
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newPasswordComplexityPolicy(handler handler) *PasswordComplexityPolicy {
|
||||
h := &PasswordComplexityPolicy{
|
||||
handler: handler,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) subscribe() {
|
||||
p.subscription = p.es.Subscribe(p.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range p.subscription.Events {
|
||||
query.ReduceEvent(p, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) ViewModel() string {
|
||||
return passwordComplexityPolicyTable
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := p.view.GetLatestPasswordComplexityPolicySequence()
|
||||
func (_ *PasswordComplexityPolicy) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{org_es_model.OrgAggregate, iam_es_model.IAMAggregate}
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := p.view.GetLatestPasswordComplexityPolicySequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) EventQuery() (*es_models.SearchQuery, error) {
|
||||
sequence, err := p.view.GetLatestPasswordComplexityPolicySequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(model.OrgAggregate, iam_es_model.IAMAggregate).
|
||||
AggregateTypeFilter(p.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) Reduce(event *models.Event) (err error) {
|
||||
func (p *PasswordComplexityPolicy) Reduce(event *es_models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case model.OrgAggregate, iam_es_model.IAMAggregate:
|
||||
case org_es_model.OrgAggregate, iam_es_model.IAMAggregate:
|
||||
err = p.processPasswordComplexityPolicy(event)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) processPasswordComplexityPolicy(event *models.Event) (err error) {
|
||||
func (p *PasswordComplexityPolicy) processPasswordComplexityPolicy(event *es_models.Event) (err error) {
|
||||
policy := new(iam_model.PasswordComplexityPolicyView)
|
||||
switch event.Type {
|
||||
case iam_es_model.PasswordComplexityPolicyAdded, model.PasswordComplexityPolicyAdded:
|
||||
case iam_es_model.PasswordComplexityPolicyAdded, org_es_model.PasswordComplexityPolicyAdded:
|
||||
err = policy.AppendEvent(event)
|
||||
case iam_es_model.PasswordComplexityPolicyChanged, model.PasswordComplexityPolicyChanged:
|
||||
case iam_es_model.PasswordComplexityPolicyChanged, org_es_model.PasswordComplexityPolicyChanged:
|
||||
policy, err = p.view.PasswordComplexityPolicyByAggregateID(event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = policy.AppendEvent(event)
|
||||
case model.PasswordComplexityPolicyRemoved:
|
||||
return p.view.DeletePasswordComplexityPolicy(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
case org_es_model.PasswordComplexityPolicyRemoved:
|
||||
return p.view.DeletePasswordComplexityPolicy(event.AggregateID, event)
|
||||
default:
|
||||
return p.view.ProcessedPasswordComplexityPolicySequence(event.Sequence, event.CreationDate)
|
||||
return p.view.ProcessedPasswordComplexityPolicySequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return p.view.PutPasswordComplexityPolicy(policy, policy.Sequence, event.CreationDate)
|
||||
return p.view.PutPasswordComplexityPolicy(policy, event)
|
||||
}
|
||||
|
||||
func (p *PasswordComplexityPolicy) OnError(event *models.Event, err error) error {
|
||||
func (p *PasswordComplexityPolicy) OnError(event *es_models.Event, err error) error {
|
||||
logging.LogWithFields("SPOOL-4Djo9", "id", event.AggregateID).WithError(err).Warn("something went wrong in passwordComplexity policy handler")
|
||||
return spooler.HandleError(event, err, p.view.GetLatestPasswordComplexityPolicyFailedEvent, p.view.ProcessedPasswordComplexityPolicyFailedEvent, p.view.ProcessedPasswordComplexityPolicySequence, p.errorCountUntilSkip)
|
||||
}
|
||||
|
||||
@@ -2,42 +2,80 @@ package handler
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
"github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
||||
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
||||
es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
proj_events "github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
||||
"github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
view_model "github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
)
|
||||
|
||||
type ProjectRole struct {
|
||||
handler
|
||||
projectEvents *proj_event.ProjectEventstore
|
||||
}
|
||||
|
||||
const (
|
||||
projectRoleTable = "auth.project_roles"
|
||||
)
|
||||
|
||||
type ProjectRole struct {
|
||||
handler
|
||||
projectEvents *proj_event.ProjectEventstore
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newProjectRole(
|
||||
handler handler,
|
||||
projectEvents *proj_events.ProjectEventstore,
|
||||
) *ProjectRole {
|
||||
h := &ProjectRole{
|
||||
handler: handler,
|
||||
projectEvents: projectEvents,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (k *ProjectRole) subscribe() {
|
||||
k.subscription = k.es.Subscribe(k.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range k.subscription.Events {
|
||||
query.ReduceEvent(k, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (p *ProjectRole) ViewModel() string {
|
||||
return projectRoleTable
|
||||
}
|
||||
|
||||
func (p *ProjectRole) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := p.view.GetLatestProjectRoleSequence()
|
||||
func (_ *ProjectRole) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.ProjectAggregate}
|
||||
}
|
||||
|
||||
func (p *ProjectRole) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := p.view.GetLatestProjectRoleSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (p *ProjectRole) EventQuery() (*es_models.SearchQuery, error) {
|
||||
sequence, err := p.view.GetLatestProjectRoleSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return eventsourcing.ProjectQuery(sequence.CurrentSequence), nil
|
||||
return proj_events.ProjectQuery(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (p *ProjectRole) Reduce(event *models.Event) (err error) {
|
||||
func (p *ProjectRole) Reduce(event *es_models.Event) (err error) {
|
||||
role := new(view_model.ProjectRoleView)
|
||||
switch event.Type {
|
||||
case es_model.ProjectRoleAdded:
|
||||
case model.ProjectRoleAdded:
|
||||
err = role.AppendEvent(event)
|
||||
case es_model.ProjectRoleChanged:
|
||||
case model.ProjectRoleChanged:
|
||||
err = role.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -47,24 +85,27 @@ func (p *ProjectRole) Reduce(event *models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
err = role.AppendEvent(event)
|
||||
case es_model.ProjectRoleRemoved:
|
||||
case model.ProjectRoleRemoved:
|
||||
err = role.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return p.view.DeleteProjectRole(event.AggregateID, event.ResourceOwner, role.Key, event.Sequence, event.CreationDate)
|
||||
case es_model.ProjectRemoved:
|
||||
return p.view.DeleteProjectRolesByProjectID(event.AggregateID)
|
||||
return p.view.DeleteProjectRole(event.AggregateID, event.ResourceOwner, role.Key, event)
|
||||
case model.ProjectRemoved:
|
||||
err := p.view.DeleteProjectRolesByProjectID(event.AggregateID)
|
||||
if err == nil {
|
||||
return p.view.ProcessedProjectRoleSequence(event)
|
||||
}
|
||||
default:
|
||||
return p.view.ProcessedProjectRoleSequence(event.Sequence, event.CreationDate)
|
||||
return p.view.ProcessedProjectRoleSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return p.view.PutProjectRole(role, event.CreationDate)
|
||||
return p.view.PutProjectRole(role, event)
|
||||
}
|
||||
|
||||
func (p *ProjectRole) OnError(event *models.Event, err error) error {
|
||||
func (p *ProjectRole) OnError(event *es_models.Event, err error) error {
|
||||
logging.LogWithFields("SPOOL-lso9w", "id", event.AggregateID).WithError(err).Warn("something went wrong in project role handler")
|
||||
return spooler.HandleError(event, err, p.view.GetLatestProjectRoleFailedEvent, p.view.ProcessedProjectRoleFailedEvent, p.view.ProcessedProjectRoleSequence, p.errorCountUntilSkip)
|
||||
}
|
||||
|
||||
@@ -6,8 +6,10 @@ import (
|
||||
|
||||
"github.com/caos/logging"
|
||||
caos_errs "github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
||||
project_es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
@@ -15,21 +17,57 @@ import (
|
||||
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
type Token struct {
|
||||
handler
|
||||
ProjectEvents *proj_event.ProjectEventstore
|
||||
}
|
||||
|
||||
const (
|
||||
tokenTable = "auth.tokens"
|
||||
)
|
||||
|
||||
type Token struct {
|
||||
handler
|
||||
ProjectEvents *proj_event.ProjectEventstore
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newToken(
|
||||
handler handler,
|
||||
projectEvents *proj_event.ProjectEventstore,
|
||||
) *Token {
|
||||
h := &Token{
|
||||
handler: handler,
|
||||
ProjectEvents: projectEvents,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (t *Token) subscribe() {
|
||||
