From 62d679e553c3283dc8ee0bb8de017a39070ca828 Mon Sep 17 00:00:00 2001 From: Livio Spring Date: Thu, 7 Sep 2023 16:06:11 +0200 Subject: [PATCH] fix: handle password data correct on user creation (#6515) --- internal/command/user_human_model.go | 19 +------------------ .../eventstore/handler/handler_projection.go | 4 ---- internal/query/projection/user.go | 4 ++-- 3 files changed, 3 insertions(+), 24 deletions(-) diff --git a/internal/command/user_human_model.go b/internal/command/user_human_model.go index f2b4a4cf27..9d13d01b9f 100644 --- a/internal/command/user_human_model.go +++ b/internal/command/user_human_model.go @@ -3,7 +3,6 @@ package command import ( "golang.org/x/text/language" - "github.com/zitadel/zitadel/internal/crypto" "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/user" @@ -34,9 +33,6 @@ type HumanWriteModel struct { Region string StreetAddress string - Secret *crypto.CryptoValue - SecretChangeRequired bool - UserState domain.UserState } @@ -74,8 +70,6 @@ func (wm *HumanWriteModel) Reduce() error { wm.reduceHumanPhoneVerifiedEvent() case *user.HumanPhoneRemovedEvent: wm.reduceHumanPhoneRemovedEvent() - case *user.HumanPasswordChangedEvent: - wm.reduceHumanPasswordChangedEvent(e) case *user.HumanAvatarAddedEvent: wm.Avatar = e.StoreKey case *user.HumanAvatarRemovedEvent: @@ -123,7 +117,6 @@ func (wm *HumanWriteModel) Query() *eventstore.SearchQueryBuilder { user.HumanPhoneRemovedType, user.HumanAvatarAddedType, user.HumanAvatarRemovedType, - user.HumanPasswordChangedType, user.UserLockedType, user.UserUnlockedType, user.UserDeactivatedType, @@ -138,8 +131,7 @@ func (wm *HumanWriteModel) Query() *eventstore.SearchQueryBuilder { user.UserV1EmailVerifiedType, user.UserV1PhoneChangedType, user.UserV1PhoneVerifiedType, - user.UserV1PhoneRemovedType, - user.UserV1PasswordChangedType). + user.UserV1PhoneRemovedType). Builder() } @@ -158,8 +150,6 @@ func (wm *HumanWriteModel) reduceHumanAddedEvent(e *user.HumanAddedEvent) { wm.PostalCode = e.PostalCode wm.Region = e.Region wm.StreetAddress = e.StreetAddress - wm.Secret = e.Secret - wm.SecretChangeRequired = e.ChangeRequired wm.UserState = domain.UserStateActive } @@ -178,8 +168,6 @@ func (wm *HumanWriteModel) reduceHumanRegisteredEvent(e *user.HumanRegisteredEve wm.PostalCode = e.PostalCode wm.Region = e.Region wm.StreetAddress = e.StreetAddress - wm.Secret = e.Secret - wm.SecretChangeRequired = e.ChangeRequired wm.UserState = domain.UserStateActive } @@ -244,8 +232,3 @@ func (wm *HumanWriteModel) reduceHumanAddressChangedEvent(e *user.HumanAddressCh wm.StreetAddress = *e.StreetAddress } } - -func (wm *HumanWriteModel) reduceHumanPasswordChangedEvent(e *user.HumanPasswordChangedEvent) { - wm.Secret = e.Secret - wm.SecretChangeRequired = e.ChangeRequired -} diff --git a/internal/eventstore/handler/handler_projection.go b/internal/eventstore/handler/handler_projection.go index 382a05b123..2dbcfc9aa0 100644 --- a/internal/eventstore/handler/handler_projection.go +++ b/internal/eventstore/handler/handler_projection.go @@ -13,7 +13,6 @@ import ( "github.com/zitadel/zitadel/internal/api/call" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/pseudo" - "github.com/zitadel/zitadel/internal/telemetry/tracing" ) const ( @@ -142,9 +141,6 @@ func (h *ProjectionHandler) Trigger(ctx context.Context, instances ...string) co // If a bulk action was executed, the call timestamp in context will be reset for subsequent queries. // The returned context is never nil. It is either the original context or an updated context. func (h *ProjectionHandler) TriggerErr(ctx context.Context, instances ...string) (outCtx context.Context, err error) { - ctx, span := tracing.NewSpan(ctx) - defer span.EndWithError(err) - instances = triggerInstances(ctx, instances) defer func() { outCtx = call.ResetTimestamp(ctx) diff --git a/internal/query/projection/user.go b/internal/query/projection/user.go index e67d992cda..a7ad4a3450 100644 --- a/internal/query/projection/user.go +++ b/internal/query/projection/user.go @@ -352,7 +352,7 @@ func (p *userProjection) reduceHumanAdded(event eventstore.Event) (*handler.Stat handler.NewCol(NotifyInstanceIDCol, e.Aggregate().InstanceID), handler.NewCol(NotifyLastEmailCol, e.EmailAddress), handler.NewCol(NotifyLastPhoneCol, &sql.NullString{String: string(e.PhoneNumber), Valid: e.PhoneNumber != ""}), - handler.NewCol(NotifyPasswordSetCol, e.Secret != nil), + handler.NewCol(NotifyPasswordSetCol, user.SecretOrEncodedHash(e.Secret, e.EncodedHash) != ""), }, crdb.WithTableSuffix(UserNotifySuffix), ), @@ -400,7 +400,7 @@ func (p *userProjection) reduceHumanRegistered(event eventstore.Event) (*handler handler.NewCol(NotifyInstanceIDCol, e.Aggregate().InstanceID), handler.NewCol(NotifyLastEmailCol, e.EmailAddress), handler.NewCol(NotifyLastPhoneCol, &sql.NullString{String: string(e.PhoneNumber), Valid: e.PhoneNumber != ""}), - handler.NewCol(NotifyPasswordSetCol, e.Secret != nil), + handler.NewCol(NotifyPasswordSetCol, user.SecretOrEncodedHash(e.Secret, e.EncodedHash) != ""), }, crdb.WithTableSuffix(UserNotifySuffix), ),