TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:37:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: label policy (#1708)

Browse Source 
* feat: label policy proto extension

* feat: label policy and activate event

* feat: label policy asset events

* feat: label policy asset commands

* feat: add storage key

* feat: storage key validation

* feat: label policy asset tests

* feat: label policy query side

* feat: avatar

* feat: avatar event

* feat: human avatar

* feat: avatar read side

* feat: font on iam label policy

* feat: label policy font

* feat: possiblity to create bucket on put file

* uplaoder

* login policy logo

* set bucket prefix

* feat: avatar upload

* feat: avatar upload

* feat: use assets on command side

* feat: fix human avatar removed event

* feat: remove human avatar

* feat: mock asset storage

* feat: remove human avatar

* fix(operator): add configuration of asset storage to zitadel operator

* feat(console): private labeling policy (#1697)

* private labeling component, routing, preview

* font, colors, upload, i18n

* show logo

* fix: uniqueness (#1710)

* fix: uniqueconstraint to lower

* feat: change org

* feat: org change test

* feat: change org

* fix: tests

* fix: handle domain claims correctly

* feat: update org

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

* fix: handle domain claimed event correctly for service users (#1711)

* fix: handle domain claimed event correctly on user view

* fix: ignore domain claimed events for email notifications

* fix: change org

* handle org changed in read models correctly

* fix: change org in user grant handler

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

* fix: correct value (#1695)

* docs(api): correct link (#1712)

* upload service

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>

* feat: fix tests,

* feat: remove assets from label policy

* fix npm, set environment

* lint ts

* remove stylelinting

* fix(operator): add mapping for console with changed unit tests

* fix(operator): add secrets as env variables to pod

* feat: remove human avatar

* fix(operator): add secrets as env variables to pod

* feat: map label policy

* feat: labelpolicy, admin, mgmt, adv settings (#1715)

* fetch label policy, mgmt, admin service

* feat: advanced beh, links, add, update

* lint ts

* feat: watermark

* feat: remove human avatar

* feat: remove human avatar

* feat: remove human avatar

* feat: remove human avatar

* feat: remove human avatar

* feat: remove human avatar

* feat: remove human avatar

* feat: custom css

* css

* css

* css

* css

* css

* getobject

* feat: dynamic handler

* feat: varibale css

* content info

* css overwrite

* feat: variablen css

* feat: generate css file

* feat: dark mode

* feat: dark mode

* fix logo css

* feat: upload logos

* dark mode with cookie

* feat: handle images in login

* avatar css and begin font

* feat: avatar

* feat: user avatar

* caching of static assets in login

* add avatar.js to main.html

* feat: header dont show logo if no url

* feat: label policy colors

* feat: mock asset storage

* feat: mock asset storage

* feat: fix tests

* feat: user avatar

* feat: header logo

* avatar

* avatar

* make it compatible with go 1.15

* feat: remove unused logos

* fix handler

* fix: styling error handling

* fonts

* fix: download func

* switch to mux

* fix: change upload api to assets

* fix build

* fix: download avatar

* fix: download logos

* fix: my avatar

* font

* fix: remove error msg popup possibility

* fix: docs

* fix: svalidate colors

* rem msg popup from frontend

* fix: email with private labeling

* fix: tests

* fix: email templates

* fix: change migration version

* fix: fix duplicate imports

* fix(console): assets, service url, upload, policy current and preview  (#1781)

* upload endpoint, layout

* fetch current, preview, fix upload

* cleanup private labeling

* fix linting

* begin generated asset handler

* generate asset api in dockerfile

* features for label policy

* features for label policy

* features

* flag for asset generator

* change asset generator flag

* fix label policy view in grpc

* fix: layout, activate policy (#1786)

* theme switcher up on top

* change layout

* activate policy

* feat(console): label policy back color, layout (#1788)

* theme switcher up on top

* change layout

* activate policy

* fix overwrite value fc

* reset policy, reset service

* autosave policy, preview desc, layout impv

* layout, i18n

* background colors, inject material styles

* load images

* clean, lint

* fix layout

* set custom hex

* fix content size conversion

* remove font format in generated css

* fix features for assets

* fix(console): label policy colors, image downloads, preview (#1804)

