fix: correctly delete sessions created before 2.42 (#7050)

* fix: correctly delete sessions created before 2.42 * fix test * fix linting * fixes requested from review
2025-08-11 21:07:31 +00:00 · 2023-12-09 10:59:51 +02:00
parent aa3c352ae7
commit 831bb88ec4
4 changed files with 112 additions and 8 deletions
--- a/internal/command/session_test.go
+++ b/internal/command/session_test.go
@@ -487,11 +487,9 @@ func TestCommands_updateSession(t *testing.T) {
 			},
 			res{
 				want: &SessionChanged{
-					ObjectDetails: &domain.ObjectDetails{
-						ResourceOwner: "instance1",
-					},
-					ID:       "sessionID",
-					NewToken: "",
+					ObjectDetails: &domain.ObjectDetails{},
+					ID:            "sessionID",
+					NewToken:      "",
 				},
 			},
 		},
@@ -1251,6 +1249,52 @@ func TestCommands_TerminateSession(t *testing.T) {
 				},
 			},
 		},
+		{
+			"terminate session owned by org with permission",
+			fields{
+				eventstore: expectEventstore(
+					expectFilter(
+						eventFromEventPusher(
+							session.NewAddedEvent(context.Background(),
+								&session.NewAggregate("sessionID", "instance1").Aggregate,
+								&domain.UserAgent{
+									FingerprintID: gu.Ptr("fp1"),
+									IP:            net.ParseIP("1.2.3.4"),
+									Description:   gu.Ptr("firefox"),
+									Header:        http.Header{"foo": []string{"bar"}},
+								},
+							),
+						),
+						eventFromEventPusher(
+							session.NewUserCheckedEvent(context.Background(), &session.NewAggregate("sessionID", "org2").Aggregate,
+								"userID", "", testNow),
+						),
+						eventFromEventPusher(
+							session.NewTokenSetEvent(context.Background(), &session.NewAggregate("sessionID", "org2").Aggregate,
+								"tokenID"),
+						),
+					),
+					expectFilter(
+						user.NewHumanAddedEvent(context.Background(), &user.NewAggregate("userID", "org1").Aggregate,
+							"username", "firstname", "lastname", "nickname", "displayname", language.English, domain.GenderUnspecified, "email", false),
+					),
+					expectPush(
+						session.NewTerminateEvent(authz.NewMockContext("instance1", "org1", "admin1"), &session.NewAggregate("sessionID", "instance1").Aggregate),
+					),
+				),
+				checkPermission: newMockPermissionCheckAllowed(),
+			},
+			args{
+				ctx:          authz.NewMockContext("instance1", "org1", "admin1"),
+				sessionID:    "sessionID",
+				sessionToken: "",
+			},
+			res{
+				want: &domain.ObjectDetails{
+					ResourceOwner: "instance1",
+				},
+			},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {