feat: Policy (#79)

* policy added * Make it executable * Make it executable, corrections * password age policy added * password lockout policy added * corrections * policy added * Make it executable * Make it executable, corrections * password age policy added * password lockout policy added * corrections * fix(repository): remove second policy * complaints corrected * Init tests * add some tests * more tests added * systemfefaults added * default values load added * check for default value added * fixes * fixed * create policy if not exists * eventstore tests added Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2025-11-10 11:43:46 +00:00 · 2020-05-14 11:48:57 +02:00
parent 767bc5ce6c
commit b9c938594c
46 changed files with 3529 additions and 851 deletions
--- a/internal/policy/repository/eventsourcing/policy_lockout.go
+++ b/internal/policy/repository/eventsourcing/policy_lockout.go
@@ -0,0 +1,53 @@
+package eventsourcing
+
+import (
+	"context"
+
+	"github.com/caos/zitadel/internal/errors"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/policy/model"
+)
+
+func PasswordLockoutPolicyQuery(recourceOwner string, latestSequence uint64) *es_models.SearchQuery {
+	return es_models.NewSearchQuery().
+		AggregateTypeFilter(model.PasswordLockoutPolicyAggregate).
+		LatestSequenceFilter(latestSequence).
+		ResourceOwnerFilter(recourceOwner)
+
+}
+
+func PasswordLockoutPolicyAggregate(ctx context.Context, aggCreator *es_models.AggregateCreator, policy *PasswordLockoutPolicy) (*es_models.Aggregate, error) {
+	if policy == nil {
+		return nil, errors.ThrowPreconditionFailed(nil, "EVENT-aTRlj", "existing policy should not be nil")
+	}
+	return aggCreator.NewAggregate(ctx, policy.AggregateID, model.PasswordLockoutPolicyAggregate, policyLockoutVersion, policy.Sequence)
+}
+
+func PasswordLockoutPolicyCreateAggregate(aggCreator *es_models.AggregateCreator, policy *PasswordLockoutPolicy) func(ctx context.Context) (*es_models.Aggregate, error) {
+	return func(ctx context.Context) (*es_models.Aggregate, error) {
+		if policy == nil {
+			return nil, errors.ThrowPreconditionFailed(nil, "EVENT-kdie6", "policy should not be nil")
+		}
+
+		agg, err := PasswordLockoutPolicyAggregate(ctx, aggCreator, policy)
+		if err != nil {
+			return nil, err
+		}
+
+		return agg.AppendEvent(model.PasswordLockoutPolicyAdded, policy)
+	}
+}
+
+func PasswordLockoutPolicyUpdateAggregate(aggCreator *es_models.AggregateCreator, existing *PasswordLockoutPolicy, new *PasswordLockoutPolicy) func(ctx context.Context) (*es_models.Aggregate, error) {
+	return func(ctx context.Context) (*es_models.Aggregate, error) {
+		if new == nil {
+			return nil, errors.ThrowPreconditionFailed(nil, "EVENT-dhr74", "new policy should not be nil")
+		}
+		agg, err := PasswordLockoutPolicyAggregate(ctx, aggCreator, existing)
+		if err != nil {
+			return nil, err
+		}
+		changes := existing.LockoutChanges(new)
+		return agg.AppendEvent(model.PasswordLockoutPolicyChanged, changes)
+	}
+}