TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 11:47:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Privacy policy (#1957)

Browse Source 
* feat: command side privacy policy

* feat: add privacy policy to api

* feat: add privacy policy query side

* fix: add privacy policy to mgmt api

* fix: add privacy policy to auth and base data

* feat: use privacyPolicy in login gui

* feat: use privacyPolicy in login gui

* feat: test org fatures

* feat: typos

* feat: tos in register
This commit is contained in:
Fabi
2021-07-05 10:36:51 +02:00
committed by GitHub
parent 91f1c88d4e
commit beb1c1604a
75 changed files with 3171 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
internal/auth/repository/eventsourcing/eventstore/auth_request.go
View File

@@ -440,6 +440,11 @@ func (repo *AuthRequestRepo) fillLoginPolicy(ctx context.Context, request *domai
if idpProviders != nil {
request.AllowedExternalIDPs = idpProviders
}
privacyPolicy, err := repo.getPrivacyPolicy(ctx, orgID)
if err != nil {
return err
}
request.PrivacyPolicy = privacyPolicy
labelPolicy, err := repo.getLabelPolicy(ctx, orgID)
if err != nil {
return err
@@ -719,6 +724,21 @@ func (repo *AuthRequestRepo) getLoginPolicy(ctx context.Context, orgID string) (
return iam_es_model.LoginPolicyViewToModel(policy), err
}
func (repo *AuthRequestRepo) getPrivacyPolicy(ctx context.Context, orgID string) (*domain.PrivacyPolicy, error) {
policy, err := repo.View.PrivacyPolicyByAggregateID(orgID)
if errors.IsNotFound(err) {
policy, err = repo.View.PrivacyPolicyByAggregateID(repo.IAMID)
if err != nil {
return nil, err
}
policy.Default = true
}
if err != nil {
return nil, err
}
return policy.ToDomain(), err
}
func (repo *AuthRequestRepo) getLabelPolicy(ctx context.Context, orgID string) (*domain.LabelPolicy, error) {
policy, err := repo.View.LabelPolicyByAggregateIDAndState(orgID, int32(domain.LabelPolicyStateActive))
if errors.IsNotFound(err) {

8
internal/auth/repository/eventsourcing/eventstore/org.go
View File

@@ -115,3 +115,11 @@ func (repo *OrgRepository) GetLabelPolicy(ctx context.Context, orgID string) (*i
}
return iam_view_model.LabelPolicyViewToModel(orgPolicy), nil
}
func (repo *OrgRepository) GetDefaultPrivacyPolicy(ctx context.Context) (*iam_model.PrivacyPolicyView, error) {
policy, err := repo.View.PrivacyPolicyByAggregateID(repo.SystemDefaults.IamID)
if err != nil {
return nil, err
}
return iam_view_model.PrivacyViewToModel(policy), nil
}

1
internal/auth/repository/eventsourcing/handler/handler.go
View File

@@ -70,6 +70,7 @@ func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es
newLabelPolicy(handler{view, bulkLimit, configs.cycleDuration("LabelPolicy"), errorCount, es}),
newFeatures(handler{view, bulkLimit, configs.cycleDuration("Features"), errorCount, es}),
newRefreshToken(handler{view, bulkLimit, configs.cycleDuration("RefreshToken"), errorCount, es}),
newPrivacyPolicy(handler{view, bulkLimit, configs.cycleDuration("PrivacyPolicy"), errorCount, es}),
}
}

106
internal/auth/repository/eventsourcing/handler/privacy_policy.go Normal file
View File

