mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-11 21:27:42 +00:00
fix: change to repository event types and removed unused code (#3386)
* fix: change to repository event types and removed unused code * some fixes * remove unused code
This commit is contained in:
Livio Amstutz
@@ -8,12 +8,12 @@ import (
|
||||
|
||||
"github.com/caos/zitadel/internal/api/authz"
|
||||
"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
|
||||
"github.com/caos/zitadel/internal/auth_request/model"
|
||||
cache "github.com/caos/zitadel/internal/auth_request/repository"
|
||||
"github.com/caos/zitadel/internal/command"
|
||||
"github.com/caos/zitadel/internal/crypto"
|
||||
"github.com/caos/zitadel/internal/domain"
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
@@ -21,9 +21,9 @@ import (
|
||||
"github.com/caos/zitadel/internal/id"
|
||||
project_view_model "github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/query"
|
||||
user_repo "github.com/caos/zitadel/internal/repository/user"
|
||||
"github.com/caos/zitadel/internal/telemetry/tracing"
|
||||
user_model "github.com/caos/zitadel/internal/user/model"
|
||||
es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
user_view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
@@ -842,7 +842,7 @@ func (repo *AuthRequestRepo) usersForUserSelection(request *domain.AuthRequest)
|
||||
LoginName: session.LoginName,
|
||||
ResourceOwner: session.ResourceOwner,
|
||||
AvatarKey: session.AvatarKey,
|
||||
UserSessionState: model.UserSessionStateToDomain(session.State),
|
||||
UserSessionState: session.State,
|
||||
SelectionPossible: request.RequestedOrgID == "" || request.RequestedOrgID == session.ResourceOwner,
|
||||
})
|
||||
}
|
||||
@@ -888,7 +888,7 @@ func (repo *AuthRequestRepo) firstFactorChecked(request *domain.AuthRequest, use
|
||||
func (repo *AuthRequestRepo) mfaChecked(userSession *user_model.UserSessionView, request *domain.AuthRequest, user *user_model.UserView) (domain.NextStep, bool, error) {
|
||||
mfaLevel := request.MFALevel()
|
||||
allowedProviders, required := user.MFATypesAllowed(mfaLevel, request.LoginPolicy)
|
||||
promptRequired := (model.MFALevelToDomain(user.MFAMaxSetUp) < mfaLevel) || (len(allowedProviders) == 0 && required)
|
||||
promptRequired := (user.MFAMaxSetUp < mfaLevel) || (len(allowedProviders) == 0 && required)
|
||||
if promptRequired || !repo.mfaSkippedOrSetUp(user, request) {
|
||||
types := user.MFATypesSetupPossible(mfaLevel, request.LoginPolicy)
|
||||
if promptRequired && len(types) == 0 {
|
||||
@@ -912,14 +912,14 @@ func (repo *AuthRequestRepo) mfaChecked(userSession *user_model.UserSessionView,
|
||||
fallthrough
|
||||
case domain.MFALevelSecondFactor:
|
||||
if checkVerificationTimeMaxAge(userSession.SecondFactorVerification, request.LoginPolicy.SecondFactorCheckLifetime, request) {
|
||||
request.MFAsVerified = append(request.MFAsVerified, model.MFATypeToDomain(userSession.SecondFactorVerificationType))
|
||||
request.MFAsVerified = append(request.MFAsVerified, userSession.SecondFactorVerificationType)
|
||||
request.AuthTime = userSession.SecondFactorVerification
|
||||
return nil, true, nil
|
||||
}
|
||||
fallthrough
|
||||
case domain.MFALevelMultiFactor:
|
||||
if checkVerificationTimeMaxAge(userSession.MultiFactorVerification, request.LoginPolicy.MultiFactorCheckLifetime, request) {
|
||||
request.MFAsVerified = append(request.MFAsVerified, model.MFATypeToDomain(userSession.MultiFactorVerificationType))
|
||||
request.MFAsVerified = append(request.MFAsVerified, userSession.MultiFactorVerificationType)
|
||||
request.AuthTime = userSession.MultiFactorVerification
|
||||
return nil, true, nil
|
||||
}
|
||||
@@ -930,7 +930,7 @@ func (repo *AuthRequestRepo) mfaChecked(userSession *user_model.UserSessionView,
|
||||
}
|
||||
|
||||
func (repo *AuthRequestRepo) mfaSkippedOrSetUp(user *user_model.UserView, request *domain.AuthRequest) bool {
|
||||
if user.MFAMaxSetUp > model.MFALevelNotSetUp {
|
||||
if user.MFAMaxSetUp > domain.MFALevelNotSetUp {
|
||||
return true
|
||||
}
|
||||
return checkVerificationTime(user.MFAInitSkipped, request.LoginPolicy.MFAInitSkipLifetime)
|
||||
@@ -1094,24 +1094,24 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
|
||||
}
|
||||
sessionCopy := *session
|
||||
for _, event := range events {
|
||||
switch event.Type {
|
||||
case es_model.UserPasswordCheckSucceeded,
|
||||
es_model.UserPasswordCheckFailed,
|
||||
es_model.MFAOTPCheckSucceeded,
|
||||
es_model.MFAOTPCheckFailed,
|
||||
es_model.SignedOut,
|
||||
es_model.UserLocked,
|
||||
es_model.UserDeactivated,
|
||||
es_model.HumanPasswordCheckSucceeded,
|
||||
es_model.HumanPasswordCheckFailed,
|
||||
es_model.HumanExternalLoginCheckSucceeded,
|
||||
es_model.HumanMFAOTPCheckSucceeded,
|
||||
es_model.HumanMFAOTPCheckFailed,
|
||||
es_model.HumanSignedOut,
|
||||
es_model.HumanPasswordlessTokenCheckSucceeded,
|
||||
es_model.HumanPasswordlessTokenCheckFailed,
|
||||
es_model.HumanMFAU2FTokenCheckSucceeded,
|
||||
es_model.HumanMFAU2FTokenCheckFailed:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case user_repo.UserV1PasswordCheckSucceededType,
|
||||
user_repo.UserV1PasswordCheckFailedType,
|
||||
user_repo.UserV1MFAOTPCheckSucceededType,
|
||||
user_repo.UserV1MFAOTPCheckFailedType,
|
||||
user_repo.UserV1SignedOutType,
|
||||
user_repo.UserLockedType,
|
||||
user_repo.UserDeactivatedType,
|
||||
user_repo.HumanPasswordCheckSucceededType,
|
||||
user_repo.HumanPasswordCheckFailedType,
|
||||
user_repo.UserIDPLoginCheckSucceededType,
|
||||
user_repo.HumanMFAOTPCheckSucceededType,
|
||||
user_repo.HumanMFAOTPCheckFailedType,
|
||||
user_repo.HumanSignedOutType,
|
||||
user_repo.HumanPasswordlessTokenCheckSucceededType,
|
||||
user_repo.HumanPasswordlessTokenCheckFailedType,
|
||||
user_repo.HumanU2FTokenCheckSucceededType,
|
||||
user_repo.HumanU2FTokenCheckFailedType:
|
||||
eventData, err := user_view_model.UserSessionFromEvent(event)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-sdgT3").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error getting event data")
|
||||
@@ -1120,7 +1120,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
|
||||
if eventData.UserAgentID != agentID {
|
||||
continue
|
||||
}
|
||||
case es_model.UserRemoved:
|
||||
case user_repo.UserRemovedType:
|
||||
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-dG2fe", "Errors.User.NotActive")
|
||||
}
|
||||
err := sessionCopy.AppendEvent(event)
|
||||
|
||||
@@ -9,7 +9,6 @@ import (
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
|
||||
"github.com/caos/zitadel/internal/auth_request/model"
|
||||
"github.com/caos/zitadel/internal/auth_request/repository/cache"
|
||||
"github.com/caos/zitadel/internal/crypto"
|
||||
"github.com/caos/zitadel/internal/domain"
