feat: Policy (#79)

* policy added * Make it executable * Make it executable, corrections * password age policy added * password lockout policy added * corrections * policy added * Make it executable * Make it executable, corrections * password age policy added * password lockout policy added * corrections * fix(repository): remove second policy * complaints corrected * Init tests * add some tests * more tests added * systemfefaults added * default values load added * check for default value added * fixes * fixed * create policy if not exists * eventstore tests added Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2025-10-18 00:42:29 +00:00 · 2020-05-14 11:48:57 +02:00
parent 767bc5ce6c
commit b9c938594c
46 changed files with 3529 additions and 851 deletions
--- a/internal/management/repository/eventsourcing/policy.go
+++ b/internal/management/repository/eventsourcing/policy.go
@@ -0,0 +1,45 @@
+package eventsourcing
+
+import (
+	"context"
+
+	"github.com/caos/zitadel/internal/api/auth"
+	pol_model "github.com/caos/zitadel/internal/policy/model"
+	pol_event "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
+)
+
+type PolicyRepo struct {
+	PolicyEvents *pol_event.PolicyEventstore
+	//view      *view.View
+}
+
+func (repo *PolicyRepo) CreatePasswordComplexityPolicy(ctx context.Context, policy *pol_model.PasswordComplexityPolicy) (*pol_model.PasswordComplexityPolicy, error) {
+	return repo.PolicyEvents.CreatePasswordComplexityPolicy(ctx, policy)
+}
+func (repo *PolicyRepo) GetPasswordComplexityPolicy(ctx context.Context) (*pol_model.PasswordComplexityPolicy, error) {
+	ctxData := auth.GetCtxData(ctx)
+	return repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, ctxData.OrgID)
+}
+func (repo *PolicyRepo) UpdatePasswordComplexityPolicy(ctx context.Context, policy *pol_model.PasswordComplexityPolicy) (*pol_model.PasswordComplexityPolicy, error) {
+	return repo.PolicyEvents.UpdatePasswordComplexityPolicy(ctx, policy)
+}
+func (repo *PolicyRepo) CreatePasswordAgePolicy(ctx context.Context, policy *pol_model.PasswordAgePolicy) (*pol_model.PasswordAgePolicy, error) {
+	return repo.PolicyEvents.CreatePasswordAgePolicy(ctx, policy)
+}
+func (repo *PolicyRepo) GetPasswordAgePolicy(ctx context.Context) (*pol_model.PasswordAgePolicy, error) {
+	ctxData := auth.GetCtxData(ctx)
+	return repo.PolicyEvents.GetPasswordAgePolicy(ctx, ctxData.OrgID)
+}
+func (repo *PolicyRepo) UpdatePasswordAgePolicy(ctx context.Context, policy *pol_model.PasswordAgePolicy) (*pol_model.PasswordAgePolicy, error) {
+	return repo.PolicyEvents.UpdatePasswordAgePolicy(ctx, policy)
+}
+func (repo *PolicyRepo) CreatePasswordLockoutPolicy(ctx context.Context, policy *pol_model.PasswordLockoutPolicy) (*pol_model.PasswordLockoutPolicy, error) {
+	return repo.PolicyEvents.CreatePasswordLockoutPolicy(ctx, policy)
+}
+func (repo *PolicyRepo) GetPasswordLockoutPolicy(ctx context.Context) (*pol_model.PasswordLockoutPolicy, error) {
+	ctxData := auth.GetCtxData(ctx)
+	return repo.PolicyEvents.GetPasswordLockoutPolicy(ctx, ctxData.OrgID)
+}
+func (repo *PolicyRepo) UpdatePasswordLockoutPolicy(ctx context.Context, policy *pol_model.PasswordLockoutPolicy) (*pol_model.PasswordLockoutPolicy, error) {
+	return repo.PolicyEvents.UpdatePasswordLockoutPolicy(ctx, policy)
+}
--- a/internal/management/repository/eventsourcing/repository.go
+++ b/internal/management/repository/eventsourcing/repository.go
@@ -12,6 +12,7 @@ import (
 	"github.com/caos/zitadel/internal/management/repository/eventsourcing/spooler"
 	mgmt_view "github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
 	es_org "github.com/caos/zitadel/internal/org/repository/eventsourcing"
+	es_pol "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
 	es_proj "github.com/caos/zitadel/internal/project/repository/eventsourcing"
 	es_usr "github.com/caos/zitadel/internal/user/repository/eventsourcing"
 	es_grant "github.com/caos/zitadel/internal/usergrant/repository/eventsourcing"
@@ -30,6 +31,7 @@ type EsRepository struct {
 	eventstore.ProjectRepo
 	eventstore.UserRepo
 	eventstore.UserGrantRepo
+	PolicyRepo
 }

 func Start(conf Config, systemDefaults sd.SystemDefaults) (*EsRepository, error) {
@@ -54,6 +56,13 @@ func Start(conf Config, systemDefaults sd.SystemDefaults) (*EsRepository, error)
 	if err != nil {
 		return nil, err
 	}
+	policy, err := es_pol.StartPolicy(es_pol.PolicyConfig{
+		Eventstore: es,
+		Cache:      conf.Eventstore.Cache,
+	}, systemDefaults)
+	if err != nil {
+		return nil, err
+	}
 	user, err := es_usr.StartUser(es_usr.UserConfig{
 		Eventstore: es,
 		Cache:      conf.Eventstore.Cache,
@@ -79,6 +88,7 @@ func Start(conf Config, systemDefaults sd.SystemDefaults) (*EsRepository, error)
 		ProjectRepo:   eventstore.ProjectRepo{conf.SearchLimit, project, view},
 		UserRepo:      eventstore.UserRepo{conf.SearchLimit, user, view},
 		UserGrantRepo: eventstore.UserGrantRepo{conf.SearchLimit, usergrant, view},
+		PolicyRepo:    PolicyRepo{policy},
 	}, nil
 }