t.subscription = t.es.Subscribe(t.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range t.subscription.Events {
|
||||
query.ReduceEvent(t, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (t *Token) ViewModel() string {
|
||||
return tokenTable
|
||||
}
|
||||
|
||||
func (_ *Token) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{user_es_model.UserAggregate, project_es_model.ProjectAggregate}
|
||||
}
|
||||
|
||||
func (p *Token) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := p.view.GetLatestTokenSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (t *Token) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := t.view.GetLatestTokenSequence()
|
||||
sequence, err := t.view.GetLatestTokenSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -49,7 +87,7 @@ func (t *Token) Reduce(event *models.Event) (err error) {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.PutToken(token, event.CreationDate)
|
||||
return t.view.PutToken(token, event)
|
||||
case user_es_model.UserProfileChanged,
|
||||
user_es_model.HumanProfileChanged:
|
||||
user := new(view_model.UserView)
|
||||
@@ -61,25 +99,25 @@ func (t *Token) Reduce(event *models.Event) (err error) {
|
||||
for _, token := range tokens {
|
||||
token.PreferredLanguage = user.PreferredLanguage
|
||||
}
|
||||
return t.view.PutTokens(tokens, event.Sequence, event.CreationDate)
|
||||
return t.view.PutTokens(tokens, event)
|
||||
case user_es_model.SignedOut,
|
||||
user_es_model.HumanSignedOut:
|
||||
id, err := agentIDFromSession(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.DeleteSessionTokens(id, event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return t.view.DeleteSessionTokens(id, event.AggregateID, event)
|
||||
case user_es_model.UserLocked,
|
||||
user_es_model.UserDeactivated,
|
||||
user_es_model.UserRemoved:
|
||||
return t.view.DeleteUserTokens(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return t.view.DeleteUserTokens(event.AggregateID, event)
|
||||
case project_es_model.ApplicationDeactivated,
|
||||
project_es_model.ApplicationRemoved:
|
||||
application, err := applicationFromSession(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.DeleteApplicationTokens(event.Sequence, event.CreationDate, application.AppID)
|
||||
return t.view.DeleteApplicationTokens(event, application.AppID)
|
||||
case project_es_model.ProjectDeactivated,
|
||||
project_es_model.ProjectRemoved:
|
||||
project, err := t.ProjectEvents.ProjectByID(context.Background(), event.AggregateID)
|
||||
@@ -90,9 +128,9 @@ func (t *Token) Reduce(event *models.Event) (err error) {
|
||||
for _, app := range project.Applications {
|
||||
applicationsIDs = append(applicationsIDs, app.AppID)
|
||||
}
|
||||
return t.view.DeleteApplicationTokens(event.Sequence, event.CreationDate, applicationsIDs...)
|
||||
return t.view.DeleteApplicationTokens(event, applicationsIDs...)
|
||||
default:
|
||||
return t.view.ProcessedTokenSequence(event.Sequence, event.CreationDate)
|
||||
return t.view.ProcessedTokenSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,45 +2,83 @@ package handler
|
||||
|
||||
import (
|
||||
"context"
|
||||
iam_es "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
|
||||
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_es "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
|
||||
org_model "github.com/caos/zitadel/internal/org/model"
|
||||
org_events "github.com/caos/zitadel/internal/org/repository/eventsourcing"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
type User struct {
|
||||
handler
|
||||
eventstore eventstore.Eventstore
|
||||
orgEvents *org_events.OrgEventstore
|
||||
iamEvents *iam_es.IAMEventstore
|
||||
iamID string
|
||||
}
|
||||
|
||||
const (
|
||||
userTable = "auth.users"
|
||||
)
|
||||
|
||||
type User struct {
|
||||
handler
|
||||
orgEvents *org_events.OrgEventstore
|
||||
iamEvents *iam_es.IAMEventstore
|
||||
iamID string
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newUser(
|
||||
handler handler,
|
||||
orgEvents *org_events.OrgEventstore,
|
||||
iamEvents *iam_es.IAMEventstore,
|
||||
iamID string,
|
||||
) *User {
|
||||
h := &User{
|
||||
handler: handler,
|
||||
orgEvents: orgEvents,
|
||||
iamEvents: iamEvents,
|
||||
iamID: iamID,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (k *User) subscribe() {
|
||||
k.subscription = k.es.Subscribe(k.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range k.subscription.Events {
|
||||
query.ReduceEvent(k, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (u *User) ViewModel() string {
|
||||
return userTable
|
||||
}
|
||||
|
||||
func (_ *User) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{es_model.UserAggregate, org_es_model.OrgAggregate}
|
||||
}
|
||||
|
||||
func (u *User) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := u.view.GetLatestUserSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (u *User) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := u.view.GetLatestUserSequence()
|
||||
sequence, err := u.view.GetLatestUserSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(es_model.UserAggregate, org_es_model.OrgAggregate).
|
||||
AggregateTypeFilter(u.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
@@ -120,14 +158,14 @@ func (u *User) ProcessUser(event *models.Event) (err error) {
|
||||
}
|
||||
err = u.fillLoginNames(user)
|
||||
case es_model.UserRemoved:
|
||||
return u.view.DeleteUser(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return u.view.DeleteUser(event.AggregateID, event)
|
||||
default:
|
||||
return u.view.ProcessedUserSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return u.view.PutUser(user, user.Sequence, event.CreationDate)
|
||||
return u.view.PutUser(user, event)
|
||||
}
|
||||
|
||||
func (u *User) fillLoginNames(user *view_model.UserView) (err error) {
|
||||
@@ -158,7 +196,7 @@ func (u *User) ProcessOrg(event *models.Event) (err error) {
|
||||
case org_es_model.OrgDomainPrimarySet:
|
||||
return u.fillPreferredLoginNamesOnOrgUsers(event)
|
||||
default:
|
||||
return u.view.ProcessedUserSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -181,7 +219,7 @@ func (u *User) fillLoginNamesOnOrgUsers(event *models.Event) error {
|
||||
for _, user := range users {
|
||||
user.SetLoginNames(policy, org.Domains)
|
||||
}
|
||||
return u.view.PutUsers(users, event.Sequence, event.CreationDate)
|
||||
return u.view.PutUsers(users, event)
|
||||
}
|
||||
|
||||
func (u *User) fillPreferredLoginNamesOnOrgUsers(event *models.Event) error {
|
||||
@@ -206,7 +244,7 @@ func (u *User) fillPreferredLoginNamesOnOrgUsers(event *models.Event) error {
|
||||
for _, user := range users {
|
||||
user.PreferredLoginName = user.GenerateLoginName(org.GetPrimaryDomain().Domain, policy.UserLoginMustBeDomain)
|
||||
}
|
||||
return u.view.PutUsers(users, 0, event.CreationDate)
|
||||
return u.view.PutUsers(users, event)
|
||||
}
|
||||
|
||||
func (u *User) OnError(event *models.Event, err error) error {
|
||||
|
||||
@@ -2,11 +2,14 @@ package handler
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/config/systemdefaults"
|
||||
caos_errs "github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
"github.com/caos/zitadel/internal/iam/repository/eventsourcing"
|
||||
@@ -18,28 +21,68 @@ import (
|
||||
usr_view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
const (
|
||||
externalIDPTable = "auth.user_external_idps"
|
||||
)
|
||||
|
||||
type ExternalIDP struct {
|
||||
handler
|
||||
systemDefaults systemdefaults.SystemDefaults
|
||||
iamEvents *eventsourcing.IAMEventstore
|
||||
orgEvents *org_es.OrgEventstore
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
const (
|
||||
externalIDPTable = "auth.user_external_idps"
|
||||
)
|
||||
func newExternalIDP(
|
||||
handler handler,
|
||||
defaults systemdefaults.SystemDefaults,
|
||||
iamEvents *eventsourcing.IAMEventstore,
|
||||
orgEvents *org_es.OrgEventstore,
|
||||
) *ExternalIDP {
|
||||
h := &ExternalIDP{
|
||||
handler: handler,
|
||||
systemDefaults: defaults,
|
||||
iamEvents: iamEvents,
|
||||
orgEvents: orgEvents,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) subscribe() {
|
||||
i.subscription = i.es.Subscribe(i.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range i.subscription.Events {
|
||||
query.ReduceEvent(i, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) ViewModel() string {
|
||||
return externalIDPTable
|
||||
}
|
||||
|
||||
func (_ *ExternalIDP) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.UserAggregate, iam_es_model.IAMAggregate, org_es_model.OrgAggregate}
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := i.view.GetLatestExternalIDPSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := i.view.GetLatestExternalIDPSequence()
|
||||
sequence, err := i.view.GetLatestExternalIDPSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(model.UserAggregate, iam_es_model.IAMAggregate, org_es_model.OrgAggregate).
