fix: load auth users (#3907)

* fix: load auth users

* fix: add triggerbulk

* fix: build pre-release

* fix even more french translations

* fix: build version

Co-authored-by: Livio Spring <livio.a@gmail.com>

.releaserc.js

@@ -3,7 +3,7 @@ module.exports = {
         {name: 'main'},
         {name: '1.x.x', range: '1.x.x', channel: '1.x.x'},
         {name: 'v2-alpha', prerelease: true},
-        {name: 'notify-users', prerelease: true},
+        {name: 'auth-users', prerelease: true},
     ],
     plugins: [
         "@semantic-release/commit-analyzer"

internal/api/grpc/management/user.go

@@ -44,7 +44,7 @@ func (s *Server) GetUserByLoginNameGlobal(ctx context.Context, req *mgmt_pb.GetU
 	if err != nil {
 		return nil, err
 	}
-	user, err := s.query.GetUser(ctx, loginName)
+	user, err := s.query.GetUser(ctx, true, loginName)
 	if err != nil {
 		return nil, err
 	}

internal/api/grpc/server/middleware/translation_interceptor.go

@@ -3,6 +3,7 @@ package middleware
 import (
 	"context"
 
+	"github.com/zitadel/logging"
 	"google.golang.org/grpc"
 
 	"github.com/zitadel/zitadel/internal/api/authz"
@@ -13,7 +14,11 @@ import (
 func TranslationHandler() func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
 	return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
 		resp, err := handler(ctx, req)
-		translator := newZitadelTranslator(authz.GetInstance(ctx).DefaultLanguage())
+		translator, translatorError := newZitadelTranslator(authz.GetInstance(ctx).DefaultLanguage())
+		if translatorError != nil {
+			logging.New().WithError(translatorError).Error("could not load translator")
+			return resp, err
+		}
 		if loc, ok := resp.(localizers); ok && resp != nil {
 			translateFields(ctx, loc, translator)
 		}

internal/api/grpc/server/middleware/translator.go

@@ -40,16 +40,13 @@ func translateError(ctx context.Context, err error, translator *i18n.Translator)
 	return err
 }
 
-func newZitadelTranslator(defaultLanguage language.Tag) *i18n.Translator {
+func newZitadelTranslator(defaultLanguage language.Tag) (*i18n.Translator, error) {
 	return translatorFromNamespace("zitadel", defaultLanguage)
 }
 
-func translatorFromNamespace(namespace string, defaultLanguage language.Tag) *i18n.Translator {
+func translatorFromNamespace(namespace string, defaultLanguage language.Tag) (*i18n.Translator, error) {
 	dir, err := fs.NewWithNamespace(namespace)
-	logging.LogWithFields("ERROR-7usEW", "namespace", namespace).OnError(err).Panic("unable to get namespace")
+	logging.WithFields("namespace", namespace).OnError(err).Panic("unable to get namespace")
 
-	translator, err := i18n.NewTranslator(dir, defaultLanguage, "")
+	return i18n.NewTranslator(dir, defaultLanguage, "")
-	logging.Log("ERROR-Sk8sf").OnError(err).Panic("unable to get i18n translator")
-
-	return translator
 }

internal/api/ui/login/init_password_handler.go

@@ -107,7 +107,7 @@ func (l *Login) resendPasswordSet(w http.ResponseWriter, r *http.Request, authRe
 		l.renderInitPassword(w, r, authReq, authReq.UserID, "", err)
 		return
 	}
-	user, err := l.query.GetUser(setContext(r.Context(), userOrg), loginName)
+	user, err := l.query.GetUser(setContext(r.Context(), userOrg), false, loginName)
 	if err != nil {
 		l.renderInitPassword(w, r, authReq, authReq.UserID, "", err)
 		return

internal/api/ui/login/password_reset_handler.go

@@ -23,7 +23,7 @@ func (l *Login) handlePasswordReset(w http.ResponseWriter, r *http.Request) {
 		l.renderInitPassword(w, r, authReq, authReq.UserID, "", err)
 		return
 	}
-	user, err := l.query.GetUser(setContext(r.Context(), authReq.UserOrgID), loginName)
+	user, err := l.query.GetUser(setContext(r.Context(), authReq.UserOrgID), false, loginName)
 	if err != nil {
 		l.renderPasswordResetDone(w, r, authReq, err)
 		return

