diff --git a/docs/local.md b/docs/local.md index 968aff6373..5199498666 100644 --- a/docs/local.md +++ b/docs/local.md @@ -31,3 +31,4 @@ cockroachdb/cockroach:v19.2.2 start --insecure #### Should show eventstore, management, admin, auth `show databases;` + diff --git a/internal/api/auth/permissions.go b/internal/api/auth/permissions.go index c0e222c093..07be8a0f03 100644 --- a/internal/api/auth/permissions.go +++ b/internal/api/auth/permissions.go @@ -15,6 +15,9 @@ func getUserMethodPermissions(ctx context.Context, t TokenVerifier, requiredPerm if err != nil { return nil, nil, err } + if grant == nil { + return context.WithValue(ctx, permissionsKey, []string{}), []string{}, nil + } permissions := mapGrantToPermissions(requiredPerm, grant, authConfig) return context.WithValue(ctx, permissionsKey, permissions), permissions, nil } diff --git a/internal/authz/repository/eventsourcing/eventstore/user_grant.go b/internal/authz/repository/eventsourcing/eventstore/user_grant.go index 80e41bfe30..492db677a0 100644 --- a/internal/authz/repository/eventsourcing/eventstore/user_grant.go +++ b/internal/authz/repository/eventsourcing/eventstore/user_grant.go @@ -47,6 +47,9 @@ func (repo *UserGrantRepo) SearchMyZitadelPermissions(ctx context.Context) ([]st return nil, err } + if grant == nil { + return []string{}, nil + } permissions := &grant_model.Permissions{Permissions: []string{}} for _, role := range grant.Roles { roleName, ctxID := auth.SplitPermission(role) diff --git a/internal/user/repository/eventsourcing/user.go b/internal/user/repository/eventsourcing/user.go index 43eca25d6d..3bbfd67078 100644 --- a/internal/user/repository/eventsourcing/user.go +++ b/internal/user/repository/eventsourcing/user.go @@ -282,7 +282,7 @@ func InitCodeVerifiedAggregate(aggCreator *es_models.AggregateCreator, existing return nil, err } } - if password != nil { + if password != nil && password.Secret != nil { agg, err = agg.AppendEvent(model.UserPasswordChanged, password) if err != nil { return nil, err diff --git a/internal/user/repository/eventsourcing/user_test.go b/internal/user/repository/eventsourcing/user_test.go index da0760a356..3bb063a46f 100644 --- a/internal/user/repository/eventsourcing/user_test.go +++ b/internal/user/repository/eventsourcing/user_test.go @@ -2,6 +2,7 @@ package eventsourcing import ( "context" + "github.com/caos/zitadel/internal/crypto" "testing" "time" @@ -756,12 +757,11 @@ func TestInitCodeVerifiedAggregate(t *testing.T) { Profile: &model.Profile{UserName: "UserName"}, Email: &model.Email{EmailAddress: "EmailAddress", IsEmailVerified: true}, }, - password: &model.Password{ChangeRequired: false}, aggCreator: models.NewAggregateCreator("Test"), }, res: res{ - eventLen: 2, - eventTypes: []models.EventType{model.UserPasswordChanged, model.InitializedUserCheckSucceeded}, + eventLen: 1, + eventTypes: []models.EventType{model.InitializedUserCheckSucceeded}, }, }, { @@ -772,7 +772,7 @@ func TestInitCodeVerifiedAggregate(t *testing.T) { Profile: &model.Profile{UserName: "UserName"}, Email: &model.Email{EmailAddress: "EmailAddress"}, }, - password: &model.Password{ChangeRequired: false}, + password: &model.Password{Secret: &crypto.CryptoValue{}, ChangeRequired: false}, aggCreator: models.NewAggregateCreator("Test"), }, res: res{