|
||||
AggregateTypeFilter(i.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
@@ -67,16 +110,16 @@ func (i *ExternalIDP) processUser(event *models.Event) (err error) {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.DeleteExternalIDP(externalIDP.ExternalUserID, externalIDP.IDPConfigID, event.Sequence, event.CreationDate)
|
||||
return i.view.DeleteExternalIDP(externalIDP.ExternalUserID, externalIDP.IDPConfigID, event)
|
||||
case model.UserRemoved:
|
||||
return i.view.DeleteExternalIDPsByUserID(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return i.view.DeleteExternalIDPsByUserID(event.AggregateID, event)
|
||||
default:
|
||||
return i.view.ProcessedExternalIDPSequence(event.Sequence, event.CreationDate)
|
||||
return i.view.ProcessedExternalIDPSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.PutExternalIDP(externalIDP, externalIDP.Sequence, event.CreationDate)
|
||||
return i.view.PutExternalIDP(externalIDP, event)
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) processIdpConfig(event *models.Event) (err error) {
|
||||
@@ -104,9 +147,9 @@ func (i *ExternalIDP) processIdpConfig(event *models.Event) (err error) {
|
||||
for _, provider := range exterinalIDPs {
|
||||
i.fillConfigData(provider, config)
|
||||
}
|
||||
return i.view.PutExternalIDPs(event.Sequence, event.CreationDate, exterinalIDPs...)
|
||||
return i.view.PutExternalIDPs(event, exterinalIDPs...)
|
||||
default:
|
||||
return i.view.ProcessedExternalIDPSequence(event.Sequence, event.CreationDate)
|
||||
return i.view.ProcessedExternalIDPSequence(event)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_events "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
@@ -28,25 +29,68 @@ import (
|
||||
"github.com/caos/zitadel/internal/v2/domain"
|
||||
)
|
||||
|
||||
const (
|
||||
userGrantTable = "auth.user_grants"
|
||||
)
|
||||
|
||||
type UserGrant struct {
|
||||
handler
|
||||
eventstore eventstore.Eventstore
|
||||
projectEvents *proj_event.ProjectEventstore
|
||||
userEvents *usr_events.UserEventstore
|
||||
orgEvents *org_events.OrgEventstore
|
||||
iamEvents *iam_events.IAMEventstore
|
||||
iamID string
|
||||
iamProjectID string
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
const (
|
||||
userGrantTable = "auth.user_grants"
|
||||
)
|
||||
func newUserGrant(
|
||||
handler handler,
|
||||
projectEvents *proj_event.ProjectEventstore,
|
||||
userEvents *usr_events.UserEventstore,
|
||||
orgEvents *org_events.OrgEventstore,
|
||||
iamEvents *iam_events.IAMEventstore,
|
||||
iamID string,
|
||||
) *UserGrant {
|
||||
h := &UserGrant{
|
||||
handler: handler,
|
||||
projectEvents: projectEvents,
|
||||
userEvents: userEvents,
|
||||
orgEvents: orgEvents,
|
||||
iamEvents: iamEvents,
|
||||
iamID: iamID,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (k *UserGrant) subscribe() {
|
||||
k.subscription = k.es.Subscribe(k.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range k.subscription.Events {
|
||||
query.ReduceEvent(k, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (u *UserGrant) ViewModel() string {
|
||||
return userGrantTable
|
||||
}
|
||||
|
||||
func (_ *UserGrant) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{grant_es_model.UserGrantAggregate, iam_es_model.IAMAggregate, org_es_model.OrgAggregate, usr_es_model.UserAggregate, proj_es_model.ProjectAggregate}
|
||||
}
|
||||
|
||||
func (u *UserGrant) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := u.view.GetLatestUserGrantSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (u *UserGrant) EventQuery() (*models.SearchQuery, error) {
|
||||
if u.iamProjectID == "" {
|
||||
err := u.setIamProjectID()
|
||||
@@ -54,12 +98,12 @@ func (u *UserGrant) EventQuery() (*models.SearchQuery, error) {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
sequence, err := u.view.GetLatestUserGrantSequence()
|
||||
sequence, err := u.view.GetLatestUserGrantSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(grant_es_model.UserGrantAggregate, iam_es_model.IAMAggregate, org_es_model.OrgAggregate, usr_es_model.UserAggregate, proj_es_model.ProjectAggregate).
|
||||
AggregateTypeFilter(u.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
@@ -98,14 +142,14 @@ func (u *UserGrant) processUserGrant(event *models.Event) (err error) {
|
||||
}
|
||||
err = grant.AppendEvent(event)
|
||||
case grant_es_model.UserGrantRemoved, grant_es_model.UserGrantCascadeRemoved:
|
||||
return u.view.DeleteUserGrant(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return u.view.DeleteUserGrant(event.AggregateID, event)
|
||||
default:
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return u.view.PutUserGrant(grant, grant.Sequence, event.CreationDate)
|
||||
return u.view.PutUserGrant(grant, event)
|
||||
}
|
||||
|
||||
func (u *UserGrant) processUser(event *models.Event) (err error) {
|
||||
@@ -120,7 +164,7 @@ func (u *UserGrant) processUser(event *models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
if len(grants) == 0 {
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
user, err := u.userEvents.UserByID(context.Background(), event.AggregateID)
|
||||
if err != nil {
|
||||
@@ -129,9 +173,9 @@ func (u *UserGrant) processUser(event *models.Event) (err error) {
|
||||
for _, grant := range grants {
|
||||
u.fillUserData(grant, user)
|
||||
}
|
||||
return u.view.PutUserGrants(grants, event.Sequence, event.CreationDate)
|
||||
return u.view.PutUserGrants(grants, event)
|
||||
default:
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -149,7 +193,7 @@ func (u *UserGrant) processProject(event *models.Event) (err error) {
|
||||
for _, grant := range grants {
|
||||
u.fillProjectData(grant, project)
|
||||
}
|
||||
return u.view.PutUserGrants(grants, event.Sequence, event.CreationDate)
|
||||
return u.view.PutUserGrants(grants, event)
|
||||
case proj_es_model.ProjectMemberAdded, proj_es_model.ProjectMemberChanged, proj_es_model.ProjectMemberRemoved:
|
||||
member := new(proj_es_model.ProjectMember)
|
||||
member.SetData(event)
|
||||
@@ -159,7 +203,7 @@ func (u *UserGrant) processProject(event *models.Event) (err error) {
|
||||
member.SetData(event)
|
||||
return u.processMember(event, "PROJECT_GRANT", member.GrantID, member.UserID, member.Roles)
|
||||
default:
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -170,7 +214,7 @@ func (u *UserGrant) processOrg(event *models.Event) (err error) {
|
||||
member.SetData(event)
|
||||
return u.processMember(event, "ORG", "", member.UserID, member.Roles)
|
||||
default:
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -208,16 +252,16 @@ func (u *UserGrant) processIAMMember(event *models.Event, rolePrefix string, suf
|
||||
}
|
||||
grant.Sequence = event.Sequence
|
||||
grant.ChangeDate = event.CreationDate
|
||||
return u.view.PutUserGrant(grant, grant.Sequence, event.CreationDate)
|
||||
return u.view.PutUserGrant(grant, event)
|
||||
case iam_es_model.IAMMemberRemoved:
|
||||
member.SetData(event)
|
||||
grant, err := u.view.UserGrantByIDs(u.iamID, u.iamProjectID, member.UserID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return u.view.DeleteUserGrant(grant.ID, event.Sequence, event.CreationDate)
|
||||
return u.view.DeleteUserGrant(grant.ID, event)
|
||||
default:
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -253,7 +297,7 @@ func (u *UserGrant) processMember(event *models.Event, rolePrefix, roleSuffix st
|
||||
}
|
||||
grant.Sequence = event.Sequence
|
||||
grant.ChangeDate = event.CreationDate
|
||||
return u.view.PutUserGrant(grant, event.Sequence, event.CreationDate)
|
||||
return u.view.PutUserGrant(grant, event)
|
||||
case org_es_model.OrgMemberRemoved,
|
||||
proj_es_model.ProjectMemberRemoved,
|
||||
proj_es_model.ProjectGrantMemberRemoved:
|
||||
@@ -263,18 +307,18 @@ func (u *UserGrant) processMember(event *models.Event, rolePrefix, roleSuffix st
|
||||
return err
|
||||
}
|
||||
if errors.IsNotFound(err) {
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
if roleSuffix != "" {
|
||||
roleKeys = suffixRoles(roleSuffix, roleKeys)
|
||||
}
|
||||
if grant.RoleKeys == nil {
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
grant.RoleKeys = mergeExistingRoles(rolePrefix, roleSuffix, grant.RoleKeys, nil)
|
||||
return u.view.PutUserGrant(grant, event.Sequence, event.CreationDate)
|
||||
return u.view.PutUserGrant(grant, event)
|
||||
default:
|
||||
return u.view.ProcessedUserGrantSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,52 +2,90 @@ package handler
|
||||
|
||||
import (
|
||||
"context"
|
||||
"github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
org_model "github.com/caos/zitadel/internal/org/model"
|
||||
org_event "github.com/caos/zitadel/internal/org/repository/eventsourcing"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
|
||||
proj_es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
usr_model "github.com/caos/zitadel/internal/user/model"
|
||||
"github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
