TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 19:07:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: check login policy before register and password check (#2611)

Browse Source 
* fix: check login policy before register and password check

* remove accidentally pushed overwrite

* Update en.yaml
This commit is contained in:
Livio Amstutz
2021-11-08 08:42:07 +01:00
committed by GitHub
parent 17e00f8204
commit af1f10b7ca
7 changed files with 339 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

194
internal/command/user_human_test.go
View File

@@ -1531,6 +1531,109 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
err: caos_errs.IsPreconditionFailed,
},
},
{
name: "login policy not found, precondition error",
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewOrgIAMPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
true,
),
),
),
expectFilter(
eventFromEventPusher(
org.NewPasswordComplexityPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
1,
false,
false,
false,
false,
),
),
),
expectFilter(),
expectFilter(),
),
},
args: args{
ctx: context.Background(),
orgID: "org1",
human: &domain.Human{
Username: "username",
Profile: &domain.Profile{
FirstName: "firstname",
},
Password: &domain.Password{
SecretString: "password",
},
},
},
res: res{
err: caos_errs.IsPreconditionFailed,
},
},
{
name: "login policy registration not allowed, precondition error",
fields: fields{
eventstore: eventstoreExpect(
t,
expectFilter(
eventFromEventPusher(
org.NewOrgIAMPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
true,
),
),
),
expectFilter(
eventFromEventPusher(
org.NewPasswordComplexityPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
1,
false,
false,
false,
false,
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
false,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
),
},
args: args{
ctx: context.Background(),
orgID: "org1",
human: &domain.Human{
Username: "username",
Profile: &domain.Profile{
FirstName: "firstname",
},
Password: &domain.Password{
SecretString: "password",
},
},
},
res: res{
err: caos_errs.IsPreconditionFailed,
},
},
{
name: "user invalid, invalid argument error",
fields: fields{
@@ -1556,6 +1659,19 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
true,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
),
},
args: args{
@@ -1600,6 +1716,19 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
true,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectFilter(
eventFromEventPusher(
org.NewDomainAddedEvent(context.Background(),
@@ -1661,6 +1790,19 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
true,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectFilter(
eventFromEventPusher(
org.NewDomainAddedEvent(context.Background(),
@@ -1780,6 +1922,19 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
true,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectPush(
[]*repository.Event{
eventFromEventPusher(
@@ -1867,6 +2022,19 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
true,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectPush(
[]*repository.Event{
eventFromEventPusher(
@@ -1948,6 +2116,19 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
true,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectPush(
[]*repository.Event{
eventFromEventPusher(
@@ -2051,6 +2232,19 @@ func TestCommandSide_RegisterHuman(t *testing.T) {
),
),
),
expectFilter(
eventFromEventPusher(
org.NewLoginPolicyAddedEvent(context.Background(),
&org.NewAggregate("org1", "org1").Aggregate,
false,
true,
false,
false,
false,
domain.PasswordlessTypeNotAllowed,
),
),
),
expectPush(
[]*repository.Event{
eventFromEventPusher(