|
||||
@@ -17,6 +16,7 @@ import (
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
proj_view_model "github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/query"
|
||||
user_repo "github.com/caos/zitadel/internal/repository/user"
|
||||
user_model "github.com/caos/zitadel/internal/user/model"
|
||||
user_es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
user_view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
@@ -431,8 +431,8 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{},
|
||||
userEventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.UserDeactivated,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserDeactivatedType),
|
||||
},
|
||||
},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -453,8 +453,8 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{},
|
||||
userEventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.UserLocked,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserLockedType),
|
||||
},
|
||||
},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -643,7 +643,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
PasswordlessTokens: user_view_model.WebAuthNTokens{&user_view_model.WebAuthNView{ID: "id", State: int32(user_model.MFAStateReady)}},
|
||||
PasswordChangeRequired: false,
|
||||
IsEmailVerified: false,
|
||||
MFAMaxSetUp: int32(model.MFALevelMultiFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelMultiFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
lockoutPolicyProvider: &mockLockoutPolicy{
|
||||
@@ -691,7 +691,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
},
|
||||
userViewProvider: &mockViewUser{
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
lockoutPolicyProvider: &mockLockoutPolicy{
|
||||
@@ -724,7 +724,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
},
|
||||
userViewProvider: &mockViewUser{
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -785,7 +785,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -821,7 +821,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
PasswordSet: true,
|
||||
PasswordlessTokens: user_view_model.WebAuthNTokens{&user_view_model.WebAuthNView{ID: "id", State: int32(user_model.MFAStateReady)}},
|
||||
OTPState: int32(user_model.MFAStateReady),
|
||||
MFAMaxSetUp: int32(model.MFALevelMultiFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelMultiFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -854,7 +854,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
OTPState: int32(user_model.MFAStateReady),
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -888,7 +888,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
OTPState: int32(user_model.MFAStateReady),
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -925,7 +925,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
PasswordSet: true,
|
||||
PasswordChangeRequired: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -956,7 +956,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
},
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -987,7 +987,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
PasswordChangeRequired: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1018,7 +1018,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1053,7 +1053,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1089,7 +1089,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1125,7 +1125,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1163,7 +1163,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1202,7 +1202,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1240,7 +1240,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1278,7 +1278,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
lockoutPolicyProvider: &mockLockoutPolicy{
|
||||
policy: &query.LockoutPolicy{
|
||||
@@ -1313,7 +1313,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
|
||||
userViewProvider: &mockViewUser{
|
||||
PasswordSet: true,
|
||||
IsEmailVerified: true,
|
||||
MFAMaxSetUp: int32(model.MFALevelSecondFactor),
|
||||
MFAMaxSetUp: int32(domain.MFALevelSecondFactor),
|
||||
},
|
||||
userEventProvider: &mockEventUser{},
|
||||
orgViewProvider: &mockViewOrg{State: domain.OrgStateActive},
|
||||
@@ -1398,7 +1398,7 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
|
||||
},
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelNotSetUp,
|
||||
MFAMaxSetUp: domain.MFALevelNotSetUp,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -1416,7 +1416,7 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
|
||||
},
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelNotSetUp,
|
||||
MFAMaxSetUp: domain.MFALevelNotSetUp,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -1435,7 +1435,7 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
|
||||
},
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelNotSetUp,
|
||||
MFAMaxSetUp: domain.MFALevelNotSetUp,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -1459,7 +1459,7 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
|
||||
},
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelNotSetUp,
|
||||
MFAMaxSetUp: domain.MFALevelNotSetUp,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -1482,7 +1482,7 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
|
||||
},
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelNotSetUp,
|
||||
MFAMaxSetUp: domain.MFALevelNotSetUp,
|
||||
MFAInitSkipped: time.Now().UTC(),
|
||||
},
|
||||
},
|
||||
@@ -1502,7 +1502,7 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
|
||||
},
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelSecondFactor,
|
||||
MFAMaxSetUp: domain.MFALevelSecondFactor,
|
||||
OTPState: user_model.MFAStateReady,
|
||||
},
|
||||
},
|
||||
@@ -1523,7 +1523,7 @@ func TestAuthRequestRepo_mfaChecked(t *testing.T) {
|
||||
},
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelSecondFactor,
|
||||
MFAMaxSetUp: domain.MFALevelSecondFactor,
|
||||
OTPState: user_model.MFAStateReady,
|
||||
},
|
||||
},
|
||||
@@ -1573,7 +1573,7 @@ func TestAuthRequestRepo_mfaSkippedOrSetUp(t *testing.T) {
|
||||
args{
|
||||
user: &user_model.UserView{
|
||||
HumanView: &user_model.HumanView{
|
||||
MFAMaxSetUp: model.MFALevelSecondFactor,
|
||||
MFAMaxSetUp: domain.MFALevelSecondFactor,
|
||||
},
|
||||
},
|
||||
request: &domain.AuthRequest{
|
||||
@@ -1687,8 +1687,8 @@ func Test_userSessionByIDs(t *testing.T) {
|
||||
user: &user_model.UserView{ID: "id", HumanView: &user_model.HumanView{FirstName: "FirstName"}},
|
||||
eventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.MFAOTPCheckSucceeded,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserV1MFAOTPCheckSucceededType),
|
||||
CreationDate: time.Now().UTC().Round(1 * time.Second),
|
||||
},
|
||||
},
|
||||
@@ -1710,8 +1710,8 @@ func Test_userSessionByIDs(t *testing.T) {