usr_es_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
const (
|
||||
userMembershipTable = "auth.user_memberships"
|
||||
)
|
||||
|
||||
type UserMembership struct {
|
||||
handler
|
||||
orgEvents *org_event.OrgEventstore
|
||||
projectEvents *proj_event.ProjectEventstore
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
const (
|
||||
userMembershipTable = "auth.user_memberships"
|
||||
)
|
||||
func newUserMembership(
|
||||
handler handler,
|
||||
orgEvents *org_event.OrgEventstore,
|
||||
projectEvents *proj_event.ProjectEventstore,
|
||||
) *UserMembership {
|
||||
h := &UserMembership{
|
||||
handler: handler,
|
||||
orgEvents: orgEvents,
|
||||
projectEvents: projectEvents,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (m *UserMembership) subscribe() {
|
||||
m.subscription = m.es.Subscribe(m.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range m.subscription.Events {
|
||||
query.ReduceEvent(m, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (m *UserMembership) ViewModel() string {
|
||||
return userMembershipTable
|
||||
}
|
||||
|
||||
func (_ *UserMembership) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{iam_es_model.IAMAggregate, org_es_model.OrgAggregate, proj_es_model.ProjectAggregate, model.UserAggregate}
|
||||
}
|
||||
|
||||
func (m *UserMembership) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := m.view.GetLatestUserMembershipSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (m *UserMembership) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := m.view.GetLatestUserMembershipSequence()
|
||||
sequence, err := m.view.GetLatestUserMembershipSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(iam_es_model.IAMAggregate, org_es_model.OrgAggregate, proj_es_model.ProjectAggregate, model.UserAggregate).
|
||||
AggregateTypeFilter(m.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (m *UserMembership) Reduce(event *models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case iam_es_model.IAMAggregate:
|
||||
err = m.processIam(event)
|
||||
err = m.processIAM(event)
|
||||
case org_es_model.OrgAggregate:
|
||||
err = m.processOrg(event)
|
||||
case proj_es_model.ProjectAggregate:
|
||||
@@ -58,7 +96,7 @@ func (m *UserMembership) Reduce(event *models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
|
||||
func (m *UserMembership) processIam(event *models.Event) (err error) {
|
||||
func (m *UserMembership) processIAM(event *models.Event) (err error) {
|
||||
member := new(usr_es_model.UserMembershipView)
|
||||
err = member.AppendEvent(event)
|
||||
if err != nil {
|
||||
@@ -74,14 +112,14 @@ func (m *UserMembership) processIam(event *models.Event) (err error) {
|
||||
}
|
||||
err = member.AppendEvent(event)
|
||||
case iam_es_model.IAMMemberRemoved:
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, event.AggregateID, usr_model.MemberTypeIam, event.Sequence, event.CreationDate)
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, event.AggregateID, usr_model.MemberTypeIam, event)
|
||||
default:
|
||||
return m.view.ProcessedUserMembershipSequence(event.Sequence, event.CreationDate)
|
||||
return m.view.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return m.view.PutUserMembership(member, event.Sequence, event.CreationDate)
|
||||
return m.view.PutUserMembership(member, event)
|
||||
}
|
||||
|
||||
func (m *UserMembership) fillIamDisplayName(member *usr_es_model.UserMembershipView) {
|
||||
@@ -105,16 +143,16 @@ func (m *UserMembership) processOrg(event *models.Event) (err error) {
|
||||
}
|
||||
err = member.AppendEvent(event)
|
||||
case org_es_model.OrgMemberRemoved:
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, event.AggregateID, usr_model.MemberTypeOrganisation, event.Sequence, event.CreationDate)
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, event.AggregateID, usr_model.MemberTypeOrganisation, event)
|
||||
case org_es_model.OrgChanged:
|
||||
return m.updateOrgName(event)
|
||||
default:
|
||||
return m.view.ProcessedUserMembershipSequence(event.Sequence, event.CreationDate)
|
||||
return m.view.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return m.view.PutUserMembership(member, event.Sequence, event.CreationDate)
|
||||
return m.view.PutUserMembership(member, event)
|
||||
}
|
||||
|
||||
func (m *UserMembership) fillOrgName(member *usr_es_model.UserMembershipView) (err error) {
|
||||
@@ -145,7 +183,7 @@ func (m *UserMembership) updateOrgName(event *models.Event) error {
|
||||
membership.DisplayName = org.Name
|
||||
}
|
||||
}
|
||||
return m.view.BulkPutUserMemberships(memberships, event.Sequence, event.CreationDate)
|
||||
return m.view.BulkPutUserMemberships(memberships, event)
|
||||
}
|
||||
|
||||
func (m *UserMembership) processProject(event *models.Event) (err error) {
|
||||
@@ -168,7 +206,7 @@ func (m *UserMembership) processProject(event *models.Event) (err error) {
|
||||
}
|
||||
err = member.AppendEvent(event)
|
||||
case proj_es_model.ProjectMemberRemoved:
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, event.AggregateID, usr_model.MemberTypeProject, event.Sequence, event.CreationDate)
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, event.AggregateID, usr_model.MemberTypeProject, event)
|
||||
case proj_es_model.ProjectGrantMemberChanged:
|
||||
member, err = m.view.UserMembershipByIDs(member.UserID, event.AggregateID, member.ObjectID, usr_model.MemberTypeProjectGrant)
|
||||
if err != nil {
|
||||
@@ -176,20 +214,20 @@ func (m *UserMembership) processProject(event *models.Event) (err error) {
|
||||
}
|
||||
err = member.AppendEvent(event)
|
||||
case proj_es_model.ProjectGrantMemberRemoved:
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, member.ObjectID, usr_model.MemberTypeProjectGrant, event.Sequence, event.CreationDate)
|
||||
return m.view.DeleteUserMembership(member.UserID, event.AggregateID, member.ObjectID, usr_model.MemberTypeProjectGrant, event)
|
||||
case proj_es_model.ProjectChanged:
|
||||
return m.updateProjectDisplayName(event)
|
||||
case proj_es_model.ProjectRemoved:
|
||||
return m.view.DeleteUserMembershipsByAggregateID(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return m.view.DeleteUserMembershipsByAggregateID(event.AggregateID, event)
|
||||
case proj_es_model.ProjectGrantRemoved:
|
||||
return m.view.DeleteUserMembershipsByAggregateIDAndObjectID(event.AggregateID, member.ObjectID, event.Sequence, event.CreationDate)
|
||||
return m.view.DeleteUserMembershipsByAggregateIDAndObjectID(event.AggregateID, member.ObjectID, event)
|
||||
default:
|
||||
return m.view.ProcessedUserMembershipSequence(event.Sequence, event.CreationDate)
|
||||
return m.view.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return m.view.PutUserMembership(member, event.Sequence, event.CreationDate)
|
||||
return m.view.PutUserMembership(member, event)
|
||||
}
|
||||
|
||||
func (m *UserMembership) fillProjectDisplayName(member *usr_es_model.UserMembershipView) (err error) {
|
||||
@@ -214,15 +252,15 @@ func (m *UserMembership) updateProjectDisplayName(event *models.Event) error {
|
||||
for _, membership := range memberships {
|
||||
membership.DisplayName = project.Name
|
||||
}
|
||||
return m.view.BulkPutUserMemberships(memberships, event.Sequence, event.CreationDate)
|
||||
return m.view.BulkPutUserMemberships(memberships, event)
|
||||
}
|
||||
|
||||
func (m *UserMembership) processUser(event *models.Event) (err error) {
|
||||
switch event.Type {
|
||||
case model.UserRemoved:
|
||||
return m.view.DeleteUserMembershipsByUserID(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return m.view.DeleteUserMembershipsByUserID(event.AggregateID, event)
|
||||
default:
|
||||
return m.view.ProcessedUserMembershipSequence(event.Sequence, event.CreationDate)
|
||||
return m.view.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,34 +1,70 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
req_model "github.com/caos/zitadel/internal/auth_request/model"
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/spooler"
|
||||
"github.com/caos/zitadel/internal/user/repository/eventsourcing"
|
||||
user_events "github.com/caos/zitadel/internal/user/repository/eventsourcing"
|
||||
es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
type UserSession struct {
|
||||
handler
|
||||
userEvents *user_events.UserEventstore
|
||||
}
|
||||
|
||||
const (
|
||||
userSessionTable = "auth.user_sessions"
|
||||
)
|
||||
|
||||
type UserSession struct {
|
||||
handler
|
||||
userEvents *user_events.UserEventstore
|
||||
subscription *eventstore.Subscription
|
||||
}
|
||||
|
||||
func newUserSession(
|
||||
handler handler,
|
||||
userEvents *user_events.UserEventstore,
|
||||
) *UserSession {
|
||||
h := &UserSession{
|
||||
handler: handler,
|
||||
userEvents: userEvents,
|
||||
}
|
||||
|
||||
h.subscribe()
|
||||
|
||||
return h
|
||||
}
|
||||
|
||||
func (k *UserSession) subscribe() {
|
||||
k.subscription = k.es.Subscribe(k.AggregateTypes()...)