@@ -0,0 +1,106 @@
package handler
import (
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/v1"
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
"github.com/caos/zitadel/internal/eventstore/v1/query"
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
iam_model "github.com/caos/zitadel/internal/iam/repository/view/model"
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
)
const (
privacyPolicyTable = "auth.privacy_policies"
)
type PrivacyPolicy struct {
handler
subscription *v1.Subscription
}
func newPrivacyPolicy(handler handler) *PrivacyPolicy {
h := &PrivacyPolicy{
handler: handler,
}
h.subscribe()
return h
}
func (p *PrivacyPolicy) subscribe() {
p.subscription = p.es.Subscribe(p.AggregateTypes()...)
go func() {
for event := range p.subscription.Events {
query.ReduceEvent(p, event)
}
}()
}
func (p *PrivacyPolicy) ViewModel() string {
return privacyPolicyTable
}
func (p *PrivacyPolicy) AggregateTypes() []es_models.AggregateType {
return []es_models.AggregateType{model.OrgAggregate, iam_es_model.IAMAggregate}
}
func (p *PrivacyPolicy) CurrentSequence() (uint64, error) {
sequence, err := p.view.GetLatestPrivacyPolicySequence()
if err != nil {
return 0, err
}
return sequence.CurrentSequence, nil
}
func (p *PrivacyPolicy) EventQuery() (*es_models.SearchQuery, error) {
sequence, err := p.view.GetLatestPrivacyPolicySequence()
if err != nil {
return nil, err
}
return es_models.NewSearchQuery().
AggregateTypeFilter(p.AggregateTypes()...).
LatestSequenceFilter(sequence.CurrentSequence), nil
}
func (p *PrivacyPolicy) Reduce(event *es_models.Event) (err error) {
switch event.AggregateType {
case model.OrgAggregate, iam_es_model.IAMAggregate:
err = p.processPrivacyPolicy(event)
}
return err
}
func (p *PrivacyPolicy) processPrivacyPolicy(event *es_models.Event) (err error) {
policy := new(iam_model.PrivacyPolicyView)
switch event.Type {
case iam_es_model.PrivacyPolicyAdded, model.PrivacyPolicyAdded:
err = policy.AppendEvent(event)
case iam_es_model.PrivacyPolicyChanged, model.PrivacyPolicyChanged:
policy, err = p.view.PrivacyPolicyByAggregateID(event.AggregateID)
if err != nil {
return err
}
err = policy.AppendEvent(event)
case model.PrivacyPolicyRemoved:
return p.view.DeletePrivacyPolicy(event.AggregateID, event)
default:
return p.view.ProcessedPrivacyPolicySequence(event)
}
if err != nil {
return err
}
return p.view.PutPrivacyPolicy(policy, event)
}
func (p *PrivacyPolicy) OnError(event *es_models.Event, err error) error {
logging.LogWithFields("SPOOL-4N8sw", "id", event.AggregateID).WithError(err).Warn("something went wrong in privacy policy handler")
return spooler.HandleError(event, err, p.view.GetLatestPrivacyPolicyFailedEvent, p.view.ProcessedPrivacyPolicyFailedEvent, p.view.ProcessedPrivacyPolicySequence, p.errorCountUntilSkip)
}
func (p *PrivacyPolicy) OnSuccess() error {
return spooler.HandleSuccess(p.view.UpdatePrivacyPolicySpoolerRunTimestamp)
}

53
internal/auth/repository/eventsourcing/view/privacy_policy.go Normal file
View File

@@ -0,0 +1,53 @@
package view
import (
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/eventstore/v1/models"
"github.com/caos/zitadel/internal/iam/repository/view"
"github.com/caos/zitadel/internal/iam/repository/view/model"
global_view "github.com/caos/zitadel/internal/view/repository"
)
const (
privacyPolicyTable = "auth.privacy_policies"
)
func (v *View) PrivacyPolicyByAggregateID(aggregateID string) (*model.PrivacyPolicyView, error) {
return view.GetPrivacyPolicyByAggregateID(v.Db, privacyPolicyTable, aggregateID)
}
func (v *View) PutPrivacyPolicy(policy *model.PrivacyPolicyView, event *models.Event) error {
err := view.PutPrivacyPolicy(v.Db, privacyPolicyTable, policy)
if err != nil {
return err
}
return v.ProcessedPrivacyPolicySequence(event)
}
func (v *View) DeletePrivacyPolicy(aggregateID string, event *models.Event) error {
err := view.DeletePrivacyPolicy(v.Db, privacyPolicyTable, aggregateID)
if err != nil && !errors.IsNotFound(err) {
return err
}
return v.ProcessedPrivacyPolicySequence(event)
}
func (v *View) GetLatestPrivacyPolicySequence() (*global_view.CurrentSequence, error) {
return v.latestSequence(privacyPolicyTable)
}
func (v *View) ProcessedPrivacyPolicySequence(event *models.Event) error {
return v.saveCurrentSequence(privacyPolicyTable, event)
}
func (v *View) UpdatePrivacyPolicySpoolerRunTimestamp() error {
return v.updateSpoolerRunSequence(privacyPolicyTable)
}
func (v *View) GetLatestPrivacyPolicyFailedEvent(sequence uint64) (*global_view.FailedEvent, error) {
return v.latestFailedEvent(privacyPolicyTable, sequence)
}
func (v *View) ProcessedPrivacyPolicyFailedEvent(failedEvent *global_view.FailedEvent) error {
return v.saveFailedEvent(failedEvent)
}