internal/api/ui/login/static/i18n/fr.yaml

@@ -12,14 +12,14 @@ Login:
   NextButtonText: suivant
 
 SelectAccount:
-  Title: Select account
+  Title: Sélectionner un compte
-  Description: Use your ZITADEL-Account
+  Description: Utilisez votre compte ZITADEL
-  TitleLinking: Select account for user linking
+  TitleLinking: Sélectionnez le compte pour le lien avec l'utilisateur
-  DescriptionLinking: Select your account to link with your external user.
+  DescriptionLinking: Sélectionnez votre compte pour établir un lien avec votre utilisateur externe.
-  OtherUser: Other User
+  OtherUser: Autre utilisateur
-  SessionState0: active
+  SessionState0: actif
-  SessionState1: inactive
+  SessionState1: inactif
-  MustBeMemberOfOrg: The user must be member of the {{.OrgName}} organisation.
+  MustBeMemberOfOrg: L'utilisateur doit être membre de l'organisation {{.OrgName}}.
 
 Password:
   Title: Mot de passe

internal/auth/repository/eventsourcing/repository.go

@@ -40,7 +40,7 @@ func Start(conf Config, systemDefaults sd.SystemDefaults, command *command.Comma
 	}
 	idGenerator := id.SonyFlakeGenerator()
 
-	view, err := auth_view.StartView(dbClient, oidcEncryption, queries, idGenerator)
+	view, err := auth_view.StartView(dbClient, oidcEncryption, queries, idGenerator, es)
 	if err != nil {
 		return nil, err
 	}

internal/auth/repository/eventsourcing/view/user.go

@@ -1,8 +1,12 @@
 package view
 
 import (
+	"context"
+
+	"github.com/zitadel/zitadel/internal/api/authz"
 	"github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/eventstore/v1/models"
+	"github.com/zitadel/zitadel/internal/query"
 	usr_model "github.com/zitadel/zitadel/internal/user/model"
 	"github.com/zitadel/zitadel/internal/user/repository/view"
 	"github.com/zitadel/zitadel/internal/user/repository/view/model"
@@ -18,15 +22,77 @@ func (v *View) UserByID(userID, instanceID string) (*model.UserView, error) {
 }
 
 func (v *View) UserByUsername(userName, instanceID string) (*model.UserView, error) {
-	return view.UserByUserName(v.Db, userTable, userName, instanceID)
+	query, err := query.NewUserUsernameSearchQuery(userName, query.TextEquals)
+	if err != nil {
+		return nil, err
+	}
+
+	return v.userByID(instanceID, query)
 }
 
 func (v *View) UserByLoginName(loginName, instanceID string) (*model.UserView, error) {
-	return view.UserByLoginName(v.Db, userTable, loginName, instanceID)
+	loginNameQuery, err := query.NewUserLoginNamesSearchQuery(loginName)
+	if err != nil {
+		return nil, err
+	}
+
+	return v.userByID(instanceID, loginNameQuery)
 }
 