|
||||
go func() {
|
||||
for event := range k.subscription.Events {
|
||||
query.ReduceEvent(k, event)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
func (u *UserSession) ViewModel() string {
|
||||
return userSessionTable
|
||||
}
|
||||
|
||||
func (_ *UserSession) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{es_model.UserAggregate}
|
||||
}
|
||||
|
||||
func (u *UserSession) CurrentSequence(event *models.Event) (uint64, error) {
|
||||
sequence, err := u.view.GetLatestUserSessionSequence(string(event.AggregateType))
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (u *UserSession) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := u.view.GetLatestUserSessionSequence()
|
||||
sequence, err := u.view.GetLatestUserSessionSequence("")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -90,7 +126,7 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
if len(sessions) == 0 {
|
||||
return u.view.ProcessedUserSessionSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserSessionSequence(event)
|
||||
}
|
||||
for _, session := range sessions {
|
||||
if err := session.AppendEvent(event); err != nil {
|
||||
@@ -100,11 +136,11 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return u.view.PutUserSessions(sessions, event.Sequence, event.CreationDate)
|
||||
return u.view.PutUserSessions(sessions, event)
|
||||
case es_model.UserRemoved:
|
||||
return u.view.DeleteUserSessions(event.AggregateID, event.Sequence, event.CreationDate)
|
||||
return u.view.DeleteUserSessions(event.AggregateID, event)
|
||||
default:
|
||||
return u.view.ProcessedUserSessionSequence(event.Sequence, event.CreationDate)
|
||||
return u.view.ProcessedUserSessionSequence(event)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -124,7 +160,7 @@ func (u *UserSession) updateSession(session *view_model.UserSessionView, event *
|
||||
if err := u.fillUserInfo(session, event.AggregateID); err != nil {
|
||||
return err
|
||||
}
|
||||
return u.view.PutUserSession(session, event.CreationDate)
|
||||
return u.view.PutUserSession(session, event)
|
||||
}
|
||||
|
||||
func (u *UserSession) fillUserInfo(session *view_model.UserSessionView, id string) error {
|
||||
|
||||
@@ -2,8 +2,9 @@ package spooler
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
es_locker "github.com/caos/zitadel/internal/eventstore/locker"
|
||||
"time"
|
||||
|
||||
es_locker "github.com/caos/zitadel/internal/eventstore/locker"
|
||||
)
|
||||
|
||||
const (
|
||||
|
||||
@@ -2,13 +2,14 @@ package view
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
global_model "github.com/caos/zitadel/internal/model"
|
||||
proj_model "github.com/caos/zitadel/internal/project/model"
|
||||
"github.com/caos/zitadel/internal/project/repository/view"
|
||||
"github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -27,28 +28,28 @@ func (v *View) SearchApplications(request *proj_model.ApplicationSearchRequest)
|
||||
return view.SearchApplications(v.Db, applicationTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutApplication(app *model.ApplicationView, eventTimestamp time.Time) error {
|
||||
func (v *View) PutApplication(app *model.ApplicationView, event *models.Event) error {
|
||||
err := view.PutApplication(v.Db, applicationTable, app)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedApplicationSequence(app.Sequence, eventTimestamp)
|
||||
return v.ProcessedApplicationSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutApplications(apps []*model.ApplicationView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutApplications(apps []*model.ApplicationView, event *models.Event) error {
|
||||
err := view.PutApplications(v.Db, applicationTable, apps...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedApplicationSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedApplicationSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteApplication(appID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteApplication(appID string, event *models.Event) error {
|
||||
err := view.DeleteApplication(v.Db, applicationTable, appID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedApplicationSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedApplicationSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteApplicationsByProjectID(projectID string) error {
|
||||
@@ -56,11 +57,11 @@ func (v *View) DeleteApplicationsByProjectID(projectID string) error {
|
||||
}
|
||||
|
||||
func (v *View) GetLatestApplicationSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(applicationTable)
|
||||
return v.latestSequence(applicationTable, "")
|
||||
}
|
||||
|
||||
func (v *View) ProcessedApplicationSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(applicationTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedApplicationSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(applicationTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateApplicationSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -2,11 +2,11 @@ package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
usr_model "github.com/caos/zitadel/internal/user/model"
|
||||
"github.com/caos/zitadel/internal/user/repository/view"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
global_view "github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -33,44 +33,44 @@ func (v *View) SearchExternalIDPs(request *usr_model.ExternalIDPSearchRequest) (
|
||||
return view.SearchExternalIDPs(v.Db, externalIDPTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutExternalIDP(externalIDP *model.ExternalIDPView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutExternalIDP(externalIDP *model.ExternalIDPView, event *models.Event) error {
|
||||
err := view.PutExternalIDP(v.Db, externalIDPTable, externalIDP)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedExternalIDPSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedExternalIDPSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutExternalIDPs(sequence uint64, eventTimestamp time.Time, externalIDPs ...*model.ExternalIDPView) error {
|
||||
func (v *View) PutExternalIDPs(event *models.Event, externalIDPs ...*model.ExternalIDPView) error {
|
||||
err := view.PutExternalIDPs(v.Db, externalIDPTable, externalIDPs...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedExternalIDPSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedExternalIDPSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteExternalIDP(externalUserID, idpConfigID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteExternalIDP(externalUserID, idpConfigID string, event *models.Event) error {
|
||||
err := view.DeleteExternalIDP(v.Db, externalIDPTable, externalUserID, idpConfigID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedExternalIDPSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedExternalIDPSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteExternalIDPsByUserID(userID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteExternalIDPsByUserID(userID string, event *models.Event) error {
|
||||
err := view.DeleteExternalIDPsByUserID(v.Db, externalIDPTable, userID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedExternalIDPSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedExternalIDPSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestExternalIDPSequence() (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(externalIDPTable)
|
||||
func (v *View) GetLatestExternalIDPSequence(aggregateType string) (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(externalIDPTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedExternalIDPSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(externalIDPTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedExternalIDPSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(externalIDPTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateExternalIDPSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -2,11 +2,11 @@ package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
global_view "github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -25,28 +25,28 @@ func (v *View) SearchIDPConfigs(request *iam_model.IDPConfigSearchRequest) ([]*i
|
||||
return view.SearchIDPs(v.Db, idpConfigTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutIDPConfig(idp *iam_es_model.IDPConfigView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutIDPConfig(idp *iam_es_model.IDPConfigView, event *models.Event) error {
|
||||
err := view.PutIDP(v.Db, idpConfigTable, idp)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedIDPConfigSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedIDPConfigSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteIDPConfig(idpID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteIDPConfig(idpID string, event *models.Event) error {
|
||||
err := view.DeleteIDP(v.Db, idpConfigTable, idpID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedIDPConfigSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedIDPConfigSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestIDPConfigSequence() (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(idpConfigTable)
|
||||
func (v *View) GetLatestIDPConfigSequence(aggregateType string) (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(idpConfigTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedIDPConfigSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(idpConfigTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedIDPConfigSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(idpConfigTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateIDPConfigSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -2,11 +2,11 @@ package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
global_view "github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -29,44 +29,44 @@ func (v *View) SearchIDPProviders(request *iam_model.IDPProviderSearchRequest) (
|
||||
return view.SearchIDPProviders(v.Db, idpProviderTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutIDPProvider(provider *model.IDPProviderView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutIDPProvider(provider *model.IDPProviderView, event *models.Event) error {
|
||||
err := view.PutIDPProvider(v.Db, idpProviderTable, provider)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedIDPProviderSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedIDPProviderSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutIDPProviders(sequence uint64, eventTimestamp time.Time, providers ...*model.IDPProviderView) error {
|
||||
func (v *View) PutIDPProviders(event *models.Event, providers ...*model.IDPProviderView) error {
