feat: new projects (#1207)

* fix: project events * fix: project events * fix: project events * fix: eventmapper * fix: project commands * fix: project role commands * fix: project command side * fix: oidc application * fix: oidc application * fix: reduce * fix: reduce * fix: project member * fix: project grant command side * fix: application command side * fix: project grant member remove * Update internal/v2/command/project.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/project.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/project_application.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/project_application.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/project_application.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: oidc application string pw * fix: project events * fix: project grant member * feat: change application to interface Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-10-19 07:52:21 +00:00 · 2021-01-28 06:35:26 +01:00
parent dfcb96d6a3
commit c65331df1a
58 changed files with 3746 additions and 965 deletions
--- a/internal/management/repository/eventsourcing/eventstore/project.go
+++ b/internal/management/repository/eventsourcing/eventstore/project.go
@@ -9,18 +9,13 @@ import (
 	"github.com/caos/zitadel/internal/api/authz"
 	caos_errs "github.com/caos/zitadel/internal/errors"
 	es_int "github.com/caos/zitadel/internal/eventstore"
-	"github.com/caos/zitadel/internal/eventstore/models"
-	es_models "github.com/caos/zitadel/internal/eventstore/models"
-	es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
 	iam_event "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
 	"github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
 	global_model "github.com/caos/zitadel/internal/model"
 	proj_model "github.com/caos/zitadel/internal/project/model"
 	proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
-	es_proj_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
 	"github.com/caos/zitadel/internal/project/repository/view/model"
 	usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
-	usr_grant_model "github.com/caos/zitadel/internal/usergrant/model"
 	usr_grant_event "github.com/caos/zitadel/internal/usergrant/repository/eventsourcing"
 )

@@ -68,54 +63,6 @@ func (repo *ProjectRepo) ProjectByID(ctx context.Context, id string) (*proj_mode
 	return model.ProjectToModel(project), nil
 }

-func (repo *ProjectRepo) CreateProject(ctx context.Context, project *proj_model.Project) (*proj_model.Project, error) {
-	ctxData := authz.GetCtxData(ctx)
-	iam, err := repo.IAMEvents.IAMByID(ctx, repo.IAMID)
-	if err != nil {
-		return nil, err
-	}
-	return repo.ProjectEvents.CreateProject(ctx, project, iam.GlobalOrgID == ctxData.OrgID)
-}
-
-func (repo *ProjectRepo) UpdateProject(ctx context.Context, project *proj_model.Project) (*proj_model.Project, error) {
-	return repo.ProjectEvents.UpdateProject(ctx, project)
-}
-
-func (repo *ProjectRepo) DeactivateProject(ctx context.Context, id string) (*proj_model.Project, error) {
-	return repo.ProjectEvents.DeactivateProject(ctx, id)
-}
-
-func (repo *ProjectRepo) ReactivateProject(ctx context.Context, id string) (*proj_model.Project, error) {
-	return repo.ProjectEvents.ReactivateProject(ctx, id)
-}
-
-func (repo *ProjectRepo) RemoveProject(ctx context.Context, projectID string) error {
-	proj := proj_model.NewProject(projectID)
-	aggregates := make([]*es_models.Aggregate, 0)
-	project, agg, err := repo.ProjectEvents.PrepareRemoveProject(ctx, proj)
-	if err != nil {
-		return err
-	}
-	aggregates = append(aggregates, agg)
-
-	// remove user_grants
-	usergrants, err := repo.View.UserGrantsByProjectID(projectID)
-	if err != nil {
-		return err
-	}
-	for _, grant := range usergrants {
-		_, aggs, err := repo.UserGrantEvents.PrepareRemoveUserGrant(ctx, grant.ID, true)
-		if err != nil {
-			return err
-		}
-		for _, agg := range aggs {
-			aggregates = append(aggregates, agg)
-		}
-	}
-
-	return es_sdk.PushAggregates(ctx, repo.Eventstore.PushAggregates, project.AppendEvents, aggregates...)
-}
-
 func (repo *ProjectRepo) SearchProjects(ctx context.Context, request *proj_model.ProjectViewSearchRequest) (*proj_model.ProjectViewSearchResponse, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	sequence, sequenceErr := repo.View.GetLatestProjectSequence("")
@@ -183,19 +130,6 @@ func (repo *ProjectRepo) ProjectMemberByID(ctx context.Context, projectID, userI
 	return model.ProjectMemberToModel(member), nil
 }

