From 8dcbbc87caeef9fe7e2be556134845a1869c2699 Mon Sep 17 00:00:00 2001 From: Livio Amstutz Date: Wed, 24 Feb 2021 11:17:39 +0100 Subject: [PATCH] fix: update config to commands (and queries) (#1342) * fix: adaot config to commands (and queries) * remove dependency on vv2 in v1 * add queries user to operator * set password for queries on tests * set password for queries on tests * fix config --- cmd/zitadel/main.go | 44 +++--- cmd/zitadel/setup.yaml | 12 +- cmd/zitadel/startup.yaml | 25 +++- internal/api/grpc/admin/server.go | 6 +- internal/api/grpc/auth/server.go | 6 +- internal/api/grpc/management/server.go | 6 +- internal/api/oidc/op.go | 8 +- .../eventsourcing/eventstore/application.go | 2 +- .../eventsourcing/eventstore/auth_request.go | 2 +- .../eventsourcing/eventstore/iam.go | 2 +- .../eventsourcing/eventstore/key.go | 2 +- .../repository/eventsourcing/repository.go | 13 +- internal/authz/authz.go | 5 +- .../eventsourcing/eventstore/iam.go | 2 +- .../repository/eventsourcing/repository.go | 20 +-- internal/command/command.go | 58 ++++---- internal/command/iam.go | 12 +- internal/command/iam_idp_config.go | 40 ++--- internal/command/iam_idp_oidc_config.go | 8 +- internal/command/iam_member.go | 26 ++-- internal/command/iam_policy_label.go | 20 +-- internal/command/iam_policy_login.go | 78 +++++----- internal/command/iam_policy_mail_template.go | 20 +-- internal/command/iam_policy_mail_text.go | 20 +-- internal/command/iam_policy_org_iam.go | 24 +-- internal/command/iam_policy_password_age.go | 20 +-- .../command/iam_policy_password_complexity.go | 24 +-- .../command/iam_policy_password_lockout.go | 20 +-- internal/command/key_pair.go | 12 +- internal/command/org.go | 56 +++---- internal/command/org_domain.go | 50 +++---- internal/command/org_idp_config.go | 38 ++--- internal/command/org_idp_oidc_config.go | 8 +- internal/command/org_member.go | 26 ++-- internal/command/org_policy_label.go | 18 +-- internal/command/org_policy_login.go | 60 ++++---- internal/command/org_policy_mail_template.go | 18 +-- internal/command/org_policy_mail_text.go | 18 +-- internal/command/org_policy_org_iam.go | 32 ++-- internal/command/org_policy_password_age.go | 18 +-- .../command/org_policy_password_complexity.go | 24 +-- .../command/org_policy_password_lockout.go | 18 +-- internal/command/project.go | 50 +++---- internal/command/project_application.go | 28 ++-- internal/command/project_application_api.go | 34 ++--- internal/command/project_application_key.go | 18 +-- internal/command/project_application_oidc.go | 44 +++--- internal/command/project_grant.go | 56 +++---- internal/command/project_grant_member.go | 24 +-- internal/command/project_member.go | 28 ++-- internal/command/project_role.go | 40 ++--- internal/command/setup.go | 22 +-- internal/command/setup_step1.go | 24 +-- internal/command/setup_step10.go | 10 +- internal/command/setup_step11.go | 10 +- internal/command/setup_step2.go | 8 +- internal/command/setup_step3.go | 8 +- internal/command/setup_step4.go | 8 +- internal/command/setup_step5.go | 8 +- internal/command/setup_step6.go | 8 +- internal/command/setup_step7.go | 8 +- internal/command/setup_step8.go | 8 +- internal/command/setup_step9.go | 12 +- internal/command/user.go | 76 +++++----- internal/command/user_grant.go | 60 ++++---- internal/command/user_human.go | 58 ++++---- internal/command/user_human_address.go | 10 +- internal/command/user_human_email.go | 36 ++--- internal/command/user_human_externalidp.go | 28 ++-- internal/command/user_human_init.go | 30 ++-- internal/command/user_human_otp.go | 42 +++--- internal/command/user_human_password.go | 62 ++++---- internal/command/user_human_phone.go | 42 +++--- internal/command/user_human_profile.go | 10 +- internal/command/user_human_webauthn.go | 140 +++++++++--------- internal/command/user_machine.go | 18 +-- internal/command/user_machine_key.go | 22 +-- internal/config/types/sql.go | 44 +++++- internal/eventstore/config.go | 24 +++ internal/eventstore/local_crdb_test.go | 1 + .../repository/sql/local_crdb_test.go | 1 + internal/eventstore/v1/config.go | 9 +- internal/eventstore/v1/eventstore.go | 38 +---- .../eventsourcing/eventstore/iam.go | 2 +- .../repository/eventsourcing/repository.go | 9 +- internal/notification/notification.go | 2 +- .../eventsourcing/handler/handler.go | 2 +- .../eventsourcing/handler/notification.go | 4 +- .../repository/eventsourcing/repository.go | 2 +- .../eventsourcing/spooler/spooler.go | 2 +- internal/query/iam_idp_config.go | 2 +- internal/query/member.go | 2 +- internal/query/query.go | 21 +-- internal/query/user.go | 2 +- internal/setup/setup.go | 2 +- internal/ui/login/handler/login.go | 6 +- internal/ui/login/login.go | 2 +- migrations/cockroach/V1.35__queries.sql | 2 + migrations/cockroach/migrate_local.go | 2 +- .../iam/zitadel/configuration/desired.go | 1 + operator/zitadel/kinds/iam/zitadel/users.go | 7 + 101 files changed, 1122 insertions(+), 1078 deletions(-) create mode 100644 internal/eventstore/config.go create mode 100644 migrations/cockroach/V1.35__queries.sql diff --git a/cmd/zitadel/main.go b/cmd/zitadel/main.go index a292edcfab..3f0f52a49a 100644 --- a/cmd/zitadel/main.go +++ b/cmd/zitadel/main.go @@ -3,9 +3,10 @@ package main import ( "context" "flag" - "github.com/caos/zitadel/internal/eventstore/v1" "github.com/caos/zitadel/internal/command" + "github.com/caos/zitadel/internal/config/types" + "github.com/caos/zitadel/internal/eventstore" "github.com/caos/zitadel/internal/query" metrics "github.com/caos/zitadel/internal/telemetry/metrics/config" @@ -39,6 +40,10 @@ type Config struct { InternalAuthZ internal_authz.Config SystemDefaults sd.SystemDefaults + EventstoreBase types.SQLBase + Commands command.Config + Queries query.Config + AuthZ authz.Config Auth auth_es.Config Admin admin_es.Config @@ -53,7 +58,7 @@ type Config struct { type setupConfig struct { Log logging.Config - Eventstore v1.Config + Eventstore types.SQL SystemDefaults sd.SystemDefaults SetUp setup.IAMSetUp } @@ -97,40 +102,42 @@ func startZitadel(configPaths []string) { logging.Log("MAIN-FaF2r").OnError(err).Fatal("cannot read config") ctx := context.Background() - //TODO: new eventstore config for command sie - es, err := v1.Start(conf.Admin.Eventstore) + esCommands, err := eventstore.StartWithUser(conf.EventstoreBase, conf.Commands.Eventstore) if err != nil { return } - esV2 := es.V2() - command, err := command.StartCommandSide(&command.Config{Eventstore: esV2, SystemDefaults: conf.SystemDefaults}) + commands, err := command.StartCommands(esCommands, conf.SystemDefaults) if err != nil { return } - query, err := query.StartQuerySide(&query.Config{Eventstore: esV2, SystemDefaults: conf.SystemDefaults}) + esQueries, err := eventstore.StartWithUser(conf.EventstoreBase, conf.Queries.Eventstore) if err != nil { return } - authZRepo, err := authz.Start(ctx, conf.AuthZ, conf.InternalAuthZ, conf.SystemDefaults) + queries, err := query.StartQueries(esQueries, conf.SystemDefaults) + if err != nil { + return + } + authZRepo, err := authz.Start(ctx, conf.AuthZ, conf.InternalAuthZ, conf.SystemDefaults, queries) logging.Log("MAIN-s9KOw").OnError(err).Fatal("error starting authz repo") var authRepo *auth_es.EsRepository if *authEnabled || *oidcEnabled || *loginEnabled { - authRepo, err = auth_es.Start(conf.Auth, conf.InternalAuthZ, conf.SystemDefaults, command, authZRepo) + authRepo, err = auth_es.Start(conf.Auth, conf.InternalAuthZ, conf.SystemDefaults, commands, queries, authZRepo, esQueries) logging.Log("MAIN-9oRw6").OnError(err).Fatal("error starting auth repo") } - startAPI(ctx, conf, authZRepo, authRepo, command, query) - startUI(ctx, conf, authRepo, command, query) + startAPI(ctx, conf, authZRepo, authRepo, commands, queries) + startUI(ctx, conf, authRepo, commands, queries) if *notificationEnabled { - notification.Start(ctx, conf.Notification, conf.SystemDefaults, command) + notification.Start(ctx, conf.Notification, conf.SystemDefaults, commands) } <-ctx.Done() logging.Log("MAIN-s8d2h").Info("stopping zitadel") } -func startUI(ctx context.Context, conf *Config, authRepo *auth_es.EsRepository, command *command.CommandSide, query *query.QuerySide) { +func startUI(ctx context.Context, conf *Config, authRepo *auth_es.EsRepository, command *command.Commands, query *query.Queries) { uis := ui.Create(conf.UI) if *loginEnabled { login, prefix := login.Start(conf.UI.Login, command, query, authRepo, conf.SystemDefaults, *localDevMode) @@ -144,7 +151,7 @@ func startUI(ctx context.Context, conf *Config, authRepo *auth_es.EsRepository, uis.Start(ctx) } -func startAPI(ctx context.Context, conf *Config, authZRepo *authz_repo.EsRepository, authRepo *auth_es.EsRepository, command *command.CommandSide, query *query.QuerySide) { +func startAPI(ctx context.Context, conf *Config, authZRepo *authz_repo.EsRepository, authRepo *auth_es.EsRepository, command *command.Commands, query *query.Queries) { roles := make([]string, len(conf.InternalAuthZ.RolePermissionMappings)) for i, role := range conf.InternalAuthZ.RolePermissionMappings { roles[i] = role.Role @@ -158,7 +165,7 @@ func startAPI(ctx context.Context, conf *Config, authZRepo *authz_repo.EsReposit apis.RegisterServer(ctx, admin.CreateServer(command, query, repo)) } if *managementEnabled { - managementRepo, err := mgmt_es.Start(conf.Mgmt, conf.SystemDefaults, roles) + managementRepo, err := mgmt_es.Start(conf.Mgmt, conf.SystemDefaults, roles, query) logging.Log("API-Gd2qq").OnError(err).Fatal("error starting management repo") apis.RegisterServer(ctx, management.CreateServer(command, query, managementRepo, conf.SystemDefaults)) } @@ -179,13 +186,10 @@ func startSetup(configPaths []string, localDevMode bool) { ctx := context.Background() - es, err := v1.Start(conf.Eventstore) + es, err := eventstore.Start(conf.Eventstore) logging.Log("MAIN-Ddt3").OnError(err).Fatal("cannot start eventstore") - commands, err := command.StartCommandSide(&command.Config{ - Eventstore: es.V2(), - SystemDefaults: conf.SystemDefaults, - }) + commands, err := command.StartCommands(es, conf.SystemDefaults) logging.Log("MAIN-dsjrr").OnError(err).Fatal("cannot start command side") err = setup.Execute(ctx, conf.SetUp, conf.SystemDefaults.IamID, commands) diff --git a/cmd/zitadel/setup.yaml b/cmd/zitadel/setup.yaml index 9b499f3612..c562dc6642 100644 --- a/cmd/zitadel/setup.yaml +++ b/cmd/zitadel/setup.yaml @@ -9,18 +9,14 @@ Eventstore: SQL: Host: $ZITADEL_EVENTSTORE_HOST Port: $ZITADEL_EVENTSTORE_PORT - User: 'adminapi' + User: 'eventstore' Database: 'eventstore' - Password: $CR_ADMINAPI_PASSWORD + Password: $CR_EVENTSTORE_PASSWORD SSL: Mode: $CR_SSL_MODE RootCert: $CR_ROOT_CERT - Cert: $CR_ADMINAPI_CERT - Key: $CR_ADMINAPI_KEY - Cache: - Type: 'fastcache' - Config: - MaxCacheSizeInByte: 10485760 #10mb + Cert: $CR_EVENTSTORE_CERT + Key: $CR_EVENTSTORE_KEY SetUp: Step1: diff --git a/cmd/zitadel/startup.yaml b/cmd/zitadel/startup.yaml index 3038746589..4d78af0226 100644 --- a/cmd/zitadel/startup.yaml +++ b/cmd/zitadel/startup.yaml @@ -16,8 +16,31 @@ Metrics: Config: MeterName: 'github.com/caos/zitadel' +EventstoreBase: + Host: $ZITADEL_EVENTSTORE_HOST + Port: $ZITADEL_EVENTSTORE_PORT + Database: 'eventstore' + SSL: + Mode: $CR_SSL_MODE + RootCert: $CR_ROOT_CERT + +Commands: + Eventstore: + User: 'eventstore' + Password: $CR_EVENTSTORE_PASSWORD + SSL: + Cert: $CR_EVENTSTORE_CERT + Key: $CR_EVENTSTORE_KEY + +Queries: + Eventstore: + User: 'queries' + Password: $CR_QUERIES_PASSWORD + SSL: + Cert: $CR_QUERIES_CERT + Key: $CR_QUERIES_KEY + AuthZ: - Domain: $ZITADEL_DEFAULT_DOMAIN Repository: Eventstore: ServiceName: 'AuthZ' diff --git a/internal/api/grpc/admin/server.go b/internal/api/grpc/admin/server.go index 47c5bcfbc1..b2b4dc9ad6 100644 --- a/internal/api/grpc/admin/server.go +++ b/internal/api/grpc/admin/server.go @@ -19,8 +19,8 @@ const ( var _ admin.AdminServiceServer = (*Server)(nil) type Server struct { - command *command.CommandSide - query *query.QuerySide + command *command.Commands + query *query.Queries org repository.OrgRepository iam repository.IAMRepository administrator repository.AdministratorRepository @@ -31,7 +31,7 @@ type Config struct { Repository eventsourcing.Config } -func CreateServer(command *command.CommandSide, query *query.QuerySide, repo repository.Repository) *Server { +func CreateServer(command *command.Commands, query *query.Queries, repo repository.Repository) *Server { return &Server{ command: command, query: query, diff --git a/internal/api/grpc/auth/server.go b/internal/api/grpc/auth/server.go index 6f081d5a19..5b15a3435a 100644 --- a/internal/api/grpc/auth/server.go +++ b/internal/api/grpc/auth/server.go @@ -19,8 +19,8 @@ const ( ) type Server struct { - command *command.CommandSide - query *query.QuerySide + command *command.Commands + query *query.Queries repo repository.Repository } @@ -28,7 +28,7 @@ type Config struct { Repository eventsourcing.Config } -func CreateServer(command *command.CommandSide, query *query.QuerySide, authRepo repository.Repository) *Server { +func CreateServer(command *command.Commands, query *query.Queries, authRepo repository.Repository) *Server { return &Server{ command: command, query: query, diff --git a/internal/api/grpc/management/server.go b/internal/api/grpc/management/server.go index 554ade9d90..f2001d5bce 100644 --- a/internal/api/grpc/management/server.go +++ b/internal/api/grpc/management/server.go @@ -20,8 +20,8 @@ const ( var _ management.ManagementServiceServer = (*Server)(nil) type Server struct { - command *command.CommandSide - query *query.QuerySide + command *command.Commands + query *query.Queries project repository.ProjectRepository org repository.OrgRepository user repository.UserRepository @@ -35,7 +35,7 @@ type Config struct { Repository eventsourcing.Config } -func CreateServer(command *command.CommandSide, query *query.QuerySide, repo repository.Repository, sd systemdefaults.SystemDefaults) *Server { +func CreateServer(command *command.Commands, query *query.Queries, repo repository.Repository, sd systemdefaults.SystemDefaults) *Server { return &Server{ command: command, query: query, diff --git a/internal/api/oidc/op.go b/internal/api/oidc/op.go index fc3949714e..5272ac11fe 100644 --- a/internal/api/oidc/op.go +++ b/internal/api/oidc/op.go @@ -49,15 +49,15 @@ type Endpoint struct { type OPStorage struct { repo repository.Repository - command *command.CommandSide - query *query.QuerySide + command *command.Commands + query *query.Queries defaultLoginURL string defaultAccessTokenLifetime time.Duration defaultIdTokenLifetime time.Duration signingKeyAlgorithm string } -func NewProvider(ctx context.Context, config OPHandlerConfig, command *command.CommandSide, query *query.QuerySide, repo repository.Repository, localDevMode bool) op.OpenIDProvider { +func NewProvider(ctx context.Context, config OPHandlerConfig, command *command.Commands, query *query.Queries, repo repository.Repository, localDevMode bool) op.OpenIDProvider { cookieHandler, err := middleware.NewUserAgentHandler(config.UserAgentCookieConfig, id.SonyFlakeGenerator, localDevMode) logging.Log("OIDC-sd4fd").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Panic("cannot user agent handler") config.OPConfig.CodeMethodS256 = true @@ -84,7 +84,7 @@ func NewProvider(ctx context.Context, config OPHandlerConfig, command *command.C return provider } -func newStorage(config StorageConfig, command *command.CommandSide, query *query.QuerySide, repo repository.Repository) *OPStorage { +func newStorage(config StorageConfig, command *command.Commands, query *query.Queries, repo repository.Repository) *OPStorage { return &OPStorage{ repo: repo, command: command, diff --git a/internal/auth/repository/eventsourcing/eventstore/application.go b/internal/auth/repository/eventsourcing/eventstore/application.go index 39d5a9eaf7..3c55c44ac1 100644 --- a/internal/auth/repository/eventsourcing/eventstore/application.go +++ b/internal/auth/repository/eventsourcing/eventstore/application.go @@ -11,7 +11,7 @@ import ( ) type ApplicationRepo struct { - Commands *command.CommandSide + Commands *command.Commands View *view.View } diff --git a/internal/auth/repository/eventsourcing/eventstore/auth_request.go b/internal/auth/repository/eventsourcing/eventstore/auth_request.go index 04dd09015e..b690b1c9c5 100644 --- a/internal/auth/repository/eventsourcing/eventstore/auth_request.go +++ b/internal/auth/repository/eventsourcing/eventstore/auth_request.go @@ -30,7 +30,7 @@ import ( ) type AuthRequestRepo struct { - Command *command.CommandSide + Command *command.Commands AuthRequests cache.AuthRequestCache View *view.View diff --git a/internal/auth/repository/eventsourcing/eventstore/iam.go b/internal/auth/repository/eventsourcing/eventstore/iam.go index b438b7eafc..3fd493e4ae 100644 --- a/internal/auth/repository/eventsourcing/eventstore/iam.go +++ b/internal/auth/repository/eventsourcing/eventstore/iam.go @@ -10,7 +10,7 @@ import ( type IAMRepository struct { IAMID string - IAMV2QuerySide *query.QuerySide + IAMV2QuerySide *query.Queries } func (repo *IAMRepository) GetIAM(ctx context.Context) (*model.IAM, error) { diff --git a/internal/auth/repository/eventsourcing/eventstore/key.go b/internal/auth/repository/eventsourcing/eventstore/key.go index 3f6c4ed8dd..9addc9f3f5 100644 --- a/internal/auth/repository/eventsourcing/eventstore/key.go +++ b/internal/auth/repository/eventsourcing/eventstore/key.go @@ -20,7 +20,7 @@ import ( ) type KeyRepository struct { - Commands *command.CommandSide + Commands *command.Commands Eventstore *eventstore.Eventstore View *view.View SigningKeyRotationCheck time.Duration diff --git a/internal/auth/repository/eventsourcing/repository.go b/internal/auth/repository/eventsourcing/repository.go index 412be24ea5..822b75c6d8 100644 --- a/internal/auth/repository/eventsourcing/repository.go +++ b/internal/auth/repository/eventsourcing/repository.go @@ -2,7 +2,6 @@ package eventsourcing import ( "context" - "github.com/caos/zitadel/internal/eventstore/v1" "github.com/caos/zitadel/internal/api/authz" "github.com/caos/zitadel/internal/auth/repository/eventsourcing/eventstore" @@ -14,6 +13,8 @@ import ( sd "github.com/caos/zitadel/internal/config/systemdefaults" "github.com/caos/zitadel/internal/config/types" "github.com/caos/zitadel/internal/crypto" + es2 "github.com/caos/zitadel/internal/eventstore" + "github.com/caos/zitadel/internal/eventstore/v1" es_spol "github.com/caos/zitadel/internal/eventstore/v1/spooler" "github.com/caos/zitadel/internal/id" key_model "github.com/caos/zitadel/internal/key/model" @@ -43,12 +44,11 @@ type EsRepository struct { eventstore.IAMRepository } -func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, command *command.CommandSide, authZRepo *authz_repo.EsRepository) (*EsRepository, error) { +func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, authZRepo *authz_repo.EsRepository, esV2 *es2.Eventstore) (*EsRepository, error) { es, err := v1.Start(conf.Eventstore) if err != nil { return nil, err } - esV2 := es.V2() sqlClient, err := conf.View.Start() if err != nil { @@ -71,11 +71,6 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, co return nil, err } - iamV2Query, err := query.StartQuerySide(&query.Config{Eventstore: esV2, SystemDefaults: systemDefaults}) - if err != nil { - return nil, err - } - keyChan := make(chan *key_model.KeyView) spool := spooler.StartSpooler(conf.Spooler, es, view, sqlClient, systemDefaults, keyChan) locker := spooler.NewLocker(sqlClient) @@ -145,7 +140,7 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, co }, eventstore.IAMRepository{ IAMID: systemDefaults.IamID, - IAMV2QuerySide: iamV2Query, + IAMV2QuerySide: queries, }, }, nil } diff --git a/internal/authz/authz.go b/internal/authz/authz.go index 795a86919d..40538635d4 100644 --- a/internal/authz/authz.go +++ b/internal/authz/authz.go @@ -6,12 +6,13 @@ import ( "github.com/caos/zitadel/internal/api/authz" "github.com/caos/zitadel/internal/authz/repository/eventsourcing" sd "github.com/caos/zitadel/internal/config/systemdefaults" + "github.com/caos/zitadel/internal/query" ) type Config struct { Repository eventsourcing.Config } -func Start(ctx context.Context, config Config, authZ authz.Config, systemDefaults sd.SystemDefaults) (*eventsourcing.EsRepository, error) { - return eventsourcing.Start(config.Repository, authZ, systemDefaults) +func Start(ctx context.Context, config Config, authZ authz.Config, systemDefaults sd.SystemDefaults, queries *query.Queries) (*eventsourcing.EsRepository, error) { + return eventsourcing.Start(config.Repository, authZ, systemDefaults, queries) } diff --git a/internal/authz/repository/eventsourcing/eventstore/iam.go b/internal/authz/repository/eventsourcing/eventstore/iam.go index 82b4c8a23c..27b550c14f 100644 --- a/internal/authz/repository/eventsourcing/eventstore/iam.go +++ b/internal/authz/repository/eventsourcing/eventstore/iam.go @@ -10,7 +10,7 @@ import ( type IamRepo struct { IAMID string - IAMV2Query *query.QuerySide + IAMV2Query *query.Queries } func (repo *IamRepo) Health(ctx context.Context) error { diff --git a/internal/authz/repository/eventsourcing/repository.go b/internal/authz/repository/eventsourcing/repository.go index 91c232d61d..dbe02d8c1f 100644 --- a/internal/authz/repository/eventsourcing/repository.go +++ b/internal/authz/repository/eventsourcing/repository.go @@ -2,12 +2,12 @@ package eventsourcing import ( "context" + "github.com/caos/zitadel/internal/eventstore/v1" "github.com/caos/zitadel/internal/query" "github.com/caos/zitadel/internal/api/authz" - "github.com/caos/zitadel/internal/auth_request/repository/cache" "github.com/caos/zitadel/internal/authz/repository/eventsourcing/eventstore" "github.com/caos/zitadel/internal/authz/repository/eventsourcing/spooler" authz_view "github.com/caos/zitadel/internal/authz/repository/eventsourcing/view" @@ -18,11 +18,9 @@ import ( ) type Config struct { - Domain string - Eventstore v1.Config - AuthRequest cache.Config - View types.SQL - Spooler spooler.SpoolerConfig + Eventstore v1.Config + View types.SQL + Spooler spooler.SpoolerConfig } type EsRepository struct { @@ -32,12 +30,11 @@ type EsRepository struct { eventstore.TokenVerifierRepo } -func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults) (*EsRepository, error) { +func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults, queries *query.Queries) (*EsRepository, error) { es, err := v1.Start(conf.Eventstore) if err != nil { return nil, err } - esV2 := es.V2() sqlClient, err := conf.View.Start() if err != nil { @@ -50,11 +47,6 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults) (* return nil, err } - iamV2, err := query.StartQuerySide(&query.Config{Eventstore: esV2, SystemDefaults: systemDefaults}) - if err != nil { - return nil, err - } - spool := spooler.StartSpooler(conf.Spooler, es, view, sqlClient, systemDefaults) return &EsRepository{ @@ -67,7 +59,7 @@ func Start(conf Config, authZ authz.Config, systemDefaults sd.SystemDefaults) (* }, eventstore.IamRepo{ IAMID: systemDefaults.IamID, - IAMV2Query: iamV2, + IAMV2Query: queries, }, eventstore.TokenVerifierRepo{ //TODO: Add Token Verification Key diff --git a/internal/command/command.go b/internal/command/command.go index f7dd5a0cdc..6dd646e0a0 100644 --- a/internal/command/command.go +++ b/internal/command/command.go @@ -2,6 +2,7 @@ package command import ( "context" + "github.com/caos/zitadel/internal/config/types" "github.com/caos/zitadel/internal/eventstore" "time" @@ -20,7 +21,7 @@ import ( webauthn_helper "github.com/caos/zitadel/internal/webauthn" ) -type CommandSide struct { +type Commands struct { eventstore *eventstore.Eventstore idGenerator id.Generator iamDomain string @@ -50,18 +51,17 @@ type CommandSide struct { } type Config struct { - Eventstore *eventstore.Eventstore - SystemDefaults sd.SystemDefaults + Eventstore types.SQLUser } -func StartCommandSide(config *Config) (repo *CommandSide, err error) { - repo = &CommandSide{ - eventstore: config.Eventstore, +func StartCommands(eventstore *eventstore.Eventstore, defaults sd.SystemDefaults) (repo *Commands, err error) { + repo = &Commands{ + eventstore: eventstore, idGenerator: id.SonyFlakeGenerator, - iamDomain: config.SystemDefaults.Domain, - keySize: config.SystemDefaults.KeyConfig.Size, - privateKeyLifetime: config.SystemDefaults.KeyConfig.PrivateKeyLifetime.Duration, - publicKeyLifetime: config.SystemDefaults.KeyConfig.PublicKeyLifetime.Duration, + iamDomain: defaults.Domain, + keySize: defaults.KeyConfig.Size, + privateKeyLifetime: defaults.KeyConfig.PrivateKeyLifetime.Duration, + publicKeyLifetime: defaults.KeyConfig.PublicKeyLifetime.Duration, } iam_repo.RegisterEventMappers(repo.eventstore) org.RegisterEventMappers(repo.eventstore) @@ -71,49 +71,49 @@ func StartCommandSide(config *Config) (repo *CommandSide, err error) { keypair.RegisterEventMappers(repo.eventstore) //TODO: simplify!!!! - repo.idpConfigSecretCrypto, err = crypto.NewAESCrypto(config.SystemDefaults.IDPConfigVerificationKey) + repo.idpConfigSecretCrypto, err = crypto.NewAESCrypto(defaults.IDPConfigVerificationKey) if err != nil { return nil, err } - userEncryptionAlgorithm, err := crypto.NewAESCrypto(config.SystemDefaults.UserVerificationKey) + userEncryptionAlgorithm, err := crypto.NewAESCrypto(defaults.UserVerificationKey) if err != nil { return nil, err } - repo.initializeUserCode = crypto.NewEncryptionGenerator(config.SystemDefaults.SecretGenerators.InitializeUserCode, userEncryptionAlgorithm) - repo.emailVerificationCode = crypto.NewEncryptionGenerator(config.SystemDefaults.SecretGenerators.EmailVerificationCode, userEncryptionAlgorithm) - repo.phoneVerificationCode = crypto.NewEncryptionGenerator(config.SystemDefaults.SecretGenerators.PhoneVerificationCode, userEncryptionAlgorithm) - repo.passwordVerificationCode = crypto.NewEncryptionGenerator(config.SystemDefaults.SecretGenerators.PasswordVerificationCode, userEncryptionAlgorithm) - repo.userPasswordAlg = crypto.NewBCrypt(config.SystemDefaults.SecretGenerators.PasswordSaltCost) + repo.initializeUserCode = crypto.NewEncryptionGenerator(defaults.SecretGenerators.InitializeUserCode, userEncryptionAlgorithm) + repo.emailVerificationCode = crypto.NewEncryptionGenerator(defaults.SecretGenerators.EmailVerificationCode, userEncryptionAlgorithm) + repo.phoneVerificationCode = crypto.NewEncryptionGenerator(defaults.SecretGenerators.PhoneVerificationCode, userEncryptionAlgorithm) + repo.passwordVerificationCode = crypto.NewEncryptionGenerator(defaults.SecretGenerators.PasswordVerificationCode, userEncryptionAlgorithm) + repo.userPasswordAlg = crypto.NewBCrypt(defaults.SecretGenerators.PasswordSaltCost) repo.machineKeyAlg = userEncryptionAlgorithm - repo.machineKeySize = int(config.SystemDefaults.SecretGenerators.MachineKeySize) - repo.applicationKeySize = int(config.SystemDefaults.SecretGenerators.ApplicationKeySize) + repo.machineKeySize = int(defaults.SecretGenerators.MachineKeySize) + repo.applicationKeySize = int(defaults.SecretGenerators.ApplicationKeySize) - aesOTPCrypto, err := crypto.NewAESCrypto(config.SystemDefaults.Multifactors.OTP.VerificationKey) + aesOTPCrypto, err := crypto.NewAESCrypto(defaults.Multifactors.OTP.VerificationKey) if err != nil { return nil, err } repo.multifactors = global_model.Multifactors{ OTP: global_model.OTP{ CryptoMFA: aesOTPCrypto, - Issuer: config.SystemDefaults.Multifactors.OTP.Issuer, + Issuer: defaults.Multifactors.OTP.Issuer, }, } - passwordAlg := crypto.NewBCrypt(config.SystemDefaults.SecretGenerators.PasswordSaltCost) - repo.applicationSecretGenerator = crypto.NewHashGenerator(config.SystemDefaults.SecretGenerators.ClientSecretGenerator, passwordAlg) + passwordAlg := crypto.NewBCrypt(defaults.SecretGenerators.PasswordSaltCost) + repo.applicationSecretGenerator = crypto.NewHashGenerator(defaults.SecretGenerators.ClientSecretGenerator, passwordAlg) - repo.domainVerificationAlg, err = crypto.NewAESCrypto(config.SystemDefaults.DomainVerification.VerificationKey) + repo.domainVerificationAlg, err = crypto.NewAESCrypto(defaults.DomainVerification.VerificationKey) if err != nil { return nil, err } - repo.domainVerificationGenerator = crypto.NewEncryptionGenerator(config.SystemDefaults.DomainVerification.VerificationGenerator, repo.domainVerificationAlg) + repo.domainVerificationGenerator = crypto.NewEncryptionGenerator(defaults.DomainVerification.VerificationGenerator, repo.domainVerificationAlg) repo.domainVerificationValidator = http.ValidateDomain - web, err := webauthn_helper.StartServer(config.SystemDefaults.WebAuthN) + web, err := webauthn_helper.StartServer(defaults.WebAuthN) if err != nil { return nil, err } repo.webauthn = web - keyAlgorithm, err := crypto.NewAESCrypto(config.SystemDefaults.KeyConfig.EncryptionConfig) + keyAlgorithm, err := crypto.NewAESCrypto(defaults.KeyConfig.EncryptionConfig) if err != nil { return nil, err } @@ -121,12 +121,12 @@ func StartCommandSide(config *Config) (repo *CommandSide, err error) { return repo, nil } -func (r *CommandSide) getIAMWriteModel(ctx context.Context) (_ *IAMWriteModel, err error) { +func (c *Commands) getIAMWriteModel(ctx context.Context) (_ *IAMWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMWriteModel() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam.go b/internal/command/iam.go index 54c51bc1c0..59bd733669 100644 --- a/internal/command/iam.go +++ b/internal/command/iam.go @@ -9,17 +9,17 @@ import ( ) //TODO: private -func (r *CommandSide) GetIAM(ctx context.Context) (*domain.IAM, error) { +func (c *Commands) GetIAM(ctx context.Context) (*domain.IAM, error) { iamWriteModel := NewIAMWriteModel() - err := r.eventstore.FilterToQueryReducer(ctx, iamWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, iamWriteModel) if err != nil { return nil, err } return writeModelToIAM(iamWriteModel), nil } -func (r *CommandSide) setGlobalOrg(ctx context.Context, iamAgg *eventstore.Aggregate, iamWriteModel *IAMWriteModel, orgID string) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, iamWriteModel) +func (c *Commands) setGlobalOrg(ctx context.Context, iamAgg *eventstore.Aggregate, iamWriteModel *IAMWriteModel, orgID string) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, iamWriteModel) if err != nil { return nil, err } @@ -29,8 +29,8 @@ func (r *CommandSide) setGlobalOrg(ctx context.Context, iamAgg *eventstore.Aggre return iam.NewGlobalOrgSetEventEvent(ctx, iamAgg, orgID), nil } -func (r *CommandSide) setIAMProject(ctx context.Context, iamAgg *eventstore.Aggregate, iamWriteModel *IAMWriteModel, projectID string) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, iamWriteModel) +func (c *Commands) setIAMProject(ctx context.Context, iamAgg *eventstore.Aggregate, iamWriteModel *IAMWriteModel, projectID string) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, iamWriteModel) if err != nil { return nil, err } diff --git a/internal/command/iam_idp_config.go b/internal/command/iam_idp_config.go index 6c6b5075c5..22e44beaee 100644 --- a/internal/command/iam_idp_config.go +++ b/internal/command/iam_idp_config.go @@ -12,18 +12,18 @@ import ( iam_repo "github.com/caos/zitadel/internal/repository/iam" ) -func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { +func (c *Commands) AddDefaultIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { if config.OIDCConfig == nil { return nil, errors.ThrowInvalidArgument(nil, "IAM-eUpQU", "Errors.idp.config.notset") } - idpConfigID, err := r.idGenerator.Next() + idpConfigID, err := c.idGenerator.Next() if err != nil { return nil, err } addedConfig := NewIAMIDPConfigWriteModel(idpConfigID) - clientSecret, err := crypto.Crypt([]byte(config.OIDCConfig.ClientSecretString), r.idpConfigSecretCrypto) + clientSecret, err := crypto.Crypt([]byte(config.OIDCConfig.ClientSecretString), c.idpConfigSecretCrypto) if err != nil { return nil, err } @@ -51,7 +51,7 @@ func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *domain.ID ), } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -62,8 +62,8 @@ func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *domain.ID return writeModelToIDPConfig(&addedConfig.IDPConfigWriteModel), nil } -func (r *CommandSide) ChangeDefaultIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { - existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, config.IDPConfigID) +func (c *Commands) ChangeDefaultIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { + existingIDP, err := c.iamIDPConfigWriteModelByID(ctx, config.IDPConfigID) if err != nil { return nil, err } @@ -76,7 +76,7 @@ func (r *CommandSide) ChangeDefaultIDPConfig(ctx context.Context, config *domain if !hasChanged { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9vs", "Errors.IAM.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -87,8 +87,8 @@ func (r *CommandSide) ChangeDefaultIDPConfig(ctx context.Context, config *domain return writeModelToIDPConfig(&existingIDP.IDPConfigWriteModel), nil } -func (r *CommandSide) DeactivateDefaultIDPConfig(ctx context.Context, idpID string) error { - existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, idpID) +func (c *Commands) DeactivateDefaultIDPConfig(ctx context.Context, idpID string) error { + existingIDP, err := c.iamIDPConfigWriteModelByID(ctx, idpID) if err != nil { return err } @@ -96,12 +96,12 @@ func (r *CommandSide) DeactivateDefaultIDPConfig(ctx context.Context, idpID stri return caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9so", "Errors.IAM.IDPConfig.NotActive") } iamAgg := IAMAggregateFromWriteModel(&existingIDP.WriteModel) - _, err = r.eventstore.PushEvents(ctx, iam_repo.NewIDPConfigDeactivatedEvent(ctx, iamAgg, idpID)) + _, err = c.eventstore.PushEvents(ctx, iam_repo.NewIDPConfigDeactivatedEvent(ctx, iamAgg, idpID)) return err } -func (r *CommandSide) ReactivateDefaultIDPConfig(ctx context.Context, idpID string) error { - existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, idpID) +func (c *Commands) ReactivateDefaultIDPConfig(ctx context.Context, idpID string) error { + existingIDP, err := c.iamIDPConfigWriteModelByID(ctx, idpID) if err != nil { return err } @@ -109,12 +109,12 @@ func (r *CommandSide) ReactivateDefaultIDPConfig(ctx context.Context, idpID stri return caos_errs.ThrowPreconditionFailed(nil, "IAM-5Mo0d", "Errors.IAM.IDPConfig.NotInactive") } iamAgg := IAMAggregateFromWriteModel(&existingIDP.WriteModel) - _, err = r.eventstore.PushEvents(ctx, iam_repo.NewIDPConfigReactivatedEvent(ctx, iamAgg, idpID)) + _, err = c.eventstore.PushEvents(ctx, iam_repo.NewIDPConfigReactivatedEvent(ctx, iamAgg, idpID)) return err } -func (r *CommandSide) RemoveDefaultIDPConfig(ctx context.Context, idpID string, idpProviders []*domain.IDPProvider, externalIDPs ...*domain.ExternalIDP) error { - existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, idpID) +func (c *Commands) RemoveDefaultIDPConfig(ctx context.Context, idpID string, idpProviders []*domain.IDPProvider, externalIDPs ...*domain.ExternalIDP) error { + existingIDP, err := c.iamIDPConfigWriteModelByID(ctx, idpID) if err != nil { return err } @@ -129,24 +129,24 @@ func (r *CommandSide) RemoveDefaultIDPConfig(ctx context.Context, idpID string, for _, idpProvider := range idpProviders { if idpProvider.AggregateID == domain.IAMID { - userEvents := r.removeIDPProviderFromDefaultLoginPolicy(ctx, iamAgg, idpProvider, true, externalIDPs...) + userEvents := c.removeIDPProviderFromDefaultLoginPolicy(ctx, iamAgg, idpProvider, true, externalIDPs...) events = append(events, userEvents...) } orgAgg := OrgAggregateFromWriteModel(&NewOrgIdentityProviderWriteModel(idpProvider.AggregateID, idpID).WriteModel) - orgEvents := r.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpID, true) + orgEvents := c.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpID, true) events = append(events, orgEvents...) } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) iamIDPConfigWriteModelByID(ctx context.Context, idpID string) (policy *IAMIDPConfigWriteModel, err error) { +func (c *Commands) iamIDPConfigWriteModelByID(ctx context.Context, idpID string) (policy *IAMIDPConfigWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMIDPConfigWriteModel(idpID) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_idp_oidc_config.go b/internal/command/iam_idp_oidc_config.go index 64852d2195..ec75a9dd79 100644 --- a/internal/command/iam_idp_oidc_config.go +++ b/internal/command/iam_idp_oidc_config.go @@ -6,9 +6,9 @@ import ( caos_errs "github.com/caos/zitadel/internal/errors" ) -func (r *CommandSide) ChangeDefaultIDPOIDCConfig(ctx context.Context, config *domain.OIDCIDPConfig) (*domain.OIDCIDPConfig, error) { +func (c *Commands) ChangeDefaultIDPOIDCConfig(ctx context.Context, config *domain.OIDCIDPConfig) (*domain.OIDCIDPConfig, error) { existingConfig := NewIAMIDPOIDCConfigWriteModel(config.IDPConfigID) - err := r.eventstore.FilterToQueryReducer(ctx, existingConfig) + err := c.eventstore.FilterToQueryReducer(ctx, existingConfig) if err != nil { return nil, err } @@ -25,7 +25,7 @@ func (r *CommandSide) ChangeDefaultIDPOIDCConfig(ctx context.Context, config *do config.ClientID, config.Issuer, config.ClientSecretString, - r.idpConfigSecretCrypto, + c.idpConfigSecretCrypto, config.IDPDisplayNameMapping, config.UsernameMapping, config.Scopes...) @@ -36,7 +36,7 @@ func (r *CommandSide) ChangeDefaultIDPOIDCConfig(ctx context.Context, config *do return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9vs", "Errors.IAM.