* load images

* colors, images binding

* lint

* refresh emitter

* lint

* propagate font colors

* upload error handling

* label policy feature check

* add blob in csp for console

* log

* fix: feature edits for label policy, refresh state on upload (#1807)

* show error on load image, stop spinner

* fix merge

* fix migration versions

* fix assets

* fix csp

* fix background color

* scss

* fix build

* lint scss

* fix statik for console

* fix features check for label policy

* cleanup

* lint

* public links

* fix notifications

* public links

* feat: merge main

* feat: fix translation files

* fix migration

* set api domain

* fix logo in email

* font face in email

* font face in email

* validate assets on upload

* cleanup

* add missing translations

* add missing translations

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
This commit is contained in:
Fabi
2021-06-04 14:53:51 +02:00
committed by GitHub
parent c0d9d86b09
commit 73d37459bb
257 changed files with 18248 additions and 7178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

194
internal/api/assets/asset.go Normal file
View File

@@ -0,0 +1,194 @@
package assets
import (
"context"
"io/ioutil"
"net/http"
"strconv"
"strings"
"github.com/caos/logging"
"github.com/gorilla/mux"
"github.com/caos/zitadel/internal/api/authz"
http_mw "github.com/caos/zitadel/internal/api/http/middleware"
"github.com/caos/zitadel/internal/command"
"github.com/caos/zitadel/internal/domain"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/id"
"github.com/caos/zitadel/internal/management/repository"
"github.com/caos/zitadel/internal/static"
)
type Handler struct {
errorHandler ErrorHandler
storage static.Storage
commands *command.Commands
authInterceptor *http_mw.AuthInterceptor
idGenerator id.Generator
orgRepo repository.OrgRepository
}
func (h *Handler) AuthInterceptor() *http_mw.AuthInterceptor {
return h.authInterceptor
}
func (h *Handler) Commands() *command.Commands {
return h.commands
}
func (h *Handler) ErrorHandler() ErrorHandler {
return DefaultErrorHandler
}
func (h *Handler) Storage() static.Storage {
return h.storage
}
type Uploader interface {
Callback(ctx context.Context, info *domain.AssetInfo, orgID string, commands *command.Commands) error
ObjectName(data authz.CtxData) (string, error)
BucketName(data authz.CtxData) string
ContentTypeAllowed(contentType string) bool
MaxFileSize() int64
}
type Downloader interface {
ObjectName(ctx context.Context, path string) (string, error)
BucketName(ctx context.Context, id string) string
}
type ErrorHandler func(http.ResponseWriter, *http.Request, error)
func DefaultErrorHandler(w http.ResponseWriter, r *http.Request, err error) {
logging.Log("ASSET-g5ef1").WithError(err).WithField("uri", r.RequestURI).Error("error occurred on asset api")
http.Error(w, err.Error(), http.StatusInternalServerError)
}
func NewHandler(
commands *command.Commands,
verifier *authz.TokenVerifier,
authConfig authz.Config,
idGenerator id.Generator,
storage static.Storage,
orgRepo repository.OrgRepository,
) http.Handler {
h := &Handler{
commands: commands,
errorHandler: DefaultErrorHandler,
authInterceptor: http_mw.AuthorizationInterceptor(verifier, authConfig),
idGenerator: idGenerator,
storage: storage,
orgRepo: orgRepo,
}
verifier.RegisterServer("Management-API", "assets", AssetsService_AuthMethods) //TODO: separate api?
router := mux.NewRouter()
RegisterRoutes(router, h)
router.PathPrefix("/{id}").Methods("GET").HandlerFunc(DownloadHandleFunc(h, h.GetFile()))
return router
}
func (h *Handler) GetFile() Downloader {
return &publicFileDownloader{}
}
type publicFileDownloader struct{}
func (l *publicFileDownloader) ObjectName(_ context.Context, path string) (string, error) {
return path, nil
}
func (l *publicFileDownloader) BucketName(_ context.Context, id string) string {
return id
}
const maxMemory = 2 << 20
const paramFile = "file"
func UploadHandleFunc(s AssetsService, uploader Uploader) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
ctxData := authz.GetCtxData(ctx)
err := r.ParseMultipartForm(maxMemory)
file, handler, err := r.FormFile(paramFile)
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
defer func() {
err = file.Close()
logging.Log("UPLOAD-GDg34").OnError(err).Warn("could not close file")
}()
contentType := handler.Header.Get("content-type")
size := handler.Size
if !uploader.ContentTypeAllowed(contentType) {
s.ErrorHandler()(w, r, caos_errs.ThrowInvalidArgument(nil, "UPLOAD-Dbvfs", "invalid content-type"))
return
}
if size > uploader.MaxFileSize() {
s.ErrorHandler()(w, r, caos_errs.ThrowInvalidArgumentf(nil, "UPLOAD-Bfb32", "file to big, max file size is %v", uploader.MaxFileSize()))
return
}
bucketName := uploader.BucketName(ctxData)
objectName, err := uploader.ObjectName(ctxData)
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
info, err := s.Commands().UploadAsset(ctx, bucketName, objectName, contentType, file, size)
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
err = uploader.Callback(ctx, info, ctxData.OrgID, s.Commands())
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
}
}
func DownloadHandleFunc(s AssetsService, downloader Downloader) func(http.ResponseWriter, *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if s.Storage() == nil {
return
}
ctx := r.Context()
id := mux.Vars(r)["id"]
bucketName := downloader.BucketName(ctx, id)
path := ""
if id != "" {
path = strings.Split(r.RequestURI, id+"/")[1]
}
objectName, err := downloader.ObjectName(ctx, path)
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
if objectName == "" {
s.ErrorHandler()(w, r, caos_errs.ThrowNotFound(nil, "UPLOAD-adf4f", "file not found"))
return
}
reader, getInfo, err := s.Storage().GetObject(ctx, bucketName, objectName)
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
data, err := ioutil.ReadAll(reader)
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
info, err := getInfo()
if err != nil {
s.ErrorHandler()(w, r, err)
return
}
w.Header().Set("content-length", strconv.FormatInt(info.Size, 10))
w.Header().Set("content-type", info.ContentType)
w.Header().Set("ETag", info.ETag)
w.Write(data)
}
}