-func (repo *ProjectRepo) AddProjectMember(ctx context.Context, member *proj_model.ProjectMember) (*proj_model.ProjectMember, error) {
-	return repo.ProjectEvents.AddProjectMember(ctx, member)
-}
-
-func (repo *ProjectRepo) ChangeProjectMember(ctx context.Context, member *proj_model.ProjectMember) (*proj_model.ProjectMember, error) {
-	return repo.ProjectEvents.ChangeProjectMember(ctx, member)
-}
-
-func (repo *ProjectRepo) RemoveProjectMember(ctx context.Context, projectID, userID string) error {
-	member := proj_model.NewProjectMember(projectID, userID)
-	return repo.ProjectEvents.RemoveProjectMember(ctx, member)
-}
-
 func (repo *ProjectRepo) SearchProjectMembers(ctx context.Context, request *proj_model.ProjectMemberSearchRequest) (*proj_model.ProjectMemberSearchResponse, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	sequence, sequenceErr := repo.View.GetLatestProjectMemberSequence("")
@@ -217,56 +151,6 @@ func (repo *ProjectRepo) SearchProjectMembers(ctx context.Context, request *proj
 	return result, nil
 }

-func (repo *ProjectRepo) AddProjectRole(ctx context.Context, role *proj_model.ProjectRole) (*proj_model.ProjectRole, error) {
-	return repo.ProjectEvents.AddProjectRoles(ctx, role)
-}
-
-func (repo *ProjectRepo) BulkAddProjectRole(ctx context.Context, roles []*proj_model.ProjectRole) error {
-	_, err := repo.ProjectEvents.AddProjectRoles(ctx, roles...)
-	return err
-}
-
-func (repo *ProjectRepo) ChangeProjectRole(ctx context.Context, member *proj_model.ProjectRole) (*proj_model.ProjectRole, error) {
-	return repo.ProjectEvents.ChangeProjectRole(ctx, member)
-}
-
-func (repo *ProjectRepo) RemoveProjectRole(ctx context.Context, projectID, key string) error {
-	role := proj_model.NewProjectRole(projectID, key)
-	aggregates := make([]*es_models.Aggregate, 0)
-	project, agg, err := repo.ProjectEvents.PrepareRemoveProjectRole(ctx, role)
-	if err != nil {
-		return err
-	}
-	aggregates = append(aggregates, agg)
-
-	usergrants, err := repo.View.UserGrantsByProjectIDAndRoleKey(projectID, key)
-	if err != nil {
-		return err
-	}
-	for _, grant := range usergrants {
-		changed := &usr_grant_model.UserGrant{
-			ObjectRoot: models.ObjectRoot{AggregateID: grant.ID, Sequence: grant.Sequence, ResourceOwner: grant.ResourceOwner},
-			RoleKeys:   grant.RoleKeys,
-			ProjectID:  grant.ProjectID,
-			UserID:     grant.UserID,
-		}
-		changed.RemoveRoleKeyIfExisting(key)
-		_, agg, err := repo.UserGrantEvents.PrepareChangeUserGrant(ctx, changed, true)
-		if err != nil {
-			return err
-		}
-		aggregates = append(aggregates, agg)
-	}
-	if err != nil {
-		return err
-	}
-	err = es_sdk.PushAggregates(ctx, repo.Eventstore.PushAggregates, project.AppendEvents, aggregates...)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
 func (repo *ProjectRepo) SearchProjectRoles(ctx context.Context, projectID string, request *proj_model.ProjectRoleSearchRequest) (*proj_model.ProjectRoleSearchResponse, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	request.AppendProjectQuery(projectID)
@@ -343,27 +227,6 @@ func (repo *ProjectRepo) ApplicationByID(ctx context.Context, projectID, appID s
 	return model.ApplicationViewToModel(app), nil
 }

