TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-01-05 22:52:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: use domain models for v2 eventstore (#1151)

Browse Source 
* fix: use domain models for v2 eventstore

* fix: user domain model

* Update internal/api/grpc/admin/login_policy_converter.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: converter

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi 2021-01-05 09:33:45 +01:00 committed by GitHub
parent 5b84c9b619
commit dc56e298ae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
72 changed files with 1029 additions and 610 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
cmd/zitadel/main.go
View File

@ -4,6 +4,8 @@ import (
"context"
"flag"
metrics "github.com/caos/zitadel/internal/telemetry/metrics/config"
"github.com/caos/zitadel/internal/v2/command"
"github.com/caos/zitadel/internal/v2/query"
"github.com/caos/logging"
admin_es "github.com/caos/zitadel/internal/admin/repository/eventsourcing"
@ -93,6 +95,19 @@ func startZitadel(configPaths []string) {
logging.Log("MAIN-FaF2r").OnError(err).Fatal("cannot read config")
ctx := context.Background()
es, err := es_int.Start(conf.Admin.Eventstore)
if err != nil {
return
}
esV2 := es.V2()
command, err := command.StartCommandSide(&command.Config{Eventstore: esV2, SystemDefaults: conf.SystemDefaults})
if err != nil {
return
}
query, err := query.StartQuerySide(&query.Config{Eventstore: esV2, SystemDefaults: conf.SystemDefaults})
if err != nil {
return
}
authZRepo, err := authz.Start(ctx, conf.AuthZ, conf.InternalAuthZ, conf.SystemDefaults)
logging.Log("MAIN-s9KOw").OnError(err).Fatal("error starting authz repo")
var authRepo *auth_es.EsRepository
@ -101,7 +116,7 @@ func startZitadel(configPaths []string) {
logging.Log("MAIN-9oRw6").OnError(err).Fatal("error starting auth repo")
}
startAPI(ctx, conf, authZRepo, authRepo)
startAPI(ctx, conf, authZRepo, authRepo, command, query)
startUI(ctx, conf, authRepo)
if *notificationEnabled {
@ -126,23 +141,23 @@ func startUI(ctx context.Context, conf *Config, authRepo *auth_es.EsRepository)
uis.Start(ctx)
}
func startAPI(ctx context.Context, conf *Config, authZRepo *authz_repo.EsRepository, authRepo *auth_es.EsRepository) {
func startAPI(ctx context.Context, conf *Config, authZRepo *authz_repo.EsRepository, authRepo *auth_es.EsRepository, command *command.CommandSide, query *query.QuerySide) {
roles := make([]string, len(conf.InternalAuthZ.RolePermissionMappings))
for i, role := range conf.InternalAuthZ.RolePermissionMappings {
roles[i] = role.Role
}
adminRepo, err := admin_es.Start(ctx, conf.Admin, conf.SystemDefaults, roles)
repo, err := admin_es.Start(ctx, conf.Admin, conf.SystemDefaults, roles)
logging.Log("API-D42tq").OnError(err).Fatal("error starting auth repo")
apis := api.Create(conf.API, conf.InternalAuthZ, authZRepo, authRepo, adminRepo, conf.SystemDefaults)
apis := api.Create(conf.API, conf.InternalAuthZ, authZRepo, authRepo, repo, conf.SystemDefaults)
if *adminEnabled {
apis.RegisterServer(ctx, admin.CreateServer(adminRepo))
apis.RegisterServer(ctx, admin.CreateServer(command, query, repo))
}
if *managementEnabled {
managementRepo, err := mgmt_es.Start(conf.Mgmt, conf.SystemDefaults, roles)
logging.Log("API-Gd2qq").OnError(err).Fatal("error starting management repo")
apis.RegisterServer(ctx, management.CreateServer(managementRepo, conf.SystemDefaults))
apis.RegisterServer(ctx, management.CreateServer(command, query, managementRepo, conf.SystemDefaults))
}
if *authEnabled {
apis.RegisterServer(ctx, auth.CreateServer(authRepo))

211
internal/admin/repository/eventsourcing/eventstore/iam.go
View File

@ -2,7 +2,6 @@ package eventstore
import (
"context"
"github.com/caos/zitadel/internal/v2/query"
"strings"
caos_errs "github.com/caos/zitadel/internal/errors"
@ -19,7 +18,6 @@ import (
"github.com/caos/zitadel/internal/telemetry/tracing"
usr_model "github.com/caos/zitadel/internal/user/model"
usr_es "github.com/caos/zitadel/internal/user/repository/eventsourcing"
"github.com/caos/zitadel/internal/v2/command"
)
type IAMRepository struct {
@ -30,9 +28,6 @@ type IAMRepository struct {
View *admin_view.View
SystemDefaults systemdefaults.SystemDefaults
Roles []string
IAMV2Command *command.CommandSide
IAMV2Query *query.QuerySide
}
func (repo *IAMRepository) IAMMemberByID(ctx context.Context, iamID, userID string) (*iam_model.IAMMemberView, error) {
@ -43,30 +38,6 @@ func (repo *IAMRepository) IAMMemberByID(ctx context.Context, iamID, userID stri
return iam_es_model.IAMMemberToModel(member), nil
}
func (repo *IAMRepository) AddIAMMember(ctx context.Context, member *iam_model.IAMMember) (*iam_model.IAMMember, error) {
member.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddIAMMember(ctx, member)
}
return repo.IAMEventstore.AddIAMMember(ctx, member)
}
func (repo *IAMRepository) ChangeIAMMember(ctx context.Context, member *iam_model.IAMMember) (*iam_model.IAMMember, error) {
member.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeIAMMember(ctx, member)
}
return repo.IAMEventstore.ChangeIAMMember(ctx, member)
}
func (repo *IAMRepository) RemoveIAMMember(ctx context.Context, userID string) error {
member := iam_model.NewIAMMember(repo.SystemDefaults.IamID, userID)
if repo.IAMV2Command != nil {
return repo.IAMV2Command.RemoveIAMMember(ctx, member)
}
return repo.IAMEventstore.RemoveIAMMember(ctx, member)
}
func (repo *IAMRepository) SearchIAMMembers(ctx context.Context, request *iam_model.IAMMemberSearchRequest) (*iam_model.IAMMemberSearchResponse, error) {
request.EnsureLimit(repo.SearchLimit)
sequence, err := repo.View.GetLatestIAMMemberSequence("")
@ -98,48 +69,6 @@ func (repo *IAMRepository) GetIAMMemberRoles() []string {
return roles
}
func (repo *IAMRepository) IDPConfigByID(ctx context.Context, idpConfigID string) (*iam_model.IDPConfigView, error) {
if repo.IAMV2Command != nil {
return repo.IAMV2Query.DefaultIDPConfigByID(ctx, repo.SystemDefaults.IamID, idpConfigID)
}
idp, err := repo.View.IDPConfigByID(idpConfigID)
if err != nil {
return nil, err
}
return iam_es_model.IDPConfigViewToModel(idp), nil
}
func (repo *IAMRepository) AddOIDCIDPConfig(ctx context.Context, idp *iam_model.IDPConfig) (*iam_model.IDPConfig, error) {
idp.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddDefaultIDPConfig(ctx, idp)
}
return repo.IAMEventstore.AddIDPConfig(ctx, idp)
}
func (repo *IAMRepository) ChangeIDPConfig(ctx context.Context, idp *iam_model.IDPConfig) (*iam_model.IDPConfig, error) {
idp.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultIDPConfig(ctx, idp)
}
return repo.IAMEventstore.ChangeIDPConfig(ctx, idp)
}
func (repo *IAMRepository) DeactivateIDPConfig(ctx context.Context, idpConfigID string) (*iam_model.IDPConfig, error) {
if repo.IAMV2Command != nil {
return repo.IAMV2Command.DeactivateDefaultIDPConfig(ctx, repo.SystemDefaults.IamID, idpConfigID)
}
return repo.IAMEventstore.DeactivateIDPConfig(ctx, repo.SystemDefaults.IamID, idpConfigID)
}
func (repo *IAMRepository) ReactivateIDPConfig(ctx context.Context, idpConfigID string) (*iam_model.IDPConfig, error) {
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ReactivateDefaultIDPConfig(ctx, repo.SystemDefaults.IamID, idpConfigID)
}
return repo.IAMEventstore.ReactivateIDPConfig(ctx, repo.SystemDefaults.IamID, idpConfigID)
}
func (repo *IAMRepository) RemoveIDPConfig(ctx context.Context, idpConfigID string) error {
// if repo.IAMV2Command != nil {
// return repo.IAMV2Command.
@ -184,14 +113,6 @@ func (repo *IAMRepository) RemoveIDPConfig(ctx context.Context, idpConfigID stri
return es_sdk.PushAggregates(ctx, repo.Eventstore.PushAggregates, nil, aggregates...)
}
func (repo *IAMRepository) ChangeOidcIDPConfig(ctx context.Context, oidcConfig *iam_model.OIDCIDPConfig) (*iam_model.OIDCIDPConfig, error) {
oidcConfig.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultIDPOIDCConfig(ctx, oidcConfig)
}
return repo.IAMEventstore.ChangeIDPOIDCConfig(ctx, oidcConfig)
}
func (repo *IAMRepository) SearchIDPConfigs(ctx context.Context, request *iam_model.IDPConfigSearchRequest) (*iam_model.IDPConfigSearchResponse, error) {
request.EnsureLimit(repo.SearchLimit)
sequence, err := repo.View.GetLatestIDPConfigSequence("")
@ -238,22 +159,6 @@ func (repo *IAMRepository) GetDefaultLabelPolicy(ctx context.Context) (*iam_mode
return iam_es_model.LabelPolicyViewToModel(policy), nil
}
func (repo *IAMRepository) AddDefaultLabelPolicy(ctx context.Context, policy *iam_model.LabelPolicy) (*iam_model.LabelPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddDefaultLabelPolicy(ctx, policy)
}
return repo.IAMEventstore.AddLabelPolicy(ctx, policy)
}
func (repo *IAMRepository) ChangeDefaultLabelPolicy(ctx context.Context, policy *iam_model.LabelPolicy) (*iam_model.LabelPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultLabelPolicy(ctx, policy)
}
return repo.IAMEventstore.ChangeLabelPolicy(ctx, policy)
}
func (repo *IAMRepository) GetDefaultLoginPolicy(ctx context.Context) (*iam_model.LoginPolicyView, error) {
policy, viewErr := repo.View.LoginPolicyByAggregateID(repo.SystemDefaults.IamID)
if viewErr != nil && !caos_errs.IsNotFound(viewErr) {
@ -279,22 +184,6 @@ func (repo *IAMRepository) GetDefaultLoginPolicy(ctx context.Context) (*iam_mode
return iam_es_model.LoginPolicyViewToModel(policy), nil
}
func (repo *IAMRepository) AddDefaultLoginPolicy(ctx context.Context, policy *iam_model.LoginPolicy) (*iam_model.LoginPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddDefaultLoginPolicy(ctx, policy)
}
return repo.IAMEventstore.AddLoginPolicy(ctx, policy)
}
func (repo *IAMRepository) ChangeDefaultLoginPolicy(ctx context.Context, policy *iam_model.LoginPolicy) (*iam_model.LoginPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultLoginPolicy(ctx, policy)
}
return repo.IAMEventstore.ChangeLoginPolicy(ctx, policy)
}
func (repo *IAMRepository) SearchDefaultIDPProviders(ctx context.Context, request *iam_model.IDPProviderSearchRequest) (*iam_model.IDPProviderSearchResponse, error) {
request.EnsureLimit(repo.SearchLimit)
request.AppendAggregateIDQuery(repo.SystemDefaults.IamID)
@ -317,14 +206,6 @@ func (repo *IAMRepository) SearchDefaultIDPProviders(ctx context.Context, reques
return result, nil
}
func (repo *IAMRepository) AddIDPProviderToLoginPolicy(ctx context.Context, provider *iam_model.IDPProvider) (*iam_model.IDPProvider, error) {
provider.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddIDPProviderToDefaultLoginPolicy(ctx, provider)
}
return repo.IAMEventstore.AddIDPProviderToLoginPolicy(ctx, provider)
}
func (repo *IAMRepository) RemoveIDPProviderFromLoginPolicy(ctx context.Context, provider *iam_model.IDPProvider) error {
aggregates := make([]*es_models.Aggregate, 0)
provider.AggregateID = repo.SystemDefaults.IamID
@ -361,20 +242,6 @@ func (repo *IAMRepository) SearchDefaultSecondFactors(ctx context.Context) (*iam
}, nil
}
func (repo *IAMRepository) AddSecondFactorToLoginPolicy(ctx context.Context, mfa iam_model.SecondFactorType) (iam_model.SecondFactorType, error) {
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddSecondFactorToDefaultLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
return repo.IAMEventstore.AddSecondFactorToLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
func (repo *IAMRepository) RemoveSecondFactorFromLoginPolicy(ctx context.Context, mfa iam_model.SecondFactorType) error {
if repo.IAMV2Command != nil {
return repo.IAMV2Command.RemoveSecondFactorFromDefaultLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
return repo.IAMEventstore.RemoveSecondFactorFromLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
func (repo *IAMRepository) SearchDefaultMultiFactors(ctx context.Context) (*iam_model.MultiFactorsSearchResponse, error) {
policy, err := repo.GetDefaultLoginPolicy(ctx)
if err != nil {
@ -386,20 +253,6 @@ func (repo *IAMRepository) SearchDefaultMultiFactors(ctx context.Context) (*iam_
}, nil
}
func (repo *IAMRepository) AddMultiFactorToLoginPolicy(ctx context.Context, mfa iam_model.MultiFactorType) (iam_model.MultiFactorType, error) {
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddMultiFactorToDefaultLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
return repo.IAMEventstore.AddMultiFactorToLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
func (repo *IAMRepository) RemoveMultiFactorFromLoginPolicy(ctx context.Context, mfa iam_model.MultiFactorType) error {
if repo.IAMV2Command != nil {
return repo.IAMV2Command.RemoveMultiFactorFromDefaultLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
return repo.IAMEventstore.RemoveMultiFactorFromLoginPolicy(ctx, repo.SystemDefaults.IamID, mfa)
}
func (repo *IAMRepository) GetDefaultPasswordComplexityPolicy(ctx context.Context) (*iam_model.PasswordComplexityPolicyView, error) {
policy, viewErr := repo.View.PasswordComplexityPolicyByAggregateID(repo.SystemDefaults.IamID)
if viewErr != nil && !caos_errs.IsNotFound(viewErr) {
@ -425,22 +278,6 @@ func (repo *IAMRepository) GetDefaultPasswordComplexityPolicy(ctx context.Contex
return iam_es_model.PasswordComplexityViewToModel(policy), nil
}
func (repo *IAMRepository) AddDefaultPasswordComplexityPolicy(ctx context.Context, policy *iam_model.PasswordComplexityPolicy) (*iam_model.PasswordComplexityPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddDefaultPasswordComplexityPolicy(ctx, policy)
}
return repo.IAMEventstore.AddPasswordComplexityPolicy(ctx, policy)
}
func (repo *IAMRepository) ChangeDefaultPasswordComplexityPolicy(ctx context.Context, policy *iam_model.PasswordComplexityPolicy) (*iam_model.PasswordComplexityPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultPasswordComplexityPolicy(ctx, policy)
}
return repo.IAMEventstore.ChangePasswordComplexityPolicy(ctx, policy)
}
func (repo *IAMRepository) GetDefaultPasswordAgePolicy(ctx context.Context) (*iam_model.PasswordAgePolicyView, error) {
policy, viewErr := repo.View.PasswordAgePolicyByAggregateID(repo.SystemDefaults.IamID)
if viewErr != nil && !caos_errs.IsNotFound(viewErr) {
@ -466,22 +303,6 @@ func (repo *IAMRepository) GetDefaultPasswordAgePolicy(ctx context.Context) (*ia
return iam_es_model.PasswordAgeViewToModel(policy), nil
}
func (repo *IAMRepository) AddDefaultPasswordAgePolicy(ctx context.Context, policy *iam_model.PasswordAgePolicy) (*iam_model.PasswordAgePolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddDefaultPasswordAgePolicy(ctx, policy)
}
return repo.IAMEventstore.AddPasswordAgePolicy(ctx, policy)
}
func (repo *IAMRepository) ChangeDefaultPasswordAgePolicy(ctx context.Context, policy *iam_model.PasswordAgePolicy) (*iam_model.PasswordAgePolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultPasswordAgePolicy(ctx, policy)
}
return repo.IAMEventstore.ChangePasswordAgePolicy(ctx, policy)
}
func (repo *IAMRepository) GetDefaultPasswordLockoutPolicy(ctx context.Context) (*iam_model.PasswordLockoutPolicyView, error) {
policy, viewErr := repo.View.PasswordLockoutPolicyByAggregateID(repo.SystemDefaults.IamID)
if viewErr != nil && !caos_errs.IsNotFound(viewErr) {
@ -507,22 +328,6 @@ func (repo *IAMRepository) GetDefaultPasswordLockoutPolicy(ctx context.Context)
return iam_es_model.PasswordLockoutViewToModel(policy), nil
}
func (repo *IAMRepository) AddDefaultPasswordLockoutPolicy(ctx context.Context, policy *iam_model.PasswordLockoutPolicy) (*iam_model.PasswordLockoutPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddDefaultPasswordLockoutPolicy(ctx, policy)
}
return repo.IAMEventstore.AddPasswordLockoutPolicy(ctx, policy)
}
func (repo *IAMRepository) ChangeDefaultPasswordLockoutPolicy(ctx context.Context, policy *iam_model.PasswordLockoutPolicy) (*iam_model.PasswordLockoutPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultPasswordLockoutPolicy(ctx, policy)
}
return repo.IAMEventstore.ChangePasswordLockoutPolicy(ctx, policy)
}
func (repo *IAMRepository) GetOrgIAMPolicy(ctx context.Context) (*iam_model.OrgIAMPolicyView, error) {
policy, viewErr := repo.View.OrgIAMPolicyByAggregateID(repo.SystemDefaults.IamID)
if viewErr != nil && !caos_errs.IsNotFound(viewErr) {
@ -547,19 +352,3 @@ func (repo *IAMRepository) GetOrgIAMPolicy(ctx context.Context) (*iam_model.OrgI
}
return iam_es_model.OrgIAMViewToModel(policy), nil
}
func (repo *IAMRepository) AddDefaultOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.AddDefaultOrgIAMPolicy(ctx, policy)
}
return repo.IAMEventstore.AddOrgIAMPolicy(ctx, policy)
}
func (repo *IAMRepository) ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error) {
policy.AggregateID = repo.SystemDefaults.IamID
if repo.IAMV2Command != nil {
return repo.IAMV2Command.ChangeDefaultOrgIAMPolicy(ctx, policy)
}
return repo.IAMEventstore.ChangeOrgIAMPolicy(ctx, policy)
}

