feat: multiple domains (#188)

* check uniqueness on create and register user * change user email, reserve release unique email * usergrant unique aggregate * usergrant uniqueness * validate UserGrant * fix tests * domain is set on username in all orgs * domain in admin * org domain sql * zitadel domain org name * org domains * org iam policy * default org iam policy * SETUP * load login names * login by login name * login name * fix: merge master * fix: merge master * Update internal/user/repository/eventsourcing/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: fix unique domains * fix: rename env variable Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-08-12 08:07:32 +00:00 · 2020-06-16 11:40:18 +02:00
parent 64b14b4e19
commit 7a6ca24625
109 changed files with 12578 additions and 6025 deletions
--- a/internal/user/repository/view/model/user.go
+++ b/internal/user/repository/view/model/user.go
@@ -2,6 +2,7 @@ package model

 import (
 	"encoding/json"
+	"github.com/lib/pq"
 	"time"

 	"github.com/caos/logging"
@@ -23,39 +24,41 @@ const (
 	UserKeyEmail         = "email"
 	UserKeyState         = "user_state"
 	UserKeyResourceOwner = "resource_owner"
+	UserKeyLoginNames    = "login_names"
 )

 type UserView struct {
-	ID                     string    `json:"-" gorm:"column:id;primary_key"`
-	CreationDate           time.Time `json:"-" gorm:"column:creation_date"`
-	ChangeDate             time.Time `json:"-" gorm:"column:change_date"`
-	ResourceOwner          string    `json:"-" gorm:"column:resource_owner"`
-	State                  int32     `json:"-" gorm:"column:user_state"`
-	PasswordSet            bool      `json:"-" gorm:"column:password_set"`
-	PasswordChangeRequired bool      `json:"-" gorm:"column:password_change_required"`
-	PasswordChanged        time.Time `json:"-" gorm:"column:password_change"`
-	LastLogin              time.Time `json:"-" gorm:"column:last_login"`
-	UserName               string    `json:"userName" gorm:"column:user_name"`
-	FirstName              string    `json:"firstName" gorm:"column:first_name"`
-	LastName               string    `json:"lastName" gorm:"column:last_name"`
-	NickName               string    `json:"nickName" gorm:"column:nick_name"`
-	DisplayName            string    `json:"displayName" gorm:"column:display_name"`
-	PreferredLanguage      string    `json:"preferredLanguage" gorm:"column:preferred_language"`
-	Gender                 int32     `json:"gender" gorm:"column:gender"`
-	Email                  string    `json:"email" gorm:"column:email"`
-	IsEmailVerified        bool      `json:"-" gorm:"column:is_email_verified"`
-	Phone                  string    `json:"phone" gorm:"column:phone"`
-	IsPhoneVerified        bool      `json:"-" gorm:"column:is_phone_verified"`
-	Country                string    `json:"country" gorm:"column:country"`
-	Locality               string    `json:"locality" gorm:"column:locality"`
-	PostalCode             string    `json:"postalCode" gorm:"column:postal_code"`
-	Region                 string    `json:"region" gorm:"column:region"`
-	StreetAddress          string    `json:"streetAddress" gorm:"column:street_address"`
-	OTPState               int32     `json:"-" gorm:"column:otp_state"`
-	MfaMaxSetUp            int32     `json:"-" gorm:"column:mfa_max_set_up"`
-	MfaInitSkipped         time.Time `json:"-" gorm:"column:mfa_init_skipped"`
-	InitRequired           bool      `json:"-" gorm:"column:init_required"`
-	Sequence               uint64    `json:"-" gorm:"column:sequence"`
+	ID                     string         `json:"-" gorm:"column:id;primary_key"`
+	CreationDate           time.Time      `json:"-" gorm:"column:creation_date"`
+	ChangeDate             time.Time      `json:"-" gorm:"column:change_date"`
+	ResourceOwner          string         `json:"-" gorm:"column:resource_owner"`
+	State                  int32          `json:"-" gorm:"column:user_state"`
+	PasswordSet            bool           `json:"-" gorm:"column:password_set"`
+	PasswordChangeRequired bool           `json:"-" gorm:"column:password_change_required"`
+	PasswordChanged        time.Time      `json:"-" gorm:"column:password_change"`
+	LastLogin              time.Time      `json:"-" gorm:"column:last_login"`
+	UserName               string         `json:"userName" gorm:"column:user_name"`
+	LoginNames             pq.StringArray `json:"-" gorm:"column:login_names"`
+	FirstName              string         `json:"firstName" gorm:"column:first_name"`
+	LastName               string         `json:"lastName" gorm:"column:last_name"`
+	NickName               string         `json:"nickName" gorm:"column:nick_name"`
+	DisplayName            string         `json:"displayName" gorm:"column:display_name"`
+	PreferredLanguage      string         `json:"preferredLanguage" gorm:"column:preferred_language"`
+	Gender                 int32          `json:"gender" gorm:"column:gender"`
+	Email                  string         `json:"email" gorm:"column:email"`
+	IsEmailVerified        bool           `json:"-" gorm:"column:is_email_verified"`
+	Phone                  string         `json:"phone" gorm:"column:phone"`
+	IsPhoneVerified        bool           `json:"-" gorm:"column:is_phone_verified"`
+	Country                string         `json:"country" gorm:"column:country"`
+	Locality               string         `json:"locality" gorm:"column:locality"`
+	PostalCode             string         `json:"postalCode" gorm:"column:postal_code"`
+	Region                 string         `json:"region" gorm:"column:region"`
+	StreetAddress          string         `json:"streetAddress" gorm:"column:street_address"`
+	OTPState               int32          `json:"-" gorm:"column:otp_state"`
+	MfaMaxSetUp            int32          `json:"-" gorm:"column:mfa_max_set_up"`
+	MfaInitSkipped         time.Time      `json:"-" gorm:"column:mfa_init_skipped"`
+	InitRequired           bool           `json:"-" gorm:"column:init_required"`
+	Sequence               uint64         `json:"-" gorm:"column:sequence"`
 }