119
internal/api/assets/generator/asset.yaml Normal file
View File

@@ -0,0 +1,119 @@
Services:
IAM:
Prefix: "/iam"
Methods:
DefaultLabelPolicyLogo:
Path: "/policy/label/logo"
HasDarkMode: true
Handlers:
- Name: Upload
Comment:
Type: upload
Permission: iam.policy.write
- Name: Get
Comment:
Type: download
Permission: iam.policy.read
- Name: GetPreview
Comment:
Type: preview
Permission: iam.policy.read
DefaultLabelPolicyIcon:
Path: "/policy/label/icon"
HasDarkMode: true
Handlers:
- Name: Upload
Comment:
Type: upload
Permission: iam.policy.write
- Name: Get
Comment:
Type: download
Permission: iam.policy.read
- Name: GetPreview
Comment:
Type: preview
Permission: iam.policy.read
DefaultLabelPolicyFont:
Path: "/policy/label/font"
Handlers:
- Name: Upload
Comment:
Type: upload
Permission: iam.policy.write
- Name: Get
Comment:
Type: download
Permission: iam.policy.read
- Name: GetPreview
Comment:
Type: preview
Permission: iam.policy.read
Org:
Prefix: "/org"
Methods:
OrgLabelPolicyLogo:
Path: "/policy/label/logo"
Feature: "label_policy.private_label"
HasDarkMode: true
Handlers:
- Name: Upload
Comment:
Type: upload
Permission: policy.write
- Name: Get
Comment:
Type: download
Permission: policy.read
- Name: GetPreview
Comment:
Type: preview
Permission: policy.read
OrgLabelPolicyIcon:
Path: "/policy/label/icon"
Feature: "label_policy.private_label"
HasDarkMode: true
Handlers:
- Name: Upload
Comment:
Type: upload
Permission: policy.write
- Name: Get
Comment:
Type: download
Permission: policy.read
- Name: GetPreview
Comment:
Type: preview
Permission: policy.read
OrgLabelPolicyFont:
Path: "/policy/label/font"
Feature: "label_policy.private_label"
Handlers:
- Name: Upload
Comment:
Type: upload
Permission: policy.write
- Name: Get
Comment:
Type: download
Permission: policy.read
- Name: GetPreview
Comment:
Type: preview
Permission: policy.read
Users:
Prefix: "/users"
Methods:
MyUserAvatar:
Path: "/me/avatar"
Features: "label_policy.private_label"
Handlers:
- Name: Upload
Comment:
Type: upload
Permission: authenticated
- Name: Get
Comment:
Type: download
Permission: authenticated