|
||||
user: &user_model.UserView{ID: "id"},
|
||||
eventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.MFAOTPCheckSucceeded,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserV1MFAOTPCheckSucceededType),
|
||||
CreationDate: time.Now().UTC().Round(1 * time.Second),
|
||||
Data: func() []byte {
|
||||
data, _ := json.Marshal(&user_es_model.AuthRequest{UserAgentID: "otherID"})
|
||||
@@ -1737,8 +1737,8 @@ func Test_userSessionByIDs(t *testing.T) {
|
||||
user: &user_model.UserView{ID: "id", HumanView: &user_model.HumanView{FirstName: "FirstName"}},
|
||||
eventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.MFAOTPCheckSucceeded,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserV1MFAOTPCheckSucceededType),
|
||||
CreationDate: time.Now().UTC().Round(1 * time.Second),
|
||||
Data: func() []byte {
|
||||
data, _ := json.Marshal(&user_es_model.AuthRequest{UserAgentID: "agentID"})
|
||||
@@ -1764,8 +1764,8 @@ func Test_userSessionByIDs(t *testing.T) {
|
||||
user: &user_model.UserView{ID: "id"},
|
||||
eventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.UserRemoved,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserRemovedType),
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -1834,8 +1834,8 @@ func Test_userByID(t *testing.T) {
|
||||
},
|
||||
eventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.UserPasswordChanged,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserV1PasswordChangedType),
|
||||
CreationDate: time.Now().UTC().Round(1 * time.Second),
|
||||
Data: nil,
|
||||
},
|
||||
@@ -1860,8 +1860,8 @@ func Test_userByID(t *testing.T) {
|
||||
},
|
||||
eventProvider: &mockEventUser{
|
||||
&es_models.Event{
|
||||
AggregateType: user_es_model.UserAggregate,
|
||||
Type: user_es_model.UserPasswordChanged,
|
||||
AggregateType: user_repo.AggregateType,
|
||||
Type: es_models.EventType(user_repo.UserV1PasswordChangedType),
|
||||
CreationDate: time.Now().UTC().Round(1 * time.Second),
|
||||
Data: func() []byte {
|
||||
data, _ := json.Marshal(user_es_model.Password{ChangeRequired: false, Secret: &crypto.CryptoValue{}})
|
||||
|
||||
@@ -2,18 +2,10 @@ package eventstore
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/caos/logging"
|
||||
"github.com/golang/protobuf/ptypes"
|
||||
|
||||
"github.com/caos/zitadel/internal/user/model"
|
||||
|
||||
"github.com/caos/zitadel/internal/api/authz"
|
||||
"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
|
||||
"github.com/caos/zitadel/internal/config/systemdefaults"
|
||||
"github.com/caos/zitadel/internal/domain"
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/query"
|
||||
@@ -51,73 +43,6 @@ func (repo *UserRepo) UserEventsByID(ctx context.Context, id string, sequence ui
|
||||
return repo.getUserEvents(ctx, id, sequence)
|
||||
}
|
||||
|
||||
func (repo *UserRepo) MyUserChanges(ctx context.Context, lastSequence uint64, limit uint64, sortAscending bool, retention time.Duration) (*model.UserChanges, error) {
|
||||
changes, err := repo.getUserChanges(ctx, authz.GetCtxData(ctx).UserID, lastSequence, limit, sortAscending, retention)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
for _, change := range changes.Changes {
|
||||
change.ModifierName = change.ModifierID
|
||||
change.ModifierLoginName = change.ModifierID
|
||||
user, _ := repo.Query.GetUserByID(ctx, change.ModifierID)
|
||||
if user != nil {
|
||||
change.ModifierLoginName = user.PreferredLoginName
|
||||
if user.Human != nil {
|
||||
change.ModifierName = user.Human.DisplayName
|
||||
change.ModifierAvatarURL = domain.AvatarURL(repo.PrefixAvatarURL, user.ResourceOwner, user.Human.AvatarKey)
|
||||
}
|
||||
if user.Machine != nil {
|
||||
change.ModifierName = user.Machine.Name
|
||||
}
|
||||
}
|
||||
}
|
||||
return changes, nil
|
||||
}
|
||||
|
||||
func (r *UserRepo) getUserChanges(ctx context.Context, userID string, lastSequence uint64, limit uint64, sortAscending bool, retention time.Duration) (*model.UserChanges, error) {
|
||||
query := usr_view.ChangesQuery(userID, lastSequence, limit, sortAscending, retention)
|
||||
|
||||
events, err := r.Eventstore.FilterEvents(ctx, query)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-g9HCv").WithError(err).Warn("eventstore unavailable")
|
||||
return nil, errors.ThrowInternal(err, "EVENT-htuG9", "Errors.Internal")
|
||||
}
|
||||
if len(events) == 0 {
|
||||
return nil, errors.ThrowNotFound(nil, "EVENT-6cAxe", "Errors.User.NoChanges")
|
||||
}
|
||||
|
||||
result := make([]*model.UserChange, len(events))
|
||||
|
||||
for i, event := range events {
|
||||
creationDate, err := ptypes.TimestampProto(event.CreationDate)
|
||||
logging.Log("EVENT-8GTGS").OnError(err).Debug("unable to parse timestamp")
|
||||
change := &model.UserChange{
|
||||
ChangeDate: creationDate,
|
||||
EventType: event.Type.String(),
|
||||
ModifierID: event.EditorUser,
|
||||
Sequence: event.Sequence,
|
||||
}
|
||||
|
||||
//TODO: now all types should be unmarshalled, e.g. password
|
||||
// if len(event.Data) != 0 {
|
||||
// user := new(model.User)
|
||||
// err := json.Unmarshal(event.Data, user)
|
||||
// logging.Log("EVENT-Rkg7X").OnError(err).Debug("unable to unmarshal data")
|
||||
// change.Data = user
|
||||
// }
|
||||
|
||||
result[i] = change
|
||||
if lastSequence < event.Sequence {
|
||||
lastSequence = event.Sequence
|
||||
}
|
||||
}
|
||||
|
||||
return &model.UserChanges{
|
||||
Changes: result,
|
||||
LastSequence: lastSequence,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (r *UserRepo) getUserEvents(ctx context.Context, userID string, sequence uint64) ([]*models.Event, error) {
|
||||
query, err := usr_view.UserByIDQuery(userID, sequence)
|
||||
if err != nil {
|
||||
|
||||
@@ -2,14 +2,14 @@ package handler
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
"github.com/caos/zitadel/internal/repository/instance"
|
||||
"github.com/caos/zitadel/internal/repository/org"
|
||||
)
|
||||
@@ -50,8 +50,8 @@ func (i *IDPConfig) Subscription() *v1.Subscription {
|
||||
return i.subscription
|
||||
}
|
||||
|
||||
func (_ *IDPConfig) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.OrgAggregate, iam_es_model.IAMAggregate}
|
||||
func (_ *IDPConfig) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{org.AggregateType, instance.AggregateType}
|
||||
}
|
||||
|
||||
func (i *IDPConfig) CurrentSequence() (uint64, error) {
|
||||
@@ -62,37 +62,37 @@ func (i *IDPConfig) CurrentSequence() (uint64, error) {
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (i *IDPConfig) EventQuery() (*es_models.SearchQuery, error) {
|
||||
func (i *IDPConfig) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := i.view.GetLatestIDPConfigSequence()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
return models.NewSearchQuery().