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } diff --git a/internal/command/iam_member.go b/internal/command/iam_member.go index 3d902d361a..d5f0d2d762 100644 --- a/internal/command/iam_member.go +++ b/internal/command/iam_member.go @@ -12,15 +12,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddIAMMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { +func (c *Commands) AddIAMMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { addedMember := NewIAMMemberWriteModel(member.UserID) iamAgg := IAMAggregateFromWriteModel(&addedMember.MemberWriteModel.WriteModel) - event, err := r.addIAMMember(ctx, iamAgg, addedMember, member) + event, err := c.addIAMMember(ctx, iamAgg, addedMember, member) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -31,14 +31,14 @@ func (r *CommandSide) AddIAMMember(ctx context.Context, member *domain.Member) ( return memberWriteModelToMember(&addedMember.MemberWriteModel), nil } -func (r *CommandSide) addIAMMember(ctx context.Context, iamAgg *eventstore.Aggregate, addedMember *IAMMemberWriteModel, member *domain.Member) (eventstore.EventPusher, error) { +func (c *Commands) addIAMMember(ctx context.Context, iamAgg *eventstore.Aggregate, addedMember *IAMMemberWriteModel, member *domain.Member) (eventstore.EventPusher, error) { //TODO: check if roles valid if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-GR34U", "Errors.IAM.MemberInvalid") } - err := r.eventstore.FilterToQueryReducer(ctx, addedMember) + err := c.eventstore.FilterToQueryReducer(ctx, addedMember) if err != nil { return nil, err } @@ -50,14 +50,14 @@ func (r *CommandSide) addIAMMember(ctx context.Context, iamAgg *eventstore.Aggre } //ChangeIAMMember updates an existing member -func (r *CommandSide) ChangeIAMMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { +func (c *Commands) ChangeIAMMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { //TODO: check if roles valid if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-LiaZi", "Errors.IAM.MemberInvalid") } - existingMember, err := r.iamMemberWriteModelByID(ctx, member.UserID) + existingMember, err := c.iamMemberWriteModelByID(ctx, member.UserID) if err != nil { return nil, err } @@ -66,7 +66,7 @@ func (r *CommandSide) ChangeIAMMember(ctx context.Context, member *domain.Member return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-LiaZi", "Errors.IAM.Member.RolesNotChanged") } iamAgg := IAMAggregateFromWriteModel(&existingMember.MemberWriteModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, iam_repo.NewMemberChangedEvent(ctx, iamAgg, member.UserID, member.Roles...)) + pushedEvents, err := c.eventstore.PushEvents(ctx, iam_repo.NewMemberChangedEvent(ctx, iamAgg, member.UserID, member.Roles...)) if err != nil { return nil, err } @@ -78,8 +78,8 @@ func (r *CommandSide) ChangeIAMMember(ctx context.Context, member *domain.Member return memberWriteModelToMember(&existingMember.MemberWriteModel), nil } -func (r *CommandSide) RemoveIAMMember(ctx context.Context, userID string) error { - m, err := r.iamMemberWriteModelByID(ctx, userID) +func (c *Commands) RemoveIAMMember(ctx context.Context, userID string) error { + m, err := c.iamMemberWriteModelByID(ctx, userID) if err != nil && !errors.IsNotFound(err) { return err } @@ -88,16 +88,16 @@ func (r *CommandSide) RemoveIAMMember(ctx context.Context, userID string) error } iamAgg := IAMAggregateFromWriteModel(&m.MemberWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, iam_repo.NewMemberRemovedEvent(ctx, iamAgg, userID)) + _, err = c.eventstore.PushEvents(ctx, iam_repo.NewMemberRemovedEvent(ctx, iamAgg, userID)) return err } -func (r *CommandSide) iamMemberWriteModelByID(ctx context.Context, userID string) (member *IAMMemberWriteModel, err error) { +func (c *Commands) iamMemberWriteModelByID(ctx context.Context, userID string) (member *IAMMemberWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMMemberWriteModel(userID) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_policy_label.go b/internal/command/iam_policy_label.go index 9f17980188..58fb219757 100644 --- a/internal/command/iam_policy_label.go +++ b/internal/command/iam_policy_label.go @@ -9,15 +9,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddDefaultLabelPolicy(ctx context.Context, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { +func (c *Commands) AddDefaultLabelPolicy(ctx context.Context, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { addedPolicy := NewIAMLabelPolicyWriteModel() iamAgg := IAMAggregateFromWriteModel(&addedPolicy.LabelPolicyWriteModel.WriteModel) - event, err := r.addDefaultLabelPolicy(ctx, iamAgg, addedPolicy, policy) + event, err := c.addDefaultLabelPolicy(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -28,8 +28,8 @@ func (r *CommandSide) AddDefaultLabelPolicy(ctx context.Context, policy *domain. return writeModelToLabelPolicy(&addedPolicy.LabelPolicyWriteModel), nil } -func (r *CommandSide) addDefaultLabelPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMLabelPolicyWriteModel, policy *domain.LabelPolicy) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) +func (c *Commands) addDefaultLabelPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMLabelPolicyWriteModel, policy *domain.LabelPolicy) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -41,8 +41,8 @@ func (r *CommandSide) addDefaultLabelPolicy(ctx context.Context, iamAgg *eventst } -func (r *CommandSide) ChangeDefaultLabelPolicy(ctx context.Context, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { - existingPolicy, err := r.defaultLabelPolicyWriteModelByID(ctx) +func (c *Commands) ChangeDefaultLabelPolicy(ctx context.Context, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { + existingPolicy, err := c.defaultLabelPolicyWriteModelByID(ctx) if err != nil { return nil, err } @@ -56,7 +56,7 @@ func (r *CommandSide) ChangeDefaultLabelPolicy(ctx context.Context, policy *doma return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9vs", "Errors.IAM.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -67,12 +67,12 @@ func (r *CommandSide) ChangeDefaultLabelPolicy(ctx context.Context, policy *doma return writeModelToLabelPolicy(&existingPolicy.LabelPolicyWriteModel), nil } -func (r *CommandSide) defaultLabelPolicyWriteModelByID(ctx context.Context) (policy *IAMLabelPolicyWriteModel, err error) { +func (c *Commands) defaultLabelPolicyWriteModelByID(ctx context.Context) (policy *IAMLabelPolicyWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMLabelPolicyWriteModel() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_policy_login.go b/internal/command/iam_policy_login.go index c77d0e8d31..bd15d932a0 100644 --- a/internal/command/iam_policy_login.go +++ b/internal/command/iam_policy_login.go @@ -10,9 +10,9 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) getDefaultLoginPolicy(ctx context.Context) (*domain.LoginPolicy, error) { +func (c *Commands) getDefaultLoginPolicy(ctx context.Context) (*domain.LoginPolicy, error) { policyWriteModel := NewIAMLoginPolicyWriteModel() - err := r.eventstore.FilterToQueryReducer(ctx, policyWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, policyWriteModel) if err != nil { return nil, err } @@ -21,14 +21,14 @@ func (r *CommandSide) getDefaultLoginPolicy(ctx context.Context) (*domain.LoginP return policy, nil } -func (r *CommandSide) AddDefaultLoginPolicy(ctx context.Context, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { +func (c *Commands) AddDefaultLoginPolicy(ctx context.Context, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { addedPolicy := NewIAMLoginPolicyWriteModel() iamAgg := IAMAggregateFromWriteModel(&addedPolicy.WriteModel) - event, err := r.addDefaultLoginPolicy(ctx, iamAgg, addedPolicy, policy) + event, err := c.addDefaultLoginPolicy(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - _, err = r.eventstore.PushEvents(ctx, event) + _, err = c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -36,8 +36,8 @@ func (r *CommandSide) AddDefaultLoginPolicy(ctx context.Context, policy *domain. return writeModelToLoginPolicy(&addedPolicy.LoginPolicyWriteModel), nil } -func (r *CommandSide) addDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMLoginPolicyWriteModel, policy *domain.LoginPolicy) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) +func (c *Commands) addDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMLoginPolicyWriteModel, policy *domain.LoginPolicy) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -48,14 +48,14 @@ func (r *CommandSide) addDefaultLoginPolicy(ctx context.Context, iamAgg *eventst return iam_repo.NewLoginPolicyAddedEvent(ctx, iamAgg, policy.AllowUsernamePassword, policy.AllowRegister, policy.AllowExternalIDP, policy.ForceMFA, policy.PasswordlessType), nil } -func (r *CommandSide) ChangeDefaultLoginPolicy(ctx context.Context, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { +func (c *Commands) ChangeDefaultLoginPolicy(ctx context.Context, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { existingPolicy := NewIAMLoginPolicyWriteModel() iamAgg := IAMAggregateFromWriteModel(&existingPolicy.LoginPolicyWriteModel.WriteModel) - event, err := r.changeDefaultLoginPolicy(ctx, iamAgg, existingPolicy, policy) + event, err := c.changeDefaultLoginPolicy(ctx, iamAgg, existingPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -66,8 +66,8 @@ func (r *CommandSide) ChangeDefaultLoginPolicy(ctx context.Context, policy *doma return writeModelToLoginPolicy(&existingPolicy.LoginPolicyWriteModel), nil } -func (r *CommandSide) changeDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, existingPolicy *IAMLoginPolicyWriteModel, policy *domain.LoginPolicy) (eventstore.EventPusher, error) { - err := r.defaultLoginPolicyWriteModelByID(ctx, existingPolicy) +func (c *Commands) changeDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, existingPolicy *IAMLoginPolicyWriteModel, policy *domain.LoginPolicy) (eventstore.EventPusher, error) { + err := c.defaultLoginPolicyWriteModelByID(ctx, existingPolicy) if err != nil { return nil, err } @@ -81,9 +81,9 @@ func (r *CommandSide) changeDefaultLoginPolicy(ctx context.Context, iamAgg *even return changedEvent, nil } -func (r *CommandSide) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, idpProvider *domain.IDPProvider) (*domain.IDPProvider, error) { +func (c *Commands) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, idpProvider *domain.IDPProvider) (*domain.IDPProvider, error) { idpModel := NewIAMIdentityProviderWriteModel(idpProvider.IDPConfigID) - err := r.eventstore.FilterToQueryReducer(ctx, idpModel) + err := c.eventstore.FilterToQueryReducer(ctx, idpModel) if err != nil { return nil, err } @@ -92,7 +92,7 @@ func (r *CommandSide) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, id } iamAgg := IAMAggregateFromWriteModel(&idpModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, iam_repo.NewIdentityProviderAddedEvent(ctx, iamAgg, idpProvider.IDPConfigID, idpProvider.Type)) + pushedEvents, err := c.eventstore.PushEvents(ctx, iam_repo.NewIdentityProviderAddedEvent(ctx, iamAgg, idpProvider.IDPConfigID, idpProvider.Type)) if err != nil { return nil, err } @@ -103,9 +103,9 @@ func (r *CommandSide) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, id return writeModelToIDPProvider(&idpModel.IdentityProviderWriteModel), nil } -func (r *CommandSide) RemoveIDPProviderFromDefaultLoginPolicy(ctx context.Context, idpProvider *domain.IDPProvider, cascadeExternalIDPs ...*domain.ExternalIDP) error { +func (c *Commands) RemoveIDPProviderFromDefaultLoginPolicy(ctx context.Context, idpProvider *domain.IDPProvider, cascadeExternalIDPs ...*domain.ExternalIDP) error { idpModel := NewIAMIdentityProviderWriteModel(idpProvider.IDPConfigID) - err := r.eventstore.FilterToQueryReducer(ctx, idpModel) + err := c.eventstore.FilterToQueryReducer(ctx, idpModel) if err != nil { return err } @@ -118,13 +118,13 @@ func (r *CommandSide) RemoveIDPProviderFromDefaultLoginPolicy(ctx context.Contex iam_repo.NewIdentityProviderRemovedEvent(ctx, iamAgg, idpProvider.IDPConfigID), } - userEvents := r.removeIDPProviderFromDefaultLoginPolicy(ctx, iamAgg, idpProvider, false, cascadeExternalIDPs...) + userEvents := c.removeIDPProviderFromDefaultLoginPolicy(ctx, iamAgg, idpProvider, false, cascadeExternalIDPs...) events = append(events, userEvents...) - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) removeIDPProviderFromDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, idpProvider *domain.IDPProvider, cascade bool, cascadeExternalIDPs ...*domain.ExternalIDP) []eventstore.EventPusher { +func (c *Commands) removeIDPProviderFromDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, idpProvider *domain.IDPProvider, cascade bool, cascadeExternalIDPs ...*domain.ExternalIDP) []eventstore.EventPusher { var events []eventstore.EventPusher if cascade { events = append(events, iam_repo.NewIdentityProviderCascadeRemovedEvent(ctx, iamAgg, idpProvider.IDPConfigID)) @@ -133,7 +133,7 @@ func (r *CommandSide) removeIDPProviderFromDefaultLoginPolicy(ctx context.Contex } for _, idp := range cascadeExternalIDPs { - userEvent, err := r.removeHumanExternalIDP(ctx, idp, true) + userEvent, err := c.removeHumanExternalIDP(ctx, idp, true) if err != nil { logging.LogWithFields("COMMAND-4nfsf", "userid", idp.AggregateID, "idp-id", idp.IDPConfigID).WithError(err).Warn("could not cascade remove externalidp in remove provider from policy") continue @@ -143,23 +143,23 @@ func (r *CommandSide) removeIDPProviderFromDefaultLoginPolicy(ctx context.Contex return events } -func (r *CommandSide) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType) (domain.SecondFactorType, error) { +func (c *Commands) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType) (domain.SecondFactorType, error) { secondFactorModel := NewIAMSecondFactorWriteModel() iamAgg := IAMAggregateFromWriteModel(&secondFactorModel.SecondFactorWriteModel.WriteModel) - event, err := r.addSecondFactorToDefaultLoginPolicy(ctx, iamAgg, secondFactorModel, secondFactor) + event, err := c.addSecondFactorToDefaultLoginPolicy(ctx, iamAgg, secondFactorModel, secondFactor) if err != nil { return domain.SecondFactorTypeUnspecified, err } - if _, err = r.eventstore.PushEvents(ctx, event); err != nil { + if _, err = c.eventstore.PushEvents(ctx, event); err != nil { return domain.SecondFactorTypeUnspecified, err } return secondFactorModel.MFAType, nil } -func (r *CommandSide) addSecondFactorToDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, secondFactorModel *IAMSecondFactorWriteModel, secondFactor domain.SecondFactorType) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, secondFactorModel) +func (c *Commands) addSecondFactorToDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, secondFactorModel *IAMSecondFactorWriteModel, secondFactor domain.SecondFactorType) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, secondFactorModel) if err != nil { return nil, err } @@ -170,9 +170,9 @@ func (r *CommandSide) addSecondFactorToDefaultLoginPolicy(ctx context.Context, i return iam_repo.NewLoginPolicySecondFactorAddedEvent(ctx, iamAgg, secondFactor), nil } -func (r *CommandSide) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType) error { +func (c *Commands) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType) error { secondFactorModel := NewIAMSecondFactorWriteModel() - err := r.eventstore.FilterToQueryReducer(ctx, secondFactorModel) + err := c.eventstore.FilterToQueryReducer(ctx, secondFactorModel) if err != nil { return err } @@ -180,27 +180,27 @@ func (r *CommandSide) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Conte return caos_errs.ThrowNotFound(nil, "IAM-3M9od", "Errors.IAM.LoginPolicy.MFA.NotExisting") } iamAgg := IAMAggregateFromWriteModel(&secondFactorModel.SecondFactorWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, iam_repo.NewLoginPolicySecondFactorRemovedEvent(ctx, iamAgg, secondFactor)) + _, err = c.eventstore.PushEvents(ctx, iam_repo.NewLoginPolicySecondFactorRemovedEvent(ctx, iamAgg, secondFactor)) return err } -func (r *CommandSide) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType) (domain.MultiFactorType, error) { +func (c *Commands) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType) (domain.MultiFactorType, error) { multiFactorModel := NewIAMMultiFactorWriteModel() iamAgg := IAMAggregateFromWriteModel(&multiFactorModel.MultiFactoryWriteModel.WriteModel) - event, err := r.addMultiFactorToDefaultLoginPolicy(ctx, iamAgg, multiFactorModel, multiFactor) + event, err := c.addMultiFactorToDefaultLoginPolicy(ctx, iamAgg, multiFactorModel, multiFactor) if err != nil { return domain.MultiFactorTypeUnspecified, err } - if _, err = r.eventstore.PushEvents(ctx, event); err != nil { + if _, err = c.eventstore.PushEvents(ctx, event); err != nil { return domain.MultiFactorTypeUnspecified, err } return multiFactorModel.MultiFactoryWriteModel.MFAType, nil } -func (r *CommandSide) addMultiFactorToDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, multiFactorModel *IAMMultiFactorWriteModel, multiFactor domain.MultiFactorType) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, multiFactorModel) +func (c *Commands) addMultiFactorToDefaultLoginPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, multiFactorModel *IAMMultiFactorWriteModel, multiFactor domain.MultiFactorType) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, multiFactorModel) if err != nil { return nil, err } @@ -211,9 +211,9 @@ func (r *CommandSide) addMultiFactorToDefaultLoginPolicy(ctx context.Context, ia return iam_repo.NewLoginPolicyMultiFactorAddedEvent(ctx, iamAgg, multiFactor), nil } -func (r *CommandSide) RemoveMultiFactorFromDefaultLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType) error { +func (c *Commands) RemoveMultiFactorFromDefaultLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType) error { multiFactorModel := NewIAMMultiFactorWriteModel() - err := r.eventstore.FilterToQueryReducer(ctx, multiFactorModel) + err := c.eventstore.FilterToQueryReducer(ctx, multiFactorModel) if err != nil { return err } @@ -221,15 +221,15 @@ func (r *CommandSide) RemoveMultiFactorFromDefaultLoginPolicy(ctx context.Contex return caos_errs.ThrowNotFound(nil, "IAM-3M9df", "Errors.IAM.LoginPolicy.MFA.NotExisting") } iamAgg := IAMAggregateFromWriteModel(&multiFactorModel.MultiFactoryWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, iam_repo.NewLoginPolicyMultiFactorRemovedEvent(ctx, iamAgg, multiFactor)) + _, err = c.eventstore.PushEvents(ctx, iam_repo.NewLoginPolicyMultiFactorRemovedEvent(ctx, iamAgg, multiFactor)) return err } -func (r *CommandSide) defaultLoginPolicyWriteModelByID(ctx context.Context, writeModel *IAMLoginPolicyWriteModel) (err error) { +func (c *Commands) defaultLoginPolicyWriteModelByID(ctx context.Context, writeModel *IAMLoginPolicyWriteModel) (err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return err } diff --git a/internal/command/iam_policy_mail_template.go b/internal/command/iam_policy_mail_template.go index b22e8ac0df..dcbed1a108 100644 --- a/internal/command/iam_policy_mail_template.go +++ b/internal/command/iam_policy_mail_template.go @@ -9,15 +9,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddDefaultMailTemplate(ctx context.Context, policy *domain.MailTemplate) (*domain.MailTemplate, error) { +func (c *Commands) AddDefaultMailTemplate(ctx context.Context, policy *domain.MailTemplate) (*domain.MailTemplate, error) { addedPolicy := NewIAMMailTemplateWriteModel() iamAgg := IAMAggregateFromWriteModel(&addedPolicy.MailTemplateWriteModel.WriteModel) - event, err := r.addDefaultMailTemplate(ctx, iamAgg, addedPolicy, policy) + event, err := c.addDefaultMailTemplate(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -28,11 +28,11 @@ func (r *CommandSide) AddDefaultMailTemplate(ctx context.Context, policy *domain return writeModelToMailTemplatePolicy(&addedPolicy.MailTemplateWriteModel), nil } -func (r *CommandSide) addDefaultMailTemplate(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMMailTemplateWriteModel, policy *domain.MailTemplate) (eventstore.EventPusher, error) { +func (c *Commands) addDefaultMailTemplate(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMMailTemplateWriteModel, policy *domain.MailTemplate) (eventstore.EventPusher, error) { if !policy.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-fm9sd", "Errors.IAM.MailTemplate.Invalid") } - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -43,11 +43,11 @@ func (r *CommandSide) addDefaultMailTemplate(ctx context.Context, iamAgg *events return iam_repo.NewMailTemplateAddedEvent(ctx, iamAgg, policy.Template), nil } -func (r *CommandSide) ChangeDefaultMailTemplate(ctx context.Context, policy *domain.MailTemplate) (*domain.MailTemplate, error) { +func (c *Commands) ChangeDefaultMailTemplate(ctx context.Context, policy *domain.MailTemplate) (*domain.MailTemplate, error) { if !policy.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4m9ds", "Errors.IAM.MailTemplate.Invalid") } - existingPolicy, err := r.defaultMailTemplateWriteModelByID(ctx) + existingPolicy, err := c.defaultMailTemplateWriteModelByID(ctx) if err != nil { return nil, err } @@ -62,7 +62,7 @@ func (r *CommandSide) ChangeDefaultMailTemplate(ctx context.Context, policy *dom return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-3nfsG", "Errors.IAM.MailTemplate.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -73,12 +73,12 @@ func (r *CommandSide) ChangeDefaultMailTemplate(ctx context.Context, policy *dom return writeModelToMailTemplatePolicy(&existingPolicy.MailTemplateWriteModel), nil } -func (r *CommandSide) defaultMailTemplateWriteModelByID(ctx context.Context) (policy *IAMMailTemplateWriteModel, err error) { +func (c *Commands) defaultMailTemplateWriteModelByID(ctx context.Context) (policy *IAMMailTemplateWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMMailTemplateWriteModel() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_policy_mail_text.go b/internal/command/iam_policy_mail_text.go index 2ca461854f..39064c56e3 100644 --- a/internal/command/iam_policy_mail_text.go +++ b/internal/command/iam_policy_mail_text.go @@ -9,15 +9,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddDefaultMailText(ctx context.Context, policy *domain.MailText) (*domain.MailText, error) { +func (c *Commands) AddDefaultMailText(ctx context.Context, policy *domain.MailText) (*domain.MailText, error) { addedPolicy := NewIAMMailTextWriteModel(policy.MailTextType, policy.Language) iamAgg := IAMAggregateFromWriteModel(&addedPolicy.MailTextWriteModel.WriteModel) - event, err := r.addDefaultMailText(ctx, iamAgg, addedPolicy, policy) + event, err := c.addDefaultMailText(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -28,11 +28,11 @@ func (r *CommandSide) AddDefaultMailText(ctx context.Context, policy *domain.Mai return writeModelToMailTextPolicy(&addedPolicy.MailTextWriteModel), nil } -func (r *CommandSide) addDefaultMailText(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMMailTextWriteModel, mailText *domain.MailText) (eventstore.EventPusher, error) { +func (c *Commands) addDefaultMailText(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMMailTextWriteModel, mailText *domain.MailText) (eventstore.EventPusher, error) { if !mailText.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-3n8fs", "Errors.IAM.MailText.Invalid") } - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -53,11 +53,11 @@ func (r *CommandSide) addDefaultMailText(ctx context.Context, iamAgg *eventstore mailText.ButtonText), nil } -func (r *CommandSide) ChangeDefaultMailText(ctx context.Context, mailText *domain.MailText) (*domain.MailText, error) { +func (c *Commands) ChangeDefaultMailText(ctx context.Context, mailText *domain.MailText) (*domain.MailText, error) { if !mailText.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-kd9fs", "Errors.IAM.MailText.Invalid") } - existingPolicy, err := r.defaultMailTextWriteModelByID(ctx, mailText.MailTextType, mailText.Language) + existingPolicy, err := c.defaultMailTextWriteModelByID(ctx, mailText.MailTextType, mailText.Language) if err != nil { return nil, err } @@ -82,7 +82,7 @@ func (r *CommandSide) ChangeDefaultMailText(ctx context.Context, mailText *domai return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-m9L0s", "Errors.IAM.MailText.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -93,12 +93,12 @@ func (r *CommandSide) ChangeDefaultMailText(ctx context.Context, mailText *domai return writeModelToMailTextPolicy(&existingPolicy.MailTextWriteModel), nil } -func (r *CommandSide) defaultMailTextWriteModelByID(ctx context.Context, mailTextType, language string) (policy *IAMMailTextWriteModel, err error) { +func (c *Commands) defaultMailTextWriteModelByID(ctx context.Context, mailTextType, language string) (policy *IAMMailTextWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMMailTextWriteModel(mailTextType, language) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_policy_org_iam.go b/internal/command/iam_policy_org_iam.go index e96647e976..053e3ec8d3 100644 --- a/internal/command/iam_policy_org_iam.go +++ b/internal/command/iam_policy_org_iam.go @@ -9,15 +9,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddDefaultOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { +func (c *Commands) AddDefaultOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { addedPolicy := NewIAMOrgIAMPolicyWriteModel() iamAgg := IAMAggregateFromWriteModel(&addedPolicy.WriteModel) - event, err := r.addDefaultOrgIAMPolicy(ctx, iamAgg, addedPolicy, policy) + event, err := c.addDefaultOrgIAMPolicy(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -28,8 +28,8 @@ func (r *CommandSide) AddDefaultOrgIAMPolicy(ctx context.Context, policy *domain return writeModelToOrgIAMPolicy(addedPolicy), nil } -func (r *CommandSide) addDefaultOrgIAMPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMOrgIAMPolicyWriteModel, policy *domain.OrgIAMPolicy) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) +func (c *Commands) addDefaultOrgIAMPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMOrgIAMPolicyWriteModel, policy *domain.OrgIAMPolicy) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -39,8 +39,8 @@ func (r *CommandSide) addDefaultOrgIAMPolicy(ctx context.Context, iamAgg *events return iam_repo.NewOrgIAMPolicyAddedEvent(ctx, iamAgg, policy.UserLoginMustBeDomain), nil } -func (r *CommandSide) ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { - existingPolicy, err := r.defaultOrgIAMPolicyWriteModelByID(ctx) +func (c *Commands) ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { + existingPolicy, err := c.defaultOrgIAMPolicyWriteModelByID(ctx) if err != nil { return nil, err } @@ -54,7 +54,7 @@ func (r *CommandSide) ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *dom return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9vs", "Errors.IAM.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -65,8 +65,8 @@ func (r *CommandSide) ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *dom return writeModelToOrgIAMPolicy(existingPolicy), nil } -func (r *CommandSide) getDefaultOrgIAMPolicy(ctx context.Context) (*domain.OrgIAMPolicy, error) { - policyWriteModel, err := r.defaultOrgIAMPolicyWriteModelByID(ctx) +func (c *Commands) getDefaultOrgIAMPolicy(ctx context.Context) (*domain.OrgIAMPolicy, error) { + policyWriteModel, err := c.defaultOrgIAMPolicyWriteModelByID(ctx) if err != nil { return nil, err } @@ -75,12 +75,12 @@ func (r *CommandSide) getDefaultOrgIAMPolicy(ctx context.Context) (*domain.OrgIA return policy, nil } -func (r *CommandSide) defaultOrgIAMPolicyWriteModelByID(ctx context.Context) (policy *IAMOrgIAMPolicyWriteModel, err error) { +func (c *Commands) defaultOrgIAMPolicyWriteModelByID(ctx context.Context) (policy *IAMOrgIAMPolicyWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMOrgIAMPolicyWriteModel() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_policy_password_age.go b/internal/command/iam_policy_password_age.go index 5e0dc65c71..b2a6b5217c 100644 --- a/internal/command/iam_policy_password_age.go +++ b/internal/command/iam_policy_password_age.go @@ -9,15 +9,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddDefaultPasswordAgePolicy(ctx context.Context, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { +func (c *Commands) AddDefaultPasswordAgePolicy(ctx context.Context, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { addedPolicy := NewIAMPasswordAgePolicyWriteModel() iamAgg := IAMAggregateFromWriteModel(&addedPolicy.WriteModel) - event, err := r.addDefaultPasswordAgePolicy(ctx, iamAgg, addedPolicy, policy) + event, err := c.addDefaultPasswordAgePolicy(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -28,8 +28,8 @@ func (r *CommandSide) AddDefaultPasswordAgePolicy(ctx context.Context, policy *d return writeModelToPasswordAgePolicy(&addedPolicy.PasswordAgePolicyWriteModel), nil } -func (r *CommandSide) addDefaultPasswordAgePolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMPasswordAgePolicyWriteModel, policy *domain.PasswordAgePolicy) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) +func (c *Commands) addDefaultPasswordAgePolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMPasswordAgePolicyWriteModel, policy *domain.PasswordAgePolicy) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -41,8 +41,8 @@ func (r *CommandSide) addDefaultPasswordAgePolicy(ctx context.Context, iamAgg *e } -func (r *CommandSide) ChangeDefaultPasswordAgePolicy(ctx context.Context, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { - existingPolicy, err := r.defaultPasswordAgePolicyWriteModelByID(ctx) +func (c *Commands) ChangeDefaultPasswordAgePolicy(ctx context.Context, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { + existingPolicy, err := c.defaultPasswordAgePolicyWriteModelByID(ctx) if err != nil { return nil, err } @@ -56,7 +56,7 @@ func (r *CommandSide) ChangeDefaultPasswordAgePolicy(ctx context.Context, policy return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9vs", "Errors.IAM.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -68,12 +68,12 @@ func (r *CommandSide) ChangeDefaultPasswordAgePolicy(ctx context.Context, policy return writeModelToPasswordAgePolicy(&existingPolicy.PasswordAgePolicyWriteModel), nil } -func (r *CommandSide) defaultPasswordAgePolicyWriteModelByID(ctx context.Context) (policy *IAMPasswordAgePolicyWriteModel, err error) { +func (c *Commands) defaultPasswordAgePolicyWriteModelByID(ctx context.Context) (policy *IAMPasswordAgePolicyWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMPasswordAgePolicyWriteModel() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_policy_password_complexity.go b/internal/command/iam_policy_password_complexity.go index 829439c831..6efd6cb8d5 100644 --- a/internal/command/iam_policy_password_complexity.go +++ b/internal/command/iam_policy_password_complexity.go @@ -9,9 +9,9 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) getDefaultPasswordComplexityPolicy(ctx context.Context) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) getDefaultPasswordComplexityPolicy(ctx context.Context) (*domain.PasswordComplexityPolicy, error) { policyWriteModel := NewIAMPasswordComplexityPolicyWriteModel() - err := r.eventstore.FilterToQueryReducer(ctx, policyWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, policyWriteModel) if err != nil { return nil, err } @@ -20,15 +20,15 @@ func (r *CommandSide) getDefaultPasswordComplexityPolicy(ctx context.Context) (* return policy, nil } -func (r *CommandSide) AddDefaultPasswordComplexityPolicy(ctx context.Context, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) AddDefaultPasswordComplexityPolicy(ctx context.Context, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { addedPolicy := NewIAMPasswordComplexityPolicyWriteModel() iamAgg := IAMAggregateFromWriteModel(&addedPolicy.WriteModel) - events, err := r.addDefaultPasswordComplexityPolicy(ctx, iamAgg, addedPolicy, policy) + events, err := c.addDefaultPasswordComplexityPolicy(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, events) + pushedEvents, err := c.eventstore.PushEvents(ctx, events) if err != nil { return nil, err } @@ -39,12 +39,12 @@ func (r *CommandSide) AddDefaultPasswordComplexityPolicy(ctx context.Context, po return writeModelToPasswordComplexityPolicy(&addedPolicy.PasswordComplexityPolicyWriteModel), nil } -func (r *CommandSide) addDefaultPasswordComplexityPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMPasswordComplexityPolicyWriteModel, policy *domain.PasswordComplexityPolicy) (eventstore.EventPusher, error) { +func (c *Commands) addDefaultPasswordComplexityPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMPasswordComplexityPolicyWriteModel, policy *domain.PasswordComplexityPolicy) (eventstore.EventPusher, error) { if err := policy.IsValid(); err != nil { return nil, err } - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -55,12 +55,12 @@ func (r *CommandSide) addDefaultPasswordComplexityPolicy(ctx context.Context, ia return iam_repo.NewPasswordComplexityPolicyAddedEvent(ctx, iamAgg, policy.MinLength, policy.HasLowercase, policy.HasUppercase, policy.HasNumber, policy.HasSymbol), nil } -func (r *CommandSide) ChangeDefaultPasswordComplexityPolicy(ctx context.Context, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) ChangeDefaultPasswordComplexityPolicy(ctx context.Context, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { if err := policy.IsValid(); err != nil { return nil, err } - existingPolicy, err := r.defaultPasswordComplexityPolicyWriteModelByID(ctx) + existingPolicy, err := c.defaultPasswordComplexityPolicyWriteModelByID(ctx) if err != nil { return nil, err } @@ -73,7 +73,7 @@ func (r *CommandSide) ChangeDefaultPasswordComplexityPolicy(ctx context.Context, if !hasChanged { return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9vs", "Errors.IAM.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -84,12 +84,12 @@ func (r *CommandSide) ChangeDefaultPasswordComplexityPolicy(ctx context.Context, return writeModelToPasswordComplexityPolicy(&existingPolicy.PasswordComplexityPolicyWriteModel), nil } -func (r *CommandSide) defaultPasswordComplexityPolicyWriteModelByID(ctx context.Context) (policy *IAMPasswordComplexityPolicyWriteModel, err error) { +func (c *Commands) defaultPasswordComplexityPolicyWriteModelByID(ctx context.Context) (policy *IAMPasswordComplexityPolicyWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMPasswordComplexityPolicyWriteModel() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/iam_policy_password_lockout.go b/internal/command/iam_policy_password_lockout.go index 4d84b25215..ce4ef43c43 100644 --- a/internal/command/iam_policy_password_lockout.go +++ b/internal/command/iam_policy_password_lockout.go @@ -9,14 +9,14 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddDefaultPasswordLockoutPolicy(ctx context.Context, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { +func (c *Commands) AddDefaultPasswordLockoutPolicy(ctx context.Context, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { addedPolicy := NewIAMPasswordLockoutPolicyWriteModel() iamAgg := IAMAggregateFromWriteModel(&addedPolicy.WriteModel) - event, err := r.addDefaultPasswordLockoutPolicy(ctx, iamAgg, addedPolicy, policy) + event, err := c.addDefaultPasswordLockoutPolicy(ctx, iamAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -28,8 +28,8 @@ func (r *CommandSide) AddDefaultPasswordLockoutPolicy(ctx context.Context, polic return writeModelToPasswordLockoutPolicy(&addedPolicy.PasswordLockoutPolicyWriteModel), nil } -func (r *CommandSide) addDefaultPasswordLockoutPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMPasswordLockoutPolicyWriteModel, policy *domain.PasswordLockoutPolicy) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) +func (c *Commands) addDefaultPasswordLockoutPolicy(ctx context.Context, iamAgg *eventstore.Aggregate, addedPolicy *IAMPasswordLockoutPolicyWriteModel, policy *domain.PasswordLockoutPolicy) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -40,8 +40,8 @@ func (r *CommandSide) addDefaultPasswordLockoutPolicy(ctx context.Context, iamAg return iam_repo.NewPasswordLockoutPolicyAddedEvent(ctx, iamAgg, policy.MaxAttempts, policy.ShowLockOutFailures), nil } -func (r *CommandSide) ChangeDefaultPasswordLockoutPolicy(ctx context.Context, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { - existingPolicy, err := r.defaultPasswordLockoutPolicyWriteModelByID(ctx) +func (c *Commands) ChangeDefaultPasswordLockoutPolicy(ctx context.Context, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { + existingPolicy, err := c.defaultPasswordLockoutPolicyWriteModelByID(ctx) if err != nil { return nil, err } @@ -55,7 +55,7 @@ func (r *CommandSide) ChangeDefaultPasswordLockoutPolicy(ctx context.Context, po return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-4M9vs", "Errors.IAM.PasswordLockoutPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -66,12 +66,12 @@ func (r *CommandSide) ChangeDefaultPasswordLockoutPolicy(ctx context.Context, po return writeModelToPasswordLockoutPolicy(&existingPolicy.PasswordLockoutPolicyWriteModel), nil } -func (r *CommandSide) defaultPasswordLockoutPolicyWriteModelByID(ctx context.Context) (policy *IAMPasswordLockoutPolicyWriteModel, err error) { +func (c *Commands) defaultPasswordLockoutPolicyWriteModelByID(ctx context.Context) (policy *IAMPasswordLockoutPolicyWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewIAMPasswordLockoutPolicyWriteModel() - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/key_pair.go b/internal/command/key_pair.go index cbaf914969..eeb915b01a 100644 --- a/internal/command/key_pair.go +++ b/internal/command/key_pair.go @@ -13,23 +13,23 @@ const ( oidcUser = "OIDC" ) -func (r *CommandSide) GenerateSigningKeyPair(ctx context.Context, algorithm string) error { +func (c *Commands) GenerateSigningKeyPair(ctx context.Context, algorithm string) error { ctx = setOIDCCtx(ctx) - privateCrypto, publicCrypto, err := crypto.GenerateEncryptedKeyPair(r.keySize, r.keyAlgorithm) + privateCrypto, publicCrypto, err := crypto.GenerateEncryptedKeyPair(c.keySize, c.keyAlgorithm) if err != nil { return err } - keyID, err := r.idGenerator.Next() + keyID, err := c.idGenerator.Next() if err != nil { return err } - privateKeyExp := time.Now().UTC().Add(r.privateKeyLifetime) - publicKeyExp := time.Now().UTC().Add(r.publicKeyLifetime) + privateKeyExp := time.Now().UTC().Add(c.privateKeyLifetime) + publicKeyExp := time.Now().UTC().Add(c.publicKeyLifetime) keyPairWriteModel := NewKeyPairWriteModel(keyID, domain.IAMID) keyAgg := KeyPairAggregateFromWriteModel(&keyPairWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, keypair.NewAddedEvent( + _, err = c.eventstore.PushEvents(ctx, keypair.NewAddedEvent( ctx, keyAgg, domain.KeyUsageSigning, diff --git a/internal/command/org.go b/internal/command/org.go index 22e1e2d97f..25d3db63e9 100644 --- a/internal/command/org.go +++ b/internal/command/org.go @@ -8,8 +8,8 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) getOrg(ctx context.Context, orgID string) (*domain.Org, error) { - writeModel, err := r.getOrgWriteModelByID(ctx, orgID) +func (c *Commands) getOrg(ctx context.Context, orgID string) (*domain.Org, error) { + writeModel, err := c.getOrgWriteModelByID(ctx, orgID) if err != nil { return nil, err } @@ -19,8 +19,8 @@ func (r *CommandSide) getOrg(ctx context.Context, orgID string) (*domain.Org, er return orgWriteModelToOrg(writeModel), nil } -func (r *CommandSide) checkOrgExists(ctx context.Context, orgID string) error { - orgWriteModel, err := r.getOrgWriteModelByID(ctx, orgID) +func (c *Commands) checkOrgExists(ctx context.Context, orgID string) error { + orgWriteModel, err := c.getOrgWriteModelByID(ctx, orgID) if err != nil { return err } @@ -30,32 +30,32 @@ func (r *CommandSide) checkOrgExists(ctx context.Context, orgID string) error { return nil } -func (r *CommandSide) SetUpOrg(ctx context.Context, organisation *domain.Org, admin *domain.Human) error { - _, _, _, events, err := r.setUpOrg(ctx, organisation, admin) +func (c *Commands) SetUpOrg(ctx context.Context, organisation *domain.Org, admin *domain.Human) error { + _, _, _, events, err := c.setUpOrg(ctx, organisation, admin) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) AddOrg(ctx context.Context, name, userID, resourceOwner string) (*domain.Org, error) { - orgAgg, addedOrg, events, err := r.addOrg(ctx, &domain.Org{Name: name}) +func (c *Commands) AddOrg(ctx context.Context, name, userID, resourceOwner string) (*domain.Org, error) { + orgAgg, addedOrg, events, err := c.addOrg(ctx, &domain.Org{Name: name}) if err != nil { return nil, err } - err = r.checkUserExists(ctx, userID, resourceOwner) + err = c.checkUserExists(ctx, userID, resourceOwner) if err != nil { return nil, err } addedMember := NewOrgMemberWriteModel(addedOrg.AggregateID, userID) - orgMemberEvent, err := r.addOrgMember(ctx, orgAgg, addedMember, domain.NewMember(orgAgg.ID, userID, domain.RoleOrgOwner)) + orgMemberEvent, err := c.addOrgMember(ctx, orgAgg, addedMember, domain.NewMember(orgAgg.ID, userID, domain.RoleOrgOwner)) if err != nil { return nil, err } events = append(events, orgMemberEvent) - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -66,8 +66,8 @@ func (r *CommandSide) AddOrg(ctx context.Context, name, userID, resourceOwner st return orgWriteModelToOrg(addedOrg), nil } -func (r *CommandSide) DeactivateOrg(ctx context.Context, orgID string) error { - orgWriteModel, err := r.getOrgWriteModelByID(ctx, orgID) +func (c *Commands) DeactivateOrg(ctx context.Context, orgID string) error { + orgWriteModel, err := c.getOrgWriteModelByID(ctx, orgID) if err != nil { return err } @@ -78,12 +78,12 @@ func (r *CommandSide) DeactivateOrg(ctx context.Context, orgID string) error { return caos_errs.ThrowInvalidArgument(nil, "EVENT-Dbs2g", "Errors.Org.AlreadyDeactivated") } orgAgg := OrgAggregateFromWriteModel(&orgWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewOrgDeactivatedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewOrgDeactivatedEvent(ctx, orgAgg)) return err } -func (r *CommandSide) ReactivateOrg(ctx context.Context, orgID string) error { - orgWriteModel, err := r.getOrgWriteModelByID(ctx, orgID) +func (c *Commands) ReactivateOrg(ctx context.Context, orgID string) error { + orgWriteModel, err := c.getOrgWriteModelByID(ctx, orgID) if err != nil { return err } @@ -94,17 +94,17 @@ func (r *CommandSide) ReactivateOrg(ctx context.Context, orgID string) error { return caos_errs.ThrowInvalidArgument(nil, "EVENT-bfnrh", "Errors.Org.AlreadyActive") } orgAgg := OrgAggregateFromWriteModel(&orgWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewOrgReactivatedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewOrgReactivatedEvent(ctx, orgAgg)) return err } -func (r *CommandSide) setUpOrg(ctx context.Context, organisation *domain.Org, admin *domain.Human) (orgAgg *eventstore.Aggregate, human *HumanWriteModel, orgMember *OrgMemberWriteModel, events []eventstore.EventPusher, err error) { - orgAgg, _, addOrgEvents, err := r.addOrg(ctx, organisation) +func (c *Commands) setUpOrg(ctx context.Context, organisation *domain.Org, admin *domain.Human) (orgAgg *eventstore.Aggregate, human *HumanWriteModel, orgMember *OrgMemberWriteModel, events []eventstore.EventPusher, err error) { + orgAgg, _, addOrgEvents, err := c.addOrg(ctx, organisation) if err != nil { return nil, nil, nil, nil, err } - userEvents, human, err := r.addHuman(ctx, orgAgg.ID, admin) + userEvents, human, err := c.addHuman(ctx, orgAgg.ID, admin) if err != nil { return nil, nil, nil, nil, err } @@ -112,7 +112,7 @@ func (r *CommandSide) setUpOrg(ctx context.Context, organisation *domain.Org, ad addedMember := NewOrgMemberWriteModel(orgAgg.ID, human.AggregateID) orgMemberAgg := OrgAggregateFromWriteModel(&addedMember.WriteModel) - orgMemberEvent, err := r.addOrgMember(ctx, orgMemberAgg, addedMember, domain.NewMember(orgMemberAgg.ID, human.AggregateID, domain.RoleOrgOwner)) + orgMemberEvent, err := c.addOrgMember(ctx, orgMemberAgg, addedMember, domain.NewMember(orgMemberAgg.ID, human.AggregateID, domain.RoleOrgOwner)) if err != nil { return nil, nil, nil, nil, err } @@ -120,16 +120,16 @@ func (r *CommandSide) setUpOrg(ctx context.Context, organisation *domain.Org, ad return orgAgg, human, addedMember, addOrgEvents, nil } -func (r *CommandSide) addOrg(ctx context.Context, organisation *domain.Org, claimedUserIDs ...string) (_ *eventstore.Aggregate, _ *OrgWriteModel, _ []eventstore.EventPusher, err error) { +func (c *Commands) addOrg(ctx context.Context, organisation *domain.Org, claimedUserIDs ...string) (_ *eventstore.Aggregate, _ *OrgWriteModel, _ []eventstore.EventPusher, err error) { if organisation == nil || !organisation.IsValid() { return nil, nil, nil, caos_errs.ThrowInvalidArgument(nil, "COMM-deLSk", "Errors.Org.Invalid") } - organisation.AggregateID, err = r.idGenerator.Next() + organisation.AggregateID, err = c.idGenerator.Next() if err != nil { return nil, nil, nil, caos_errs.ThrowInternal(err, "COMMA-OwciI", "Errors.Internal") } - organisation.AddIAMDomain(r.iamDomain) + organisation.AddIAMDomain(c.iamDomain) addedOrg := NewOrgWriteModel(organisation.AggregateID) orgAgg := OrgAggregateFromWriteModel(&addedOrg.WriteModel) @@ -137,7 +137,7 @@ func (r *CommandSide) addOrg(ctx context.Context, organisation *domain.Org, clai org.NewOrgAddedEvent(ctx, orgAgg, organisation.Name), } for _, orgDomain := range organisation.Domains { - orgDomainEvents, err := r.addOrgDomain(ctx, orgAgg, NewOrgDomainWriteModel(orgAgg.ID, orgDomain.Domain), orgDomain, claimedUserIDs...) + orgDomainEvents, err := c.addOrgDomain(ctx, orgAgg, NewOrgDomainWriteModel(orgAgg.ID, orgDomain.Domain), orgDomain, claimedUserIDs...) if err != nil { return nil, nil, nil, err } else { @@ -147,9 +147,9 @@ func (r *CommandSide) addOrg(ctx context.Context, organisation *domain.Org, clai return orgAgg, addedOrg, events, nil } -func (r *CommandSide) getOrgWriteModelByID(ctx context.Context, orgID string) (*OrgWriteModel, error) { +func (c *Commands) getOrgWriteModelByID(ctx context.Context, orgID string) (*OrgWriteModel, error) { orgWriteModel := NewOrgWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, orgWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, orgWriteModel) if err != nil { return nil, err } diff --git a/internal/command/org_domain.go b/internal/command/org_domain.go index d9812d6a02..32f5f93a6b 100644 --- a/internal/command/org_domain.go +++ b/internal/command/org_domain.go @@ -12,14 +12,14 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) (*domain.OrgDomain, error) { +func (c *Commands) AddOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) (*domain.OrgDomain, error) { domainWriteModel := NewOrgDomainWriteModel(orgDomain.AggregateID, orgDomain.Domain) orgAgg := OrgAggregateFromWriteModel(&domainWriteModel.WriteModel) - events, err := r.addOrgDomain(ctx, orgAgg, domainWriteModel, orgDomain) + events, err := c.addOrgDomain(ctx, orgAgg, domainWriteModel, orgDomain) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -30,7 +30,7 @@ func (r *CommandSide) AddOrgDomain(ctx context.Context, orgDomain *domain.OrgDom return orgDomainWriteModelToOrgDomain(domainWriteModel), nil } -func (r *CommandSide) GenerateOrgDomainValidation(ctx context.Context, orgDomain *domain.OrgDomain) (token, url string, err error) { +func (c *Commands) GenerateOrgDomainValidation(ctx context.Context, orgDomain *domain.OrgDomain) (token, url string, err error) { if orgDomain == nil || !orgDomain.IsValid() { return "", "", caos_errs.ThrowPreconditionFailed(nil, "ORG-R24hb", "Errors.Org.InvalidDomain") } @@ -38,7 +38,7 @@ func (r *CommandSide) GenerateOrgDomainValidation(ctx context.Context, orgDomain if !ok { return "", "", caos_errs.ThrowPreconditionFailed(nil, "ORG-Gsw31", "Errors.Org.DomainVerificationTypeInvalid") } - domainWriteModel, err := r.