TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-20 21:17:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: refactor setup (#1152)

Browse Source 
* add setup steps

* refactoring

* omitempty

* cleanup

* fixes
This commit is contained in:
Livio Amstutz
2021-01-06 10:47:55 +01:00
committed by GitHub
parent dc56e298ae
commit 61d16e4621
45 changed files with 708 additions and 1041 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
internal/setup/config.go
View File

@@ -1,92 +1,40 @@
package setup
import (
"github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/command"
"github.com/caos/zitadel/internal/v2/domain"
)
type IAMSetUp struct {
Step1 *Step1
//Step2 *Step2
//Step3 *Step3
//Step4 *Step4
//Step5 *Step5
//Step6 *Step6
//Step7 *Step7
//Step8 *Step8
//Step9 *Step9
Step1 *command.Step1
Step2 *command.Step2
Step3 *command.Step3
Step4 *command.Step4
Step5 *command.Step5
Step6 *command.Step6
Step7 *command.Step7
Step8 *command.Step8
Step9 *command.Step9
}
func (setup *IAMSetUp) steps(currentDone iam_model.Step) ([]stepV2, error) {
steps := make([]stepV2, 0)
missingSteps := make([]iam_model.Step, 0)
func (setup *IAMSetUp) Steps(currentDone domain.Step) ([]command.Step, error) {
steps := make([]command.Step, 0)
for _, step := range []stepV2{
for _, step := range []command.Step{
setup.Step1,
//setup.Step2,
//setup.Step3,
//setup.Step4,
//setup.Step5,
//setup.Step6,
//setup.Step7,
//setup.Step8,
//setup.Step9,
setup.Step2,
setup.Step3,
setup.Step4,
setup.Step5,
setup.Step6,
setup.Step7,
setup.Step8,
setup.Step9,
} {
if step.step() <= currentDone {
continue
}
if step.isNil() {
missingSteps = append(missingSteps, step.step())
if step.Step() <= currentDone {
continue
}
steps = append(steps, step)
}
if len(missingSteps) > 0 {
return nil, errors.ThrowPreconditionFailedf(nil, "SETUP-1nk49", "steps %v not configured", missingSteps)
}
return steps, nil
}
type LoginPolicy struct {
AllowRegister bool
AllowUsernamePassword bool
AllowExternalIdp bool
}
type User struct {
FirstName string
LastName string
UserName string
Email string
Password string
}
type Org struct {
Name string
Domain string
OrgIamPolicy bool
Users []User
Owners []string
Projects []Project
}
type Project struct {
Name string
Users []User
Members []string
OIDCApps []OIDCApp
}
type OIDCApp struct {
Name string
RedirectUris []string
ResponseTypes []string
GrantTypes []string
ApplicationType string
AuthMethodType string
PostLogoutRedirectUris []string
DevMode bool
}