15
internal/admin/repository/eventsourcing/repository.go
View File

@ -2,9 +2,6 @@ package eventsourcing
import (
"context"
"github.com/caos/zitadel/internal/v2/command"
"github.com/caos/zitadel/internal/v2/query"
"github.com/caos/zitadel/internal/admin/repository/eventsourcing/eventstore"
"github.com/caos/zitadel/internal/admin/repository/eventsourcing/handler"
"github.com/caos/zitadel/internal/admin/repository/eventsourcing/spooler"
@ -39,8 +36,6 @@ func Start(ctx context.Context, conf Config, systemDefaults sd.SystemDefaults, r
if err != nil {
return nil, err
}
esV2 := es.V2()
iam, err := es_iam.StartIAM(es_iam.IAMConfig{
Eventstore: es,
Cache: conf.Eventstore.Cache,
@ -66,14 +61,6 @@ func Start(ctx context.Context, conf Config, systemDefaults sd.SystemDefaults, r
if err != nil {
return nil, err
}
iamV2Command, err := command.StartCommandSide(&command.Config{Eventstore: esV2, SystemDefaults: systemDefaults})
if err != nil {
return nil, err
}
iamV2Query, err := query.StartQuerySide(&query.Config{Eventstore: esV2, SystemDefaults: systemDefaults})
if err != nil {
return nil, err
}
spool := spooler.StartSpooler(conf.Spooler, es, view, sqlClient, handler.EventstoreRepos{UserEvents: user, OrgEvents: org, IamEvents: iam}, systemDefaults)
@ -95,8 +82,6 @@ func Start(ctx context.Context, conf Config, systemDefaults sd.SystemDefaults, r
SystemDefaults: systemDefaults,
SearchLimit: conf.SearchLimit,
Roles: roles,
IAMV2Command: iamV2Command,
IAMV2Query: iamV2Query,
},
AdministratorRepo: eventstore.AdministratorRepo{
View: view,

26
internal/admin/repository/iam.go
View File

@ -8,51 +8,25 @@ import (
type IAMRepository interface {
SearchIAMMembers(ctx context.Context, request *iam_model.IAMMemberSearchRequest) (*iam_model.IAMMemberSearchResponse, error)
AddIAMMember(ctx context.Context, member *iam_model.IAMMember) (*iam_model.IAMMember, error)
ChangeIAMMember(ctx context.Context, member *iam_model.IAMMember) (*iam_model.IAMMember, error)
RemoveIAMMember(ctx context.Context, userID string) error
GetIAMMemberRoles() []string
SearchIDPConfigs(ctx context.Context, request *iam_model.IDPConfigSearchRequest) (*iam_model.IDPConfigSearchResponse, error)
IDPConfigByID(ctx context.Context, id string) (*iam_model.IDPConfigView, error)
AddOIDCIDPConfig(ctx context.Context, idp *iam_model.IDPConfig) (*iam_model.IDPConfig, error)
ChangeIDPConfig(ctx context.Context, idp *iam_model.IDPConfig) (*iam_model.IDPConfig, error)
DeactivateIDPConfig(ctx context.Context, idpConfigID string) (*iam_model.IDPConfig, error)
ReactivateIDPConfig(ctx context.Context, idpConfigID string) (*iam_model.IDPConfig, error)
RemoveIDPConfig(ctx context.Context, idpConfigID string) error
ChangeOidcIDPConfig(ctx context.Context, oidcConfig *iam_model.OIDCIDPConfig) (*iam_model.OIDCIDPConfig, error)
GetDefaultLoginPolicy(ctx context.Context) (*iam_model.LoginPolicyView, error)
AddDefaultLoginPolicy(ctx context.Context, policy *iam_model.LoginPolicy) (*iam_model.LoginPolicy, error)
ChangeDefaultLoginPolicy(ctx context.Context, policy *iam_model.LoginPolicy) (*iam_model.LoginPolicy, error)
SearchDefaultIDPProviders(ctx context.Context, request *iam_model.IDPProviderSearchRequest) (*iam_model.IDPProviderSearchResponse, error)
AddIDPProviderToLoginPolicy(ctx context.Context, provider *iam_model.IDPProvider) (*iam_model.IDPProvider, error)
RemoveIDPProviderFromLoginPolicy(ctx context.Context, provider *iam_model.IDPProvider) error
SearchDefaultSecondFactors(ctx context.Context) (*iam_model.SecondFactorsSearchResponse, error)
AddSecondFactorToLoginPolicy(ctx context.Context, mfa iam_model.SecondFactorType) (iam_model.SecondFactorType, error)
RemoveSecondFactorFromLoginPolicy(ctx context.Context, mfa iam_model.SecondFactorType) error
SearchDefaultMultiFactors(ctx context.Context) (*iam_model.MultiFactorsSearchResponse, error)
AddMultiFactorToLoginPolicy(ctx context.Context, mfa iam_model.MultiFactorType) (iam_model.MultiFactorType, error)
RemoveMultiFactorFromLoginPolicy(ctx context.Context, mfa iam_model.MultiFactorType) error
GetDefaultLabelPolicy(ctx context.Context) (*iam_model.LabelPolicyView, error)
AddDefaultLabelPolicy(ctx context.Context, policy *iam_model.LabelPolicy) (*iam_model.LabelPolicy, error)
ChangeDefaultLabelPolicy(ctx context.Context, policy *iam_model.LabelPolicy) (*iam_model.LabelPolicy, error)
GetDefaultPasswordComplexityPolicy(ctx context.Context) (*iam_model.PasswordComplexityPolicyView, error)
AddDefaultPasswordComplexityPolicy(ctx context.Context, policy *iam_model.PasswordComplexityPolicy) (*iam_model.PasswordComplexityPolicy, error)
ChangeDefaultPasswordComplexityPolicy(ctx context.Context, policy *iam_model.PasswordComplexityPolicy) (*iam_model.PasswordComplexityPolicy, error)
GetDefaultPasswordAgePolicy(ctx context.Context) (*iam_model.PasswordAgePolicyView, error)
AddDefaultPasswordAgePolicy(ctx context.Context, policy *iam_model.PasswordAgePolicy) (*iam_model.PasswordAgePolicy, error)
ChangeDefaultPasswordAgePolicy(ctx context.Context, policy *iam_model.PasswordAgePolicy) (*iam_model.PasswordAgePolicy, error)
GetDefaultPasswordLockoutPolicy(ctx context.Context) (*iam_model.PasswordLockoutPolicyView, error)
AddDefaultPasswordLockoutPolicy(ctx context.Context, policy *iam_model.PasswordLockoutPolicy) (*iam_model.PasswordLockoutPolicy, error)
ChangeDefaultPasswordLockoutPolicy(ctx context.Context, policy *iam_model.PasswordLockoutPolicy) (*iam_model.PasswordLockoutPolicy, error)
GetDefaultOrgIAMPolicy(ctx context.Context) (*iam_model.OrgIAMPolicyView, error)
AddDefaultOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error)
ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error)
}

10
internal/api/grpc/admin/iam_member.go
View File

@ -21,23 +21,23 @@ func (s *Server) SearchIamMembers(ctx context.Context, in *admin.IamMemberSearch
}
func (s *Server) AddIamMember(ctx context.Context, member *admin.AddIamMemberRequest) (*admin.IamMember, error) {
addedMember, err := s.iam.AddIAMMember(ctx, addIamMemberToModel(member))
addedMember, err := s.command.AddIAMMember(ctx, addIamMemberToDomain(member))
if err != nil {
return nil, err
}
return iamMemberFromModel(addedMember), nil
return iamMemberFromDomain(addedMember), nil
}
func (s *Server) ChangeIamMember(ctx context.Context, member *admin.ChangeIamMemberRequest) (*admin.IamMember, error) {
changedMember, err := s.iam.ChangeIAMMember(ctx, changeIamMemberToModel(member))
changedMember, err := s.command.ChangeIAMMember(ctx, changeIamMemberToDomain(member))
if err != nil {
return nil, err
}
return iamMemberFromModel(changedMember), nil
return iamMemberFromDomain(changedMember), nil
}
func (s *Server) RemoveIamMember(ctx context.Context, member *admin.RemoveIamMemberRequest) (*empty.Empty, error) {
err := s.iam.RemoveIAMMember(ctx, member.UserId)
err := s.command.RemoveIAMMember(ctx, member.UserId)
return &empty.Empty{}, err
}

19
internal/api/grpc/admin/iam_member_converter.go
View File

@ -2,6 +2,7 @@ package admin
import (
"github.com/caos/logging"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/golang/protobuf/ptypes"
iam_model "github.com/caos/zitadel/internal/iam/model"
@ -9,25 +10,21 @@ import (
"github.com/caos/zitadel/pkg/grpc/admin"
)
func addIamMemberToModel(member *admin.AddIamMemberRequest) *iam_model.IAMMember {
memberModel := &iam_model.IAMMember{
func addIamMemberToDomain(member *admin.AddIamMemberRequest) *domain.IAMMember {
return &domain.IAMMember{
UserID: member.UserId,
Roles: member.Roles,
}
memberModel.Roles = member.Roles
return memberModel
}
func changeIamMemberToModel(member *admin.ChangeIamMemberRequest) *iam_model.IAMMember {
memberModel := &iam_model.IAMMember{
func changeIamMemberToDomain(member *admin.ChangeIamMemberRequest) *domain.IAMMember {
return &domain.IAMMember{
UserID: member.UserId,
Roles: member.Roles,
}
memberModel.Roles = member.Roles
return memberModel
}
func iamMemberFromModel(member *iam_model.IAMMember) *admin.IamMember {
func iamMemberFromDomain(member *domain.IAMMember) *admin.IamMember {
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-Lsp76").OnError(err).Debug("date parse failed")

25
internal/api/grpc/admin/idp_config.go
View File

@ -8,56 +8,57 @@ import (
)
func (s *Server) IdpByID(ctx context.Context, id *admin.IdpID) (*admin.IdpView, error) {
config, err := s.iam.IDPConfigByID(ctx, id.Id)
config, err := s.query.DefaultIDPConfigByID(ctx, id.Id)
if err != nil {
return nil, err
}
return idpViewFromModel(config), nil
return idpViewFromDomain(config), nil
}
func (s *Server) CreateOidcIdp(ctx context.Context, oidcIdpConfig *admin.OidcIdpConfigCreate) (*admin.Idp, error) {
config, err := s.iam.AddOIDCIDPConfig(ctx, createOidcIdpToModel(oidcIdpConfig))
config, err := s.command.AddDefaultIDPConfig(ctx, createOIDCIDPToDomain(oidcIdpConfig))
if err != nil {
return nil, err
}
return idpFromModel(config), nil
return idpFromDomain(config), nil
}
func (s *Server) UpdateIdpConfig(ctx context.Context, idpConfig *admin.IdpUpdate) (*admin.Idp, error) {
config, err := s.iam.ChangeIDPConfig(ctx, updateIdpToModel(idpConfig))
config, err := s.command.ChangeDefaultIDPConfig(ctx, updateIdpToDomain(idpConfig))
if err != nil {
return nil, err
}
return idpFromModel(config), nil
return idpFromDomain(config), nil
}
func (s *Server) DeactivateIdpConfig(ctx context.Context, id *admin.IdpID) (*admin.Idp, error) {
config, err := s.iam.DeactivateIDPConfig(ctx, id.Id)
config, err := s.command.DeactivateDefaultIDPConfig(ctx, id.Id)
if err != nil {
return nil, err
}
return idpFromModel(config), nil
return idpFromDomain(config), nil
}
func (s *Server) ReactivateIdpConfig(ctx context.Context, id *admin.IdpID) (*admin.Idp, error) {
config, err := s.iam.ReactivateIDPConfig(ctx, id.Id)
config, err := s.command.ReactivateDefaultIDPConfig(ctx, id.Id)
if err != nil {
return nil, err
}
return idpFromModel(config), nil
return idpFromDomain(config), nil
}
//TODO: Change To V2
func (s *Server) RemoveIdpConfig(ctx context.Context, id *admin.IdpID) (*empty.Empty, error) {
err := s.iam.RemoveIDPConfig(ctx, id.Id)
return &empty.Empty{}, err
}
func (s *Server) UpdateOidcIdpConfig(ctx context.Context, request *admin.OidcIdpConfigUpdate) (*admin.OidcIdpConfig, error) {
config, err := s.iam.ChangeOidcIDPConfig(ctx, updateOidcIdpToModel(request))
config, err := s.command.ChangeDefaultIDPOIDCConfig(ctx, updateOIDCIDPToDomain(request))
if err != nil {
return nil, err
}
return oidcIdpConfigFromModel(config), nil
return oidcIDPConfigFromDomain(config), nil
}
func (s *Server) SearchIdps(ctx context.Context, request *admin.IdpSearchRequest) (*admin.IdpSearchResponse, error) {

