feat: fixes (#228)

* feat: user login names

* fix: user login names

* fix: generate login name

internal/management/repository/eventsourcing/eventstore/user.go

@@ -2,6 +2,7 @@ package eventstore
 
 import (
 	"context"
+	"github.com/caos/logging"
 
 	"github.com/caos/zitadel/internal/api/auth"
 	"github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
@@ -20,8 +21,23 @@ type UserRepo struct {
 	View         *view.View
 }
 
-func (repo *UserRepo) UserByID(ctx context.Context, id string) (project *usr_model.User, err error) {
-	return repo.UserEvents.UserByID(ctx, id)
+func (repo *UserRepo) UserByID(ctx context.Context, id string) (*usr_model.UserView, error) {
+	user, err := repo.View.UserByID(id)
+	if err != nil {
+		return nil, err
+	}
+	events, err := repo.UserEvents.UserEventsByID(ctx, id, user.Sequence)
+	if err != nil {
+		logging.Log("EVENT-PSoc3").WithError(err).Debug("error retrieving new events")
+		return model.UserToModel(user), nil
+	}
+	userCopy := *user
+	for _, event := range events {
+		if err := userCopy.AppendEvent(event); err != nil {
+			return model.UserToModel(user), nil
+		}
+	}
+	return model.UserToModel(&userCopy), nil
 }
 
 func (repo *UserRepo) CreateUser(ctx context.Context, user *usr_model.User) (*usr_model.User, error) {
@@ -119,7 +135,11 @@ func (repo *UserRepo) RequestSetPassword(ctx context.Context, id string, notifyT
 }
 
 func (repo *UserRepo) ProfileByID(ctx context.Context, userID string) (*usr_model.Profile, error) {
-	return repo.UserEvents.ProfileByID(ctx, userID)
+	user, err := repo.UserByID(ctx, userID)
+	if err != nil {
+		return nil, err
+	}
+	return user.GetProfile(), nil
 }
 
 func (repo *UserRepo) ChangeProfile(ctx context.Context, profile *usr_model.Profile) (*usr_model.Profile, error) {
@@ -127,7 +147,11 @@ func (repo *UserRepo) ChangeProfile(ctx context.Context, profile *usr_model.Prof
 }
 
 func (repo *UserRepo) EmailByID(ctx context.Context, userID string) (*usr_model.Email, error) {
-	return repo.UserEvents.EmailByID(ctx, userID)
+	user, err := repo.UserByID(ctx, userID)
+	if err != nil {
+		return nil, err
+	}
+	return user.GetEmail(), nil
 }
 
 func (repo *UserRepo) ChangeEmail(ctx context.Context, email *usr_model.Email) (*usr_model.Email, error) {
@@ -139,7 +163,11 @@ func (repo *UserRepo) CreateEmailVerificationCode(ctx context.Context, userID st
 }
 
 func (repo *UserRepo) PhoneByID(ctx context.Context, userID string) (*usr_model.Phone, error) {
-	return repo.UserEvents.PhoneByID(ctx, userID)
+	user, err := repo.UserByID(ctx, userID)
+	if err != nil {
+		return nil, err
+	}
+	return user.GetPhone(), nil
 }
 
 func (repo *UserRepo) ChangePhone(ctx context.Context, email *usr_model.Phone) (*usr_model.Phone, error) {
@@ -151,7 +179,11 @@ func (repo *UserRepo) CreatePhoneVerificationCode(ctx context.Context, userID st
 }
 
 func (repo *UserRepo) AddressByID(ctx context.Context, userID string) (*usr_model.Address, error) {
-	return repo.UserEvents.AddressByID(ctx, userID)
+	user, err := repo.UserByID(ctx, userID)
+	if err != nil {
+		return nil, err
+	}
+	return user.GetAddress(), nil
 }
 
 func (repo *UserRepo) ChangeAddress(ctx context.Context, address *usr_model.Address) (*usr_model.Address, error) {

internal/management/repository/eventsourcing/handler/handler.go

@@ -39,7 +39,7 @@ func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, ev
 		&ProjectMember{handler: handler{view, bulkLimit, configs.cycleDuration("ProjectMember"), errorCount}, userEvents: repos.UserEvents},
 		&ProjectGrantMember{handler: handler{view, bulkLimit, configs.cycleDuration("ProjectGrantMember"), errorCount}, userEvents: repos.UserEvents},
 		&Application{handler: handler{view, bulkLimit, configs.cycleDuration("Application"), errorCount}, projectEvents: repos.ProjectEvents},
-		&User{handler: handler{view, bulkLimit, configs.cycleDuration("User"), errorCount}, eventstore: eventstore},
+		&User{handler: handler{view, bulkLimit, configs.cycleDuration("User"), errorCount}, eventstore: eventstore, orgEvents: repos.OrgEvents},
 		&UserGrant{handler: handler{view, bulkLimit, configs.cycleDuration("UserGrant"), errorCount}, projectEvents: repos.ProjectEvents, userEvents: repos.UserEvents, orgEvents: repos.OrgEvents},
 		&Org{handler: handler{view, bulkLimit, configs.cycleDuration("Org"), errorCount}},
 		&OrgMember{handler: handler{view, bulkLimit, configs.cycleDuration("OrgMember"), errorCount}, userEvents: repos.UserEvents},

internal/management/repository/eventsourcing/handler/user.go

@@ -1,6 +1,11 @@
 package handler
 
 import (
+	"context"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	org_model "github.com/caos/zitadel/internal/org/model"
+	org_events "github.com/caos/zitadel/internal/org/repository/eventsourcing"
+	org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
 	es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
 	"time"
 