213
internal/setup/setup.go
View File

@@ -3,24 +3,14 @@ package setup
import (
"context"
"github.com/caos/zitadel/internal/api/authz"
iam_event "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
org_event "github.com/caos/zitadel/internal/org/repository/eventsourcing"
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
"github.com/caos/logging"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/v2/command"
"github.com/caos/zitadel/internal/v2/domain"
)
type Setup struct {
iamID string
IamEvents *iam_event.IAMEventstore
OrgEvents *org_event.OrgEventstore
UserEvents *usr_event.UserEventstore
ProjectEvents *proj_event.ProjectEventstore
Commands *command.CommandSide
}
const (
OrgOwnerRole = "ORG_OWNER"
SetupUser = "SETUP"
@@ -38,169 +28,32 @@ const (
OIDCAuthMethodTypePost = "POST"
)
//
//func StartSetup(esConfig es_int.Config, sd systemdefaults.SystemDefaults) (*Setup, error) {
// setup := &Setup{
// iamID: sd.IamID,
// }
// es, err := es_int.Start(esConfig)
// if err != nil {
// return nil, err
// }
//
// setup.IamEvents, err = es_iam.StartIAM(es_iam.IAMConfig{
// Eventstore: es,
// Cache: esConfig.Cache,
// }, sd)
// if err != nil {
// return nil, err
// }
//
// setup.OrgEvents = es_org.StartOrg(es_org.OrgConfig{Eventstore: es, IAMDomain: sd.Domain}, sd)
//
// setup.ProjectEvents, err = es_proj.StartProject(es_proj.ProjectConfig{
// Eventstore: es,
// Cache: esConfig.Cache,
// }, sd)
// if err != nil {
// return nil, err
// }
//
// setup.UserEvents, err = es_usr.StartUser(es_usr.UserConfig{
// Eventstore: es,
// Cache: esConfig.Cache,
// }, sd)
// if err != nil {
// return nil, err
// }
//
// return setup, nil
//}
//
//func (s *Setup) Execute(ctx context.Context, setUpConfig IAMSetUp) error {
// logging.Log("SETUP-hwG32").Info("starting setup")
//
// iam, err := s.IamEvents.IAMByID(ctx, s.iamID)
// if err != nil && !caos_errs.IsNotFound(err) {
// return err
// }
// if iam != nil && (iam.SetUpDone == domain.Step(iam_model.StepCount)-1 || iam.SetUpStarted != iam.SetUpDone) {
// logging.Log("SETUP-cWEsn").Info("all steps done")
// return nil
// }
//
// if iam == nil {
// iam = &iam_model.IAM{ObjectRoot: models.ObjectRoot{AggregateID: s.iamID}}
// }
//
// steps, err := setUpConfig.steps(iam_model.Step(iam.SetUpDone))
// if err != nil || len(steps) == 0 {
// return err
// }
//
// ctx = setSetUpContextData(ctx, s.iamID)
//
// for _, step := range steps {
// step.init(s)
// if step.step() != iam_model.Step(iam.SetUpDone)+1 {
// logging.LogWithFields("SETUP-rxRM1", "step", step.step(), "previous", iam.SetUpDone).Warn("wrong step order")
// return errors.ThrowPreconditionFailed(nil, "SETUP-wwAqO", "too few steps for this zitadel verison")
// }
// iam, err = s.IamEvents.StartSetup(ctx, s.iamID, step.step())
// if err != nil {
// return err
// }
//
// iam, err = step.execute(ctx)
// if err != nil {
// return err
// }
//
// err = s.validateExecutedStep(ctx)
// if err != nil {
// return err
// }
// }
//
// logging.Log("SETUP-ds31h").Info("setup done")
// return nil
//}
//
//func (s *Setup) validateExecutedStep(ctx context.Context) error {
// iam, err := s.IamEvents.IAMByID(ctx, s.iamID)
// if err != nil {
// return err
// }
// if iam.SetUpStarted != iam.SetUpDone {
// return errors.ThrowInternal(nil, "SETUP-QeukK", "started step is not equal to done")
// }
// return nil
//}
//
//func getOIDCResponseTypes(responseTypes []string) []proj_model.OIDCResponseType {
// types := make([]proj_model.OIDCResponseType, len(responseTypes))
// for i, t := range responseTypes {
// types[i] = getOIDCResponseType(t)
// }
// return types
//}
//
//func getOIDCResponseType(responseType string) proj_model.OIDCResponseType {
// switch responseType {
// case OIDCResponseTypeCode:
// return proj_model.OIDCResponseTypeCode
// case OIDCResponseTypeIDToken:
// return proj_model.OIDCResponseTypeIDToken
// case OIDCResponseTypeToken:
// return proj_model.OIDCResponseTypeIDTokenToken
// }
// return proj_model.OIDCResponseTypeCode
//}
//
//func getOIDCGrantTypes(grantTypes []string) []proj_model.OIDCGrantType {
// types := make([]proj_model.OIDCGrantType, len(grantTypes))
// for i, t := range grantTypes {
// types[i] = getOIDCGrantType(t)
// }
// return types
//}
//
//func getOIDCGrantType(grantTypes string) proj_model.OIDCGrantType {
// switch grantTypes {
// case OIDCGrantTypeAuthorizationCode:
// return proj_model.OIDCGrantTypeAuthorizationCode
// case OIDCGrantTypeImplicit:
// return proj_model.OIDCGrantTypeImplicit
// case OIDCGrantTypeRefreshToken:
// return proj_model.OIDCGrantTypeRefreshToken
// }
// return proj_model.OIDCGrantTypeAuthorizationCode
//}
//
//func getOIDCApplicationType(appType string) proj_model.OIDCApplicationType {
// switch appType {
// case OIDCApplicationTypeNative:
// return proj_model.OIDCApplicationTypeNative
// case OIDCApplicationTypeUserAgent:
// return proj_model.OIDCApplicationTypeUserAgent
// case OIDCApplicationTypeWeb:
// return proj_model.OIDCApplicationTypeWeb
// }
// return proj_model.OIDCApplicationTypeWeb
//}
//
//func getOIDCAuthMethod(authMethod string) proj_model.OIDCAuthMethodType {
// switch authMethod {
// case OIDCAuthMethodTypeNone:
// return proj_model.OIDCAuthMethodTypeNone
// case OIDCAuthMethodTypeBasic:
// return proj_model.OIDCAuthMethodTypeBasic
// case OIDCAuthMethodTypePost:
// return proj_model.OIDCAuthMethodTypePost
// }
// return proj_model.OIDCAuthMethodTypeBasic
//}
//
func setSetUpContextData(ctx context.Context, orgID string) context.Context {
return authz.SetCtxData(ctx, authz.CtxData{UserID: SetupUser, OrgID: orgID})
func Execute(ctx context.Context, setUpConfig IAMSetUp, iamID string, commands *command.CommandSide) error {
logging.Log("SETUP-JAK2q").Info("starting setup")
iam, err := commands.GetIAM(ctx, iamID)
if err != nil && !caos_errs.IsNotFound(err) {
return err
}
if iam != nil && (iam.SetUpDone == domain.StepCount-1 || iam.SetUpStarted != iam.SetUpDone) {
logging.Log("SETUP-VA2k1").Info("all steps done")
return nil
}
if iam == nil {
iam = &domain.IAM{ObjectRoot: models.ObjectRoot{AggregateID: iamID}}
}
steps, err := setUpConfig.Steps(iam.SetUpDone)
if err != nil || len(steps) == 0 {
return err
}
err = commands.ExecuteSetupSteps(ctx, steps)
if err != nil {
return err
}
logging.Log("SETUP-ds31h").Info("setup done")
return nil
}