121
internal/api/grpc/admin/idp_config_converter.go
View File

@ -3,47 +3,48 @@ package admin
import (
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/pkg/grpc/admin"
"github.com/golang/protobuf/ptypes"
)
func createOidcIdpToModel(idp *admin.OidcIdpConfigCreate) *iam_model.IDPConfig {
return &iam_model.IDPConfig{
func createOIDCIDPToDomain(idp *admin.OidcIdpConfigCreate) *domain.IDPConfig {
return &domain.IDPConfig{
Name: idp.Name,
StylingType: idpConfigStylingTypeToModel(idp.StylingType),
Type: iam_model.IDPConfigTypeOIDC,
OIDCConfig: &iam_model.OIDCIDPConfig{
StylingType: idpConfigStylingTypeToDomain(idp.StylingType),
Type: domain.IDPConfigTypeOIDC,
OIDCConfig: &domain.OIDCIDPConfig{
ClientID: idp.ClientId,
ClientSecretString: idp.ClientSecret,
Issuer: idp.Issuer,
Scopes: idp.Scopes,
IDPDisplayNameMapping: oidcMappingFieldToModel(idp.IdpDisplayNameMapping),
UsernameMapping: oidcMappingFieldToModel(idp.UsernameMapping),
IDPDisplayNameMapping: oidcMappingFieldToDomain(idp.IdpDisplayNameMapping),
UsernameMapping: oidcMappingFieldToDomain(idp.UsernameMapping),
},
}
}
func updateIdpToModel(idp *admin.IdpUpdate) *iam_model.IDPConfig {
return &iam_model.IDPConfig{
func updateIdpToDomain(idp *admin.IdpUpdate) *domain.IDPConfig {
return &domain.IDPConfig{
IDPConfigID: idp.Id,
Name: idp.Name,
StylingType: idpConfigStylingTypeToModel(idp.StylingType),
StylingType: idpConfigStylingTypeToDomain(idp.StylingType),
}
}
func updateOidcIdpToModel(idp *admin.OidcIdpConfigUpdate) *iam_model.OIDCIDPConfig {
return &iam_model.OIDCIDPConfig{
func updateOIDCIDPToDomain(idp *admin.OidcIdpConfigUpdate) *domain.OIDCIDPConfig {
return &domain.OIDCIDPConfig{
IDPConfigID: idp.IdpId,
ClientID: idp.ClientId,
ClientSecretString: idp.ClientSecret,
Issuer: idp.Issuer,
Scopes: idp.Scopes,
IDPDisplayNameMapping: oidcMappingFieldToModel(idp.IdpDisplayNameMapping),
UsernameMapping: oidcMappingFieldToModel(idp.UsernameMapping),
IDPDisplayNameMapping: oidcMappingFieldToDomain(idp.IdpDisplayNameMapping),
UsernameMapping: oidcMappingFieldToDomain(idp.UsernameMapping),
}
}
func idpFromModel(idp *iam_model.IDPConfig) *admin.Idp {
func idpFromDomain(idp *domain.IDPConfig) *admin.Idp {
creationDate, err := ptypes.TimestampProto(idp.CreationDate)
logging.Log("GRPC-8dju8").OnError(err).Debug("date parse failed")
@ -56,9 +57,28 @@ func idpFromModel(idp *iam_model.IDPConfig) *admin.Idp {
ChangeDate: changeDate,
Sequence: idp.Sequence,
Name: idp.Name,
StylingType: idpConfigStylingTypeFromModel(idp.StylingType),
State: idpConfigStateFromModel(idp.State),
IdpConfig: idpConfigFromModel(idp),
StylingType: idpConfigStylingTypeFromDomain(idp.StylingType),
State: idpConfigStateFromDomain(idp.State),
IdpConfig: idpConfigFromDomain(idp),
}
}
func idpViewFromDomain(idp *domain.IDPConfigView) *admin.IdpView {
creationDate, err := ptypes.TimestampProto(idp.CreationDate)
logging.Log("GRPC-8dju8").OnError(err).Debug("date parse failed")
changeDate, err := ptypes.TimestampProto(idp.ChangeDate)
logging.Log("GRPC-Dsj8i").OnError(err).Debug("date parse failed")
return &admin.IdpView{
Id: idp.IDPConfigID,
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: idp.Sequence,
Name: idp.Name,
StylingType: admin.IdpStylingType(idp.StylingType),
State: admin.IdpState(idp.State),
IdpConfigView: idpConfigViewFromDomain(idp),
}
}
@ -75,22 +95,22 @@ func idpViewFromModel(idp *iam_model.IDPConfigView) *admin.IdpView {
ChangeDate: changeDate,
Sequence: idp.Sequence,
Name: idp.Name,
StylingType: idpConfigStylingTypeFromModel(idp.StylingType),
State: idpConfigStateFromModel(idp.State),
StylingType: admin.IdpStylingType(idp.StylingType),
State: admin.IdpState(idp.State),
IdpConfigView: idpConfigViewFromModel(idp),
}
}
func idpConfigFromModel(idp *iam_model.IDPConfig) *admin.Idp_OidcConfig {
if idp.Type == iam_model.IDPConfigTypeOIDC {
func idpConfigFromDomain(idp *domain.IDPConfig) *admin.Idp_OidcConfig {
if idp.Type == domain.IDPConfigTypeOIDC {
return &admin.Idp_OidcConfig{
OidcConfig: oidcIdpConfigFromModel(idp.OIDCConfig),
OidcConfig: oidcIDPConfigFromDomain(idp.OIDCConfig),
}
}
return nil
}
func oidcIdpConfigFromModel(idp *iam_model.OIDCIDPConfig) *admin.OidcIdpConfig {
func oidcIDPConfigFromDomain(idp *domain.OIDCIDPConfig) *admin.OidcIdpConfig {
return &admin.OidcIdpConfig{
ClientId: idp.ClientID,
Issuer: idp.Issuer,
@ -98,6 +118,15 @@ func oidcIdpConfigFromModel(idp *iam_model.OIDCIDPConfig) *admin.OidcIdpConfig {
}
}
func idpConfigViewFromDomain(idp *domain.IDPConfigView) *admin.IdpView_OidcConfig {
if idp.IsOIDC {
return &admin.IdpView_OidcConfig{
OidcConfig: oidcIdpConfigViewFromDomain(idp),
}
}
return nil
}
func idpConfigViewFromModel(idp *iam_model.IDPConfigView) *admin.IdpView_OidcConfig {
if idp.IsOIDC {
return &admin.IdpView_OidcConfig{
@ -107,46 +136,56 @@ func idpConfigViewFromModel(idp *iam_model.IDPConfigView) *admin.IdpView_OidcCon
return nil
}
func oidcIdpConfigViewFromDomain(idp *domain.IDPConfigView) *admin.OidcIdpConfigView {
return &admin.OidcIdpConfigView{
ClientId: idp.OIDCClientID,
Issuer: idp.OIDCIssuer,
Scopes: idp.OIDCScopes,
IdpDisplayNameMapping: oidcMappingFieldFromDomain(idp.OIDCIDPDisplayNameMapping),
UsernameMapping: oidcMappingFieldFromDomain(idp.OIDCUsernameMapping),
}
}
func oidcIdpConfigViewFromModel(idp *iam_model.IDPConfigView) *admin.OidcIdpConfigView {
return &admin.OidcIdpConfigView{
ClientId: idp.OIDCClientID,
Issuer: idp.OIDCIssuer,
Scopes: idp.OIDCScopes,
IdpDisplayNameMapping: oidcMappingFieldFromModel(idp.OIDCIDPDisplayNameMapping),
UsernameMapping: oidcMappingFieldFromModel(idp.OIDCUsernameMapping),
IdpDisplayNameMapping: admin.OIDCMappingField(idp.OIDCIDPDisplayNameMapping),
UsernameMapping: admin.OIDCMappingField(idp.OIDCUsernameMapping),
}
}
func idpConfigStateFromModel(state iam_model.IDPConfigState) admin.IdpState {
func idpConfigStateFromDomain(state domain.IDPConfigState) admin.IdpState {
switch state {
case iam_model.IDPConfigStateActive:
case domain.IDPConfigStateActive:
return admin.IdpState_IDPCONFIGSTATE_ACTIVE
case iam_model.IDPConfigStateInactive:
case domain.IDPConfigStateInactive:
return admin.IdpState_IDPCONFIGSTATE_INACTIVE
default:
return admin.IdpState_IDPCONFIGSTATE_UNSPECIFIED
}
}
func oidcMappingFieldFromModel(field iam_model.OIDCMappingField) admin.OIDCMappingField {
func oidcMappingFieldFromDomain(field domain.OIDCMappingField) admin.OIDCMappingField {
switch field {
case iam_model.OIDCMappingFieldPreferredLoginName:
case domain.OIDCMappingFieldPreferredLoginName:
return admin.OIDCMappingField_OIDCMAPPINGFIELD_PREFERRED_USERNAME
case iam_model.OIDCMappingFieldEmail:
case domain.OIDCMappingFieldEmail:
return admin.OIDCMappingField_OIDCMAPPINGFIELD_EMAIL
default:
return admin.OIDCMappingField_OIDCMAPPINGFIELD_UNSPECIFIED
}
}
func oidcMappingFieldToModel(field admin.OIDCMappingField) iam_model.OIDCMappingField {
func oidcMappingFieldToDomain(field admin.OIDCMappingField) domain.OIDCMappingField {
switch field {
case admin.OIDCMappingField_OIDCMAPPINGFIELD_PREFERRED_USERNAME:
return iam_model.OIDCMappingFieldPreferredLoginName
return domain.OIDCMappingFieldPreferredLoginName
case admin.OIDCMappingField_OIDCMAPPINGFIELD_EMAIL:
return iam_model.OIDCMappingFieldEmail
return domain.OIDCMappingFieldEmail
default:
return iam_model.OIDCMappingFieldUnspecified
return domain.OIDCMappingFieldPreferredLoginName
}
}
@ -207,20 +246,20 @@ func idpConfigsFromView(viewIdps []*iam_model.IDPConfigView) []*admin.IdpView {
return idps
}
func idpConfigStylingTypeFromModel(stylingType iam_model.IDPStylingType) admin.IdpStylingType {
func idpConfigStylingTypeFromDomain(stylingType domain.IDPConfigStylingType) admin.IdpStylingType {
switch stylingType {
case iam_model.IDPStylingTypeGoogle:
case domain.IDPConfigStylingTypeGoogle:
return admin.IdpStylingType_IDPSTYLINGTYPE_GOOGLE
default:
return admin.IdpStylingType_IDPSTYLINGTYPE_UNSPECIFIED
}
}
func idpConfigStylingTypeToModel(stylingType admin.IdpStylingType) iam_model.IDPStylingType {
func idpConfigStylingTypeToDomain(stylingType admin.IdpStylingType) domain.IDPConfigStylingType {
switch stylingType {
case admin.IdpStylingType_IDPSTYLINGTYPE_GOOGLE:
return iam_model.IDPStylingTypeGoogle
return domain.IDPConfigStylingTypeGoogle
default:
return iam_model.IDPStylingTypeUnspecified
return domain.IDPConfigStylingTypeUnspecified
}
}

4
internal/api/grpc/admin/label_policy.go
View File

@ -16,9 +16,9 @@ func (s *Server) GetDefaultLabelPolicy(ctx context.Context, _ *empty.Empty) (*ad
}
func (s *Server) UpdateDefaultLabelPolicy(ctx context.Context, policy *admin.DefaultLabelPolicyUpdate) (*admin.DefaultLabelPolicy, error) {
result, err := s.iam.ChangeDefaultLabelPolicy(ctx, labelPolicyToModel(policy))
result, err := s.command.ChangeDefaultLabelPolicy(ctx, labelPolicyToDomain(policy))
if err != nil {
return nil, err
}
return labelPolicyFromModel(result), nil
return labelPolicyFromDomain(result), nil
}

7
internal/api/grpc/admin/label_policy_converter.go
View File

@ -3,18 +3,19 @@ package admin
import (
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/pkg/grpc/admin"
"github.com/golang/protobuf/ptypes"
)
func labelPolicyToModel(policy *admin.DefaultLabelPolicyUpdate) *iam_model.LabelPolicy {
return &iam_model.LabelPolicy{
func labelPolicyToDomain(policy *admin.DefaultLabelPolicyUpdate) *domain.LabelPolicy {
return &domain.LabelPolicy{
PrimaryColor: policy.PrimaryColor,
SecondaryColor: policy.SecondaryColor,
}
}
func labelPolicyFromModel(policy *iam_model.LabelPolicy) *admin.DefaultLabelPolicy {
func labelPolicyFromDomain(policy *domain.LabelPolicy) *admin.DefaultLabelPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("ADMIN-QwQG9").OnError(err).Debug("date parse failed")

17
internal/api/grpc/admin/login_policy.go
View File

@ -15,11 +15,11 @@ func (s *Server) GetDefaultLoginPolicy(ctx context.Context, _ *empty.Empty) (*ad
}
func (s *Server) UpdateDefaultLoginPolicy(ctx context.Context, policy *admin.DefaultLoginPolicyRequest) (*admin.DefaultLoginPolicy, error) {
result, err := s.iam.ChangeDefaultLoginPolicy(ctx, loginPolicyToModel(policy))
result, err := s.command.ChangeDefaultLoginPolicy(ctx, loginPolicyToDomain(policy))
if err != nil {
return nil, err
}
return loginPolicyFromModel(result), nil
return loginPolicyFromDomain(result), nil
}
func (s *Server) GetDefaultLoginPolicyIdpProviders(ctx context.Context, request *admin.IdpProviderSearchRequest) (*admin.IdpProviderSearchResponse, error) {
@ -31,13 +31,14 @@ func (s *Server) GetDefaultLoginPolicyIdpProviders(ctx context.Context, request
}
func (s *Server) AddIdpProviderToDefaultLoginPolicy(ctx context.Context, provider *admin.IdpProviderID) (*admin.IdpProviderID, error) {
result, err := s.iam.AddIDPProviderToLoginPolicy(ctx, idpProviderToModel(provider))
result, err := s.command.AddIDPProviderToDefaultLoginPolicy(ctx, idpProviderToDomain(provider))
if err != nil {
return nil, err
}
return idpProviderFromModel(result), nil
return idpProviderFromDomain(result), nil
}
//TODO: Change to v2
func (s *Server) RemoveIdpProviderFromDefaultLoginPolicy(ctx context.Context, provider *admin.IdpProviderID) (*empty.Empty, error) {
err := s.iam.RemoveIDPProviderFromLoginPolicy(ctx, idpProviderToModel(provider))
return &empty.Empty{}, err
@ -52,7 +53,7 @@ func (s *Server) GetDefaultLoginPolicySecondFactors(ctx context.Context, _ *empt
}
func (s *Server) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, mfa *admin.SecondFactor) (*admin.SecondFactor, error) {
result, err := s.iam.AddSecondFactorToLoginPolicy(ctx, secondFactorTypeToModel(mfa))
result, err := s.command.AddSecondFactorToDefaultLoginPolicy(ctx, secondFactorTypeToModel(mfa))
if err != nil {
return nil, err
}
@ -60,7 +61,7 @@ func (s *Server) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, mfa *a
}
func (s *Server) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Context, mfa *admin.SecondFactor) (*empty.Empty, error) {
err := s.iam.RemoveSecondFactorFromLoginPolicy(ctx, secondFactorTypeToModel(mfa))
err := s.command.RemoveSecondFactorFromDefaultLoginPolicy(ctx, secondFactorTypeToModel(mfa))
return &empty.Empty{}, err
}
@ -73,7 +74,7 @@ func (s *Server) GetDefaultLoginPolicyMultiFactors(ctx context.Context, _ *empty
}
func (s *Server) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, mfa *admin.MultiFactor) (*admin.MultiFactor, error) {
result, err := s.iam.AddMultiFactorToLoginPolicy(ctx, multiFactorTypeToModel(mfa))
result, err := s.command.AddMultiFactorToDefaultLoginPolicy(ctx, multiFactorTypeToModel(mfa))
if err != nil {
return nil, err
}
@ -81,6 +82,6 @@ func (s *Server) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, mfa *ad
}
func (s *Server) RemoveMultiFactorFromDefaultLoginPolicy(ctx context.Context, mfa *admin.MultiFactor) (*empty.Empty, error) {
err := s.iam.RemoveMultiFactorFromLoginPolicy(ctx, multiFactorTypeToModel(mfa))
err := s.command.RemoveMultiFactorFromDefaultLoginPolicy(ctx, multiFactorTypeToModel(mfa))
return &empty.Empty{}, err
}

32
internal/api/grpc/admin/login_policy_converter.go
View File

@ -3,21 +3,22 @@ package admin
import (
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/pkg/grpc/admin"
"github.com/golang/protobuf/ptypes"
)
func loginPolicyToModel(policy *admin.DefaultLoginPolicyRequest) *iam_model.LoginPolicy {
return &iam_model.LoginPolicy{
func loginPolicyToDomain(policy *admin.DefaultLoginPolicyRequest) *domain.LoginPolicy {
return &domain.LoginPolicy{
AllowUsernamePassword: policy.AllowUsernamePassword,
AllowExternalIdp: policy.AllowExternalIdp,
AllowRegister: policy.AllowRegister,
ForceMFA: policy.ForceMfa,
PasswordlessType: passwordlessTypeToModel(policy.PasswordlessType),
PasswordlessType: passwordlessTypeToDomain(policy.PasswordlessType),
}
}
func loginPolicyFromModel(policy *iam_model.LoginPolicy) *admin.DefaultLoginPolicy {
func loginPolicyFromDomain(policy *domain.LoginPolicy) *admin.DefaultLoginPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-3Fsm9").OnError(err).Debug("date parse failed")
@ -29,7 +30,7 @@ func loginPolicyFromModel(policy *iam_model.LoginPolicy) *admin.DefaultLoginPoli
AllowExternalIdp: policy.AllowExternalIdp,
AllowRegister: policy.AllowRegister,
ForceMfa: policy.ForceMFA,
PasswordlessType: passwordlessTypeFromModel(policy.PasswordlessType),
PasswordlessType: passwordlessTypeFromDomain(policy.PasswordlessType),
CreationDate: creationDate,
ChangeDate: changeDate,
}
@ -47,7 +48,7 @@ func loginPolicyViewFromModel(policy *iam_model.LoginPolicyView) *admin.DefaultL
AllowExternalIdp: policy.AllowExternalIDP,
AllowRegister: policy.AllowRegister,
ForceMfa: policy.ForceMFA,
PasswordlessType: passwordlessTypeFromModel(policy.PasswordlessType),
PasswordlessType: passwordlessTypeFromDomain(policy.PasswordlessType),
CreationDate: creationDate,
ChangeDate: changeDate,
}
@ -69,6 +70,13 @@ func idpProviderSearchResponseFromModel(response *iam_model.IDPProviderSearchRes
}
}
func idpProviderToDomain(provider *admin.IdpProviderID) *domain.IDPProvider {
return &domain.IDPProvider{
IDPConfigID: provider.IdpConfigId,
Type: domain.IdentityProviderTypeSystem,
}
}
func idpProviderToModel(provider *admin.IdpProviderID) *iam_model.IDPProvider {
return &iam_model.IDPProvider{
IDPConfigID: provider.IdpConfigId,
@ -76,7 +84,7 @@ func idpProviderToModel(provider *admin.IdpProviderID) *iam_model.IDPProvider {
}
}
func idpProviderFromModel(provider *iam_model.IDPProvider) *admin.IdpProviderID {
func idpProviderFromDomain(provider *domain.IDPProvider) *admin.IdpProviderID {
return &admin.IdpProviderID{
IdpConfigId: provider.IDPConfigID,
}
@ -148,21 +156,21 @@ func secondFactorTypeToModel(mfaType *admin.SecondFactor) iam_model.SecondFactor
}
}
func passwordlessTypeFromModel(passwordlessType iam_model.PasswordlessType) admin.PasswordlessType {
func passwordlessTypeFromDomain(passwordlessType domain.PasswordlessType) admin.PasswordlessType {
switch passwordlessType {
case iam_model.PasswordlessTypeAllowed:
case domain.PasswordlessTypeAllowed:
return admin.PasswordlessType_PASSWORDLESSTYPE_ALLOWED
default:
return admin.PasswordlessType_PASSWORDLESSTYPE_NOT_ALLOWED
}
}
func passwordlessTypeToModel(passwordlessType admin.PasswordlessType) iam_model.PasswordlessType {
func passwordlessTypeToDomain(passwordlessType admin.PasswordlessType) domain.PasswordlessType {
switch passwordlessType {
case admin.PasswordlessType_PASSWORDLESSTYPE_ALLOWED:
return iam_model.PasswordlessTypeAllowed
return domain.PasswordlessTypeAllowed
default:
return iam_model.PasswordlessTypeNotAllowed
return domain.PasswordlessTypeNotAllowed
}
}

