mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-13 19:44:21 +00:00
fix: check login policy state for idp policy mgmt (#2384)
This commit is contained in:
parent
d090f12672
commit
8883d74e3d
@ -2,6 +2,7 @@ package command
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
"github.com/caos/logging"
|
"github.com/caos/logging"
|
||||||
"github.com/caos/zitadel/internal/domain"
|
"github.com/caos/zitadel/internal/domain"
|
||||||
caos_errs "github.com/caos/zitadel/internal/errors"
|
caos_errs "github.com/caos/zitadel/internal/errors"
|
||||||
@ -88,7 +89,16 @@ func (c *Commands) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, idpPr
|
|||||||
if !idpProvider.IsValid() {
|
if !idpProvider.IsValid() {
|
||||||
return nil, caos_errs.ThrowInvalidArgument(nil, "IAM-9nf88", "Errors.IAM.LoginPolicy.IDP.Invalid")
|
return nil, caos_errs.ThrowInvalidArgument(nil, "IAM-9nf88", "Errors.IAM.LoginPolicy.IDP.Invalid")
|
||||||
}
|
}
|
||||||
_, err := c.getIAMIDPConfigByID(ctx, idpProvider.IDPConfigID)
|
existingPolicy := NewIAMLoginPolicyWriteModel()
|
||||||
|
err := c.defaultLoginPolicyWriteModelByID(ctx, existingPolicy)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if existingPolicy.State == domain.PolicyStateUnspecified || existingPolicy.State == domain.PolicyStateRemoved {
|
||||||
|
return nil, caos_errs.ThrowNotFound(nil, "IAM-GVDfe", "Errors.IAM.LoginPolicy.NotFound")
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err = c.getIAMIDPConfigByID(ctx, idpProvider.IDPConfigID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, caos_errs.ThrowPreconditionFailed(err, "IAM-m8fsd", "Errors.IDPConfig.NotExisting")
|
return nil, caos_errs.ThrowPreconditionFailed(err, "IAM-m8fsd", "Errors.IDPConfig.NotExisting")
|
||||||
}
|
}
|
||||||
@ -117,8 +127,17 @@ func (c *Commands) RemoveIDPProviderFromDefaultLoginPolicy(ctx context.Context,
|
|||||||
if !idpProvider.IsValid() {
|
if !idpProvider.IsValid() {
|
||||||
return nil, caos_errs.ThrowInvalidArgument(nil, "IAM-66m9s", "Errors.IAM.LoginPolicy.IDP.Invalid")
|
return nil, caos_errs.ThrowInvalidArgument(nil, "IAM-66m9s", "Errors.IAM.LoginPolicy.IDP.Invalid")
|
||||||
}
|
}
|
||||||
|
existingPolicy := NewIAMLoginPolicyWriteModel()
|
||||||
|
err := c.defaultLoginPolicyWriteModelByID(ctx, existingPolicy)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if existingPolicy.State == domain.PolicyStateUnspecified || existingPolicy.State == domain.PolicyStateRemoved {
|
||||||
|
return nil, caos_errs.ThrowNotFound(nil, "IAM-Dfg4t", "Errors.IAM.LoginPolicy.NotFound")
|
||||||
|
}
|
||||||
|
|
||||||
idpModel := NewIAMIdentityProviderWriteModel(idpProvider.IDPConfigID)
|
idpModel := NewIAMIdentityProviderWriteModel(idpProvider.IDPConfigID)
|
||||||
err := c.eventstore.FilterToQueryReducer(ctx, idpModel)
|
err = c.eventstore.FilterToQueryReducer(ctx, idpModel)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -313,11 +313,42 @@ func TestCommandSide_AddIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
err: caos_errs.IsErrorInvalidArgument,
|
err: caos_errs.IsErrorInvalidArgument,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "policy not existing, not found error",
|
||||||
|
fields: fields{
|
||||||
|
eventstore: eventstoreExpect(
|
||||||
|
t,
|
||||||
|
expectFilter(),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
args: args{
|
||||||
|
ctx: context.Background(),
|
||||||
|
provider: &domain.IDPProvider{
|
||||||
|
IDPConfigID: "config1",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
res: res{
|
||||||
|
err: caos_errs.IsNotFound,
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "config not existing, precondition error",
|
name: "config not existing, precondition error",
|
||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
iam.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&iam.NewAggregate().Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(),
|
expectFilter(),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