 func UserFromModel(user *model.UserView) *UserView {
@@ -70,6 +73,7 @@ func UserFromModel(user *model.UserView) *UserView {
 		PasswordChanged:        user.PasswordChanged,
 		LastLogin:              user.LastLogin,
 		UserName:               user.UserName,
+		LoginNames:             user.LoginNames,
 		FirstName:              user.FirstName,
 		LastName:               user.LastName,
 		NickName:               user.NickName,
--- a/internal/user/repository/view/model/user_query.go
+++ b/internal/user/repository/view/model/user_query.go
@@ -69,6 +69,8 @@ func (key UserSearchKey) ToColumnName() string {
 		return UserKeyState
 	case usr_model.USERSEARCHKEY_RESOURCEOWNER:
 		return UserKeyResourceOwner
+	case usr_model.USERSEARCHKEY_LOGIN_NAMES:
+		return UserKeyLoginNames
 	default:
 		return ""
 	}
--- a/internal/user/repository/view/user_view.go
+++ b/internal/user/repository/view/user_view.go
@@ -2,10 +2,12 @@ package view

 import (
 	caos_errs "github.com/caos/zitadel/internal/errors"
+	global_model "github.com/caos/zitadel/internal/model"
 	usr_model "github.com/caos/zitadel/internal/user/model"
 	"github.com/caos/zitadel/internal/user/repository/view/model"
 	"github.com/caos/zitadel/internal/view"
 	"github.com/jinzhu/gorm"
+	"github.com/lib/pq"
 )

 func UserByID(db *gorm.DB, table, userID string) (*model.UserView, error) {
@@ -28,6 +30,32 @@ func UserByUserName(db *gorm.DB, table, userName string) (*model.UserView, error
 	return user, err
 }

+func UserByLoginName(db *gorm.DB, table, loginName string) (*model.UserView, error) {
+	user := new(model.UserView)
+	loginNameQuery := &model.UserSearchQuery{
+		Key:    usr_model.USERSEARCHKEY_LOGIN_NAMES,
+		Method: global_model.SEARCHMETHOD_EQUALS_IN_ARRAY,
+		Value:  pq.Array([]string{loginName}),
+	}
+	query := view.PrepareGetByQuery(table, loginNameQuery)
+	err := query(db, user)
+	return user, err
+}
+
+func UsersByOrgID(db *gorm.DB, table, orgID string) ([]*model.UserView, error) {
+	users := make([]*model.UserView, 0)
+	orgIDQuery := &usr_model.UserSearchQuery{
+		Key:    usr_model.USERSEARCHKEY_RESOURCEOWNER,
+		Method: global_model.SEARCHMETHOD_EQUALS,
+		Value:  orgID,
+	}
+	query := view.PrepareSearchQuery(table, model.UserSearchRequest{
+		Queries: []*usr_model.UserSearchQuery{orgIDQuery},
+	})
+	_, err := query(db, &users)
+	return users, err
+}
+
 func SearchUsers(db *gorm.DB, table string, req *usr_model.UserSearchRequest) ([]*model.UserView, int, error) {
 	users := make([]*model.UserView, 0)
 	query := view.PrepareSearchQuery(table, model.UserSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})