|
||||
err := view.PutIDPProviders(v.Db, idpProviderTable, providers...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedIDPProviderSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedIDPProviderSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteIDPProvider(aggregateID, idpConfigID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteIDPProvider(aggregateID, idpConfigID string, event *models.Event) error {
|
||||
err := view.DeleteIDPProvider(v.Db, idpProviderTable, aggregateID, idpConfigID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedIDPProviderSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedIDPProviderSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteIDPProvidersByAggregateID(aggregateID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteIDPProvidersByAggregateID(aggregateID string, event *models.Event) error {
|
||||
err := view.DeleteIDPProvidersByAggregateID(v.Db, idpProviderTable, aggregateID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedIDPProviderSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedIDPProviderSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestIDPProviderSequence() (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(idpProviderTable)
|
||||
func (v *View) GetLatestIDPProviderSequence(aggregateType string) (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(idpProviderTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedIDPProviderSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(idpProviderTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedIDPProviderSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(idpProviderTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateIDPProviderSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
key_model "github.com/caos/zitadel/internal/key/model"
|
||||
"github.com/caos/zitadel/internal/key/repository/view"
|
||||
"github.com/caos/zitadel/internal/key/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -32,36 +33,36 @@ func (v *View) GetActiveKeySet() ([]*key_model.PublicKey, error) {
|
||||
return key_model.PublicKeysFromKeyView(model.KeyViewsToModel(keys), v.keyAlgorithm)
|
||||
}
|
||||
|
||||
func (v *View) PutKeys(privateKey, publicKey *model.KeyView, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutKeys(privateKey, publicKey *model.KeyView, event *models.Event) error {
|
||||
err := view.PutKeys(v.Db, keyTable, privateKey, publicKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedKeySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedKeySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteKey(keyID string, private bool, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteKey(keyID string, private bool, event *models.Event) error {
|
||||
err := view.DeleteKey(v.Db, keyTable, keyID, private)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedKeySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedKeySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteKeyPair(keyID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteKeyPair(keyID string, event *models.Event) error {
|
||||
err := view.DeleteKeyPair(v.Db, keyTable, keyID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedKeySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedKeySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestKeySequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(keyTable)
|
||||
func (v *View) GetLatestKeySequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(keyTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedKeySequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(keyTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedKeySequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(keyTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateKeySpoolerRunTimestamp() error {
|
||||
|
||||
@@ -2,10 +2,10 @@ package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
global_view "github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -16,28 +16,28 @@ func (v *View) LoginPolicyByAggregateID(aggregateID string) (*model.LoginPolicyV
|
||||
return view.GetLoginPolicyByAggregateID(v.Db, loginPolicyTable, aggregateID)
|
||||
}
|
||||
|
||||
func (v *View) PutLoginPolicy(policy *model.LoginPolicyView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutLoginPolicy(policy *model.LoginPolicyView, event *models.Event) error {
|
||||
err := view.PutLoginPolicy(v.Db, loginPolicyTable, policy)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedLoginPolicySequence(sequence, eventTimestamp)
|
||||
return v.ProcessedLoginPolicySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteLoginPolicy(aggregateID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteLoginPolicy(aggregateID string, event *models.Event) error {
|
||||
err := view.DeleteLoginPolicy(v.Db, loginPolicyTable, aggregateID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedLoginPolicySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedLoginPolicySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestLoginPolicySequence() (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(loginPolicyTable)
|
||||
func (v *View) GetLatestLoginPolicySequence(aggregateType string) (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(loginPolicyTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedLoginPolicySequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(loginPolicyTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedLoginPolicySequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(loginPolicyTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateLoginPolicySpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
usr_model "github.com/caos/zitadel/internal/user/model"
|
||||
"github.com/caos/zitadel/internal/user/repository/view"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -28,39 +29,36 @@ func (v *View) SearchMachineKeys(request *usr_model.MachineKeySearchRequest) ([]
|
||||
return view.SearchMachineKeys(v.Db, machineKeyTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutMachineKey(key *model.MachineKeyView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutMachineKey(key *model.MachineKeyView, event *models.Event) error {
|
||||
err := view.PutMachineKey(v.Db, machineKeyTable, key)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if sequence != 0 {
|
||||
return v.ProcessedMachineKeySequence(sequence, eventTimestamp)
|
||||
}
|
||||
return nil
|
||||
return v.ProcessedMachineKeySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteMachineKey(keyID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteMachineKey(keyID string, event *models.Event) error {
|
||||
err := view.DeleteMachineKey(v.Db, machineKeyTable, keyID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedMachineKeySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedMachineKeySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteMachineKeysByUserID(userID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteMachineKeysByUserID(userID string, event *models.Event) error {
|
||||
err := view.DeleteMachineKey(v.Db, machineKeyTable, userID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedMachineKeySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedMachineKeySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestMachineKeySequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(machineKeyTable)
|
||||
func (v *View) GetLatestMachineKeySequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(machineKeyTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedMachineKeySequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(machineKeyTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedMachineKeySequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(machineKeyTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateMachineKeySpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,11 +1,11 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/org/model"
|
||||
org_view "github.com/caos/zitadel/internal/org/repository/view"
|
||||
org_model "github.com/caos/zitadel/internal/org/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -24,12 +24,12 @@ func (v *View) SearchOrgs(req *model.OrgSearchRequest) ([]*org_model.OrgView, ui
|
||||
return org_view.SearchOrgs(v.Db, orgTable, req)
|
||||
}
|
||||
|
||||
func (v *View) PutOrg(org *org_model.OrgView, eventTimestamp time.Time) error {
|
||||
func (v *View) PutOrg(org *org_model.OrgView, event *models.Event) error {
|
||||
err := org_view.PutOrg(v.Db, orgTable, org)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedOrgSequence(org.Sequence, eventTimestamp)
|
||||
return v.ProcessedOrgSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestOrgFailedEvent(sequence uint64) (*repository.FailedEvent, error) {
|
||||
@@ -44,10 +44,10 @@ func (v *View) UpdateOrgSpoolerRunTimestamp() error {
|
||||
return v.updateSpoolerRunSequence(orgTable)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestOrgSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(orgTable)
|
||||
func (v *View) GetLatestOrgSequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(orgTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedOrgSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(orgTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedOrgSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(orgTable, event)
|
||||
}
|
||||
|
||||
@@ -2,10 +2,10 @@ package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
global_view "github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -16,28 +16,28 @@ func (v *View) OrgIAMPolicyByAggregateID(aggregateID string) (*model.OrgIAMPolic
|
||||
return view.GetOrgIAMPolicyByAggregateID(v.Db, orgIAMPolicyTable, aggregateID)
|
||||
}
|
||||
|
||||
func (v *View) PutOrgIAMPolicy(policy *model.OrgIAMPolicyView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutOrgIAMPolicy(policy *model.OrgIAMPolicyView, event *models.Event) error {
|
||||
err := view.PutOrgIAMPolicy(v.Db, orgIAMPolicyTable, policy)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedOrgIAMPolicySequence(sequence, eventTimestamp)
|
||||
return v.ProcessedOrgIAMPolicySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteOrgIAMPolicy(aggregateID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteOrgIAMPolicy(aggregateID string, event *models.Event) error {
|
||||
err := view.DeleteOrgIAMPolicy(v.Db, orgIAMPolicyTable, aggregateID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedOrgIAMPolicySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedOrgIAMPolicySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestOrgIAMPolicySequence() (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(orgIAMPolicyTable)