@ -336,6 +367,19 @@ func TestCommandSide_AddIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
iam.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&iam.NewAggregate().Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
iam.NewIDPConfigAddedEvent(context.Background(),
|
iam.NewIDPConfigAddedEvent(context.Background(),
|
||||||
@ -349,17 +393,6 @@ func TestCommandSide_AddIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
),
|
),
|
||||||
),
|
),
|
||||||
expectFilter(
|
expectFilter(
|
||||||
eventFromEventPusher(
|
|
||||||
iam.NewLoginPolicyAddedEvent(context.Background(),
|
|
||||||
&iam.NewAggregate().Aggregate,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
domain.PasswordlessTypeAllowed,
|
|
||||||
),
|
|
||||||
),
|
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
iam.NewIdentityProviderAddedEvent(context.Background(),
|
iam.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&iam.NewAggregate().Aggregate,
|
&iam.NewAggregate().Aggregate,
|
||||||
@ -384,6 +417,19 @@ func TestCommandSide_AddIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
iam.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&iam.NewAggregate().Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
iam.NewIDPConfigAddedEvent(context.Background(),
|
iam.NewIDPConfigAddedEvent(context.Background(),
|
||||||
@ -478,11 +524,42 @@ func TestCommandSide_RemoveIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
err: caos_errs.IsErrorInvalidArgument,
|
err: caos_errs.IsErrorInvalidArgument,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "login policy not existing, not found error",
|
||||||
|
fields: fields{
|
||||||
|
eventstore: eventstoreExpect(
|
||||||
|
t,
|
||||||
|
expectFilter(),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
args: args{
|
||||||
|
ctx: context.Background(),
|
||||||
|
provider: &domain.IDPProvider{
|
||||||
|
IDPConfigID: "config1",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
res: res{
|
||||||
|
err: caos_errs.IsNotFound,
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "provider not existing, not found error",
|
name: "provider not existing, not found error",
|
||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
iam.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&iam.NewAggregate().Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(),
|
expectFilter(),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
@ -513,6 +590,8 @@ func TestCommandSide_RemoveIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
iam.NewIdentityProviderAddedEvent(context.Background(),
|
iam.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&iam.NewAggregate().Aggregate,
|
&iam.NewAggregate().Aggregate,
|
||||||
@ -555,6 +634,8 @@ func TestCommandSide_RemoveIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
iam.NewIdentityProviderAddedEvent(context.Background(),
|
iam.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&iam.NewAggregate().Aggregate,
|
&iam.NewAggregate().Aggregate,
|
||||||
@ -602,6 +683,8 @@ func TestCommandSide_RemoveIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
iam.NewIdentityProviderAddedEvent(context.Background(),
|
iam.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&iam.NewAggregate().Aggregate,
|
&iam.NewAggregate().Aggregate,
|
||||||
@ -657,6 +740,8 @@ func TestCommandSide_RemoveIDPProviderDefaultLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
iam.NewIdentityProviderAddedEvent(context.Background(),
|
iam.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&iam.NewAggregate().Aggregate,
|
&iam.NewAggregate().Aggregate,
|
||||||
|
@ -165,7 +165,14 @@ func (c *Commands) AddIDPProviderToLoginPolicy(ctx context.Context, resourceOwne
|
|||||||
if !idpProvider.IsValid() {
|
if !idpProvider.IsValid() {
|
||||||
return nil, caos_errs.ThrowInvalidArgument(nil, "Org-9nf88", "Errors.Org.LoginPolicy.IDP.")
|
return nil, caos_errs.ThrowInvalidArgument(nil, "Org-9nf88", "Errors.Org.LoginPolicy.IDP.")