|
||||
AggregateTypeFilter(i.AggregateTypes()...).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (i *IDPConfig) Reduce(event *es_models.Event) (err error) {
|
||||
func (i *IDPConfig) Reduce(event *models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case model.OrgAggregate:
|
||||
case org.AggregateType:
|
||||
err = i.processIdpConfig(iam_model.IDPProviderTypeOrg, event)
|
||||
case iam_es_model.IAMAggregate:
|
||||
case instance.AggregateType:
|
||||
err = i.processIdpConfig(iam_model.IDPProviderTypeSystem, event)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (i *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, event *es_models.Event) (err error) {
|
||||
func (i *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, event *models.Event) (err error) {
|
||||
idp := new(iam_view_model.IDPConfigView)
|
||||
switch event.Type {
|
||||
case model.IDPConfigAdded,
|
||||
iam_es_model.IDPConfigAdded:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case org.IDPConfigAddedEventType,
|
||||
instance.IDPConfigAddedEventType:
|
||||
err = idp.AppendEvent(providerType, event)
|
||||
case model.IDPConfigChanged, iam_es_model.IDPConfigChanged,
|
||||
model.OIDCIDPConfigAdded, iam_es_model.OIDCIDPConfigAdded,
|
||||
model.OIDCIDPConfigChanged, iam_es_model.OIDCIDPConfigChanged,
|
||||
es_models.EventType(org.IDPJWTConfigAddedEventType), es_models.EventType(instance.IDPJWTConfigAddedEventType),
|
||||
es_models.EventType(org.IDPJWTConfigChangedEventType), es_models.EventType(instance.IDPJWTConfigChangedEventType):
|
||||
case org.IDPConfigChangedEventType, instance.IDPConfigChangedEventType,
|
||||
org.IDPOIDCConfigAddedEventType, instance.IDPOIDCConfigAddedEventType,
|
||||
org.IDPOIDCConfigChangedEventType, instance.IDPOIDCConfigChangedEventType,
|
||||
org.IDPJWTConfigAddedEventType, instance.IDPJWTConfigAddedEventType,
|
||||
org.IDPJWTConfigChangedEventType, instance.IDPJWTConfigChangedEventType:
|
||||
err = idp.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -102,8 +102,8 @@ func (i *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, eve
|
||||
return err
|
||||
}
|
||||
err = idp.AppendEvent(providerType, event)
|
||||
case model.IDPConfigDeactivated, iam_es_model.IDPConfigDeactivated,
|
||||
model.IDPConfigReactivated, iam_es_model.IDPConfigReactivated:
|
||||
case org.IDPConfigDeactivatedEventType, instance.IDPConfigDeactivatedEventType,
|
||||
org.IDPConfigReactivatedEventType, instance.IDPConfigReactivatedEventType:
|
||||
err = idp.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -113,7 +113,7 @@ func (i *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, eve
|
||||
return err
|
||||
}
|
||||
err = idp.AppendEvent(providerType, event)
|
||||
case model.IDPConfigRemoved, iam_es_model.IDPConfigRemoved:
|
||||
case org.IDPConfigRemovedEventType, instance.IDPConfigRemovedEventType:
|
||||
err = idp.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -128,7 +128,7 @@ func (i *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, eve
|
||||
return i.view.PutIDPConfig(idp, event)
|
||||
}
|
||||
|
||||
func (i *IDPConfig) OnError(event *es_models.Event, err error) error {
|
||||
func (i *IDPConfig) OnError(event *models.Event, err error) error {
|
||||
logging.LogWithFields("SPOOL-Ejf8s", "id", event.AggregateID).WithError(err).Warn("something went wrong in idp config handler")
|
||||
return spooler.HandleError(event, err, i.view.GetLatestIDPConfigFailedEvent, i.view.ProcessedIDPConfigFailedEvent, i.view.ProcessedIDPConfigSequence, i.errorCountUntilSkip)
|
||||
}
|
||||
|
||||
@@ -7,15 +7,17 @@ import (
|
||||
|
||||
"github.com/caos/zitadel/internal/config/systemdefaults"
|
||||
"github.com/caos/zitadel/internal/domain"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
"github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
query2 "github.com/caos/zitadel/internal/query"
|
||||
"github.com/caos/zitadel/internal/repository/instance"
|
||||
"github.com/caos/zitadel/internal/repository/org"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -62,8 +64,8 @@ func (i *IDPProvider) Subscription() *v1.Subscription {
|
||||
return i.subscription
|
||||
}
|
||||
|
||||
func (_ *IDPProvider) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.IAMAggregate, org_es_model.OrgAggregate}
|
||||
func (_ *IDPProvider) AggregateTypes() []models.AggregateType {
|
||||
return []es_models.AggregateType{instance.AggregateType, org.AggregateType}
|
||||
}
|
||||
|
||||
func (i *IDPProvider) CurrentSequence() (uint64, error) {
|
||||
@@ -74,7 +76,7 @@ func (i *IDPProvider) CurrentSequence() (uint64, error) {
|
||||
return sequence.CurrentSequence, nil
|
||||
}
|
||||
|
||||
func (i *IDPProvider) EventQuery() (*es_models.SearchQuery, error) {
|
||||
func (i *IDPProvider) EventQuery() (*models.SearchQuery, error) {
|
||||
sequence, err := i.view.GetLatestIDPProviderSequence()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -84,31 +86,31 @@ func (i *IDPProvider) EventQuery() (*es_models.SearchQuery, error) {
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (i *IDPProvider) Reduce(event *es_models.Event) (err error) {
|
||||
func (i *IDPProvider) Reduce(event *models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case model.IAMAggregate, org_es_model.OrgAggregate:
|
||||
case instance.AggregateType, org.AggregateType:
|
||||
err = i.processIdpProvider(event)
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (i *IDPProvider) processIdpProvider(event *es_models.Event) (err error) {
|
||||
func (i *IDPProvider) processIdpProvider(event *models.Event) (err error) {
|
||||
provider := new(iam_view_model.IDPProviderView)
|
||||
switch event.Type {
|
||||
case model.LoginPolicyIDPProviderAdded, org_es_model.LoginPolicyIDPProviderAdded:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case instance.LoginPolicyIDPProviderAddedEventType, org.LoginPolicyIDPProviderAddedEventType:
|
||||
err = provider.AppendEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = i.fillData(provider)
|
||||
case model.LoginPolicyIDPProviderRemoved, model.LoginPolicyIDPProviderCascadeRemoved,
|
||||
org_es_model.LoginPolicyIDPProviderRemoved, org_es_model.LoginPolicyIDPProviderCascadeRemoved:
|
||||
case instance.LoginPolicyIDPProviderRemovedEventType, instance.LoginPolicyIDPProviderCascadeRemovedEventType,
|
||||
org.LoginPolicyIDPProviderRemovedEventType, org.LoginPolicyIDPProviderCascadeRemovedEventType:
|
||||
err = provider.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.DeleteIDPProvider(event.AggregateID, provider.IDPConfigID, event)
|
||||
case model.IDPConfigChanged, org_es_model.IDPConfigChanged:
|
||||
case instance.IDPConfigChangedEventType, org.IDPConfigChangedEventType:
|
||||
esConfig := new(iam_view_model.IDPConfigView)
|
||||
providerType := iam_model.IDPProviderTypeSystem
|
||||
if event.AggregateID != domain.IAMID {
|
||||
@@ -132,7 +134,7 @@ func (i *IDPProvider) processIdpProvider(event *es_models.Event) (err error) {
|
||||
i.fillConfigData(provider, config)
|
||||
}
|
||||
return i.view.PutIDPProviders(event, providers...)
