fix(authz): fix user grant handler (#795)

2024-12-13 19:44:21 +00:00 · 2020-09-30 10:29:41 +02:00 · 2020-09-30 10:29:41 +02:00 · bdcf9fcc5c
commit bdcf9fcc5c
parent c2e046548e
2 changed files with 17 additions and 8 deletions
--- a/internal/auth/repository/eventsourcing/handler/user_grant.go
+++ b/internal/auth/repository/eventsourcing/handler/user_grant.go
@ -71,7 +71,7 @@ func (u *UserGrant) Reduce(event *models.Event) (err error) {
 	case proj_es_model.ProjectAggregate:
 		err = u.processProject(event)
 	case iam_es_model.IAMAggregate:
-		err = u.processIamMember(event, "IAM", false)
+		err = u.processIAMMember(event, "IAM", false)
 	case org_es_model.OrgAggregate:
 		return u.processOrg(event)
 	}
@ -132,7 +132,6 @@ func (u *UserGrant) processUser(event *models.Event) (err error) {
 	default:
 		return u.view.ProcessedUserGrantSequence(event.Sequence)
 	}
 	return nil
 }
 func (u *UserGrant) processProject(event *models.Event) (err error) {
@ -161,7 +160,6 @@ func (u *UserGrant) processProject(event *models.Event) (err error) {
 	default:
 		return u.view.ProcessedUserGrantSequence(event.Sequence)
 	}
 	return nil
 }
 func (u *UserGrant) processOrg(event *models.Event) (err error) {
@ -175,7 +173,7 @@ func (u *UserGrant) processOrg(event *models.Event) (err error) {
 	}
 }
-func (u *UserGrant) processIamMember(event *models.Event, rolePrefix string, suffix bool) error {
+func (u *UserGrant) processIAMMember(event *models.Event, rolePrefix string, suffix bool) error {
 	member := new(iam_es_model.IAMMember)
 	switch event.Type {
--- a/internal/authz/repository/eventsourcing/handler/user_grant.go
+++ b/internal/authz/repository/eventsourcing/handler/user_grant.go
@ -57,7 +57,7 @@ func (u *UserGrant) Reduce(event *models.Event) (err error) {
 	case proj_es_model.ProjectAggregate:
 		err = u.processProject(event)
 	case iam_es_model.IAMAggregate:
-		err = u.processIamMember(event, "IAM", false)
+		err = u.processIAMMember(event, "IAM", false)
 	case org_es_model.OrgAggregate:
 		return u.processOrg(event)
 	}
@ -90,7 +90,7 @@ func (u *UserGrant) processOrg(event *models.Event) (err error) {
 	}
 }
-func (u *UserGrant) processIamMember(event *models.Event, rolePrefix string, suffix bool) error {
+func (u *UserGrant) processIAMMember(event *models.Event, rolePrefix string, suffix bool) error {
 	member := new(iam_es_model.IAMMember)
 	switch event.Type {
@ -158,6 +158,7 @@ func (u *UserGrant) processMember(event *models.Event, rolePrefix, roleSuffix st
 				RoleKeys:      roleKeys,
 				CreationDate:  event.CreationDate,
 			}
 		} else {
 			newRoles := roleKeys
 			if grant.RoleKeys != nil {
@ -174,10 +175,20 @@ func (u *UserGrant) processMember(event *models.Event, rolePrefix, roleSuffix st
 		proj_es_model.ProjectGrantMemberRemoved:
 		grant, err := u.view.UserGrantByIDs(event.ResourceOwner, u.iamProjectID, userID)
-		if err != nil {
+		if err != nil && !errors.IsNotFound(err) {
 			return err
 		}
-		return u.view.DeleteUserGrant(grant.ID, event.Sequence)
+		if errors.IsNotFound(err) {
 			return u.view.ProcessedUserGrantSequence(event.Sequence)
 		}
 		if roleSuffix != "" {
 			roleKeys = suffixRoles(roleSuffix, roleKeys)
 		}
 		if grant.RoleKeys == nil {
 			return u.view.ProcessedUserGrantSequence(event.Sequence)
 		}
 		grant.RoleKeys = mergeExistingRoles(rolePrefix, roleSuffix, grant.RoleKeys, nil)
 		return u.view.PutUserGrant(grant, event.Sequence)
 	default:
 		return u.view.ProcessedUserGrantSequence(event.Sequence)
 	}