|
||||||
}
|
}
|
||||||
var err error
|
existingPolicy, err := c.orgLoginPolicyWriteModelByID(ctx, resourceOwner)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if existingPolicy.State == domain.PolicyStateUnspecified || existingPolicy.State == domain.PolicyStateRemoved {
|
||||||
|
return nil, caos_errs.ThrowNotFound(nil, "Org-Ffgw2", "Errors.Org.LoginPolicy.NotFound")
|
||||||
|
}
|
||||||
|
|
||||||
if idpProvider.Type == domain.IdentityProviderTypeOrg {
|
if idpProvider.Type == domain.IdentityProviderTypeOrg {
|
||||||
_, err = c.getOrgIDPConfigByID(ctx, idpProvider.IDPConfigID, resourceOwner)
|
_, err = c.getOrgIDPConfigByID(ctx, idpProvider.IDPConfigID, resourceOwner)
|
||||||
} else {
|
} else {
|
||||||
@ -202,8 +209,16 @@ func (c *Commands) RemoveIDPProviderFromLoginPolicy(ctx context.Context, resourc
|
|||||||
if !idpProvider.IsValid() {
|
if !idpProvider.IsValid() {
|
||||||
return nil, caos_errs.ThrowInvalidArgument(nil, "Org-66m9s", "Errors.Org.LoginPolicy.IDP.Invalid")
|
return nil, caos_errs.ThrowInvalidArgument(nil, "Org-66m9s", "Errors.Org.LoginPolicy.IDP.Invalid")
|
||||||
}
|
}
|
||||||
|
existingPolicy, err := c.orgLoginPolicyWriteModelByID(ctx, resourceOwner)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if existingPolicy.State == domain.PolicyStateUnspecified || existingPolicy.State == domain.PolicyStateRemoved {
|
||||||
|
return nil, caos_errs.ThrowNotFound(nil, "Org-GVDfe", "Errors.Org.LoginPolicy.NotFound")
|
||||||
|
}
|
||||||
|
|
||||||
idpModel := NewOrgIdentityProviderWriteModel(resourceOwner, idpProvider.IDPConfigID)
|
idpModel := NewOrgIdentityProviderWriteModel(resourceOwner, idpProvider.IDPConfigID)
|
||||||
err := c.eventstore.FilterToQueryReducer(ctx, idpModel)
|
err = c.eventstore.FilterToQueryReducer(ctx, idpModel)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -625,11 +625,45 @@ func TestCommandSide_AddIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
err: caos_errs.IsErrorInvalidArgument,
|
err: caos_errs.IsErrorInvalidArgument,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "policy not existing, not found error",
|
||||||
|
fields: fields{
|
||||||
|
eventstore: eventstoreExpect(
|
||||||
|
t,
|
||||||
|
expectFilter(),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
args: args{
|
||||||
|
ctx: context.Background(),
|
||||||
|
resourceOwner: "org1",
|
||||||
|
provider: &domain.IDPProvider{
|
||||||
|
IDPConfigID: "config1",
|
||||||
|
Name: "name",
|
||||||
|
Type: domain.IdentityProviderTypeOrg,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
res: res{
|
||||||
|
err: caos_errs.IsNotFound,
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "config not existing, precondition error",
|
name: "config not existing, precondition error",
|
||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
org.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(),
|
expectFilter(),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
@ -651,6 +685,19 @@ func TestCommandSide_AddIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
org.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
org.NewIDPConfigAddedEvent(context.Background(),
|
org.NewIDPConfigAddedEvent(context.Background(),
|
||||||
@ -664,17 +711,6 @@ func TestCommandSide_AddIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
),
|
),
|
||||||
),
|
),
|
||||||
expectFilter(
|
expectFilter(
|
||||||
eventFromEventPusher(
|
|
||||||
org.NewLoginPolicyAddedEvent(context.Background(),
|
|
||||||
&org.NewAggregate("org1", "org1").Aggregate,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
true,
|
|
||||||
domain.PasswordlessTypeAllowed,
|
|
||||||
),
|
|
||||||
),
|
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
org.NewIdentityProviderAddedEvent(context.Background(),
|
org.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&org.NewAggregate("org1", "or1").Aggregate,
|
&org.NewAggregate("org1", "or1").Aggregate,
|
||||||
@ -703,6 +739,19 @@ func TestCommandSide_AddIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
org.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
org.NewIDPConfigAddedEvent(context.Background(),
|
org.NewIDPConfigAddedEvent(context.Background(),
|
||||||
