TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 20:57:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: check login policy before register and password check (#2611)

Browse Source 
* fix: check login policy before register and password check

* remove accidentally pushed overwrite

* Update en.yaml
This commit is contained in:
Livio Amstutz
2021-11-08 08:42:07 +01:00
committed by GitHub
parent 17e00f8204
commit af1f10b7ca
7 changed files with 339 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

114
internal/command/user_human_password_test.go
View File

@@ -1125,11 +1125,73 @@ func TestCommandSide_CheckPassword(t *testing.T) {
err: caos_errs.IsErrorInvalidArgument,
},
},
{
name: "login policy not found, precondition error",
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(),
expectFilter(),
),
},
args: args{
ctx: context.Background(),
userID: "user1",
resourceOwner: "org1",
password: "password",
},
res: res{
err: caos_errs.IsPreconditionFailed,
},
},
{
name: "login policy login password not allowed, precondition error",
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
false,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
),
},
args: args{
ctx: context.Background(),
userID: "user1",
resourceOwner: "org1",
password: "password",
},
res: res{
err: caos_errs.IsPreconditionFailed,
},
},
{
name: "user not existing, precondition error",
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
true,
false,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectFilter(),
),
},
@@ -1148,6 +1210,19 @@ func TestCommandSide_CheckPassword(t *testing.T) {
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
true,
false,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectFilter(
eventFromEventPusher(
user.NewHumanAddedEvent(context.Background(),
@@ -1182,6 +1257,19 @@ func TestCommandSide_CheckPassword(t *testing.T) {
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
true,
false,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectFilter(
eventFromEventPusher(
user.NewHumanAddedEvent(context.Background(),
@@ -1250,6 +1338,19 @@ func TestCommandSide_CheckPassword(t *testing.T) {
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
true,
false,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectFilter(
eventFromEventPusher(
user.NewHumanAddedEvent(context.Background(),
@@ -1325,6 +1426,19 @@ func TestCommandSide_CheckPassword(t *testing.T) {
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
true,
false,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectFilter(
eventFromEventPusher(
user.NewHumanAddedEvent(context.Background(),