-func (repo *ProjectRepo) AddApplication(ctx context.Context, app *proj_model.Application) (*proj_model.Application, error) {
-	return repo.ProjectEvents.AddApplication(ctx, app)
-}
-
-func (repo *ProjectRepo) ChangeApplication(ctx context.Context, app *proj_model.Application) (*proj_model.Application, error) {
-	return repo.ProjectEvents.ChangeApplication(ctx, app)
-}
-
-func (repo *ProjectRepo) DeactivateApplication(ctx context.Context, projectID, appID string) (*proj_model.Application, error) {
-	return repo.ProjectEvents.DeactivateApplication(ctx, projectID, appID)
-}
-
-func (repo *ProjectRepo) ReactivateApplication(ctx context.Context, projectID, appID string) (*proj_model.Application, error) {
-	return repo.ProjectEvents.ReactivateApplication(ctx, projectID, appID)
-}
-
-func (repo *ProjectRepo) RemoveApplication(ctx context.Context, projectID, appID string) error {
-	app := proj_model.NewApplication(projectID, appID)
-	return repo.ProjectEvents.RemoveApplication(ctx, app)
-}
-
 func (repo *ProjectRepo) SearchApplications(ctx context.Context, request *proj_model.ApplicationSearchRequest) (*proj_model.ApplicationSearchResponse, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	sequence, sequenceErr := repo.View.GetLatestApplicationSequence("")
@@ -405,10 +268,6 @@ func (repo *ProjectRepo) ApplicationChanges(ctx context.Context, id string, appI
 	return changes, nil
 }

-func (repo *ProjectRepo) ChangeOIDCConfig(ctx context.Context, config *proj_model.OIDCConfig) (*proj_model.OIDCConfig, error) {
-	return repo.ProjectEvents.ChangeOIDCConfig(ctx, config)
-}
-
 func (repo *ProjectRepo) ChangeOIDConfigSecret(ctx context.Context, projectID, appID string) (*proj_model.OIDCConfig, error) {
 	return repo.ProjectEvents.ChangeOIDCConfigSecret(ctx, projectID, appID)
 }
@@ -493,102 +352,6 @@ func (repo *ProjectRepo) SearchGrantedProjects(ctx context.Context, request *pro
 	return result, nil
 }