12
internal/api/grpc/admin/org.go
View File

@ -47,11 +47,11 @@ func (s *Server) GetDefaultOrgIamPolicy(ctx context.Context, _ *empty.Empty) (_
}
func (s *Server) UpdateDefaultOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyRequest) (_ *admin.OrgIamPolicy, err error) {
policy, err := s.iam.ChangeDefaultOrgIAMPolicy(ctx, orgIAMPolicyRequestToModel(in))
policy, err := s.command.ChangeDefaultOrgIAMPolicy(ctx, orgIAMPolicyRequestToDomain(in))
if err != nil {
return nil, err
}
return orgIAMPolicyFromModel(policy), err
return orgIAMPolicyFromDomain(policy), err
}
func (s *Server) GetOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyID) (_ *admin.OrgIamPolicyView, err error) {
@ -63,19 +63,19 @@ func (s *Server) GetOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyID)
}
func (s *Server) CreateOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyRequest) (_ *admin.OrgIamPolicy, err error) {
policy, err := s.org.CreateOrgIAMPolicy(ctx, orgIAMPolicyRequestToModel(in))
policy, err := s.command.AddOrgIAMPolicy(ctx, orgIAMPolicyRequestToDomain(in))
if err != nil {
return nil, err
}
return orgIAMPolicyFromModel(policy), err
return orgIAMPolicyFromDomain(policy), err
}
func (s *Server) UpdateOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyRequest) (_ *admin.OrgIamPolicy, err error) {
policy, err := s.org.ChangeOrgIAMPolicy(ctx, orgIAMPolicyRequestToModel(in))
policy, err := s.command.ChangeOrgIAMPolicy(ctx, orgIAMPolicyRequestToDomain(in))
if err != nil {
return nil, err
}
return orgIAMPolicyFromModel(policy), err
return orgIAMPolicyFromDomain(policy), err
}
func (s *Server) RemoveOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyID) (_ *empty.Empty, err error) {

7
internal/api/grpc/admin/org_converter.go
View File

@ -3,6 +3,7 @@ package admin
import (
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/golang/protobuf/ptypes"
admin_model "github.com/caos/zitadel/internal/admin/model"
@ -197,7 +198,7 @@ func orgQueryMethodToModel(method admin.OrgSearchMethod) model.SearchMethod {
}
}
func orgIAMPolicyFromModel(policy *iam_model.OrgIAMPolicy) *admin.OrgIamPolicy {
func orgIAMPolicyFromDomain(policy *domain.OrgIAMPolicy) *admin.OrgIamPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-ush36").OnError(err).Debug("unable to get timestamp from time")
@ -227,8 +228,8 @@ func orgIAMPolicyViewFromModel(policy *iam_model.OrgIAMPolicyView) *admin.OrgIam
}
}
func orgIAMPolicyRequestToModel(policy *admin.OrgIamPolicyRequest) *iam_model.OrgIAMPolicy {
return &iam_model.OrgIAMPolicy{
func orgIAMPolicyRequestToDomain(policy *admin.OrgIamPolicyRequest) *domain.OrgIAMPolicy {
return &domain.OrgIAMPolicy{
ObjectRoot: models.ObjectRoot{
AggregateID: policy.OrgId,
},

4
internal/api/grpc/admin/password_age_policy.go
View File

@ -15,9 +15,9 @@ func (s *Server) GetDefaultPasswordAgePolicy(ctx context.Context, _ *empty.Empty
}
func (s *Server) UpdateDefaultPasswordAgePolicy(ctx context.Context, policy *admin.DefaultPasswordAgePolicyRequest) (*admin.DefaultPasswordAgePolicy, error) {
result, err := s.iam.ChangeDefaultPasswordAgePolicy(ctx, passwordAgePolicyToModel(policy))
result, err := s.command.ChangeDefaultPasswordAgePolicy(ctx, passwordAgePolicyToDomain(policy))
if err != nil {
return nil, err
}
return passwordAgePolicyFromModel(result), nil
return passwordAgePolicyFromDomain(result), nil
}

7
internal/api/grpc/admin/password_age_policy_converter.go
View File

@ -3,18 +3,19 @@ package admin
import (
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/pkg/grpc/admin"
"github.com/golang/protobuf/ptypes"
)
func passwordAgePolicyToModel(policy *admin.DefaultPasswordAgePolicyRequest) *iam_model.PasswordAgePolicy {
return &iam_model.PasswordAgePolicy{
func passwordAgePolicyToDomain(policy *admin.DefaultPasswordAgePolicyRequest) *domain.PasswordAgePolicy {
return &domain.PasswordAgePolicy{
MaxAgeDays: policy.MaxAgeDays,
ExpireWarnDays: policy.ExpireWarnDays,
}
}
func passwordAgePolicyFromModel(policy *iam_model.PasswordAgePolicy) *admin.DefaultPasswordAgePolicy {
func passwordAgePolicyFromDomain(policy *domain.PasswordAgePolicy) *admin.DefaultPasswordAgePolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-mH9os").OnError(err).Debug("date parse failed")

4
internal/api/grpc/admin/password_complexity_policy.go
View File

@ -15,9 +15,9 @@ func (s *Server) GetDefaultPasswordComplexityPolicy(ctx context.Context, _ *empt
}
func (s *Server) UpdateDefaultPasswordComplexityPolicy(ctx context.Context, policy *admin.DefaultPasswordComplexityPolicyRequest) (*admin.DefaultPasswordComplexityPolicy, error) {
result, err := s.iam.ChangeDefaultPasswordComplexityPolicy(ctx, passwordComplexityPolicyToModel(policy))
result, err := s.command.ChangeDefaultPasswordComplexityPolicy(ctx, passwordComplexityPolicyToDomain(policy))
if err != nil {
return nil, err
}
return passwordComplexityPolicyFromModel(result), nil
return passwordComplexityPolicyFromDomain(result), nil
}

7
internal/api/grpc/admin/password_complexity_policy_converter.go
View File

@ -3,12 +3,13 @@ package admin
import (
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/pkg/grpc/admin"
"github.com/golang/protobuf/ptypes"
)
func passwordComplexityPolicyToModel(policy *admin.DefaultPasswordComplexityPolicyRequest) *iam_model.PasswordComplexityPolicy {
return &iam_model.PasswordComplexityPolicy{
func passwordComplexityPolicyToDomain(policy *admin.DefaultPasswordComplexityPolicyRequest) *domain.PasswordComplexityPolicy {
return &domain.PasswordComplexityPolicy{
MinLength: policy.MinLength,
HasUppercase: policy.HasUppercase,
HasLowercase: policy.HasLowercase,
@ -17,7 +18,7 @@ func passwordComplexityPolicyToModel(policy *admin.DefaultPasswordComplexityPoli
}
}
func passwordComplexityPolicyFromModel(policy *iam_model.PasswordComplexityPolicy) *admin.DefaultPasswordComplexityPolicy {
func passwordComplexityPolicyFromDomain(policy *domain.PasswordComplexityPolicy) *admin.DefaultPasswordComplexityPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-6Zhs9").OnError(err).Debug("date parse failed")

4
internal/api/grpc/admin/password_lockout_policy.go
View File

@ -15,9 +15,9 @@ func (s *Server) GetDefaultPasswordLockoutPolicy(ctx context.Context, _ *empty.E
}
func (s *Server) UpdateDefaultPasswordLockoutPolicy(ctx context.Context, policy *admin.DefaultPasswordLockoutPolicyRequest) (*admin.DefaultPasswordLockoutPolicy, error) {
result, err := s.iam.ChangeDefaultPasswordLockoutPolicy(ctx, passwordLockoutPolicyToModel(policy))
result, err := s.command.ChangeDefaultPasswordLockoutPolicy(ctx, passwordLockoutPolicyToDomain(policy))
if err != nil {
return nil, err
}
return passwordLockoutPolicyFromModel(result), nil
return passwordLockoutPolicyFromDomain(result), nil
}

7
internal/api/grpc/admin/password_lockout_policy_converter.go
View File

@ -3,18 +3,19 @@ package admin
import (
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/pkg/grpc/admin"
"github.com/golang/protobuf/ptypes"
)
func passwordLockoutPolicyToModel(policy *admin.DefaultPasswordLockoutPolicyRequest) *iam_model.PasswordLockoutPolicy {
return &iam_model.PasswordLockoutPolicy{
func passwordLockoutPolicyToDomain(policy *admin.DefaultPasswordLockoutPolicyRequest) *domain.PasswordLockoutPolicy {
return &domain.PasswordLockoutPolicy{
MaxAttempts: policy.MaxAttempts,
ShowLockOutFailures: policy.ShowLockoutFailure,
}
}
func passwordLockoutPolicyFromModel(policy *iam_model.PasswordLockoutPolicy) *admin.DefaultPasswordLockoutPolicy {
func passwordLockoutPolicyFromDomain(policy *domain.PasswordLockoutPolicy) *admin.DefaultPasswordLockoutPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-4Gsm9f").OnError(err).Debug("date parse failed")

8
internal/api/grpc/admin/server.go
View File

@ -1,6 +1,8 @@
package admin
import (
"github.com/caos/zitadel/internal/v2/command"
"github.com/caos/zitadel/internal/v2/query"
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/admin/repository"
@ -17,6 +19,8 @@ const (
var _ admin.AdminServiceServer = (*Server)(nil)
type Server struct {
command *command.CommandSide
query *query.QuerySide
org repository.OrgRepository
iam repository.IAMRepository
administrator repository.AdministratorRepository
@ -27,8 +31,10 @@ type Config struct {
Repository eventsourcing.Config
}
func CreateServer(repo repository.Repository) *Server {
func CreateServer(command *command.CommandSide, query *query.QuerySide, repo repository.Repository) *Server {
return &Server{
command: command,
query: query,
org: repo,
iam: repo,
administrator: repo,

8
internal/api/grpc/management/server.go
View File

@ -1,6 +1,8 @@
package management
import (
"github.com/caos/zitadel/internal/v2/command"
"github.com/caos/zitadel/internal/v2/query"
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/api/authz"
@ -18,6 +20,8 @@ const (
var _ management.ManagementServiceServer = (*Server)(nil)
type Server struct {
command *command.CommandSide
query *query.QuerySide
project repository.ProjectRepository
org repository.OrgRepository
user repository.UserRepository
@ -31,8 +35,10 @@ type Config struct {
Repository eventsourcing.Config
}
func CreateServer(repo repository.Repository, sd systemdefaults.SystemDefaults) *Server {
func CreateServer(command *command.CommandSide, query *query.QuerySide, repo repository.Repository, sd systemdefaults.SystemDefaults) *Server {
return &Server{
command: command,
query: query,
project: repo,
org: repo,
user: repo,

4
internal/api/grpc/management/user.go
View File

@ -52,11 +52,11 @@ func (s *Server) IsUserUnique(ctx context.Context, request *management.UniqueUse
}
func (s *Server) CreateUser(ctx context.Context, in *management.CreateUserRequest) (*management.UserResponse, error) {
user, err := s.user.CreateUser(ctx, userCreateToModel(in))
user, err := s.command.AddUser(ctx, userCreateToDomain(in))
if err != nil {
return nil, err
}
return userFromModel(user), nil
return userFromDomain(user), nil
}
func (s *Server) DeactivateUser(ctx context.Context, in *management.UserID) (*management.UserResponse, error) {

80
internal/api/grpc/management/user_converter.go
View File

@ -4,6 +4,7 @@ import (
"encoding/json"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
"google.golang.org/protobuf/encoding/protojson"
@ -16,6 +17,32 @@ import (
"github.com/caos/zitadel/pkg/grpc/message"
)
func userFromDomain(user *domain.User) *management.UserResponse {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-8duwe").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(user.ChangeDate)
logging.Log("GRPC-ckoe3d").OnError(err).Debug("unable to parse timestamp")
userResp := &management.UserResponse{
Id: user.AggregateID,
State: userStateFromDomain(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: user.Sequence,
UserName: user.UserName,
}
if user.Machine != nil {
userResp.User = &management.UserResponse_Machine{Machine: machineFromDomain(user.Machine)}
}
if user.Human != nil {
userResp.User = &management.UserResponse_Human{Human: humanFromDomain(user.Human)}
}
return userResp
}
func userFromModel(user *usr_model.User) *management.UserResponse {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-8duwe").OnError(err).Debug("unable to parse timestamp")
@ -25,7 +52,7 @@ func userFromModel(user *usr_model.User) *management.UserResponse {
userResp := &management.UserResponse{
Id: user.AggregateID,
State: userStateFromModel(user.State),
State: management.UserState(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: user.Sequence,
@ -42,18 +69,18 @@ func userFromModel(user *usr_model.User) *management.UserResponse {
return userResp
}
func userCreateToModel(user *management.CreateUserRequest) *usr_model.User {
var human *usr_model.Human
var machine *usr_model.Machine
func userCreateToDomain(user *management.CreateUserRequest) *domain.User {
var human *domain.Human
var machine *domain.Machine
if h := user.GetHuman(); h != nil {
human = humanCreateToModel(h)
human = humanCreateToDomain(h)
}
if m := user.GetMachine(); m != nil {
machine = machineCreateToModel(m)
machine = machineCreateToDomain(m)
}
return &usr_model.User{
return &domain.User{
UserName: user.UserName,
Human: human,
Machine: machine,
@ -222,7 +249,7 @@ func profileFromModel(profile *usr_model.Profile) *management.UserProfile {
DisplayName: profile.DisplayName,
NickName: profile.NickName,
PreferredLanguage: profile.PreferredLanguage.String(),
Gender: genderFromModel(profile.Gender),
Gender: management.Gender(profile.Gender),
}
}
@ -243,7 +270,7 @@ func profileViewFromModel(profile *usr_model.Profile) *management.UserProfileVie
DisplayName: profile.DisplayName,
NickName: profile.NickName,
PreferredLanguage: profile.PreferredLanguage.String(),
Gender: genderFromModel(profile.Gender),
Gender: management.Gender(profile.Gender),
LoginNames: profile.LoginNames,
PreferredLoginName: profile.PreferredLoginName,
}
@ -259,7 +286,7 @@ func updateProfileToModel(u *management.UpdateUserProfileRequest) *usr_model.Pro
LastName: u.LastName,
NickName: u.NickName,
PreferredLanguage: preferredLanguage,
Gender: genderToModel(u.Gender),
Gender: usr_model.Gender(u.Gender),
}
}
@ -430,7 +457,7 @@ func userViewFromModel(user *usr_model.UserView) *management.UserView {
userView := &management.UserView{
Id: user.ID,
State: userStateFromModel(user.State),
State: management.UserState(user.State),
CreationDate: creationDate,
ChangeDate: changeDate,
LastLogin: lastLogin,
@ -520,30 +547,30 @@ func notifyTypeToModel(state management.NotificationType) usr_model.Notification
}
}
func userStateFromModel(state usr_model.UserState) management.UserState {
func userStateFromDomain(state domain.UserState) management.UserState {
switch state {
case usr_model.UserStateActive:
case domain.UserStateActive:
return management.UserState_USERSTATE_ACTIVE
case usr_model.UserStateInactive:
case domain.UserStateInactive:
return management.UserState_USERSTATE_INACTIVE
case usr_model.UserStateLocked:
case domain.UserStateLocked:
return management.UserState_USERSTATE_LOCKED
case usr_model.UserStateInitial:
case domain.UserStateInitial:
return management.UserState_USERSTATE_INITIAL
case usr_model.UserStateSuspend:
case domain.UserStateSuspend:
return management.UserState_USERSTATE_SUSPEND
default:
return management.UserState_USERSTATE_UNSPECIFIED
}
}
func genderFromModel(gender usr_model.Gender) management.Gender {
func genderFromDomain(gender domain.Gender) management.Gender {
switch gender {
case usr_model.GenderFemale:
case domain.GenderFemale:
return management.Gender_GENDER_FEMALE
case usr_model.GenderMale:
case domain.GenderMale:
return management.Gender_GENDER_MALE
case usr_model.GenderDiverse:
case domain.GenderDiverse:
return management.Gender_GENDER_DIVERSE
default:
return management.Gender_GENDER_UNSPECIFIED
@ -562,16 +589,17 @@ func memberTypeFromModel(memberType usr_model.MemberType) management.MemberType
return management.MemberType_MEMBERTYPE_UNSPECIFIED
}
}
func genderToModel(gender management.Gender) usr_model.Gender {
func genderToDomain(gender management.Gender) domain.Gender {
switch gender {
case management.Gender_GENDER_FEMALE:
return usr_model.GenderFemale
return domain.GenderFemale
case management.Gender_GENDER_MALE:
return usr_model.GenderMale
return domain.GenderMale
case management.Gender_GENDER_DIVERSE:
return usr_model.GenderDiverse
return domain.GenderDiverse
default:
return usr_model.GenderUnspecified
return domain.GenderUnspecified
}
}

