TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:37:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: multiple domains (#188)

Browse Source 
* check uniqueness on create and register user

* change user email, reserve release unique email

* usergrant unique aggregate

* usergrant uniqueness

* validate UserGrant

* fix tests

* domain is set on username in all orgs

* domain in admin

* org domain sql

* zitadel domain org name

* org domains

* org iam policy

* default org iam policy

* SETUP

* load login names

* login by login name

* login name

* fix: merge master

* fix: merge master

* Update internal/user/repository/eventsourcing/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: fix unique domains

* fix: rename env variable

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi
2020-06-16 11:40:18 +02:00
committed by GitHub
parent 64b14b4e19
commit 7a6ca24625
109 changed files with 12578 additions and 6025 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
internal/admin/repository/eventsourcing/eventstore/org.go
View File

@@ -2,6 +2,7 @@ package eventstore
import (
"context"
"github.com/caos/zitadel/internal/org/repository/view/model"
admin_model "github.com/caos/zitadel/internal/admin/model"
admin_view "github.com/caos/zitadel/internal/admin/repository/eventsourcing/view"
@@ -9,7 +10,6 @@ import (
"github.com/caos/zitadel/internal/eventstore/sdk"
org_model "github.com/caos/zitadel/internal/org/model"
org_es "github.com/caos/zitadel/internal/org/repository/eventsourcing"
org_view "github.com/caos/zitadel/internal/org/repository/view"
policy_es "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
usr_es "github.com/caos/zitadel/internal/user/repository/eventsourcing"
)
@@ -31,7 +31,11 @@ type OrgRepo struct {
}
func (repo *OrgRepo) SetUpOrg(ctx context.Context, setUp *admin_model.SetupOrg) (*admin_model.SetupOrg, error) {
policy, err := repo.PolicyEventstore.GetPasswordComplexityPolicy(ctx, DEFAULT_POLICY)
pwPolicy, err := repo.PolicyEventstore.GetPasswordComplexityPolicy(ctx, DEFAULT_POLICY)
if err != nil {
return nil, err
}
orgPolicy, err := repo.OrgEventstore.GetOrgIamPolicy(ctx, DEFAULT_POLICY)
if err != nil {
return nil, err
}
@@ -39,8 +43,7 @@ func (repo *OrgRepo) SetUpOrg(ctx context.Context, setUp *admin_model.SetupOrg)
if err != nil {
return nil, err
}
user, userAggregates, err := repo.UserEventstore.PrepareCreateUser(ctx, setUp.User, policy, org.AggregateID)
user, userAggregates, err := repo.UserEventstore.PrepareCreateUser(ctx, setUp.User, pwPolicy, orgPolicy, org.AggregateID)
if err != nil {
return nil, err
}
@@ -77,10 +80,26 @@ func (repo *OrgRepo) SearchOrgs(ctx context.Context, query *org_model.OrgSearchR
Offset: query.Offset,
Limit: query.Limit,
TotalResult: uint64(count),
Result: org_view.OrgsToModel(orgs),
Result: model.OrgsToModel(orgs),
}, nil
}
func (repo *OrgRepo) IsOrgUnique(ctx context.Context, name, domain string) (isUnique bool, err error) {
return repo.OrgEventstore.IsOrgUnique(ctx, name, domain)
}
func (repo *OrgRepo) GetOrgIamPolicyByID(ctx context.Context, id string) (*org_model.OrgIamPolicy, error) {
return repo.OrgEventstore.GetOrgIamPolicy(ctx, id)
}
func (repo *OrgRepo) CreateOrgIamPolicy(ctx context.Context, policy *org_model.OrgIamPolicy) (*org_model.OrgIamPolicy, error) {
return repo.OrgEventstore.AddOrgIamPolicy(ctx, policy)
}
func (repo *OrgRepo) ChangeOrgIamPolicy(ctx context.Context, policy *org_model.OrgIamPolicy) (*org_model.OrgIamPolicy, error) {
return repo.OrgEventstore.ChangeOrgIamPolicy(ctx, policy)
}
func (repo *OrgRepo) RemoveOrgIamPolicy(ctx context.Context, id string) error {
return repo.OrgEventstore.RemoveOrgIamPolicy(ctx, id)
}