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) + domainWriteModel, err := c.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) if err != nil { return "", "", err } @@ -48,7 +48,7 @@ func (r *CommandSide) GenerateOrgDomainValidation(ctx context.Context, orgDomain if domainWriteModel.Verified { return "", "", caos_errs.ThrowPreconditionFailed(nil, "ORG-HGw21", "Errors.Org.DomainAlreadyVerified") } - token, err = orgDomain.GenerateVerificationCode(r.domainVerificationGenerator) + token, err = orgDomain.GenerateVerificationCode(c.domainVerificationGenerator) if err != nil { return "", "", err } @@ -59,7 +59,7 @@ func (r *CommandSide) GenerateOrgDomainValidation(ctx context.Context, orgDomain orgAgg := OrgAggregateFromWriteModel(&domainWriteModel.WriteModel) - _, err = r.eventstore.PushEvents( + _, err = c.eventstore.PushEvents( ctx, org.NewDomainVerificationAddedEvent(ctx, orgAgg, orgDomain.Domain, orgDomain.ValidationType, orgDomain.ValidationCode)) if err != nil { @@ -68,11 +68,11 @@ func (r *CommandSide) GenerateOrgDomainValidation(ctx context.Context, orgDomain return token, url, nil } -func (r *CommandSide) ValidateOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain, claimedUserIDs ...string) error { +func (c *Commands) ValidateOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain, claimedUserIDs ...string) error { if orgDomain == nil || !orgDomain.IsValid() { return caos_errs.ThrowPreconditionFailed(nil, "ORG-R24hb", "Errors.Org.InvalidDomain") } - domainWriteModel, err := r.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) + domainWriteModel, err := c.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) if err != nil { return err } @@ -86,39 +86,39 @@ func (r *CommandSide) ValidateOrgDomain(ctx context.Context, orgDomain *domain.O return caos_errs.ThrowPreconditionFailed(nil, "ORG-SFBB3", "Errors.Org.DomainVerificationMissing") } - validationCode, err := crypto.DecryptString(domainWriteModel.ValidationCode, r.domainVerificationAlg) + validationCode, err := crypto.DecryptString(domainWriteModel.ValidationCode, c.domainVerificationAlg) if err != nil { return err } checkType, _ := domainWriteModel.ValidationType.CheckType() - err = r.domainVerificationValidator(domainWriteModel.Domain, validationCode, validationCode, checkType) + err = c.domainVerificationValidator(domainWriteModel.Domain, validationCode, validationCode, checkType) orgAgg := OrgAggregateFromWriteModel(&domainWriteModel.WriteModel) var events []eventstore.EventPusher if err == nil { events = append(events, org.NewDomainVerifiedEvent(ctx, orgAgg, orgDomain.Domain)) for _, userID := range claimedUserIDs { - userEvents, _, err := r.userDomainClaimed(ctx, userID) + userEvents, _, err := c.userDomainClaimed(ctx, userID) if err != nil { logging.LogWithFields("COMMAND-5m8fs", "userid", userID).WithError(err).Warn("could not claim user") continue } events = append(events, userEvents...) } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } events = append(events, org.NewDomainVerificationFailedEvent(ctx, orgAgg, orgDomain.Domain)) - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) logging.LogWithFields("ORG-dhTE", "orgID", orgAgg.ID, "domain", orgDomain.Domain).OnError(err).Error("NewDomainVerificationFailedEvent push failed") return caos_errs.ThrowInvalidArgument(err, "ORG-GH3s", "Errors.Org.DomainVerificationFailed") } -func (r *CommandSide) SetPrimaryOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) error { +func (c *Commands) SetPrimaryOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) error { if orgDomain == nil || !orgDomain.IsValid() { return caos_errs.ThrowPreconditionFailed(nil, "ORG-SsDG2", "Errors.Org.InvalidDomain") } - domainWriteModel, err := r.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) + domainWriteModel, err := c.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) if err != nil { return err } @@ -129,15 +129,15 @@ func (r *CommandSide) SetPrimaryOrgDomain(ctx context.Context, orgDomain *domain return caos_errs.ThrowPreconditionFailed(nil, "ORG-Ggd32", "Errors.Org.DomainNotVerified") } orgAgg := OrgAggregateFromWriteModel(&domainWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewDomainPrimarySetEvent(ctx, orgAgg, orgDomain.Domain)) + _, err = c.eventstore.PushEvents(ctx, org.NewDomainPrimarySetEvent(ctx, orgAgg, orgDomain.Domain)) return err } -func (r *CommandSide) RemoveOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) error { +func (c *Commands) RemoveOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) error { if orgDomain == nil || !orgDomain.IsValid() { return caos_errs.ThrowPreconditionFailed(nil, "ORG-SJsK3", "Errors.Org.InvalidDomain") } - domainWriteModel, err := r.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) + domainWriteModel, err := c.getOrgDomainWriteModel(ctx, orgDomain.AggregateID, orgDomain.Domain) if err != nil { return err } @@ -148,12 +148,12 @@ func (r *CommandSide) RemoveOrgDomain(ctx context.Context, orgDomain *domain.Org return caos_errs.ThrowPreconditionFailed(nil, "ORG-Sjdi3", "Errors.Org.PrimaryDomainNotDeletable") } orgAgg := OrgAggregateFromWriteModel(&domainWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewDomainRemovedEvent(ctx, orgAgg, orgDomain.Domain)) + _, err = c.eventstore.PushEvents(ctx, org.NewDomainRemovedEvent(ctx, orgAgg, orgDomain.Domain)) return err } -func (r *CommandSide) addOrgDomain(ctx context.Context, orgAgg *eventstore.Aggregate, addedDomain *OrgDomainWriteModel, orgDomain *domain.OrgDomain, claimedUserIDs ...string) ([]eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, addedDomain) +func (c *Commands) addOrgDomain(ctx context.Context, orgAgg *eventstore.Aggregate, addedDomain *OrgDomainWriteModel, orgDomain *domain.OrgDomain, claimedUserIDs ...string) ([]eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, addedDomain) if err != nil { return nil, err } @@ -168,7 +168,7 @@ func (r *CommandSide) addOrgDomain(ctx context.Context, orgAgg *eventstore.Aggre if orgDomain.Verified { events = append(events, org.NewDomainVerifiedEvent(ctx, orgAgg, orgDomain.Domain)) for _, userID := range claimedUserIDs { - userEvents, _, err := r.userDomainClaimed(ctx, userID) + userEvents, _, err := c.userDomainClaimed(ctx, userID) if err != nil { logging.LogWithFields("COMMAND-nn8Jf", "userid", userID).WithError(err).Warn("could not claim user") continue @@ -182,9 +182,9 @@ func (r *CommandSide) addOrgDomain(ctx context.Context, orgAgg *eventstore.Aggre return events, nil } -func (r *CommandSide) getOrgDomainWriteModel(ctx context.Context, orgID, domain string) (*OrgDomainWriteModel, error) { +func (c *Commands) getOrgDomainWriteModel(ctx context.Context, orgID, domain string) (*OrgDomainWriteModel, error) { domainWriteModel := NewOrgDomainWriteModel(orgID, domain) - err := r.eventstore.FilterToQueryReducer(ctx, domainWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, domainWriteModel) if err != nil { return nil, err } diff --git a/internal/command/org_idp_config.go b/internal/command/org_idp_config.go index e18a05750b..a2abde71fa 100644 --- a/internal/command/org_idp_config.go +++ b/internal/command/org_idp_config.go @@ -12,18 +12,18 @@ import ( org_repo "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { +func (c *Commands) AddIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { if config.OIDCConfig == nil { return nil, errors.ThrowInvalidArgument(nil, "Org-eUpQU", "Errors.idp.config.notset") } - idpConfigID, err := r.idGenerator.Next() + idpConfigID, err := c.idGenerator.Next() if err != nil { return nil, err } addedConfig := NewOrgIDPConfigWriteModel(idpConfigID, config.AggregateID) - clientSecret, err := crypto.Crypt([]byte(config.OIDCConfig.ClientSecretString), r.idpConfigSecretCrypto) + clientSecret, err := crypto.Crypt([]byte(config.OIDCConfig.ClientSecretString), c.idpConfigSecretCrypto) if err != nil { return nil, err } @@ -49,7 +49,7 @@ func (r *CommandSide) AddIDPConfig(ctx context.Context, config *domain.IDPConfig config.OIDCConfig.UsernameMapping, config.OIDCConfig.Scopes...), } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -60,8 +60,8 @@ func (r *CommandSide) AddIDPConfig(ctx context.Context, config *domain.IDPConfig return writeModelToIDPConfig(&addedConfig.IDPConfigWriteModel), nil } -func (r *CommandSide) ChangeIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { - existingIDP, err := r.orgIDPConfigWriteModelByID(ctx, config.IDPConfigID, config.AggregateID) +func (c *Commands) ChangeIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) { + existingIDP, err := c.orgIDPConfigWriteModelByID(ctx, config.IDPConfigID, config.AggregateID) if err != nil { return nil, err } @@ -80,7 +80,7 @@ func (r *CommandSide) ChangeIDPConfig(ctx context.Context, config *domain.IDPCon if !hasChanged { return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-4M9vs", "Errors.Org.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -91,8 +91,8 @@ func (r *CommandSide) ChangeIDPConfig(ctx context.Context, config *domain.IDPCon return writeModelToIDPConfig(&existingIDP.IDPConfigWriteModel), nil } -func (r *CommandSide) DeactivateIDPConfig(ctx context.Context, idpID, orgID string) error { - existingIDP, err := r.orgIDPConfigWriteModelByID(ctx, idpID, orgID) +func (c *Commands) DeactivateIDPConfig(ctx context.Context, idpID, orgID string) error { + existingIDP, err := c.orgIDPConfigWriteModelByID(ctx, idpID, orgID) if err != nil { return err } @@ -100,12 +100,12 @@ func (r *CommandSide) DeactivateIDPConfig(ctx context.Context, idpID, orgID stri return caos_errs.ThrowPreconditionFailed(nil, "Org-4M9so", "Errors.Org.IDPConfig.NotActive") } orgAgg := OrgAggregateFromWriteModel(&existingIDP.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org_repo.NewIDPConfigDeactivatedEvent(ctx, orgAgg, idpID)) + _, err = c.eventstore.PushEvents(ctx, org_repo.NewIDPConfigDeactivatedEvent(ctx, orgAgg, idpID)) return err } -func (r *CommandSide) ReactivateIDPConfig(ctx context.Context, idpID, orgID string) error { - existingIDP, err := r.orgIDPConfigWriteModelByID(ctx, idpID, orgID) +func (c *Commands) ReactivateIDPConfig(ctx context.Context, idpID, orgID string) error { + existingIDP, err := c.orgIDPConfigWriteModelByID(ctx, idpID, orgID) if err != nil { return err } @@ -113,12 +113,12 @@ func (r *CommandSide) ReactivateIDPConfig(ctx context.Context, idpID, orgID stri return caos_errs.ThrowPreconditionFailed(nil, "Org-5Mo0d", "Errors.Org.IDPConfig.NotInactive") } orgAgg := OrgAggregateFromWriteModel(&existingIDP.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org_repo.NewIDPConfigReactivatedEvent(ctx, orgAgg, idpID)) + _, err = c.eventstore.PushEvents(ctx, org_repo.NewIDPConfigReactivatedEvent(ctx, orgAgg, idpID)) return err } -func (r *CommandSide) RemoveIDPConfig(ctx context.Context, idpID, orgID string, cascadeRemoveProvider bool, cascadeExternalIDPs ...*domain.ExternalIDP) error { - existingIDP, err := r.orgIDPConfigWriteModelByID(ctx, idpID, orgID) +func (c *Commands) RemoveIDPConfig(ctx context.Context, idpID, orgID string, cascadeRemoveProvider bool, cascadeExternalIDPs ...*domain.ExternalIDP) error { + existingIDP, err := c.orgIDPConfigWriteModelByID(ctx, idpID, orgID) if err != nil { return err } @@ -136,19 +136,19 @@ func (r *CommandSide) RemoveIDPConfig(ctx context.Context, idpID, orgID string, } if cascadeRemoveProvider { - removeIDPEvents := r.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpID, true, cascadeExternalIDPs...) + removeIDPEvents := c.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpID, true, cascadeExternalIDPs...) events = append(events, removeIDPEvents...) } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) orgIDPConfigWriteModelByID(ctx context.Context, idpID, orgID string) (policy *OrgIDPConfigWriteModel, err error) { +func (c *Commands) orgIDPConfigWriteModelByID(ctx context.Context, idpID, orgID string) (policy *OrgIDPConfigWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewOrgIDPConfigWriteModel(idpID, orgID) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/org_idp_oidc_config.go b/internal/command/org_idp_oidc_config.go index fd53eb1669..ce7bcc2840 100644 --- a/internal/command/org_idp_oidc_config.go +++ b/internal/command/org_idp_oidc_config.go @@ -6,9 +6,9 @@ import ( caos_errs "github.com/caos/zitadel/internal/errors" ) -func (r *CommandSide) ChangeIDPOIDCConfig(ctx context.Context, config *domain.OIDCIDPConfig) (*domain.OIDCIDPConfig, error) { +func (c *Commands) ChangeIDPOIDCConfig(ctx context.Context, config *domain.OIDCIDPConfig) (*domain.OIDCIDPConfig, error) { existingConfig := NewOrgIDPOIDCConfigWriteModel(config.IDPConfigID, config.AggregateID) - err := r.eventstore.FilterToQueryReducer(ctx, existingConfig) + err := c.eventstore.FilterToQueryReducer(ctx, existingConfig) if err != nil { return nil, err } @@ -25,7 +25,7 @@ func (r *CommandSide) ChangeIDPOIDCConfig(ctx context.Context, config *domain.OI config.ClientID, config.Issuer, config.ClientSecretString, - r.idpConfigSecretCrypto, + c.idpConfigSecretCrypto, config.IDPDisplayNameMapping, config.UsernameMapping, config.Scopes...) @@ -36,7 +36,7 @@ func (r *CommandSide) ChangeIDPOIDCConfig(ctx context.Context, config *domain.OI return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-4M9vs", "Errors.Org.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } diff --git a/internal/command/org_member.go b/internal/command/org_member.go index da1d6da34c..4846a95dce 100644 --- a/internal/command/org_member.go +++ b/internal/command/org_member.go @@ -12,15 +12,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddOrgMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { +func (c *Commands) AddOrgMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { addedMember := NewOrgMemberWriteModel(member.AggregateID, member.UserID) orgAgg := OrgAggregateFromWriteModel(&addedMember.WriteModel) - event, err := r.addOrgMember(ctx, orgAgg, addedMember, member) + event, err := c.addOrgMember(ctx, orgAgg, addedMember, member) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -31,14 +31,14 @@ func (r *CommandSide) AddOrgMember(ctx context.Context, member *domain.Member) ( return memberWriteModelToMember(&addedMember.MemberWriteModel), nil } -func (r *CommandSide) addOrgMember(ctx context.Context, orgAgg *eventstore.Aggregate, addedMember *OrgMemberWriteModel, member *domain.Member) (eventstore.EventPusher, error) { +func (c *Commands) addOrgMember(ctx context.Context, orgAgg *eventstore.Aggregate, addedMember *OrgMemberWriteModel, member *domain.Member) (eventstore.EventPusher, error) { //TODO: check if roles valid if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-W8m4l", "Errors.Org.MemberInvalid") } - err := r.eventstore.FilterToQueryReducer(ctx, addedMember) + err := c.eventstore.FilterToQueryReducer(ctx, addedMember) if err != nil { return nil, err } @@ -50,14 +50,14 @@ func (r *CommandSide) addOrgMember(ctx context.Context, orgAgg *eventstore.Aggre } //ChangeOrgMember updates an existing member -func (r *CommandSide) ChangeOrgMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { +func (c *Commands) ChangeOrgMember(ctx context.Context, member *domain.Member) (*domain.Member, error) { //TODO: check if roles valid if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-LiaZi", "Errors.Org.MemberInvalid") } - existingMember, err := r.orgMemberWriteModelByID(ctx, member.AggregateID, member.UserID) + existingMember, err := c.orgMemberWriteModelByID(ctx, member.AggregateID, member.UserID) if err != nil { return nil, err } @@ -66,7 +66,7 @@ func (r *CommandSide) ChangeOrgMember(ctx context.Context, member *domain.Member return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-LiaZi", "Errors.Org.Member.RolesNotChanged") } orgAgg := OrgAggregateFromWriteModel(&existingMember.MemberWriteModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, org.NewMemberChangedEvent(ctx, orgAgg, member.UserID, member.Roles...)) + pushedEvents, err := c.eventstore.PushEvents(ctx, org.NewMemberChangedEvent(ctx, orgAgg, member.UserID, member.Roles...)) err = AppendAndReduce(existingMember, pushedEvents...) if err != nil { return nil, err @@ -75,8 +75,8 @@ func (r *CommandSide) ChangeOrgMember(ctx context.Context, member *domain.Member return memberWriteModelToMember(&existingMember.MemberWriteModel), nil } -func (r *CommandSide) RemoveOrgMember(ctx context.Context, orgID, userID string) error { - m, err := r.orgMemberWriteModelByID(ctx, orgID, userID) +func (c *Commands) RemoveOrgMember(ctx context.Context, orgID, userID string) error { + m, err := c.orgMemberWriteModelByID(ctx, orgID, userID) if err != nil && !errors.IsNotFound(err) { return err } @@ -85,16 +85,16 @@ func (r *CommandSide) RemoveOrgMember(ctx context.Context, orgID, userID string) } orgAgg := OrgAggregateFromWriteModel(&m.MemberWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewMemberRemovedEvent(ctx, orgAgg, userID)) + _, err = c.eventstore.PushEvents(ctx, org.NewMemberRemovedEvent(ctx, orgAgg, userID)) return err } -func (r *CommandSide) orgMemberWriteModelByID(ctx context.Context, orgID, userID string) (member *OrgMemberWriteModel, err error) { +func (c *Commands) orgMemberWriteModelByID(ctx context.Context, orgID, userID string) (member *OrgMemberWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewOrgMemberWriteModel(orgID, userID) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/org_policy_label.go b/internal/command/org_policy_label.go index 7177547693..bfbb26494b 100644 --- a/internal/command/org_policy_label.go +++ b/internal/command/org_policy_label.go @@ -8,9 +8,9 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddLabelPolicy(ctx context.Context, resourceOwner string, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { +func (c *Commands) AddLabelPolicy(ctx context.Context, resourceOwner string, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { addedPolicy := NewOrgLabelPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -19,7 +19,7 @@ func (r *CommandSide) AddLabelPolicy(ctx context.Context, resourceOwner string, } orgAgg := OrgAggregateFromWriteModel(&addedPolicy.LabelPolicyWriteModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, org.NewLabelPolicyAddedEvent(ctx, orgAgg, policy.PrimaryColor, policy.SecondaryColor)) + pushedEvents, err := c.eventstore.PushEvents(ctx, org.NewLabelPolicyAddedEvent(ctx, orgAgg, policy.PrimaryColor, policy.SecondaryColor)) if err != nil { return nil, err } @@ -30,9 +30,9 @@ func (r *CommandSide) AddLabelPolicy(ctx context.Context, resourceOwner string, return writeModelToLabelPolicy(&addedPolicy.LabelPolicyWriteModel), nil } -func (r *CommandSide) ChangeLabelPolicy(ctx context.Context, resourceOwner string, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { +func (c *Commands) ChangeLabelPolicy(ctx context.Context, resourceOwner string, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { existingPolicy := NewOrgLabelPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return nil, err } @@ -46,7 +46,7 @@ func (r *CommandSide) ChangeLabelPolicy(ctx context.Context, resourceOwner strin return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-4M9vs", "Errors.Org.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -57,9 +57,9 @@ func (r *CommandSide) ChangeLabelPolicy(ctx context.Context, resourceOwner strin return writeModelToLabelPolicy(&existingPolicy.LabelPolicyWriteModel), nil } -func (r *CommandSide) RemoveLabelPolicy(ctx context.Context, orgID string) error { +func (c *Commands) RemoveLabelPolicy(ctx context.Context, orgID string) error { existingPolicy := NewOrgLabelPolicyWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return err } @@ -67,6 +67,6 @@ func (r *CommandSide) RemoveLabelPolicy(ctx context.Context, orgID string) error return caos_errs.ThrowNotFound(nil, "Org-3M9df", "Errors.Org.LabelPolicy.NotFound") } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewLabelPolicyRemovedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewLabelPolicyRemovedEvent(ctx, orgAgg)) return err } diff --git a/internal/command/org_policy_login.go b/internal/command/org_policy_login.go index 887922b08e..5df979ad4b 100644 --- a/internal/command/org_policy_login.go +++ b/internal/command/org_policy_login.go @@ -9,9 +9,9 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddLoginPolicy(ctx context.Context, resourceOwner string, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { +func (c *Commands) AddLoginPolicy(ctx context.Context, resourceOwner string, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { addedPolicy := NewOrgLoginPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -20,7 +20,7 @@ func (r *CommandSide) AddLoginPolicy(ctx context.Context, resourceOwner string, } orgAgg := OrgAggregateFromWriteModel(&addedPolicy.WriteModel) - pushedEvents, err := r.eventstore.PushEvents( + pushedEvents, err := c.eventstore.PushEvents( ctx, org.NewLoginPolicyAddedEvent( ctx, @@ -40,9 +40,9 @@ func (r *CommandSide) AddLoginPolicy(ctx context.Context, resourceOwner string, return writeModelToLoginPolicy(&addedPolicy.LoginPolicyWriteModel), nil } -func (r *CommandSide) ChangeLoginPolicy(ctx context.Context, resourceOwner string, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { +func (c *Commands) ChangeLoginPolicy(ctx context.Context, resourceOwner string, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) { existingPolicy := NewOrgLoginPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return nil, err } @@ -55,7 +55,7 @@ func (r *CommandSide) ChangeLoginPolicy(ctx context.Context, resourceOwner strin return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-5M9vdd", "Errors.Org.LoginPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -66,9 +66,9 @@ func (r *CommandSide) ChangeLoginPolicy(ctx context.Context, resourceOwner strin return writeModelToLoginPolicy(&existingPolicy.LoginPolicyWriteModel), nil } -func (r *CommandSide) RemoveLoginPolicy(ctx context.Context, orgID string) error { +func (c *Commands) RemoveLoginPolicy(ctx context.Context, orgID string) error { existingPolicy := NewOrgLoginPolicyWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return err } @@ -76,13 +76,13 @@ func (r *CommandSide) RemoveLoginPolicy(ctx context.Context, orgID string) error return caos_errs.ThrowNotFound(nil, "Org-GHB37", "Errors.Org.LoginPolicy.NotFound") } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.LoginPolicyWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewLoginPolicyRemovedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewLoginPolicyRemovedEvent(ctx, orgAgg)) return err } -func (r *CommandSide) AddIDPProviderToLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider) (*domain.IDPProvider, error) { +func (c *Commands) AddIDPProviderToLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider) (*domain.IDPProvider, error) { idpModel := NewOrgIdentityProviderWriteModel(resourceOwner, idpProvider.IDPConfigID) - err := r.eventstore.FilterToQueryReducer(ctx, idpModel) + err := c.eventstore.FilterToQueryReducer(ctx, idpModel) if err != nil { return nil, err } @@ -91,7 +91,7 @@ func (r *CommandSide) AddIDPProviderToLoginPolicy(ctx context.Context, resourceO } orgAgg := OrgAggregateFromWriteModel(&idpModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, org.NewIdentityProviderAddedEvent(ctx, orgAgg, idpProvider.IDPConfigID, idpProvider.Type)) + pushedEvents, err := c.eventstore.PushEvents(ctx, org.NewIdentityProviderAddedEvent(ctx, orgAgg, idpProvider.IDPConfigID, idpProvider.Type)) if err != nil { return nil, err } @@ -102,9 +102,9 @@ func (r *CommandSide) AddIDPProviderToLoginPolicy(ctx context.Context, resourceO return writeModelToIDPProvider(&idpModel.IdentityProviderWriteModel), nil } -func (r *CommandSide) RemoveIDPProviderFromLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider, cascadeExternalIDPs ...*domain.ExternalIDP) error { +func (c *Commands) RemoveIDPProviderFromLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider, cascadeExternalIDPs ...*domain.ExternalIDP) error { idpModel := NewOrgIdentityProviderWriteModel(resourceOwner, idpProvider.IDPConfigID) - err := r.eventstore.FilterToQueryReducer(ctx, idpModel) + err := c.eventstore.FilterToQueryReducer(ctx, idpModel) if err != nil { return err } @@ -113,13 +113,13 @@ func (r *CommandSide) RemoveIDPProviderFromLoginPolicy(ctx context.Context, reso } orgAgg := OrgAggregateFromWriteModel(&idpModel.IdentityProviderWriteModel.WriteModel) - events := r.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpProvider.IDPConfigID, false, cascadeExternalIDPs...) + events := c.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpProvider.IDPConfigID, false, cascadeExternalIDPs...) - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) removeIDPProviderFromLoginPolicy(ctx context.Context, orgAgg *eventstore.Aggregate, idpConfigID string, cascade bool, cascadeExternalIDPs ...*domain.ExternalIDP) []eventstore.EventPusher { +func (c *Commands) removeIDPProviderFromLoginPolicy(ctx context.Context, orgAgg *eventstore.Aggregate, idpConfigID string, cascade bool, cascadeExternalIDPs ...*domain.ExternalIDP) []eventstore.EventPusher { var events []eventstore.EventPusher if cascade { events = append(events, org.NewIdentityProviderCascadeRemovedEvent(ctx, orgAgg, idpConfigID)) @@ -128,7 +128,7 @@ func (r *CommandSide) removeIDPProviderFromLoginPolicy(ctx context.Context, orgA } for _, idp := range cascadeExternalIDPs { - event, err := r.removeHumanExternalIDP(ctx, idp, true) + event, err := c.removeHumanExternalIDP(ctx, idp, true) if err != nil { logging.LogWithFields("COMMAND-n8RRf", "userid", idp.AggregateID, "idpconfigid", idp.IDPConfigID).WithError(err).Warn("could not cascade remove external idp") continue @@ -138,9 +138,9 @@ func (r *CommandSide) removeIDPProviderFromLoginPolicy(ctx context.Context, orgA return events } -func (r *CommandSide) AddSecondFactorToLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType, orgID string) (domain.SecondFactorType, error) { +func (c *Commands) AddSecondFactorToLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType, orgID string) (domain.SecondFactorType, error) { secondFactorModel := NewOrgSecondFactorWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, secondFactorModel) + err := c.eventstore.FilterToQueryReducer(ctx, secondFactorModel) if err != nil { return domain.SecondFactorTypeUnspecified, err } @@ -151,16 +151,16 @@ func (r *CommandSide) AddSecondFactorToLoginPolicy(ctx context.Context, secondFa orgAgg := OrgAggregateFromWriteModel(&secondFactorModel.SecondFactorWriteModel.WriteModel) - if _, err = r.eventstore.PushEvents(ctx, org.NewLoginPolicySecondFactorAddedEvent(ctx, orgAgg, secondFactor)); err != nil { + if _, err = c.eventstore.PushEvents(ctx, org.NewLoginPolicySecondFactorAddedEvent(ctx, orgAgg, secondFactor)); err != nil { return domain.SecondFactorTypeUnspecified, err } return secondFactorModel.MFAType, nil } -func (r *CommandSide) RemoveSecondFactorFromLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType, orgID string) error { +func (c *Commands) RemoveSecondFactorFromLoginPolicy(ctx context.Context, secondFactor domain.SecondFactorType, orgID string) error { secondFactorModel := NewOrgSecondFactorWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, secondFactorModel) + err := c.eventstore.FilterToQueryReducer(ctx, secondFactorModel) if err != nil { return err } @@ -169,13 +169,13 @@ func (r *CommandSide) RemoveSecondFactorFromLoginPolicy(ctx context.Context, sec } orgAgg := OrgAggregateFromWriteModel(&secondFactorModel.SecondFactorWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewLoginPolicySecondFactorRemovedEvent(ctx, orgAgg, secondFactor)) + _, err = c.eventstore.PushEvents(ctx, org.NewLoginPolicySecondFactorRemovedEvent(ctx, orgAgg, secondFactor)) return err } -func (r *CommandSide) AddMultiFactorToLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType, orgID string) (domain.MultiFactorType, error) { +func (c *Commands) AddMultiFactorToLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType, orgID string) (domain.MultiFactorType, error) { multiFactorModel := NewOrgMultiFactorWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, multiFactorModel) + err := c.eventstore.FilterToQueryReducer(ctx, multiFactorModel) if err != nil { return domain.MultiFactorTypeUnspecified, err } @@ -185,16 +185,16 @@ func (r *CommandSide) AddMultiFactorToLoginPolicy(ctx context.Context, multiFact orgAgg := OrgAggregateFromWriteModel(&multiFactorModel.WriteModel) - if _, err = r.eventstore.PushEvents(ctx, org.NewLoginPolicyMultiFactorAddedEvent(ctx, orgAgg, multiFactor)); err != nil { + if _, err = c.eventstore.PushEvents(ctx, org.NewLoginPolicyMultiFactorAddedEvent(ctx, orgAgg, multiFactor)); err != nil { return domain.MultiFactorTypeUnspecified, err } return multiFactorModel.MFAType, nil } -func (r *CommandSide) RemoveMultiFactorFromLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType, orgID string) error { +func (c *Commands) RemoveMultiFactorFromLoginPolicy(ctx context.Context, multiFactor domain.MultiFactorType, orgID string) error { multiFactorModel := NewOrgMultiFactorWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, multiFactorModel) + err := c.eventstore.FilterToQueryReducer(ctx, multiFactorModel) if err != nil { return err } @@ -203,6 +203,6 @@ func (r *CommandSide) RemoveMultiFactorFromLoginPolicy(ctx context.Context, mult } orgAgg := OrgAggregateFromWriteModel(&multiFactorModel.MultiFactoryWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewLoginPolicyMultiFactorRemovedEvent(ctx, orgAgg, multiFactor)) + _, err = c.eventstore.PushEvents(ctx, org.NewLoginPolicyMultiFactorRemovedEvent(ctx, orgAgg, multiFactor)) return err } diff --git a/internal/command/org_policy_mail_template.go b/internal/command/org_policy_mail_template.go index adc97decd3..2196104f1d 100644 --- a/internal/command/org_policy_mail_template.go +++ b/internal/command/org_policy_mail_template.go @@ -8,12 +8,12 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddMailTemplate(ctx context.Context, resourceOwner string, policy *domain.MailTemplate) (*domain.MailTemplate, error) { +func (c *Commands) AddMailTemplate(ctx context.Context, resourceOwner string, policy *domain.MailTemplate) (*domain.MailTemplate, error) { if !policy.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "ORG-3m9fs", "Errors.Org.MailTemplate.Invalid") } addedPolicy := NewOrgMailTemplateWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -22,7 +22,7 @@ func (r *CommandSide) AddMailTemplate(ctx context.Context, resourceOwner string, } orgAgg := OrgAggregateFromWriteModel(&addedPolicy.MailTemplateWriteModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, org.NewMailTemplateAddedEvent(ctx, orgAgg, policy.Template)) + pushedEvents, err := c.eventstore.PushEvents(ctx, org.NewMailTemplateAddedEvent(ctx, orgAgg, policy.Template)) if err != nil { return nil, err } @@ -33,12 +33,12 @@ func (r *CommandSide) AddMailTemplate(ctx context.Context, resourceOwner string, return writeModelToMailTemplate(&addedPolicy.MailTemplateWriteModel), nil } -func (r *CommandSide) ChangeMailTemplate(ctx context.Context, resourceOwner string, policy *domain.MailTemplate) (*domain.MailTemplate, error) { +func (c *Commands) ChangeMailTemplate(ctx context.Context, resourceOwner string, policy *domain.MailTemplate) (*domain.MailTemplate, error) { if !policy.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "ORG-9f9ds", "Errors.Org.MailTemplate.Invalid") } existingPolicy := NewOrgMailTemplateWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return nil, err } @@ -52,7 +52,7 @@ func (r *CommandSide) ChangeMailTemplate(ctx context.Context, resourceOwner stri return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-4M9vs", "Errors.Org.MailTemplate.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -63,9 +63,9 @@ func (r *CommandSide) ChangeMailTemplate(ctx context.Context, resourceOwner stri return writeModelToMailTemplate(&existingPolicy.MailTemplateWriteModel), nil } -func (r *CommandSide) RemoveMailTemplate(ctx context.Context, orgID string) error { +func (c *Commands) RemoveMailTemplate(ctx context.Context, orgID string) error { existingPolicy := NewOrgMailTemplateWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return err } @@ -74,6 +74,6 @@ func (r *CommandSide) RemoveMailTemplate(ctx context.Context, orgID string) erro } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewMailTemplateRemovedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewMailTemplateRemovedEvent(ctx, orgAgg)) return err } diff --git a/internal/command/org_policy_mail_text.go b/internal/command/org_policy_mail_text.go index 82842d3d42..0d0cff4d1c 100644 --- a/internal/command/org_policy_mail_text.go +++ b/internal/command/org_policy_mail_text.go @@ -8,12 +8,12 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddMailText(ctx context.Context, resourceOwner string, mailText *domain.MailText) (*domain.MailText, error) { +func (c *Commands) AddMailText(ctx context.Context, resourceOwner string, mailText *domain.MailText) (*domain.MailText, error) { if !mailText.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-4778u", "Errors.Org.MailText.Invalid") } addedPolicy := NewOrgMailTextWriteModel(resourceOwner, mailText.MailTextType, mailText.Language) - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -22,7 +22,7 @@ func (r *CommandSide) AddMailText(ctx context.Context, resourceOwner string, mai } orgAgg := OrgAggregateFromWriteModel(&addedPolicy.MailTextWriteModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents( + pushedEvents, err := c.eventstore.PushEvents( ctx, org.NewMailTextAddedEvent( ctx, @@ -46,12 +46,12 @@ func (r *CommandSide) AddMailText(ctx context.Context, resourceOwner string, mai return writeModelToMailText(&addedPolicy.MailTextWriteModel), nil } -func (r *CommandSide) ChangeMailText(ctx context.Context, resourceOwner string, mailText *domain.MailText) (*domain.MailText, error) { +func (c *Commands) ChangeMailText(ctx context.Context, resourceOwner string, mailText *domain.MailText) (*domain.MailText, error) { if !mailText.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-3m9fs", "Errors.Org.MailText.Invalid") } existingPolicy := NewOrgMailTextWriteModel(resourceOwner, mailText.MailTextType, mailText.Language) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return nil, err } @@ -75,7 +75,7 @@ func (r *CommandSide) ChangeMailText(ctx context.Context, resourceOwner string, return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-2n9fs", "Errors.Org.MailText.