71
internal/api/grpc/management/user_human_converter.go
View File

@ -3,11 +3,40 @@ package management
import (
"github.com/caos/logging"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
)
func humanFromDomain(user *domain.Human) *management.HumanResponse {
human := &management.HumanResponse{
FirstName: user.FirstName,
LastName: user.LastName,
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage.String(),
Gender: genderFromDomain(user.Gender),
}
if user.Email != nil {
human.Email = user.EmailAddress
human.IsEmailVerified = user.IsEmailVerified
}
if user.Phone != nil {
human.Phone = user.PhoneNumber
human.IsPhoneVerified = user.IsPhoneVerified
}
if user.Address != nil {
human.Country = user.Country
human.Locality = user.Locality
human.PostalCode = user.PostalCode
human.Region = user.Region
human.StreetAddress = user.StreetAddress
}
return human
}
func humanFromModel(user *usr_model.Human) *management.HumanResponse {
human := &management.HumanResponse{
FirstName: user.FirstName,
@ -15,7 +44,8 @@ func humanFromModel(user *usr_model.Human) *management.HumanResponse {
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage.String(),
Gender: genderFromModel(user.Gender),
//TODO: User Converter
Gender: management.Gender(user.Gender),
}
if user.Email != nil {
@ -46,37 +76,38 @@ func humanViewFromModel(user *usr_model.HumanView) *management.HumanView {
DisplayName: user.DisplayName,
NickName: user.NickName,
PreferredLanguage: user.PreferredLanguage,
Gender: genderFromModel(user.Gender),
Email: user.Email,
IsEmailVerified: user.IsEmailVerified,
Phone: user.Phone,
IsPhoneVerified: user.IsPhoneVerified,
Country: user.Country,
Locality: user.Locality,
PostalCode: user.PostalCode,
Region: user.Region,
StreetAddress: user.StreetAddress,
PasswordChanged: passwordChanged,
//TODO: User converter
Gender: management.Gender(user.Gender),
Email: user.Email,
IsEmailVerified: user.IsEmailVerified,
Phone: user.Phone,
IsPhoneVerified: user.IsPhoneVerified,
Country: user.Country,
Locality: user.Locality,
PostalCode: user.PostalCode,
Region: user.Region,
StreetAddress: user.StreetAddress,
PasswordChanged: passwordChanged,
}
}
func humanCreateToModel(u *management.CreateHumanRequest) *usr_model.Human {
func humanCreateToDomain(u *management.CreateHumanRequest) *domain.Human {
preferredLanguage, err := language.Parse(u.PreferredLanguage)
logging.Log("GRPC-cK5k2").OnError(err).Debug("language malformed")
human := &usr_model.Human{
Profile: &usr_model.Profile{
human := &domain.Human{
Profile: &domain.Profile{
FirstName: u.FirstName,
LastName: u.LastName,
NickName: u.NickName,
PreferredLanguage: preferredLanguage,
Gender: genderToModel(u.Gender),
Gender: genderToDomain(u.Gender),
},
Email: &usr_model.Email{
Email: &domain.Email{
EmailAddress: u.Email,
IsEmailVerified: u.IsEmailVerified,
},
Address: &usr_model.Address{
Address: &domain.Address{
Country: u.Country,
Locality: u.Locality,
PostalCode: u.PostalCode,
@ -85,10 +116,10 @@ func humanCreateToModel(u *management.CreateHumanRequest) *usr_model.Human {
},
}
if u.Password != "" {
human.Password = &usr_model.Password{SecretString: u.Password}
human.Password = &domain.Password{SecretString: u.Password}
}
if u.Phone != "" {
human.Phone = &usr_model.Phone{PhoneNumber: u.Phone, IsPhoneVerified: u.IsPhoneVerified}
human.Phone = &domain.Phone{PhoneNumber: u.Phone, IsPhoneVerified: u.IsPhoneVerified}
}
return human
}

12
internal/api/grpc/management/user_machine_converter.go
View File

@ -2,6 +2,7 @@ package management
import (
"encoding/json"
"github.com/caos/zitadel/internal/v2/domain"
"time"
"github.com/caos/logging"
@ -12,8 +13,8 @@ import (
"github.com/golang/protobuf/ptypes"
)
func machineCreateToModel(machine *management.CreateMachineRequest) *usr_model.Machine {
return &usr_model.Machine{
func machineCreateToDomain(machine *management.CreateMachineRequest) *domain.Machine {
return &domain.Machine{
Name: machine.Name,
Description: machine.Description,
}
@ -26,6 +27,13 @@ func updateMachineToModel(machine *management.UpdateMachineRequest) *usr_model.M
}
}
func machineFromDomain(account *domain.Machine) *management.MachineResponse {
return &management.MachineResponse{
Name: account.Name,
Description: account.Description,
}
}
func machineFromModel(account *usr_model.Machine) *management.MachineResponse {
return &management.MachineResponse{
Name: account.Name,

7
internal/static/i18n/de.yaml
View File

@ -28,9 +28,10 @@ Errors:
Invalid: Email ist ungültig
AlreadyVerified: Email ist bereits verifiziert
NotChanged: Email wurde nicht geändert
PhoneNotFound: Telfonnummer nicht gefunden
PhoneInvalid: Telefonnummer ist ungültig
PhoneAlreadyVerified: Telefonnummer bereits verifiziert
Phone:
NotFound: Telfonnummer nicht gefunden
Invalid: Telefonnummer ist ungültig
AlreadyVerified: Telefonnummer bereits verifiziert
Address:
NotFound: Addresse nicht gefunden
NotChanged: Addresse wurde nicht geändert

7
internal/static/i18n/en.yaml
View File

@ -28,9 +28,10 @@ Errors:
Invalid: Email is invalid
AlreadyVerified: Email is alredy verified
NotChanged: Email not changed
PhoneNotFound: Phone not found
PhoneInvalid: Phone is invalid
PhoneAlreadyVerified: Phone already verified
Phone:
NotFound: Phone not found
Invalid: Phone is invalid
AlreadyVerified: Phone already verified
Address:
NotFound: Address not found
NotChanged: Address not changed

3
internal/user/model/user_human.go
View File

@ -3,6 +3,7 @@ package model
import (
"bytes"
caos_errors "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/v2/domain"
"strings"
"time"
@ -48,7 +49,7 @@ const (
GenderDiverse
)
func (u *Human) CheckOrgIAMPolicy(userName string, policy *iam_model.OrgIAMPolicy) error {
func (u *Human) CheckOrgIAMPolicy(userName string, policy *domain.OrgIAMPolicy) error {
if policy == nil {
return caos_errors.ThrowPreconditionFailed(nil, "MODEL-zSH7j", "Errors.Users.OrgIamPolicyNil")
}

8
internal/user/repository/eventsourcing/eventstore.go
View File

@ -1024,12 +1024,12 @@ func (es *UserEventstore) PhoneByID(ctx context.Context, userID string) (*usr_mo
if user.Phone != nil {
return user.Phone, nil
}
return nil, caos_errs.ThrowNotFound(nil, "EVENT-pos9e", "Errors.User.PhoneNotFound")
return nil, caos_errs.ThrowNotFound(nil, "EVENT-pos9e", "Errors.User.Phone.NotFound")
}
func (es *UserEventstore) ChangePhone(ctx context.Context, phone *usr_model.Phone) (*usr_model.Phone, error) {
if !phone.IsValid() {
return nil, caos_errs.ThrowPreconditionFailed(nil, "EVENT-do9s4", "Errors.User.PhoneInvalid")
return nil, caos_errs.ThrowPreconditionFailed(nil, "EVENT-do9s4", "Errors.User.Phone.Invalid")
}
user, err := es.HumanByID(ctx, phone.AggregateID)
if err != nil {
@ -1093,10 +1093,10 @@ func (es *UserEventstore) CreatePhoneVerificationCode(ctx context.Context, userI
return err
}
if user.Phone == nil {
return caos_errs.ThrowPreconditionFailed(nil, "EVENT-sp9fs", "Errors.User.PhoneNotFound")
return caos_errs.ThrowPreconditionFailed(nil, "EVENT-sp9fs", "Errors.User.Phone.NotFound")
}
if user.IsPhoneVerified {
return caos_errs.ThrowPreconditionFailed(nil, "EVENT-sleis", "Errors.User.PhoneAlreadyVerified")
return caos_errs.ThrowPreconditionFailed(nil, "EVENT-sleis", "Errors.User.Phone.AlreadyVerified")
}
phoneCode := new(usr_model.PhoneCode)

53
internal/v2/command/iam_converter.go
View File

@ -4,6 +4,7 @@ import (
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/eventstore/v2"
"github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
)
func writeModelToObjectRoot(writeModel eventstore.WriteModel) models.ObjectRoot {
@ -25,50 +26,50 @@ func writeModelToIAM(wm *IAMWriteModel) *model.IAM {
}
}
func writeModelToMember(writeModel *IAMMemberWriteModel) *model.IAMMember {
return &model.IAMMember{
func writeModelToMember(writeModel *IAMMemberWriteModel) *domain.IAMMember {
return &domain.IAMMember{
ObjectRoot: writeModelToObjectRoot(writeModel.MemberWriteModel.WriteModel),
Roles: writeModel.Roles,
UserID: writeModel.UserID,
}
}
func writeModelToLoginPolicy(wm *IAMLoginPolicyWriteModel) *model.LoginPolicy {
return &model.LoginPolicy{
func writeModelToLoginPolicy(wm *IAMLoginPolicyWriteModel) *domain.LoginPolicy {
return &domain.LoginPolicy{
ObjectRoot: writeModelToObjectRoot(wm.LoginPolicyWriteModel.WriteModel),
AllowUsernamePassword: wm.AllowUserNamePassword,
AllowRegister: wm.AllowRegister,
AllowExternalIdp: wm.AllowExternalIDP,
ForceMFA: wm.ForceMFA,
PasswordlessType: model.PasswordlessType(wm.PasswordlessType),
PasswordlessType: wm.PasswordlessType,
}
}
func writeModelToLabelPolicy(wm *IAMLabelPolicyWriteModel) *model.LabelPolicy {
return &model.LabelPolicy{
func writeModelToLabelPolicy(wm *IAMLabelPolicyWriteModel) *domain.LabelPolicy {
return &domain.LabelPolicy{
ObjectRoot: writeModelToObjectRoot(wm.LabelPolicyWriteModel.WriteModel),
PrimaryColor: wm.PrimaryColor,
SecondaryColor: wm.SecondaryColor,
}
}
func writeModelToOrgIAMPolicy(wm *IAMOrgIAMPolicyWriteModel) *model.OrgIAMPolicy {
return &model.OrgIAMPolicy{
func writeModelToOrgIAMPolicy(wm *IAMOrgIAMPolicyWriteModel) *domain.OrgIAMPolicy {
return &domain.OrgIAMPolicy{
ObjectRoot: writeModelToObjectRoot(wm.PolicyOrgIAMWriteModel.WriteModel),
UserLoginMustBeDomain: wm.UserLoginMustBeDomain,
}
}
func writeModelToPasswordAgePolicy(wm *IAMPasswordAgePolicyWriteModel) *model.PasswordAgePolicy {
return &model.PasswordAgePolicy{
func writeModelToPasswordAgePolicy(wm *IAMPasswordAgePolicyWriteModel) *domain.PasswordAgePolicy {
return &domain.PasswordAgePolicy{
ObjectRoot: writeModelToObjectRoot(wm.PasswordAgePolicyWriteModel.WriteModel),
MaxAgeDays: wm.MaxAgeDays,
ExpireWarnDays: wm.ExpireWarnDays,
}
}
func writeModelToPasswordComplexityPolicy(wm *IAMPasswordComplexityPolicyWriteModel) *model.PasswordComplexityPolicy {
return &model.PasswordComplexityPolicy{
func writeModelToPasswordComplexityPolicy(wm *IAMPasswordComplexityPolicyWriteModel) *domain.PasswordComplexityPolicy {
return &domain.PasswordComplexityPolicy{
ObjectRoot: writeModelToObjectRoot(wm.PasswordComplexityPolicyWriteModel.WriteModel),
MinLength: wm.MinLength,
HasLowercase: wm.HasLowercase,
@ -78,41 +79,41 @@ func writeModelToPasswordComplexityPolicy(wm *IAMPasswordComplexityPolicyWriteMo
}
}
func writeModelToPasswordLockoutPolicy(wm *IAMPasswordLockoutPolicyWriteModel) *model.PasswordLockoutPolicy {
return &model.PasswordLockoutPolicy{
func writeModelToPasswordLockoutPolicy(wm *IAMPasswordLockoutPolicyWriteModel) *domain.PasswordLockoutPolicy {
return &domain.PasswordLockoutPolicy{
ObjectRoot: writeModelToObjectRoot(wm.PasswordLockoutPolicyWriteModel.WriteModel),
MaxAttempts: wm.MaxAttempts,
ShowLockOutFailures: wm.ShowLockOutFailures,
}
}
func writeModelToIDPConfig(wm *IAMIDPConfigWriteModel) *model.IDPConfig {
return &model.IDPConfig{
func writeModelToIDPConfig(wm *IAMIDPConfigWriteModel) *domain.IDPConfig {
return &domain.IDPConfig{
ObjectRoot: writeModelToObjectRoot(wm.WriteModel),
OIDCConfig: writeModelToIDPOIDCConfig(wm.OIDCConfig),
IDPConfigID: wm.ConfigID,
Name: wm.Name,
State: model.IDPConfigState(wm.State),
StylingType: model.IDPStylingType(wm.StylingType),
State: wm.State,
StylingType: wm.StylingType,
}
}
func writeModelToIDPOIDCConfig(wm *OIDCConfigWriteModel) *model.OIDCIDPConfig {
return &model.OIDCIDPConfig{
func writeModelToIDPOIDCConfig(wm *OIDCConfigWriteModel) *domain.OIDCIDPConfig {
return &domain.OIDCIDPConfig{
ObjectRoot: writeModelToObjectRoot(wm.WriteModel),
ClientID: wm.ClientID,
IDPConfigID: wm.IDPConfigID,
IDPDisplayNameMapping: model.OIDCMappingField(wm.IDPDisplayNameMapping),
IDPDisplayNameMapping: wm.IDPDisplayNameMapping,
Issuer: wm.Issuer,
Scopes: wm.Scopes,
UsernameMapping: model.OIDCMappingField(wm.UserNameMapping),
UsernameMapping: wm.UserNameMapping,
}
}
func writeModelToIDPProvider(wm *IAMIdentityProviderWriteModel) *model.IDPProvider {
return &model.IDPProvider{
func writeModelToIDPProvider(wm *IAMIdentityProviderWriteModel) *domain.IDPProvider {
return &domain.IDPProvider{
ObjectRoot: writeModelToObjectRoot(wm.IdentityProviderWriteModel.WriteModel),
IDPConfigID: wm.IDPConfigID,
Type: model.IDPProviderType(wm.IDPProviderType),
Type: wm.IDPProviderType,
}
}

25
internal/v2/command/iam_idp_config.go
View File

@ -8,12 +8,11 @@ import (
"github.com/caos/zitadel/internal/crypto"
"github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/repository/iam"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *iam_model.IDPConfig) (*iam_model.IDPConfig, error) {
func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) {
if config.OIDCConfig == nil {
return nil, errors.ThrowInvalidArgument(nil, "IAM-eUpQU", "Errors.idp.config.notset")
}
@ -36,8 +35,8 @@ func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *iam_model
ctx,
idpConfigID,
config.Name,
domain.IDPConfigType(config.Type),
domain.IDPConfigStylingType(config.StylingType),
config.Type,
config.StylingType,
),
)
iamAgg.PushEvents(
@ -46,8 +45,8 @@ func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *iam_model
idpConfigID,
config.OIDCConfig.Issuer,
clientSecret,
domain.OIDCMappingField(config.OIDCConfig.IDPDisplayNameMapping),
domain.OIDCMappingField(config.OIDCConfig.UsernameMapping),
config.OIDCConfig.IDPDisplayNameMapping,
config.OIDCConfig.UsernameMapping,
config.OIDCConfig.Scopes...,
),
)
@ -58,7 +57,7 @@ func (r *CommandSide) AddDefaultIDPConfig(ctx context.Context, config *iam_model
return writeModelToIDPConfig(addedConfig), nil
}
func (r *CommandSide) ChangeDefaultIDPConfig(ctx context.Context, config *iam_model.IDPConfig) (*iam_model.IDPConfig, error) {
func (r *CommandSide) ChangeDefaultIDPConfig(ctx context.Context, config *domain.IDPConfig) (*domain.IDPConfig, error) {
existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, config.AggregateID, config.IDPConfigID)
if err != nil {
return nil, err
@ -67,7 +66,7 @@ func (r *CommandSide) ChangeDefaultIDPConfig(ctx context.Context, config *iam_mo
return nil, caos_errs.ThrowAlreadyExists(nil, "IAM-4M9so", "Errors.IAM.IDPConfig.NotExisting")
}
changedEvent, hasChanged := existingIDP.NewChangedEvent(ctx, config.IDPConfigID, config.Name, domain.IDPConfigStylingType(config.StylingType))
changedEvent, hasChanged := existingIDP.NewChangedEvent(ctx, config.IDPConfigID, config.Name, config.StylingType)
if !hasChanged {
return nil, caos_errs.ThrowAlreadyExists(nil, "IAM-4M9vs", "Errors.IAM.LabelPolicy.NotChanged")
}
@ -81,8 +80,8 @@ func (r *CommandSide) ChangeDefaultIDPConfig(ctx context.Context, config *iam_mo
return writeModelToIDPConfig(existingIDP), nil
}
func (r *CommandSide) DeactivateDefaultIDPConfig(ctx context.Context, iamID, idpID string) (*iam_model.IDPConfig, error) {
existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, iamID, idpID)
func (r *CommandSide) DeactivateDefaultIDPConfig(ctx context.Context, idpID string) (*domain.IDPConfig, error) {
existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, r.iamID, idpID)
if err != nil {
return nil, err
}
@ -99,8 +98,8 @@ func (r *CommandSide) DeactivateDefaultIDPConfig(ctx context.Context, iamID, idp
return writeModelToIDPConfig(existingIDP), nil
}
func (r *CommandSide) ReactivateDefaultIDPConfig(ctx context.Context, iamID, idpID string) (*iam_model.IDPConfig, error) {
existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, iamID, idpID)
func (r *CommandSide) ReactivateDefaultIDPConfig(ctx context.Context, idpID string) (*domain.IDPConfig, error) {
existingIDP, err := r.iamIDPConfigWriteModelByID(ctx, r.iamID, idpID)
if err != nil {
return nil, err
}
@ -118,7 +117,7 @@ func (r *CommandSide) ReactivateDefaultIDPConfig(ctx context.Context, iamID, idp
return writeModelToIDPConfig(existingIDP), nil
}
func (r *CommandSide) RemoveDefaultIDPConfig(ctx context.Context, iamID, idpID string) (*iam_model.IDPConfig, error) {
func (r *CommandSide) RemoveDefaultIDPConfig(ctx context.Context, iamID, idpID string) (*domain.IDPConfig, error) {
writeModel, err := r.pushDefaultIDPWriteModel(ctx, iamID, idpID, func(a *iam.Aggregate, _ *IAMIDPConfigWriteModel) *iam.Aggregate {
a.Aggregate = *a.PushEvents(iam_repo.NewIDPConfigRemovedEvent(ctx, idpID))
return a

