feat: setup and iam commands (#99)

* start org

* refactor(eventstore): filter in sql for querier

* feat(eventstore): Aggregate precondition

preconditions are checked right before insert. Insert is still transaction save

* feat(eventstore): check preconditions in repository

* test(eventstore): test precondition in models

* test(eventstore): precondition-tests

* start org

* refactor(eventstore): filter in sql for querier

* feat(eventstore): Aggregate precondition

preconditions are checked right before insert. Insert is still transaction save

* feat(admin): start implement org

* feat(eventstore): check preconditions in repository

* fix(eventstore): data as NULL if empty
refactor(eventstore): naming in sequence methods

* feat(admin): org command side

* feat(management): start org-repo

* feat(org): member

* fix: replace ObjectRoot.ID with ObjectRoot.AggregateID

* aggregateID

* add remove,change member

* refactor(org): namings

* refactor(eventstore): querier as type

* fix(precondition): rename validation from precondition to validation

* test(eventstore): isErr func instead of wantErr bool

* fix(tests): Data

* fix(eventstore): correct check for existing events in push,
simplify insert statement

* fix(eventstore): aggregate id public

* test(org): eventsourcing

* test(org): eventstore

* test(org): deactivate, reactivate, orgbyid

* test(org): getMemberByIDs

* tests

* running tests

* add config

* add user repo to admin

* thorw not found if no org found

* iam setup

* eventstore tests done

* setup iam

* lauft

* iam eventstore

* validate if user is already member of org

* modules

* delete unused file

* iam member

* add member validation test

* iam member

* return error if unable to validat member

* generate org id once,
set resourceowner of org

* start iam repo

* set resourceowner on unique aggregates

* setup user const

* better code

* generate files

* fix tests

* Update internal/admin/repository/eventsourcing/repository.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* set ctx data

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>

internal/iam/repository/eventsourcing/model/iam.go

@@ -0,0 +1,86 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/iam/model"
+)
+
+const (
+	IamVersion = "v1"
+)
+
+type Iam struct {
+	es_models.ObjectRoot
+	SetUpStarted bool         `json:"-"`
+	SetUpDone    bool         `json:"-"`
+	GlobalOrgID  string       `json:"globalOrgId,omitempty"`
+	IamProjectID string       `json:"iamProjectId,omitempty"`
+	Members      []*IamMember `json:"-"`
+}
+
+func IamFromModel(iam *model.Iam) *Iam {
+	members := IamMembersFromModel(iam.Members)
+	converted := &Iam{
+		ObjectRoot:   iam.ObjectRoot,
+		SetUpStarted: iam.SetUpStarted,
+		SetUpDone:    iam.SetUpDone,
+		GlobalOrgID:  iam.GlobalOrgID,
+		IamProjectID: iam.IamProjectID,
+		Members:      members,
+	}
+	return converted
+}
+
+func IamToModel(iam *Iam) *model.Iam {
+	members := IamMembersToModel(iam.Members)
+	converted := &model.Iam{
+		ObjectRoot:   iam.ObjectRoot,
+		SetUpStarted: iam.SetUpStarted,
+		SetUpDone:    iam.SetUpDone,
+		GlobalOrgID:  iam.GlobalOrgID,
+		IamProjectID: iam.IamProjectID,
+		Members:      members,
+	}
+	return converted
+}
+
+func (i *Iam) AppendEvents(events ...*es_models.Event) error {
+	for _, event := range events {
+		if err := i.AppendEvent(event); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (i *Iam) AppendEvent(event *es_models.Event) (err error) {
+	i.ObjectRoot.AppendEvent(event)
+	switch event.Type {
+	case IamSetupStarted:
+		i.SetUpStarted = true
+	case IamSetupDone:
+		i.SetUpDone = true
+	case IamProjectSet,
+		GlobalOrgSet:
+		err = i.setData(event)
+	case IamMemberAdded:
+		err = i.appendAddMemberEvent(event)
+	case IamMemberChanged:
+		err = i.appendChangeMemberEvent(event)
+	case IamMemberRemoved:
+		err = i.appendRemoveMemberEvent(event)
+	}
+	return err
+}
+
+func (i *Iam) setData(event *es_models.Event) error {
+	i.ObjectRoot.AppendEvent(event)
+	if err := json.Unmarshal(event.Data, i); err != nil {
+		logging.Log("EVEN-9sie4").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-slwi3", "could not unmarshal event")
+	}
+	return nil
+}