200
internal/api/assets/generator/asset_generator.go Normal file
View File

@@ -0,0 +1,200 @@
package main
import (
"flag"
"io"
"os"
"text/template"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/config"
)
var (
directory = flag.String("directory", "./", "working directory: asset.yaml must be in this directory, files will be generated into parent directory")
)
func main() {
flag.Parse()
configFile := *directory + "asset.yaml"
authz, err := os.OpenFile(*directory+"../authz.go", os.O_TRUNC|os.O_WRONLY|os.O_CREATE, 0755)
logging.Log("ASSETS-Gn31f").OnError(err).Fatal("cannot open authz file")
router, err := os.OpenFile(*directory+"../router.go", os.O_TRUNC|os.O_WRONLY|os.O_CREATE, 0755)
logging.Log("ASSETS-ABen3").OnError(err).Fatal("cannot open router file")
GenerateAssetHandler(configFile, authz, router)
}
type Method struct {
Path string
Feature string
HasDarkMode bool
Handlers []Handler
}
type Handler struct {
Name string
Comment string
Type HandlerType
Permission string
}
func (a Handler) Method() string {
if a.Type == MethodTypeUpload {
return "POST"
}
return "GET"
}
func (a Handler) PathSuffix() string {
if a.Type == MethodTypePreview {
return "/_preview"
}
return ""
}
func (a Handler) MethodReturn() string {
if a.Type == MethodTypeUpload {
return "Uploader"
}
if a.Type == MethodTypeDownload {
return "Downloader"
}
if a.Type == MethodTypePreview {
return "Downloader"
}
return ""
}
func (a Handler) HandlerType() string {
if a.Type == MethodTypeUpload {
return "UploadHandleFunc"
}
if a.Type == MethodTypeDownload {
return "DownloadHandleFunc"
}
if a.Type == MethodTypePreview {
return "DownloadHandleFunc"
}
return ""
}
type HandlerType string
const (
MethodTypeUpload = "upload"
MethodTypeDownload = "download"
MethodTypePreview = "preview"
)
type Services map[string]Service
type Service struct {
Prefix string
Methods map[string]Method
}
func GenerateAssetHandler(configFilePath string, output io.Writer, output2 io.Writer) {
conf := new(struct {
Services Services
})
err := config.Read(conf, configFilePath)
logging.Log("ASSETS-Dgbn4").OnError(err).Fatal("cannot read config")
tmplAuthz, err := template.New("").Parse(authzTmpl)
logging.Log("ASSETS-BGbbg").OnError(err).Fatal("cannot parse authz template")
tmplRouter, err := template.New("").Parse(routerTmpl)
logging.Log("ASSETS-gh4rq").OnError(err).Fatal("cannot parse router template")
data := &struct {
GoPkgName string
Name string
Prefix string
Services Services
}{
GoPkgName: "assets",
Name: "AssetsService",
Prefix: "/assets/v1",
Services: conf.Services,
}
err = tmplAuthz.Execute(output, data)
logging.Log("ASSETS-BHngj").OnError(err).Fatal("cannot generate authz")
err = tmplRouter.Execute(output2, data)
logging.Log("ASSETS-Bfd41").OnError(err).Fatal("cannot generate router")
}
const authzTmpl = `package {{.GoPkgName}}
import (
"github.com/caos/zitadel/internal/api/authz"
)
/**
* {{.Name}}
*/
{{ $prefix := .Prefix }}
var {{.Name}}_AuthMethods = authz.MethodMapping {
{{ range $service := .Services}}
{{ range $method := .Methods}}
{{ range $handler := .Handlers}}
{{ if (or $method.Feature $handler.Permission) }}
"{{$handler.Method}}:{{$prefix}}{{$service.Prefix}}{{$method.Path}}{{$handler.PathSuffix}}": authz.Option{
Permission: "{{$handler.Permission}}",
Feature: "{{$method.Feature}}",
},
{{ if $method.HasDarkMode }}
"{{$handler.Method}}:{{$prefix}}{{$service.Prefix}}{{$method.Path}}/dark{{$handler.PathSuffix}}": authz.Option{
Permission: "{{$handler.Permission}}",
Feature: "{{$method.Feature}}",
},
{{end}}
{{end}}
{{end}}
{{end}}
{{end}}
}
`
const routerTmpl = `package {{.GoPkgName}}
import (
"github.com/gorilla/mux"
http_mw "github.com/caos/zitadel/internal/api/http/middleware"
"github.com/caos/zitadel/internal/command"
"github.com/caos/zitadel/internal/static"
)
type {{.Name}} interface {
AuthInterceptor() *http_mw.AuthInterceptor
Commands() *command.Commands
ErrorHandler() ErrorHandler
Storage() static.Storage
{{ range $service := .Services}}
{{ range $methodName, $method := .Methods}}
{{ range $handler := .Handlers}}
{{$handler.Name}}{{$methodName}}() {{if $handler.MethodReturn}}{{$handler.MethodReturn}}{{end}}
{{ if $method.HasDarkMode }}
{{$handler.Name}}{{$methodName}}Dark() {{if $handler.MethodReturn}}{{$handler.MethodReturn}}{{end}}
{{ end }}
{{ end }}
{{ end }}
{{ end }}
}
func RegisterRoutes(router *mux.Router, s {{.Name}}) {
router.Use(s.AuthInterceptor().Handler)
{{ range $service := .Services}}
{{ range $methodName, $method := .Methods}}
{{ range $handler := .Handlers}}
router.Path("{{$service.Prefix}}{{$method.Path}}{{$handler.PathSuffix}}").Methods("{{$handler.Method}}").HandlerFunc({{if $handler.HandlerType}}{{$handler.HandlerType}}(s, {{end}}s.{{$handler.Name}}{{$methodName}}(){{if $handler.HandlerType}}){{end}})
{{ if $method.HasDarkMode }}
router.Path("{{$service.Prefix}}{{$method.Path}}/dark{{$handler.PathSuffix}}").Methods("{{$handler.Method}}").HandlerFunc({{if $handler.HandlerType}}{{$handler.HandlerType}}(s, {{end}}s.{{$handler.Name}}{{$methodName}}Dark(){{if $handler.HandlerType}}){{end}})
{{ end }}
{{ end }}
{{ end }}
{{ end }}
}
`