|
||||
case org_es_model.LoginPolicyRemoved:
|
||||
case org.LoginPolicyRemovedEventType:
|
||||
return i.view.DeleteIDPProvidersByAggregateID(event.AggregateID, event)
|
||||
default:
|
||||
return i.view.ProcessedIDPProviderSequence(event)
|
||||
|
||||
@@ -3,13 +3,14 @@ package handler
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
||||
"github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
proj_view "github.com/caos/zitadel/internal/project/repository/view"
|
||||
view_model "github.com/caos/zitadel/internal/project/repository/view/model"
|
||||
"github.com/caos/zitadel/internal/repository/project"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -51,7 +52,7 @@ func (p *OrgProjectMapping) Subscription() *v1.Subscription {
|
||||
}
|
||||
|
||||
func (_ *OrgProjectMapping) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.ProjectAggregate}
|
||||
return []es_models.AggregateType{project.AggregateType}
|
||||
}
|
||||
|
||||
func (p *OrgProjectMapping) CurrentSequence() (uint64, error) {
|
||||
@@ -72,24 +73,24 @@ func (p *OrgProjectMapping) EventQuery() (*es_models.SearchQuery, error) {
|
||||
|
||||
func (p *OrgProjectMapping) Reduce(event *es_models.Event) (err error) {
|
||||
mapping := new(view_model.OrgProjectMapping)
|
||||
switch event.Type {
|
||||
case model.ProjectAdded:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case project.ProjectAddedType:
|
||||
mapping.OrgID = event.ResourceOwner
|
||||
mapping.ProjectID = event.AggregateID
|
||||
mapping.InstanceID = event.InstanceID
|
||||
case model.ProjectRemoved:
|
||||
case project.ProjectRemovedType:
|
||||
err := p.view.DeleteOrgProjectMappingsByProjectID(event.AggregateID)
|
||||
if err == nil {
|
||||
return p.view.ProcessedOrgProjectMappingSequence(event)
|
||||
}
|
||||
case model.ProjectGrantAdded:
|
||||
case project.GrantAddedType:
|
||||
projectGrant := new(view_model.ProjectGrant)
|
||||
projectGrant.SetData(event)
|
||||
mapping.OrgID = projectGrant.GrantedOrgID
|
||||
mapping.ProjectID = event.AggregateID
|
||||
mapping.ProjectGrantID = projectGrant.GrantID
|
||||
mapping.InstanceID = projectGrant.InstanceID
|
||||
case model.ProjectGrantRemoved:
|
||||
case project.GrantRemovedType:
|
||||
projectGrant := new(view_model.ProjectGrant)
|
||||
projectGrant.SetData(event)
|
||||
err := p.view.DeleteOrgProjectMappingsByProjectGrantID(event.AggregateID)
|
||||
|
||||
@@ -7,13 +7,12 @@ import (
|
||||
|
||||
caos_errs "github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
||||
project_es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
user_repo "github.com/caos/zitadel/internal/repository/user"
|
||||
user_es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
"github.com/caos/zitadel/internal/repository/project"
|
||||
"github.com/caos/zitadel/internal/repository/user"
|
||||
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
@@ -56,7 +55,7 @@ func (t *RefreshToken) Subscription() *v1.Subscription {
|
||||
}
|
||||
|
||||
func (t *RefreshToken) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{user_es_model.UserAggregate, project_es_model.ProjectAggregate}
|
||||
return []es_models.AggregateType{user.AggregateType, project.AggregateType}
|
||||
}
|
||||
|
||||
func (t *RefreshToken) CurrentSequence() (uint64, error) {
|
||||
@@ -73,21 +72,21 @@ func (t *RefreshToken) EventQuery() (*es_models.SearchQuery, error) {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(user_es_model.UserAggregate, project_es_model.ProjectAggregate).
|
||||
AggregateTypeFilter(user.AggregateType, project.AggregateType).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (t *RefreshToken) Reduce(event *es_models.Event) (err error) {
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case user_repo.HumanRefreshTokenAddedType:
|
||||
case user.HumanRefreshTokenAddedType:
|
||||
token := new(view_model.RefreshTokenView)
|
||||
err := token.AppendEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.PutRefreshToken(token, event)
|
||||
case user_repo.HumanRefreshTokenRenewedType:
|
||||
e := new(user_repo.HumanRefreshTokenRenewedEvent)
|
||||
case user.HumanRefreshTokenRenewedType:
|
||||
e := new(user.HumanRefreshTokenRenewedEvent)
|
||||
if err := json.Unmarshal(event.Data, e); err != nil {
|
||||
logging.Log("EVEN-DBbn4").WithError(err).Error("could not unmarshal event data")
|
||||
return caos_errs.ThrowInternal(nil, "MODEL-BHn75", "could not unmarshal data")
|
||||
@@ -101,16 +100,16 @@ func (t *RefreshToken) Reduce(event *es_models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
return t.view.PutRefreshToken(token, event)
|
||||
case user_repo.HumanRefreshTokenRemovedType:
|
||||
e := new(user_repo.HumanRefreshTokenRemovedEvent)
|
||||
case user.HumanRefreshTokenRemovedType:
|
||||
e := new(user.HumanRefreshTokenRemovedEvent)
|
||||
if err := json.Unmarshal(event.Data, e); err != nil {
|
||||
logging.Log("EVEN-BDbh3").WithError(err).Error("could not unmarshal event data")
|
||||
return caos_errs.ThrowInternal(nil, "MODEL-Bz653", "could not unmarshal data")
|
||||
}
|
||||
return t.view.DeleteRefreshToken(e.TokenID, event)
|
||||
case user_repo.UserLockedType,
|
||||
user_repo.UserDeactivatedType,
|
||||
user_repo.UserRemovedType:
|
||||
case user.UserLockedType,
|
||||
user.UserDeactivatedType,
|
||||
user.UserRemovedType:
|
||||
return t.view.DeleteUserRefreshTokens(event.AggregateID, event)
|
||||
default:
|
||||
return t.view.ProcessedRefreshTokenSequence(event)
|
||||
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
"github.com/caos/logging"
|
||||
|
||||
caos_errs "github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
@@ -15,8 +16,9 @@ import (
|
||||
proj_model "github.com/caos/zitadel/internal/project/model"
|
||||
project_es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
||||
proj_view "github.com/caos/zitadel/internal/project/repository/view"
|
||||
"github.com/caos/zitadel/internal/repository/project"
|
||||
"github.com/caos/zitadel/internal/repository/user"
|
||||
user_repo "github.com/caos/zitadel/internal/repository/user"
|
||||
user_es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
@@ -59,7 +61,7 @@ func (t *Token) Subscription() *v1.Subscription {
|
||||
}
|
||||
|
||||
func (_ *Token) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{user_es_model.UserAggregate, project_es_model.ProjectAggregate}
|
||||
return []es_models.AggregateType{user.AggregateType, project.AggregateType}
|
||||
}
|
||||
|
||||
func (p *Token) CurrentSequence() (uint64, error) {
|
||||
@@ -76,22 +78,22 @@ func (t *Token) EventQuery() (*es_models.SearchQuery, error) {
|
||||
return nil, err
|
||||
}
|
||||
return es_models.NewSearchQuery().
|
||||
AggregateTypeFilter(user_es_model.UserAggregate, project_es_model.ProjectAggregate).
|
||||
AggregateTypeFilter(user.AggregateType, project.AggregateType).