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -87,9 +87,9 @@ func (r *CommandSide) ChangeMailText(ctx context.Context, resourceOwner string, return writeModelToMailText(&existingPolicy.MailTextWriteModel), nil } -func (r *CommandSide) RemoveMailText(ctx context.Context, resourceOwner, mailTextType, language string) error { +func (c *Commands) RemoveMailText(ctx context.Context, resourceOwner, mailTextType, language string) error { existingPolicy := NewOrgMailTextWriteModel(resourceOwner, mailTextType, language) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return err } @@ -97,6 +97,6 @@ func (r *CommandSide) RemoveMailText(ctx context.Context, resourceOwner, mailTex return caos_errs.ThrowNotFound(nil, "Org-3b8Jf", "Errors.Org.MailText.NotFound") } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewMailTextRemovedEvent(ctx, orgAgg, mailTextType, language)) + _, err = c.eventstore.PushEvents(ctx, org.NewMailTextRemovedEvent(ctx, orgAgg, mailTextType, language)) return err } diff --git a/internal/command/org_policy_org_iam.go b/internal/command/org_policy_org_iam.go index 6283707fb7..8eb8491d62 100644 --- a/internal/command/org_policy_org_iam.go +++ b/internal/command/org_policy_org_iam.go @@ -9,14 +9,14 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddOrgIAMPolicy(ctx context.Context, resourceOwner string, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { +func (c *Commands) AddOrgIAMPolicy(ctx context.Context, resourceOwner string, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { addedPolicy := NewORGOrgIAMPolicyWriteModel(resourceOwner) orgAgg := OrgAggregateFromWriteModel(&addedPolicy.PolicyOrgIAMWriteModel.WriteModel) - event, err := r.addOrgIAMPolicy(ctx, orgAgg, addedPolicy, policy) + event, err := c.addOrgIAMPolicy(ctx, orgAgg, addedPolicy, policy) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -27,8 +27,8 @@ func (r *CommandSide) AddOrgIAMPolicy(ctx context.Context, resourceOwner string, return orgWriteModelToOrgIAMPolicy(addedPolicy), nil } -func (r *CommandSide) addOrgIAMPolicy(ctx context.Context, orgAgg *eventstore.Aggregate, addedPolicy *ORGOrgIAMPolicyWriteModel, policy *domain.OrgIAMPolicy) (eventstore.EventPusher, error) { - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) +func (c *Commands) addOrgIAMPolicy(ctx context.Context, orgAgg *eventstore.Aggregate, addedPolicy *ORGOrgIAMPolicyWriteModel, policy *domain.OrgIAMPolicy) (eventstore.EventPusher, error) { + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -38,8 +38,8 @@ func (r *CommandSide) addOrgIAMPolicy(ctx context.Context, orgAgg *eventstore.Ag return org.NewOrgIAMPolicyAddedEvent(ctx, orgAgg, policy.UserLoginMustBeDomain), nil } -func (r *CommandSide) ChangeOrgIAMPolicy(ctx context.Context, resourceOwner string, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { - existingPolicy, err := r.orgIAMPolicyWriteModelByID(ctx, resourceOwner) +func (c *Commands) ChangeOrgIAMPolicy(ctx context.Context, resourceOwner string, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) { + existingPolicy, err := c.orgIAMPolicyWriteModelByID(ctx, resourceOwner) if err != nil { return nil, err } @@ -53,7 +53,7 @@ func (r *CommandSide) ChangeOrgIAMPolicy(ctx context.Context, resourceOwner stri return nil, caos_errs.ThrowPreconditionFailed(nil, "ORG-3M9ds", "Errors.Org.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -64,8 +64,8 @@ func (r *CommandSide) ChangeOrgIAMPolicy(ctx context.Context, resourceOwner stri return orgWriteModelToOrgIAMPolicy(existingPolicy), nil } -func (r *CommandSide) RemoveOrgIAMPolicy(ctx context.Context, orgID string) error { - existingPolicy, err := r.orgIAMPolicyWriteModelByID(ctx, orgID) +func (c *Commands) RemoveOrgIAMPolicy(ctx context.Context, orgID string) error { + existingPolicy, err := c.orgIAMPolicyWriteModelByID(ctx, orgID) if err != nil { return err } @@ -74,27 +74,27 @@ func (r *CommandSide) RemoveOrgIAMPolicy(ctx context.Context, orgID string) erro } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.PolicyOrgIAMWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewOrgIAMPolicyRemovedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewOrgIAMPolicyRemovedEvent(ctx, orgAgg)) return err } -func (r *CommandSide) getOrgIAMPolicy(ctx context.Context, orgID string) (*domain.OrgIAMPolicy, error) { - policy, err := r.orgIAMPolicyWriteModelByID(ctx, orgID) +func (c *Commands) getOrgIAMPolicy(ctx context.Context, orgID string) (*domain.OrgIAMPolicy, error) { + policy, err := c.orgIAMPolicyWriteModelByID(ctx, orgID) if err != nil { return nil, err } if policy.State == domain.PolicyStateActive { return orgWriteModelToOrgIAMPolicy(policy), nil } - return r.getDefaultOrgIAMPolicy(ctx) + return c.getDefaultOrgIAMPolicy(ctx) } -func (r *CommandSide) orgIAMPolicyWriteModelByID(ctx context.Context, orgID string) (policy *ORGOrgIAMPolicyWriteModel, err error) { +func (c *Commands) orgIAMPolicyWriteModelByID(ctx context.Context, orgID string) (policy *ORGOrgIAMPolicyWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewORGOrgIAMPolicyWriteModel(orgID) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/org_policy_password_age.go b/internal/command/org_policy_password_age.go index 7663f79f1a..7a7899578f 100644 --- a/internal/command/org_policy_password_age.go +++ b/internal/command/org_policy_password_age.go @@ -8,9 +8,9 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddPasswordAgePolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { +func (c *Commands) AddPasswordAgePolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { addedPolicy := NewOrgPasswordAgePolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -19,7 +19,7 @@ func (r *CommandSide) AddPasswordAgePolicy(ctx context.Context, resourceOwner st } orgAgg := OrgAggregateFromWriteModel(&addedPolicy.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, org.NewPasswordAgePolicyAddedEvent(ctx, orgAgg, policy.ExpireWarnDays, policy.MaxAgeDays)) + pushedEvents, err := c.eventstore.PushEvents(ctx, org.NewPasswordAgePolicyAddedEvent(ctx, orgAgg, policy.ExpireWarnDays, policy.MaxAgeDays)) if err != nil { return nil, err } @@ -30,9 +30,9 @@ func (r *CommandSide) AddPasswordAgePolicy(ctx context.Context, resourceOwner st return writeModelToPasswordAgePolicy(&addedPolicy.PasswordAgePolicyWriteModel), nil } -func (r *CommandSide) ChangePasswordAgePolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { +func (c *Commands) ChangePasswordAgePolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) { existingPolicy := NewOrgPasswordAgePolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return nil, err } @@ -46,7 +46,7 @@ func (r *CommandSide) ChangePasswordAgePolicy(ctx context.Context, resourceOwner return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-dsgjR", "Errors.ORg.LabelPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -57,9 +57,9 @@ func (r *CommandSide) ChangePasswordAgePolicy(ctx context.Context, resourceOwner return writeModelToPasswordAgePolicy(&existingPolicy.PasswordAgePolicyWriteModel), nil } -func (r *CommandSide) RemovePasswordAgePolicy(ctx context.Context, orgID string) error { +func (c *Commands) RemovePasswordAgePolicy(ctx context.Context, orgID string) error { existingPolicy := NewOrgPasswordAgePolicyWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return err } @@ -67,6 +67,6 @@ func (r *CommandSide) RemovePasswordAgePolicy(ctx context.Context, orgID string) return caos_errs.ThrowNotFound(nil, "ORG-Dgs1g", "Errors.Org.PasswordAgePolicy.NotFound") } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewPasswordAgePolicyRemovedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewPasswordAgePolicyRemovedEvent(ctx, orgAgg)) return err } diff --git a/internal/command/org_policy_password_complexity.go b/internal/command/org_policy_password_complexity.go index 499b34d841..6631d1560d 100644 --- a/internal/command/org_policy_password_complexity.go +++ b/internal/command/org_policy_password_complexity.go @@ -8,24 +8,24 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) getOrgPasswordComplexityPolicy(ctx context.Context, orgID string) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) getOrgPasswordComplexityPolicy(ctx context.Context, orgID string) (*domain.PasswordComplexityPolicy, error) { policy := NewOrgPasswordComplexityPolicyWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, policy) + err := c.eventstore.FilterToQueryReducer(ctx, policy) if err != nil { return nil, err } if policy.State == domain.PolicyStateActive { return orgWriteModelToPasswordComplexityPolicy(policy), nil } - return r.getDefaultPasswordComplexityPolicy(ctx) + return c.getDefaultPasswordComplexityPolicy(ctx) } -func (r *CommandSide) AddPasswordComplexityPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) AddPasswordComplexityPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { if err := policy.IsValid(); err != nil { return nil, err } addedPolicy := NewOrgPasswordComplexityPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -34,7 +34,7 @@ func (r *CommandSide) AddPasswordComplexityPolicy(ctx context.Context, resourceO } orgAgg := OrgAggregateFromWriteModel(&addedPolicy.WriteModel) - pushedEvents, err := r.eventstore.PushEvents( + pushedEvents, err := c.eventstore.PushEvents( ctx, org.NewPasswordComplexityPolicyAddedEvent( ctx, @@ -54,13 +54,13 @@ func (r *CommandSide) AddPasswordComplexityPolicy(ctx context.Context, resourceO return writeModelToPasswordComplexityPolicy(&addedPolicy.PasswordComplexityPolicyWriteModel), nil } -func (r *CommandSide) ChangePasswordComplexityPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) ChangePasswordComplexityPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { if err := policy.IsValid(); err != nil { return nil, err } existingPolicy := NewOrgPasswordComplexityPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return nil, err } @@ -74,7 +74,7 @@ func (r *CommandSide) ChangePasswordComplexityPolicy(ctx context.Context, resour return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-DAs21", "Errors.Org.PasswordComplexityPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -85,9 +85,9 @@ func (r *CommandSide) ChangePasswordComplexityPolicy(ctx context.Context, resour return writeModelToPasswordComplexityPolicy(&existingPolicy.PasswordComplexityPolicyWriteModel), nil } -func (r *CommandSide) RemovePasswordComplexityPolicy(ctx context.Context, orgID string) error { +func (c *Commands) RemovePasswordComplexityPolicy(ctx context.Context, orgID string) error { existingPolicy := NewOrgPasswordComplexityPolicyWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return err } @@ -95,6 +95,6 @@ func (r *CommandSide) RemovePasswordComplexityPolicy(ctx context.Context, orgID return caos_errs.ThrowNotFound(nil, "ORG-ADgs2", "Errors.Org.PasswordComplexityPolicy.NotFound") } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewPasswordComplexityPolicyRemovedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewPasswordComplexityPolicyRemovedEvent(ctx, orgAgg)) return err } diff --git a/internal/command/org_policy_password_lockout.go b/internal/command/org_policy_password_lockout.go index 2ff5ea1d93..0394321862 100644 --- a/internal/command/org_policy_password_lockout.go +++ b/internal/command/org_policy_password_lockout.go @@ -7,9 +7,9 @@ import ( "github.com/caos/zitadel/internal/repository/org" ) -func (r *CommandSide) AddPasswordLockoutPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { +func (c *Commands) AddPasswordLockoutPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { addedPolicy := NewOrgPasswordLockoutPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -18,7 +18,7 @@ func (r *CommandSide) AddPasswordLockoutPolicy(ctx context.Context, resourceOwne } orgAgg := OrgAggregateFromWriteModel(&addedPolicy.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, org.NewPasswordLockoutPolicyAddedEvent(ctx, orgAgg, policy.MaxAttempts, policy.ShowLockOutFailures)) + pushedEvents, err := c.eventstore.PushEvents(ctx, org.NewPasswordLockoutPolicyAddedEvent(ctx, orgAgg, policy.MaxAttempts, policy.ShowLockOutFailures)) if err != nil { return nil, err } @@ -29,9 +29,9 @@ func (r *CommandSide) AddPasswordLockoutPolicy(ctx context.Context, resourceOwne return writeModelToPasswordLockoutPolicy(&addedPolicy.PasswordLockoutPolicyWriteModel), nil } -func (r *CommandSide) ChangePasswordLockoutPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { +func (c *Commands) ChangePasswordLockoutPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) { existingPolicy := NewOrgPasswordLockoutPolicyWriteModel(resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return nil, err } @@ -45,7 +45,7 @@ func (r *CommandSide) ChangePasswordLockoutPolicy(ctx context.Context, resourceO return nil, caos_errs.ThrowPreconditionFailed(nil, "ORG-4M9vs", "Errors.Org.PasswordLockoutPolicy.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -56,9 +56,9 @@ func (r *CommandSide) ChangePasswordLockoutPolicy(ctx context.Context, resourceO return writeModelToPasswordLockoutPolicy(&existingPolicy.PasswordLockoutPolicyWriteModel), nil } -func (r *CommandSide) RemovePasswordLockoutPolicy(ctx context.Context, orgID string) error { +func (c *Commands) RemovePasswordLockoutPolicy(ctx context.Context, orgID string) error { existingPolicy := NewOrgPasswordLockoutPolicyWriteModel(orgID) - err := r.eventstore.FilterToQueryReducer(ctx, existingPolicy) + err := c.eventstore.FilterToQueryReducer(ctx, existingPolicy) if err != nil { return err } @@ -67,6 +67,6 @@ func (r *CommandSide) RemovePasswordLockoutPolicy(ctx context.Context, orgID str } orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel) - _, err = r.eventstore.PushEvents(ctx, org.NewPasswordLockoutPolicyRemovedEvent(ctx, orgAgg)) + _, err = c.eventstore.PushEvents(ctx, org.NewPasswordLockoutPolicyRemovedEvent(ctx, orgAgg)) return err } diff --git a/internal/command/project.go b/internal/command/project.go index 154934139e..ca1fab9512 100644 --- a/internal/command/project.go +++ b/internal/command/project.go @@ -9,12 +9,12 @@ import ( "github.com/caos/zitadel/internal/repository/project" ) -func (r *CommandSide) AddProject(ctx context.Context, project *domain.Project, resourceOwner, ownerUserID string) (_ *domain.Project, err error) { - events, addedProject, err := r.addProject(ctx, project, resourceOwner, ownerUserID) +func (c *Commands) AddProject(ctx context.Context, project *domain.Project, resourceOwner, ownerUserID string) (_ *domain.Project, err error) { + events, addedProject, err := c.addProject(ctx, project, resourceOwner, ownerUserID) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -25,11 +25,11 @@ func (r *CommandSide) AddProject(ctx context.Context, project *domain.Project, r return projectWriteModelToProject(addedProject), nil } -func (r *CommandSide) addProject(ctx context.Context, projectAdd *domain.Project, resourceOwner, ownerUserID string) (_ []eventstore.EventPusher, _ *ProjectWriteModel, err error) { +func (c *Commands) addProject(ctx context.Context, projectAdd *domain.Project, resourceOwner, ownerUserID string) (_ []eventstore.EventPusher, _ *ProjectWriteModel, err error) { if !projectAdd.IsValid() { return nil, nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-IOVCC", "Errors.Project.Invalid") } - projectAdd.AggregateID, err = r.idGenerator.Next() + projectAdd.AggregateID, err = c.idGenerator.Next() if err != nil { return nil, nil, err } @@ -37,7 +37,7 @@ func (r *CommandSide) addProject(ctx context.Context, projectAdd *domain.Project projectAgg := ProjectAggregateFromWriteModel(&addedProject.WriteModel) projectRole := domain.RoleProjectOwner - iam, err := r.GetIAM(ctx) + iam, err := c.GetIAM(ctx) if err != nil { return nil, nil, err } @@ -51,8 +51,8 @@ func (r *CommandSide) addProject(ctx context.Context, projectAdd *domain.Project return events, addedProject, nil } -func (r *CommandSide) getProjectByID(ctx context.Context, projectID, resourceOwner string) (*domain.Project, error) { - projectWriteModel, err := r.getProjectWriteModelByID(ctx, projectID, resourceOwner) +func (c *Commands) getProjectByID(ctx context.Context, projectID, resourceOwner string) (*domain.Project, error) { + projectWriteModel, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return nil, err } @@ -62,8 +62,8 @@ func (r *CommandSide) getProjectByID(ctx context.Context, projectID, resourceOwn return projectWriteModelToProject(projectWriteModel), nil } -func (r *CommandSide) checkProjectExists(ctx context.Context, projectID, resourceOwner string) error { - projectWriteModel, err := r.getProjectWriteModelByID(ctx, projectID, resourceOwner) +func (c *Commands) checkProjectExists(ctx context.Context, projectID, resourceOwner string) error { + projectWriteModel, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return err } @@ -73,12 +73,12 @@ func (r *CommandSide) checkProjectExists(ctx context.Context, projectID, resourc return nil } -func (r *CommandSide) ChangeProject(ctx context.Context, projectChange *domain.Project, resourceOwner string) (*domain.Project, error) { +func (c *Commands) ChangeProject(ctx context.Context, projectChange *domain.Project, resourceOwner string) (*domain.Project, error) { if !projectChange.IsValid() && projectChange.AggregateID != "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4m9vS", "Errors.Project.Invalid") } - existingProject, err := r.getProjectWriteModelByID(ctx, projectChange.AggregateID, resourceOwner) + existingProject, err := c.getProjectWriteModelByID(ctx, projectChange.AggregateID, resourceOwner) if err != nil { return nil, err } @@ -94,7 +94,7 @@ func (r *CommandSide) ChangeProject(ctx context.Context, projectChange *domain.P if !hasChanged { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2M0fs", "Errors.NoChangesFound") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -105,12 +105,12 @@ func (r *CommandSide) ChangeProject(ctx context.Context, projectChange *domain.P return projectWriteModelToProject(existingProject), nil } -func (r *CommandSide) DeactivateProject(ctx context.Context, projectID string, resourceOwner string) error { +func (c *Commands) DeactivateProject(ctx context.Context, projectID string, resourceOwner string) error { if projectID == "" || resourceOwner == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-88iF0", "Errors.Project.ProjectIDMissing") } - existingProject, err := r.getProjectWriteModelByID(ctx, projectID, resourceOwner) + existingProject, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return err } @@ -122,16 +122,16 @@ func (r *CommandSide) DeactivateProject(ctx context.Context, projectID string, r } projectAgg := ProjectAggregateFromWriteModel(&existingProject.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewProjectDeactivatedEvent(ctx, projectAgg)) + _, err = c.eventstore.PushEvents(ctx, project.NewProjectDeactivatedEvent(ctx, projectAgg)) return err } -func (r *CommandSide) ReactivateProject(ctx context.Context, projectID string, resourceOwner string) error { +func (c *Commands) ReactivateProject(ctx context.Context, projectID string, resourceOwner string) error { if projectID == "" || resourceOwner == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4m9vS", "Errors.Project.ProjectIDMissing") } - existingProject, err := r.getProjectWriteModelByID(ctx, projectID, resourceOwner) + existingProject, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return err } @@ -143,16 +143,16 @@ func (r *CommandSide) ReactivateProject(ctx context.Context, projectID string, r } projectAgg := ProjectAggregateFromWriteModel(&existingProject.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewProjectReactivatedEvent(ctx, projectAgg)) + _, err = c.eventstore.PushEvents(ctx, project.NewProjectReactivatedEvent(ctx, projectAgg)) return err } -func (r *CommandSide) RemoveProject(ctx context.Context, projectID, resourceOwner string, cascadingUserGrantIDs ...string) error { +func (c *Commands) RemoveProject(ctx context.Context, projectID, resourceOwner string, cascadingUserGrantIDs ...string) error { if projectID == "" || resourceOwner == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-66hM9", "Errors.Project.ProjectIDMissing") } - existingProject, err := r.getProjectWriteModelByID(ctx, projectID, resourceOwner) + existingProject, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return err } @@ -165,7 +165,7 @@ func (r *CommandSide) RemoveProject(ctx context.Context, projectID, resourceOwne } for _, grantID := range cascadingUserGrantIDs { - event, err := r.removeUserGrant(ctx, grantID, "", true) + event, err := c.removeUserGrant(ctx, grantID, "", true) if err != nil { logging.LogWithFields("COMMAND-b8Djf", "usergrantid", grantID).WithError(err).Warn("could not cascade remove user grant") continue @@ -173,13 +173,13 @@ func (r *CommandSide) RemoveProject(ctx context.Context, projectID, resourceOwne events = append(events, event) } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) getProjectWriteModelByID(ctx context.Context, projectID, resourceOwner string) (*ProjectWriteModel, error) { +func (c *Commands) getProjectWriteModelByID(ctx context.Context, projectID, resourceOwner string) (*ProjectWriteModel, error) { projectWriteModel := NewProjectWriteModel(projectID, resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, projectWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, projectWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_application.go b/internal/command/project_application.go index a6ab13acc2..69acacb8be 100644 --- a/internal/command/project_application.go +++ b/internal/command/project_application.go @@ -7,12 +7,12 @@ import ( "github.com/caos/zitadel/internal/repository/project" ) -func (r *CommandSide) ChangeApplication(ctx context.Context, projectID string, appChange domain.Application, resourceOwner string) (domain.Application, error) { +func (c *Commands) ChangeApplication(ctx context.Context, projectID string, appChange domain.Application, resourceOwner string) (domain.Application, error) { if appChange.GetAppID() == "" || appChange.GetApplicationName() == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4m9vS", "Errors.Project.App.Invalid") } - existingApp, err := r.getApplicationWriteModel(ctx, projectID, appChange.GetAppID(), resourceOwner) + existingApp, err := c.getApplicationWriteModel(ctx, projectID, appChange.GetAppID(), resourceOwner) if err != nil { return nil, err } @@ -23,7 +23,7 @@ func (r *CommandSide) ChangeApplication(ctx context.Context, projectID string, a return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2m8vx", "Errors.NoChangesFound") } projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel) - pushedEvents, err := r.eventstore.PushEvents( + pushedEvents, err := c.eventstore.PushEvents( ctx, project.NewApplicationChangedEvent(ctx, projectAgg, appChange.GetAppID(), existingApp.Name, appChange.GetApplicationName(), projectID)) if err != nil { @@ -36,12 +36,12 @@ func (r *CommandSide) ChangeApplication(ctx context.Context, projectID string, a return applicationWriteModelToApplication(existingApp), nil } -func (r *CommandSide) DeactivateApplication(ctx context.Context, projectID, appID, resourceOwner string) error { +func (c *Commands) DeactivateApplication(ctx context.Context, projectID, appID, resourceOwner string) error { if projectID == "" || appID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-88fi0", "Errors.IDMissing") } - existingApp, err := r.getApplicationWriteModel(ctx, projectID, appID, resourceOwner) + existingApp, err := c.getApplicationWriteModel(ctx, projectID, appID, resourceOwner) if err != nil { return err } @@ -52,16 +52,16 @@ func (r *CommandSide) DeactivateApplication(ctx context.Context, projectID, appI return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-dsh35", "Errors.Project.App.NotActive") } projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewApplicationDeactivatedEvent(ctx, projectAgg, appID)) + _, err = c.eventstore.PushEvents(ctx, project.NewApplicationDeactivatedEvent(ctx, projectAgg, appID)) return err } -func (r *CommandSide) ReactivateApplication(ctx context.Context, projectID, appID, resourceOwner string) error { +func (c *Commands) ReactivateApplication(ctx context.Context, projectID, appID, resourceOwner string) error { if projectID == "" || appID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-983dF", "Errors.IDMissing") } - existingApp, err := r.getApplicationWriteModel(ctx, projectID, appID, resourceOwner) + existingApp, err := c.getApplicationWriteModel(ctx, projectID, appID, resourceOwner) if err != nil { return err } @@ -73,16 +73,16 @@ func (r *CommandSide) ReactivateApplication(ctx context.Context, projectID, appI } projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewApplicationReactivatedEvent(ctx, projectAgg, appID)) + _, err = c.eventstore.PushEvents(ctx, project.NewApplicationReactivatedEvent(ctx, projectAgg, appID)) return err } -func (r *CommandSide) RemoveApplication(ctx context.Context, projectID, appID, resourceOwner string) error { +func (c *Commands) RemoveApplication(ctx context.Context, projectID, appID, resourceOwner string) error { if projectID == "" || appID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-1b7Jf", "Errors.IDMissing") } - existingApp, err := r.getApplicationWriteModel(ctx, projectID, appID, resourceOwner) + existingApp, err := c.getApplicationWriteModel(ctx, projectID, appID, resourceOwner) if err != nil { return err } @@ -91,13 +91,13 @@ func (r *CommandSide) RemoveApplication(ctx context.Context, projectID, appID, r } projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewApplicationRemovedEvent(ctx, projectAgg, appID, existingApp.Name, projectID)) + _, err = c.eventstore.PushEvents(ctx, project.NewApplicationRemovedEvent(ctx, projectAgg, appID, existingApp.Name, projectID)) return err } -func (r *CommandSide) getApplicationWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*ApplicationWriteModel, error) { +func (c *Commands) getApplicationWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*ApplicationWriteModel, error) { appWriteModel := NewApplicationWriteModelWithAppIDC(projectID, appID, resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, appWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, appWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_application_api.go b/internal/command/project_application_api.go index e44c60e197..a67273daf7 100644 --- a/internal/command/project_application_api.go +++ b/internal/command/project_application_api.go @@ -8,19 +8,19 @@ import ( "github.com/caos/zitadel/internal/repository/project" ) -func (r *CommandSide) AddAPIApplication(ctx context.Context, application *domain.APIApp, resourceOwner string) (_ *domain.APIApp, err error) { - project, err := r.getProjectByID(ctx, application.AggregateID, resourceOwner) +func (c *Commands) AddAPIApplication(ctx context.Context, application *domain.APIApp, resourceOwner string) (_ *domain.APIApp, err error) { + project, err := c.getProjectByID(ctx, application.AggregateID, resourceOwner) if err != nil { return nil, err } addedApplication := NewAPIApplicationWriteModel(application.AggregateID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&addedApplication.WriteModel) - events, stringPw, err := r.addAPIApplication(ctx, projectAgg, project, application, resourceOwner) + events, stringPw, err := c.addAPIApplication(ctx, projectAgg, project, application, resourceOwner) if err != nil { return nil, err } addedApplication.AppID = application.AppID - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -33,11 +33,11 @@ func (r *CommandSide) AddAPIApplication(ctx context.Context, application *domain return result, nil } -func (r *CommandSide) addAPIApplication(ctx context.Context, projectAgg *eventstore.Aggregate, proj *domain.Project, apiAppApp *domain.APIApp, resourceOwner string) (events []eventstore.EventPusher, stringPW string, err error) { +func (c *Commands) addAPIApplication(ctx context.Context, projectAgg *eventstore.Aggregate, proj *domain.Project, apiAppApp *domain.APIApp, resourceOwner string) (events []eventstore.EventPusher, stringPW string, err error) { if !apiAppApp.IsValid() { return nil, "", caos_errs.ThrowPreconditionFailed(nil, "PROJECT-Bff2g", "Errors.Application.Invalid") } - apiAppApp.AppID, err = r.idGenerator.Next() + apiAppApp.AppID, err = c.idGenerator.Next() if err != nil { return nil, "", err } @@ -47,11 +47,11 @@ func (r *CommandSide) addAPIApplication(ctx context.Context, projectAgg *eventst } var stringPw string - err = domain.SetNewClientID(apiAppApp, r.idGenerator, proj) + err = domain.SetNewClientID(apiAppApp, c.idGenerator, proj) if err != nil { return nil, "", err } - stringPw, err = domain.SetNewClientSecretIfNeeded(apiAppApp, r.applicationSecretGenerator) + stringPw, err = domain.SetNewClientSecretIfNeeded(apiAppApp, c.applicationSecretGenerator) if err != nil { return nil, "", err } @@ -65,12 +65,12 @@ func (r *CommandSide) addAPIApplication(ctx context.Context, projectAgg *eventst return events, stringPw, nil } -func (r *CommandSide) ChangeAPIApplication(ctx context.Context, apiApp *domain.APIApp, resourceOwner string) (*domain.APIApp, error) { +func (c *Commands) ChangeAPIApplication(ctx context.Context, apiApp *domain.APIApp, resourceOwner string) (*domain.APIApp, error) { if !apiApp.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-1m900", "Errors.Project.App.APIConfigInvalid") } - existingAPI, err := r.getAPIAppWriteModel(ctx, apiApp.AggregateID, apiApp.AppID, resourceOwner) + existingAPI, err := c.getAPIAppWriteModel(ctx, apiApp.AggregateID, apiApp.AppID, resourceOwner) if err != nil { return nil, err } @@ -90,7 +90,7 @@ func (r *CommandSide) ChangeAPIApplication(ctx context.Context, apiApp *domain.A return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-1m88i", "Errors.NoChangesFound") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -103,26 +103,26 @@ func (r *CommandSide) ChangeAPIApplication(ctx context.Context, apiApp *domain.A return result, nil } -func (r *CommandSide) ChangeAPIApplicationSecret(ctx context.Context, projectID, appID, resourceOwner string) (*domain.APIApp, error) { +func (c *Commands) ChangeAPIApplicationSecret(ctx context.Context, projectID, appID, resourceOwner string) (*domain.APIApp, error) { if projectID == "" || appID == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-99i83", "Errors.IDMissing") } - existingAPI, err := r.getAPIAppWriteModel(ctx, projectID, appID, resourceOwner) + existingAPI, err := c.getAPIAppWriteModel(ctx, projectID, appID, resourceOwner) if err != nil { return nil, err } if existingAPI.State == domain.AppStateUnspecified || existingAPI.State == domain.AppStateRemoved { return nil, caos_errs.ThrowNotFound(nil, "COMMAND-2g66f", "Errors.Project.App.NotExisting") } - cryptoSecret, stringPW, err := domain.NewClientSecret(r.applicationSecretGenerator) + cryptoSecret, stringPW, err := domain.NewClientSecret(c.applicationSecretGenerator) if err != nil { return nil, err } projectAgg := ProjectAggregateFromWriteModel(&existingAPI.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, project.NewAPIConfigSecretChangedEvent(ctx, projectAgg, appID, cryptoSecret)) + pushedEvents, err := c.eventstore.PushEvents(ctx, project.NewAPIConfigSecretChangedEvent(ctx, projectAgg, appID, cryptoSecret)) if err != nil { return nil, err } @@ -135,9 +135,9 @@ func (r *CommandSide) ChangeAPIApplicationSecret(ctx context.Context, projectID, result.ClientSecretString = stringPW return result, err } -func (r *CommandSide) getAPIAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*APIApplicationWriteModel, error) { +func (c *Commands) getAPIAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*APIApplicationWriteModel, error) { appWriteModel := NewAPIApplicationWriteModelWithAppID(projectID, appID, resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, appWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, appWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_application_key.go b/internal/command/project_application_key.go index d259332a31..e12e1d302d 100644 --- a/internal/command/project_application_key.go +++ b/internal/command/project_application_key.go @@ -8,20 +8,20 @@ import ( "github.com/caos/zitadel/internal/repository/project" ) -func (r *CommandSide) AddApplicationKey(ctx context.Context, key *domain.ApplicationKey, resourceOwner string) (_ *domain.ApplicationKey, err error) { - application, err := r.getApplicationWriteModel(ctx, key.AggregateID, key.ApplicationID, resourceOwner) +func (c *Commands) AddApplicationKey(ctx context.Context, key *domain.ApplicationKey, resourceOwner string) (_ *domain.ApplicationKey, err error) { + application, err := c.getApplicationWriteModel(ctx, key.AggregateID, key.ApplicationID, resourceOwner) if err != nil { return nil, err } if !application.State.Exists() { return nil, errors.ThrowPreconditionFailed(nil, "COMMAND-sak25", "Errors.Application.NotFound") } - key.KeyID, err = r.idGenerator.Next() + key.KeyID, err = c.idGenerator.Next() if err != nil { return nil, err } keyWriteModel := NewApplicationKeyWriteModel(key.AggregateID, key.ApplicationID, key.KeyID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, keyWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, keyWriteModel) if err != nil { return nil, err } @@ -34,13 +34,13 @@ func (r *CommandSide) AddApplicationKey(ctx context.Context, key *domain.Applica return nil, err } - err = domain.SetNewAuthNKeyPair(key, r.applicationKeySize) + err = domain.SetNewAuthNKeyPair(key, c.applicationKeySize) if err != nil { return nil, err } key.ClientID = keyWriteModel.ClientID - pushedEvents, err := r.eventstore.PushEvents(ctx, + pushedEvents, err := c.eventstore.PushEvents(ctx, project.NewApplicationKeyAddedEvent( ctx, ProjectAggregateFromWriteModel(&keyWriteModel.WriteModel), @@ -62,9 +62,9 @@ func (r *CommandSide) AddApplicationKey(ctx context.Context, key *domain.Applica return result, nil } -func (r *CommandSide) RemoveApplicationKey(ctx context.Context, projectID, applicationID, keyID, resourceOwner string) error { +func (c *Commands) RemoveApplicationKey(ctx context.Context, projectID, applicationID, keyID, resourceOwner string) error { keyWriteModel := NewApplicationKeyWriteModel(projectID, applicationID, keyID, resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, keyWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, keyWriteModel) if err != nil { return err } @@ -72,6 +72,6 @@ func (r *CommandSide) RemoveApplicationKey(ctx context.Context, projectID, appli return errors.ThrowNotFound(nil, "COMMAND-4m77G", "Errors.Application.Key.NotFound") } - _, err = r.eventstore.PushEvents(ctx, project.NewApplicationKeyRemovedEvent(ctx, ProjectAggregateFromWriteModel(&keyWriteModel.WriteModel), keyID)) + _, err = c.eventstore.PushEvents(ctx, project.NewApplicationKeyRemovedEvent(ctx, ProjectAggregateFromWriteModel(&keyWriteModel.WriteModel), keyID)) return err } diff --git a/internal/command/project_application_oidc.go b/internal/command/project_application_oidc.go index e2b2ead3ef..e112b6c245 100644 --- a/internal/command/project_application_oidc.go +++ b/internal/command/project_application_oidc.go @@ -13,19 +13,19 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddOIDCApplication(ctx context.Context, application *domain.OIDCApp, resourceOwner string) (_ *domain.OIDCApp, err error) { - project, err := r.getProjectByID(ctx, application.AggregateID, resourceOwner) +func (c *Commands) AddOIDCApplication(ctx context.Context, application *domain.OIDCApp, resourceOwner string) (_ *domain.OIDCApp, err error) { + project, err := c.getProjectByID(ctx, application.AggregateID, resourceOwner) if err != nil { return nil, err } addedApplication := NewOIDCApplicationWriteModel(application.AggregateID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&addedApplication.WriteModel) - events, stringPw, err := r.addOIDCApplication(ctx, projectAgg, project, application, resourceOwner) + events, stringPw, err := c.addOIDCApplication(ctx, projectAgg, project, application, resourceOwner) if err != nil { return nil, err } addedApplication.AppID = application.AppID - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -39,11 +39,11 @@ func (r *CommandSide) AddOIDCApplication(ctx context.Context, application *domai return result, nil } -func (r *CommandSide) addOIDCApplication(ctx context.Context, projectAgg *eventstore.Aggregate, proj *domain.Project, oidcApp *domain.OIDCApp, resourceOwner string) (events []eventstore.EventPusher, stringPW string, err error) { +func (c *Commands) addOIDCApplication(ctx context.Context, projectAgg *eventstore.Aggregate, proj *domain.Project, oidcApp *domain.OIDCApp, resourceOwner string) (events []eventstore.EventPusher, stringPW string, err error) { if !oidcApp.IsValid() { return nil, "", caos_errs.ThrowPreconditionFailed(nil, "PROJECT-Bff2g", "Errors.Application.Invalid") } - oidcApp.AppID, err = r.idGenerator.Next() + oidcApp.AppID, err = c.idGenerator.Next() if err != nil { return nil, "", err } @@ -53,11 +53,11 @@ func (r *CommandSide) addOIDCApplication(ctx context.Context, projectAgg *events } var stringPw string - err = domain.SetNewClientID(oidcApp, r.idGenerator, proj) + err = domain.SetNewClientID(oidcApp, c.idGenerator, proj) if err != nil { return nil, "", err } - stringPw, err = domain.SetNewClientSecretIfNeeded(oidcApp, r.applicationSecretGenerator) + stringPw, err = domain.SetNewClientSecretIfNeeded(oidcApp, c.applicationSecretGenerator) if err != nil { return nil, "", err } @@ -83,12 +83,12 @@ func (r *CommandSide) addOIDCApplication(ctx context.Context, projectAgg *events return events, stringPw, nil } -func (r *CommandSide) ChangeOIDCApplication(ctx context.Context, oidc *domain.OIDCApp, resourceOwner string) (*domain.OIDCApp, error) { +func (c *Commands) ChangeOIDCApplication(ctx context.Context, oidc *domain.OIDCApp, resourceOwner string) (*domain.OIDCApp, error) { if !oidc.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-1m900", "Errors.Project.App.OIDCConfigInvalid") } - existingOIDC, err := r.getOIDCAppWriteModel(ctx, oidc.AggregateID, oidc.AppID, resourceOwner) + existingOIDC, err := c.getOIDCAppWriteModel(ctx, oidc.AggregateID, oidc.AppID, resourceOwner) if err != nil { return nil, err } @@ -120,7 +120,7 @@ func (r *CommandSide) ChangeOIDCApplication(ctx context.Context, oidc *domain.OI return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-1m88i", "Errors.NoChangesFound") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -134,26 +134,26 @@ func (r *CommandSide) ChangeOIDCApplication(ctx context.Context, oidc *domain.OI return result, nil } -func (r *CommandSide) ChangeOIDCApplicationSecret(ctx context.Context, projectID, appID, resourceOwner string) (*domain.OIDCApp, error) { +func (c *Commands) ChangeOIDCApplicationSecret(ctx context.Context, projectID, appID, resourceOwner string) (*domain.OIDCApp, error) { if projectID == "" || appID == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-99i83", "Errors.IDMissing") } - existingOIDC, err := r.getOIDCAppWriteModel(ctx, projectID, appID, resourceOwner) + existingOIDC, err := c.getOIDCAppWriteModel(ctx, projectID, appID, resourceOwner) if err != nil { return nil, err } if existingOIDC.State == domain.AppStateUnspecified || existingOIDC.State == domain.AppStateRemoved { return nil, caos_errs.ThrowNotFound(nil, "COMMAND-2g66f", "Errors.Project.App.NotExisting") } - cryptoSecret, stringPW, err := domain.NewClientSecret(r.applicationSecretGenerator) + cryptoSecret, stringPW, err := domain.NewClientSecret(c.applicationSecretGenerator) if err != nil { return nil, err } projectAgg := ProjectAggregateFromWriteModel(&existingOIDC.