377
internal/api/assets/login_policy.go Normal file
View File

@@ -0,0 +1,377 @@
package assets
import (
"context"
"strings"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/command"
"github.com/caos/zitadel/internal/domain"
"github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/id"
"github.com/caos/zitadel/internal/management/repository"
)
func (h *Handler) UploadDefaultLabelPolicyLogo() Uploader {
return &labelPolicyLogoUploader{h.idGenerator, false, true, []string{"image/"}, 1 << 19}
}
func (h *Handler) UploadDefaultLabelPolicyLogoDark() Uploader {
return &labelPolicyLogoUploader{h.idGenerator, true, true, []string{"image/"}, 1 << 19}
}
func (h *Handler) UploadOrgLabelPolicyLogo() Uploader {
return &labelPolicyLogoUploader{h.idGenerator, false, false, []string{"image/"}, 1 << 19}
}
func (h *Handler) UploadOrgLabelPolicyLogoDark() Uploader {
return &labelPolicyLogoUploader{h.idGenerator, true, false, []string{"image/"}, 1 << 19}
}
type labelPolicyLogoUploader struct {
idGenerator id.Generator
darkMode bool
defaultPolicy bool
contentTypes []string
maxSize int64
}
func (l *labelPolicyLogoUploader) ContentTypeAllowed(contentType string) bool {
for _, ct := range l.contentTypes {
if strings.HasPrefix(contentType, ct) {
return true
}
}
return false
}
func (l *labelPolicyLogoUploader) MaxFileSize() int64 {
return l.maxSize
}
func (l *labelPolicyLogoUploader) ObjectName(_ authz.CtxData) (string, error) {
suffixID, err := l.idGenerator.Next()
if err != nil {
return "", err
}
prefix := domain.LabelPolicyLogoPath
if l.darkMode {
return prefix + "-" + domain.Dark + "-" + suffixID, nil
}
return prefix + "-" + suffixID, nil
}
func (l *labelPolicyLogoUploader) BucketName(ctxData authz.CtxData) string {
if l.defaultPolicy {
return domain.IAMID
}
return ctxData.OrgID
}
func (l *labelPolicyLogoUploader) Callback(ctx context.Context, info *domain.AssetInfo, orgID string, commands *command.Commands) error {
if l.defaultPolicy {
if l.darkMode {
_, err := commands.AddLogoDarkDefaultLabelPolicy(ctx, info.Key)
return err
}
_, err := commands.AddLogoDefaultLabelPolicy(ctx, info.Key)
return err
}
if l.darkMode {
_, err := commands.AddLogoDarkLabelPolicy(ctx, orgID, info.Key)
return err
}
_, err := commands.AddLogoLabelPolicy(ctx, orgID, info.Key)
return err
}
func (h *Handler) GetDefaultLabelPolicyLogo() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: true, preview: false}
}
func (h *Handler) GetDefaultLabelPolicyLogoDark() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: true, preview: false}
}
func (h *Handler) GetPreviewDefaultLabelPolicyLogo() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: true, preview: true}
}
func (h *Handler) GetPreviewDefaultLabelPolicyLogoDark() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: true, preview: true}
}
func (h *Handler) GetOrgLabelPolicyLogo() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: false, preview: false}
}
func (h *Handler) GetOrgLabelPolicyLogoDark() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: false, preview: false}
}
func (h *Handler) GetPreviewOrgLabelPolicyLogo() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: false, preview: true}
}
func (h *Handler) GetPreviewOrgLabelPolicyLogoDark() Downloader {
return &labelPolicyLogoDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: false, preview: true}
}
type labelPolicyLogoDownloader struct {
org repository.OrgRepository
darkMode bool
