TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove resourceowner read from context in user v2 api (#7641)

Browse Source 
* fix: remove resourceowner read from context in user v2 api

* fix: lint

* fix: remove orgID in addIDPLink

* fix: remove comment as unnecessary

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
This commit is contained in:
Stefan Benz
2024-03-27 19:22:17 +01:00
committed by GitHub
parent 1e53aab4b4
commit 84644214d7
7 changed files with 27 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/command/user_idp_link.go
View File

@@ -15,15 +15,21 @@ func (c *Commands) AddUserIDPLink(ctx context.Context, userID, resourceOwner str
if userID == "" {
return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-03j8f", "Errors.IDMissing")
}
if err := c.checkUserExists(ctx, userID, resourceOwner); err != nil {
existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner)
if err != nil {
return nil, err
}
if !isUserStateExists(existingUser.UserState) {
return nil, zerrors.ThrowPreconditionFailed(nil, "COMMAND-vzktar7b7f", "Errors.User.NotFound")
}
if userID != authz.GetCtxData(ctx).UserID {
if err := c.checkPermission(ctx, domain.PermissionUserWrite, resourceOwner, userID); err != nil {
if err := c.checkPermission(ctx, domain.PermissionUserWrite, existingUser.ResourceOwner, existingUser.AggregateID); err != nil {
return nil, err
}
}
event, err := addLink(ctx, c.eventstore.Filter, user.NewAggregate(userID, resourceOwner), link)
//nolint:staticcheck
event, err := addLink(ctx, c.eventstore.Filter, user.NewAggregate(existingUser.AggregateID, existingUser.ResourceOwner), link)
if err != nil {
return nil, err
}