104
internal/setup/setup_v2.go
View File

@@ -1,104 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/config/systemdefaults"
caos_errs "github.com/caos/zitadel/internal/errors"
es_int "github.com/caos/zitadel/internal/eventstore"
"github.com/caos/zitadel/internal/eventstore/models"
iam_model "github.com/caos/zitadel/internal/iam/model"
es_iam "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
"github.com/caos/zitadel/internal/v2/command"
"github.com/caos/zitadel/internal/v2/domain"
)
func StartSetupV2(esConfig es_int.Config, sd systemdefaults.SystemDefaults) (*Setup, error) {
setup := &Setup{
iamID: sd.IamID,
}
es, err := es_int.Start(esConfig)
if err != nil {
return nil, err
}
setup.IamEvents, err = es_iam.StartIAM(es_iam.IAMConfig{
Eventstore: es,
Cache: esConfig.Cache,
}, sd)
if err != nil {
return nil, err
}
setup.Commands, err = command.StartCommandSide(&command.Config{
Eventstore: es.V2(),
SystemDefaults: sd,
})
if err != nil {
return nil, err
}
return setup, nil
}
func (s *Setup) ExecuteV2(ctx context.Context, setUpConfig IAMSetUp) error {
logging.Log("SETUP-JAK2q").Info("starting setup")
iam, err := s.IamEvents.IAMByID(ctx, s.iamID)
if err != nil && !caos_errs.IsNotFound(err) {
return err
}
if iam != nil && (iam.SetUpDone == domain.StepCount-1 || iam.SetUpStarted != iam.SetUpDone) {
logging.Log("SETUP-VA2k1").Info("all steps done")
return nil
}
if iam == nil {
iam = &iam_model.IAM{ObjectRoot: models.ObjectRoot{AggregateID: s.iamID}}
}
steps, err := setUpConfig.steps(iam_model.Step(iam.SetUpDone))
if err != nil || len(steps) == 0 {
return err
}
ctx = setSetUpContextData(ctx, s.iamID)
for _, step := range steps {
//step.init(s)
if step.step() != iam_model.Step(iam.SetUpDone+1) {
logging.LogWithFields("SETUP-rxRM1", "step", step.step(), "previous", iam.SetUpDone).Warn("wrong step order")
return caos_errs.ThrowPreconditionFailed(nil, "SETUP-wwAqO", "too few steps for this zitadel verison")
}
iam, err = s.Commands.StartSetup(ctx, s.iamID, domain.Step(step.step()))
if err != nil {
return err
}
err = step.execute(ctx, iam.AggregateID, *s.Commands)
if err != nil {
return err
}
err = s.validateExecutedStep(ctx)
if err != nil {
return err
}
}
logging.Log("SETUP-ds31h").Info("setup done")
return nil
}
func (s *Setup) validateExecutedStep(ctx context.Context) error {
iam, err := s.IamEvents.IAMByID(ctx, s.iamID)
if err != nil {
return err
}
if iam.SetUpStarted != iam.SetUpDone {
return caos_errs.ThrowInternal(nil, "SETUP-QeukK", "started step is not equal to done")
}
return nil
}