defaultPolicy bool
preview bool
}
func (l *labelPolicyLogoDownloader) ObjectName(ctx context.Context, path string) (string, error) {
policy, err := getLabelPolicy(ctx, l.defaultPolicy, l.preview, l.org)
if err != nil {
return "", nil
}
if l.darkMode {
return policy.LogoDarkURL, nil
}
return policy.LogoURL, nil
}
func (l *labelPolicyLogoDownloader) BucketName(ctx context.Context, id string) string {
if l.defaultPolicy {
return domain.IAMID
}
return authz.GetCtxData(ctx).OrgID
}
func (h *Handler) UploadDefaultLabelPolicyIcon() Uploader {
return &labelPolicyIconUploader{h.idGenerator, false, true, []string{"image/"}, 1 << 19}
}
func (h *Handler) UploadDefaultLabelPolicyIconDark() Uploader {
return &labelPolicyIconUploader{h.idGenerator, true, true, []string{"image/"}, 1 << 19}
}
func (h *Handler) UploadOrgLabelPolicyIcon() Uploader {
return &labelPolicyIconUploader{h.idGenerator, false, false, []string{"image/"}, 1 << 19}
}
func (h *Handler) UploadOrgLabelPolicyIconDark() Uploader {
return &labelPolicyIconUploader{h.idGenerator, true, false, []string{"image/"}, 1 << 19}
}
type labelPolicyIconUploader struct {
idGenerator id.Generator
darkMode bool
defaultPolicy bool
contentTypes []string
maxSize int64
}
func (l *labelPolicyIconUploader) ContentTypeAllowed(contentType string) bool {
for _, ct := range l.contentTypes {
if strings.HasPrefix(contentType, ct) {
return true
}
}
return false
}
func (l *labelPolicyIconUploader) MaxFileSize() int64 {
return l.maxSize
}
func (l *labelPolicyIconUploader) ObjectName(_ authz.CtxData) (string, error) {
suffixID, err := l.idGenerator.Next()
if err != nil {
return "", err
}
prefix := domain.LabelPolicyIconPath
if l.darkMode {
return prefix + "-" + domain.Dark + "-" + suffixID, nil
}
return prefix + "-" + suffixID, nil
}
func (l *labelPolicyIconUploader) BucketName(ctxData authz.CtxData) string {
if l.defaultPolicy {
return domain.IAMID
}
return ctxData.OrgID
}
func (l *labelPolicyIconUploader) Callback(ctx context.Context, info *domain.AssetInfo, orgID string, commands *command.Commands) error {
if l.defaultPolicy {
if l.darkMode {
_, err := commands.AddIconDarkDefaultLabelPolicy(ctx, info.Key)
return err
}
_, err := commands.AddIconDefaultLabelPolicy(ctx, info.Key)
return err
}
if l.darkMode {
_, err := commands.AddIconDarkLabelPolicy(ctx, orgID, info.Key)
return err
}
_, err := commands.AddIconLabelPolicy(ctx, orgID, info.Key)
return err
}
func (h *Handler) GetDefaultLabelPolicyIcon() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: true, preview: false}
}
func (h *Handler) GetDefaultLabelPolicyIconDark() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: true, preview: false}
}
func (h *Handler) GetPreviewDefaultLabelPolicyIcon() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: true, preview: true}
}
func (h *Handler) GetPreviewDefaultLabelPolicyIconDark() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: true, preview: true}
}
func (h *Handler) GetOrgLabelPolicyIcon() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: false, preview: false}
}
func (h *Handler) GetOrgLabelPolicyIconDark() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: false, preview: false}
}
func (h *Handler) GetPreviewOrgLabelPolicyIcon() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: false, defaultPolicy: false, preview: true}
}
func (h *Handler) GetPreviewOrgLabelPolicyIconDark() Downloader {