|
||||
func (v *View) GetLatestOrgIAMPolicySequence(aggregateType string) (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(orgIAMPolicyTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedOrgIAMPolicySequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(orgIAMPolicyTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedOrgIAMPolicySequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(orgIAMPolicyTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateOrgIAMPolicySpoolerRunTimestamp() error {
|
||||
|
||||
@@ -2,10 +2,10 @@ package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view"
|
||||
"github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
global_view "github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -16,28 +16,28 @@ func (v *View) PasswordComplexityPolicyByAggregateID(aggregateID string) (*model
|
||||
return view.GetPasswordComplexityPolicyByAggregateID(v.Db, passwordComplexityPolicyTable, aggregateID)
|
||||
}
|
||||
|
||||
func (v *View) PutPasswordComplexityPolicy(policy *model.PasswordComplexityPolicyView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutPasswordComplexityPolicy(policy *model.PasswordComplexityPolicyView, event *models.Event) error {
|
||||
err := view.PutPasswordComplexityPolicy(v.Db, passwordComplexityPolicyTable, policy)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedPasswordComplexityPolicySequence(sequence, eventTimestamp)
|
||||
return v.ProcessedPasswordComplexityPolicySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeletePasswordComplexityPolicy(aggregateID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeletePasswordComplexityPolicy(aggregateID string, event *models.Event) error {
|
||||
err := view.DeletePasswordComplexityPolicy(v.Db, passwordComplexityPolicyTable, aggregateID)
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedPasswordComplexityPolicySequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedPasswordComplexityPolicySequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestPasswordComplexityPolicySequence() (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(passwordComplexityPolicyTable)
|
||||
func (v *View) GetLatestPasswordComplexityPolicySequence(aggregateType string) (*global_view.CurrentSequence, error) {
|
||||
return v.latestSequence(passwordComplexityPolicyTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedPasswordComplexityPolicySequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(passwordComplexityPolicyTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedPasswordComplexityPolicySequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(passwordComplexityPolicyTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdatePasswordComplexityPolicySpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
proj_model "github.com/caos/zitadel/internal/project/model"
|
||||
"github.com/caos/zitadel/internal/project/repository/view"
|
||||
"github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -32,32 +33,32 @@ func (v *View) SearchProjectRoles(request *proj_model.ProjectRoleSearchRequest)
|
||||
return view.SearchProjectRoles(v.Db, projectRoleTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutProjectRole(project *model.ProjectRoleView, eventTimestamp time.Time) error {
|
||||
err := view.PutProjectRole(v.Db, projectRoleTable, project)
|
||||
func (v *View) PutProjectRole(role *model.ProjectRoleView, event *models.Event) error {
|
||||
err := view.PutProjectRole(v.Db, projectRoleTable, role)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedProjectRoleSequence(project.Sequence, eventTimestamp)
|
||||
return v.ProcessedProjectRoleSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteProjectRole(projectID, orgID, key string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteProjectRole(projectID, orgID, key string, event *models.Event) error {
|
||||
err := view.DeleteProjectRole(v.Db, projectRoleTable, projectID, orgID, key)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedProjectRoleSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedProjectRoleSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteProjectRolesByProjectID(projectID string) error {
|
||||
return view.DeleteProjectRolesByProjectID(v.Db, projectRoleTable, projectID)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestProjectRoleSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(projectRoleTable)
|
||||
func (v *View) GetLatestProjectRoleSequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(projectRoleTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedProjectRoleSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(projectRoleTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedProjectRoleSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(projectRoleTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateProjectRoleSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,24 +1,26 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
)
|
||||
|
||||
const (
|
||||
sequencesTable = "auth.current_sequences"
|
||||
)
|
||||
|
||||
func (v *View) saveCurrentSequence(viewName string, sequence uint64, eventTimestamp time.Time) error {
|
||||
return repository.SaveCurrentSequence(v.Db, sequencesTable, viewName, sequence, eventTimestamp)
|
||||
func (v *View) saveCurrentSequence(viewName string, event *models.Event) error {
|
||||
return repository.SaveCurrentSequence(v.Db, sequencesTable, viewName, string(event.AggregateType), event.Sequence, event.CreationDate)
|
||||
}
|
||||
|
||||
func (v *View) latestSequence(viewName string) (*repository.CurrentSequence, error) {
|
||||
return repository.LatestSequence(v.Db, sequencesTable, viewName)
|
||||
func (v *View) latestSequence(viewName, aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return repository.LatestSequence(v.Db, sequencesTable, viewName, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) updateSpoolerRunSequence(viewName string) error {
|
||||
currentSequence, err := repository.LatestSequence(v.Db, sequencesTable, viewName)
|
||||
currentSequence, err := repository.LatestSequence(v.Db, sequencesTable, viewName, "")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -26,5 +28,8 @@ func (v *View) updateSpoolerRunSequence(viewName string) error {
|
||||
currentSequence.ViewName = viewName
|
||||
}
|
||||
currentSequence.LastSuccessfulSpoolerRun = time.Now()
|
||||
//update all aggregate types
|
||||
//TODO: not sure if all scenarios work as expected
|
||||
currentSequence.AggregateType = ""
|
||||
return repository.UpdateCurrentSequence(v.Db, sequencesTable, currentSequence)
|
||||
}
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
usr_view "github.com/caos/zitadel/internal/user/repository/view"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -19,60 +20,60 @@ func (v *View) TokensByUserID(userID string) ([]*model.TokenView, error) {
|
||||
return usr_view.TokensByUserID(v.Db, tokenTable, userID)
|
||||
}
|
||||
|
||||
func (v *View) PutToken(token *model.TokenView, eventTimestamp time.Time) error {
|
||||
func (v *View) PutToken(token *model.TokenView, event *models.Event) error {
|
||||
err := usr_view.PutToken(v.Db, tokenTable, token)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedTokenSequence(token.Sequence, eventTimestamp)
|
||||
return v.ProcessedTokenSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutTokens(token []*model.TokenView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutTokens(token []*model.TokenView, event *models.Event) error {
|
||||
err := usr_view.PutTokens(v.Db, tokenTable, token...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedTokenSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedTokenSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteToken(tokenID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteToken(tokenID string, event *models.Event) error {
|
||||
err := usr_view.DeleteToken(v.Db, tokenTable, tokenID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedTokenSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedTokenSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteSessionTokens(agentID, userID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteSessionTokens(agentID, userID string, event *models.Event) error {
|
||||
err := usr_view.DeleteSessionTokens(v.Db, tokenTable, agentID, userID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedTokenSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedTokenSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUserTokens(userID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUserTokens(userID string, event *models.Event) error {
|
||||
err := usr_view.DeleteUserTokens(v.Db, tokenTable, userID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedTokenSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedTokenSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteApplicationTokens(eventSequence uint64, eventTimestamp time.Time, ids ...string) error {
|
||||
func (v *View) DeleteApplicationTokens(event *models.Event, ids ...string) error {
|
||||
err := usr_view.DeleteApplicationTokens(v.Db, tokenTable, ids)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedTokenSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedTokenSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestTokenSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(tokenTable)
|
||||
func (v *View) GetLatestTokenSequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(tokenTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedTokenSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(tokenTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedTokenSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(tokenTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateTokenSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
usr_model "github.com/caos/zitadel/internal/user/model"
|
||||
"github.com/caos/zitadel/internal/user/repository/view"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -52,36 +53,36 @@ func (v *View) UserMFAs(userID string) ([]*usr_model.MultiFactor, error) {
|
||||
return view.UserMFAs(v.Db, userTable, userID)
|
||||
}
|
||||
|
||||
func (v *View) PutUser(user *model.UserView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutUser(user *model.UserView, event *models.Event) error {
|
||||