8
internal/v2/command/iam_idp_oidc_config.go
View File

@ -4,11 +4,9 @@ import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/v2/domain"
iam_model "github.com/caos/zitadel/internal/iam/model"
)
func (r *CommandSide) ChangeDefaultIDPOIDCConfig(ctx context.Context, config *iam_model.OIDCIDPConfig) (*iam_model.OIDCIDPConfig, error) {
func (r *CommandSide) ChangeDefaultIDPOIDCConfig(ctx context.Context, config *domain.OIDCIDPConfig) (*domain.OIDCIDPConfig, error) {
existingConfig := NewIDPOIDCConfigWriteModel(config.AggregateID, config.IDPConfigID)
err := r.eventstore.FilterToQueryReducer(ctx, existingConfig)
if err != nil {
@ -25,8 +23,8 @@ func (r *CommandSide) ChangeDefaultIDPOIDCConfig(ctx context.Context, config *ia
config.Issuer,
config.ClientSecretString,
r.idpConfigSecretCrypto,
domain.OIDCMappingField(config.IDPDisplayNameMapping),
domain.OIDCMappingField(config.UsernameMapping),
config.IDPDisplayNameMapping,
config.UsernameMapping,
config.Scopes...)
if err != nil {
return nil, err

12
internal/v2/command/iam_member.go
View File

@ -2,16 +2,16 @@ package command
import (
"context"
"github.com/caos/zitadel/internal/v2/domain"
"reflect"
"github.com/caos/zitadel/internal/errors"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/telemetry/tracing"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) AddIAMMember(ctx context.Context, member *iam_model.IAMMember) (*iam_model.IAMMember, error) {
func (r *CommandSide) AddIAMMember(ctx context.Context, member *domain.IAMMember) (*domain.IAMMember, error) {
//TODO: check if roles valid
if !member.IsValid() {
@ -39,7 +39,7 @@ func (r *CommandSide) AddIAMMember(ctx context.Context, member *iam_model.IAMMem
}
//ChangeIAMMember updates an existing member
func (r *CommandSide) ChangeIAMMember(ctx context.Context, member *iam_model.IAMMember) (*iam_model.IAMMember, error) {
func (r *CommandSide) ChangeIAMMember(ctx context.Context, member *domain.IAMMember) (*domain.IAMMember, error) {
//TODO: check if roles valid
if !member.IsValid() {
@ -70,8 +70,8 @@ func (r *CommandSide) ChangeIAMMember(ctx context.Context, member *iam_model.IAM
return writeModelToMember(existingMember), nil
}
func (r *CommandSide) RemoveIAMMember(ctx context.Context, member *iam_model.IAMMember) error {
m, err := r.iamMemberWriteModelByID(ctx, member.AggregateID, member.UserID)
func (r *CommandSide) RemoveIAMMember(ctx context.Context, userID string) error {
m, err := r.iamMemberWriteModelByID(ctx, r.iamID, userID)
if err != nil && !errors.IsNotFound(err) {
return err
}
@ -80,7 +80,7 @@ func (r *CommandSide) RemoveIAMMember(ctx context.Context, member *iam_model.IAM
}
iamAgg := IAMAggregateFromWriteModel(&m.MemberWriteModel.WriteModel)
iamAgg.PushEvents(iam_repo.NewMemberRemovedEvent(ctx, member.UserID))
iamAgg.PushEvents(iam_repo.NewMemberRemovedEvent(ctx, userID))
return r.eventstore.PushAggregate(ctx, m, iamAgg)
}

16
internal/v2/command/iam_policy_label.go
View File

@ -3,16 +3,13 @@ package command
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/telemetry/tracing"
"github.com/caos/zitadel/internal/v2/domain"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) AddDefaultLabelPolicy(ctx context.Context, policy *iam_model.LabelPolicy) (*iam_model.LabelPolicy, error) {
if !policy.IsValid() {
return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-5Mv0s", "Errors.IAM.LabelPolicyInvalid")
}
func (r *CommandSide) AddDefaultLabelPolicy(ctx context.Context, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) {
policy.AggregateID = r.iamID
addedPolicy := NewIAMLabelPolicyWriteModel(policy.AggregateID)
err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy)
if err != nil {
@ -33,11 +30,8 @@ func (r *CommandSide) AddDefaultLabelPolicy(ctx context.Context, policy *iam_mod
return writeModelToLabelPolicy(addedPolicy), nil
}
func (r *CommandSide) ChangeDefaultLabelPolicy(ctx context.Context, policy *iam_model.LabelPolicy) (*iam_model.LabelPolicy, error) {
if !policy.IsValid() {
return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-6M0od", "Errors.IAM.LabelPolicyInvalid")
}
func (r *CommandSide) ChangeDefaultLabelPolicy(ctx context.Context, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) {
policy.AggregateID = r.iamID
existingPolicy, err := r.defaultLabelPolicyWriteModelByID(ctx, policy.AggregateID)
if err != nil {
return nil, err

34
internal/v2/command/iam_policy_login.go
View File

@ -9,7 +9,8 @@ import (
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) AddDefaultLoginPolicy(ctx context.Context, policy *iam_model.LoginPolicy) (*iam_model.LoginPolicy, error) {
func (r *CommandSide) AddDefaultLoginPolicy(ctx context.Context, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) {
policy.AggregateID = r.iamID
addedPolicy := NewIAMLoginPolicyWriteModel(policy.AggregateID)
iamAgg, err := r.addDefaultLoginPolicy(ctx, addedPolicy, policy)
if err != nil {
@ -23,7 +24,7 @@ func (r *CommandSide) AddDefaultLoginPolicy(ctx context.Context, policy *iam_mod
return writeModelToLoginPolicy(addedPolicy), nil
}
func (r *CommandSide) addDefaultLoginPolicy(ctx context.Context, addedPolicy *IAMLoginPolicyWriteModel, policy *iam_model.LoginPolicy) (*iam_repo.Aggregate, error) {
func (r *CommandSide) addDefaultLoginPolicy(ctx context.Context, addedPolicy *IAMLoginPolicyWriteModel, policy *domain.LoginPolicy) (*iam_repo.Aggregate, error) {
err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy)
if err != nil {
return nil, err
@ -33,16 +34,13 @@ func (r *CommandSide) addDefaultLoginPolicy(ctx context.Context, addedPolicy *IA
}
iamAgg := IAMAggregateFromWriteModel(&addedPolicy.LoginPolicyWriteModel.WriteModel)
iamAgg.PushEvents(iam_repo.NewLoginPolicyAddedEvent(ctx, policy.AllowUsernamePassword, policy.AllowRegister, policy.AllowExternalIdp, policy.ForceMFA, domain.PasswordlessType(policy.PasswordlessType)))
iamAgg.PushEvents(iam_repo.NewLoginPolicyAddedEvent(ctx, policy.AllowUsernamePassword, policy.AllowRegister, policy.AllowExternalIdp, policy.ForceMFA, policy.PasswordlessType))
return iamAgg, nil
}
func (r *CommandSide) ChangeDefaultLoginPolicy(ctx context.Context, policy *iam_model.LoginPolicy) (*iam_model.LoginPolicy, error) {
if !policy.IsValid() {
return nil, caos_errs.ThrowPreconditionFailed(nil, "IAM-6M0od", "Errors.IAM.LoginPolicyInvalid")
}
func (r *CommandSide) ChangeDefaultLoginPolicy(ctx context.Context, policy *domain.LoginPolicy) (*domain.LoginPolicy, error) {
policy.AggregateID = r.iamID
existingPolicy, err := r.defaultLoginPolicyWriteModelByID(ctx, policy.AggregateID)
if err != nil {
return nil, err
@ -65,7 +63,8 @@ func (r *CommandSide) ChangeDefaultLoginPolicy(ctx context.Context, policy *iam_
return writeModelToLoginPolicy(existingPolicy), nil
}
func (r *CommandSide) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, idpProvider *iam_model.IDPProvider) (*iam_model.IDPProvider, error) {
func (r *CommandSide) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, idpProvider *domain.IDPProvider) (*domain.IDPProvider, error) {
idpProvider.AggregateID = r.iamID
idpModel := NewIAMIdentityProviderWriteModel(idpProvider.AggregateID, idpProvider.IDPConfigID)
err := r.eventstore.FilterToQueryReducer(ctx, idpModel)
if err != nil {
@ -86,6 +85,7 @@ func (r *CommandSide) AddIDPProviderToDefaultLoginPolicy(ctx context.Context, id
}
func (r *CommandSide) RemoveIDPProviderFromDefaultLoginPolicy(ctx context.Context, idpProvider *iam_model.IDPProvider) error {
idpProvider.AggregateID = r.iamID
idpModel := NewIAMIdentityProviderWriteModel(idpProvider.AggregateID, idpProvider.IDPConfigID)
err := r.eventstore.FilterToQueryReducer(ctx, idpModel)
if err != nil {
@ -100,8 +100,8 @@ func (r *CommandSide) RemoveIDPProviderFromDefaultLoginPolicy(ctx context.Contex
return r.eventstore.PushAggregate(ctx, idpModel, iamAgg)
}
func (r *CommandSide) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, iamID string, secondFactor iam_model.SecondFactorType) (iam_model.SecondFactorType, error) {
secondFactorModel := NewIAMSecondFactorWriteModel(iamID)
func (r *CommandSide) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, secondFactor iam_model.SecondFactorType) (iam_model.SecondFactorType, error) {
secondFactorModel := NewIAMSecondFactorWriteModel(r.iamID)
err := r.eventstore.FilterToQueryReducer(ctx, secondFactorModel)
if err != nil {
return iam_model.SecondFactorTypeUnspecified, err
@ -121,8 +121,8 @@ func (r *CommandSide) AddSecondFactorToDefaultLoginPolicy(ctx context.Context, i
return iam_model.SecondFactorType(secondFactorModel.MFAType), nil
}
func (r *CommandSide) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Context, iamID string, secondFactor iam_model.SecondFactorType) error {
secondFactorModel := NewIAMSecondFactorWriteModel(iamID)
func (r *CommandSide) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Context, secondFactor iam_model.SecondFactorType) error {
secondFactorModel := NewIAMSecondFactorWriteModel(r.iamID)
err := r.eventstore.FilterToQueryReducer(ctx, secondFactorModel)
if err != nil {
return err
@ -136,8 +136,8 @@ func (r *CommandSide) RemoveSecondFactorFromDefaultLoginPolicy(ctx context.Conte
return r.eventstore.PushAggregate(ctx, secondFactorModel, iamAgg)
}
func (r *CommandSide) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, iamID string, multiFactor iam_model.MultiFactorType) (iam_model.MultiFactorType, error) {
multiFactorModel := NewIAMMultiFactorWriteModel(iamID)
func (r *CommandSide) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, multiFactor iam_model.MultiFactorType) (iam_model.MultiFactorType, error) {
multiFactorModel := NewIAMMultiFactorWriteModel(r.iamID)
err := r.eventstore.FilterToQueryReducer(ctx, multiFactorModel)
if err != nil {
return iam_model.MultiFactorTypeUnspecified, err
@ -155,8 +155,8 @@ func (r *CommandSide) AddMultiFactorToDefaultLoginPolicy(ctx context.Context, ia
return iam_model.MultiFactorType(multiFactorModel.MultiFactoryWriteModel.MFAType), nil
}
func (r *CommandSide) RemoveMultiFactorFromDefaultLoginPolicy(ctx context.Context, iamID string, multiFactor iam_model.MultiFactorType) error {
multiFactorModel := NewIAMMultiFactorWriteModel(iamID)
func (r *CommandSide) RemoveMultiFactorFromDefaultLoginPolicy(ctx context.Context, multiFactor iam_model.MultiFactorType) error {
multiFactorModel := NewIAMMultiFactorWriteModel(r.iamID)
err := r.eventstore.FilterToQueryReducer(ctx, multiFactorModel)
if err != nil {
return err

0
internal/v2/command/iam_policy_login_identity_provider.go → internal/v2/command/iam_policy_login_identity_provider_model.go
View File

12
internal/v2/command/iam_policy_org_iam.go
View File

@ -3,13 +3,13 @@ package command
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/telemetry/tracing"
"github.com/caos/zitadel/internal/v2/domain"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) GetDefaultOrgIAMPolicy(ctx context.Context, aggregateID string) (*iam_model.OrgIAMPolicy, error) {
policyWriteModel := NewIAMOrgIAMPolicyWriteModel(aggregateID)
func (r *CommandSide) GetDefaultOrgIAMPolicy(ctx context.Context) (*domain.OrgIAMPolicy, error) {
policyWriteModel := NewIAMOrgIAMPolicyWriteModel(r.iamID)
err := r.eventstore.FilterToQueryReducer(ctx, policyWriteModel)
if err != nil {
return nil, err
@ -19,7 +19,8 @@ func (r *CommandSide) GetDefaultOrgIAMPolicy(ctx context.Context, aggregateID st
return policy, nil
}
func (r *CommandSide) AddDefaultOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error) {
func (r *CommandSide) AddDefaultOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) {
policy.AggregateID = r.iamID
addedPolicy := NewIAMOrgIAMPolicyWriteModel(policy.AggregateID)
err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy)
if err != nil {
@ -39,7 +40,8 @@ func (r *CommandSide) AddDefaultOrgIAMPolicy(ctx context.Context, policy *iam_mo
return writeModelToOrgIAMPolicy(addedPolicy), nil
}
func (r *CommandSide) ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error) {
func (r *CommandSide) ChangeDefaultOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) {
policy.AggregateID = r.iamID
existingPolicy, err := r.defaultOrgIAMPolicyWriteModelByID(ctx, policy.AggregateID)
if err != nil {
return nil, err

8
internal/v2/command/iam_policy_password_age.go
View File

@ -3,12 +3,13 @@ package command
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/telemetry/tracing"
"github.com/caos/zitadel/internal/v2/domain"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) AddDefaultPasswordAgePolicy(ctx context.Context, policy *iam_model.PasswordAgePolicy) (*iam_model.PasswordAgePolicy, error) {
func (r *CommandSide) AddDefaultPasswordAgePolicy(ctx context.Context, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) {
policy.AggregateID = r.iamID
addedPolicy := NewIAMPasswordAgePolicyWriteModel(policy.AggregateID)
err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy)
if err != nil {
@ -29,7 +30,8 @@ func (r *CommandSide) AddDefaultPasswordAgePolicy(ctx context.Context, policy *i
return writeModelToPasswordAgePolicy(addedPolicy), nil
}
func (r *CommandSide) ChangeDefaultPasswordAgePolicy(ctx context.Context, policy *iam_model.PasswordAgePolicy) (*iam_model.PasswordAgePolicy, error) {
func (r *CommandSide) ChangeDefaultPasswordAgePolicy(ctx context.Context, policy *domain.PasswordAgePolicy) (*domain.PasswordAgePolicy, error) {
policy.AggregateID = r.iamID
existingPolicy, err := r.defaultPasswordAgePolicyWriteModelByID(ctx, policy.AggregateID)
if err != nil {
return nil, err