internal/iam/repository/eventsourcing/model/iam_member.go

@@ -0,0 +1,101 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/iam/model"
+)
+
+type IamMember struct {
+	es_models.ObjectRoot
+	UserID string   `json:"userId,omitempty"`
+	Roles  []string `json:"roles,omitempty"`
+}
+
+func GetIamMember(members []*IamMember, id string) (int, *IamMember) {
+	for i, m := range members {
+		if m.UserID == id {
+			return i, m
+		}
+	}
+	return -1, nil
+}
+
+func IamMembersToModel(members []*IamMember) []*model.IamMember {
+	convertedMembers := make([]*model.IamMember, len(members))
+	for i, m := range members {
+		convertedMembers[i] = IamMemberToModel(m)
+	}
+	return convertedMembers
+}
+
+func IamMembersFromModel(members []*model.IamMember) []*IamMember {
+	convertedMembers := make([]*IamMember, len(members))
+	for i, m := range members {
+		convertedMembers[i] = IamMemberFromModel(m)
+	}
+	return convertedMembers
+}
+
+func IamMemberFromModel(member *model.IamMember) *IamMember {
+	return &IamMember{
+		ObjectRoot: member.ObjectRoot,
+		UserID:     member.UserID,
+		Roles:      member.Roles,
+	}
+}
+
+func IamMemberToModel(member *IamMember) *model.IamMember {
+	return &model.IamMember{
+		ObjectRoot: member.ObjectRoot,
+		UserID:     member.UserID,
+		Roles:      member.Roles,
+	}
+}
+
+func (iam *Iam) appendAddMemberEvent(event *es_models.Event) error {
+	member := &IamMember{}
+	err := member.setData(event)
+	if err != nil {
+		return err
+	}
+	member.ObjectRoot.CreationDate = event.CreationDate
+	iam.Members = append(iam.Members, member)
+	return nil
+}
+
+func (iam *Iam) appendChangeMemberEvent(event *es_models.Event) error {
+	member := &IamMember{}
+	err := member.setData(event)
+	if err != nil {
+		return err
+	}
+	if i, m := GetIamMember(iam.Members, member.UserID); m != nil {
+		iam.Members[i] = member
+	}
+	return nil
+}
+
+func (iam *Iam) appendRemoveMemberEvent(event *es_models.Event) error {
+	member := &IamMember{}
+	err := member.setData(event)
+	if err != nil {
+		return err
+	}
+	if i, m := GetIamMember(iam.Members, member.UserID); m != nil {
+		iam.Members[i] = iam.Members[len(iam.Members)-1]
+		iam.Members[len(iam.Members)-1] = nil
+		iam.Members = iam.Members[:len(iam.Members)-1]
+	}
+	return nil
+}
+
+func (m *IamMember) setData(event *es_models.Event) error {
+	m.ObjectRoot.AppendEvent(event)
+	if err := json.Unmarshal(event.Data, m); err != nil {
+		logging.Log("EVEN-e4dkp").WithError(err).Error("could not unmarshal event data")
+		return err
+	}
+	return nil
+}

internal/iam/repository/eventsourcing/model/iam_member_test.go

@@ -0,0 +1,118 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"testing"
+)
+
+func TestAppendAddMemberEvent(t *testing.T) {
+	type args struct {
+		iam    *Iam
+		member *IamMember
+		event  *es_models.Event
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *Iam
+	}{
+		{
+			name: "append add member event",
+			args: args{
+				iam:    &Iam{},
+				member: &IamMember{UserID: "UserID", Roles: []string{"Role"}},
+				event:  &es_models.Event{},
+			},
+			result: &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"Role"}}}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if tt.args.member != nil {
+				data, _ := json.Marshal(tt.args.member)
+				tt.args.event.Data = data
+			}
+			tt.args.iam.appendAddMemberEvent(tt.args.event)
+			if len(tt.args.iam.Members) != 1 {
+				t.Errorf("got wrong result should have one member actual: %v ", len(tt.args.iam.Members))
+			}
+			if tt.args.iam.Members[0] == tt.result.Members[0] {
+				t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.Members[0], tt.args.iam.Members[0])
+			}
+		})
+	}
+}
+
+func TestAppendChangeMemberEvent(t *testing.T) {
+	type args struct {
+		iam    *Iam
+		member *IamMember
+		event  *es_models.Event
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *Iam
+	}{
+		{
+			name: "append change member event",
+			args: args{
+				iam:    &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"Role"}}}},
+				member: &IamMember{UserID: "UserID", Roles: []string{"ChangedRole"}},
+				event:  &es_models.Event{},
+			},
+			result: &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"ChangedRole"}}}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if tt.args.member != nil {
+				data, _ := json.Marshal(tt.args.member)
+				tt.args.event.Data = data
+			}
+			tt.args.iam.appendChangeMemberEvent(tt.args.event)
+			if len(tt.args.iam.Members) != 1 {
+				t.Errorf("got wrong result should have one member actual: %v ", len(tt.args.iam.Members))
+			}
+			if tt.args.iam.Members[0] == tt.result.Members[0] {
+				t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.Members[0], tt.args.iam.Members[0])
+			}
+		})
+	}
+}
+
+func TestAppendRemoveMemberEvent(t *testing.T) {
+	type args struct {
+		iam    *Iam
+		member *IamMember
+		event  *es_models.Event
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *Iam
+	}{
+		{
+			name: "append remove member event",
+			args: args{
+				iam:    &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"Role"}}}},
+				member: &IamMember{UserID: "UserID"},
+				event:  &es_models.Event{},
+			},
+			result: &Iam{Members: []*IamMember{}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if tt.args.member != nil {
+				data, _ := json.Marshal(tt.args.member)
+				tt.args.event.Data = data
+			}
+			tt.args.iam.appendRemoveMemberEvent(tt.args.event)
+			if len(tt.args.iam.Members) != 0 {
+				t.Errorf("got wrong result should have no member actual: %v ", len(tt.args.iam.Members))
+			}
+		})
+	}
+}