return &labelPolicyIconDownloader{org: h.orgRepo, darkMode: true, defaultPolicy: false, preview: true}
}
type labelPolicyIconDownloader struct {
org repository.OrgRepository
darkMode bool
defaultPolicy bool
preview bool
}
func (l *labelPolicyIconDownloader) ObjectName(ctx context.Context, path string) (string, error) {
policy, err := getLabelPolicy(ctx, l.defaultPolicy, l.preview, l.org)
if err != nil {
return "", nil
}
if l.darkMode {
return policy.IconDarkURL, nil
}
return policy.IconURL, nil
}
func (l *labelPolicyIconDownloader) BucketName(ctx context.Context, id string) string {
if l.defaultPolicy {
return domain.IAMID
}
return authz.GetCtxData(ctx).OrgID
}
func (h *Handler) UploadDefaultLabelPolicyFont() Uploader {
return &labelPolicyFontUploader{h.idGenerator, true, []string{"font/"}, 1 << 19}
}
func (h *Handler) UploadOrgLabelPolicyFont() Uploader {
return &labelPolicyFontUploader{h.idGenerator, false, []string{"font/"}, 1 << 19}
}
type labelPolicyFontUploader struct {
idGenerator id.Generator
defaultPolicy bool
contentTypes []string
maxSize int64
}
func (l *labelPolicyFontUploader) ContentTypeAllowed(contentType string) bool {
for _, ct := range l.contentTypes {
if strings.HasPrefix(contentType, ct) {
return true
}
}
return false
}
func (l *labelPolicyFontUploader) MaxFileSize() int64 {
return l.maxSize
}
func (l *labelPolicyFontUploader) ObjectName(_ authz.CtxData) (string, error) {
suffixID, err := l.idGenerator.Next()
if err != nil {
return "", err
}
prefix := domain.LabelPolicyFontPath
return prefix + "-" + suffixID, nil
}
func (l *labelPolicyFontUploader) BucketName(ctxData authz.CtxData) string {
if l.defaultPolicy {
return domain.IAMID
}
return ctxData.OrgID
}
func (l *labelPolicyFontUploader) Callback(ctx context.Context, info *domain.AssetInfo, orgID string, commands *command.Commands) error {
if l.defaultPolicy {
_, err := commands.AddFontDefaultLabelPolicy(ctx, info.Key)
return err
}
_, err := commands.AddFontLabelPolicy(ctx, orgID, info.Key)
return err
}
func (h *Handler) GetDefaultLabelPolicyFont() Downloader {
return &labelPolicyFontDownloader{org: h.orgRepo, defaultPolicy: true, preview: false}
}
func (h *Handler) GetPreviewDefaultLabelPolicyFont() Downloader {
return &labelPolicyFontDownloader{org: h.orgRepo, defaultPolicy: true, preview: true}
}
func (h *Handler) GetOrgLabelPolicyFont() Downloader {
return &labelPolicyFontDownloader{org: h.orgRepo, defaultPolicy: false, preview: false}
}
func (h *Handler) GetPreviewOrgLabelPolicyFont() Downloader {
return &labelPolicyFontDownloader{org: h.orgRepo, defaultPolicy: true, preview: true}
}
type labelPolicyFontDownloader struct {
org repository.OrgRepository
defaultPolicy bool
preview bool
}
func (l *labelPolicyFontDownloader) ObjectName(ctx context.Context, path string) (string, error) {
policy, err := getLabelPolicy(ctx, l.defaultPolicy, l.preview, l.org)
if err != nil {
return "", nil
}
return policy.FontURL, nil
}
func (l *labelPolicyFontDownloader) BucketName(ctx context.Context, id string) string {
if l.defaultPolicy {
return domain.IAMID
}
return authz.GetCtxData(ctx).OrgID
}
func getLabelPolicy(ctx context.Context, defaultPolicy, preview bool, orgRepo repository.OrgRepository) (*model.LabelPolicyView, error) {
if defaultPolicy {
if preview {
return orgRepo.GetPreviewDefaultLabelPolicy(ctx)
}
return orgRepo.GetDefaultLabelPolicy(ctx)
}
if preview {
return orgRepo.GetPreviewLabelPolicy(ctx)
}
return orgRepo.GetLabelPolicy(ctx)
}

