fix(permissions_v2): add membership fields migration (#9199)

# Which Problems Are Solved Memberships did not have a fields table fill migration. # How the Problems Are Solved Add filling of membership fields to the repeatable steps. # Additional Changes - Use the same repeatable step for multiple fill fields handlers. - Fix an error for PostgreSQL 15 where a subquery in a `FROM` clause needs an alias ing the `permitted_orgs` function. # Additional Context - Part of https://github.com/zitadel/zitadel/issues/9188 - Introduced in https://github.com/zitadel/zitadel/pull/9152
2025-08-11 18:07:31 +00:00 · 2025-01-17 16:16:26 +01:00
parent 9532c9bea5
commit 94cbf97534
22 changed files with 164 additions and 105 deletions
--- a/cmd/setup/41.go
+++ b/cmd/setup/41.go
@@ -1,44 +0,0 @@
-package setup
-
-import (
-	"context"
-
-	"github.com/zitadel/zitadel/internal/api/authz"
-	"github.com/zitadel/zitadel/internal/eventstore"
-	"github.com/zitadel/zitadel/internal/query/projection"
-	"github.com/zitadel/zitadel/internal/repository/instance"
-)
-
-type FillFieldsForInstanceDomains struct {
-	eventstore *eventstore.Eventstore
-}
-
-func (mig *FillFieldsForInstanceDomains) Execute(ctx context.Context, _ eventstore.Event) error {
-	instances, err := mig.eventstore.InstanceIDs(
-		ctx,
-		eventstore.NewSearchQueryBuilder(eventstore.ColumnsInstanceIDs).
-			OrderDesc().
-			AddQuery().
-			AggregateTypes("instance").
-			EventTypes(instance.InstanceAddedEventType).
-			Builder(),
-	)
-	if err != nil {
-		return err
-	}
-	for _, instance := range instances {
-		ctx := authz.WithInstanceID(ctx, instance)
-		if err := projection.InstanceDomainFields.Trigger(ctx); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (mig *FillFieldsForInstanceDomains) String() string {
-	return "repeatable_fill_fields_for_instance_domains"
-}
-
-func (f *FillFieldsForInstanceDomains) Check(lastRun map[string]interface{}) bool {
-	return true
-}
--- a/cmd/setup/46/06-permitted_orgs_function.sql
+++ b/cmd/setup/46/06-permitted_orgs_function.sql
@@ -44,7 +44,7 @@ BEGIN
 		WHERE om.role = ANY(matched_roles)
 		AND om.instance_id = instanceID
 		AND om.user_id = userId
-	);
+	) AS orgs;
    RETURN;
 END;
 $$;
--- a/cmd/setup/fill_fields.go
+++ b/cmd/setup/fill_fields.go
@@ -0,0 +1,51 @@
+package setup
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/zitadel/logging"
+
+	"github.com/zitadel/zitadel/internal/api/authz"
+	"github.com/zitadel/zitadel/internal/eventstore"
+	"github.com/zitadel/zitadel/internal/eventstore/handler/v2"
+	"github.com/zitadel/zitadel/internal/repository/instance"
+)
+
+type RepeatableFillFields struct {
+	eventstore *eventstore.Eventstore
+	handlers   []*handler.FieldHandler
+}
+
+func (mig *RepeatableFillFields) Execute(ctx context.Context, _ eventstore.Event) error {
+	instances, err := mig.eventstore.InstanceIDs(
+		ctx,
+		eventstore.NewSearchQueryBuilder(eventstore.ColumnsInstanceIDs).
+			OrderDesc().
+			AddQuery().
+			AggregateTypes(instance.AggregateType).
+			EventTypes(instance.InstanceAddedEventType).
+			Builder(),
+	)
+	if err != nil {
+		return err
+	}
+	for _, instance := range instances {
+		ctx := authz.WithInstanceID(ctx, instance)
+		for _, handler := range mig.handlers {
+			logging.WithFields("migration", mig.String(), "instance_id", instance, "handler", handler.String()).Info("run fields trigger")
+			if err := handler.Trigger(ctx); err != nil {
+				return fmt.Errorf("%s: %s: %w", mig.String(), handler.String(), err)
+			}
+		}
+	}
+	return nil
+}
+
+func (mig *RepeatableFillFields) String() string {
+	return "repeatable_fill_fields"
+}
+
+func (f *RepeatableFillFields) Check(lastRun map[string]interface{}) bool {
+	return true
+}
--- a/cmd/setup/setup.go
+++ b/cmd/setup/setup.go
@@ -28,6 +28,7 @@ import (
 	"github.com/zitadel/zitadel/internal/database"
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/eventstore"
+	"github.com/zitadel/zitadel/internal/eventstore/handler/v2"
 	old_es "github.com/zitadel/zitadel/internal/eventstore/repository/sql"
 	new_es "github.com/zitadel/zitadel/internal/eventstore/v3"
 	"github.com/zitadel/zitadel/internal/i18n"
@@ -189,8 +190,12 @@ func Setup(ctx context.Context, config *Config, steps *Steps, masterKey string)
 		&DeleteStaleOrgFields{
 			eventstore: eventstoreClient,
 		},
-		&FillFieldsForInstanceDomains{
+		&RepeatableFillFields{
 			eventstore: eventstoreClient,
+			handlers: []*handler.FieldHandler{
+				projection.InstanceDomainFields,
+				projection.MembershipFields,
+			},
 		},
 		&SyncRolePermissions{
 			eventstore:             eventstoreClient,