 func (v *View) UserByLoginNameAndResourceOwner(loginName, resourceOwner, instanceID string) (*model.UserView, error) {
-	return view.UserByLoginNameAndResourceOwner(v.Db, userTable, loginName, resourceOwner, instanceID)
+	loginNameQuery, err := query.NewUserLoginNamesSearchQuery(loginName)
+	if err != nil {
+		return nil, err
+	}
+	resourceOwnerQuery, err := query.NewUserResourceOwnerSearchQuery(resourceOwner, query.TextEquals)
+	if err != nil {
+		return nil, err
+	}
+
+	return v.userByID(instanceID, loginNameQuery, resourceOwnerQuery)
+}
+
+func (v *View) userByID(instanceID string, queries ...query.SearchQuery) (*model.UserView, error) {
+	ctx := authz.WithInstanceID(context.Background(), instanceID)
+
+	queriedUser, err := v.query.GetUser(ctx, true, queries...)
+	if err != nil {
+		return nil, err
+	}
+
+	user, err := view.UserByID(v.Db, userTable, queriedUser.ID, instanceID)
+	if err != nil && !errors.IsNotFound(err) {
+		return nil, err
+	}
+
+	if err != nil {
+		user = new(model.UserView)
+	}
+
+	query, err := view.UserByIDQuery(queriedUser.ID, instanceID, user.Sequence)
+	if err != nil {
+		return nil, err
+	}
+	events, err := v.es.FilterEvents(ctx, query)
+	if err != nil && user.Sequence == 0 {
+		return nil, err
+	} else if err != nil {
+		return user, nil
+	}
+
+	userCopy := *user
+
+	for _, event := range events {
+		if err := user.AppendEvent(event); err != nil {
+			return &userCopy, nil
+		}
+	}
+
+	if user.State == int32(usr_model.UserStateDeleted) {
+		return nil, errors.ThrowNotFound(nil, "VIEW-r4y8r", "Errors.User.NotFound")
+	}
+
+	return user, nil
 }
 
 func (v *View) UsersByOrgID(orgID, instanceID string) ([]*model.UserView, error) {

internal/auth/repository/eventsourcing/view/view.go

@@ -6,6 +6,7 @@ import (
 	"github.com/jinzhu/gorm"
 
 	"github.com/zitadel/zitadel/internal/crypto"
+	eventstore "github.com/zitadel/zitadel/internal/eventstore/v1"
 	"github.com/zitadel/zitadel/internal/id"
 	"github.com/zitadel/zitadel/internal/query"
 )
@@ -15,9 +16,10 @@ type View struct {
 	keyAlgorithm crypto.EncryptionAlgorithm
 	idGenerator  id.Generator
 	query        *query.Queries
+	es           eventstore.Eventstore
 }
 
-func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queries *query.Queries, idGenerator id.Generator) (*View, error) {
+func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queries *query.Queries, idGenerator id.Generator, es eventstore.Eventstore) (*View, error) {
 	gorm, err := gorm.Open("postgres", sqlClient)
 	if err != nil {
 		return nil, err
@@ -27,6 +29,7 @@ func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queri
 		keyAlgorithm: keyAlgorithm,
 		idGenerator:  idGenerator,
 		query:        queries,
+		es:           es,
 	}, nil
 }
 

internal/query/user.go

@@ -292,8 +292,8 @@ var (
 	}
 )
 
-func (q *Queries) GetUserByID(ctx context.Context, shouldTriggered bool, userID string, queries ...SearchQuery) (*User, error) {
+func (q *Queries) GetUserByID(ctx context.Context, shouldTriggerBulk bool, userID string, queries ...SearchQuery) (*User, error) {
-	if shouldTriggered {
+	if shouldTriggerBulk {
 		projection.UserProjection.TriggerBulk(ctx)
 	}
 
@@ -314,7 +314,11 @@ func (q *Queries) GetUserByID(ctx context.Context, shouldTriggered bool, userID
 	return scan(row)
 }
 
-func (q *Queries) GetUser(ctx context.Context, queries ...SearchQuery) (*User, error) {
+func (q *Queries) GetUser(ctx context.Context, shouldTriggerBulk bool, queries ...SearchQuery) (*User, error) {
+	if shouldTriggerBulk {
+		projection.UserProjection.TriggerBulk(ctx)
+	}
+
 	instanceID := authz.GetInstance(ctx).InstanceID()
 	query, scan := prepareUserQuery(instanceID)
 	for _, q := range queries {

internal/static/i18n/fr.yaml

@@ -39,8 +39,8 @@ Errors:
     NotFound: Générateur de secret non trouvé
   SMSConfig:
     NotFound: Configuration SMS non trouvée
-      AlreadyActive: Configuration SMS déjà active
+    AlreadyActive: Configuration SMS déjà active
-      AlreadyDeactivated: Configuration SMS déjà désactivée
+    AlreadyDeactivated: Configuration SMS déjà désactivée
   SMTPConfig:
     NotFound: Configuration SMTP non trouvée
     AlreadyExists: La configuration SMTP existe déjà