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, project.NewOIDCConfigSecretChangedEvent(ctx, projectAgg, appID, cryptoSecret)) + pushedEvents, err := c.eventstore.PushEvents(ctx, project.NewOIDCConfigSecretChangedEvent(ctx, projectAgg, appID, cryptoSecret)) if err != nil { return nil, err } @@ -167,8 +167,8 @@ func (r *CommandSide) ChangeOIDCApplicationSecret(ctx context.Context, projectID return result, err } -func (r *CommandSide) VerifyOIDCClientSecret(ctx context.Context, projectID, appID, secret string) error { - app, err := r.getOIDCAppWriteModel(ctx, projectID, appID, "") +func (c *Commands) VerifyOIDCClientSecret(ctx context.Context, projectID, appID, secret string) error { + app, err := c.getOIDCAppWriteModel(ctx, projectID, appID, "") if err != nil { return err } @@ -181,20 +181,20 @@ func (r *CommandSide) VerifyOIDCClientSecret(ctx context.Context, projectID, app projectAgg := ProjectAggregateFromWriteModel(&app.WriteModel) ctx, spanPasswordComparison := tracing.NewNamedSpan(ctx, "crypto.CompareHash") - err = crypto.CompareHash(app.ClientSecret, []byte(secret), r.userPasswordAlg) + err = crypto.CompareHash(app.ClientSecret, []byte(secret), c.userPasswordAlg) spanPasswordComparison.EndWithError(err) if err == nil { - _, err = r.eventstore.PushEvents(ctx, project.NewOIDCConfigSecretCheckSucceededEvent(ctx, projectAgg, app.AppID)) + _, err = c.eventstore.PushEvents(ctx, project.NewOIDCConfigSecretCheckSucceededEvent(ctx, projectAgg, app.AppID)) return err } - _, err = r.eventstore.PushEvents(ctx, project.NewOIDCConfigSecretCheckFailedEvent(ctx, projectAgg, app.AppID)) + _, err = c.eventstore.PushEvents(ctx, project.NewOIDCConfigSecretCheckFailedEvent(ctx, projectAgg, app.AppID)) logging.Log("COMMAND-ADfhz").OnError(err).Error("could not push event OIDCClientSecretCheckFailed") return caos_errs.ThrowInvalidArgument(nil, "COMMAND-Bz542", "Errors.Project.App.OIDCSecretInvalid") } -func (r *CommandSide) getOIDCAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*OIDCApplicationWriteModel, error) { +func (c *Commands) getOIDCAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*OIDCApplicationWriteModel, error) { appWriteModel := NewOIDCApplicationWriteModelWithAppID(projectID, appID, resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, appWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, appWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_grant.go b/internal/command/project_grant.go index 62a7288623..211caa47b3 100644 --- a/internal/command/project_grant.go +++ b/internal/command/project_grant.go @@ -11,25 +11,25 @@ import ( "reflect" ) -func (r *CommandSide) AddProjectGrant(ctx context.Context, grant *domain.ProjectGrant, resourceOwner string) (_ *domain.ProjectGrant, err error) { +func (c *Commands) AddProjectGrant(ctx context.Context, grant *domain.ProjectGrant, resourceOwner string) (_ *domain.ProjectGrant, err error) { if !grant.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-Bff2g", "Errors.Project.Grant.Invalid") } - grant.GrantID, err = r.idGenerator.Next() + grant.GrantID, err = c.idGenerator.Next() if err != nil { return nil, err } - err = r.checkProjectExists(ctx, grant.AggregateID, resourceOwner) + err = c.checkProjectExists(ctx, grant.AggregateID, resourceOwner) if err != nil { return nil, err } - err = r.checkOrgExists(ctx, grant.GrantedOrgID) + err = c.checkOrgExists(ctx, grant.GrantedOrgID) if err != nil { return nil, err } addedGrant := NewProjectGrantWriteModel(grant.GrantID, grant.AggregateID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&addedGrant.WriteModel) - pushedEvents, err := r.eventstore.PushEvents( + pushedEvents, err := c.eventstore.PushEvents( ctx, project.NewGrantAddedEvent(ctx, projectAgg, grant.GrantID, grant.GrantedOrgID, grant.AggregateID, grant.RoleKeys)) if err != nil { @@ -42,15 +42,15 @@ func (r *CommandSide) AddProjectGrant(ctx context.Context, grant *domain.Project return projectGrantWriteModelToProjectGrant(addedGrant), nil } -func (r *CommandSide) ChangeProjectGrant(ctx context.Context, grant *domain.ProjectGrant, resourceOwner string, cascadeUserGrantIDs ...string) (_ *domain.ProjectGrant, err error) { +func (c *Commands) ChangeProjectGrant(ctx context.Context, grant *domain.ProjectGrant, resourceOwner string, cascadeUserGrantIDs ...string) (_ *domain.ProjectGrant, err error) { if grant.GrantID == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-1j83s", "Errors.IDMissing") } - err = r.checkProjectExists(ctx, grant.AggregateID, resourceOwner) + err = c.checkProjectExists(ctx, grant.AggregateID, resourceOwner) if err != nil { return nil, err } - existingGrant, err := r.projectGrantWriteModelByID(ctx, grant.GrantID, grant.AggregateID, resourceOwner) + existingGrant, err := c.projectGrantWriteModelByID(ctx, grant.GrantID, grant.AggregateID, resourceOwner) if err != nil { return nil, err } @@ -66,7 +66,7 @@ func (r *CommandSide) ChangeProjectGrant(ctx context.Context, grant *domain.Proj removedRoles := domain.GetRemovedRoles(existingGrant.RoleKeys, grant.RoleKeys) if len(removedRoles) == 0 { - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -78,13 +78,13 @@ func (r *CommandSide) ChangeProjectGrant(ctx context.Context, grant *domain.Proj } for _, userGrantID := range cascadeUserGrantIDs { - event, err := r.removeRoleFromUserGrant(ctx, userGrantID, removedRoles, true) + event, err := c.removeRoleFromUserGrant(ctx, userGrantID, removedRoles, true) if err != nil { continue } events = append(events, event) } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -95,8 +95,8 @@ func (r *CommandSide) ChangeProjectGrant(ctx context.Context, grant *domain.Proj return projectGrantWriteModelToProjectGrant(existingGrant), nil } -func (r *CommandSide) removeRoleFromProjectGrant(ctx context.Context, projectAgg *eventstore.Aggregate, projectID, projectGrantID, roleKey string, cascade bool) (_ eventstore.EventPusher, _ *ProjectGrantWriteModel, err error) { - existingProjectGrant, err := r.projectGrantWriteModelByID(ctx, projectID, projectGrantID, "") +func (c *Commands) removeRoleFromProjectGrant(ctx context.Context, projectAgg *eventstore.Aggregate, projectID, projectGrantID, roleKey string, cascade bool) (_ eventstore.EventPusher, _ *ProjectGrantWriteModel, err error) { + existingProjectGrant, err := c.projectGrantWriteModelByID(ctx, projectID, projectGrantID, "") if err != nil { return nil, nil, err } @@ -125,15 +125,15 @@ func (r *CommandSide) removeRoleFromProjectGrant(ctx context.Context, projectAgg return project.NewGrantChangedEvent(ctx, projectAgg, projectGrantID, existingProjectGrant.RoleKeys), changedProjectGrant, nil } -func (r *CommandSide) DeactivateProjectGrant(ctx context.Context, projectID, grantID, resourceOwner string) (err error) { +func (c *Commands) DeactivateProjectGrant(ctx context.Context, projectID, grantID, resourceOwner string) (err error) { if grantID == "" || projectID == "" { return caos_errs.ThrowPreconditionFailed(nil, "PROJECT-p0s4V", "Errors.IDMissing") } - err = r.checkProjectExists(ctx, projectID, resourceOwner) + err = c.checkProjectExists(ctx, projectID, resourceOwner) if err != nil { return err } - existingGrant, err := r.projectGrantWriteModelByID(ctx, grantID, projectID, resourceOwner) + existingGrant, err := c.projectGrantWriteModelByID(ctx, grantID, projectID, resourceOwner) if err != nil { return err } @@ -142,19 +142,19 @@ func (r *CommandSide) DeactivateProjectGrant(ctx context.Context, projectID, gra } projectAgg := ProjectAggregateFromWriteModel(&existingGrant.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewGrantDeactivateEvent(ctx, projectAgg, grantID)) + _, err = c.eventstore.PushEvents(ctx, project.NewGrantDeactivateEvent(ctx, projectAgg, grantID)) return err } -func (r *CommandSide) ReactivateProjectGrant(ctx context.Context, projectID, grantID, resourceOwner string) (err error) { +func (c *Commands) ReactivateProjectGrant(ctx context.Context, projectID, grantID, resourceOwner string) (err error) { if grantID == "" || projectID == "" { return caos_errs.ThrowPreconditionFailed(nil, "PROJECT-p0s4V", "Errors.IDMissing") } - err = r.checkProjectExists(ctx, projectID, resourceOwner) + err = c.checkProjectExists(ctx, projectID, resourceOwner) if err != nil { return err } - existingGrant, err := r.projectGrantWriteModelByID(ctx, grantID, projectID, resourceOwner) + existingGrant, err := c.projectGrantWriteModelByID(ctx, grantID, projectID, resourceOwner) if err != nil { return err } @@ -162,19 +162,19 @@ func (r *CommandSide) ReactivateProjectGrant(ctx context.Context, projectID, gra return caos_errs.ThrowPreconditionFailed(nil, "PROJECT-47fu8", "Errors.Project.Grant.NotInactive") } projectAgg := ProjectAggregateFromWriteModel(&existingGrant.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewGrantReactivatedEvent(ctx, projectAgg, grantID)) + _, err = c.eventstore.PushEvents(ctx, project.NewGrantReactivatedEvent(ctx, projectAgg, grantID)) return err } -func (r *CommandSide) RemoveProjectGrant(ctx context.Context, projectID, grantID, resourceOwner string, cascadeUserGrantIDs ...string) (err error) { +func (c *Commands) RemoveProjectGrant(ctx context.Context, projectID, grantID, resourceOwner string, cascadeUserGrantIDs ...string) (err error) { if grantID == "" || projectID == "" { return caos_errs.ThrowPreconditionFailed(nil, "PROJECT-1m9fJ", "Errors.IDMissing") } - err = r.checkProjectExists(ctx, projectID, resourceOwner) + err = c.checkProjectExists(ctx, projectID, resourceOwner) if err != nil { return err } - existingGrant, err := r.projectGrantWriteModelByID(ctx, grantID, projectID, resourceOwner) + existingGrant, err := c.projectGrantWriteModelByID(ctx, grantID, projectID, resourceOwner) if err != nil { return err } @@ -183,23 +183,23 @@ func (r *CommandSide) RemoveProjectGrant(ctx context.Context, projectID, grantID events = append(events, project.NewGrantRemovedEvent(ctx, projectAgg, grantID, existingGrant.GrantedOrgID, projectID)) for _, userGrantID := range cascadeUserGrantIDs { - event, err := r.removeUserGrant(ctx, userGrantID, "", true) + event, err := c.removeUserGrant(ctx, userGrantID, "", true) if err != nil { logging.LogWithFields("COMMAND-3m8sG", "usergrantid", grantID).WithError(err).Warn("could not cascade remove user grant") continue } events = append(events, event) } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) projectGrantWriteModelByID(ctx context.Context, grantID, projectID, resourceOwner string) (member *ProjectGrantWriteModel, err error) { +func (c *Commands) projectGrantWriteModelByID(ctx context.Context, grantID, projectID, resourceOwner string) (member *ProjectGrantWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewProjectGrantWriteModel(grantID, projectID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/project_grant_member.go b/internal/command/project_grant_member.go index 644febda6b..c745e6e846 100644 --- a/internal/command/project_grant_member.go +++ b/internal/command/project_grant_member.go @@ -11,16 +11,16 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddProjectGrantMember(ctx context.Context, member *domain.ProjectGrantMember, resourceOwner string) (*domain.ProjectGrantMember, error) { +func (c *Commands) AddProjectGrantMember(ctx context.Context, member *domain.ProjectGrantMember, resourceOwner string) (*domain.ProjectGrantMember, error) { if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-8fi7G", "Errors.Project.Member.Invalid") } - err := r.checkUserExists(ctx, member.UserID, "") + err := c.checkUserExists(ctx, member.UserID, "") if err != nil { return nil, err } addedMember := NewProjectGrantMemberWriteModel(member.AggregateID, member.UserID, member.GrantID) - err = r.eventstore.FilterToQueryReducer(ctx, addedMember) + err = c.eventstore.FilterToQueryReducer(ctx, addedMember) if err != nil { return nil, err } @@ -28,7 +28,7 @@ func (r *CommandSide) AddProjectGrantMember(ctx context.Context, member *domain. return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-16dVN", "Errors.Project.Member.AlreadyExists") } projectAgg := ProjectAggregateFromWriteModel(&addedMember.WriteModel) - pushedEvents, err := r.eventstore.PushEvents( + pushedEvents, err := c.eventstore.PushEvents( ctx, project.NewProjectGrantMemberAddedEvent(ctx, projectAgg, member.AggregateID, member.UserID, member.GrantID, member.Roles...)) if err != nil { @@ -43,14 +43,14 @@ func (r *CommandSide) AddProjectGrantMember(ctx context.Context, member *domain. } //ChangeProjectGrantMember updates an existing member -func (r *CommandSide) ChangeProjectGrantMember(ctx context.Context, member *domain.ProjectGrantMember, resourceOwner string) (*domain.ProjectGrantMember, error) { +func (c *Commands) ChangeProjectGrantMember(ctx context.Context, member *domain.ProjectGrantMember, resourceOwner string) (*domain.ProjectGrantMember, error) { //TODO: check if roles valid if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-109fs", "Errors.Project.Member.Invalid") } - existingMember, err := r.projectGrantMemberWriteModelByID(ctx, member.AggregateID, member.UserID, member.GrantID) + existingMember, err := c.projectGrantMemberWriteModelByID(ctx, member.AggregateID, member.UserID, member.GrantID) if err != nil { return nil, err } @@ -59,7 +59,7 @@ func (r *CommandSide) ChangeProjectGrantMember(ctx context.Context, member *doma return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-2n8vx", "Errors.Project.Member.RolesNotChanged") } projectAgg := ProjectAggregateFromWriteModel(&existingMember.WriteModel) - pushedEvents, err := r.eventstore.PushEvents( + pushedEvents, err := c.eventstore.PushEvents( ctx, project.NewProjectGrantMemberChangedEvent(ctx, projectAgg, member.UserID, member.GrantID, member.Roles...)) if err != nil { @@ -73,23 +73,23 @@ func (r *CommandSide) ChangeProjectGrantMember(ctx context.Context, member *doma return memberWriteModelToProjectGrantMember(existingMember), nil } -func (r *CommandSide) RemoveProjectGrantMember(ctx context.Context, projectID, userID, grantID, resourceOwner string) error { - m, err := r.projectGrantMemberWriteModelByID(ctx, projectID, userID, grantID) +func (c *Commands) RemoveProjectGrantMember(ctx context.Context, projectID, userID, grantID, resourceOwner string) error { + m, err := c.projectGrantMemberWriteModelByID(ctx, projectID, userID, grantID) if err != nil { return err } projectAgg := ProjectAggregateFromWriteModel(&m.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewProjectGrantMemberRemovedEvent(ctx, projectAgg, projectID, userID, grantID)) + _, err = c.eventstore.PushEvents(ctx, project.NewProjectGrantMemberRemovedEvent(ctx, projectAgg, projectID, userID, grantID)) return err } -func (r *CommandSide) projectGrantMemberWriteModelByID(ctx context.Context, projectID, userID, grantID string) (member *ProjectGrantMemberWriteModel, err error) { +func (c *Commands) projectGrantMemberWriteModelByID(ctx context.Context, projectID, userID, grantID string) (member *ProjectGrantMemberWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewProjectGrantMemberWriteModel(projectID, userID, grantID) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/project_member.go b/internal/command/project_member.go index baf956d1a5..4926f52f2d 100644 --- a/internal/command/project_member.go +++ b/internal/command/project_member.go @@ -12,15 +12,15 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddProjectMember(ctx context.Context, member *domain.Member, resourceOwner string) (*domain.Member, error) { +func (c *Commands) AddProjectMember(ctx context.Context, member *domain.Member, resourceOwner string) (*domain.Member, error) { addedMember := NewProjectMemberWriteModel(member.AggregateID, member.UserID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&addedMember.WriteModel) - event, err := r.addProjectMember(ctx, projectAgg, addedMember, member) + event, err := c.addProjectMember(ctx, projectAgg, addedMember, member) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -32,18 +32,18 @@ func (r *CommandSide) AddProjectMember(ctx context.Context, member *domain.Membe return memberWriteModelToMember(&addedMember.MemberWriteModel), nil } -func (r *CommandSide) addProjectMember(ctx context.Context, projectAgg *eventstore.Aggregate, addedMember *ProjectMemberWriteModel, member *domain.Member) (eventstore.EventPusher, error) { +func (c *Commands) addProjectMember(ctx context.Context, projectAgg *eventstore.Aggregate, addedMember *ProjectMemberWriteModel, member *domain.Member) (eventstore.EventPusher, error) { //TODO: check if roles valid if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-W8m4l", "Errors.Project.Member.Invalid") } - err := r.checkUserExists(ctx, addedMember.UserID, "") + err := c.checkUserExists(ctx, addedMember.UserID, "") if err != nil { return nil, err } - err = r.eventstore.FilterToQueryReducer(ctx, addedMember) + err = c.eventstore.FilterToQueryReducer(ctx, addedMember) if err != nil { return nil, err } @@ -55,14 +55,14 @@ func (r *CommandSide) addProjectMember(ctx context.Context, projectAgg *eventsto } //ChangeProjectMember updates an existing member -func (r *CommandSide) ChangeProjectMember(ctx context.Context, member *domain.Member, resourceOwner string) (*domain.Member, error) { +func (c *Commands) ChangeProjectMember(ctx context.Context, member *domain.Member, resourceOwner string) (*domain.Member, error) { //TODO: check if roles valid if !member.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-LiaZi", "Errors.Project.Member.Invalid") } - existingMember, err := r.projectMemberWriteModelByID(ctx, member.AggregateID, member.UserID, resourceOwner) + existingMember, err := c.projectMemberWriteModelByID(ctx, member.AggregateID, member.UserID, resourceOwner) if err != nil { return nil, err } @@ -71,7 +71,7 @@ func (r *CommandSide) ChangeProjectMember(ctx context.Context, member *domain.Me return nil, caos_errs.ThrowPreconditionFailed(nil, "PROJECT-LiaZi", "Errors.Project.Member.RolesNotChanged") } projectAgg := ProjectAggregateFromWriteModel(&existingMember.MemberWriteModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, project.NewProjectMemberChangedEvent(ctx, projectAgg, member.UserID, member.Roles...)) + pushedEvents, err := c.eventstore.PushEvents(ctx, project.NewProjectMemberChangedEvent(ctx, projectAgg, member.UserID, member.Roles...)) if err != nil { return nil, err } @@ -84,8 +84,8 @@ func (r *CommandSide) ChangeProjectMember(ctx context.Context, member *domain.Me return memberWriteModelToMember(&existingMember.MemberWriteModel), nil } -func (r *CommandSide) RemoveProjectMember(ctx context.Context, projectID, userID, resourceOwner string) error { - m, err := r.projectMemberWriteModelByID(ctx, projectID, userID, resourceOwner) +func (c *Commands) RemoveProjectMember(ctx context.Context, projectID, userID, resourceOwner string) error { + m, err := c.projectMemberWriteModelByID(ctx, projectID, userID, resourceOwner) if err != nil && !errors.IsNotFound(err) { return err } @@ -94,16 +94,16 @@ func (r *CommandSide) RemoveProjectMember(ctx context.Context, projectID, userID } projectAgg := ProjectAggregateFromWriteModel(&m.MemberWriteModel.WriteModel) - _, err = r.eventstore.PushEvents(ctx, project.NewProjectMemberRemovedEvent(ctx, projectAgg, userID)) + _, err = c.eventstore.PushEvents(ctx, project.NewProjectMemberRemovedEvent(ctx, projectAgg, userID)) return err } -func (r *CommandSide) projectMemberWriteModelByID(ctx context.Context, projectID, userID, resourceOwner string) (member *ProjectMemberWriteModel, err error) { +func (c *Commands) projectMemberWriteModelByID(ctx context.Context, projectID, userID, resourceOwner string) (member *ProjectMemberWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel := NewProjectMemberWriteModel(projectID, userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/project_role.go b/internal/command/project_role.go index 0db2ba396f..adb0e62a75 100644 --- a/internal/command/project_role.go +++ b/internal/command/project_role.go @@ -9,19 +9,19 @@ import ( "github.com/caos/zitadel/internal/repository/project" ) -func (r *CommandSide) AddProjectRole(ctx context.Context, projectRole *domain.ProjectRole, resourceOwner string) (_ *domain.ProjectRole, err error) { - err = r.checkProjectExists(ctx, projectRole.AggregateID, resourceOwner) +func (c *Commands) AddProjectRole(ctx context.Context, projectRole *domain.ProjectRole, resourceOwner string) (_ *domain.ProjectRole, err error) { + err = c.checkProjectExists(ctx, projectRole.AggregateID, resourceOwner) if err != nil { return nil, err } roleWriteModel := NewProjectRoleWriteModelWithKey(projectRole.Key, projectRole.AggregateID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&roleWriteModel.WriteModel) - events, err := r.addProjectRoles(ctx, projectAgg, projectRole.AggregateID, projectRole) + events, err := c.addProjectRoles(ctx, projectAgg, projectRole.AggregateID, projectRole) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -32,24 +32,24 @@ func (r *CommandSide) AddProjectRole(ctx context.Context, projectRole *domain.Pr return roleWriteModelToRole(roleWriteModel), nil } -func (r *CommandSide) BulkAddProjectRole(ctx context.Context, projectID, resourceOwner string, projectRoles []*domain.ProjectRole) (err error) { - err = r.checkProjectExists(ctx, projectID, resourceOwner) +func (c *Commands) BulkAddProjectRole(ctx context.Context, projectID, resourceOwner string, projectRoles []*domain.ProjectRole) (err error) { + err = c.checkProjectExists(ctx, projectID, resourceOwner) if err != nil { return err } roleWriteModel := NewProjectRoleWriteModel(projectID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&roleWriteModel.WriteModel) - events, err := r.addProjectRoles(ctx, projectAgg, projectID, projectRoles...) + events, err := c.addProjectRoles(ctx, projectAgg, projectID, projectRoles...) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) addProjectRoles(ctx context.Context, projectAgg *eventstore.Aggregate, projectID string, projectRoles ...*domain.ProjectRole) ([]eventstore.EventPusher, error) { +func (c *Commands) addProjectRoles(ctx context.Context, projectAgg *eventstore.Aggregate, projectID string, projectRoles ...*domain.ProjectRole) ([]eventstore.EventPusher, error) { var events []eventstore.EventPusher for _, projectRole := range projectRoles { if !projectRole.IsValid() { @@ -68,16 +68,16 @@ func (r *CommandSide) addProjectRoles(ctx context.Context, projectAgg *eventstor return events, nil } -func (r *CommandSide) ChangeProjectRole(ctx context.Context, projectRole *domain.ProjectRole, resourceOwner string) (_ *domain.ProjectRole, err error) { +func (c *Commands) ChangeProjectRole(ctx context.Context, projectRole *domain.ProjectRole, resourceOwner string) (_ *domain.ProjectRole, err error) { if !projectRole.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4m9vS", "Errors.Project.Invalid") } - err = r.checkProjectExists(ctx, projectRole.AggregateID, resourceOwner) + err = c.checkProjectExists(ctx, projectRole.AggregateID, resourceOwner) if err != nil { return nil, err } - existingRole, err := r.getProjectRoleWriteModelByID(ctx, projectRole.Key, projectRole.AggregateID, resourceOwner) + existingRole, err := c.getProjectRoleWriteModelByID(ctx, projectRole.Key, projectRole.AggregateID, resourceOwner) if err != nil { return nil, err } @@ -95,7 +95,7 @@ func (r *CommandSide) ChangeProjectRole(ctx context.Context, projectRole *domain return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-5M0cs", "Errors.NoChangesFound") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changeEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changeEvent) if err != nil { return nil, err } @@ -106,11 +106,11 @@ func (r *CommandSide) ChangeProjectRole(ctx context.Context, projectRole *domain return roleWriteModelToRole(existingRole), nil } -func (r *CommandSide) RemoveProjectRole(ctx context.Context, projectID, key, resourceOwner string, cascadingProjectGrantIds []string, cascadeUserGrantIDs ...string) (err error) { +func (c *Commands) RemoveProjectRole(ctx context.Context, projectID, key, resourceOwner string, cascadingProjectGrantIds []string, cascadeUserGrantIDs ...string) (err error) { if projectID == "" || key == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4m9vS", "Errors.Project.Role.Invalid") } - existingRole, err := r.getProjectRoleWriteModelByID(ctx, key, projectID, resourceOwner) + existingRole, err := c.getProjectRoleWriteModelByID(ctx, key, projectID, resourceOwner) if err != nil { return err } @@ -123,7 +123,7 @@ func (r *CommandSide) RemoveProjectRole(ctx context.Context, projectID, key, res } for _, projectGrantID := range cascadingProjectGrantIds { - event, _, err := r.removeRoleFromProjectGrant(ctx, projectAgg, projectID, projectGrantID, key, true) + event, _, err := c.removeRoleFromProjectGrant(ctx, projectAgg, projectID, projectGrantID, key, true) if err != nil { logging.LogWithFields("COMMAND-6n77g", "projectgrantid", projectGrantID).WithError(err).Warn("could not cascade remove role from project grant") continue @@ -132,7 +132,7 @@ func (r *CommandSide) RemoveProjectRole(ctx context.Context, projectID, key, res } for _, grantID := range cascadeUserGrantIDs { - event, err := r.removeRoleFromUserGrant(ctx, grantID, []string{key}, true) + event, err := c.removeRoleFromUserGrant(ctx, grantID, []string{key}, true) if err != nil { logging.LogWithFields("COMMAND-mK0of", "usergrantid", grantID).WithError(err).Warn("could not cascade remove role on user grant") continue @@ -140,13 +140,13 @@ func (r *CommandSide) RemoveProjectRole(ctx context.Context, projectID, key, res events = append(events, event) } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) getProjectRoleWriteModelByID(ctx context.Context, key, projectID, resourceOwner string) (*ProjectRoleWriteModel, error) { +func (c *Commands) getProjectRoleWriteModelByID(ctx context.Context, key, projectID, resourceOwner string) (*ProjectRoleWriteModel, error) { projectRoleWriteModel := NewProjectRoleWriteModelWithKey(key, projectID, resourceOwner) - err := r.eventstore.FilterToQueryReducer(ctx, projectRoleWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, projectRoleWriteModel) if err != nil { return nil, err } diff --git a/internal/command/setup.go b/internal/command/setup.go index 1236fde62e..484277353d 100644 --- a/internal/command/setup.go +++ b/internal/command/setup.go @@ -14,15 +14,15 @@ import ( type Step interface { Step() domain.Step - execute(context.Context, *CommandSide) error + execute(context.Context, *Commands) error } const ( SetupUser = "SETUP" ) -func (r *CommandSide) ExecuteSetupSteps(ctx context.Context, steps []Step) error { - iam, err := r.GetIAM(ctx) +func (c *Commands) ExecuteSetupSteps(ctx context.Context, steps []Step) error { + iam, err := c.GetIAM(ctx) if err != nil && !caos_errs.IsNotFound(err) { return err } @@ -38,12 +38,12 @@ func (r *CommandSide) ExecuteSetupSteps(ctx context.Context, steps []Step) error ctx = setSetUpContextData(ctx) for _, step := range steps { - iam, err = r.StartSetup(ctx, step.Step()) + iam, err = c.StartSetup(ctx, step.Step()) if err != nil { return err } - err = step.execute(ctx, r) + err = step.execute(ctx, c) if err != nil { return err } @@ -55,8 +55,8 @@ func setSetUpContextData(ctx context.Context) context.Context { return authz.SetCtxData(ctx, authz.CtxData{UserID: SetupUser}) } -func (r *CommandSide) StartSetup(ctx context.Context, step domain.Step) (*domain.IAM, error) { - iamWriteModel, err := r.getIAMWriteModel(ctx) +func (c *Commands) StartSetup(ctx context.Context, step domain.Step) (*domain.IAM, error) { + iamWriteModel, err := c.getIAMWriteModel(ctx) if err != nil && !caos_errs.IsNotFound(err) { return nil, err } @@ -64,7 +64,7 @@ func (r *CommandSide) StartSetup(ctx context.Context, step domain.Step) (*domain return nil, caos_errs.ThrowPreconditionFailed(nil, "EVENT-9so34", "setup error") } aggregate := IAMAggregateFromWriteModel(&iamWriteModel.WriteModel) - pushedEvents, err := r.eventstore.PushEvents(ctx, iam_repo.NewSetupStepStartedEvent(ctx, aggregate, step)) + pushedEvents, err := c.eventstore.PushEvents(ctx, iam_repo.NewSetupStepStartedEvent(ctx, aggregate, step)) if err != nil { return nil, caos_errs.ThrowPreconditionFailed(nil, "EVENT-Grgh1", "Setup start failed") } @@ -76,8 +76,8 @@ func (r *CommandSide) StartSetup(ctx context.Context, step domain.Step) (*domain return writeModelToIAM(iamWriteModel), nil } -func (r *CommandSide) setup(ctx context.Context, step Step, iamAggregateProvider func(*IAMWriteModel) ([]eventstore.EventPusher, error)) error { - iam, err := r.getIAMWriteModel(ctx) +func (c *Commands) setup(ctx context.Context, step Step, iamAggregateProvider func(*IAMWriteModel) ([]eventstore.EventPusher, error)) error { + iam, err := c.getIAMWriteModel(ctx) if err != nil && !caos_errs.IsNotFound(err) { return err } @@ -91,7 +91,7 @@ func (r *CommandSide) setup(ctx context.Context, step Step, iamAggregateProvider iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) events = append(events, iam_repo.NewSetupStepDoneEvent(ctx, iamAgg, step.Step())) - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) if err != nil { return caos_errs.ThrowPreconditionFailedf(nil, "EVENT-dbG31", "Setup %v failed", step.Step()) } diff --git a/internal/command/setup_step1.go b/internal/command/setup_step1.go index af051b8ba3..a44f6bb487 100644 --- a/internal/command/setup_step1.go +++ b/internal/command/setup_step1.go @@ -39,7 +39,7 @@ func (s *Step1) Step() domain.Step { return domain.Step1 } -func (s *Step1) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step1) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep1(ctx, s) } @@ -83,12 +83,12 @@ type OIDCApp struct { DevMode bool } -func (r *CommandSide) SetupStep1(ctx context.Context, step1 *Step1) error { +func (c *Commands) SetupStep1(ctx context.Context, step1 *Step1) error { var events []eventstore.EventPusher iamWriteModel := NewIAMWriteModel() iamAgg := IAMAggregateFromWriteModel(&iamWriteModel.WriteModel) //create default login policy - loginPolicyEvent, err := r.addDefaultLoginPolicy(ctx, iamAgg, NewIAMLoginPolicyWriteModel(), + loginPolicyEvent, err := c.addDefaultLoginPolicy(ctx, iamAgg, NewIAMLoginPolicyWriteModel(), &domain.LoginPolicy{ AllowUsernamePassword: step1.DefaultLoginPolicy.AllowUsernamePassword, AllowRegister: step1.DefaultLoginPolicy.AllowRegister, @@ -101,7 +101,7 @@ func (r *CommandSide) SetupStep1(ctx context.Context, step1 *Step1) error { logging.Log("SETUP-sd2hj").Info("default login policy set up") //create orgs for _, organisation := range step1.Orgs { - orgAgg, humanWriteModel, _, setUpOrgEvents, err := r.setUpOrg(ctx, + orgAgg, humanWriteModel, _, setUpOrgEvents, err := c.setUpOrg(ctx, &domain.Org{ Name: organisation.Name, Domains: []*domain.OrgDomain{{Domain: organisation.Domain}}, @@ -127,14 +127,14 @@ func (r *CommandSide) SetupStep1(ctx context.Context, step1 *Step1) error { logging.LogWithFields("SETUP-Gdsfg", "id", orgAgg.ID, "name", organisation.Name).Info("org set up") if organisation.OrgIamPolicy { - orgIAMPolicyEvent, err := r.addOrgIAMPolicy(ctx, orgAgg, NewORGOrgIAMPolicyWriteModel(orgAgg.ID), &domain.OrgIAMPolicy{UserLoginMustBeDomain: false}) + orgIAMPolicyEvent, err := c.addOrgIAMPolicy(ctx, orgAgg, NewORGOrgIAMPolicyWriteModel(orgAgg.ID), &domain.OrgIAMPolicy{UserLoginMustBeDomain: false}) if err != nil { return err } events = append(events, orgIAMPolicyEvent) } if organisation.Name == step1.GlobalOrg { - globalOrgEvent, err := r.setGlobalOrg(ctx, iamAgg, iamWriteModel, orgAgg.ID) + globalOrgEvent, err := c.setGlobalOrg(ctx, iamAgg, iamWriteModel, orgAgg.ID) if err != nil { return err } @@ -144,19 +144,19 @@ func (r *CommandSide) SetupStep1(ctx context.Context, step1 *Step1) error { //projects for _, proj := range organisation.Projects { project := &domain.Project{Name: proj.Name} - projectEvents, projectWriteModel, err := r.addProject(ctx, project, orgAgg.ID, humanWriteModel.AggregateID) + projectEvents, projectWriteModel, err := c.addProject(ctx, project, orgAgg.ID, humanWriteModel.AggregateID) if err != nil { return err } events = append(events, projectEvents...) if project.Name == step1.IAMProject { - iamProjectEvent, err := r.setIAMProject(ctx, iamAgg, iamWriteModel, projectWriteModel.AggregateID) + iamProjectEvent, err := c.setIAMProject(ctx, iamAgg, iamWriteModel, projectWriteModel.AggregateID) if err != nil { return err } events = append(events, iamProjectEvent) logging.Log("SETUP-Bdfs1").Info("IAM project set") - iamEvent, err := r.addIAMMember(ctx, iamAgg, NewIAMMemberWriteModel(humanWriteModel.AggregateID), domain.NewMember(iamAgg.ID, humanWriteModel.AggregateID, domain.RoleIAMOwner)) + iamEvent, err := c.addIAMMember(ctx, iamAgg, NewIAMMemberWriteModel(humanWriteModel.AggregateID), domain.NewMember(iamAgg.ID, humanWriteModel.AggregateID, domain.RoleIAMOwner)) if err != nil { return err } @@ -165,7 +165,7 @@ func (r *CommandSide) SetupStep1(ctx context.Context, step1 *Step1) error { } //create applications for _, app := range proj.OIDCApps { - applicationEvents, err := setUpApplication(ctx, r, projectWriteModel, project, app, orgAgg.ID) + applicationEvents, err := setUpApplication(ctx, c, projectWriteModel, project, app, orgAgg.ID) if err != nil { return err } @@ -176,14 +176,14 @@ func (r *CommandSide) SetupStep1(ctx context.Context, step1 *Step1) error { events = append(events, iam_repo.NewSetupStepDoneEvent(ctx, iamAgg, domain.Step1)) - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) if err != nil { return caos_errs.ThrowPreconditionFailed(nil, "EVENT-Gr2hh", "Setup Step1 failed") } return nil } -func setUpApplication(ctx context.Context, r *CommandSide, projectWriteModel *ProjectWriteModel, project *domain.Project, oidcApp OIDCApp, resourceOwner string) ([]eventstore.EventPusher, error) { +func setUpApplication(ctx context.Context, r *Commands, projectWriteModel *ProjectWriteModel, project *domain.Project, oidcApp OIDCApp, resourceOwner string) ([]eventstore.EventPusher, error) { app := &domain.OIDCApp{ ObjectRoot: models.ObjectRoot{ AggregateID: projectWriteModel.AggregateID, diff --git a/internal/command/setup_step10.go b/internal/command/setup_step10.go index 46392fc9f3..d442b60f70 100644 --- a/internal/command/setup_step10.go +++ b/internal/command/setup_step10.go @@ -16,14 +16,14 @@ func (s *Step10) Step() domain.Step { return domain.Step10 } -func (s *Step10) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step10) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep10(ctx, s) } -func (r *CommandSide) SetupStep10(ctx context.Context, step *Step10) error { +func (c *Commands) SetupStep10(ctx context.Context, step *Step10) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) - mailTemplateEvent, err := r.addDefaultMailTemplate(ctx, iamAgg, NewIAMMailTemplateWriteModel(), &step.DefaultMailTemplate) + mailTemplateEvent, err := c.addDefaultMailTemplate(ctx, iamAgg, NewIAMMailTemplateWriteModel(), &step.DefaultMailTemplate) if err != nil { return nil, err } @@ -31,7 +31,7 @@ func (r *CommandSide) SetupStep10(ctx context.Context, step *Step10) error { mailTemplateEvent, } for _, text := range step.DefaultMailTexts { - defaultTextEvent, err := r.addDefaultMailText(ctx, iamAgg, NewIAMMailTextWriteModel(text.MailTextType, text.Language), &text) + defaultTextEvent, err := c.addDefaultMailText(ctx, iamAgg, NewIAMMailTextWriteModel(text.MailTextType, text.Language), &text) if err != nil { return nil, err } @@ -40,5 +40,5 @@ func (r *CommandSide) SetupStep10(ctx context.Context, step *Step10) error { logging.Log("SETUP-3N9fs").Info("default mail template/text set up") return events, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step11.go b/internal/command/setup_step11.go index fadc177383..147b043d09 100644 --- a/internal/command/setup_step11.go +++ b/internal/command/setup_step11.go @@ -16,17 +16,17 @@ func (s *Step11) Step() domain.Step { return domain.Step11 } -func (s *Step11) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step11) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep11(ctx, s) } -func (r *CommandSide) SetupStep11(ctx context.Context, step *Step11) error { +func (c *Commands) SetupStep11(ctx context.Context, step *Step11) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) var uniqueContraintMigrations []*domain.UniqueConstraintMigration if step.MigrateV1EventstoreToV2 { - uniqueConstraints := NewUniqueConstraintReadModel(ctx, r) - err := r.eventstore.FilterToQueryReducer(ctx, uniqueConstraints) + uniqueConstraints := NewUniqueConstraintReadModel(ctx, c) + err := c.eventstore.FilterToQueryReducer(ctx, uniqueConstraints) if err != nil { return nil, err } @@ -35,5 +35,5 @@ func (r *CommandSide) SetupStep11(ctx context.Context, step *Step11) error { logging.Log("SETUP-M9fsd").Info("migrate v1 eventstore to v2") return []eventstore.EventPusher{iam_repo.NewMigrateUniqueConstraintEvent(ctx, iamAgg, uniqueContraintMigrations)}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step2.go b/internal/command/setup_step2.go index da961a9d07..46b5327c36 100644 --- a/internal/command/setup_step2.go +++ b/internal/command/setup_step2.go @@ -17,14 +17,14 @@ func (s *Step2) Step() domain.Step { return domain.Step2 } -func (s *Step2) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step2) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep2(ctx, s) } -func (r *CommandSide) SetupStep2(ctx context.Context, step *Step2) error { +func (c *Commands) SetupStep2(ctx context.Context, step *Step2) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) - event, err := r.addDefaultPasswordComplexityPolicy(ctx, iamAgg, NewIAMPasswordComplexityPolicyWriteModel(), &domain.PasswordComplexityPolicy{ + event, err := c.addDefaultPasswordComplexityPolicy(ctx, iamAgg, NewIAMPasswordComplexityPolicyWriteModel(), &domain.PasswordComplexityPolicy{ MinLength: step.DefaultPasswordComplexityPolicy.MinLength, HasLowercase: step.DefaultPasswordComplexityPolicy.HasLowercase, HasUppercase: step.DefaultPasswordComplexityPolicy.HasUppercase, @@ -37,5 +37,5 @@ func (r *CommandSide) SetupStep2(ctx context.Context, step *Step2) error { logging.Log("SETUP-ADgd2").Info("default password complexity policy set up") return []eventstore.EventPusher{event}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step3.go b/internal/command/setup_step3.go index d4e6361e3a..840af25858 100644 --- a/internal/command/setup_step3.go +++ b/internal/command/setup_step3.go @@ -17,14 +17,14 @@ func (s *Step3) Step() domain.Step { return domain.Step3 } -func (s *Step3) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step3) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep3(ctx, s) } -func (r *CommandSide) SetupStep3(ctx context.Context, step *Step3) error { +func (c *Commands) SetupStep3(ctx context.Context, step *Step3) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) - event, err := r.addDefaultPasswordAgePolicy(ctx, iamAgg, NewIAMPasswordAgePolicyWriteModel(), &domain.PasswordAgePolicy{ + event, err := c.addDefaultPasswordAgePolicy(ctx, iamAgg, NewIAMPasswordAgePolicyWriteModel(), &domain.PasswordAgePolicy{ MaxAgeDays: step.DefaultPasswordAgePolicy.MaxAgeDays, ExpireWarnDays: step.DefaultPasswordAgePolicy.ExpireWarnDays, }) @@ -34,5 +34,5 @@ func (r *CommandSide) SetupStep3(ctx context.Context, step *Step3) error { logging.Log("SETUP-DBqgq").Info("default password age policy set up") return []eventstore.EventPusher{event}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step4.go b/internal/command/setup_step4.go index b6114ddd61..480f3addc9 100644 --- a/internal/command/setup_step4.go +++ b/internal/command/setup_step4.go @@ -17,14 +17,14 @@ func (s *Step4) Step() domain.Step { return domain.Step4 } -func (s *Step4) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step4) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep4(ctx, s) } -func (r *CommandSide) SetupStep4(ctx context.Context, step *Step4) error { +func (c *Commands) SetupStep4(ctx context.Context, step *Step4) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) - event, err := r.addDefaultPasswordLockoutPolicy(ctx, iamAgg, NewIAMPasswordLockoutPolicyWriteModel(), &domain.PasswordLockoutPolicy{ + event, err := c.addDefaultPasswordLockoutPolicy(ctx, iamAgg, NewIAMPasswordLockoutPolicyWriteModel(), &domain.PasswordLockoutPolicy{ MaxAttempts: step.DefaultPasswordLockoutPolicy.MaxAttempts, ShowLockOutFailures: step.DefaultPasswordLockoutPolicy.ShowLockOutFailures, }) @@ -34,5 +34,5 @@ func (r *CommandSide) SetupStep4(ctx context.Context, step *Step4) error { logging.Log("SETUP-Bfnge").Info("default password lockout policy set up") return []eventstore.EventPusher{event}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step5.go b/internal/command/setup_step5.go index 78e0bb87de..33d2e68a51 100644 --- a/internal/command/setup_step5.go +++ b/internal/command/setup_step5.go @@ -17,14 +17,14 @@ func (s *Step5) Step() domain.Step { return domain.Step5 } -func (s *Step5) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step5) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep5(ctx, s) } -func (r *CommandSide) SetupStep5(ctx context.Context, step *Step5) error { +func (c *Commands) SetupStep5(ctx context.Context, step *Step5) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) - event, err := r.addDefaultOrgIAMPolicy(ctx, iamAgg, NewIAMOrgIAMPolicyWriteModel(), &domain.OrgIAMPolicy{ + event, err := c.addDefaultOrgIAMPolicy(ctx, iamAgg, NewIAMOrgIAMPolicyWriteModel(), &domain.OrgIAMPolicy{ UserLoginMustBeDomain: step.DefaultOrgIAMPolicy.UserLoginMustBeDomain, }) if err != nil { @@ -33,5 +33,5 @@ func (r *CommandSide) SetupStep5(ctx context.Context, step *Step5) error { logging.Log("SETUP-ADgd2").Info("default org iam policy set up") return []eventstore.EventPusher{event}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step6.go b/internal/command/setup_step6.go index bfa6b7ff03..70818f1f7a 100644 --- a/internal/command/setup_step6.go +++ b/internal/command/setup_step6.go @@ -17,14 +17,14 @@ func (s *Step6) Step() domain.Step { return domain.Step6 } -func (s *Step6) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step6) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep6(ctx, s) } -func (r *CommandSide) SetupStep6(ctx context.Context, step *Step6) error { +func (c *Commands) SetupStep6(ctx context.Context, step *Step6) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel) - event, err := r.addDefaultLabelPolicy(ctx, iamAgg, NewIAMLabelPolicyWriteModel(), &domain.LabelPolicy{ + event, err := c.addDefaultLabelPolicy(ctx, iamAgg, NewIAMLabelPolicyWriteModel(), &domain.LabelPolicy{ PrimaryColor: step.DefaultLabelPolicy.PrimaryColor, SecondaryColor: step.DefaultLabelPolicy.SecondaryColor, }) @@ -34,5 +34,5 @@ func (r *CommandSide) SetupStep6(ctx context.Context, step *Step6) error { logging.Log("SETUP-ADgd2").Info("default label policy set up") return []eventstore.EventPusher{event}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step7.go b/internal/command/setup_step7.go index ab868186f9..326b4ebd06 100644 --- a/internal/command/setup_step7.go +++ b/internal/command/setup_step7.go @@ -16,23 +16,23 @@ func (s *Step7) Step() domain.Step { return domain.Step7 } -func (s *Step7) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step7) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep7(ctx, s) } -func (r *CommandSide) SetupStep7(ctx context.Context, step *Step7) error { +func (c *Commands) SetupStep7(ctx context.Context, step *Step7) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { secondFactorModel := NewIAMSecondFactorWriteModel() iamAgg := IAMAggregateFromWriteModel(&secondFactorModel.SecondFactorWriteModel.WriteModel) if !step.OTP { return []eventstore.EventPusher{}, nil } - event, err := r.addSecondFactorToDefaultLoginPolicy(ctx, iamAgg, secondFactorModel, domain.SecondFactorTypeOTP) + event, err := c.addSecondFactorToDefaultLoginPolicy(ctx, iamAgg, secondFactorModel, domain.SecondFactorTypeOTP) if err != nil { return nil, err } logging.Log("SETUP-Dggsg").Info("added OTP to 2FA login policy") return []eventstore.EventPusher{event}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step8.go b/internal/command/setup_step8.go index 0a308bb764..e7273eb2c4 100644 --- a/internal/command/setup_step8.go +++ b/internal/command/setup_step8.go @@ -16,23 +16,23 @@ func (s *Step8) Step() domain.Step { return domain.Step8 } -func (s *Step8) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step8) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep8(ctx, s) } -func (r *CommandSide) SetupStep8(ctx context.Context, step *Step8) error { +func (c *Commands) SetupStep8(ctx context.Context, step *Step8) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { secondFactorModel := NewIAMSecondFactorWriteModel() iamAgg := IAMAggregateFromWriteModel(&secondFactorModel.SecondFactorWriteModel.WriteModel) if !step.U2F { return []eventstore.EventPusher{}, nil } - event, err := r.addSecondFactorToDefaultLoginPolicy(ctx, iamAgg, secondFactorModel, domain.SecondFactorTypeU2F) + event, err := c.addSecondFactorToDefaultLoginPolicy(ctx, iamAgg, secondFactorModel, domain.SecondFactorTypeU2F) if err != nil { return nil, err } logging.Log("SETUP-BDhne").Info("added U2F to 2FA login policy") return []eventstore.EventPusher{event}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } diff --git a/internal/command/setup_step9.go b/internal/command/setup_step9.go index bbf1e0e887..1138fe608f 100644 --- a/internal/command/setup_step9.go +++ b/internal/command/setup_step9.go @@ -16,33 +16,33 @@ func (s *Step9) Step() domain.Step { return domain.Step9 } -func (s *Step9) execute(ctx context.Context, commandSide *CommandSide) error { +func (s *Step9) execute(ctx context.Context, commandSide *Commands) error { return commandSide.SetupStep9(ctx, s) } -func (r *CommandSide) SetupStep9(ctx context.Context, step *Step9) error { +func (c *Commands) SetupStep9(ctx context.Context, step *Step9) error { fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) { multiFactorModel := NewIAMMultiFactorWriteModel() iamAgg := IAMAggregateFromWriteModel(&multiFactorModel.MultiFactoryWriteModel.WriteModel) if !step.Passwordless { return []eventstore.EventPusher{}, nil } - passwordlessEvent, err := setPasswordlessAllowedInPolicy(ctx, r, iamAgg) + passwordlessEvent, err := setPasswordlessAllowedInPolicy(ctx, c, iamAgg) if err != nil { return nil, err } logging.Log("SETUP-AEG2t").Info("allowed passwordless in login policy") - multifactorEvent, err := r.addMultiFactorToDefaultLoginPolicy(ctx, iamAgg, multiFactorModel, domain.MultiFactorTypeU2FWithPIN) + multifactorEvent, err := c.addMultiFactorToDefaultLoginPolicy(ctx, iamAgg, multiFactorModel, domain.MultiFactorTypeU2FWithPIN) if err != nil { return nil, err } logging.Log("SETUP-ADfng").Info("added passwordless to MFA login policy") return []eventstore.EventPusher{passwordlessEvent, multifactorEvent}, nil } - return r.setup(ctx, step, fn) + return c.setup(ctx, step, fn) } -func setPasswordlessAllowedInPolicy(ctx context.Context, c *CommandSide, iamAgg *eventstore.Aggregate) (eventstore.EventPusher, error) { +func setPasswordlessAllowedInPolicy(ctx context.Context, c *Commands, iamAgg *eventstore.Aggregate) (eventstore.EventPusher, error) { policy, err := c.getDefaultLoginPolicy(ctx) if err != nil { return nil, err diff --git a/internal/command/user.go b/internal/command/user.go index 08eef70af8..6f1cdaf32a 100644 --- a/internal/command/user.go +++ b/internal/command/user.go @@ -15,12 +15,12 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (cs *CommandSide) ChangeUsername(ctx context.Context, orgID, userID, userName string) error { +func (c *Commands) ChangeUsername(ctx context.Context, orgID, userID, userName string) error { if orgID == "" || userID == "" || userName == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2N9fs", "Errors.IDMissing") } - existingUser, err := cs.userWriteModelByID(ctx, userID, orgID) + existingUser, err := c.userWriteModelByID(ctx, userID, orgID) if err != nil { return err } @@ -33,7 +33,7 @@ func (cs *CommandSide) ChangeUsername(ctx context.Context, orgID, userID, userNa return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-6m9gs", "Errors.User.UsernameNotChanged") } - orgIAMPolicy, err := cs.getOrgIAMPolicy(ctx, orgID) + orgIAMPolicy, err := c.getOrgIAMPolicy(ctx, orgID) if err != nil { return err } @@ -43,18 +43,18 @@ func (cs *CommandSide) ChangeUsername(ctx context.Context, orgID, userID, userNa } userAgg := UserAggregateFromWriteModel(&existingUser.WriteModel) - _, err = cs.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewUsernameChangedEvent(ctx, userAgg, existingUser.UserName, userName, orgIAMPolicy.UserLoginMustBeDomain)) return err } -func (r *CommandSide) DeactivateUser(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) DeactivateUser(ctx context.Context, userID, resourceOwner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-m0gDf", "Errors.User.UserIDMissing") } - existingUser, err := r.userWriteModelByID(ctx, userID, resourceOwner) + existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -65,17 +65,17 @@ func (r *CommandSide) DeactivateUser(ctx context.Context, userID, resourceOwner return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-5M0sf", "Errors.User.AlreadyInactive") } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewUserDeactivatedEvent(ctx, UserAggregateFromWriteModel(&existingUser.WriteModel))) return err } -func (r *CommandSide) ReactivateUser(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) ReactivateUser(ctx context.Context, userID, resourceOwner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4M9ds", "Errors.User.UserIDMissing") } - existingUser, err := r.userWriteModelByID(ctx, userID, resourceOwner) + existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -86,17 +86,17 @@ func (r *CommandSide) ReactivateUser(ctx context.Context, userID, resourceOwner return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-6M0sf", "Errors.User.NotInactive") } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewUserReactivatedEvent(ctx, UserAggregateFromWriteModel(&existingUser.WriteModel))) return err } -func (r *CommandSide) LockUser(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) LockUser(ctx context.Context, userID, resourceOwner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2M0sd", "Errors.User.UserIDMissing") } - existingUser, err := r.userWriteModelByID(ctx, userID, resourceOwner) + existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -107,17 +107,17 @@ func (r *CommandSide) LockUser(ctx context.Context, userID, resourceOwner string return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3NN8v", "Errors.User.ShouldBeActiveOrInitial") } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewUserLockedEvent(ctx, UserAggregateFromWriteModel(&existingUser.WriteModel))) return err } -func (r *CommandSide) UnlockUser(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) UnlockUser(ctx context.Context, userID, resourceOwner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-M0dse", "Errors.User.UserIDMissing") } - existingUser, err := r.userWriteModelByID(ctx, userID, resourceOwner) + existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -128,17 +128,17 @@ func (r *CommandSide) UnlockUser(ctx context.Context, userID, resourceOwner stri return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4M0ds", "Errors.User.NotLocked") } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewUserUnlockedEvent(ctx, UserAggregateFromWriteModel(&existingUser.WriteModel))) return err } -func (r *CommandSide) RemoveUser(ctx context.Context, userID, resourceOwner string, cascadingGrantIDs ...string) error { +func (c *Commands) RemoveUser(ctx context.Context, userID, resourceOwner string, cascadingGrantIDs ...string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2M0ds", "Errors.User.UserIDMissing") } - existingUser, err := r.userWriteModelByID(ctx, userID, resourceOwner) + existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -146,7 +146,7 @@ func (r *CommandSide) RemoveUser(ctx context.Context, userID, resourceOwner stri return caos_errs.ThrowNotFound(nil, "COMMAND-5M0od", "Errors.User.NotFound") } - orgIAMPolicy, err := r.getOrgIAMPolicy(ctx, existingUser.ResourceOwner) + orgIAMPolicy, err := c.getOrgIAMPolicy(ctx, existingUser.ResourceOwner) if err != nil { return err } @@ -155,7 +155,7 @@ func (r *CommandSide) RemoveUser(ctx context.Context, userID, resourceOwner stri events = append(events, user.NewUserRemovedEvent(ctx, userAgg, existingUser.UserName, orgIAMPolicy.UserLoginMustBeDomain)) for _, grantID := range cascadingGrantIDs { - removeEvent, err := r.removeUserGrant(ctx, grantID, "", true) + removeEvent, err := c.removeUserGrant(ctx, grantID, "", true) if err != nil { logging.LogWithFields("COMMAND-5m9oL", "usergrantid", grantID).WithError(err).Warn("could not cascade remove role on user grant") continue @@ -163,16 +163,16 @@ func (r *CommandSide) RemoveUser(ctx context.Context, userID, resourceOwner stri events = append(events, removeEvent) } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) AddUserToken(ctx context.Context, orgID, agentID, clientID, userID string, audience, scopes []string, lifetime time.Duration) (*domain.Token, error) { +func (c *Commands) AddUserToken(ctx context.Context, orgID, agentID, clientID, userID string, audience, scopes []string, lifetime time.Duration) (*domain.Token, error) { if orgID == "" || userID == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-55n8M", "Errors.IDMissing") } - existingUser, err := r.userWriteModelByID(ctx, userID, orgID) + existingUser, err := c.userWriteModelByID(ctx, userID, orgID) if err != nil { return nil, err } @@ -183,18 +183,18 @@ func (r *CommandSide) AddUserToken(ctx context.Context, orgID, agentID, clientID audience = domain.AddAudScopeToAudience(audience, scopes) preferredLanguage := "" - existingHuman, err := r.getHumanWriteModelByID(ctx, userID, orgID) + existingHuman, err := c.getHumanWriteModelByID(ctx, userID, orgID) if existingHuman != nil { preferredLanguage = existingHuman.PreferredLanguage.String() } expiration := time.Now().UTC().Add(lifetime) - tokenID, err := r.idGenerator.Next() + tokenID, err := c.idGenerator.Next() if err != nil { return nil, err } userAgg := UserAggregateFromWriteModel(&existingUser.WriteModel) - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewUserTokenAddedEvent(ctx, userAgg, tokenID, clientID, agentID, preferredLanguage, audience, scopes, expiration)) if err != nil { return nil, err @@ -214,8 +214,8 @@ func (r *CommandSide) AddUserToken(ctx context.Context, orgID, agentID, clientID }, nil } -func (r *CommandSide) userDomainClaimed(ctx context.Context, userID string) (events []eventstore.EventPusher, _ *UserWriteModel, err error) { - existingUser, err := r.userWriteModelByID(ctx, userID, "") +func (c *Commands) userDomainClaimed(ctx context.Context, userID string) (events []eventstore.EventPusher, _ *UserWriteModel, err error) { + existingUser, err := c.userWriteModelByID(ctx, userID, "") if err != nil { return nil, nil, err } @@ -225,12 +225,12 @@ func (r *CommandSide) userDomainClaimed(ctx context.Context, userID string) (eve changedUserGrant := NewUserWriteModel(userID, existingUser.ResourceOwner) userAgg := UserAggregateFromWriteModel(&changedUserGrant.WriteModel) - orgIAMPolicy, err := r.getOrgIAMPolicy(ctx, existingUser.ResourceOwner) + orgIAMPolicy, err := c.getOrgIAMPolicy(ctx, existingUser.ResourceOwner) if err != nil { return nil, nil, err } - id, err := r.idGenerator.Next() + id, err := c.idGenerator.Next() if err != nil { return nil, nil, err } @@ -238,14 +238,14 @@ func (r *CommandSide) userDomainClaimed(ctx context.Context, userID string) (eve user.NewDomainClaimedEvent( ctx, userAgg, - fmt.Sprintf("%s@temporary.%s", id, r.iamDomain), + fmt.Sprintf("%s@temporary.%s", id, c.iamDomain), existingUser.UserName, orgIAMPolicy.UserLoginMustBeDomain), }, changedUserGrant, nil } -func (r *CommandSide) UserDomainClaimedSent(ctx context.Context, orgID, userID string) (err error) { - existingUser, err := r.userWriteModelByID(ctx, userID, orgID) +func (c *Commands) UserDomainClaimedSent(ctx context.Context, orgID, userID string) (err error) { + existingUser, err := c.userWriteModelByID(ctx, userID, orgID) if err != nil { return err } @@ -253,13 +253,13 @@ func (r *CommandSide) UserDomainClaimedSent(ctx context.Context, orgID, userID s return caos_errs.ThrowNotFound(nil, "COMMAND-5m9gK", "Errors.User.NotFound") } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewDomainClaimedSentEvent(ctx, UserAggregateFromWriteModel(&existingUser.WriteModel))) return err } -func (r *CommandSide) checkUserExists(ctx context.Context, userID, resourceOwner string) error { - existingUser, err := r.userWriteModelByID(ctx, userID, resourceOwner) +func (c *Commands) checkUserExists(ctx context.Context, userID, resourceOwner string) error { + existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -269,12 +269,12 @@ func (r *CommandSide) checkUserExists(ctx context.Context, userID, resourceOwner return nil } -func (r *CommandSide) userWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *UserWriteModel, err error) { +func (c *Commands) userWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *UserWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewUserWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_grant.go b/internal/command/user_grant.go index a6e92f355e..7ec36b78c4 100644 --- a/internal/command/user_grant.go +++ b/internal/command/user_grant.go @@ -11,12 +11,12 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddUserGrant(ctx context.Context, usergrant *domain.UserGrant, resourceOwner string) (_ *domain.UserGrant, err error) { - event, addedUserGrant, err := r.addUserGrant(ctx, usergrant, resourceOwner) +func (c *Commands) AddUserGrant(ctx context.Context, usergrant *domain.UserGrant, resourceOwner string) (_ *domain.UserGrant, err error) { + event, addedUserGrant, err := c.addUserGrant(ctx, usergrant, resourceOwner) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -28,7 +28,7 @@ func (r *CommandSide) AddUserGrant(ctx context.Context, usergrant *domain.UserGr return userGrantWriteModelToUserGrant(addedUserGrant), nil } -func (r *CommandSide) addUserGrant(ctx context.Context, userGrant *domain.UserGrant, resourceOwner string) (pusher eventstore.EventPusher, _ *UserGrantWriteModel, err error) { +func (c *Commands) addUserGrant(ctx context.Context, userGrant *domain.UserGrant, resourceOwner string) (pusher eventstore.EventPusher, _ *UserGrantWriteModel, err error) { err = checkExplicitProjectPermission(ctx, userGrant.ProjectGrantID, userGrant.ProjectID) if err != nil { return nil, nil, err @@ -36,15 +36,15 @@ func (r *CommandSide) addUserGrant(ctx context.Context, userGrant *domain.UserGr if !userGrant.IsValid() { return nil, nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4M0fs", "Errors.UserGrant.Invalid") } - err = r.checkUserExists(ctx, userGrant.UserID, "") + err = c.checkUserExists(ctx, userGrant.UserID, "") if err != nil { return nil, nil, err } - err = r.checkProjectExists(ctx, userGrant.ProjectID, resourceOwner) + err = c.checkProjectExists(ctx, userGrant.ProjectID, resourceOwner) if err != nil { return nil, nil, err } - userGrant.AggregateID, err = r.idGenerator.Next() + userGrant.AggregateID, err = c.idGenerator.Next() if err != nil { return nil, nil, err } @@ -62,12 +62,12 @@ func (r *CommandSide) addUserGrant(ctx context.Context, userGrant *domain.UserGr return pusher, addedUserGrant, nil } -func (r *CommandSide) ChangeUserGrant(ctx context.Context, userGrant *domain.UserGrant, resourceOwner string) (_ *domain.UserGrant, err error) { - event, changedUserGrant, err := r.changeUserGrant(ctx, userGrant, resourceOwner, false) +func (c *Commands) ChangeUserGrant(ctx context.Context, userGrant *domain.UserGrant, resourceOwner string) (_ *domain.UserGrant, err error) { + event, changedUserGrant, err := c.changeUserGrant(ctx, userGrant, resourceOwner, false) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, event) + pushedEvents, err := c.eventstore.PushEvents(ctx, event) if err != nil { return nil, err } @@ -78,7 +78,7 @@ func (r *CommandSide) ChangeUserGrant(ctx context.Context, userGrant *domain.Use return userGrantWriteModelToUserGrant(changedUserGrant), nil } -func (r *CommandSide) changeUserGrant(ctx context.Context, userGrant *domain.UserGrant, resourceOwner string, cascade bool) (_ eventstore.EventPusher, _ *UserGrantWriteModel, err error) { +func (c *Commands) changeUserGrant(ctx context.Context, userGrant *domain.UserGrant, resourceOwner string, cascade bool) (_ eventstore.EventPusher, _ *UserGrantWriteModel, err error) { err = checkExplicitProjectPermission(ctx, userGrant.ProjectGrantID, userGrant.ProjectID) if err != nil { return nil, nil, err @@ -87,7 +87,7 @@ func (r *CommandSide) changeUserGrant(ctx context.Context, userGrant *domain.Use return nil, nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3M0sd", "Errors.UserGrant.Invalid") } - existingUserGrant, err := r.userGrantWriteModelByID(ctx, userGrant.AggregateID, userGrant.ResourceOwner) + existingUserGrant, err := c.userGrantWriteModelByID(ctx, userGrant.AggregateID, userGrant.ResourceOwner) if err != nil { return nil, nil, err } @@ -107,8 +107,8 @@ func (r *CommandSide) changeUserGrant(ctx context.Context, userGrant *domain.Use return usergrant.NewUserGrantChangedEvent(ctx, userGrantAgg, userGrant.RoleKeys), existingUserGrant, nil } -func (r *CommandSide) removeRoleFromUserGrant(ctx context.Context, userGrantID string, roleKeys []string, cascade bool) (_ eventstore.EventPusher, err error) { - existingUserGrant, err := r.userGrantWriteModelByID(ctx, userGrantID, "") +func (c *Commands) removeRoleFromUserGrant(ctx context.Context, userGrantID string, roleKeys []string, cascade bool) (_ eventstore.EventPusher, err error) { + existingUserGrant, err := c.userGrantWriteModelByID(ctx, userGrantID, "") if err != nil { return nil, err } @@ -140,12 +140,12 @@ func (r *CommandSide) removeRoleFromUserGrant(ctx context.Context, userGrantID s return usergrant.NewUserGrantChangedEvent(ctx, userGrantAgg, existingUserGrant.RoleKeys), nil } -func (r *CommandSide) DeactivateUserGrant(ctx context.Context, grantID, resourceOwner string) (err error) { +func (c *Commands) DeactivateUserGrant(ctx context.Context, grantID, resourceOwner string) (err error) { if grantID == "" || resourceOwner == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-M0dsf", "Errors.UserGrant.IDMissing") } - existingUserGrant, err := r.userGrantWriteModelByID(ctx, grantID, resourceOwner) + existingUserGrant, err := c.userGrantWriteModelByID(ctx, grantID, resourceOwner) if err != nil { return err } @@ -162,16 +162,16 @@ func (r *CommandSide) DeactivateUserGrant(ctx context.Context, grantID, resource deactivateUserGrant := NewUserGrantWriteModel(grantID, resourceOwner) userGrantAgg := UserGrantAggregateFromWriteModel(&deactivateUserGrant.WriteModel) - _, err = r.eventstore.PushEvents(ctx, usergrant.NewUserGrantDeactivatedEvent(ctx, userGrantAgg)) + _, err = c.eventstore.PushEvents(ctx, usergrant.NewUserGrantDeactivatedEvent(ctx, userGrantAgg)) return err } -func (r *CommandSide) ReactivateUserGrant(ctx context.Context, grantID, resourceOwner string) (err error) { +func (c *Commands) ReactivateUserGrant(ctx context.Context, grantID, resourceOwner string) (err error) { if grantID == "" || resourceOwner == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-Qxy8v", "Errors.UserGrant.IDMissing") } - existingUserGrant, err := r.userGrantWriteModelByID(ctx, grantID, resourceOwner) + existingUserGrant, err := c.userGrantWriteModelByID(ctx, grantID, resourceOwner) if err != nil { return err } @@ -188,39 +188,39 @@ func (r *CommandSide) ReactivateUserGrant(ctx context.Context, grantID, resource deactivateUserGrant := NewUserGrantWriteModel(grantID, resourceOwner) userGrantAgg := UserGrantAggregateFromWriteModel(&deactivateUserGrant.WriteModel) - _, err = r.eventstore.PushEvents(ctx, usergrant.NewUserGrantReactivatedEvent(ctx, userGrantAgg)) + _, err = c.eventstore.PushEvents(ctx, usergrant.NewUserGrantReactivatedEvent(ctx, userGrantAgg)) return err } -func (r *CommandSide) RemoveUserGrant(ctx context.Context, grantID, resourceOwner string) (err error) { - event, err := r.removeUserGrant(ctx, grantID, resourceOwner, false) +func (c *Commands) RemoveUserGrant(ctx context.Context, grantID, resourceOwner string) (err error) { + event, err := c.removeUserGrant(ctx, grantID, resourceOwner, false) if err != nil { return nil } - _, err = r.eventstore.PushEvents(ctx, event) + _, err = c.eventstore.PushEvents(ctx, event) return err } -func (r *CommandSide) BulkRemoveUserGrant(ctx context.Context, grantIDs []string, resourceOwner string) (err error) { +func (c *Commands) BulkRemoveUserGrant(ctx context.Context, grantIDs []string, resourceOwner string) (err error) { events := make([]eventstore.EventPusher, len(grantIDs)) for i, grantID := range grantIDs { - event, err := r.removeUserGrant(ctx, grantID, resourceOwner, false) + event, err := c.removeUserGrant(ctx, grantID, resourceOwner, false) if err != nil { return nil } events[i] = event } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) removeUserGrant(ctx context.Context, grantID, resourceOwner string, cascade bool) (_ eventstore.EventPusher, err error) { +func (c *Commands) removeUserGrant(ctx context.Context, grantID, resourceOwner string, cascade bool) (_ eventstore.EventPusher, err error) { if grantID == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-J9sc5", "Errors.UserGrant.IDMissing") } - existingUserGrant, err := r.userGrantWriteModelByID(ctx, grantID, resourceOwner) + existingUserGrant, err := c.userGrantWriteModelByID(ctx, grantID, resourceOwner) if err != nil { return nil, err } @@ -252,12 +252,12 @@ func (r *CommandSide) removeUserGrant(ctx context.Context, grantID, resourceOwne existingUserGrant.ProjectID, existingUserGrant.ProjectGrantID), nil } -func (r *CommandSide) userGrantWriteModelByID(ctx context.Context, userGrantID, resourceOwner string) (writeModel *UserGrantWriteModel, err error) { +func (c *Commands) userGrantWriteModelByID(ctx context.Context, userGrantID, resourceOwner string) (writeModel *UserGrantWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewUserGrantWriteModel(userGrantID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human.go b/internal/command/user_human.go index 4711b27855..0025795283 100644 --- a/internal/command/user_human.go +++ b/internal/command/user_human.go @@ -10,8 +10,8 @@ import ( "github.com/caos/zitadel/internal/repository/user" ) -func (r *CommandSide) getHuman(ctx context.Context, userID, resourceowner string) (*domain.Human, error) { - human, err := r.getHumanWriteModelByID(ctx, userID, resourceowner) +func (c *Commands) getHuman(ctx context.Context, userID, resourceowner string) (*domain.Human, error) { + human, err := c.getHumanWriteModelByID(ctx, userID, resourceowner) if err != nil { return nil, err } @@ -21,12 +21,12 @@ func (r *CommandSide) getHuman(ctx context.Context, userID, resourceowner string return writeModelToHuman(human), nil } -func (r *CommandSide) AddHuman(ctx context.Context, orgID string, human *domain.Human) (*domain.Human, error) { - events, addedHuman, err := r.addHuman(ctx, orgID, human) +func (c *Commands) AddHuman(ctx context.Context, orgID string, human *domain.Human) (*domain.Human, error) { + events, addedHuman, err := c.addHuman(ctx, orgID, human) if err != nil { return nil, err } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -39,15 +39,15 @@ func (r *CommandSide) AddHuman(ctx context.Context, orgID string, human *domain. return writeModelToHuman(addedHuman), nil } -func (r *CommandSide) addHuman(ctx context.Context, orgID string, human *domain.Human) ([]eventstore.EventPusher, *HumanWriteModel, error) { +func (c *Commands) addHuman(ctx context.Context, orgID string, human *domain.Human) ([]eventstore.EventPusher, *HumanWriteModel, error) { if !human.IsValid() { return nil, nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-4M90d", "Errors.User.Invalid") } - return r.createHuman(ctx, orgID, human, nil, false) + return c.createHuman(ctx, orgID, human, nil, false) } -func (r *CommandSide) RegisterHuman(ctx context.Context, orgID string, human *domain.Human, externalIDP *domain.ExternalIDP, orgMemberRoles []string) (*domain.Human, error) { - userEvents, registeredHuman, err := r.registerHuman(ctx, orgID, human, externalIDP) +func (c *Commands) RegisterHuman(ctx context.Context, orgID string, human *domain.Human, externalIDP *domain.ExternalIDP, orgMemberRoles []string) (*domain.Human, error) { + userEvents, registeredHuman, err := c.registerHuman(ctx, orgID, human, externalIDP) if err != nil { return nil, err } @@ -62,14 +62,14 @@ func (r *CommandSide) RegisterHuman(ctx context.Context, orgID string, human *do UserID: human.AggregateID, Roles: orgMemberRoles, } - memberEvent, err := r.addOrgMember(ctx, orgAgg, orgMemberWriteModel, orgMember) + memberEvent, err := c.addOrgMember(ctx, orgAgg, orgMemberWriteModel, orgMember) if err != nil { return nil, err } userEvents = append(userEvents, memberEvent) } - pushedEvents, err := r.eventstore.PushEvents(ctx, userEvents...) + pushedEvents, err := c.eventstore.PushEvents(ctx, userEvents...) if err != nil { return nil, err } @@ -81,24 +81,24 @@ func (r *CommandSide) RegisterHuman(ctx context.Context, orgID string, human *do return writeModelToHuman(registeredHuman), nil } -func (r *CommandSide) registerHuman(ctx context.Context, orgID string, human *domain.Human, externalIDP *domain.ExternalIDP) ([]eventstore.EventPusher, *HumanWriteModel, error) { +func (c *Commands) registerHuman(ctx context.Context, orgID string, human *domain.Human, externalIDP *domain.ExternalIDP) ([]eventstore.EventPusher, *HumanWriteModel, error) { if !human.IsValid() || externalIDP == nil && (human.Password == nil || human.SecretString == "") { return nil, nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-9dk45", "Errors.User.Invalid") } - return r.createHuman(ctx, orgID, human, externalIDP, true) + return c.createHuman(ctx, orgID, human, externalIDP, true) } -func (r *CommandSide) createHuman(ctx context.Context, orgID string, human *domain.Human, externalIDP *domain.ExternalIDP, selfregister bool) ([]eventstore.EventPusher, *HumanWriteModel, error) { - userID, err := r.idGenerator.Next() +func (c *Commands) createHuman(ctx context.Context, orgID string, human *domain.Human, externalIDP *domain.ExternalIDP, selfregister bool) ([]eventstore.EventPusher, *HumanWriteModel, error) { + userID, err := c.idGenerator.Next() if err != nil { return nil, nil, err } human.AggregateID = userID - orgIAMPolicy, err := r.getOrgIAMPolicy(ctx, orgID) + orgIAMPolicy, err := c.getOrgIAMPolicy(ctx, orgID) if err != nil { return nil, nil, err } - pwPolicy, err := r.getOrgPasswordComplexityPolicy(ctx, orgID) + pwPolicy, err := c.getOrgPasswordComplexityPolicy(ctx, orgID) if err != nil { return nil, nil, err } @@ -106,7 +106,7 @@ func (r *CommandSide) createHuman(ctx context.Context, orgID string, human *doma return nil, nil, err } human.SetNamesAsDisplayname() - if err := human.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg, true); err != nil { + if err := human.HashPasswordIfExisting(pwPolicy, c.userPasswordAlg, true); err != nil { return nil, nil, err } addedHuman := NewHumanWriteModel(human.AggregateID, orgID) @@ -121,7 +121,7 @@ func (r *CommandSide) createHuman(ctx context.Context, orgID string, human *doma } if externalIDP != nil { - event, err := r.addHumanExternalIDP(ctx, userAgg, externalIDP) + event, err := c.addHumanExternalIDP(ctx, userAgg, externalIDP) if err != nil { return nil, nil, err } @@ -129,7 +129,7 @@ func (r *CommandSide) createHuman(ctx context.Context, orgID string, human *doma } if human.IsInitialState() { - initCode, err := domain.NewInitUserCode(r.initializeUserCode) + initCode, err := domain.NewInitUserCode(c.initializeUserCode) if err != nil { return nil, nil, err } @@ -141,7 +141,7 @@ func (r *CommandSide) createHuman(ctx context.Context, orgID string, human *doma } if human.Phone != nil && human.PhoneNumber != "" && !human.IsPhoneVerified { - phoneCode, err := domain.NewPhoneCode(r.phoneVerificationCode) + phoneCode, err := domain.NewPhoneCode(c.phoneVerificationCode) if err != nil { return nil, nil, err } @@ -153,12 +153,12 @@ func (r *CommandSide) createHuman(ctx context.Context, orgID string, human *doma return events, addedHuman, nil } -func (r *CommandSide) HumanSkipMFAInit(ctx context.Context, userID, resourceowner string) (err error) { +func (c *Commands) HumanSkipMFAInit(ctx context.Context, userID, resourceowner string) (err error) { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2xpX9", "Errors.User.UserIDMissing") } - existingHuman, err := r.getHumanWriteModelByID(ctx, userID, resourceowner) + existingHuman, err := c.getHumanWriteModelByID(ctx, userID, resourceowner) if err != nil { return err } @@ -166,7 +166,7 @@ func (r *CommandSide) HumanSkipMFAInit(ctx context.Context, userID, resourceowne return caos_errs.ThrowNotFound(nil, "COMMAND-m9cV8", "Errors.User.NotFound") } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewHumanMFAInitSkippedEvent(ctx, UserAggregateFromWriteModel(&existingHuman.WriteModel))) return err } @@ -234,13 +234,13 @@ func createRegisterHumanEvent(ctx context.Context, aggregate *eventstore.Aggrega return addEvent } -func (r *CommandSide) HumansSignOut(ctx context.Context, agentID string, userIDs []string) error { +func (c *Commands) HumansSignOut(ctx context.Context, agentID string, userIDs []string) error { if agentID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2M0ds", "Errors.User.UserIDMissing") } events := make([]eventstore.EventPusher, len(userIDs)) for i, userID := range userIDs { - existingUser, err := r.getHumanWriteModelByID(ctx, userID, "") + existingUser, err := c.getHumanWriteModelByID(ctx, userID, "") if err != nil { return err } @@ -253,13 +253,13 @@ func (r *CommandSide) HumansSignOut(ctx context.Context, agentID string, userIDs agentID) } - _, err := r.eventstore.PushEvents(ctx, events...) + _, err := c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) getHumanWriteModelByID(ctx context.Context, userID, resourceowner string) (*HumanWriteModel, error) { +func (c *Commands) getHumanWriteModelByID(ctx context.Context, userID, resourceowner string) (*HumanWriteModel, error) { humanWriteModel := NewHumanWriteModel(userID, resourceowner) - err := r.eventstore.FilterToQueryReducer(ctx, humanWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, humanWriteModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_address.go b/internal/command/user_human_address.go index 2f55889b66..e24f4c8eeb 100644 --- a/internal/command/user_human_address.go +++ b/internal/command/user_human_address.go @@ -7,8 +7,8 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) ChangeHumanAddress(ctx context.Context, address *domain.Address) (*domain.Address, error) { - existingAddress, err := r.addressWriteModel(ctx, address.AggregateID, address.ResourceOwner) +func (c *Commands) ChangeHumanAddress(ctx context.Context, address *domain.Address) (*domain.Address, error) { + existingAddress, err := c.addressWriteModel(ctx, address.AggregateID, address.ResourceOwner) if err != nil { return nil, err } @@ -20,7 +20,7 @@ func (r *CommandSide) ChangeHumanAddress(ctx context.Context, address *domain.Ad if !hasChanged { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3M0cs", "Errors.User.Address.NotChanged") } - pushedEvents, err := r.eventstore.PushEvents(ctx, changedEvent) + pushedEvents, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -31,12 +31,12 @@ func (r *CommandSide) ChangeHumanAddress(ctx context.Context, address *domain.Ad return writeModelToAddress(existingAddress), nil } -func (r *CommandSide) addressWriteModel(ctx context.Context, userID, resourceOwner string) (writeModel *HumanAddressWriteModel, err error) { +func (c *Commands) addressWriteModel(ctx context.Context, userID, resourceOwner string) (writeModel *HumanAddressWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanAddressWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_email.go b/internal/command/user_human_email.go index e9f62172e1..1348ee0370 100644 --- a/internal/command/user_human_email.go +++ b/internal/command/user_human_email.go @@ -11,12 +11,12 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) ChangeHumanEmail(ctx context.Context, email *domain.Email) (*domain.Email, error) { +func (c *Commands) ChangeHumanEmail(ctx context.Context, email *domain.Email) (*domain.Email, error) { if !email.IsValid() || email.AggregateID == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4M9sf", "Errors.Email.Invalid") } - existingEmail, err := r.emailWriteModel(ctx, email.AggregateID, email.ResourceOwner) + existingEmail, err := c.emailWriteModel(ctx, email.AggregateID, email.ResourceOwner) if err != nil { return nil, err } @@ -34,14 +34,14 @@ func (r *CommandSide) ChangeHumanEmail(ctx context.Context, email *domain.Email) if email.IsEmailVerified { events = append(events, user.NewHumanEmailVerifiedEvent(ctx, userAgg)) } else { - emailCode, err := domain.NewEmailCode(r.emailVerificationCode) + emailCode, err := domain.NewEmailCode(c.emailVerificationCode) if err != nil { return nil, err } events = append(events, user.NewHumanEmailCodeAddedEvent(ctx, userAgg, emailCode.Code, emailCode.Expiry)) } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -52,7 +52,7 @@ func (r *CommandSide) ChangeHumanEmail(ctx context.Context, email *domain.Email) return writeModelToEmail(existingEmail), nil } -func (r *CommandSide) VerifyHumanEmail(ctx context.Context, userID, code, resourceowner string) error { +func (c *Commands) VerifyHumanEmail(ctx context.Context, userID, code, resourceowner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4M0ds", "Errors.User.UserIDMissing") } @@ -60,7 +60,7 @@ func (r *CommandSide) VerifyHumanEmail(ctx context.Context, userID, code, resour return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-çm0ds", "Errors.User.Code.Empty") } - existingCode, err := r.emailWriteModel(ctx, userID, resourceowner) + existingCode, err := c.emailWriteModel(ctx, userID, resourceowner) if err != nil { return err } @@ -69,23 +69,23 @@ func (r *CommandSide) VerifyHumanEmail(ctx context.Context, userID, code, resour } userAgg := UserAggregateFromWriteModel(&existingCode.WriteModel) - err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, r.emailVerificationCode) + err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, c.emailVerificationCode) if err == nil { - _, err = r.eventstore.PushEvents(ctx, user.NewHumanEmailVerifiedEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanEmailVerifiedEvent(ctx, userAgg)) return err } - _, err = r.eventstore.PushEvents(ctx, user.NewHumanEmailVerificationFailedEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanEmailVerificationFailedEvent(ctx, userAgg)) logging.LogWithFields("COMMAND-Dg2z5", "userID", userAgg.ID).OnError(err).Error("NewHumanEmailVerificationFailedEvent push failed") return caos_errs.ThrowInvalidArgument(err, "COMMAND-Gdsgs", "Errors.User.Code.Invalid") } -func (r *CommandSide) CreateHumanEmailVerificationCode(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) CreateHumanEmailVerificationCode(ctx context.Context, userID, resourceOwner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4M0ds", "Errors.User.UserIDMissing") } - existingEmail, err := r.emailWriteModel(ctx, userID, resourceOwner) + existingEmail, err := c.emailWriteModel(ctx, userID, resourceOwner) if err != nil { return err } @@ -99,16 +99,16 @@ func (r *CommandSide) CreateHumanEmailVerificationCode(ctx context.Context, user return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3M9ds", "Errors.User.Email.AlreadyVerified") } userAgg := UserAggregateFromWriteModel(&existingEmail.WriteModel) - emailCode, err := domain.NewEmailCode(r.emailVerificationCode) + emailCode, err := domain.NewEmailCode(c.emailVerificationCode) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, user.NewHumanEmailCodeAddedEvent(ctx, userAgg, emailCode.Code, emailCode.Expiry)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanEmailCodeAddedEvent(ctx, userAgg, emailCode.Code, emailCode.Expiry)) return err } -func (r *CommandSide) HumanEmailVerificationCodeSent(ctx context.Context, orgID, userID string) (err error) { - existingEmail, err := r.emailWriteModel(ctx, userID, orgID) +func (c *Commands) HumanEmailVerificationCodeSent(ctx context.Context, orgID, userID string) (err error) { + existingEmail, err := c.emailWriteModel(ctx, userID, orgID) if err != nil { return err } @@ -116,16 +116,16 @@ func (r *CommandSide) HumanEmailVerificationCodeSent(ctx context.Context, orgID, return caos_errs.ThrowNotFound(nil, "COMMAND-6n8uH", "Errors.User.Email.NotFound") } userAgg := UserAggregateFromWriteModel(&existingEmail.