feat: multiple domains (#188)

* check uniqueness on create and register user

* change user email, reserve release unique email

* usergrant unique aggregate

* usergrant uniqueness

* validate UserGrant

* fix tests

* domain is set on username in all orgs

* domain in admin

* org domain sql

* zitadel domain org name

* org domains

* org iam policy

* default org iam policy

* SETUP

* load login names

* login by login name

* login name

* fix: merge master

* fix: merge master

* Update internal/user/repository/eventsourcing/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: fix unique domains

* fix: rename env variable

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>

internal/org/model/domain.go

@@ -0,0 +1,18 @@
+package model
+
+import es_models "github.com/caos/zitadel/internal/eventstore/models"
+
+type OrgDomain struct {
+	es_models.ObjectRoot
+	Domain   string
+	Primary  bool
+	Verified bool
+}
+
+func NewOrgDomain(orgID, domain string) *OrgDomain {
+	return &OrgDomain{ObjectRoot: es_models.ObjectRoot{AggregateID: orgID}, Domain: domain}
+}
+
+func (domain *OrgDomain) IsValid() bool {
+	return domain.AggregateID != "" && domain.Domain != ""
+}

internal/org/model/domain_view.go

@@ -0,0 +1,52 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/model"
+	"time"
+)
+
+type OrgDomainView struct {
+	OrgID        string
+	CreationDate time.Time
+	ChangeDate   time.Time
+	Domain       string
+	Primary      bool
+	Verified     bool
+}
+
+type OrgDomainSearchRequest struct {
+	Offset        uint64
+	Limit         uint64
+	SortingColumn OrgDomainSearchKey
+	Asc           bool
+	Queries       []*OrgDomainSearchQuery
+}
+
+type OrgDomainSearchKey int32
+
+const (
+	ORGDOMAINSEARCHKEY_UNSPECIFIED OrgDomainSearchKey = iota
+	ORGDOMAINSEARCHKEY_DOMAIN
+	ORGDOMAINSEARCHKEY_ORG_ID
+	ORGDOMAINSEARCHKEY_VERIFIED
+	ORGDOMAINSEARCHKEY_PRIMARY
+)
+
+type OrgDomainSearchQuery struct {
+	Key    OrgDomainSearchKey
+	Method model.SearchMethod
+	Value  interface{}
+}
+
+type OrgDomainSearchResponse struct {
+	Offset      uint64
+	Limit       uint64
+	TotalResult uint64
+	Result      []*OrgDomainView
+}
+
+func (r *OrgDomainSearchRequest) EnsureLimit(limit uint64) {
+	if r.Limit == 0 || r.Limit > limit {
+		r.Limit = limit
+	}
+}

internal/org/model/org.go

@@ -2,17 +2,19 @@ package model
 
 import (
 	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"strings"
 	"github.com/golang/protobuf/ptypes/timestamp"
 )
 
 type Org struct {
 	es_models.ObjectRoot
 
-	State  OrgState
-	Name   string
-	Domain string
+	State   OrgState
+	Name    string
+	Domains []*OrgDomain
 
-	Members []*OrgMember
+	Members      []*OrgMember
+	OrgIamPolicy *OrgIamPolicy
 }
 type OrgChanges struct {
 	Changes      []*OrgChange
@@ -43,7 +45,16 @@ func (o *Org) IsActive() bool {
 }
 
 func (o *Org) IsValid() bool {
-	return o.Name != "" && o.Domain != ""
+	return o.Name != ""
+}
+
+func (o *Org) ContainsDomain(domain *OrgDomain) bool {
+	for _, d := range o.Domains {
+		if d.Domain == domain.Domain {
+			return true
+		}
+	}
+	return false
 }
 
 func (o *Org) ContainsMember(userID string) bool {
@@ -54,3 +65,11 @@ func (o *Org) ContainsMember(userID string) bool {
 	}
 	return false
 }
+
+func (o *Org) nameForDomain(iamDomain string) string {
+	return strings.ToLower(strings.ReplaceAll(o.Name, " ", "-") + "." + iamDomain)
+}
+
+func (o *Org) AddIAMDomain(iamDomain string) {
+	o.Domains = append(o.Domains, &OrgDomain{Domain: o.nameForDomain(iamDomain), Verified: true, Primary: true})
+}

internal/org/model/org_iam_policy.go

@@ -0,0 +1,21 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/eventstore/models"
+)
+
+type OrgIamPolicy struct {
+	models.ObjectRoot
+
+	Description           string
+	State                 PolicyState
+	UserLoginMustBeDomain bool
+	Default               bool
+}
+
+type PolicyState int32
+
+const (
+	POLICYSTATE_ACTIVE PolicyState = iota
+	POLICYSTATE_REMOVED
+)

internal/org/model/org_member_view.go

@@ -42,7 +42,7 @@ const (
 type OrgMemberSearchQuery struct {
 	Key    OrgMemberSearchKey
 	Method model.SearchMethod
-	Value  string
+	Value  interface{}
 }
 
 type OrgMemberSearchResponse struct {

internal/org/model/org_view.go

@@ -15,8 +15,7 @@ type OrgView struct {
 	ResourceOwner string
 	Sequence      uint64
 
-	Name   string
-	Domain string
+	Name string
 }
 
 type OrgSearchRequest struct {
@@ -41,7 +40,7 @@ const (
 type OrgSearchQuery struct {
 	Key    OrgSearchKey
 	Method model.SearchMethod
-	Value  string
+	Value  interface{}
 }
 
 type OrgSearchResult struct {
@@ -66,8 +65,7 @@ func OrgViewToOrg(o *OrgView) *Org {
 			ResourceOwner: o.ResourceOwner,
 			Sequence:      o.Sequence,
 		},
-		Domain: o.Domain,
-		Name:   o.Name,
-		State:  o.State,
+		Name:  o.Name,
+		State: o.State,
 	}
 }