14
internal/v2/command/iam_policy_password_complexity.go
View File

@ -3,13 +3,13 @@ package command
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/telemetry/tracing"
"github.com/caos/zitadel/internal/v2/domain"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) GetDefaultPasswordComplexityPolicy(ctx context.Context, aggregateID string) (*iam_model.PasswordComplexityPolicy, error) {
policyWriteModel := NewIAMPasswordComplexityPolicyWriteModel(aggregateID)
func (r *CommandSide) GetDefaultPasswordComplexityPolicy(ctx context.Context) (*domain.PasswordComplexityPolicy, error) {
policyWriteModel := NewIAMPasswordComplexityPolicyWriteModel(r.iamID)
err := r.eventstore.FilterToQueryReducer(ctx, policyWriteModel)
if err != nil {
return nil, err
@ -19,7 +19,8 @@ func (r *CommandSide) GetDefaultPasswordComplexityPolicy(ctx context.Context, ag
return policy, nil
}
func (r *CommandSide) AddDefaultPasswordComplexityPolicy(ctx context.Context, policy *iam_model.PasswordComplexityPolicy) (*iam_model.PasswordComplexityPolicy, error) {
func (r *CommandSide) AddDefaultPasswordComplexityPolicy(ctx context.Context, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) {
policy.AggregateID = r.iamID
addedPolicy := NewIAMPasswordComplexityPolicyWriteModel(policy.AggregateID)
iamAgg, err := r.addDefaultPasswordComplexityPolicy(ctx, addedPolicy, policy)
if err != nil {
@ -34,7 +35,7 @@ func (r *CommandSide) AddDefaultPasswordComplexityPolicy(ctx context.Context, po
return writeModelToPasswordComplexityPolicy(addedPolicy), nil
}
func (r *CommandSide) addDefaultPasswordComplexityPolicy(ctx context.Context, addedPolicy *IAMPasswordComplexityPolicyWriteModel, policy *iam_model.PasswordComplexityPolicy) (*iam_repo.Aggregate, error) {
func (r *CommandSide) addDefaultPasswordComplexityPolicy(ctx context.Context, addedPolicy *IAMPasswordComplexityPolicyWriteModel, policy *domain.PasswordComplexityPolicy) (*iam_repo.Aggregate, error) {
if err := policy.IsValid(); err != nil {
return nil, err
}
@ -53,7 +54,8 @@ func (r *CommandSide) addDefaultPasswordComplexityPolicy(ctx context.Context, ad
return iamAgg, nil
}
func (r *CommandSide) ChangeDefaultPasswordComplexityPolicy(ctx context.Context, policy *iam_model.PasswordComplexityPolicy) (*iam_model.PasswordComplexityPolicy, error) {
func (r *CommandSide) ChangeDefaultPasswordComplexityPolicy(ctx context.Context, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) {
policy.AggregateID = r.iamID
if err := policy.IsValid(); err != nil {
return nil, err
}

8
internal/v2/command/iam_policy_password_lockout.go
View File

@ -3,12 +3,13 @@ package command
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/telemetry/tracing"
"github.com/caos/zitadel/internal/v2/domain"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) AddDefaultPasswordLockoutPolicy(ctx context.Context, policy *iam_model.PasswordLockoutPolicy) (*iam_model.PasswordLockoutPolicy, error) {
func (r *CommandSide) AddDefaultPasswordLockoutPolicy(ctx context.Context, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) {
policy.AggregateID = r.iamID
addedPolicy := NewIAMPasswordLockoutPolicyWriteModel(policy.AggregateID)
err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy)
if err != nil {
@ -29,7 +30,8 @@ func (r *CommandSide) AddDefaultPasswordLockoutPolicy(ctx context.Context, polic
return writeModelToPasswordLockoutPolicy(addedPolicy), nil
}
func (r *CommandSide) ChangeDefaultPasswordLockoutPolicy(ctx context.Context, policy *iam_model.PasswordLockoutPolicy) (*iam_model.PasswordLockoutPolicy, error) {
func (r *CommandSide) ChangeDefaultPasswordLockoutPolicy(ctx context.Context, policy *domain.PasswordLockoutPolicy) (*domain.PasswordLockoutPolicy, error) {
policy.AggregateID = r.iamID
existingPolicy, err := r.defaultPasswordLockoutPolicyWriteModelByID(ctx, policy.AggregateID)
if err != nil {
return nil, err

10
internal/v2/command/org_converter.go
View File

@ -1,18 +1,18 @@
package command
import (
"github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
)
func orgWriteModelToOrgIAMPolicy(wm *ORGOrgIAMPolicyWriteModel) *model.OrgIAMPolicy {
return &model.OrgIAMPolicy{
func orgWriteModelToOrgIAMPolicy(wm *ORGOrgIAMPolicyWriteModel) *domain.OrgIAMPolicy {
return &domain.OrgIAMPolicy{
ObjectRoot: writeModelToObjectRoot(wm.PolicyOrgIAMWriteModel.WriteModel),
UserLoginMustBeDomain: wm.UserLoginMustBeDomain,
}
}
func orgWriteModelToPasswordComplexityPolicy(wm *OrgPasswordComplexityPolicyWriteModel) *model.PasswordComplexityPolicy {
return &model.PasswordComplexityPolicy{
func orgWriteModelToPasswordComplexityPolicy(wm *OrgPasswordComplexityPolicyWriteModel) *domain.PasswordComplexityPolicy {
return &domain.PasswordComplexityPolicy{
ObjectRoot: writeModelToObjectRoot(wm.PasswordComplexityPolicyWriteModel.WriteModel),
MinLength: wm.MinLength,
HasLowercase: wm.HasLowercase,

14
internal/v2/command/org_policy_org_iam.go
View File

@ -3,12 +3,12 @@ package command
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/telemetry/tracing"
"github.com/caos/zitadel/internal/v2/domain"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
func (r *CommandSide) GetOrgIAMPolicy(ctx context.Context, orgID string) (*iam_model.OrgIAMPolicy, error) {
func (r *CommandSide) GetOrgIAMPolicy(ctx context.Context, orgID string) (*domain.OrgIAMPolicy, error) {
policy := NewORGOrgIAMPolicyWriteModel(orgID)
err := r.eventstore.FilterToQueryReducer(ctx, policy)
if err != nil {
@ -17,10 +17,10 @@ func (r *CommandSide) GetOrgIAMPolicy(ctx context.Context, orgID string) (*iam_m
if policy.IsActive {
return orgWriteModelToOrgIAMPolicy(policy), nil
}
return r.GetDefaultOrgIAMPolicy(ctx, r.iamID)
return r.GetDefaultOrgIAMPolicy(ctx)
}
func (r *CommandSide) AddOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error) {
func (r *CommandSide) AddOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) {
addedPolicy := NewORGOrgIAMPolicyWriteModel(policy.AggregateID)
err := r.eventstore.FilterToQueryReducer(ctx, addedPolicy)
if err != nil {
@ -40,7 +40,7 @@ func (r *CommandSide) AddOrgIAMPolicy(ctx context.Context, policy *iam_model.Org
return orgWriteModelToOrgIAMPolicy(addedPolicy), nil
}
func (r *CommandSide) ChangeOrgIAMPolicy(ctx context.Context, policy *iam_model.OrgIAMPolicy) (*iam_model.OrgIAMPolicy, error) {
func (r *CommandSide) ChangeOrgIAMPolicy(ctx context.Context, policy *domain.OrgIAMPolicy) (*domain.OrgIAMPolicy, error) {
existingPolicy, err := r.orgIAMPolicyWriteModelByID(ctx, policy.AggregateID)
if err != nil {
return nil, err
@ -65,11 +65,11 @@ func (r *CommandSide) ChangeOrgIAMPolicy(ctx context.Context, policy *iam_model.
return orgWriteModelToOrgIAMPolicy(existingPolicy), nil
}
func (r *CommandSide) orgIAMPolicyWriteModelByID(ctx context.Context, iamID string) (policy *ORGOrgIAMPolicyWriteModel, err error) {
func (r *CommandSide) orgIAMPolicyWriteModelByID(ctx context.Context, orgID string) (policy *ORGOrgIAMPolicyWriteModel, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
writeModel := NewORGOrgIAMPolicyWriteModel(iamID)
writeModel := NewORGOrgIAMPolicyWriteModel(orgID)
err = r.eventstore.FilterToQueryReducer(ctx, writeModel)
if err != nil {
return nil, err

6
internal/v2/command/org_policy_password_complexity.go
View File

@ -2,10 +2,10 @@ package command
import (
"context"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
)
func (r *CommandSide) GetOrgPasswordComplexityPolicy(ctx context.Context, orgID string) (*iam_model.PasswordComplexityPolicy, error) {
func (r *CommandSide) GetOrgPasswordComplexityPolicy(ctx context.Context, orgID string) (*domain.PasswordComplexityPolicy, error) {
policy := NewOrgPasswordComplexityPolicyWriteModel(orgID)
err := r.eventstore.FilterToQueryReducer(ctx, policy)
if err != nil {
@ -14,5 +14,5 @@ func (r *CommandSide) GetOrgPasswordComplexityPolicy(ctx context.Context, orgID
if policy.IsActive {
return orgWriteModelToPasswordComplexityPolicy(policy), nil
}
return r.GetDefaultPasswordComplexityPolicy(ctx, r.iamID)
return r.GetDefaultPasswordComplexityPolicy(ctx)
}

3
internal/v2/command/setup_step1.go
View File

@ -4,7 +4,6 @@ import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
iam_repo "github.com/caos/zitadel/internal/v2/repository/iam"
)
@ -72,7 +71,7 @@ func (r *CommandSide) SetupStep1(ctx context.Context, iamID string, step1 Step1)
//create default login policy
iamAgg, err := r.addDefaultLoginPolicy(ctx,
NewIAMLoginPolicyWriteModel(iam.AggregateID),
&iam_model.LoginPolicy{
&domain.LoginPolicy{
AllowUsernamePassword: step1.DefaultLoginPolicy.AllowUsernamePassword,
AllowRegister: step1.DefaultLoginPolicy.AllowRegister,
AllowExternalIdp: step1.DefaultLoginPolicy.AllowExternalIdp,

2
internal/v2/command/setup_step2.go
View File

@ -18,7 +18,7 @@ func (r *CommandSide) SetupStep2(ctx context.Context, iamID string, step Step2)
if err != nil && !caos_errs.IsNotFound(err) {
return err
}
iamAgg, err := r.addDefaultPasswordComplexityPolicy(ctx, NewIAMPasswordComplexityPolicyWriteModel(iam.AggregateID), &iam_model.PasswordComplexityPolicy{
iamAgg, err := r.addDefaultPasswordComplexityPolicy(ctx, NewIAMPasswordComplexityPolicyWriteModel(iam.AggregateID), &domain.PasswordComplexityPolicy{
MinLength: step.DefaultPasswordComplexityPolicy.MinLength,
HasLowercase: step.DefaultPasswordComplexityPolicy.HasLowercase,
HasUppercase: step.DefaultPasswordComplexityPolicy.HasUppercase,

26
internal/v2/command/user.go
View File

@ -4,12 +4,11 @@ import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/telemetry/tracing"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/internal/v2/repository/user"
)
func (r *CommandSide) AddUser(ctx context.Context, user *usr_model.User) (*usr_model.User, error) {
func (r *CommandSide) AddUser(ctx context.Context, user *domain.User) (*domain.User, error) {
if !user.IsValid() {
return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2N9fs", "Errors.User.Invalid")
}
@ -19,14 +18,27 @@ func (r *CommandSide) AddUser(ctx context.Context, user *usr_model.User) (*usr_m
if err != nil {
return nil, err
}
return &usr_model.User{UserName: user.UserName, Human: human}, nil
return &domain.User{UserName: user.UserName, Human: human}, nil
} else if user.Machine != nil {
}
return nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-8K0df", "Errors.User.TypeUndefined")
}
func (r *CommandSide) DeactivateUser(ctx context.Context, userID string) (*usr_model.User, error) {
func (r *CommandSide) RegisterUser(ctx context.Context, user *domain.User) (*domain.User, error) {
if !user.IsValid() {
return nil, caos_errs.ThrowPreconditionFailed(nil, "COMMAND-2N9fs", "Errors.User.Invalid")
}
if user.Human != nil {
} else if user.Machine != nil {
}
return nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-8K0df", "Errors.User.TypeUndefined")
}
func (r *CommandSide) DeactivateUser(ctx context.Context, userID string) (*domain.User, error) {
existingUser, err := r.userWriteModelByID(ctx, userID)
if err != nil {
return nil, err
@ -47,7 +59,7 @@ func (r *CommandSide) DeactivateUser(ctx context.Context, userID string) (*usr_m
return writeModelToUser(existingUser), nil
}
func (r *CommandSide) ReactivateUser(ctx context.Context, userID string) (*usr_model.User, error) {
func (r *CommandSide) ReactivateUser(ctx context.Context, userID string) (*domain.User, error) {
existingUser, err := r.userWriteModelByID(ctx, userID)
if err != nil {
return nil, err
@ -68,7 +80,7 @@ func (r *CommandSide) ReactivateUser(ctx context.Context, userID string) (*usr_m
return writeModelToUser(existingUser), nil
}
func (r *CommandSide) LockUser(ctx context.Context, userID string) (*usr_model.User, error) {
func (r *CommandSide) LockUser(ctx context.Context, userID string) (*domain.User, error) {
existingUser, err := r.userWriteModelByID(ctx, userID)
if err != nil {
return nil, err
@ -89,7 +101,7 @@ func (r *CommandSide) LockUser(ctx context.Context, userID string) (*usr_model.U
return writeModelToUser(existingUser), nil
}
func (r *CommandSide) UnlockUser(ctx context.Context, userID string) (*usr_model.User, error) {
func (r *CommandSide) UnlockUser(ctx context.Context, userID string) (*domain.User, error) {
existingUser, err := r.userWriteModelByID(ctx, userID)
if err != nil {
return nil, err

24
internal/v2/command/user_converter.go
View File

@ -2,31 +2,39 @@ package command
import (
"github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/internal/v2/domain"
)
func writeModelToUser(wm *UserWriteModel) *model.User {
return &model.User{
func writeModelToUser(wm *UserWriteModel) *domain.User {
return &domain.User{
ObjectRoot: writeModelToObjectRoot(wm.WriteModel),
UserName: wm.UserName,
State: model.UserState(wm.UserState),
State: wm.UserState,
}
}
func writeModelToHuman(wm *HumanWriteModel) *model.Human {
return &model.Human{
func writeModelToHuman(wm *HumanWriteModel) *domain.Human {
return &domain.Human{
ObjectRoot: writeModelToObjectRoot(wm.WriteModel),
Profile: &model.Profile{
Profile: &domain.Profile{
FirstName: wm.FirstName,
LastName: wm.LastName,
NickName: wm.NickName,
DisplayName: wm.DisplayName,
PreferredLanguage: wm.PreferredLanguage,
Gender: model.Gender(wm.Gender),
Gender: wm.Gender,
},
Email: &model.Email{
Email: &domain.Email{
EmailAddress: wm.Email,
IsEmailVerified: wm.IsEmailVerified,
},
Address: &domain.Address{
Country: wm.Country,
Locality: wm.Locality,
PostalCode: wm.PostalCode,
Region: wm.Region,
StreetAddress: wm.StreetAddress,
},
}
}

15
internal/v2/command/user_human.go
View File

@ -3,12 +3,11 @@ package command
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/internal/v2/domain"
"github.com/caos/zitadel/internal/v2/repository/user"
)
func (r *CommandSide) AddHuman(ctx context.Context, orgID, username string, human *usr_model.Human) (*usr_model.Human, error) {
func (r *CommandSide) AddHuman(ctx context.Context, orgID, username string, human *domain.Human) (*domain.Human, error) {
if !human.IsValid() {
return nil, caos_errs.ThrowInvalidArgument(nil, "COMMAND-4M90d", "Errors.User.Invalid")
}
@ -21,16 +20,16 @@ func (r *CommandSide) AddHuman(ctx context.Context, orgID, username string, huma
if err != nil {
return nil, err
}
//pwPolicy, err := r.GetOrgPasswordComplexityPolicy(ctx, orgID)
//if err != nil {
// return nil, err
//}
pwPolicy, err := r.GetOrgPasswordComplexityPolicy(ctx, orgID)
if err != nil {
return nil, err
}
addedHuman := NewHumanWriteModel(human.AggregateID)
//TODO: Check Unique Username
human.CheckOrgIAMPolicy(username, orgIAMPolicy)
human.SetNamesAsDisplayname()
//human.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg, true)
human.HashPasswordIfExisting(pwPolicy, r.userPasswordAlg, true)
userAgg := UserAggregateFromWriteModel(&addedHuman.WriteModel)
userAgg.PushEvents(
@ -42,7 +41,7 @@ func (r *CommandSide) AddHuman(ctx context.Context, orgID, username string, huma
human.NickName,
human.DisplayName,
human.PreferredLanguage,
domain.Gender(human.Gender),
human.Gender,
human.EmailAddress,
human.PhoneNumber,
human.Country,