21
internal/setup/step.go
View File

@@ -1,21 +0,0 @@
package setup
import (
"context"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/command"
)
type step interface {
step() iam_model.Step
execute(context.Context) (*iam_model.IAM, error)
init(*Setup)
isNil() bool
}
type stepV2 interface {
step() iam_model.Step
execute(context.Context, string, command.CommandSide) error
isNil() bool
}

93
internal/setup/step1.go
View File

@@ -1,52 +1,53 @@
package setup
import (
"context"
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/command"
)
type Step1 struct {
//GlobalOrg string
//IAMProject string
//DefaultLoginPolicy LoginPolicy
//Orgs []Org
//Owners []string
command.Step1
//setup *Setup
//createdUsers map[string]*usr_model.User
//createdOrgs map[string]*org_model.Org
//createdProjects map[string]*proj_model.Project
//pwComplexityPolicy *iam_model.PasswordComplexityPolicyView
}
func (s *Step1) isNil() bool {
return s == nil
}
func (s *Step1) step() iam_model.Step {
return iam_model.Step1
}
//func (s *Step1) init(setup *Setup) {
// s.setup = setup
// s.createdUsers = make(map[string]*usr_model.User)
// s.createdOrgs = make(map[string]*org_model.Org)
// s.createdProjects = make(map[string]*proj_model.Project)
// TODO: implement
//import (
// "context"
//
// "github.com/caos/logging"
//
// iam_model "github.com/caos/zitadel/internal/iam/model"
// "github.com/caos/zitadel/internal/v2/command"
//)
//
//type Step1 struct {
// //GlobalOrg string
// //IAMProject string
// //DefaultLoginPolicy LoginPolicy
// //Orgs []Org
// //Owners []string
// command.Step1
//
// //setup *Setup
// //createdUsers map[string]*usr_model.User
// //createdOrgs map[string]*org_model.Org
// //createdProjects map[string]*proj_model.Project
// //pwComplexityPolicy *iam_model.PasswordComplexityPolicyView
//}
//
//func (s *Step1) isNil() bool {
// return s == nil
//}
//
//func (s *Step1) step() iam_model.Step {
// return iam_model.Step1
//}
//
////func (s *Step1) init(setup *Setup) {
//// s.setup = setup
//// s.createdUsers = make(map[string]*usr_model.User)
//// s.createdOrgs = make(map[string]*org_model.Org)
//// s.createdProjects = make(map[string]*proj_model.Project)
////}
//
//func (s *Step1) execute(ctx context.Context, iamID string, commands command.CommandSide) error {
// err := commands.SetupStep1(ctx, iamID, s.Step1)
// if err != nil {
// logging.Log("SETUP-de342").WithField("step", s.step()).WithError(err).Error("unable to finish setup")
// return err
// }
// return nil
//}
func (s *Step1) execute(ctx context.Context, iamID string, commands command.CommandSide) error {
err := commands.SetupStep1(ctx, iamID, s.Step1)
if err != nil {
logging.Log("SETUP-de342").WithField("step", s.step()).WithError(err).Error("unable to finish setup")
return err
}
return nil
}
//
//func (step *Step1) loginPolicy(ctx context.Context, policy LoginPolicy) error {