18
internal/admin/repository/eventsourcing/eventstore/user.go
View File

@@ -3,6 +3,7 @@ package eventstore
import (
"context"
"github.com/caos/zitadel/internal/api/auth"
org_event "github.com/caos/zitadel/internal/org/repository/eventsourcing"
policy_event "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
usr_model "github.com/caos/zitadel/internal/user/model"
usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
@@ -11,6 +12,7 @@ import (
type UserRepo struct {
UserEvents *usr_event.UserEventstore
PolicyEvents *policy_event.PolicyEventstore
OrgEvents *org_event.OrgEventstore
}
func (repo *UserRepo) UserByID(ctx context.Context, id string) (project *usr_model.User, err error) {
@@ -18,11 +20,15 @@ func (repo *UserRepo) UserByID(ctx context.Context, id string) (project *usr_mod
}
func (repo *UserRepo) CreateUser(ctx context.Context, user *usr_model.User) (*usr_model.User, error) {
policy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, auth.GetCtxData(ctx).OrgID)
pwPolicy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, auth.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
return repo.UserEvents.CreateUser(ctx, user, policy)
orgPolicy, err := repo.OrgEvents.GetOrgIamPolicy(ctx, auth.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
return repo.UserEvents.CreateUser(ctx, user, pwPolicy, orgPolicy)
}
func (repo *UserRepo) RegisterUser(ctx context.Context, user *usr_model.User, resourceOwner string) (*usr_model.User, error) {
@@ -30,9 +36,13 @@ func (repo *UserRepo) RegisterUser(ctx context.Context, user *usr_model.User, re
if resourceOwner != "" {
policyResourceOwner = resourceOwner
}
policy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, policyResourceOwner)
pwPolicy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, policyResourceOwner)
if err != nil {
return nil, err
}
return repo.UserEvents.RegisterUser(ctx, user, policy, resourceOwner)
orgPolicy, err := repo.OrgEvents.GetOrgIamPolicy(ctx, policyResourceOwner)
if err != nil {
return nil, err
}
return repo.UserEvents.RegisterUser(ctx, user, pwPolicy, orgPolicy, resourceOwner)
}

4
internal/admin/repository/eventsourcing/handler/org.go
View File

@@ -2,13 +2,13 @@ package handler
import (
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
org_model "github.com/caos/zitadel/internal/org/repository/view/model"
"time"
"github.com/caos/logging"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/eventstore/spooler"
"github.com/caos/zitadel/internal/org/repository/eventsourcing"
"github.com/caos/zitadel/internal/org/repository/view"
)
type Org struct {
@@ -34,7 +34,7 @@ func (o *Org) EventQuery() (*es_models.SearchQuery, error) {
}
func (o *Org) Process(event *es_models.Event) error {
org := new(view.OrgView)
org := new(org_model.OrgView)
switch event.Type {
case model.OrgAdded:

5
internal/admin/repository/eventsourcing/repository.go
View File

@@ -24,6 +24,7 @@ type Config struct {
Eventstore es_int.Config
View types.SQL
Spooler spooler.SpoolerConfig
Domain string
}
type EsRepository struct {
@@ -45,7 +46,7 @@ func Start(ctx context.Context, conf Config, systemDefaults sd.SystemDefaults) (
return nil, err
}
org := es_org.StartOrg(es_org.OrgConfig{Eventstore: es})
org := es_org.StartOrg(es_org.OrgConfig{Eventstore: es, IAMDomain: conf.Domain}, systemDefaults)
project, err := es_proj.StartProject(es_proj.ProjectConfig{
Eventstore: es,
@@ -80,7 +81,7 @@ func Start(ctx context.Context, conf Config, systemDefaults sd.SystemDefaults) (
eventstoreRepos := setup.EventstoreRepos{OrgEvents: org, UserEvents: user, ProjectEvents: project, IamEvents: iam, PolicyEvents: policy}
err = setup.StartSetup(systemDefaults, eventstoreRepos).Execute(ctx)
logging.Log("SERVE-k280HZ").OnError(err).Panic("failed to execute setup")
logging.Log("SERVE-djs3R").OnError(err).Panic("failed to execute setup")
spool := spooler.StartSpooler(conf.Spooler, es, view, sqlClient)