65
internal/v2/domain/human.go
View File

@ -1,5 +1,40 @@
package domain
import (
"github.com/caos/zitadel/internal/crypto"
caos_errors "github.com/caos/zitadel/internal/errors"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"strings"
"time"
)
type Human struct {
es_models.ObjectRoot
*Password
*Profile
*Email
*Phone
*Address
ExternalIDPs []*ExternalIDP
InitCode *InitUserCode
EmailCode *EmailCode
PhoneCode *PhoneCode
PasswordCode *PasswordCode
OTP *OTP
U2FTokens []*WebAuthNToken
PasswordlessTokens []*WebAuthNToken
U2FLogins []*WebAuthNLogin
PasswordlessLogins []*WebAuthNLogin
}
type InitUserCode struct {
es_models.ObjectRoot
Code *crypto.CryptoValue
Expiry time.Duration
}
type Gender int32
const (
@ -14,3 +49,33 @@ const (
func (f Gender) Valid() bool {
return f >= 0 && f < genderCount
}
func (u *Human) IsValid() bool {
return u.Profile != nil && u.FirstName != "" && u.LastName != "" && u.Email != nil && u.Email.IsValid() && u.Phone == nil || (u.Phone != nil && u.Phone.PhoneNumber != "" && u.Phone.IsValid())
}
func (u *Human) CheckOrgIAMPolicy(userName string, policy *OrgIAMPolicy) error {
if policy == nil {
return caos_errors.ThrowPreconditionFailed(nil, "DOMAIN-zSH7j", "Errors.Users.OrgIamPolicyNil")
}
if policy.UserLoginMustBeDomain && strings.Contains(userName, "@") {
return caos_errors.ThrowPreconditionFailed(nil, "DOMAIN-se4sJ", "Errors.User.EmailAsUsernameNotAllowed")
}
if !policy.UserLoginMustBeDomain && u.Profile != nil && userName == "" && u.Email != nil {
userName = u.EmailAddress
}
return nil
}
func (u *Human) SetNamesAsDisplayname() {
if u.Profile != nil && u.DisplayName == "" && u.FirstName != "" && u.LastName != "" {
u.DisplayName = u.FirstName + " " + u.LastName
}
}
func (u *Human) HashPasswordIfExisting(policy *PasswordComplexityPolicy, passwordAlg crypto.HashAlgorithm, onetime bool) error {
if u.Password != nil {
return u.Password.HashPasswordIfExisting(policy, passwordAlg, onetime)
}
return nil
}

13
internal/v2/domain/human_address.go Normal file
View File

@ -0,0 +1,13 @@
package domain
import es_models "github.com/caos/zitadel/internal/eventstore/models"
type Address struct {
es_models.ObjectRoot
Country string
Locality string
PostalCode string
Region string
StreetAddress string
}

25
internal/v2/domain/human_email.go Normal file
View File

@ -0,0 +1,25 @@
package domain
import (
"github.com/caos/zitadel/internal/crypto"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"time"
)
type Email struct {
es_models.ObjectRoot
EmailAddress string
IsEmailVerified bool
}
type EmailCode struct {
es_models.ObjectRoot
Code *crypto.CryptoValue
Expiry time.Duration
}
func (e *Email) IsValid() bool {
return e.EmailAddress != ""
}

11
internal/v2/domain/human_external_idp.go Normal file
View File

@ -0,0 +1,11 @@
package domain
import es_models "github.com/caos/zitadel/internal/eventstore/models"
type ExternalIDP struct {
es_models.ObjectRoot
IDPConfigID string
UserID string
DisplayName string
}

15
internal/v2/domain/human_otp.go Normal file
View File

@ -0,0 +1,15 @@
package domain
import (
"github.com/caos/zitadel/internal/crypto"
es_models "github.com/caos/zitadel/internal/eventstore/models"
)
type OTP struct {
es_models.ObjectRoot
Secret *crypto.CryptoValue
SecretString string
Url string
State MFAState
}

43
internal/v2/domain/human_password.go Normal file
View File

@ -0,0 +1,43 @@
package domain
import (
"github.com/caos/zitadel/internal/crypto"
caos_errs "github.com/caos/zitadel/internal/errors"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"time"
)
type Password struct {
es_models.ObjectRoot
SecretString string
SecretCrypto *crypto.CryptoValue
ChangeRequired bool
}
type PasswordCode struct {
es_models.ObjectRoot
Code *crypto.CryptoValue
Expiry time.Duration
NotificationType NotificationType
}
func (p *Password) HashPasswordIfExisting(policy *PasswordComplexityPolicy, passwordAlg crypto.HashAlgorithm, onetime bool) error {
if p.SecretString == "" {
return nil
}
if policy == nil {
return caos_errs.ThrowPreconditionFailed(nil, "DOMAIN-s8ifS", "Errors.User.PasswordComplexityPolicy.NotFound")
}
if err := policy.Check(p.SecretString); err != nil {
return err
}
secret, err := crypto.Hash([]byte(p.SecretString), passwordAlg)
if err != nil {
return err
}
p.SecretCrypto = secret
p.ChangeRequired = onetime
return nil
}

41
internal/v2/domain/human_phone.go Normal file
View File

@ -0,0 +1,41 @@
package domain
import (
"github.com/caos/zitadel/internal/crypto"
caos_errs "github.com/caos/zitadel/internal/errors"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"github.com/ttacon/libphonenumber"
"time"
)
const (
defaultRegion = "CH"
)
type Phone struct {
es_models.ObjectRoot
PhoneNumber string
IsPhoneVerified bool
}
type PhoneCode struct {
es_models.ObjectRoot
Code *crypto.CryptoValue
Expiry time.Duration
}
func (p *Phone) IsValid() bool {
err := p.formatPhone()
return p.PhoneNumber != "" && err == nil
}
func (p *Phone) formatPhone() error {
phoneNr, err := libphonenumber.Parse(p.PhoneNumber, defaultRegion)
if err != nil {
return caos_errs.ThrowPreconditionFailed(nil, "EVENT-so0wa", "Errors.User.Phone.Invalid")
}
p.PhoneNumber = libphonenumber.Format(phoneNr, libphonenumber.E164)
return nil
}

19
internal/v2/domain/human_profile.go Normal file
View File

@ -0,0 +1,19 @@
package domain
import (
es_models "github.com/caos/zitadel/internal/eventstore/models"
"golang.org/x/text/language"
)
type Profile struct {
es_models.ObjectRoot
FirstName string
LastName string
NickName string
DisplayName string
PreferredLanguage language.Tag
Gender Gender
PreferredLoginName string
LoginNames []string
}

40
internal/v2/domain/human_web_auth_n.go Normal file
View File

@ -0,0 +1,40 @@
package domain
import es_models "github.com/caos/zitadel/internal/eventstore/models"
type WebAuthNToken struct {
es_models.ObjectRoot
WebAuthNTokenID string
CredentialCreationData []byte
State MFAState
Challenge string
AllowedCredentialIDs [][]byte
UserVerification UserVerificationRequirement
KeyID []byte
PublicKey []byte
AttestationType string
AAGUID []byte
SignCount uint32
WebAuthNTokenName string
}
type WebAuthNLogin struct {
es_models.ObjectRoot
CredentialAssertionData []byte
Challenge string
AllowedCredentialIDs [][]byte
UserVerification UserVerificationRequirement
//TODO: Add Auth Request
//*model.AuthRequest
}
type UserVerificationRequirement int32
const (
UserVerificationRequirementUnspecified UserVerificationRequirement = iota
UserVerificationRequirementRequired
UserVerificationRequirementPreferred
UserVerificationRequirementDiscouraged
)

16
internal/v2/domain/iam_member.go Normal file
View File

@ -0,0 +1,16 @@
package domain
import (
es_models "github.com/caos/zitadel/internal/eventstore/models"
)
type IAMMember struct {
es_models.ObjectRoot
UserID string
Roles []string
}
func (i *IAMMember) IsValid() bool {
return i.AggregateID != "" && i.UserID != "" && len(i.Roles) != 0
}

51
internal/v2/domain/idp_config.go
View File

@ -1,5 +1,53 @@
package domain
import (
"github.com/caos/zitadel/internal/crypto"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"time"
)
type IDPConfig struct {
es_models.ObjectRoot
IDPConfigID string
Type IDPConfigType
Name string
StylingType IDPConfigStylingType
State IDPConfigState
OIDCConfig *OIDCIDPConfig
}
type IDPConfigView struct {
AggregateID string
IDPConfigID string
Name string
StylingType IDPConfigStylingType
State IDPConfigState
CreationDate time.Time
ChangeDate time.Time
Sequence uint64
IDPProviderType IdentityProviderType
IsOIDC bool
OIDCClientID string
OIDCClientSecret *crypto.CryptoValue
OIDCIssuer string
OIDCScopes []string
OIDCIDPDisplayNameMapping OIDCMappingField
OIDCUsernameMapping OIDCMappingField
}
type OIDCIDPConfig struct {
es_models.ObjectRoot
IDPConfigID string
ClientID string
ClientSecret *crypto.CryptoValue
ClientSecretString string
Issuer string
Scopes []string
IDPDisplayNameMapping OIDCMappingField
UsernameMapping OIDCMappingField
}
type IDPConfigType int32
const (
@ -32,7 +80,8 @@ func (f IDPConfigState) Valid() bool {
type IDPConfigStylingType int32
const (
IDPConfigStylingTypeGoogle IDPConfigStylingType = iota + 1
IDPConfigStylingTypeUnspecified IDPConfigStylingType = iota
IDPConfigStylingTypeGoogle
idpConfigStylingTypeCount
)

14
internal/v2/domain/machine.go Normal file
View File

@ -0,0 +1,14 @@
package domain
import "github.com/caos/zitadel/internal/eventstore/models"
type Machine struct {
models.ObjectRoot
Name string
Description string
}
func (sa *Machine) IsValid() bool {
return sa.Name != ""
}

13
internal/v2/domain/policy_label.go Normal file
View File

@ -0,0 +1,13 @@
package domain
import (
"github.com/caos/zitadel/internal/eventstore/models"
)
type LabelPolicy struct {
models.ObjectRoot
Default bool
PrimaryColor string
SecondaryColor string
}

22
internal/v2/domain/policy_login.go
View File

@ -1,5 +1,27 @@
package domain
import "github.com/caos/zitadel/internal/eventstore/models"
type LoginPolicy struct {
models.ObjectRoot
Default bool
AllowUsernamePassword bool
AllowRegister bool
AllowExternalIdp bool
IDPProviders []*IDPProvider
ForceMFA bool
SecondFactors []SecondFactorType
MultiFactors []MultiFactorType
PasswordlessType PasswordlessType
}
type IDPProvider struct {
models.ObjectRoot
Type IdentityProviderType
IDPConfigID string
}
type PasswordlessType int32
const (

12
internal/v2/domain/policy_org_iam.go Normal file
View File

@ -0,0 +1,12 @@
package domain
import (
"github.com/caos/zitadel/internal/eventstore/models"
)
type OrgIAMPolicy struct {
models.ObjectRoot
UserLoginMustBeDomain bool
Default bool
}

12
internal/v2/domain/policy_password_age.go Normal file
View File

@ -0,0 +1,12 @@
package domain
import (
"github.com/caos/zitadel/internal/eventstore/models"
)
type PasswordAgePolicy struct {
models.ObjectRoot
MaxAgeDays uint64
ExpireWarnDays uint64
}

56
internal/v2/domain/policy_password_complexity.go Normal file
View File

@ -0,0 +1,56 @@
package domain
import (
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/eventstore/models"
"regexp"
)
var (
hasStringLowerCase = regexp.MustCompile(`[a-z]`).MatchString
hasStringUpperCase = regexp.MustCompile(`[A-Z]`).MatchString
hasNumber = regexp.MustCompile(`[0-9]`).MatchString
hasSymbol = regexp.MustCompile(`[^A-Za-z0-9]`).MatchString
)
type PasswordComplexityPolicy struct {
models.ObjectRoot
MinLength uint64
HasLowercase bool
HasUppercase bool
HasNumber bool
HasSymbol bool
Default bool
}
func (p *PasswordComplexityPolicy) IsValid() error {
if p.MinLength == 0 || p.MinLength > 72 {
return caos_errs.ThrowInvalidArgument(nil, "MODEL-Lsp0e", "Errors.User.PasswordComplexityPolicy.MinLengthNotAllowed")
}
return nil
}
func (p *PasswordComplexityPolicy) Check(password string) error {
if p.MinLength != 0 && uint64(len(password)) < p.MinLength {
return caos_errs.ThrowInvalidArgument(nil, "DOMAIN-HuJf6", "Errors.User.PasswordComplexityPolicy.MinLength")
}
if p.HasLowercase && !hasStringLowerCase(password) {
return caos_errs.ThrowInvalidArgument(nil, "DOMAIN-co3Xw", "Errors.User.PasswordComplexityPolicy.HasLower")
}
if p.HasUppercase && !hasStringUpperCase(password) {
return caos_errs.ThrowInvalidArgument(nil, "DOMAIN-VoaRj", "Errors.User.PasswordComplexityPolicy.HasUpper")
}
if p.HasNumber && !hasNumber(password) {
return caos_errs.ThrowInvalidArgument(nil, "DOMAIN-ZBv4H", "Errors.User.PasswordComplexityPolicy.HasNumber")
}
if p.HasSymbol && !hasSymbol(password) {
return caos_errs.ThrowInvalidArgument(nil, "DOMAIN-ZDLwA", "Errors.User.PasswordComplexityPolicy.HasSymbol")
}
return nil
}

12
internal/v2/domain/policy_password_lockout.go Normal file
View File

@ -0,0 +1,12 @@
package domain
import (
"github.com/caos/zitadel/internal/eventstore/models"
)
type PasswordLockoutPolicy struct {
models.ObjectRoot
MaxAttempts uint64
ShowLockOutFailures bool
}

21
internal/v2/domain/user.go
View File

@ -1,5 +1,16 @@
package domain
import es_models "github.com/caos/zitadel/internal/eventstore/models"
type User struct {
es_models.ObjectRoot
State UserState
UserName string
*Human
*Machine
}
type UserState int32
const (
@ -17,3 +28,13 @@ const (
func (f UserState) Valid() bool {
return f >= 0 && f < userStateCount
}
func (u *User) IsValid() bool {
if u.Human == nil && u.Machine == nil || u.UserName == "" {
return false
}
if u.Human != nil {
return u.Human.IsValid()
}
return u.Machine.IsValid()
}

40
internal/v2/query/converter.go
View File

@ -4,6 +4,7 @@ import (
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/eventstore/v2"
"github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/v2/domain"
)
func readModelToIAM(readModel *ReadModel) *model.IAM {
@ -24,25 +25,28 @@ func readModelToIAM(readModel *ReadModel) *model.IAM {
}
}
func readModelToIDPConfigView(rm *IAMIDPConfigReadModel) *model.IDPConfigView {
return &model.IDPConfigView{
AggregateID: rm.AggregateID,
ChangeDate: rm.ChangeDate,
CreationDate: rm.CreationDate,
IDPConfigID: rm.ConfigID,
IDPProviderType: model.IDPProviderType(rm.ProviderType),
IsOIDC: rm.OIDCConfig != nil,
Name: rm.Name,
OIDCClientID: rm.OIDCConfig.ClientID,
OIDCClientSecret: rm.OIDCConfig.ClientSecret,
OIDCIDPDisplayNameMapping: model.OIDCMappingField(rm.OIDCConfig.IDPDisplayNameMapping),
OIDCIssuer: rm.OIDCConfig.Issuer,
OIDCScopes: rm.OIDCConfig.Scopes,
OIDCUsernameMapping: model.OIDCMappingField(rm.OIDCConfig.UserNameMapping),
Sequence: rm.ProcessedSequence,
State: model.IDPConfigState(rm.State),
StylingType: model.IDPStylingType(rm.StylingType),
func readModelToIDPConfigView(rm *IAMIDPConfigReadModel) *domain.IDPConfigView {
converted := &domain.IDPConfigView{
AggregateID: rm.AggregateID,
ChangeDate: rm.ChangeDate,
CreationDate: rm.CreationDate,
IDPConfigID: rm.ConfigID,
IDPProviderType: rm.ProviderType,
IsOIDC: rm.OIDCConfig != nil,
Name: rm.Name,
Sequence: rm.ProcessedSequence,
State: rm.State,
StylingType: rm.StylingType,
}
if rm.OIDCConfig != nil {
converted.OIDCClientID = rm.OIDCConfig.ClientID
converted.OIDCClientSecret = rm.OIDCConfig.ClientSecret
converted.OIDCIDPDisplayNameMapping = rm.OIDCConfig.IDPDisplayNameMapping
converted.OIDCIssuer = rm.OIDCConfig.Issuer
converted.OIDCScopes = rm.OIDCConfig.Scopes
converted.OIDCUsernameMapping = rm.OIDCConfig.UserNameMapping
}
return converted
}
func readModelToMember(readModel *MemberReadModel) *model.IAMMember {

16
internal/v2/query/iam_idp_config.go Normal file
View File

@ -0,0 +1,16 @@
package query
import (
"context"
"github.com/caos/zitadel/internal/v2/domain"
)
func (r *QuerySide) DefaultIDPConfigByID(ctx context.Context, idpConfigID string) (*domain.IDPConfigView, error) {
idpConfig := NewIAMIDPConfigReadModel(r.iamID, idpConfigID)
err := r.eventstore.FilterToQueryReducer(ctx, idpConfig)
if err != nil {
return nil, err
}
return readModelToIDPConfigView(idpConfig), nil
}

16
internal/v2/query/idp_config.go
View File

@ -1,16 +0,0 @@
package query
import (
"context"
"github.com/caos/zitadel/internal/iam/model"
)
func (r *QuerySide) DefaultIDPConfigByID(ctx context.Context, iamID, idpConfigID string) (*model.IDPConfigView, error) {
idpConfig := NewIAMIDPConfigReadModel(iamID, idpConfigID)
err := r.eventstore.FilterToQueryReducer(ctx, idpConfig)
if err != nil {
return nil, err
}
return readModelToIDPConfigView(idpConfig), nil
}

2
internal/v2/query/query.go
View File

@ -13,6 +13,7 @@ import (
)
type QuerySide struct {
iamID string
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.Crypto
@ -25,6 +26,7 @@ type Config struct {
func StartQuerySide(config *Config) (repo *QuerySide, err error) {
repo = &QuerySide{
iamID: config.SystemDefaults.IamID,
eventstore: config.Eventstore,
idGenerator: id.SonyFlakeGenerator,
}