61
internal/setup/step2.go
View File

@@ -1,61 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
"github.com/caos/zitadel/internal/v2/command"
)
type Step2 struct {
DefaultPasswordComplexityPolicy iam_model.PasswordComplexityPolicy
setup *Setup
}
func (s *Step2) isNil() bool {
return s == nil
}
func (step *Step2) step() iam_model.Step {
return iam_model.Step2
}
func (step *Step2) init(setup *Setup) {
step.setup = setup
}
func (step *Step2) execute(ctx context.Context, commands command.CommandSide) error {
//commands.SetupStep2(ctx, )
//iam, agg, err := step.passwordComplexityPolicy(ctx, &step.DefaultPasswordComplexityPolicy)
//if err != nil {
// logging.Log("SETUP-Ms9fl").WithField("step", step.step()).WithError(err).Error("unable to finish setup (pw complexity policy)")
// return nil, err
//}
//iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
//if err != nil {
// logging.Log("SETUP-V8sui").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
// return nil, err
//}
//err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
//if err != nil {
// logging.Log("SETUP-V8sui").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
// return nil, err
//}
//return iam_es_model.IAMToModel(iam), nil
return nil
}
func (step *Step2) passwordComplexityPolicy(ctx context.Context, policy *iam_model.PasswordComplexityPolicy) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-Bs8id").Info("setting up password complexity policy")
policy.AggregateID = step.setup.iamID
iam, aggregate, err := step.setup.IamEvents.PrepareAddPasswordComplexityPolicy(ctx, policy)
if err != nil {
return nil, nil, err
}
return iam, aggregate, nil
}

57
internal/setup/step3.go
View File

@@ -1,57 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
)
type Step3 struct {
DefaultPasswordAgePolicy iam_model.PasswordAgePolicy
setup *Setup
}
func (s *Step3) isNil() bool {
return s == nil
}
func (step *Step3) step() iam_model.Step {
return iam_model.Step3
}
func (step *Step3) init(setup *Setup) {
step.setup = setup
}
func (step *Step3) execute(ctx context.Context) (*iam_model.IAM, error) {
iam, agg, err := step.passwordAgePolicy(ctx, &step.DefaultPasswordAgePolicy)
if err != nil {
logging.Log("SETUP-Mski9").WithField("step", step.step()).WithError(err).Error("unable to finish setup (pw age policy)")
return nil, err
}
iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
if err != nil {
logging.Log("SETUP-4Gsny").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
return nil, err
}
err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
if err != nil {
logging.Log("SETUP-Yc8ui").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
return nil, err
}
return iam_es_model.IAMToModel(iam), nil
}
func (step *Step3) passwordAgePolicy(ctx context.Context, policy *iam_model.PasswordAgePolicy) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-bVs8i").Info("setting up password complexity policy")
policy.AggregateID = step.setup.iamID
iam, aggregate, err := step.setup.IamEvents.PrepareAddPasswordAgePolicy(ctx, policy)
if err != nil {
return nil, nil, err
}
return iam, aggregate, nil
}

57
internal/setup/step4.go
View File

@@ -1,57 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
)
type Step4 struct {
DefaultPasswordLockoutPolicy iam_model.PasswordLockoutPolicy
setup *Setup
}
func (s *Step4) isNil() bool {
return s == nil
}
func (step *Step4) step() iam_model.Step {
return iam_model.Step4
}
func (step *Step4) init(setup *Setup) {
step.setup = setup
}
func (step *Step4) execute(ctx context.Context) (*iam_model.IAM, error) {
iam, agg, err := step.passwordLockoutPolicy(ctx, &step.DefaultPasswordLockoutPolicy)
if err != nil {
logging.Log("SETUP-xCd9i").WithField("step", step.step()).WithError(err).Error("unable to finish setup (pw age policy)")
return nil, err
}
iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
if err != nil {
logging.Log("SETUP-bVsm9").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
return nil, err
}
err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
if err != nil {
logging.Log("SETUP-wCxko").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
return nil, err
}
return iam_es_model.IAMToModel(iam), nil
}
func (step *Step4) passwordLockoutPolicy(ctx context.Context, policy *iam_model.PasswordLockoutPolicy) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-vSfr4").Info("setting up password complexity policy")
policy.AggregateID = step.setup.iamID
iam, aggregate, err := step.setup.IamEvents.PrepareAddPasswordLockoutPolicy(ctx, policy)
if err != nil {
return nil, nil, err
}
return iam, aggregate, nil
}