|
||||
LatestSequenceFilter(sequence.CurrentSequence), nil
|
||||
}
|
||||
|
||||
func (t *Token) Reduce(event *es_models.Event) (err error) {
|
||||
switch event.Type {
|
||||
case user_es_model.UserTokenAdded,
|
||||
es_models.EventType(user_repo.PersonalAccessTokenAddedType):
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case user.UserTokenAddedType,
|
||||
user_repo.PersonalAccessTokenAddedType:
|
||||
token := new(view_model.TokenView)
|
||||
err := token.AppendEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.PutToken(token, event)
|
||||
case user_es_model.UserProfileChanged,
|
||||
user_es_model.HumanProfileChanged:
|
||||
case user.UserV1ProfileChangedType,
|
||||
user.HumanProfileChangedType:
|
||||
user := new(view_model.UserView)
|
||||
user.AppendEvent(event)
|
||||
tokens, err := t.view.TokensByUserID(event.AggregateID)
|
||||
@@ -102,39 +104,39 @@ func (t *Token) Reduce(event *es_models.Event) (err error) {
|
||||
token.PreferredLanguage = user.PreferredLanguage
|
||||
}
|
||||
return t.view.PutTokens(tokens, event)
|
||||
case user_es_model.SignedOut,
|
||||
user_es_model.HumanSignedOut:
|
||||
case user.UserV1SignedOutType,
|
||||
user.HumanSignedOutType:
|
||||
id, err := agentIDFromSession(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.DeleteSessionTokens(id, event.AggregateID, event)
|
||||
case user_es_model.UserLocked,
|
||||
user_es_model.UserDeactivated,
|
||||
user_es_model.UserRemoved:
|
||||
case user.UserLockedType,
|
||||
user.UserDeactivatedType,
|
||||
user.UserRemovedType:
|
||||
return t.view.DeleteUserTokens(event.AggregateID, event)
|
||||
case es_models.EventType(user_repo.UserTokenRemovedType),
|
||||
es_models.EventType(user_repo.PersonalAccessTokenRemovedType):
|
||||
case user_repo.UserTokenRemovedType,
|
||||
user_repo.PersonalAccessTokenRemovedType:
|
||||
id, err := tokenIDFromRemovedEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.DeleteToken(id, event)
|
||||
case es_models.EventType(user_repo.HumanRefreshTokenRemovedType):
|
||||
case user_repo.HumanRefreshTokenRemovedType:
|
||||
id, err := refreshTokenIDFromRemovedEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.DeleteTokensFromRefreshToken(id, event)
|
||||
case project_es_model.ApplicationDeactivated,
|
||||
project_es_model.ApplicationRemoved:
|
||||
case project.ApplicationDeactivatedType,
|
||||
project.ApplicationRemovedType:
|
||||
application, err := applicationFromSession(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return t.view.DeleteApplicationTokens(event, application.AppID)
|
||||
case project_es_model.ProjectDeactivated,
|
||||
project_es_model.ProjectRemoved:
|
||||
case project.ProjectDeactivatedType,
|
||||
project.ProjectRemovedType:
|
||||
project, err := t.getProjectByID(context.Background(), event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
"github.com/caos/logging"
|
||||
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
@@ -17,7 +18,6 @@ import (
|
||||
query2 "github.com/caos/zitadel/internal/query"
|
||||
"github.com/caos/zitadel/internal/repository/org"
|
||||
user_repo "github.com/caos/zitadel/internal/repository/user"
|
||||
es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
@@ -62,7 +62,7 @@ func (u *User) Subscription() *v1.Subscription {
|
||||
return u.subscription
|
||||
}
|
||||
func (_ *User) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{es_model.UserAggregate, org_es_model.OrgAggregate}
|
||||
return []es_models.AggregateType{user_repo.AggregateType, org.AggregateType}
|
||||
}
|
||||
|
||||
func (u *User) CurrentSequence() (uint64, error) {
|
||||
@@ -85,9 +85,9 @@ func (u *User) EventQuery() (*es_models.SearchQuery, error) {
|
||||
|
||||
func (u *User) Reduce(event *es_models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case es_model.UserAggregate:
|
||||
case user_repo.AggregateType:
|
||||
return u.ProcessUser(event)
|
||||
case org_es_model.OrgAggregate:
|
||||
case org.AggregateType:
|
||||
return u.ProcessOrg(event)
|
||||
default:
|
||||
return nil
|
||||
@@ -96,63 +96,63 @@ func (u *User) Reduce(event *es_models.Event) (err error) {
|
||||
|
||||
func (u *User) ProcessUser(event *es_models.Event) (err error) {
|
||||
user := new(view_model.UserView)
|
||||
switch event.Type {
|
||||
case es_model.UserAdded,
|
||||
es_model.MachineAdded,
|
||||
es_model.HumanAdded,
|
||||
es_model.UserRegistered,
|
||||
es_model.HumanRegistered:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case user_repo.UserV1AddedType,
|
||||
user_repo.MachineAddedEventType,
|
||||
user_repo.HumanAddedType,
|
||||
user_repo.UserV1RegisteredType,
|
||||
user_repo.HumanRegisteredType:
|
||||
err = user.AppendEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = u.fillLoginNames(user)
|
||||
case es_model.UserProfileChanged,
|
||||
es_model.UserEmailChanged,
|
||||
es_model.UserEmailVerified,
|
||||
es_model.UserPhoneChanged,
|
||||
es_model.UserPhoneVerified,
|
||||
es_model.UserPhoneRemoved,
|
||||
es_model.UserAddressChanged,
|
||||
es_model.UserDeactivated,
|
||||
es_model.UserReactivated,
|
||||
es_model.UserLocked,
|
||||
es_model.UserUnlocked,
|
||||
es_model.MFAOTPAdded,
|
||||
es_model.MFAOTPVerified,
|
||||
es_model.MFAOTPRemoved,
|
||||
es_model.MFAInitSkipped,
|
||||
es_model.UserPasswordChanged,
|
||||
es_model.HumanProfileChanged,
|
||||
es_model.HumanEmailChanged,
|
||||
es_model.HumanEmailVerified,
|
||||
es_model.HumanAvatarAdded,
|
||||
es_model.HumanAvatarRemoved,
|
||||
es_model.HumanPhoneChanged,
|
||||
es_model.HumanPhoneVerified,
|
||||
es_model.HumanPhoneRemoved,
|
||||
es_model.HumanAddressChanged,
|
||||
es_model.HumanMFAOTPAdded,
|
||||
es_model.HumanMFAOTPVerified,
|
||||
es_model.HumanMFAOTPRemoved,
|
||||
es_model.HumanMFAU2FTokenAdded,
|
||||
es_model.HumanMFAU2FTokenVerified,
|
||||
es_model.HumanMFAU2FTokenRemoved,
|
||||
es_model.HumanPasswordlessTokenAdded,
|
||||
es_model.HumanPasswordlessTokenVerified,
|
||||
es_model.HumanPasswordlessTokenRemoved,
|
||||
es_model.HumanMFAInitSkipped,
|
||||
es_model.MachineChanged,
|
||||
es_model.HumanPasswordChanged,
|
||||
es_models.EventType(user_repo.HumanPasswordlessInitCodeAddedType),
|
||||
es_models.EventType(user_repo.HumanPasswordlessInitCodeRequestedType):
|
||||
case user_repo.UserV1ProfileChangedType,
|
||||
user_repo.UserV1EmailChangedType,
|
||||
user_repo.UserV1EmailVerifiedType,
|
||||
user_repo.UserV1PhoneChangedType,
|
||||
user_repo.UserV1PhoneVerifiedType,
|
||||
user_repo.UserV1PhoneRemovedType,
|
||||
user_repo.UserV1AddressChangedType,
|
||||
user_repo.UserDeactivatedType,
|
||||
user_repo.UserReactivatedType,
|
||||
user_repo.UserLockedType,
|
||||
user_repo.UserUnlockedType,
|
||||
user_repo.UserV1MFAOTPAddedType,
|
||||
user_repo.UserV1MFAOTPVerifiedType,
|
||||
user_repo.UserV1MFAOTPRemovedType,
|
||||
user_repo.UserV1MFAInitSkippedType,
|
||||
user_repo.UserV1PasswordChangedType,
|
||||
user_repo.HumanProfileChangedType,