err := view.PutUser(v.Db, userTable, user)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedUserSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutUsers(users []*model.UserView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutUsers(users []*model.UserView, event *models.Event) error {
|
||||
err := view.PutUsers(v.Db, userTable, users...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedUserSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUser(userID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUser(userID string, event *models.Event) error {
|
||||
err := view.DeleteUser(v.Db, userTable, userID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedUserSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestUserSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userTable)
|
||||
func (v *View) GetLatestUserSequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedUserSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(userTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedUserSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(userTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateUserSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
grant_model "github.com/caos/zitadel/internal/usergrant/model"
|
||||
"github.com/caos/zitadel/internal/usergrant/repository/view"
|
||||
"github.com/caos/zitadel/internal/usergrant/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -36,36 +37,36 @@ func (v *View) SearchUserGrants(request *grant_model.UserGrantSearchRequest) ([]
|
||||
return view.SearchUserGrants(v.Db, userGrantTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutUserGrant(grant *model.UserGrantView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutUserGrant(grant *model.UserGrantView, event *models.Event) error {
|
||||
err := view.PutUserGrant(v.Db, userGrantTable, grant)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserGrantSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutUserGrants(grants []*model.UserGrantView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutUserGrants(grants []*model.UserGrantView, event *models.Event) error {
|
||||
err := view.PutUserGrants(v.Db, userGrantTable, grants...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserGrantSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUserGrant(grantID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUserGrant(grantID string, event *models.Event) error {
|
||||
err := view.DeleteUserGrant(v.Db, userGrantTable, grantID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserGrantSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedUserGrantSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestUserGrantSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userGrantTable)
|
||||
func (v *View) GetLatestUserGrantSequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userGrantTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedUserGrantSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(userGrantTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedUserGrantSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(userGrantTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateUserGrantSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,11 +1,12 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
usr_model "github.com/caos/zitadel/internal/user/model"
|
||||
"github.com/caos/zitadel/internal/user/repository/view"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -28,60 +29,60 @@ func (v *View) SearchUserMemberships(request *usr_model.UserMembershipSearchRequ
|
||||
return view.SearchUserMemberships(v.Db, userMembershipTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutUserMembership(membership *model.UserMembershipView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutUserMembership(membership *model.UserMembershipView, event *models.Event) error {
|
||||
err := view.PutUserMembership(v.Db, userMembershipTable, membership)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserMembershipSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) BulkPutUserMemberships(memberships []*model.UserMembershipView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) BulkPutUserMemberships(memberships []*model.UserMembershipView, event *models.Event) error {
|
||||
err := view.PutUserMemberships(v.Db, userMembershipTable, memberships...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserMembershipSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUserMembership(userID, aggregateID, objectID string, memberType usr_model.MemberType, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUserMembership(userID, aggregateID, objectID string, memberType usr_model.MemberType, event *models.Event) error {
|
||||
err := view.DeleteUserMembership(v.Db, userMembershipTable, userID, aggregateID, objectID, memberType)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserMembershipSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUserMembershipsByUserID(userID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUserMembershipsByUserID(userID string, event *models.Event) error {
|
||||
err := view.DeleteUserMembershipsByUserID(v.Db, userMembershipTable, userID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserMembershipSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUserMembershipsByAggregateID(aggregateID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUserMembershipsByAggregateID(aggregateID string, event *models.Event) error {
|
||||
err := view.DeleteUserMembershipsByAggregateID(v.Db, userMembershipTable, aggregateID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserMembershipSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUserMembershipsByAggregateIDAndObjectID(aggregateID, objectID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUserMembershipsByAggregateIDAndObjectID(aggregateID, objectID string, event *models.Event) error {
|
||||
err := view.DeleteUserMembershipsByAggregateIDAndObjectID(v.Db, userMembershipTable, aggregateID, objectID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserMembershipSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedUserMembershipSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestUserMembershipSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userMembershipTable)
|
||||
func (v *View) GetLatestUserMembershipSequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userMembershipTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedUserMembershipSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(userMembershipTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedUserMembershipSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(userMembershipTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateUserMembershipSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
package view
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/user/repository/view"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/view/repository"
|
||||
"time"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -27,36 +28,36 @@ func (v *View) ActiveUserSessions() ([]*model.UserSessionView, error) {
|
||||
return view.ActiveUserSessions(v.Db, userSessionTable)
|
||||
}
|
||||
|
||||
func (v *View) PutUserSession(userSession *model.UserSessionView, eventTimestamp time.Time) error {
|
||||
func (v *View) PutUserSession(userSession *model.UserSessionView, event *models.Event) error {
|
||||
err := view.PutUserSession(v.Db, userSessionTable, userSession)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserSessionSequence(userSession.Sequence, eventTimestamp)
|
||||
return v.ProcessedUserSessionSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) PutUserSessions(userSession []*model.UserSessionView, sequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) PutUserSessions(userSession []*model.UserSessionView, event *models.Event) error {
|
||||
err := view.PutUserSessions(v.Db, userSessionTable, userSession...)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserSessionSequence(sequence, eventTimestamp)
|
||||
return v.ProcessedUserSessionSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) DeleteUserSessions(userID string, eventSequence uint64, eventTimestamp time.Time) error {
|
||||
func (v *View) DeleteUserSessions(userID string, event *models.Event) error {
|
||||
err := view.DeleteUserSessions(v.Db, userSessionTable, userID)
|
||||
if err != nil {
|
||||
return nil
|
||||
if err != nil && !errors.IsNotFound(err) {
|
||||
return err
|
||||
}
|
||||
return v.ProcessedUserSessionSequence(eventSequence, eventTimestamp)
|
||||
return v.ProcessedUserSessionSequence(event)
|
||||
}
|
||||
|
||||
func (v *View) GetLatestUserSessionSequence() (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userSessionTable)
|
||||
func (v *View) GetLatestUserSessionSequence(aggregateType string) (*repository.CurrentSequence, error) {
|
||||
return v.latestSequence(userSessionTable, aggregateType)
|
||||
}
|
||||
|
||||
func (v *View) ProcessedUserSessionSequence(eventSequence uint64, eventTimestamp time.Time) error {
|
||||
return v.saveCurrentSequence(userSessionTable, eventSequence, eventTimestamp)
|
||||
func (v *View) ProcessedUserSessionSequence(event *models.Event) error {
|
||||
return v.saveCurrentSequence(userSessionTable, event)
|
||||
}
|
||||
|
||||
func (v *View) UpdateUserSessionSpoolerRunTimestamp() error {
|
||||
|
||||
@@ -32,6 +32,7 @@ type UserRepository interface {
|
||||
VerifyMFAU2FSetup(ctx context.Context, userID, tokenName, userAgentID string, credentialData []byte) error
|
||||
RemoveMFAU2F(ctx context.Context, userID, webAuthNTokenID string) error
|
||||
|
||||
GetPasswordless(ctx context.Context, id string) ([]*model.WebAuthNToken, error)
|
||||
AddPasswordless(ctx context.Context, id string) (*model.WebAuthNToken, error)
|
||||
VerifyPasswordlessSetup(ctx context.Context, userID, tokenName, userAgentID string, credentialData []byte) error
|
||||
RemovePasswordless(ctx context.Context, userID, webAuthNTokenID string) error
|
||||
@@ -80,6 +81,7 @@ type myUserRepo interface {
|
||||
VerifyMyMFAU2FSetup(ctx context.Context, tokenName string, data []byte) error
|
||||
RemoveMyMFAU2F(ctx context.Context, webAuthNTokenID string) error
|
||||
|
||||
GetMyPasswordless(ctx context.Context) ([]*model.WebAuthNToken, error)
|
||||
AddMyPasswordless(ctx context.Context) (*model.WebAuthNToken, error)
|
||||
VerifyMyPasswordlessSetup(ctx context.Context, tokenName string, data []byte) error
|
||||
RemoveMyPasswordless(ctx context.Context, webAuthNTokenID string) error
|
||||
|
||||
Reference in New Issue
Block a user