57
internal/setup/step5.go
View File

@@ -1,57 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
)
type Step5 struct {
DefaultOrgIAMPolicy iam_model.OrgIAMPolicy
setup *Setup
}
func (s *Step5) isNil() bool {
return s == nil
}
func (step *Step5) step() iam_model.Step {
return iam_model.Step5
}
func (step *Step5) init(setup *Setup) {
step.setup = setup
}
func (step *Step5) execute(ctx context.Context) (*iam_model.IAM, error) {
iam, agg, err := step.orgIAMPolicy(ctx, &step.DefaultOrgIAMPolicy)
if err != nil {
logging.Log("SETUP-3nKd9").WithField("step", step.step()).WithError(err).Error("unable to finish setup (org iam policy)")
return nil, err
}
iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
if err != nil {
logging.Log("SETUP-5h8Ds").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
return nil, err
}
err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
if err != nil {
logging.Log("SETUP-3fGk0").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
return nil, err
}
return iam_es_model.IAMToModel(iam), nil
}
func (step *Step5) orgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-5Gn8s").Info("setting up org iam policy")
policy.AggregateID = step.setup.iamID
iam, aggregate, err := step.setup.IamEvents.PrepareAddOrgIAMPolicy(ctx, policy)
if err != nil {
return nil, nil, err
}
return iam, aggregate, nil
}

58
internal/setup/step6.go
View File

@@ -1,58 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
)
type Step6 struct {
DefaultLabelPolicy iam_model.LabelPolicy
setup *Setup
}
func (s *Step6) isNil() bool {
return s == nil
}
func (step *Step6) step() iam_model.Step {
return iam_model.Step6
}
func (step *Step6) init(setup *Setup) {
step.setup = setup
}
func (step *Step6) execute(ctx context.Context) (*iam_model.IAM, error) {
iam, agg, err := step.labelPolicy(ctx, &step.DefaultLabelPolicy)
if err != nil {
logging.Log("SETUP-ZTuS1").WithField("step", step.step()).WithError(err).Error("unable to finish setup (Label policy)")
return nil, err
}
iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
if err != nil {
logging.Log("SETUP-OkF8o").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
return nil, err
}
err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
if err != nil {
logging.Log("SETUP-YbQ6T").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
return nil, err
}
return iam_es_model.IAMToModel(iam), nil
}
func (step *Step6) labelPolicy(ctx context.Context, policy *iam_model.LabelPolicy) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-geMuZ").Info("setting up labelpolicy")
policy.AggregateID = step.setup.iamID
iam, aggregate, err := step.setup.IamEvents.PrepareAddLabelPolicy(ctx, policy)
if err != nil {
return nil, nil, err
}
return iam, aggregate, nil
}

54
internal/setup/step7.go
View File

@@ -1,54 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
)
type Step7 struct {
DefaultSecondFactor iam_model.SecondFactorType
setup *Setup
}
func (step *Step7) isNil() bool {
return step == nil
}
func (step *Step7) step() iam_model.Step {
return iam_model.Step7
}
func (step *Step7) init(setup *Setup) {
step.setup = setup
}
func (step *Step7) execute(ctx context.Context) (*iam_model.IAM, error) {
iam, agg, err := step.add2FAToPolicy(ctx, step.DefaultSecondFactor)
if err != nil {
logging.Log("SETUP-GBD32").WithField("step", step.step()).WithError(err).Error("unable to finish setup (add default mfa to login policy)")
return nil, err
}
iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
if err != nil {
logging.Log("SETUP-BHrth").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
return nil, err
}
err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
if err != nil {
logging.Log("SETUP-k2fla").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
return nil, err
}
return iam_es_model.IAMToModel(iam), nil
}
func (step *Step7) add2FAToPolicy(ctx context.Context, secondFactor iam_model.SecondFactorType) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-Bew1a").Info("adding 2FA to loginPolicy")
return step.setup.IamEvents.PrepareAddSecondFactorToLoginPolicy(ctx, step.setup.iamID, secondFactor)
}