59
internal/api/assets/user_avatar.go Normal file
View File

@@ -0,0 +1,59 @@
package assets
import (
"context"
"strings"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/command"
"github.com/caos/zitadel/internal/domain"
)
func (h *Handler) UploadMyUserAvatar() Uploader {
return &myHumanAvatarUploader{[]string{"image/"}, 1 << 19}
}
type myHumanAvatarUploader struct {
contentTypes []string
maxSize int64
}
func (l *myHumanAvatarUploader) ContentTypeAllowed(contentType string) bool {
for _, ct := range l.contentTypes {
if strings.HasPrefix(contentType, ct) {
return true
}
}
return false
}
func (l *myHumanAvatarUploader) MaxFileSize() int64 {
return l.maxSize
}
func (l *myHumanAvatarUploader) ObjectName(ctxData authz.CtxData) (string, error) {
return domain.GetHumanAvatarAssetPath(ctxData.UserID), nil
}
func (l *myHumanAvatarUploader) BucketName(ctxData authz.CtxData) string {
return ctxData.OrgID
}
func (l *myHumanAvatarUploader) Callback(ctx context.Context, info *domain.AssetInfo, orgID string, commands *command.Commands) error {
_, err := commands.AddHumanAvatar(ctx, orgID, authz.GetCtxData(ctx).UserID, info.Key)
return err
}
func (h *Handler) GetMyUserAvatar() Downloader {
return &myHumanAvatarDownloader{}
}
type myHumanAvatarDownloader struct{}
func (l *myHumanAvatarDownloader) ObjectName(ctx context.Context, path string) (string, error) {
return domain.GetHumanAvatarAssetPath(authz.GetCtxData(ctx).UserID), nil
}
func (l *myHumanAvatarDownloader) BucketName(ctx context.Context, id string) string {
return authz.GetCtxData(ctx).OrgID
}