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanEmailCodeSentEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanEmailCodeSentEvent(ctx, userAgg)) return err } -func (r *CommandSide) emailWriteModel(ctx context.Context, userID, resourceOwner string) (writeModel *HumanEmailWriteModel, err error) { +func (c *Commands) emailWriteModel(ctx context.Context, userID, resourceOwner string) (writeModel *HumanEmailWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanEmailWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_externalidp.go b/internal/command/user_human_externalidp.go index d934cf83e6..8518ede69c 100644 --- a/internal/command/user_human_externalidp.go +++ b/internal/command/user_human_externalidp.go @@ -10,7 +10,7 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) BulkAddedHumanExternalIDP(ctx context.Context, userID, resourceOwner string, externalIDPs []*domain.ExternalIDP) (err error) { +func (c *Commands) BulkAddedHumanExternalIDP(ctx context.Context, userID, resourceOwner string, externalIDPs []*domain.ExternalIDP) (err error) { if len(externalIDPs) == 0 { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-Ek9s", "Errors.User.ExternalIDP.MinimumExternalIDPNeeded") } @@ -20,17 +20,17 @@ func (r *CommandSide) BulkAddedHumanExternalIDP(ctx context.Context, userID, res externalIDPWriteModel := NewHumanExternalIDPWriteModel(userID, externalIDP.IDPConfigID, externalIDP.ExternalUserID, resourceOwner) userAgg := UserAggregateFromWriteModel(&externalIDPWriteModel.WriteModel) - events[i], err = r.addHumanExternalIDP(ctx, userAgg, externalIDP) + events[i], err = c.addHumanExternalIDP(ctx, userAgg, externalIDP) if err != nil { return err } } - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) addHumanExternalIDP(ctx context.Context, aggregate *eventstore.Aggregate, externalIDP *domain.ExternalIDP) (eventstore.EventPusher, error) { +func (c *Commands) addHumanExternalIDP(ctx context.Context, aggregate *eventstore.Aggregate, externalIDP *domain.ExternalIDP) (eventstore.EventPusher, error) { if !externalIDP.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-6m9Kd", "Errors.User.ExternalIDP.Invalid") } @@ -38,21 +38,21 @@ func (r *CommandSide) addHumanExternalIDP(ctx context.Context, aggregate *events return user.NewHumanExternalIDPAddedEvent(ctx, aggregate, externalIDP.IDPConfigID, externalIDP.DisplayName, externalIDP.ExternalUserID), nil } -func (r *CommandSide) RemoveHumanExternalIDP(ctx context.Context, externalIDP *domain.ExternalIDP) error { - event, err := r.removeHumanExternalIDP(ctx, externalIDP, false) +func (c *Commands) RemoveHumanExternalIDP(ctx context.Context, externalIDP *domain.ExternalIDP) error { + event, err := c.removeHumanExternalIDP(ctx, externalIDP, false) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, event) + _, err = c.eventstore.PushEvents(ctx, event) return err } -func (r *CommandSide) removeHumanExternalIDP(ctx context.Context, externalIDP *domain.ExternalIDP, cascade bool) (eventstore.EventPusher, error) { +func (c *Commands) removeHumanExternalIDP(ctx context.Context, externalIDP *domain.ExternalIDP, cascade bool) (eventstore.EventPusher, error) { if externalIDP.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3M9ds", "Errors.IDMissing") } - existingExternalIDP, err := r.externalIDPWriteModelByID(ctx, externalIDP.AggregateID, externalIDP.IDPConfigID, externalIDP.ExternalUserID, externalIDP.ResourceOwner) + existingExternalIDP, err := c.externalIDPWriteModelByID(ctx, externalIDP.AggregateID, externalIDP.IDPConfigID, externalIDP.ExternalUserID, externalIDP.ResourceOwner) if err != nil { return nil, err } @@ -66,12 +66,12 @@ func (r *CommandSide) removeHumanExternalIDP(ctx context.Context, externalIDP *d return user.NewHumanExternalIDPRemovedEvent(ctx, userAgg, externalIDP.IDPConfigID, externalIDP.ExternalUserID), nil } -func (r *CommandSide) HumanExternalLoginChecked(ctx context.Context, orgID, userID string, authRequest *domain.AuthRequest) (err error) { +func (c *Commands) HumanExternalLoginChecked(ctx context.Context, orgID, userID string, authRequest *domain.AuthRequest) (err error) { if userID == "" { return caos_errs.ThrowNotFound(nil, "COMMAND-5n8sM", "Errors.IDMissing") } - existingHuman, err := r.getHumanWriteModelByID(ctx, userID, orgID) + existingHuman, err := c.getHumanWriteModelByID(ctx, userID, orgID) if err != nil { return err } @@ -80,16 +80,16 @@ func (r *CommandSide) HumanExternalLoginChecked(ctx context.Context, orgID, user } userAgg := UserAggregateFromWriteModel(&existingHuman.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanExternalIDPCheckSucceededEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanExternalIDPCheckSucceededEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) return err } -func (r *CommandSide) externalIDPWriteModelByID(ctx context.Context, userID, idpConfigID, externalUserID, resourceOwner string) (writeModel *HumanExternalIDPWriteModel, err error) { +func (c *Commands) externalIDPWriteModelByID(ctx context.Context, userID, idpConfigID, externalUserID, resourceOwner string) (writeModel *HumanExternalIDPWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanExternalIDPWriteModel(userID, idpConfigID, externalUserID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_init.go b/internal/command/user_human_init.go index 8e37d0fcd2..f80f26528f 100644 --- a/internal/command/user_human_init.go +++ b/internal/command/user_human_init.go @@ -11,12 +11,12 @@ import ( ) //ResendInitialMail resend inital mail and changes email if provided -func (r *CommandSide) ResendInitialMail(ctx context.Context, userID, email, resourceOwner string) (err error) { +func (c *Commands) ResendInitialMail(ctx context.Context, userID, email, resourceOwner string) (err error) { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2n8vs", "Errors.User.UserIDMissing") } - existingCode, err := r.getHumanInitWriteModelByID(ctx, userID, resourceOwner) + existingCode, err := c.getHumanInitWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -32,16 +32,16 @@ func (r *CommandSide) ResendInitialMail(ctx context.Context, userID, email, reso changedEvent, _ := existingCode.NewChangedEvent(ctx, userAgg, email) events = append(events, changedEvent) } - initCode, err := domain.NewInitUserCode(r.initializeUserCode) + initCode, err := domain.NewInitUserCode(c.initializeUserCode) if err != nil { return err } events = append(events, user.NewHumanInitialCodeAddedEvent(ctx, userAgg, initCode.Code, initCode.Expiry)) - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) HumanVerifyInitCode(ctx context.Context, userID, resourceOwner, code, passwordString string) error { +func (c *Commands) HumanVerifyInitCode(ctx context.Context, userID, resourceOwner, code, passwordString string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-mkM9f", "Errors.User.UserIDMissing") } @@ -49,7 +49,7 @@ func (r *CommandSide) HumanVerifyInitCode(ctx context.Context, userID, resourceO return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-44G8s", "Errors.User.Code.Empty") } - existingCode, err := r.getHumanInitWriteModelByID(ctx, userID, resourceOwner) + existingCode, err := c.getHumanInitWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -58,9 +58,9 @@ func (r *CommandSide) HumanVerifyInitCode(ctx context.Context, userID, resourceO } userAgg := UserAggregateFromWriteModel(&existingCode.WriteModel) - err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, r.initializeUserCode) + err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, c.initializeUserCode) if err != nil { - _, err = r.eventstore.PushEvents(ctx, user.NewHumanInitializedCheckFailedEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanInitializedCheckFailedEvent(ctx, userAgg)) logging.LogWithFields("COMMAND-Dg2z5", "userID", userAgg.ID).OnError(err).Error("NewHumanInitializedCheckFailedEvent push failed") return caos_errs.ThrowInvalidArgument(err, "COMMAND-11v6G", "Errors.User.Code.Invalid") } @@ -76,19 +76,19 @@ func (r *CommandSide) HumanVerifyInitCode(ctx context.Context, userID, resourceO SecretString: passwordString, ChangeRequired: false, } - passwordEvent, err := r.changePassword(ctx, "", password, userAgg, passwordWriteModel) + passwordEvent, err := c.changePassword(ctx, "", password, userAgg, passwordWriteModel) if err != nil { return err } events = append(events, passwordEvent) } events = append(events, user.NewHumanInitialCodeSentEvent(ctx, userAgg)) - _, err = r.eventstore.PushEvents(ctx, events...) + _, err = c.eventstore.PushEvents(ctx, events...) return err } -func (r *CommandSide) HumanInitCodeSent(ctx context.Context, orgID, userID string) (err error) { - existingInitCode, err := r.getHumanInitWriteModelByID(ctx, userID, orgID) +func (c *Commands) HumanInitCodeSent(ctx context.Context, orgID, userID string) (err error) { + existingInitCode, err := c.getHumanInitWriteModelByID(ctx, userID, orgID) if err != nil { return err } @@ -96,13 +96,13 @@ func (r *CommandSide) HumanInitCodeSent(ctx context.Context, orgID, userID strin return caos_errs.ThrowNotFound(nil, "COMMAND-556zg", "Errors.User.Code.NotFound") } userAgg := UserAggregateFromWriteModel(&existingInitCode.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanInitialCodeSentEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanInitialCodeSentEvent(ctx, userAgg)) return err } -func (r *CommandSide) getHumanInitWriteModelByID(ctx context.Context, userID, resourceowner string) (*HumanInitCodeWriteModel, error) { +func (c *Commands) getHumanInitWriteModelByID(ctx context.Context, userID, resourceowner string) (*HumanInitCodeWriteModel, error) { initWriteModel := NewHumanInitCodeWriteModel(userID, resourceowner) - err := r.eventstore.FilterToQueryReducer(ctx, initWriteModel) + err := c.eventstore.FilterToQueryReducer(ctx, initWriteModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_otp.go b/internal/command/user_human_otp.go index 83a8cce8b8..4f6367d06b 100644 --- a/internal/command/user_human_otp.go +++ b/internal/command/user_human_otp.go @@ -10,26 +10,26 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddHumanOTP(ctx context.Context, userID, resourceowner string) (*domain.OTP, error) { +func (c *Commands) AddHumanOTP(ctx context.Context, userID, resourceowner string) (*domain.OTP, error) { if userID == "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-5M0sd", "Errors.User.UserIDMissing") } - human, err := r.getHuman(ctx, userID, resourceowner) + human, err := c.getHuman(ctx, userID, resourceowner) if err != nil { logging.Log("COMMAND-DAqe1").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get human for loginname") return nil, err } - org, err := r.getOrg(ctx, human.ResourceOwner) + org, err := c.getOrg(ctx, human.ResourceOwner) if err != nil { logging.Log("COMMAND-Cm0ds").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get org for loginname") return nil, err } - orgPolicy, err := r.getOrgIAMPolicy(ctx, org.AggregateID) + orgPolicy, err := c.getOrgIAMPolicy(ctx, org.AggregateID) if err != nil { logging.Log("COMMAND-y5zv9").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get org policy for loginname") return nil, err } - otpWriteModel, err := r.otpWriteModelByID(ctx, userID, resourceowner) + otpWriteModel, err := c.otpWriteModelByID(ctx, userID, resourceowner) if err != nil { return nil, err } @@ -41,11 +41,11 @@ func (r *CommandSide) AddHumanOTP(ctx context.Context, userID, resourceowner str if accountName == "" { accountName = human.EmailAddress } - key, secret, err := domain.NewOTPKey(r.multifactors.OTP.Issuer, accountName, r.multifactors.OTP.CryptoMFA) + key, secret, err := domain.NewOTPKey(c.multifactors.OTP.Issuer, accountName, c.multifactors.OTP.CryptoMFA) if err != nil { return nil, err } - _, err = r.eventstore.PushEvents(ctx, user.NewHumanOTPAddedEvent(ctx, userAgg, secret)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanOTPAddedEvent(ctx, userAgg, secret)) if err != nil { return nil, err @@ -59,12 +59,12 @@ func (r *CommandSide) AddHumanOTP(ctx context.Context, userID, resourceowner str }, nil } -func (r *CommandSide) HumanCheckMFAOTPSetup(ctx context.Context, userID, code, userAgentID, resourceowner string) error { +func (c *Commands) HumanCheckMFAOTPSetup(ctx context.Context, userID, code, userAgentID, resourceowner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-8N9ds", "Errors.User.UserIDMissing") } - existingOTP, err := r.otpWriteModelByID(ctx, userID, resourceowner) + existingOTP, err := c.otpWriteModelByID(ctx, userID, resourceowner) if err != nil { return err } @@ -74,20 +74,20 @@ func (r *CommandSide) HumanCheckMFAOTPSetup(ctx context.Context, userID, code, u if existingOTP.State == domain.MFAStateReady { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-qx4ls", "Errors.Users.MFA.OTP.AlreadyReady") } - if err := domain.VerifyMFAOTP(code, existingOTP.Secret, r.multifactors.OTP.CryptoMFA); err != nil { + if err := domain.VerifyMFAOTP(code, existingOTP.Secret, c.multifactors.OTP.CryptoMFA); err != nil { return err } userAgg := UserAggregateFromWriteModel(&existingOTP.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanOTPVerifiedEvent(ctx, userAgg, userAgentID)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanOTPVerifiedEvent(ctx, userAgg, userAgentID)) return err } -func (r *CommandSide) HumanCheckMFAOTP(ctx context.Context, userID, code, resourceowner string, authRequest *domain.AuthRequest) error { +func (c *Commands) HumanCheckMFAOTP(ctx context.Context, userID, code, resourceowner string, authRequest *domain.AuthRequest) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-8N9ds", "Errors.User.UserIDMissing") } - existingOTP, err := r.otpWriteModelByID(ctx, userID, resourceowner) + existingOTP, err := c.otpWriteModelByID(ctx, userID, resourceowner) if err != nil { return err } @@ -95,22 +95,22 @@ func (r *CommandSide) HumanCheckMFAOTP(ctx context.Context, userID, code, resour return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3Mif9s", "Errors.User.MFA.OTP.NotReady") } userAgg := UserAggregateFromWriteModel(&existingOTP.WriteModel) - err = domain.VerifyMFAOTP(code, existingOTP.Secret, r.multifactors.OTP.CryptoMFA) + err = domain.VerifyMFAOTP(code, existingOTP.Secret, c.multifactors.OTP.CryptoMFA) if err == nil { - _, err = r.eventstore.PushEvents(ctx, user.NewHumanOTPCheckSucceededEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanOTPCheckSucceededEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) return err } - _, pushErr := r.eventstore.PushEvents(ctx, user.NewHumanOTPCheckFailedEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) + _, pushErr := c.eventstore.PushEvents(ctx, user.NewHumanOTPCheckFailedEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) logging.Log("COMMAND-9fj7s").OnError(pushErr).Error("error create password check failed event") return err } -func (r *CommandSide) HumanRemoveOTP(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) HumanRemoveOTP(ctx context.Context, userID, resourceOwner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-5M0sd", "Errors.User.UserIDMissing") } - existingOTP, err := r.otpWriteModelByID(ctx, userID, resourceOwner) + existingOTP, err := c.otpWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -118,16 +118,16 @@ func (r *CommandSide) HumanRemoveOTP(ctx context.Context, userID, resourceOwner return caos_errs.ThrowNotFound(nil, "COMMAND-Hd9sd", "Errors.User.MFA.OTP.NotExisting") } userAgg := UserAggregateFromWriteModel(&existingOTP.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanOTPRemovedEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanOTPRemovedEvent(ctx, userAgg)) return err } -func (r *CommandSide) otpWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *HumanOTPWriteModel, err error) { +func (c *Commands) otpWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *HumanOTPWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanOTPWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_password.go b/internal/command/user_human_password.go index 1853b4ec74..cca6e1d970 100644 --- a/internal/command/user_human_password.go +++ b/internal/command/user_human_password.go @@ -11,11 +11,11 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) SetOneTimePassword(ctx context.Context, orgID, userID, passwordString string) (err error) { +func (c *Commands) SetOneTimePassword(ctx context.Context, orgID, userID, passwordString string) (err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() - existingPassword, err := r.passwordWriteModel(ctx, userID, orgID) + existingPassword, err := c.passwordWriteModel(ctx, userID, orgID) if err != nil { return err } @@ -24,19 +24,19 @@ func (r *CommandSide) SetOneTimePassword(ctx context.Context, orgID, userID, pas ChangeRequired: true, } userAgg := UserAggregateFromWriteModel(&existingPassword.WriteModel) - passwordEvent, err := r.changePassword(ctx, "", password, userAgg, existingPassword) + passwordEvent, err := c.changePassword(ctx, "", password, userAgg, existingPassword) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, passwordEvent) + _, err = c.eventstore.PushEvents(ctx, passwordEvent) return err } -func (r *CommandSide) SetPassword(ctx context.Context, orgID, userID, code, passwordString, userAgentID string) (err error) { +func (c *Commands) SetPassword(ctx context.Context, orgID, userID, code, passwordString, userAgentID string) (err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() - existingCode, err := r.passwordWriteModel(ctx, userID, orgID) + existingCode, err := c.passwordWriteModel(ctx, userID, orgID) if err != nil { return err } @@ -45,7 +45,7 @@ func (r *CommandSide) SetPassword(ctx context.Context, orgID, userID, code, pass return caos_errs.ThrowNotFound(nil, "COMMAND-2M9fs", "Errors.User.Code.NotFound") } - err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, r.emailVerificationCode) + err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, c.emailVerificationCode) if err != nil { return err } @@ -55,19 +55,19 @@ func (r *CommandSide) SetPassword(ctx context.Context, orgID, userID, code, pass ChangeRequired: false, } userAgg := UserAggregateFromWriteModel(&existingCode.WriteModel) - passwordEvent, err := r.changePassword(ctx, userAgentID, password, userAgg, existingCode) + passwordEvent, err := c.changePassword(ctx, userAgentID, password, userAgg, existingCode) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, passwordEvent) + _, err = c.eventstore.PushEvents(ctx, passwordEvent) return err } -func (r *CommandSide) ChangePassword(ctx context.Context, orgID, userID, oldPassword, newPassword, userAgentID string) (err error) { +func (c *Commands) ChangePassword(ctx context.Context, orgID, userID, oldPassword, newPassword, userAgentID string) (err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() - existingPassword, err := r.passwordWriteModel(ctx, userID, orgID) + existingPassword, err := c.passwordWriteModel(ctx, userID, orgID) if err != nil { return err } @@ -75,7 +75,7 @@ func (r *CommandSide) ChangePassword(ctx context.Context, orgID, userID, oldPass return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-Fds3s", "Errors.User.Password.Empty") } ctx, spanPasswordComparison := tracing.NewNamedSpan(ctx, "crypto.CompareHash") - err = crypto.CompareHash(existingPassword.Secret, []byte(oldPassword), r.userPasswordAlg) + err = crypto.CompareHash(existingPassword.Secret, []byte(oldPassword), c.userPasswordAlg) spanPasswordComparison.EndWithError(err) if err != nil { @@ -87,15 +87,15 @@ func (r *CommandSide) ChangePassword(ctx context.Context, orgID, userID, oldPass } userAgg := UserAggregateFromWriteModel(&existingPassword.WriteModel) - eventPusher, err := r.changePassword(ctx, userAgentID, password, userAgg, existingPassword) + eventPusher, err := c.changePassword(ctx, userAgentID, password, userAgg, existingPassword) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, eventPusher) + _, err = c.eventstore.PushEvents(ctx, eventPusher) return err } -func (r *CommandSide) changePassword(ctx context.Context, userAgentID string, password *domain.Password, userAgg *eventstore.Aggregate, existingPassword *HumanPasswordWriteModel) (event eventstore.EventPusher, err error) { +func (c *Commands) changePassword(ctx context.Context, userAgentID string, password *domain.Password, userAgg *eventstore.Aggregate, existingPassword *HumanPasswordWriteModel) (event eventstore.EventPusher, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() @@ -105,18 +105,18 @@ func (r *CommandSide) changePassword(ctx context.Context, userAgentID string, pa if existingPassword.UserState == domain.UserStateInitial { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-M9dse", "Errors.User.NotInitialised") } - pwPolicy, err := r.getOrgPasswordComplexityPolicy(ctx, userAgg.ResourceOwner) + pwPolicy, err := c.getOrgPasswordComplexityPolicy(ctx, userAgg.ResourceOwner) if err != nil { return nil, err } - if err := password.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg); err != nil { + if err := password.HashPasswordIfExisting(pwPolicy, c.userPasswordAlg); err != nil { return nil, err } return user.NewHumanPasswordChangedEvent(ctx, userAgg, password.SecretCrypto, password.ChangeRequired, userAgentID), nil } -func (r *CommandSide) RequestSetPassword(ctx context.Context, userID, resourceOwner string, notifyType domain.NotificationType) (err error) { - existingHuman, err := r.userWriteModelByID(ctx, userID, resourceOwner) +func (c *Commands) RequestSetPassword(ctx context.Context, userID, resourceOwner string, notifyType domain.NotificationType) (err error) { + existingHuman, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -127,16 +127,16 @@ func (r *CommandSide) RequestSetPassword(ctx context.Context, userID, resourceOw return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2M9sd", "Errors.User.NotInitialised") } userAgg := UserAggregateFromWriteModel(&existingHuman.WriteModel) - passwordCode, err := domain.NewPasswordCode(r.passwordVerificationCode) + passwordCode, err := domain.NewPasswordCode(c.passwordVerificationCode) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPasswordCodeAddedEvent(ctx, userAgg, passwordCode.Code, passwordCode.Expiry, notifyType)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPasswordCodeAddedEvent(ctx, userAgg, passwordCode.Code, passwordCode.Expiry, notifyType)) return err } -func (r *CommandSide) PasswordCodeSent(ctx context.Context, orgID, userID string) (err error) { - existingPassword, err := r.passwordWriteModel(ctx, userID, orgID) +func (c *Commands) PasswordCodeSent(ctx context.Context, orgID, userID string) (err error) { + existingPassword, err := c.passwordWriteModel(ctx, userID, orgID) if err != nil { return err } @@ -144,11 +144,11 @@ func (r *CommandSide) PasswordCodeSent(ctx context.Context, orgID, userID string return caos_errs.ThrowNotFound(nil, "COMMAND-3n77z", "Errors.User.NotFound") } userAgg := UserAggregateFromWriteModel(&existingPassword.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPasswordCodeSentEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPasswordCodeSentEvent(ctx, userAgg)) return err } -func (r *CommandSide) HumanCheckPassword(ctx context.Context, orgID, userID, password string, authRequest *domain.AuthRequest) (err error) { +func (c *Commands) HumanCheckPassword(ctx context.Context, orgID, userID, password string, authRequest *domain.AuthRequest) (err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() @@ -156,7 +156,7 @@ func (r *CommandSide) HumanCheckPassword(ctx context.Context, orgID, userID, pas return caos_errs.ThrowNotFound(nil, "COMMAND-3n8fs", "Errors.User.Password.Empty") } - existingPassword, err := r.passwordWriteModel(ctx, userID, orgID) + existingPassword, err := c.passwordWriteModel(ctx, userID, orgID) if err != nil { return err } @@ -170,23 +170,23 @@ func (r *CommandSide) HumanCheckPassword(ctx context.Context, orgID, userID, pas userAgg := UserAggregateFromWriteModel(&existingPassword.WriteModel) ctx, spanPasswordComparison := tracing.NewNamedSpan(ctx, "crypto.CompareHash") - err = crypto.CompareHash(existingPassword.Secret, []byte(password), r.userPasswordAlg) + err = crypto.CompareHash(existingPassword.Secret, []byte(password), c.userPasswordAlg) spanPasswordComparison.EndWithError(err) if err == nil { - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPasswordCheckSucceededEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPasswordCheckSucceededEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) return err } - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPasswordCheckFailedEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPasswordCheckFailedEvent(ctx, userAgg, authRequestDomainToAuthRequestInfo(authRequest))) logging.Log("COMMAND-9fj7s").OnError(err).Error("error create password check failed event") return caos_errs.ThrowInvalidArgument(nil, "COMMAND-452ad", "Errors.User.Password.Invalid") } -func (r *CommandSide) passwordWriteModel(ctx context.Context, userID, resourceOwner string) (writeModel *HumanPasswordWriteModel, err error) { +func (c *Commands) passwordWriteModel(ctx context.Context, userID, resourceOwner string) (writeModel *HumanPasswordWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanPasswordWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_phone.go b/internal/command/user_human_phone.go index da720ac5d1..835ecc2732 100644 --- a/internal/command/user_human_phone.go +++ b/internal/command/user_human_phone.go @@ -12,12 +12,12 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) ChangeHumanPhone(ctx context.Context, phone *domain.Phone) (*domain.Phone, error) { +func (c *Commands) ChangeHumanPhone(ctx context.Context, phone *domain.Phone) (*domain.Phone, error) { if !phone.IsValid() { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-6M0ds", "Errors.Phone.Invalid") } - existingPhone, err := r.phoneWriteModelByID(ctx, phone.AggregateID, phone.ResourceOwner) + existingPhone, err := c.phoneWriteModelByID(ctx, phone.AggregateID, phone.ResourceOwner) if err != nil { return nil, err } @@ -35,14 +35,14 @@ func (r *CommandSide) ChangeHumanPhone(ctx context.Context, phone *domain.Phone) if phone.IsPhoneVerified { events = append(events, user.NewHumanPhoneVerifiedEvent(ctx, userAgg)) } else { - phoneCode, err := domain.NewPhoneCode(r.phoneVerificationCode) + phoneCode, err := domain.NewPhoneCode(c.phoneVerificationCode) if err != nil { return nil, err } events = append(events, user.NewHumanPhoneCodeAddedEvent(ctx, userAgg, phoneCode.Code, phoneCode.Expiry)) } - pushedEvents, err := r.eventstore.PushEvents(ctx, events...) + pushedEvents, err := c.eventstore.PushEvents(ctx, events...) if err != nil { return nil, err } @@ -54,7 +54,7 @@ func (r *CommandSide) ChangeHumanPhone(ctx context.Context, phone *domain.Phone) return writeModelToPhone(existingPhone), nil } -func (r *CommandSide) VerifyHumanPhone(ctx context.Context, userID, code, resourceowner string) error { +func (c *Commands) VerifyHumanPhone(ctx context.Context, userID, code, resourceowner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-Km9ds", "Errors.User.UserIDMissing") } @@ -62,7 +62,7 @@ func (r *CommandSide) VerifyHumanPhone(ctx context.Context, userID, code, resour return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-wMe9f", "Errors.User.Code.Empty") } - existingCode, err := r.phoneWriteModelByID(ctx, userID, resourceowner) + existingCode, err := c.phoneWriteModelByID(ctx, userID, resourceowner) if err != nil { return err } @@ -71,23 +71,23 @@ func (r *CommandSide) VerifyHumanPhone(ctx context.Context, userID, code, resour } userAgg := UserAggregateFromWriteModel(&existingCode.WriteModel) - err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, r.phoneVerificationCode) + err = crypto.VerifyCode(existingCode.CodeCreationDate, existingCode.CodeExpiry, existingCode.Code, code, c.phoneVerificationCode) if err == nil { - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPhoneVerifiedEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPhoneVerifiedEvent(ctx, userAgg)) return err } - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPhoneVerificationFailedEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPhoneVerificationFailedEvent(ctx, userAgg)) logging.LogWithFields("COMMAND-5M9ds", "userID", userAgg.ID).OnError(err).Error("NewHumanPhoneVerificationFailedEvent push failed") return caos_errs.ThrowInvalidArgument(err, "COMMAND-sM0cs", "Errors.User.Code.Invalid") } -func (r *CommandSide) CreateHumanPhoneVerificationCode(ctx context.Context, userID, resourceowner string) error { +func (c *Commands) CreateHumanPhoneVerificationCode(ctx context.Context, userID, resourceowner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-4M0ds", "Errors.User.UserIDMissing") } - existingPhone, err := r.phoneWriteModelByID(ctx, userID, resourceowner) + existingPhone, err := c.phoneWriteModelByID(ctx, userID, resourceowner) if err != nil { return err } @@ -100,18 +100,18 @@ func (r *CommandSide) CreateHumanPhoneVerificationCode(ctx context.Context, user return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2M9sf", "Errors.User.Phone.AlreadyVerified") } - phoneCode, err := domain.NewPhoneCode(r.phoneVerificationCode) + phoneCode, err := domain.NewPhoneCode(c.phoneVerificationCode) if err != nil { return err } userAgg := UserAggregateFromWriteModel(&existingPhone.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPhoneCodeAddedEvent(ctx, userAgg, phoneCode.Code, phoneCode.Expiry)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPhoneCodeAddedEvent(ctx, userAgg, phoneCode.Code, phoneCode.Expiry)) return err } -func (r *CommandSide) HumanPhoneVerificationCodeSent(ctx context.Context, orgID, userID string) (err error) { - existingPhone, err := r.phoneWriteModelByID(ctx, userID, orgID) +func (c *Commands) HumanPhoneVerificationCodeSent(ctx context.Context, orgID, userID string) (err error) { + existingPhone, err := c.phoneWriteModelByID(ctx, userID, orgID) if err != nil { return err } @@ -120,16 +120,16 @@ func (r *CommandSide) HumanPhoneVerificationCodeSent(ctx context.Context, orgID, } userAgg := UserAggregateFromWriteModel(&existingPhone.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPhoneCodeSentEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPhoneCodeSentEvent(ctx, userAgg)) return err } -func (r *CommandSide) RemoveHumanPhone(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) RemoveHumanPhone(ctx context.Context, userID, resourceOwner string) error { if userID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-6M0ds", "Errors.User.UserIDMissing") } - existingPhone, err := r.phoneWriteModelByID(ctx, userID, resourceOwner) + existingPhone, err := c.phoneWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err } @@ -138,16 +138,16 @@ func (r *CommandSide) RemoveHumanPhone(ctx context.Context, userID, resourceOwne } userAgg := UserAggregateFromWriteModel(&existingPhone.WriteModel) - _, err = r.eventstore.PushEvents(ctx, user.NewHumanPhoneRemovedEvent(ctx, userAgg)) + _, err = c.eventstore.PushEvents(ctx, user.NewHumanPhoneRemovedEvent(ctx, userAgg)) return err } -func (r *CommandSide) phoneWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *HumanPhoneWriteModel, err error) { +func (c *Commands) phoneWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *HumanPhoneWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanPhoneWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_profile.go b/internal/command/user_human_profile.go index c7bd3d61c2..ee2d9a9096 100644 --- a/internal/command/user_human_profile.go +++ b/internal/command/user_human_profile.go @@ -8,12 +8,12 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) ChangeHumanProfile(ctx context.Context, profile *domain.Profile) (*domain.Profile, error) { +func (c *Commands) ChangeHumanProfile(ctx context.Context, profile *domain.Profile) (*domain.Profile, error) { if !profile.IsValid() && profile.AggregateID != "" { return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-8io0d", "Errors.User.Profile.Invalid") } - existingProfile, err := r.profileWriteModelByID(ctx, profile.AggregateID, profile.ResourceOwner) + existingProfile, err := c.profileWriteModelByID(ctx, profile.AggregateID, profile.ResourceOwner) if err != nil { return nil, err } @@ -25,7 +25,7 @@ func (r *CommandSide) ChangeHumanProfile(ctx context.Context, profile *domain.Pr return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2M0fs", "Errors.User.Profile.NotChanged") } - events, err := r.eventstore.PushEvents(ctx, changedEvent) + events, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -37,12 +37,12 @@ func (r *CommandSide) ChangeHumanProfile(ctx context.Context, profile *domain.Pr return writeModelToProfile(existingProfile), nil } -func (r *CommandSide) profileWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *HumanProfileWriteModel, err error) { +func (c *Commands) profileWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *HumanProfileWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanProfileWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_webauthn.go b/internal/command/user_human_webauthn.go index 978b3141b7..1b8c4062bc 100644 --- a/internal/command/user_human_webauthn.go +++ b/internal/command/user_human_webauthn.go @@ -10,9 +10,9 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) getHumanU2FTokens(ctx context.Context, userID, resourceowner string) ([]*domain.WebAuthNToken, error) { +func (c *Commands) getHumanU2FTokens(ctx context.Context, userID, resourceowner string) ([]*domain.WebAuthNToken, error) { tokenReadModel := NewHumanU2FTokensReadModel(userID, resourceowner) - err := r.eventstore.FilterToQueryReducer(ctx, tokenReadModel) + err := c.eventstore.FilterToQueryReducer(ctx, tokenReadModel) if err != nil { return nil, err } @@ -22,9 +22,9 @@ func (r *CommandSide) getHumanU2FTokens(ctx context.Context, userID, resourceown return readModelToU2FTokens(tokenReadModel), nil } -func (r *CommandSide) getHumanPasswordlessTokens(ctx context.Context, userID, resourceowner string) ([]*domain.WebAuthNToken, error) { +func (c *Commands) getHumanPasswordlessTokens(ctx context.Context, userID, resourceowner string) ([]*domain.WebAuthNToken, error) { tokenReadModel := NewHumanPasswordlessTokensReadModel(userID, resourceowner) - err := r.eventstore.FilterToQueryReducer(ctx, tokenReadModel) + err := c.eventstore.FilterToQueryReducer(ctx, tokenReadModel) if err != nil { return nil, err } @@ -34,9 +34,9 @@ func (r *CommandSide) getHumanPasswordlessTokens(ctx context.Context, userID, re return readModelToPasswordlessTokens(tokenReadModel), nil } -func (r *CommandSide) getHumanU2FLogin(ctx context.Context, userID, authReqID, resourceowner string) (*domain.WebAuthNLogin, error) { +func (c *Commands) getHumanU2FLogin(ctx context.Context, userID, authReqID, resourceowner string) (*domain.WebAuthNLogin, error) { tokenReadModel := NewHumanU2FLoginReadModel(userID, authReqID, resourceowner) - err := r.eventstore.FilterToQueryReducer(ctx, tokenReadModel) + err := c.eventstore.FilterToQueryReducer(ctx, tokenReadModel) if err != nil { return nil, err } @@ -48,9 +48,9 @@ func (r *CommandSide) getHumanU2FLogin(ctx context.Context, userID, authReqID, r }, nil } -func (r *CommandSide) getHumanPasswordlessLogin(ctx context.Context, userID, authReqID, resourceowner string) (*domain.WebAuthNLogin, error) { +func (c *Commands) getHumanPasswordlessLogin(ctx context.Context, userID, authReqID, resourceowner string) (*domain.WebAuthNLogin, error) { tokenReadModel := NewHumanPasswordlessLoginReadModel(userID, authReqID, resourceowner) - err := r.eventstore.FilterToQueryReducer(ctx, tokenReadModel) + err := c.eventstore.FilterToQueryReducer(ctx, tokenReadModel) if err != nil { return nil, err } @@ -62,17 +62,17 @@ func (r *CommandSide) getHumanPasswordlessLogin(ctx context.Context, userID, aut }, nil } -func (r *CommandSide) HumanAddU2FSetup(ctx context.Context, userID, resourceowner string, isLoginUI bool) (*domain.WebAuthNToken, error) { - u2fTokens, err := r.getHumanU2FTokens(ctx, userID, resourceowner) +func (c *Commands) HumanAddU2FSetup(ctx context.Context, userID, resourceowner string, isLoginUI bool) (*domain.WebAuthNToken, error) { + u2fTokens, err := c.getHumanU2FTokens(ctx, userID, resourceowner) if err != nil { return nil, err } - addWebAuthN, userAgg, webAuthN, err := r.addHumanWebAuthN(ctx, userID, resourceowner, isLoginUI, u2fTokens) + addWebAuthN, userAgg, webAuthN, err := c.addHumanWebAuthN(ctx, userID, resourceowner, isLoginUI, u2fTokens) if err != nil { return nil, err } - events, err := r.eventstore.PushEvents(ctx, usr_repo.NewHumanU2FAddedEvent(ctx, userAgg, addWebAuthN.WebauthNTokenID, webAuthN.Challenge)) + events, err := c.eventstore.PushEvents(ctx, usr_repo.NewHumanU2FAddedEvent(ctx, userAgg, addWebAuthN.WebauthNTokenID, webAuthN.Challenge)) if err != nil { return nil, err } @@ -88,17 +88,17 @@ func (r *CommandSide) HumanAddU2FSetup(ctx context.Context, userID, resourceowne return createdWebAuthN, nil } -func (r *CommandSide) HumanAddPasswordlessSetup(ctx context.Context, userID, resourceowner string, isLoginUI bool) (*domain.WebAuthNToken, error) { - passwordlessTokens, err := r.getHumanPasswordlessTokens(ctx, userID, resourceowner) +func (c *Commands) HumanAddPasswordlessSetup(ctx context.Context, userID, resourceowner string, isLoginUI bool) (*domain.WebAuthNToken, error) { + passwordlessTokens, err := c.getHumanPasswordlessTokens(ctx, userID, resourceowner) if err != nil { return nil, err } - addWebAuthN, userAgg, webAuthN, err := r.addHumanWebAuthN(ctx, userID, resourceowner, isLoginUI, passwordlessTokens) + addWebAuthN, userAgg, webAuthN, err := c.addHumanWebAuthN(ctx, userID, resourceowner, isLoginUI, passwordlessTokens) if err != nil { return nil, err } - events, err := r.eventstore.PushEvents(ctx, usr_repo.NewHumanPasswordlessAddedEvent(ctx, userAgg, addWebAuthN.WebauthNTokenID, webAuthN.Challenge)) + events, err := c.eventstore.PushEvents(ctx, usr_repo.NewHumanPasswordlessAddedEvent(ctx, userAgg, addWebAuthN.WebauthNTokenID, webAuthN.Challenge)) if err != nil { return nil, err } @@ -114,19 +114,19 @@ func (r *CommandSide) HumanAddPasswordlessSetup(ctx context.Context, userID, res return createdWebAuthN, nil } -func (r *CommandSide) addHumanWebAuthN(ctx context.Context, userID, resourceowner string, isLoginUI bool, tokens []*domain.WebAuthNToken) (*HumanWebAuthNWriteModel, *eventstore.Aggregate, *domain.WebAuthNToken, error) { +func (c *Commands) addHumanWebAuthN(ctx context.Context, userID, resourceowner string, isLoginUI bool, tokens []*domain.WebAuthNToken) (*HumanWebAuthNWriteModel, *eventstore.Aggregate, *domain.WebAuthNToken, error) { if userID == "" || resourceowner == "" { return nil, nil, nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3M0od", "Errors.IDMissing") } - user, err := r.getHuman(ctx, userID, resourceowner) + user, err := c.getHuman(ctx, userID, resourceowner) if err != nil { return nil, nil, nil, err } - org, err := r.getOrg(ctx, user.ResourceOwner) + org, err := c.getOrg(ctx, user.ResourceOwner) if err != nil { return nil, nil, nil, err } - orgPolicy, err := r.getOrgIAMPolicy(ctx, org.AggregateID) + orgPolicy, err := c.getOrgIAMPolicy(ctx, org.AggregateID) if err != nil { return nil, nil, nil, err } @@ -134,15 +134,15 @@ func (r *CommandSide) addHumanWebAuthN(ctx context.Context, userID, resourceowne if accountName == "" { accountName = user.EmailAddress } - webAuthN, err := r.webauthn.BeginRegistration(user, accountName, domain.AuthenticatorAttachmentUnspecified, domain.UserVerificationRequirementDiscouraged, isLoginUI, tokens...) + webAuthN, err := c.webauthn.BeginRegistration(user, accountName, domain.AuthenticatorAttachmentUnspecified, domain.UserVerificationRequirementDiscouraged, isLoginUI, tokens...) if err != nil { return nil, nil, nil, err } - tokenID, err := r.idGenerator.Next() + tokenID, err := c.idGenerator.Next() if err != nil { return nil, nil, nil, err } - addWebAuthN, err := r.webauthNWriteModelByID(ctx, userID, tokenID, resourceowner) + addWebAuthN, err := c.webauthNWriteModelByID(ctx, userID, tokenID, resourceowner) if err != nil { return nil, nil, nil, err } @@ -151,17 +151,17 @@ func (r *CommandSide) addHumanWebAuthN(ctx context.Context, userID, resourceowne return addWebAuthN, userAgg, webAuthN, nil } -func (r *CommandSide) HumanVerifyU2FSetup(ctx context.Context, userID, resourceowner, tokenName, userAgentID string, credentialData []byte) error { - u2fTokens, err := r.getHumanU2FTokens(ctx, userID, resourceowner) +func (c *Commands) HumanVerifyU2FSetup(ctx context.Context, userID, resourceowner, tokenName, userAgentID string, credentialData []byte) error { + u2fTokens, err := c.getHumanU2FTokens(ctx, userID, resourceowner) if err != nil { return err } - userAgg, webAuthN, verifyWebAuthN, err := r.verifyHumanWebAuthN(ctx, userID, resourceowner, tokenName, userAgentID, credentialData, u2fTokens) + userAgg, webAuthN, verifyWebAuthN, err := c.verifyHumanWebAuthN(ctx, userID, resourceowner, tokenName, userAgentID, credentialData, u2fTokens) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, usr_repo.NewHumanU2FVerifiedEvent( ctx, userAgg, @@ -177,17 +177,17 @@ func (r *CommandSide) HumanVerifyU2FSetup(ctx context.Context, userID, resourceo return err } -func (r *CommandSide) HumanHumanPasswordlessSetup(ctx context.Context, userID, resourceowner, tokenName, userAgentID string, credentialData []byte) error { - u2fTokens, err := r.getHumanPasswordlessTokens(ctx, userID, resourceowner) +func (c *Commands) HumanHumanPasswordlessSetup(ctx context.Context, userID, resourceowner, tokenName, userAgentID string, credentialData []byte) error { + u2fTokens, err := c.getHumanPasswordlessTokens(ctx, userID, resourceowner) if err != nil { return err } - userAgg, webAuthN, verifyWebAuthN, err := r.verifyHumanWebAuthN(ctx, userID, resourceowner, tokenName, userAgentID, credentialData, u2fTokens) + userAgg, webAuthN, verifyWebAuthN, err := c.verifyHumanWebAuthN(ctx, userID, resourceowner, tokenName, userAgentID, credentialData, u2fTokens) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, usr_repo.NewHumanPasswordlessVerifiedEvent( ctx, userAgg, @@ -203,21 +203,21 @@ func (r *CommandSide) HumanHumanPasswordlessSetup(ctx context.Context, userID, r return err } -func (r *CommandSide) verifyHumanWebAuthN(ctx context.Context, userID, resourceowner, tokenName, userAgentID string, credentialData []byte, tokens []*domain.WebAuthNToken) (*eventstore.Aggregate, *domain.WebAuthNToken, *HumanWebAuthNWriteModel, error) { +func (c *Commands) verifyHumanWebAuthN(ctx context.Context, userID, resourceowner, tokenName, userAgentID string, credentialData []byte, tokens []*domain.WebAuthNToken) (*eventstore.Aggregate, *domain.WebAuthNToken, *HumanWebAuthNWriteModel, error) { if userID == "" || resourceowner == "" { return nil, nil, nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3M0od", "Errors.IDMissing") } - user, err := r.getHuman(ctx, userID, resourceowner) + user, err := c.getHuman(ctx, userID, resourceowner) if err != nil { return nil, nil, nil, err } _, token := domain.GetTokenToVerify(tokens) - webAuthN, err := r.webauthn.FinishRegistration(user, token, tokenName, credentialData, userAgentID != "") + webAuthN, err := c.webauthn.FinishRegistration(user, token, tokenName, credentialData, userAgentID != "") if err != nil { return nil, nil, nil, err } - verifyWebAuthN, err := r.webauthNWriteModelByID(ctx, userID, token.WebAuthNTokenID, resourceowner) + verifyWebAuthN, err := c.webauthNWriteModelByID(ctx, userID, token.WebAuthNTokenID, resourceowner) if err != nil { return nil, nil, nil, err } @@ -226,18 +226,18 @@ func (r *CommandSide) verifyHumanWebAuthN(ctx context.Context, userID, resourceo return userAgg, webAuthN, verifyWebAuthN, nil } -func (r *CommandSide) HumanBeginU2FLogin(ctx context.Context, userID, resourceOwner string, authRequest *domain.AuthRequest, isLoginUI bool) (*domain.WebAuthNLogin, error) { - u2fTokens, err := r.getHumanU2FTokens(ctx, userID, resourceOwner) +func (c *Commands) HumanBeginU2FLogin(ctx context.Context, userID, resourceOwner string, authRequest *domain.AuthRequest, isLoginUI bool) (*domain.WebAuthNLogin, error) { + u2fTokens, err := c.getHumanU2FTokens(ctx, userID, resourceOwner) if err != nil { return nil, err } - userAgg, webAuthNLogin, err := r.beginWebAuthNLogin(ctx, userID, resourceOwner, u2fTokens, isLoginUI) + userAgg, webAuthNLogin, err := c.beginWebAuthNLogin(ctx, userID, resourceOwner, u2fTokens, isLoginUI) if err != nil { return nil, err } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, usr_repo.NewHumanU2FBeginLoginEvent( ctx, userAgg, @@ -249,17 +249,17 @@ func (r *CommandSide) HumanBeginU2FLogin(ctx context.Context, userID, resourceOw return webAuthNLogin, err } -func (r *CommandSide) HumanBeginPasswordlessLogin(ctx context.Context, userID, resourceOwner string, authRequest *domain.AuthRequest, isLoginUI bool) (*domain.WebAuthNLogin, error) { - u2fTokens, err := r.getHumanPasswordlessTokens(ctx, userID, resourceOwner) +func (c *Commands) HumanBeginPasswordlessLogin(ctx context.Context, userID, resourceOwner string, authRequest *domain.AuthRequest, isLoginUI bool) (*domain.WebAuthNLogin, error) { + u2fTokens, err := c.getHumanPasswordlessTokens(ctx, userID, resourceOwner) if err != nil { return nil, err } - userAgg, webAuthNLogin, err := r.beginWebAuthNLogin(ctx, userID, resourceOwner, u2fTokens, isLoginUI) + userAgg, webAuthNLogin, err := c.beginWebAuthNLogin(ctx, userID, resourceOwner, u2fTokens, isLoginUI) if err != nil { return nil, err } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, usr_repo.NewHumanPasswordlessBeginLoginEvent( ctx, userAgg, @@ -270,21 +270,21 @@ func (r *CommandSide) HumanBeginPasswordlessLogin(ctx context.Context, userID, r return webAuthNLogin, err } -func (r *CommandSide) beginWebAuthNLogin(ctx context.Context, userID, resourceOwner string, tokens []*domain.WebAuthNToken, isLoginUI bool) (*eventstore.Aggregate, *domain.WebAuthNLogin, error) { +func (c *Commands) beginWebAuthNLogin(ctx context.Context, userID, resourceOwner string, tokens []*domain.WebAuthNToken, isLoginUI bool) (*eventstore.Aggregate, *domain.WebAuthNLogin, error) { if userID == "" { return nil, nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-hh8K9", "Errors.IDMissing") } - human, err := r.getHuman(ctx, userID, resourceOwner) + human, err := c.getHuman(ctx, userID, resourceOwner) if err != nil { return nil, nil, err } - webAuthNLogin, err := r.webauthn.BeginLogin(human, domain.UserVerificationRequirementDiscouraged, isLoginUI, tokens...) + webAuthNLogin, err := c.webauthn.BeginLogin(human, domain.UserVerificationRequirementDiscouraged, isLoginUI, tokens...) if err != nil { return nil, nil, err } - writeModel, err := r.webauthNWriteModelByID(ctx, userID, "", resourceOwner) + writeModel, err := c.webauthNWriteModelByID(ctx, userID, "", resourceOwner) if err != nil { return nil, nil, err } @@ -293,22 +293,22 @@ func (r *CommandSide) beginWebAuthNLogin(ctx context.Context, userID, resourceOw return userAgg, webAuthNLogin, nil } -func (r *CommandSide) HumanFinishU2FLogin(ctx context.Context, userID, resourceOwner string, credentialData []byte, authRequest *domain.AuthRequest, isLoginUI bool) error { - webAuthNLogin, err := r.getHumanU2FLogin(ctx, userID, authRequest.ID, resourceOwner) +func (c *Commands) HumanFinishU2FLogin(ctx context.Context, userID, resourceOwner string, credentialData []byte, authRequest *domain.AuthRequest, isLoginUI bool) error { + webAuthNLogin, err := c.getHumanU2FLogin(ctx, userID, authRequest.ID, resourceOwner) if err != nil { return err } - u2fTokens, err := r.getHumanU2FTokens(ctx, userID, resourceOwner) + u2fTokens, err := c.getHumanU2FTokens(ctx, userID, resourceOwner) if err != nil { return err } - userAgg, token, signCount, err := r.finishWebAuthNLogin(ctx, userID, resourceOwner, credentialData, webAuthNLogin, u2fTokens, isLoginUI) + userAgg, token, signCount, err := c.finishWebAuthNLogin(ctx, userID, resourceOwner, credentialData, webAuthNLogin, u2fTokens, isLoginUI) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, usr_repo.NewHumanU2FSignCountChangedEvent( ctx, userAgg, @@ -320,23 +320,23 @@ func (r *CommandSide) HumanFinishU2FLogin(ctx context.Context, userID, resourceO return err } -func (r *CommandSide) HumanFinishPasswordlessLogin(ctx context.Context, userID, resourceOwner string, credentialData []byte, authRequest *domain.AuthRequest, isLoginUI bool) error { - webAuthNLogin, err := r.getHumanPasswordlessLogin(ctx, userID, authRequest.ID, resourceOwner) +func (c *Commands) HumanFinishPasswordlessLogin(ctx context.Context, userID, resourceOwner string, credentialData []byte, authRequest *domain.AuthRequest, isLoginUI bool) error { + webAuthNLogin, err := c.getHumanPasswordlessLogin(ctx, userID, authRequest.ID, resourceOwner) if err != nil { return err } - passwordlessTokens, err := r.getHumanPasswordlessTokens(ctx, userID, resourceOwner) + passwordlessTokens, err := c.getHumanPasswordlessTokens(ctx, userID, resourceOwner) if err != nil { return err } - userAgg, token, signCount, err := r.finishWebAuthNLogin(ctx, userID, resourceOwner, credentialData, webAuthNLogin, passwordlessTokens, isLoginUI) + userAgg, token, signCount, err := c.finishWebAuthNLogin(ctx, userID, resourceOwner, credentialData, webAuthNLogin, passwordlessTokens, isLoginUI) if err != nil { return err } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, usr_repo.NewHumanPasswordlessSignCountChangedEvent( ctx, userAgg, @@ -347,16 +347,16 @@ func (r *CommandSide) HumanFinishPasswordlessLogin(ctx context.Context, userID, return err } -func (r *CommandSide) finishWebAuthNLogin(ctx context.Context, userID, resourceOwner string, credentialData []byte, webAuthN *domain.WebAuthNLogin, tokens []*domain.WebAuthNToken, isLoginUI bool) (*eventstore.Aggregate, *domain.WebAuthNToken, uint32, error) { +func (c *Commands) finishWebAuthNLogin(ctx context.Context, userID, resourceOwner string, credentialData []byte, webAuthN *domain.WebAuthNLogin, tokens []*domain.WebAuthNToken, isLoginUI bool) (*eventstore.Aggregate, *domain.WebAuthNToken, uint32, error) { if userID == "" { return nil, nil, 0, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-hh8K9", "Errors.IDMissing") } - human, err := r.getHuman(ctx, userID, resourceOwner) + human, err := c.getHuman(ctx, userID, resourceOwner) if err != nil { return nil, nil, 0, err } - keyID, signCount, err := r.webauthn.FinishLogin(human, webAuthN, credentialData, isLoginUI, tokens...) + keyID, signCount, err := c.webauthn.FinishLogin(human, webAuthN, credentialData, isLoginUI, tokens...) if err != nil && keyID == nil { return nil, nil, 0, err } @@ -366,7 +366,7 @@ func (r *CommandSide) finishWebAuthNLogin(ctx context.Context, userID, resourceO return nil, nil, 0, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-3b7zs", "Errors.User.WebAuthN.NotFound") } - writeModel, err := r.webauthNWriteModelByID(ctx, userID, "", resourceOwner) + writeModel, err := c.webauthNWriteModelByID(ctx, userID, "", resourceOwner) if err != nil { return nil, nil, 0, err } @@ -375,22 +375,22 @@ func (r *CommandSide) finishWebAuthNLogin(ctx context.Context, userID, resourceO return userAgg, token, signCount, nil } -func (r *CommandSide) HumanRemoveU2F(ctx context.Context, userID, webAuthNID, resourceOwner string) error { +func (c *Commands) HumanRemoveU2F(ctx context.Context, userID, webAuthNID, resourceOwner string) error { event := usr_repo.PrepareHumanU2FRemovedEvent(ctx, webAuthNID) - return r.removeHumanWebAuthN(ctx, userID, webAuthNID, resourceOwner, event) + return c.removeHumanWebAuthN(ctx, userID, webAuthNID, resourceOwner, event) } -func (r *CommandSide) HumanRemovePasswordless(ctx context.Context, userID, webAuthNID, resourceOwner string) error { +func (c *Commands) HumanRemovePasswordless(ctx context.Context, userID, webAuthNID, resourceOwner string) error { event := usr_repo.PrepareHumanPasswordlessRemovedEvent(ctx, webAuthNID) - return r.removeHumanWebAuthN(ctx, userID, webAuthNID, resourceOwner, event) + return c.removeHumanWebAuthN(ctx, userID, webAuthNID, resourceOwner, event) } -func (r *CommandSide) removeHumanWebAuthN(ctx context.Context, userID, webAuthNID, resourceOwner string, preparedEvent func(*eventstore.Aggregate) eventstore.EventPusher) error { +func (c *Commands) removeHumanWebAuthN(ctx context.Context, userID, webAuthNID, resourceOwner string, preparedEvent func(*eventstore.Aggregate) eventstore.EventPusher) error { if userID == "" || webAuthNID == "" { return caos_errs.ThrowPreconditionFailed(nil, "COMMAND-6M9de", "Errors.IDMissing") } - existingWebAuthN, err := r.webauthNWriteModelByID(ctx, userID, webAuthNID, resourceOwner) + existingWebAuthN, err := c.webauthNWriteModelByID(ctx, userID, webAuthNID, resourceOwner) if err != nil { return err } @@ -399,16 +399,16 @@ func (r *CommandSide) removeHumanWebAuthN(ctx context.Context, userID, webAuthNI } userAgg := UserAggregateFromWriteModel(&existingWebAuthN.WriteModel) - _, err = r.eventstore.PushEvents(ctx, preparedEvent(userAgg)) + _, err = c.eventstore.PushEvents(ctx, preparedEvent(userAgg)) return err } -func (r *CommandSide) webauthNWriteModelByID(ctx context.Context, userID, webAuthNID, resourceOwner string) (writeModel *HumanWebAuthNWriteModel, err error) { +func (c *Commands) webauthNWriteModelByID(ctx context.Context, userID, webAuthNID, resourceOwner string) (writeModel *HumanWebAuthNWriteModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() writeModel = NewHumanWebAuthNWriteModel(userID, webAuthNID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_machine.go b/internal/command/user_machine.go index 1ab531305c..13f5fbf652 100644 --- a/internal/command/user_machine.go +++ b/internal/command/user_machine.go @@ -9,18 +9,18 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddMachine(ctx context.Context, orgID string, machine *domain.Machine) (*domain.Machine, error) { +func (c *Commands) AddMachine(ctx context.Context, orgID string, machine *domain.Machine) (*domain.Machine, error) { if !machine.IsValid() { return nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-bm9Ds", "Errors.User.Invalid") } - userID, err := r.idGenerator.Next() + userID, err := c.idGenerator.Next() if err != nil { return nil, err } machine.AggregateID = userID - orgIAMPolicy, err := r.getOrgIAMPolicy(ctx, orgID) + orgIAMPolicy, err := c.getOrgIAMPolicy(ctx, orgID) if err != nil { return nil, err } @@ -31,7 +31,7 @@ func (r *CommandSide) AddMachine(ctx context.Context, orgID string, machine *dom addedMachine := NewMachineWriteModel(machine.AggregateID, orgID) userAgg := UserAggregateFromWriteModel(&addedMachine.WriteModel) - events, err := r.eventstore.PushEvents(ctx, user.NewMachineAddedEvent( + events, err := c.eventstore.PushEvents(ctx, user.NewMachineAddedEvent( ctx, userAgg, machine.Username, @@ -49,8 +49,8 @@ func (r *CommandSide) AddMachine(ctx context.Context, orgID string, machine *dom return writeModelToMachine(addedMachine), nil } -func (r *CommandSide) ChangeMachine(ctx context.Context, machine *domain.Machine) (*domain.Machine, error) { - existingMachine, err := r.machineWriteModelByID(ctx, machine.AggregateID, machine.ResourceOwner) +func (c *Commands) ChangeMachine(ctx context.Context, machine *domain.Machine) (*domain.Machine, error) { + existingMachine, err := c.machineWriteModelByID(ctx, machine.AggregateID, machine.ResourceOwner) if err != nil { return nil, err } @@ -64,7 +64,7 @@ func (r *CommandSide) ChangeMachine(ctx context.Context, machine *domain.Machine return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2n8vs", "Errors.User.NotChanged") } - events, err := r.eventstore.PushEvents(ctx, changedEvent) + events, err := c.eventstore.PushEvents(ctx, changedEvent) if err != nil { return nil, err } @@ -76,7 +76,7 @@ func (r *CommandSide) ChangeMachine(ctx context.Context, machine *domain.Machine } //TODO: adlerhurst we should check userID on the same level, in user.go userID is checked in public funcs -func (r *CommandSide) machineWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *MachineWriteModel, err error) { +func (c *Commands) machineWriteModelByID(ctx context.Context, userID, resourceOwner string) (writeModel *MachineWriteModel, err error) { if userID == "" { return nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-0Plof", "Errors.User.UserIDMissing") } @@ -84,7 +84,7 @@ func (r *CommandSide) machineWriteModelByID(ctx context.Context, userID, resourc defer func() { span.EndWithError(err) }() writeModel = NewMachineWriteModel(userID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/command/user_machine_key.go b/internal/command/user_machine_key.go index 7b4a83fad1..2333dd87c9 100644 --- a/internal/command/user_machine_key.go +++ b/internal/command/user_machine_key.go @@ -9,17 +9,17 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *CommandSide) AddUserMachineKey(ctx context.Context, machineKey *domain.MachineKey, resourceOwner string) (*domain.MachineKey, error) { - err := r.checkUserExists(ctx, machineKey.AggregateID, resourceOwner) +func (c *Commands) AddUserMachineKey(ctx context.Context, machineKey *domain.MachineKey, resourceOwner string) (*domain.MachineKey, error) { + err := c.checkUserExists(ctx, machineKey.AggregateID, resourceOwner) if err != nil { return nil, err } - keyID, err := r.idGenerator.Next() + keyID, err := c.idGenerator.Next() if err != nil { return nil, err } keyWriteModel := NewMachineKeyWriteModel(machineKey.AggregateID, keyID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, keyWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, keyWriteModel) if err != nil { return nil, err } @@ -28,11 +28,11 @@ func (r *CommandSide) AddUserMachineKey(ctx context.Context, machineKey *domain. return nil, err } - if err = domain.SetNewAuthNKeyPair(machineKey, r.machineKeySize); err != nil { + if err = domain.SetNewAuthNKeyPair(machineKey, c.machineKeySize); err != nil { return nil, err } - events, err := r.eventstore.PushEvents(ctx, + events, err := c.eventstore.PushEvents(ctx, user.NewMachineKeyAddedEvent( ctx, UserAggregateFromWriteModel(&keyWriteModel.WriteModel), @@ -53,8 +53,8 @@ func (r *CommandSide) AddUserMachineKey(ctx context.Context, machineKey *domain. return key, nil } -func (r *CommandSide) RemoveUserMachineKey(ctx context.Context, userID, keyID, resourceOwner string) error { - keyWriteModel, err := r.machineKeyWriteModelByID(ctx, userID, keyID, resourceOwner) +func (c *Commands) RemoveUserMachineKey(ctx context.Context, userID, keyID, resourceOwner string) error { + keyWriteModel, err := c.machineKeyWriteModelByID(ctx, userID, keyID, resourceOwner) if err != nil { return err } @@ -62,12 +62,12 @@ func (r *CommandSide) RemoveUserMachineKey(ctx context.Context, userID, keyID, r return errors.ThrowNotFound(nil, "COMMAND-4m77G", "Errors.User.Machine.Key.NotFound") } - _, err = r.eventstore.PushEvents(ctx, + _, err = c.eventstore.PushEvents(ctx, user.NewMachineKeyRemovedEvent(ctx, UserAggregateFromWriteModel(&keyWriteModel.WriteModel), keyID)) return err } -func (r *CommandSide) machineKeyWriteModelByID(ctx context.Context, userID, keyID, resourceOwner string) (writeModel *MachineKeyWriteModel, err error) { +func (c *Commands) machineKeyWriteModelByID(ctx context.Context, userID, keyID, resourceOwner string) (writeModel *MachineKeyWriteModel, err error) { if userID == "" { return nil, errors.ThrowInvalidArgument(nil, "COMMAND-4n8vs", "Errors.User.UserIDMissing") } @@ -75,7 +75,7 @@ func (r *CommandSide) machineKeyWriteModelByID(ctx context.Context, userID, keyI defer func() { span.EndWithError(err) }() writeModel = NewMachineKeyWriteModel(userID, keyID, resourceOwner) - err = r.eventstore.FilterToQueryReducer(ctx, writeModel) + err = c.eventstore.FilterToQueryReducer(ctx, writeModel) if err != nil { return nil, err } diff --git a/internal/config/types/sql.go b/internal/config/types/sql.go index 461dda6e78..053b4c493b 100644 --- a/internal/config/types/sql.go +++ b/internal/config/types/sql.go @@ -5,6 +5,7 @@ import ( "strings" "github.com/caos/logging" + "github.com/caos/zitadel/internal/errors" ) @@ -21,11 +22,32 @@ type SQL struct { SSL *ssl } +type SQLBase struct { + Host string + Port string + Database string + SSL sslBase +} + +type SQLUser struct { + User string + Password string + SSL sslUser +} + type ssl struct { + sslBase + sslUser +} + +type sslBase struct { // type of connection security Mode string // RootCert Path to the CA certificate RootCert string +} + +type sslUser struct { // Cert Path to the client certificate Cert string // Key Path to the client private key @@ -71,7 +93,7 @@ func (s *SQL) Start() (*sql.DB, error) { func (s *SQL) checkSSL() { if s.SSL == nil || s.SSL.Mode == sslDisabledMode || s.SSL.Mode == "" { - s.SSL = &ssl{Mode: sslDisabledMode} + s.SSL = &ssl{sslBase: sslBase{Mode: sslDisabledMode}} return } if s.SSL.Cert == "" || s.SSL.Key == "" || s.SSL.RootCert == "" { @@ -82,3 +104,23 @@ func (s *SQL) checkSSL() { ).Fatal("fields for secure connection missing") } } + +func (u SQLUser) Start(base SQLBase) (*sql.DB, error) { + return (&SQL{ + Host: base.Host, + Port: base.Port, + User: u.User, + Password: u.Password, + Database: base.Database, + SSL: &ssl{ + sslBase: sslBase{ + Mode: base.SSL.Mode, + RootCert: base.SSL.RootCert, + }, + sslUser: sslUser{ + Cert: u.SSL.Cert, + Key: u.SSL.Key, + }, + }, + }).Start() +} diff --git a/internal/eventstore/config.go b/internal/eventstore/config.go new file mode 100644 index 0000000000..90bf87c82d --- /dev/null +++ b/internal/eventstore/config.go @@ -0,0 +1,24 @@ +package eventstore + +import ( + "github.com/caos/zitadel/internal/config/types" + "github.com/caos/zitadel/internal/eventstore/repository/sql" +) + +func Start(sqlConfig types.SQL) (*Eventstore, error) { + sqlClient, err := sqlConfig.Start() + if err != nil { + return nil, err + } + + return NewEventstore(sql.NewCRDB(sqlClient)), nil +} + +func StartWithUser(baseConfig types.SQLBase, userConfig types.SQLUser) (*Eventstore, error) { + sqlClient, err := userConfig.Start(baseConfig) + if err != nil { + return nil, err + } + + return NewEventstore(sql.NewCRDB(sqlClient)), nil +} diff --git a/internal/eventstore/local_crdb_test.go b/internal/eventstore/local_crdb_test.go index 10eaf17f5a..15997e52cd 100644 --- a/internal/eventstore/local_crdb_test.go +++ b/internal/eventstore/local_crdb_test.go @@ -95,6 +95,7 @@ func setPasswordNULL() error { "authpassword", "notificationpassword", "authzpassword", + "queriespassword", } for _, name := range passwordNames { if err := os.Setenv(name, "NULL"); err != nil { diff --git a/internal/eventstore/repository/sql/local_crdb_test.go b/internal/eventstore/repository/sql/local_crdb_test.go index 3d0988cc0f..e88e189008 100644 --- a/internal/eventstore/repository/sql/local_crdb_test.go +++ b/internal/eventstore/repository/sql/local_crdb_test.go @@ -99,6 +99,7 @@ func setPasswordNULL() error { "authpassword", "notificationpassword", "authzpassword", + "queriespassword", } for _, name := range passwordNames { if err := os.Setenv(name, "NULL"); err != nil { diff --git a/internal/eventstore/v1/config.go b/internal/eventstore/v1/config.go index 2bce476a85..feface665d 100644 --- a/internal/eventstore/v1/config.go +++ b/internal/eventstore/v1/config.go @@ -2,10 +2,7 @@ package v1 import ( "github.com/caos/zitadel/internal/cache/config" - eventstore2 "github.com/caos/zitadel/internal/eventstore" - sql_v2 "github.com/caos/zitadel/internal/eventstore/repository/sql" "github.com/caos/zitadel/internal/eventstore/v1/internal/repository/sql" - "github.com/caos/zitadel/internal/eventstore/v1/models" ) type Config struct { @@ -15,14 +12,12 @@ type Config struct { } func Start(conf Config) (Eventstore, error) { - repo, sqlClient, err := sql.Start(conf.Repository) + repo, _, err := sql.Start(conf.Repository) if err != nil { return nil, err } return &eventstore{ - repo: repo, - aggregateCreator: models.NewAggregateCreator(conf.ServiceName), - esV2: eventstore2.NewEventstore(sql_v2.NewCRDB(sqlClient)), + repo: repo, }, nil } diff --git a/internal/eventstore/v1/eventstore.go b/internal/eventstore/v1/eventstore.go index b68ca33170..2bf4139cc8 100644 --- a/internal/eventstore/v1/eventstore.go +++ b/internal/eventstore/v1/eventstore.go @@ -2,54 +2,22 @@ package v1 import ( "context" - eventstore2 "github.com/caos/zitadel/internal/eventstore" - "github.com/caos/zitadel/internal/errors" "github.com/caos/zitadel/internal/eventstore/v1/internal/repository" "github.com/caos/zitadel/internal/eventstore/v1/models" ) type Eventstore interface { - AggregateCreator() *models.AggregateCreator Health(ctx context.Context) error - PushAggregates(ctx context.Context, aggregates ...*models.Aggregate) error FilterEvents(ctx context.Context, searchQuery *models.SearchQuery) (events []*models.Event, err error) LatestSequence(ctx context.Context, searchQuery *models.SearchQueryFactory) (uint64, error) - V2() *eventstore2.Eventstore Subscribe(aggregates ...models.AggregateType) *Subscription } var _ Eventstore = (*eventstore)(nil) type eventstore struct { - repo repository.Repository - aggregateCreator *models.AggregateCreator - - esV2 *eventstore2.Eventstore -} - -func (es *eventstore) AggregateCreator() *models.AggregateCreator { - return es.aggregateCreator -} - -func (es *eventstore) PushAggregates(ctx context.Context, aggregates ...*models.Aggregate) (err error) { - for _, aggregate := range aggregates { - if len(aggregate.Events) == 0 { - return errors.ThrowInvalidArgument(nil, "EVENT-cNhIj", "no events in aggregate") - } - for _, event := range aggregate.Events { - if err = event.Validate(); err != nil { - return errors.ThrowInvalidArgument(err, "EVENT-tzIhl", "validate event failed") - } - } - } - err = es.repo.PushAggregates(ctx, aggregates...) - if err != nil { - return err - } - - go notify(aggregates) - return nil + repo repository.Repository } func (es *eventstore) FilterEvents(ctx context.Context, searchQuery *models.SearchQuery) ([]*models.Event, error) { @@ -69,7 +37,3 @@ func (es *eventstore) LatestSequence(ctx context.Context, queryFactory *models.S func (es *eventstore) Health(ctx context.Context) error { return es.repo.Health(ctx) } - -func (es *eventstore) V2() *eventstore2.Eventstore { - return es.esV2 -} diff --git a/internal/management/repository/eventsourcing/eventstore/iam.go b/internal/management/repository/eventsourcing/eventstore/iam.go index c78adec356..a668fa05ba 100644 --- a/internal/management/repository/eventsourcing/eventstore/iam.go +++ b/internal/management/repository/eventsourcing/eventstore/iam.go @@ -8,7 +8,7 @@ import ( ) type IAMRepository struct { - IAMV2Query *query.QuerySide + IAMV2Query *query.Queries } func (repo *IAMRepository) IAMByID(ctx context.Context, id string) (*iam_model.IAM, error) { diff --git a/internal/management/repository/eventsourcing/repository.go b/internal/management/repository/eventsourcing/repository.go index 79f21886ef..759cd35c80 100644 --- a/internal/management/repository/eventsourcing/repository.go +++ b/internal/management/repository/eventsourcing/repository.go @@ -30,13 +30,12 @@ type EsRepository struct { view *mgmt_view.View } -func Start(conf Config, systemDefaults sd.SystemDefaults, roles []string) (*EsRepository, error) { +func Start(conf Config, systemDefaults sd.SystemDefaults, roles []string, queries *query.Queries) (*EsRepository, error) { es, err := v1.Start(conf.Eventstore) if err != nil { return nil, err } - esV2 := es.V2() sqlClient, err := conf.View.Start() if err != nil { @@ -47,10 +46,6 @@ func Start(conf Config, systemDefaults sd.SystemDefaults, roles []string) (*EsRe return nil, err } - iamV2Query, err := query.StartQuerySide(&query.Config{Eventstore: esV2, SystemDefaults: systemDefaults}) - if err != nil { - return nil, err - } spool := spooler.StartSpooler(conf.Spooler, es, view, sqlClient, systemDefaults) return &EsRepository{ @@ -60,7 +55,7 @@ func Start(conf Config, systemDefaults sd.SystemDefaults, roles []string) (*EsRe UserRepo: eventstore.UserRepo{es, conf.SearchLimit, view, systemDefaults}, UserGrantRepo: eventstore.UserGrantRepo{conf.SearchLimit, view}, IAMRepository: eventstore.IAMRepository{ - IAMV2Query: iamV2Query, + IAMV2Query: queries, }, view: view, }, nil diff --git a/internal/notification/notification.go b/internal/notification/notification.go index f8cd714c73..06c77ae3d3 100644 --- a/internal/notification/notification.go +++ b/internal/notification/notification.go @@ -15,7 +15,7 @@ type Config struct { Repository eventsourcing.Config } -func Start(ctx context.Context, config Config, systemDefaults sd.SystemDefaults, command *command.CommandSide) { +func Start(ctx context.Context, config Config, systemDefaults sd.SystemDefaults, command *command.Commands) { statikFS, err := fs.NewWithNamespace("notification") logging.Log("CONFI-7usEW").OnError(err).Panic("unable to start listener") diff --git a/internal/notification/repository/eventsourcing/handler/handler.go b/internal/notification/repository/eventsourcing/handler/handler.go index 7d3d7c41b0..b81c6bf5c7 100644 --- a/internal/notification/repository/eventsourcing/handler/handler.go +++ b/internal/notification/repository/eventsourcing/handler/handler.go @@ -34,7 +34,7 @@ func (h *handler) Eventstore() v1.Eventstore { return h.es } -func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es v1.Eventstore, command *command.CommandSide, systemDefaults sd.SystemDefaults, i18n *i18n.Translator, dir http.FileSystem) []query.Handler { +func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es v1.Eventstore, command *command.Commands, systemDefaults sd.SystemDefaults, i18n *i18n.Translator, dir http.FileSystem) []query.Handler { aesCrypto, err := crypto.NewAESCrypto(systemDefaults.UserVerificationKey) if err != nil { logging.Log("HANDL-s90ew").WithError(err).Debug("error create new aes crypto") diff --git a/internal/notification/repository/eventsourcing/handler/notification.go b/internal/notification/repository/eventsourcing/handler/notification.go index d6d767bc00..b42267cc0e 100644 --- a/internal/notification/repository/eventsourcing/handler/notification.go +++ b/internal/notification/repository/eventsourcing/handler/notification.go @@ -46,7 +46,7 @@ const ( type Notification struct { handler - command *command.CommandSide + command *command.Commands systemDefaults sd.SystemDefaults AesCrypto crypto.EncryptionAlgorithm i18n *i18n.Translator @@ -56,7 +56,7 @@ type Notification struct { func newNotification( handler handler, - command *command.CommandSide, + command *command.Commands, defaults sd.SystemDefaults, aesCrypto crypto.EncryptionAlgorithm, translator *i18n.Translator, diff --git a/internal/notification/repository/eventsourcing/repository.go b/internal/notification/repository/eventsourcing/repository.go index 772015b17f..cb0267ee25 100644 --- a/internal/notification/repository/eventsourcing/repository.go +++ b/internal/notification/repository/eventsourcing/repository.go @@ -26,7 +26,7 @@ type EsRepository struct { spooler *es_spol.Spooler } -func Start(conf Config, dir http.FileSystem, systemDefaults sd.SystemDefaults, command *command.CommandSide) (*EsRepository, error) { +func Start(conf Config, dir http.FileSystem, systemDefaults sd.SystemDefaults, command *command.Commands) (*EsRepository, error) { es, err := v1.Start(conf.Eventstore) if err != nil { return nil, err diff --git a/internal/notification/repository/eventsourcing/spooler/spooler.go b/internal/notification/repository/eventsourcing/spooler/spooler.go index 3cb7ebf41d..9e783cf6b4 100644 --- a/internal/notification/repository/eventsourcing/spooler/spooler.go +++ b/internal/notification/repository/eventsourcing/spooler/spooler.go @@ -20,7 +20,7 @@ type SpoolerConfig struct { Handlers handler.Configs } -func StartSpooler(c SpoolerConfig, es v1.Eventstore, view *view.View, sql *sql.DB, command *command.CommandSide, systemDefaults sd.SystemDefaults, i18n *i18n.Translator, dir http.FileSystem) *spooler.Spooler { +func StartSpooler(c SpoolerConfig, es v1.Eventstore, view *view.View, sql *sql.DB, command *command.Commands, systemDefaults sd.SystemDefaults, i18n *i18n.Translator, dir http.FileSystem) *spooler.Spooler { spoolerConfig := spooler.Config{ Eventstore: es, Locker: &locker{dbClient: sql}, diff --git a/internal/query/iam_idp_config.go b/internal/query/iam_idp_config.go index 2112ab30d1..ff811f78ad 100644 --- a/internal/query/iam_idp_config.go +++ b/internal/query/iam_idp_config.go @@ -5,7 +5,7 @@ import ( "github.com/caos/zitadel/internal/domain" ) -func (r *QuerySide) DefaultIDPConfigByID(ctx context.Context, idpConfigID string) (*domain.IDPConfigView, error) { +func (r *Queries) DefaultIDPConfigByID(ctx context.Context, idpConfigID string) (*domain.IDPConfigView, error) { idpConfig := NewIAMIDPConfigReadModel(r.iamID, idpConfigID) err := r.eventstore.FilterToQueryReducer(ctx, idpConfig) if err != nil { diff --git a/internal/query/member.go b/internal/query/member.go index 7098ccdec0..b1ceca1552 100644 --- a/internal/query/member.go +++ b/internal/query/member.go @@ -5,7 +5,7 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -func (r *QuerySide) IAMMemberByID(ctx context.Context, iamID, userID string) (member *IAMMemberReadModel, err error) { +func (r *Queries) IAMMemberByID(ctx context.Context, iamID, userID string) (member *IAMMemberReadModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() diff --git a/internal/query/query.go b/internal/query/query.go index 085e8b8c1d..12da403be1 100644 --- a/internal/query/query.go +++ b/internal/query/query.go @@ -2,6 +2,8 @@ package query import ( "context" + + "github.com/caos/zitadel/internal/config/types" "github.com/caos/zitadel/internal/eventstore" usr_repo "github.com/caos/zitadel/internal/repository/user" @@ -13,7 +15,7 @@ import ( "github.com/caos/zitadel/internal/telemetry/tracing" ) -type QuerySide struct { +type Queries struct { iamID string eventstore *eventstore.Eventstore idGenerator id.Generator @@ -21,27 +23,26 @@ type QuerySide struct { } type Config struct { - Eventstore *eventstore.Eventstore - SystemDefaults sd.SystemDefaults + Eventstore types.SQLUser } -func StartQuerySide(config *Config) (repo *QuerySide, err error) { - repo = &QuerySide{ - iamID: config.SystemDefaults.IamID, - eventstore: config.Eventstore, +func StartQueries(eventstore *eventstore.Eventstore, defaults sd.SystemDefaults) (repo *Queries, err error) { + repo = &Queries{ + iamID: defaults.IamID, + eventstore: eventstore, idGenerator: id.SonyFlakeGenerator, } iam_repo.RegisterEventMappers(repo.eventstore) usr_repo.RegisterEventMappers(repo.eventstore) - repo.secretCrypto, err = crypto.NewAESCrypto(config.SystemDefaults.IDPConfigVerificationKey) + repo.secretCrypto, err = crypto.NewAESCrypto(defaults.IDPConfigVerificationKey) if err != nil { return nil, err } return repo, nil } -func (r *QuerySide) IAMByID(ctx context.Context, id string) (_ *iam_model.IAM, err error) { +func (r *Queries) IAMByID(ctx context.Context, id string) (_ *iam_model.IAM, err error) { readModel, err := r.iamByID(ctx, id) if err != nil { return nil, err @@ -50,7 +51,7 @@ func (r *QuerySide) IAMByID(ctx context.Context, id string) (_ *iam_model.IAM, e return readModelToIAM(readModel), nil } -func (r *QuerySide) iamByID(ctx context.Context, id string) (_ *ReadModel, err error) { +func (r *Queries) iamByID(ctx context.Context, id string) (_ *ReadModel, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() diff --git a/internal/query/user.go b/internal/query/user.go index dc3c31ebc1..ae8cd17d65 100644 --- a/internal/query/user.go +++ b/internal/query/user.go @@ -5,7 +5,7 @@ import ( "github.com/caos/zitadel/internal/eventstore" ) -func (q *QuerySide) UserEvents(ctx context.Context, orgID, userID string, sequence uint64) ([]eventstore.EventReader, error) { +func (q *Queries) UserEvents(ctx context.Context, orgID, userID string, sequence uint64) ([]eventstore.EventReader, error) { query := NewUserEventSearchQuery(userID, orgID, sequence) return q.eventstore.FilterEvents(ctx, query) } diff --git a/internal/setup/setup.go b/internal/setup/setup.go index f48f95db28..7bebbd14a7 100644 --- a/internal/setup/setup.go +++ b/internal/setup/setup.go @@ -16,7 +16,7 @@ const ( SetupUser = "SETUP" ) -func Execute(ctx context.Context, setUpConfig IAMSetUp, iamID string, commands *command.CommandSide) error { +func Execute(ctx context.Context, setUpConfig IAMSetUp, iamID string, commands *command.Commands) error { logging.Log("SETUP-JAK2q").Info("starting setup") iam, err := commands.GetIAM(ctx) diff --git a/internal/ui/login/handler/login.go b/internal/ui/login/handler/login.go index 2cd669dc92..c617365b06 100644 --- a/internal/ui/login/handler/login.go +++ b/internal/ui/login/handler/login.go @@ -29,8 +29,8 @@ type Login struct { router http.Handler renderer *Renderer parser *form.Parser - command *command.CommandSide - query *query.QuerySide + command *command.Commands + query *query.Queries authRepo auth_repository.Repository baseURL string zitadelURL string @@ -60,7 +60,7 @@ const ( handlerPrefix = "/login" ) -func CreateLogin(config Config, command *command.CommandSide, query *query.QuerySide, authRepo *eventsourcing.EsRepository, systemDefaults systemdefaults.SystemDefaults, localDevMode bool) (*Login, string) { +func CreateLogin(config Config, command *command.Commands, query *query.Queries, authRepo *eventsourcing.EsRepository, systemDefaults systemdefaults.SystemDefaults, localDevMode bool) (*Login, string) { aesCrypto, err := crypto.NewAESCrypto(systemDefaults.IDPConfigVerificationKey) if err != nil { logging.Log("HANDL-s90ew").WithError(err).Debug("error create new aes crypto") diff --git a/internal/ui/login/login.go b/internal/ui/login/login.go index effa78348e..b2b591e116 100644 --- a/internal/ui/login/login.go +++ b/internal/ui/login/login.go @@ -12,6 +12,6 @@ type Config struct { Handler handler.Config } -func Start(config Config, command *command.CommandSide, query *query.QuerySide, authRepo *eventsourcing.EsRepository, systemdefaults systemdefaults.SystemDefaults, localDevMode bool) (*handler.Login, string) { +func Start(config Config, command *command.Commands, query *query.Queries, authRepo *eventsourcing.EsRepository, systemdefaults systemdefaults.SystemDefaults, localDevMode bool) (*handler.Login, string) { return handler.CreateLogin(config.Handler, command, query, authRepo, systemdefaults, localDevMode) } diff --git a/migrations/cockroach/V1.35__queries.sql b/migrations/cockroach/V1.35__queries.sql new file mode 100644 index 0000000000..4ad89d35dd --- /dev/null +++ b/migrations/cockroach/V1.35__queries.sql @@ -0,0 +1,2 @@ +CREATE USER queries WITH PASSWORD ${queriespassword}; +GRANT SELECT ON DATABASE eventstore TO queries; diff --git a/migrations/cockroach/migrate_local.go b/migrations/cockroach/migrate_local.go index 786e47a253..ee973661ee 100644 --- a/migrations/cockroach/migrate_local.go +++ b/migrations/cockroach/migrate_local.go @@ -2,4 +2,4 @@ package migrations -//go:generate flyway -url=jdbc:postgresql://localhost:26257/defaultdb -user=root -password= -locations=filesystem:./ -placeholders.eventstorepassword=NULL -placeholders.managementpassword=NULL -placeholders.adminapipassword=NULL -placeholders.authpassword=NULL -placeholders.notificationpassword=NULL -placeholders.authzpassword=NULL migrate +//go:generate flyway -url=jdbc:postgresql://localhost:26257/defaultdb -user=root -password= -locations=filesystem:./ -placeholders.eventstorepassword=NULL -placeholders.managementpassword=NULL -placeholders.adminapipassword=NULL -placeholders.authpassword=NULL -placeholders.notificationpassword=NULL -placeholders.authzpassword=NULL -placeholders.queriespassword=NULL migrate diff --git a/operator/zitadel/kinds/iam/zitadel/configuration/desired.go b/operator/zitadel/kinds/iam/zitadel/configuration/desired.go index 9831d68f32..32ae456623 100644 --- a/operator/zitadel/kinds/iam/zitadel/configuration/desired.go +++ b/operator/zitadel/kinds/iam/zitadel/configuration/desired.go @@ -34,6 +34,7 @@ type Passwords struct { Adminapi *secret.Secret `yaml:"adminapi"` Notification *secret.Secret `yaml:"notification"` Eventstore *secret.Secret `yaml:"eventstore"` + Queries *secret.Secret `yaml:"queries"` } type Secrets struct { diff --git a/operator/zitadel/kinds/iam/zitadel/users.go b/operator/zitadel/kinds/iam/zitadel/users.go index bc405e544b..8a521dfe5b 100644 --- a/operator/zitadel/kinds/iam/zitadel/users.go +++ b/operator/zitadel/kinds/iam/zitadel/users.go @@ -63,6 +63,13 @@ func getAllUsers(desired *DesiredV0) map[string]string { } users[esUser] = esPassword + queryUser := "queries" + queryPassword := queryUser + if passwords != nil && passwords.Queries != nil { + queryPassword = passwords.Queries.Value + } + users[queryUser] = queryPassword + return users }