@@ -9,13 +14,13 @@ import (
 	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/eventstore/models"
 	"github.com/caos/zitadel/internal/eventstore/spooler"
-	"github.com/caos/zitadel/internal/user/repository/eventsourcing"
 	view_model "github.com/caos/zitadel/internal/user/repository/view/model"
 )
 
 type User struct {
 	handler
 	eventstore eventstore.Eventstore
+	orgEvents  *org_events.OrgEventstore
 }
 
 const (
@@ -33,15 +38,29 @@ func (p *User) EventQuery() (*models.SearchQuery, error) {
 	if err != nil {
 		return nil, err
 	}
-	return eventsourcing.UserQuery(sequence), nil
+	return es_models.NewSearchQuery().
+		AggregateTypeFilter(es_model.UserAggregate, org_es_model.OrgAggregate).
+		LatestSequenceFilter(sequence), nil
 }
 
-func (p *User) Process(event *models.Event) (err error) {
+func (u *User) Process(event *models.Event) (err error) {
+	switch event.AggregateType {
+	case es_model.UserAggregate:
+		return u.ProcessUser(event)
+	case org_es_model.OrgAggregate:
+		return u.ProcessOrg(event)
+	default:
+		return nil
+	}
+}
+
+func (p *User) ProcessUser(event *models.Event) (err error) {
 	user := new(view_model.UserView)
 	switch event.Type {
 	case es_model.UserAdded,
 		es_model.UserRegistered:
 		user.AppendEvent(event)
+		p.fillLoginNames(user)
 	case es_model.UserProfileChanged,
 		es_model.UserEmailChanged,
 		es_model.UserEmailVerified,
@@ -68,7 +87,89 @@ func (p *User) Process(event *models.Event) (err error) {
 	if err != nil {
 		return err
 	}
-	return p.view.PutUser(user)
+	return p.view.PutUser(user, user.Sequence)
+}
+
+func (u *User) ProcessOrg(event *models.Event) (err error) {
+	switch event.Type {
+	case org_es_model.OrgDomainVerified,
+		org_es_model.OrgDomainRemoved,
+		org_es_model.OrgIamPolicyAdded,
+		org_es_model.OrgIamPolicyChanged,
+		org_es_model.OrgIamPolicyRemoved:
+		return u.fillLoginNamesOnOrgUsers(event)
+	case org_es_model.OrgDomainPrimarySet:
+		return u.fillPreferredLoginNamesOnOrgUsers(event)
+	default:
+		return u.view.ProcessedUserSequence(event.Sequence)
+	}
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (u *User) fillLoginNamesOnOrgUsers(event *models.Event) error {
+	org, err := u.orgEvents.OrgByID(context.Background(), org_model.NewOrg(event.ResourceOwner))
+	if err != nil {
+		return err
+	}
+	policy, err := u.orgEvents.GetOrgIamPolicy(context.Background(), event.ResourceOwner)
+	if err != nil {
+		return err
+	}
+	users, err := u.view.UsersByOrgID(event.AggregateID)
+	if err != nil {
+		return err
+	}
+	for _, user := range users {
+		user.SetLoginNames(policy, org.Domains)
+		err := u.view.PutUser(user, 0)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (u *User) fillPreferredLoginNamesOnOrgUsers(event *models.Event) error {
+	org, err := u.orgEvents.OrgByID(context.Background(), org_model.NewOrg(event.ResourceOwner))
+	if err != nil {
+		return err
+	}
+	policy, err := u.orgEvents.GetOrgIamPolicy(context.Background(), event.ResourceOwner)
+	if err != nil {
+		return err
+	}
+	if !policy.UserLoginMustBeDomain {
+		return nil
+	}
+	users, err := u.view.UsersByOrgID(event.AggregateID)
+	if err != nil {
+		return err
+	}
+	for _, user := range users {
+		user.PreferredLoginName = user.GenerateLoginName(org.GetPrimaryDomain().Domain)
+		err := u.view.PutUser(user, 0)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (u *User) fillLoginNames(user *view_model.UserView) (err error) {
+	org, err := u.orgEvents.OrgByID(context.Background(), org_model.NewOrg(user.ResourceOwner))
+	if err != nil {
+		return err
+	}
+	policy, err := u.orgEvents.GetOrgIamPolicy(context.Background(), user.ResourceOwner)
+	if err != nil {
+		return err
+	}
+	user.SetLoginNames(policy, org.Domains)
+	user.PreferredLoginName = user.GenerateLoginName(org.GetPrimaryDomain().Domain)
+	return nil
 }
 
 func (p *User) OnError(event *models.Event, err error) error {

internal/management/repository/eventsourcing/view/user.go

@@ -23,6 +23,10 @@ func (v *View) GetGlobalUserByEmail(email string) (*model.UserView, error) {
 	return view.GetGlobalUserByEmail(v.Db, userTable, email)
 }
 
+func (v *View) UsersByOrgID(orgID string) ([]*model.UserView, error) {
+	return view.UsersByOrgID(v.Db, userTable, orgID)
+}
+
 func (v *View) IsUserUnique(userName, email string) (bool, error) {
 	return view.IsUserUnique(v.Db, userTable, userName, email)
 }
@@ -31,12 +35,15 @@ func (v *View) UserMfas(userID string) ([]*usr_model.MultiFactor, error) {
 	return view.UserMfas(v.Db, userTable, userID)
 }
 
-func (v *View) PutUser(user *model.UserView) error {
+func (v *View) PutUser(user *model.UserView, sequence uint64) error {
 	err := view.PutUser(v.Db, userTable, user)
 	if err != nil {
 		return err
 	}
-	return v.ProcessedUserSequence(user.Sequence)
+	if sequence != 0 {
+		return v.ProcessedUserSequence(sequence)
+	}
+	return nil
 }
 
 func (v *View) DeleteUser(userID string, eventSequence uint64) error {