-func (repo *ProjectRepo) AddProjectGrant(ctx context.Context, grant *proj_model.ProjectGrant) (*proj_model.ProjectGrant, error) {
-	return repo.ProjectEvents.AddProjectGrant(ctx, grant)
-}
-
-func (repo *ProjectRepo) ChangeProjectGrant(ctx context.Context, grant *proj_model.ProjectGrant) (*proj_model.ProjectGrant, error) {
-	project, aggFunc, removedRoles, err := repo.ProjectEvents.PrepareChangeProjectGrant(ctx, grant)
-	if err != nil {
-		return nil, err
-	}
-	agg, err := aggFunc(ctx)
-	if err != nil {
-		return nil, err
-	}
-	aggregates := make([]*es_models.Aggregate, 0)
-	aggregates = append(aggregates, agg)
-
-	usergrants, err := repo.View.UserGrantsByProjectID(grant.AggregateID)
-	if err != nil {
-		return nil, err
-	}
-	for _, grant := range usergrants {
-		changed := &usr_grant_model.UserGrant{
-			ObjectRoot: models.ObjectRoot{AggregateID: grant.ID, Sequence: grant.Sequence, ResourceOwner: grant.ResourceOwner},
-			RoleKeys:   grant.RoleKeys,
-			ProjectID:  grant.ProjectID,
-			UserID:     grant.UserID,
-		}
-		roleDeleted := changed.RemoveRoleKeysIfExisting(removedRoles)
-		if roleDeleted {
-			_, agg, err := repo.UserGrantEvents.PrepareChangeUserGrant(ctx, changed, true)
-			if err != nil {
-				return nil, err
-			}
-			aggregates = append(aggregates, agg)
-		}
-	}
-	if err != nil {
-		return nil, err
-	}
-	err = es_sdk.PushAggregates(ctx, repo.Eventstore.PushAggregates, project.AppendEvents, aggregates...)
-	if err != nil {
-		return nil, err
-	}
-	if _, g := es_proj_model.GetProjectGrant(project.Grants, grant.GrantID); g != nil {
-		return es_proj_model.GrantToModel(g), nil
-	}
-	return nil, caos_errs.ThrowInternal(nil, "EVENT-dksi8", "Could not find app in list")
-}
-
-func (repo *ProjectRepo) DeactivateProjectGrant(ctx context.Context, projectID, grantID string) (*proj_model.ProjectGrant, error) {
-	return repo.ProjectEvents.DeactivateProjectGrant(ctx, projectID, grantID)
-}
-
-func (repo *ProjectRepo) ReactivateProjectGrant(ctx context.Context, projectID, grantID string) (*proj_model.ProjectGrant, error) {
-	return repo.ProjectEvents.ReactivateProjectGrant(ctx, projectID, grantID)
-}
-
-func (repo *ProjectRepo) RemoveProjectGrant(ctx context.Context, projectID, grantID string) error {
-	grant, err := repo.ProjectEvents.ProjectGrantByIDs(ctx, projectID, grantID)
-	if err != nil {
-		return err
-	}
-	aggregates := make([]*es_models.Aggregate, 0)
-	project, aggFunc, err := repo.ProjectEvents.PrepareRemoveProjectGrant(ctx, grant)
-	if err != nil {
-		return err
-	}
-	agg, err := aggFunc(ctx)
-	if err != nil {
-		return err
-	}
-	aggregates = append(aggregates, agg)
-
-	usergrants, err := repo.View.UserGrantsByOrgIDAndProjectID(grant.GrantedOrgID, projectID)
-	if err != nil {
-		return err
-	}
-	for _, grant := range usergrants {
-		_, grantAggregates, err := repo.UserGrantEvents.PrepareRemoveUserGrant(ctx, grant.ID, true)
-		if err != nil {
-			return err
-		}
-		for _, agg := range grantAggregates {
-			aggregates = append(aggregates, agg)
-		}
-	}
-	if err != nil {
-		return err
-	}
-	err = es_sdk.PushAggregates(ctx, repo.Eventstore.PushAggregates, project.AppendEvents, aggregates...)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
 func (repo *ProjectRepo) ProjectGrantMemberByID(ctx context.Context, projectID, userID string) (*proj_model.ProjectGrantMemberView, error) {
 	member, err := repo.View.ProjectGrantMemberByIDs(projectID, userID)
 	if err != nil {
@@ -597,19 +360,6 @@ func (repo *ProjectRepo) ProjectGrantMemberByID(ctx context.Context, projectID,
 	return model.ProjectGrantMemberToModel(member), nil
 }

-func (repo *ProjectRepo) AddProjectGrantMember(ctx context.Context, member *proj_model.ProjectGrantMember) (*proj_model.ProjectGrantMember, error) {
-	return repo.ProjectEvents.AddProjectGrantMember(ctx, member)
-}
-
-func (repo *ProjectRepo) ChangeProjectGrantMember(ctx context.Context, member *proj_model.ProjectGrantMember) (*proj_model.ProjectGrantMember, error) {
-	return repo.ProjectEvents.ChangeProjectGrantMember(ctx, member)
-}
-
-func (repo *ProjectRepo) RemoveProjectGrantMember(ctx context.Context, projectID, grantID, userID string) error {
-	member := proj_model.NewProjectGrantMember(projectID, grantID, userID)
-	return repo.ProjectEvents.RemoveProjectGrantMember(ctx, member)
-}
-
 func (repo *ProjectRepo) SearchProjectGrantMembers(ctx context.Context, request *proj_model.ProjectGrantMemberSearchRequest) (*proj_model.ProjectGrantMemberSearchResponse, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	sequence, sequenceErr := repo.View.GetLatestProjectGrantMemberSequence("")
--- a/internal/management/repository/project.go
+++ b/internal/management/repository/project.go
@@ -8,52 +8,26 @@ import (

 type ProjectRepository interface {
 	ProjectByID(ctx context.Context, id string) (*model.ProjectView, error)
-	CreateProject(ctx context.Context, project *model.Project) (*model.Project, error)
-	UpdateProject(ctx context.Context, project *model.Project) (*model.Project, error)
-	DeactivateProject(ctx context.Context, id string) (*model.Project, error)
-	ReactivateProject(ctx context.Context, id string) (*model.Project, error)
-	RemoveProject(ctx context.Context, id string) error
 	SearchProjects(ctx context.Context, request *model.ProjectViewSearchRequest) (*model.ProjectViewSearchResponse, error)
 	SearchProjectGrants(ctx context.Context, request *model.ProjectGrantViewSearchRequest) (*model.ProjectGrantViewSearchResponse, error)
 	SearchGrantedProjects(ctx context.Context, request *model.ProjectGrantViewSearchRequest) (*model.ProjectGrantViewSearchResponse, error)
 	ProjectGrantViewByID(ctx context.Context, grantID string) (*model.ProjectGrantView, error)