|
||||
user_repo.HumanEmailChangedType,
|
||||
user_repo.HumanEmailVerifiedType,
|
||||
user_repo.HumanAvatarAddedType,
|
||||
user_repo.HumanAvatarRemovedType,
|
||||
user_repo.HumanPhoneChangedType,
|
||||
user_repo.HumanPhoneVerifiedType,
|
||||
user_repo.HumanPhoneRemovedType,
|
||||
user_repo.HumanAddressChangedType,
|
||||
user_repo.HumanMFAOTPAddedType,
|
||||
user_repo.HumanMFAOTPVerifiedType,
|
||||
user_repo.HumanMFAOTPRemovedType,
|
||||
user_repo.HumanU2FTokenAddedType,
|
||||
user_repo.HumanU2FTokenVerifiedType,
|
||||
user_repo.HumanU2FTokenRemovedType,
|
||||
user_repo.HumanPasswordlessTokenAddedType,
|
||||
user_repo.HumanPasswordlessTokenVerifiedType,
|
||||
user_repo.HumanPasswordlessTokenRemovedType,
|
||||
user_repo.HumanMFAInitSkippedType,
|
||||
user_repo.MachineChangedEventType,
|
||||
user_repo.HumanPasswordChangedType,
|
||||
user_repo.HumanPasswordlessInitCodeAddedType,
|
||||
user_repo.HumanPasswordlessInitCodeRequestedType:
|
||||
user, err = u.view.UserByID(event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = user.AppendEvent(event)
|
||||
case es_model.DomainClaimed,
|
||||
es_model.UserUserNameChanged:
|
||||
case user_repo.UserDomainClaimedType,
|
||||
user_repo.UserUserNameChangedType:
|
||||
user, err = u.view.UserByID(event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -162,7 +162,7 @@ func (u *User) ProcessUser(event *es_models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
err = u.fillLoginNames(user)
|
||||
case es_model.UserRemoved:
|
||||
case user_repo.UserRemovedType:
|
||||
return u.view.DeleteUser(event.AggregateID, event)
|
||||
default:
|
||||
return u.view.ProcessedUserSequence(event)
|
||||
@@ -184,14 +184,14 @@ func (u *User) fillLoginNames(user *view_model.UserView) (err error) {
|
||||
}
|
||||
|
||||
func (u *User) ProcessOrg(event *es_models.Event) (err error) {
|
||||
switch event.Type {
|
||||
case org_es_model.OrgDomainVerified,
|
||||
org_es_model.OrgDomainRemoved,
|
||||
es_models.EventType(org.DomainPolicyAddedEventType),
|
||||
es_models.EventType(org.DomainPolicyChangedEventType),
|
||||
es_models.EventType(org.DomainPolicyRemovedEventType):
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case org.OrgDomainVerifiedEventType,
|
||||
org.OrgDomainRemovedEventType,
|
||||
org.DomainPolicyAddedEventType,
|
||||
org.DomainPolicyChangedEventType,
|
||||
org.DomainPolicyRemovedEventType:
|
||||
return u.fillLoginNamesOnOrgUsers(event)
|
||||
case org_es_model.OrgDomainPrimarySet:
|
||||
case org.OrgDomainPrimarySetEventType:
|
||||
return u.fillPreferredLoginNamesOnOrgUsers(event)
|
||||
default:
|
||||
return u.view.ProcessedUserSequence(event)
|
||||
|
||||
@@ -8,16 +8,17 @@ import (
|
||||
"github.com/caos/zitadel/internal/config/systemdefaults"
|
||||
"github.com/caos/zitadel/internal/domain"
|
||||
caos_errs "github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
||||
iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
||||
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
||||
query2 "github.com/caos/zitadel/internal/query"
|
||||
"github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
"github.com/caos/zitadel/internal/repository/instance"
|
||||
"github.com/caos/zitadel/internal/repository/org"
|
||||
"github.com/caos/zitadel/internal/repository/user"
|
||||
usr_view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
|
||||
@@ -66,7 +67,7 @@ func (i *ExternalIDP) Subscription() *v1.Subscription {
|
||||
}
|
||||
|
||||
func (_ *ExternalIDP) AggregateTypes() []es_models.AggregateType {
|
||||
return []es_models.AggregateType{model.UserAggregate, iam_es_model.IAMAggregate, org_es_model.OrgAggregate}
|
||||
return []es_models.AggregateType{user.AggregateType, instance.AggregateType, org.AggregateType}
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) CurrentSequence() (uint64, error) {
|
||||
@@ -89,9 +90,9 @@ func (i *ExternalIDP) EventQuery() (*es_models.SearchQuery, error) {
|
||||
|
||||
func (i *ExternalIDP) Reduce(event *es_models.Event) (err error) {
|
||||
switch event.AggregateType {
|
||||
case model.UserAggregate:
|
||||
case user.AggregateType:
|
||||
err = i.processUser(event)
|
||||
case iam_es_model.IAMAggregate, org_es_model.OrgAggregate:
|
||||
case instance.AggregateType, org.AggregateType:
|
||||
err = i.processIdpConfig(event)
|
||||
}
|
||||
return err
|
||||
@@ -99,20 +100,20 @@ func (i *ExternalIDP) Reduce(event *es_models.Event) (err error) {
|
||||
|
||||
func (i *ExternalIDP) processUser(event *es_models.Event) (err error) {
|
||||
externalIDP := new(usr_view_model.ExternalIDPView)
|
||||
switch event.Type {
|
||||
case model.HumanExternalIDPAdded:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case user.UserIDPLinkAddedType:
|
||||
err = externalIDP.AppendEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = i.fillData(externalIDP)
|
||||
case model.HumanExternalIDPRemoved, model.HumanExternalIDPCascadeRemoved:
|
||||
case user.UserIDPLinkRemovedType, user.UserIDPLinkCascadeRemovedType:
|
||||
err = externalIDP.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return i.view.DeleteExternalIDP(externalIDP.ExternalUserID, externalIDP.IDPConfigID, event)
|
||||
case model.UserRemoved:
|
||||
case user.UserRemovedType:
|
||||
return i.view.DeleteExternalIDPsByUserID(event.AggregateID, event)
|
||||
default:
|
||||
return i.view.ProcessedExternalIDPSequence(event)
|
||||
@@ -124,11 +125,11 @@ func (i *ExternalIDP) processUser(event *es_models.Event) (err error) {
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) processIdpConfig(event *es_models.Event) (err error) {
|
||||
switch event.Type {
|
||||
case iam_es_model.IDPConfigChanged, org_es_model.IDPConfigChanged:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case instance.IDPConfigChangedEventType, org.IDPConfigChangedEventType:
|
||||
configView := new(iam_view_model.IDPConfigView)
|
||||
config := new(query2.IDP)
|
||||
if event.Type == iam_es_model.IDPConfigChanged {
|
||||
if eventstore.EventType(event.Type) == instance.IDPConfigChangedEventType {
|
||||
configView.AppendEvent(iam_model.IDPProviderTypeSystem, event)
|
||||
} else {
|
||||
configView.AppendEvent(iam_model.IDPProviderTypeOrg, event)
|
||||
@@ -137,7 +138,7 @@ func (i *ExternalIDP) processIdpConfig(event *es_models.Event) (err error) {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if event.AggregateType == iam_es_model.IAMAggregate {
|
||||
if event.AggregateType == instance.AggregateType {
|
||||
config, err = i.getDefaultIDPConfig(event.InstanceID, configView.IDPConfigID)
|
||||
} else {
|
||||
config, err = i.getOrgIDPConfig(event.InstanceID, event.AggregateID, configView.IDPConfigID)
|
||||
@@ -172,7 +173,7 @@ func (i *ExternalIDP) fillConfigData(externalIDP *usr_view_model.ExternalIDPView
|
||||
}
|
||||
|
||||
func (i *ExternalIDP) OnError(event *es_models.Event, err error) error {
|
||||