internal/iam/repository/eventsourcing/model/iam_test.go

@@ -0,0 +1,74 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"testing"
+)
+
+func mockIamData(iam *Iam) []byte {
+	data, _ := json.Marshal(iam)
+	return data
+}
+
+func TestProjectRoleAppendEvent(t *testing.T) {
+	type args struct {
+		event *es_models.Event
+		iam   *Iam
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *Iam
+	}{
+		{
+			name: "append set up start event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IamSetupStarted, ResourceOwner: "OrgID"},
+				iam:   &Iam{},
+			},
+			result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
+		},
+		{
+			name: "append set up done event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IamSetupDone, ResourceOwner: "OrgID"},
+				iam:   &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
+			},
+			result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, SetUpDone: true},
+		},
+		{
+			name: "append globalorg event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: GlobalOrgSet, ResourceOwner: "OrgID", Data: mockIamData(&Iam{GlobalOrgID: "GlobalOrg"})},
+				iam:   &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
+			},
+			result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, GlobalOrgID: "GlobalOrg"},
+		},
+		{
+			name: "append iamproject event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IamProjectSet, ResourceOwner: "OrgID", Data: mockIamData(&Iam{IamProjectID: "IamProject"})},
+				iam:   &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
+			},
+			result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, IamProjectID: "IamProject"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.iam.AppendEvent(tt.args.event)
+			if tt.args.iam.AggregateID != tt.result.AggregateID {
+				t.Errorf("got wrong result AggregateID: expected: %v, actual: %v ", tt.result.AggregateID, tt.args.iam.AggregateID)
+			}
+			if tt.args.iam.SetUpDone != tt.result.SetUpDone {
+				t.Errorf("got wrong result SetUpDone: expected: %v, actual: %v ", tt.result.SetUpDone, tt.args.iam.SetUpDone)
+			}
+			if tt.args.iam.GlobalOrgID != tt.result.GlobalOrgID {
+				t.Errorf("got wrong result GlobalOrgID: expected: %v, actual: %v ", tt.result.GlobalOrgID, tt.args.iam.GlobalOrgID)
+			}
+			if tt.args.iam.IamProjectID != tt.result.IamProjectID {
+				t.Errorf("got wrong result IamProjectID: expected: %v, actual: %v ", tt.result.IamProjectID, tt.args.iam.IamProjectID)
+			}
+		})
+	}
+}

internal/iam/repository/eventsourcing/model/types.go

@@ -0,0 +1,15 @@
+package model
+
+import "github.com/caos/zitadel/internal/eventstore/models"
+
+const (
+	IamAggregate models.AggregateType = "iam"
+
+	IamSetupStarted  models.EventType = "iam.setup.started"
+	IamSetupDone     models.EventType = "iam.setup.done"
+	GlobalOrgSet     models.EventType = "iam.global.org.set"
+	IamProjectSet    models.EventType = "iam.project.iam.set"
+	IamMemberAdded   models.EventType = "iam.member.added"
+	IamMemberChanged models.EventType = "iam.member.changed"
+	IamMemberRemoved models.EventType = "iam.member.removed"
+)