 	ProjectMemberByID(ctx context.Context, projectID, userID string) (*model.ProjectMemberView, error)
-	AddProjectMember(ctx context.Context, member *model.ProjectMember) (*model.ProjectMember, error)
-	ChangeProjectMember(ctx context.Context, member *model.ProjectMember) (*model.ProjectMember, error)
-	RemoveProjectMember(ctx context.Context, projectID, userID string) error
 	SearchProjectMembers(ctx context.Context, request *model.ProjectMemberSearchRequest) (*model.ProjectMemberSearchResponse, error)
 	GetProjectMemberRoles(ctx context.Context) ([]string, error)

-	AddProjectRole(ctx context.Context, role *model.ProjectRole) (*model.ProjectRole, error)
-	ChangeProjectRole(ctx context.Context, role *model.ProjectRole) (*model.ProjectRole, error)
-	RemoveProjectRole(ctx context.Context, projectID, key string) error
 	SearchProjectRoles(ctx context.Context, projectId string, request *model.ProjectRoleSearchRequest) (*model.ProjectRoleSearchResponse, error)
 	ProjectChanges(ctx context.Context, id string, lastSequence uint64, limit uint64, sortAscending bool) (*model.ProjectChanges, error)
-	BulkAddProjectRole(ctx context.Context, role []*model.ProjectRole) error

 	ApplicationByID(ctx context.Context, projectID, appID string) (*model.ApplicationView, error)
-	AddApplication(ctx context.Context, app *model.Application) (*model.Application, error)
-	ChangeApplication(ctx context.Context, app *model.Application) (*model.Application, error)
-	DeactivateApplication(ctx context.Context, projectID, appID string) (*model.Application, error)
-	ReactivateApplication(ctx context.Context, projectID, appID string) (*model.Application, error)
-	RemoveApplication(ctx context.Context, projectID, appID string) error
-	ChangeOIDCConfig(ctx context.Context, config *model.OIDCConfig) (*model.OIDCConfig, error)
 	ChangeOIDConfigSecret(ctx context.Context, projectID, appID string) (*model.OIDCConfig, error)
 	SearchApplications(ctx context.Context, request *model.ApplicationSearchRequest) (*model.ApplicationSearchResponse, error)
 	ApplicationChanges(ctx context.Context, id string, secId string, lastSequence uint64, limit uint64, sortAscending bool) (*model.ApplicationChanges, error)

 	ProjectGrantByID(ctx context.Context, grantID string) (*model.ProjectGrantView, error)
-	AddProjectGrant(ctx context.Context, grant *model.ProjectGrant) (*model.ProjectGrant, error)
-	ChangeProjectGrant(ctx context.Context, grant *model.ProjectGrant) (*model.ProjectGrant, error)
-	DeactivateProjectGrant(ctx context.Context, projectID, grantID string) (*model.ProjectGrant, error)
-	ReactivateProjectGrant(ctx context.Context, projectID, grantID string) (*model.ProjectGrant, error)
-	RemoveProjectGrant(ctx context.Context, projectID, grantID string) error
 	SearchProjectGrantMembers(ctx context.Context, request *model.ProjectGrantMemberSearchRequest) (*model.ProjectGrantMemberSearchResponse, error)

 	ProjectGrantMemberByID(ctx context.Context, projectID, userID string) (*model.ProjectGrantMemberView, error)
-	AddProjectGrantMember(ctx context.Context, member *model.ProjectGrantMember) (*model.ProjectGrantMember, error)
-	ChangeProjectGrantMember(ctx context.Context, member *model.ProjectGrantMember) (*model.ProjectGrantMember, error)
-	RemoveProjectGrantMember(ctx context.Context, projectID, grantID, userID string) error
 	GetProjectGrantMemberRoles() []string
 }