feat: Policy check (#149)

* check password complexity policy * check password complexity policy * fix tests * Update internal/admin/repository/eventsourcing/setup/setup.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * changes for mr Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-10-24 09:20:26 +00:00 · 2020-05-29 08:44:01 +02:00
parent 5a7d44327e
commit a4c7b39552
15 changed files with 477 additions and 61 deletions
--- a/internal/admin/repository/eventsourcing/eventstore/org.go
+++ b/internal/admin/repository/eventsourcing/eventstore/org.go
@@ -10,13 +10,19 @@ import (
 	org_model "github.com/caos/zitadel/internal/org/model"
 	org_es "github.com/caos/zitadel/internal/org/repository/eventsourcing"
 	org_view "github.com/caos/zitadel/internal/org/repository/view"
+	policy_es "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
 	usr_es "github.com/caos/zitadel/internal/user/repository/eventsourcing"
 )

+const (
+	DEFAULT_POLICY = "0"
+)
+
 type OrgRepo struct {
-	Eventstore     eventstore.Eventstore
-	OrgEventstore  *org_es.OrgEventstore
-	UserEventstore *usr_es.UserEventstore
+	Eventstore       eventstore.Eventstore
+	OrgEventstore    *org_es.OrgEventstore
+	UserEventstore   *usr_es.UserEventstore
+	PolicyEventstore *policy_es.PolicyEventstore

 	View *admin_view.View

@@ -24,12 +30,16 @@ type OrgRepo struct {
 }

 func (repo *OrgRepo) SetUpOrg(ctx context.Context, setUp *admin_model.SetupOrg) (*admin_model.SetupOrg, error) {
+	policy, err := repo.PolicyEventstore.GetPasswordComplexityPolicy(ctx, DEFAULT_POLICY)
+	if err != nil {
+		return nil, err
+	}
 	org, aggregates, err := repo.OrgEventstore.PrepareCreateOrg(ctx, setUp.Org)
 	if err != nil {
 		return nil, err
 	}

-	user, userAggregates, err := repo.UserEventstore.PrepareCreateUser(ctx, setUp.User, org.AggregateID)
+	user, userAggregates, err := repo.UserEventstore.PrepareCreateUser(ctx, setUp.User, policy, org.AggregateID)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/admin/repository/eventsourcing/eventstore/user.go
+++ b/internal/admin/repository/eventsourcing/eventstore/user.go
@@ -2,12 +2,15 @@ package eventstore

 import (
 	"context"
+	"github.com/caos/zitadel/internal/api/auth"
+	policy_event "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
 	usr_model "github.com/caos/zitadel/internal/user/model"
 	usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
 )

 type UserRepo struct {
-	UserEvents *usr_event.UserEventstore
+	UserEvents   *usr_event.UserEventstore
+	PolicyEvents *policy_event.PolicyEventstore
 }

 func (repo *UserRepo) UserByID(ctx context.Context, id string) (project *usr_model.User, err error) {
@@ -15,9 +18,21 @@ func (repo *UserRepo) UserByID(ctx context.Context, id string) (project *usr_mod
 }

 func (repo *UserRepo) CreateUser(ctx context.Context, user *usr_model.User) (*usr_model.User, error) {
-	return repo.UserEvents.CreateUser(ctx, user)
+	policy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, auth.GetCtxData(ctx).OrgID)
+	if err != nil {
+		return nil, err
+	}
+	return repo.UserEvents.CreateUser(ctx, user, policy)
 }

 func (repo *UserRepo) RegisterUser(ctx context.Context, user *usr_model.User, resourceOwner string) (*usr_model.User, error) {
-	return repo.UserEvents.RegisterUser(ctx, user, resourceOwner)
+	policyResourceOwner := auth.GetCtxData(ctx).OrgID
+	if resourceOwner != "" {
+		policyResourceOwner = resourceOwner
+	}
+	policy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, policyResourceOwner)
+	if err != nil {
+		return nil, err
+	}
+	return repo.UserEvents.RegisterUser(ctx, user, policy, resourceOwner)
 }