54
internal/setup/step8.go
View File

@@ -1,54 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
)
type Step8 struct {
DefaultSecondFactor iam_model.SecondFactorType
setup *Setup
}
func (step *Step8) isNil() bool {
return step == nil
}
func (step *Step8) step() iam_model.Step {
return iam_model.Step8
}
func (step *Step8) init(setup *Setup) {
step.setup = setup
}
func (step *Step8) execute(ctx context.Context) (*iam_model.IAM, error) {
iam, agg, err := step.add2FAToPolicy(ctx, step.DefaultSecondFactor)
if err != nil {
logging.Log("SETUP-Gdbjq").WithField("step", step.step()).WithError(err).Error("unable to finish setup (add default mfa to login policy)")
return nil, err
}
iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
if err != nil {
logging.Log("SETUP-Cnf21").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
return nil, err
}
err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
if err != nil {
logging.Log("SETUP-NFq21").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
return nil, err
}
return iam_es_model.IAMToModel(iam), nil
}
func (step *Step8) add2FAToPolicy(ctx context.Context, secondFactor iam_model.SecondFactorType) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-Bfhb2").Info("adding 2FA to loginPolicy")
return step.setup.IamEvents.PrepareAddSecondFactorToLoginPolicy(ctx, step.setup.iamID, secondFactor)
}

74
internal/setup/step9.go
View File

@@ -1,74 +0,0 @@
package setup
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
)
type Step9 struct {
Passwordless bool
setup *Setup
}
func (step *Step9) isNil() bool {
return step == nil
}
func (step *Step9) step() iam_model.Step {
return iam_model.Step9
}
func (step *Step9) init(setup *Setup) {
step.setup = setup
}
func (step *Step9) execute(ctx context.Context) (*iam_model.IAM, error) {
if !step.Passwordless {
return step.setup.IamEvents.IAMByID(ctx, step.setup.iamID)
}
iam, agg, err := step.setPasswordlessAllowedInPolicy(ctx)
if err != nil {
logging.Log("SETUP-Gdbjq").WithField("step", step.step()).WithError(err).Error("unable to finish setup (add default mfa to login policy)")
return nil, err
}
iam, agg2, err := step.addMFAToPolicy(ctx)
if err != nil {
logging.Log("SETUP-Gdbjq").WithField("step", step.step()).WithError(err).Error("unable to finish setup (add default mfa to login policy)")
return nil, err
}
agg.Events = append(agg.Events, agg2.Events...)
iam, agg, push, err := step.setup.IamEvents.PrepareSetupDone(ctx, iam, agg, step.step())
if err != nil {
logging.Log("SETUP-Cnf21").WithField("step", step.step()).WithError(err).Error("unable to finish setup (prepare setup done)")
return nil, err
}
err = es_sdk.PushAggregates(ctx, push, iam.AppendEvents, agg)
if err != nil {
logging.Log("SETUP-NFq21").WithField("step", step.step()).WithError(err).Error("unable to finish setup")
return nil, err
}
return iam_es_model.IAMToModel(iam), nil
}
func (step *Step9) setPasswordlessAllowedInPolicy(ctx context.Context) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-DAd1h").Info("enabling passwordless in loginPolicy")
iam, err := step.setup.IamEvents.IAMByID(ctx, step.setup.iamID)
if err != nil {
return nil, nil, err
}
iam.DefaultLoginPolicy.AggregateID = step.setup.iamID
iam.DefaultLoginPolicy.PasswordlessType = iam_model.PasswordlessTypeAllowed
return step.setup.IamEvents.PrepareChangeLoginPolicy(ctx, iam.DefaultLoginPolicy)
}
func (step *Step9) addMFAToPolicy(ctx context.Context) (*iam_es_model.IAM, *models.Aggregate, error) {
logging.Log("SETUP-DAd1h").Info("adding MFA to loginPolicy")
return step.setup.IamEvents.PrepareAddMultiFactorToLoginPolicy(ctx, step.setup.iamID, iam_model.MultiFactorTypeU2FWithPIN)
}