@ -823,11 +872,43 @@ func TestCommandSide_RemoveIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
err: caos_errs.IsErrorInvalidArgument,
|
err: caos_errs.IsErrorInvalidArgument,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "login policy not exist, not found error",
|
||||||
|
fields: fields{
|
||||||
|
eventstore: eventstoreExpect(
|
||||||
|
t,
|
||||||
|
expectFilter(),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
args: args{
|
||||||
|
ctx: context.Background(),
|
||||||
|
resourceOwner: "org1",
|
||||||
|
provider: &domain.IDPProvider{
|
||||||
|
IDPConfigID: "config1",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
res: res{
|
||||||
|
err: caos_errs.IsNotFound,
|
||||||
|
},
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "provider not existing, not found error",
|
name: "provider not existing, not found error",
|
||||||
fields: fields{
|
fields: fields{
|
||||||
eventstore: eventstoreExpect(
|
eventstore: eventstoreExpect(
|
||||||
t,
|
t,
|
||||||
|
expectFilter(
|
||||||
|
eventFromEventPusher(
|
||||||
|
org.NewLoginPolicyAddedEvent(context.Background(),
|
||||||
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
true,
|
||||||
|
domain.PasswordlessTypeAllowed,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
expectFilter(),
|
expectFilter(),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
@ -861,6 +942,8 @@ func TestCommandSide_RemoveIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
org.NewIdentityProviderAddedEvent(context.Background(),
|
org.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&org.NewAggregate("org1", "org1").Aggregate,
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
@ -905,6 +988,8 @@ func TestCommandSide_RemoveIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
org.NewIdentityProviderAddedEvent(context.Background(),
|
org.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&org.NewAggregate("org1", "org1").Aggregate,
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
@ -956,6 +1041,8 @@ func TestCommandSide_RemoveIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
org.NewIdentityProviderAddedEvent(context.Background(),
|
org.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&org.NewAggregate("org1", "org1").Aggregate,
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
@ -1015,6 +1102,8 @@ func TestCommandSide_RemoveIDPProviderLoginPolicy(t *testing.T) {
|
|||||||
domain.PasswordlessTypeAllowed,
|
domain.PasswordlessTypeAllowed,
|
||||||
),
|
),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
expectFilter(
|
||||||
eventFromEventPusher(
|
eventFromEventPusher(
|
||||||
org.NewIdentityProviderAddedEvent(context.Background(),
|
org.NewIdentityProviderAddedEvent(context.Background(),
|
||||||
&org.NewAggregate("org1", "org1").Aggregate,
|
&org.NewAggregate("org1", "org1").Aggregate,
|
||||||
|
@ -30,6 +30,9 @@ func (o *Org) appendAddIdpProviderToLoginPolicyEvent(event *es_models.Event) err
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
provider.ObjectRoot.CreationDate = event.CreationDate
|
provider.ObjectRoot.CreationDate = event.CreationDate
|
||||||
|
if o.LoginPolicy == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
o.LoginPolicy.IDPProviders = append(o.LoginPolicy.IDPProviders, provider)
|
o.LoginPolicy.IDPProviders = append(o.LoginPolicy.IDPProviders, provider)
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
@ -40,6 +43,9 @@ func (o *Org) appendRemoveIdpProviderFromLoginPolicyEvent(event *es_models.Event
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
if o.LoginPolicy == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
if i, m := iam_es_model.GetIDPProvider(o.LoginPolicy.IDPProviders, provider.IDPConfigID); m != nil {
|
if i, m := iam_es_model.GetIDPProvider(o.LoginPolicy.IDPProviders, provider.IDPConfigID); m != nil {
|
||||||
o.LoginPolicy.IDPProviders[i] = o.LoginPolicy.IDPProviders[len(o.LoginPolicy.IDPProviders)-1]
|
o.LoginPolicy.IDPProviders[i] = o.LoginPolicy.IDPProviders[len(o.LoginPolicy.IDPProviders)-1]
|
||||||
o.LoginPolicy.IDPProviders[len(o.LoginPolicy.IDPProviders)-1] = nil
|
o.LoginPolicy.IDPProviders[len(o.LoginPolicy.IDPProviders)-1] = nil
|
||||||
|
Loading…
Reference in New Issue
Block a user