logging.LogWithFields("SPOOL-4Rsu8", "id", event.AggregateID).WithError(err).Warn("something went wrong in idp provider handler")
|
||||
logging.WithFields("id", event.AggregateID).WithError(err).Warn("something went wrong in idp provider handler")
|
||||
return spooler.HandleError(event, err, i.view.GetLatestExternalIDPFailedEvent, i.view.ProcessedExternalIDPFailedEvent, i.view.ProcessedExternalIDPSequence, i.errorCountUntilSkip)
|
||||
}
|
||||
|
||||
|
||||
@@ -3,13 +3,14 @@ package handler
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
|
||||
req_model "github.com/caos/zitadel/internal/auth_request/model"
|
||||
"github.com/caos/zitadel/internal/domain"
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore"
|
||||
v1 "github.com/caos/zitadel/internal/eventstore/v1"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
||||
es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
||||
"github.com/caos/zitadel/internal/repository/user"
|
||||
"github.com/caos/zitadel/internal/user/repository/view"
|
||||
view_model "github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
)
|
||||
@@ -53,7 +54,7 @@ func (u *UserSession) Subscription() *v1.Subscription {
|
||||
}
|
||||
|
||||
func (_ *UserSession) AggregateTypes() []models.AggregateType {
|
||||
return []models.AggregateType{es_model.UserAggregate}
|
||||
return []models.AggregateType{user.AggregateType}
|
||||
}
|
||||
|
||||
func (u *UserSession) CurrentSequence() (uint64, error) {
|
||||
@@ -74,22 +75,22 @@ func (u *UserSession) EventQuery() (*models.SearchQuery, error) {
|
||||
|
||||
func (u *UserSession) Reduce(event *models.Event) (err error) {
|
||||
var session *view_model.UserSessionView
|
||||
switch event.Type {
|
||||
case es_model.UserPasswordCheckSucceeded,
|
||||
es_model.UserPasswordCheckFailed,
|
||||
es_model.MFAOTPCheckSucceeded,
|
||||
es_model.MFAOTPCheckFailed,
|
||||
es_model.SignedOut,
|
||||
es_model.HumanPasswordCheckSucceeded,
|
||||
es_model.HumanPasswordCheckFailed,
|
||||
es_model.HumanExternalLoginCheckSucceeded,
|
||||
es_model.HumanMFAOTPCheckSucceeded,
|
||||
es_model.HumanMFAOTPCheckFailed,
|
||||
es_model.HumanMFAU2FTokenCheckSucceeded,
|
||||
es_model.HumanMFAU2FTokenCheckFailed,
|
||||
es_model.HumanPasswordlessTokenCheckSucceeded,
|
||||
es_model.HumanPasswordlessTokenCheckFailed,
|
||||
es_model.HumanSignedOut:
|
||||
switch eventstore.EventType(event.Type) {
|
||||
case user.UserV1PasswordCheckSucceededType,
|
||||
user.UserV1PasswordCheckFailedType,
|
||||
user.UserV1MFAOTPCheckSucceededType,
|
||||
user.UserV1MFAOTPCheckFailedType,
|
||||
user.UserV1SignedOutType,
|
||||
user.HumanPasswordCheckSucceededType,
|
||||
user.HumanPasswordCheckFailedType,
|
||||
user.UserIDPLoginCheckSucceededType,
|
||||
user.HumanMFAOTPCheckSucceededType,
|
||||
user.HumanMFAOTPCheckFailedType,
|
||||
user.HumanU2FTokenCheckSucceededType,
|
||||
user.HumanU2FTokenCheckFailedType,
|
||||
user.HumanPasswordlessTokenCheckSucceededType,
|
||||
user.HumanPasswordlessTokenCheckFailedType,
|
||||
user.HumanSignedOutType:
|
||||
eventData, err := view_model.UserSessionFromEvent(event)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -104,27 +105,27 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
|
||||
ResourceOwner: event.ResourceOwner,
|
||||
UserAgentID: eventData.UserAgentID,
|
||||
UserID: event.AggregateID,
|
||||
State: int32(req_model.UserSessionStateActive),
|
||||
State: int32(domain.UserSessionStateActive),
|
||||
InstanceID: event.InstanceID,
|
||||
}
|
||||
}
|
||||
return u.updateSession(session, event)
|
||||
case es_model.UserPasswordChanged,
|
||||
es_model.MFAOTPRemoved,
|
||||
es_model.UserProfileChanged,
|
||||
es_model.UserLocked,
|
||||
es_model.UserDeactivated,
|
||||
es_model.HumanPasswordChanged,
|
||||
es_model.HumanMFAOTPRemoved,
|
||||
es_model.HumanProfileChanged,
|
||||
es_model.HumanAvatarAdded,
|
||||
es_model.HumanAvatarRemoved,
|
||||
es_model.DomainClaimed,
|
||||
es_model.UserUserNameChanged,
|
||||
es_model.HumanExternalIDPRemoved,
|
||||
es_model.HumanExternalIDPCascadeRemoved,
|
||||
es_model.HumanPasswordlessTokenRemoved,
|
||||
es_model.HumanMFAU2FTokenRemoved:
|
||||
case user.UserV1PasswordChangedType,
|
||||
user.UserV1MFAOTPRemovedType,
|
||||
user.UserV1ProfileChangedType,
|
||||
user.UserLockedType,
|
||||
user.UserDeactivatedType,
|
||||
user.HumanPasswordChangedType,
|
||||
user.HumanMFAOTPRemovedType,
|
||||
user.HumanProfileChangedType,
|
||||
user.HumanAvatarAddedType,
|
||||
user.HumanAvatarRemovedType,
|
||||
user.UserDomainClaimedType,
|
||||
user.UserUserNameChangedType,
|
||||
user.UserIDPLinkRemovedType,
|
||||
user.UserIDPLinkCascadeRemovedType,
|
||||
user.HumanPasswordlessTokenRemovedType,
|
||||
user.HumanU2FTokenRemovedType:
|
||||
sessions, err := u.view.UserSessionsByUserID(event.AggregateID)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -141,7 +142,7 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
|
||||
}
|
||||
}
|
||||
return u.view.PutUserSessions(sessions, event)
|
||||
case es_model.UserRemoved:
|
||||
case user.UserRemovedType:
|
||||
return u.view.DeleteUserSessions(event.AggregateID, event)
|
||||
default:
|
||||
return u.view.ProcessedUserSessionSequence(event)
|
||||
|
||||
@@ -3,7 +3,6 @@ package view
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
||||
usr_model "github.com/caos/zitadel/internal/user/model"
|
||||
"github.com/caos/zitadel/internal/user/repository/view"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
global_view "github.com/caos/zitadel/internal/view/repository"
|
||||
@@ -25,14 +24,6 @@ func (v *View) ExternalIDPsByIDPConfigID(idpConfigID string) ([]*model.ExternalI
|
||||
return view.ExternalIDPsByIDPConfigID(v.Db, externalIDPTable, idpConfigID)
|
||||
}
|
||||
|
||||
func (v *View) ExternalIDPsByUserID(userID string) ([]*model.ExternalIDPView, error) {
|
||||
return view.ExternalIDPsByUserID(v.Db, externalIDPTable, userID)
|
||||
}
|
||||
|
||||
func (v *View) SearchExternalIDPs(request *usr_model.ExternalIDPSearchRequest) ([]*model.ExternalIDPView, uint64, error) {
|
||||
return view.SearchExternalIDPs(v.Db, externalIDPTable, request)
|
||||
}
|
||||
|
||||
func (v *View) PutExternalIDP(externalIDP *model.ExternalIDPView, event *models.Event) error {
|
||||
err := view.PutExternalIDP(v.Db, externalIDPTable, externalIDP)
|
||||
if err != nil {
|
||||
|
||||
@@ -2,17 +2,8 @@ package repository
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/caos/zitadel/internal/user/model"
|
||||
)
|
||||
|
||||
type UserRepository interface {
|
||||
myUserRepo
|
||||
|
||||
UserSessionUserIDsByAgentID(ctx context.Context, agentID string) ([]string, error)
|
||||
}
|
||||
|
||||
type myUserRepo interface {
|
||||
MyUserChanges(ctx context.Context, lastSequence uint64, limit uint64, sortAscending bool, retention time.Duration) (*model.UserChanges, error)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user