38
internal/admin/repository/eventsourcing/setup/setup.go
View File

@@ -167,8 +167,23 @@ func (setUp *initializer) orgs(ctx context.Context, orgs []types.Org) error {
}
setUp.createdOrgs[iamOrg.Name] = org
var policy *org_model.OrgIamPolicy
if iamOrg.OrgIamPolicy {
policy, err = setUp.iamorgpolicy(ctx, org)
if err != nil {
logging.LogWithFields("SETUP-IlLif", "Org Iam Policy", iamOrg.Name).WithError(err).Error("unable to create iam org policy")
return err
}
} else {
policy, err = setUp.repos.OrgEvents.GetOrgIamPolicy(ctx, DEFAULT_POLICY)
if err != nil {
logging.LogWithFields("SETUP-IS8wS", "Org Iam Policy", iamOrg.Name).WithError(err).Error("unable to get default iam org policy")
return err
}
}
ctx = setSetUpContextData(ctx, org.AggregateID)
err = setUp.users(ctx, iamOrg.Users)
err = setUp.users(ctx, iamOrg.Users, policy)
if err != nil {
logging.LogWithFields("SETUP-8zfwz", "Org", iamOrg.Name).WithError(err).Error("unable to set up org users")
return err
@@ -193,12 +208,21 @@ func (setUp *initializer) orgs(ctx context.Context, orgs []types.Org) error {
func (setUp *initializer) org(ctx context.Context, org types.Org) (*org_model.Org, error) {
ctx = setSetUpContextData(ctx, "")
createOrg := &org_model.Org{
Name: org.Name,
Domain: org.Domain,
Name: org.Name,
Domains: []*org_model.OrgDomain{&org_model.OrgDomain{Domain: org.Domain}},
}
return setUp.repos.OrgEvents.CreateOrg(ctx, createOrg)
}
func (setUp *initializer) iamorgpolicy(ctx context.Context, org *org_model.Org) (*org_model.OrgIamPolicy, error) {
ctx = setSetUpContextData(ctx, org.AggregateID)
policy := &org_model.OrgIamPolicy{
ObjectRoot: models.ObjectRoot{AggregateID: org.AggregateID},
UserLoginMustBeDomain: false,
}
return setUp.repos.OrgEvents.AddOrgIamPolicy(ctx, policy)
}
func (setUp *initializer) iamOwners(ctx context.Context, owners []string) error {
logging.Log("SETUP-dtxfj").Info("setting iam owners")
for _, iamOwner := range owners {
@@ -249,9 +273,9 @@ func (setUp *initializer) setIamProject(ctx context.Context) error {
return nil
}
func (setUp *initializer) users(ctx context.Context, users []types.User) error {
func (setUp *initializer) users(ctx context.Context, users []types.User, orgPolicy *org_model.OrgIamPolicy) error {
for _, user := range users {
created, err := setUp.user(ctx, user)
created, err := setUp.user(ctx, user, orgPolicy)
if err != nil {
logging.LogWithFields("SETUP-9soer", "Email", user.Email).WithError(err).Error("unable to create iam user")
return err
@@ -261,7 +285,7 @@ func (setUp *initializer) users(ctx context.Context, users []types.User) error {
return nil
}
func (setUp *initializer) user(ctx context.Context, user types.User) (*usr_model.User, error) {
func (setUp *initializer) user(ctx context.Context, user types.User, orgPolicy *org_model.OrgIamPolicy) (*usr_model.User, error) {
createUser := &usr_model.User{
Profile: &usr_model.Profile{
UserName: user.UserName,
@@ -276,7 +300,7 @@ func (setUp *initializer) user(ctx context.Context, user types.User) (*usr_model
SecretString: user.Password,
},
}
return setUp.repos.UserEvents.CreateUser(ctx, createUser, setUp.pwComplexityPolicy)
return setUp.repos.UserEvents.CreateUser(ctx, createUser, setUp.pwComplexityPolicy, orgPolicy)
}
func (setUp *initializer) orgOwners(ctx context.Context, org *org_model.Org, owners []string) error {

7
internal/admin/repository/eventsourcing/view/org.go
View File

@@ -3,6 +3,7 @@ package view
import (
org_model "github.com/caos/zitadel/internal/org/model"
org_view "github.com/caos/zitadel/internal/org/repository/view"
"github.com/caos/zitadel/internal/org/repository/view/model"
"github.com/caos/zitadel/internal/view"
)
@@ -10,15 +11,15 @@ const (
orgTable = "admin_api.orgs"
)
func (v *View) OrgByID(orgID string) (*org_view.OrgView, error) {
func (v *View) OrgByID(orgID string) (*model.OrgView, error) {
return org_view.OrgByID(v.Db, orgTable, orgID)
}
func (v *View) SearchOrgs(query *org_model.OrgSearchRequest) ([]*org_view.OrgView, int, error) {
func (v *View) SearchOrgs(query *org_model.OrgSearchRequest) ([]*model.OrgView, int, error) {
return org_view.SearchOrgs(v.Db, orgTable, query)
}
func (v *View) PutOrg(org *org_view.OrgView) error {
func (v *View) PutOrg(org *model.OrgView) error {
err := org_view.PutOrg(v.Db, orgTable, org)
if err != nil {
return err