mirror of
https://github.com/zitadel/zitadel.git
synced 2025-05-08 02:56:48 +00:00
fix: correctly check user by loginname (#7740)
This commit is contained in:
Livio Spring
GitHub
parent
2566f33aa2
commit
e3f10f7e23
@ -4,32 +4,25 @@ WITH found_users AS (
|
|||||||
, u.instance_id
|
, u.instance_id
|
||||||
, u.resource_owner
|
, u.resource_owner
|
||||||
, u.user_name
|
, u.user_name
|
||||||
|
, COALESCE(p_custom.must_be_domain, p_default.must_be_domain) as must_be_domain
|
||||||
FROM
|
FROM
|
||||||
projections.login_names3_users u
|
projections.login_names3_users u
|
||||||
JOIN lateral (
|
LEFT JOIN projections.login_names3_policies p_custom
|
||||||
SELECT
|
ON u.instance_id = p_custom.instance_id
|
||||||
p.must_be_domain
|
AND p_custom.instance_id = $4 AND p_custom.resource_owner = u.resource_owner
|
||||||
FROM
|
LEFT JOIN projections.login_names3_policies p_default
|
||||||
projections.login_names3_policies p
|
ON u.instance_id = p_default.instance_id
|
||||||
WHERE
|
AND p_default.instance_id = $4 AND p_default.is_default IS TRUE
|
||||||
u.instance_id = p.instance_id
|
|
||||||
AND (
|
AND (
|
||||||
(p.is_default IS TRUE AND p.instance_id = $4)
|
(COALESCE(p_custom.must_be_domain, p_default.must_be_domain) IS TRUE AND u.user_name_lower = $1)
|
||||||
OR (p.instance_id = $4 AND p.resource_owner = u.resource_owner)
|
OR (COALESCE(p_custom.must_be_domain, p_default.must_be_domain) IS FALSE AND u.user_name_lower = $3)
|
||||||
)
|
)
|
||||||
AND (
|
|
||||||
(p.must_be_domain IS TRUE AND user_name_lower = $1)
|
|
||||||
OR (p.must_be_domain IS FALSE AND user_name_lower = $3)
|
|
||||||
)
|
|
||||||
ORDER BY is_default
|
|
||||||
LIMIT 1
|
|
||||||
) p ON TRUE
|
|
||||||
JOIN
|
JOIN
|
||||||
projections.login_names3_domains d
|
projections.login_names3_domains d
|
||||||
ON
|
ON
|
||||||
u.instance_id = d.instance_id
|
u.instance_id = d.instance_id
|
||||||
AND u.resource_owner = d.resource_owner
|
AND u.resource_owner = d.resource_owner
|
||||||
AND CASE WHEN p.must_be_domain THEN d.name_lower = $2 ELSE TRUE END
|
AND CASE WHEN COALESCE(p_custom.must_be_domain, p_default.must_be_domain) THEN d.name_lower = $2 ELSE TRUE END
|
||||||
WHERE
|
WHERE
|
||||||
u.instance_id = $4
|
u.instance_id = $4
|
||||||
AND u.user_name_lower IN (
|
AND u.user_name_lower IN (
|
||||||
@ -44,27 +37,13 @@ login_names AS (SELECT
|
|||||||
, fu.user_name
|
, fu.user_name
|
||||||
, d.name domain_name
|
, d.name domain_name
|
||||||
, d.is_primary
|
, d.is_primary
|
||||||
, p.must_be_domain
|
, fu.must_be_domain
|
||||||
, CASE WHEN p.must_be_domain
|
, CASE WHEN fu.must_be_domain
|
||||||
THEN concat(fu.user_name, '@', d.name)
|
THEN concat(fu.user_name, '@', d.name)
|
||||||
ELSE fu.user_name
|
ELSE fu.user_name
|
||||||
END login_name
|
END login_name
|
||||||
FROM
|
FROM
|
||||||
found_users fu
|
found_users fu
|
||||||
JOIN lateral (
|
|
||||||
SELECT
|
|
||||||
p.must_be_domain
|
|
||||||
FROM
|
|
||||||
projections.login_names3_policies p
|
|
||||||
WHERE
|
|
||||||
fu.instance_id = p.instance_id
|
|
||||||
AND (
|
|
||||||
(p.is_default IS TRUE AND p.instance_id = $4)
|
|
||||||
OR (p.instance_id = $4 AND p.resource_owner = fu.resource_owner)
|
|
||||||
)
|
|
||||||
ORDER BY is_default
|
|
||||||
LIMIT 1
|
|
||||||
) p ON TRUE
|
|
||||||
JOIN
|
JOIN
|
||||||
projections.login_names3_domains d
|
projections.login_names3_domains d
|
||||||
ON
|
ON
|
||||||
|
|||||||
@ -4,74 +4,53 @@ WITH found_users AS (
|
|||||||
, u.instance_id
|
, u.instance_id
|
||||||
, u.resource_owner
|
, u.resource_owner
|
||||||
, u.user_name
|
, u.user_name
|
||||||
FROM
|
, COALESCE(p_custom.must_be_domain, p_default.must_be_domain) as must_be_domain
|
||||||
|
FROM
|
||||||
projections.login_names3_users u
|
projections.login_names3_users u
|
||||||
JOIN lateral (
|
LEFT JOIN projections.login_names3_policies p_custom
|
||||||
SELECT
|
ON u.instance_id = p_custom.instance_id
|
||||||
p.must_be_domain
|
AND p_custom.instance_id = $4 AND p_custom.resource_owner = u.resource_owner
|
||||||
FROM
|
LEFT JOIN projections.login_names3_policies p_default
|
||||||
projections.login_names3_policies p
|
ON u.instance_id = p_default.instance_id
|
||||||
WHERE
|
AND p_default.instance_id = $4 AND p_default.is_default IS TRUE
|
||||||
u.instance_id = p.instance_id
|
|
||||||
AND (
|
AND (
|
||||||
(p.is_default IS TRUE AND p.instance_id = $4)
|
(COALESCE(p_custom.must_be_domain, p_default.must_be_domain) IS TRUE AND u.user_name_lower = $1)
|
||||||
OR (p.instance_id = $4 AND p.resource_owner = u.resource_owner)
|
OR (COALESCE(p_custom.must_be_domain, p_default.must_be_domain) IS FALSE AND u.user_name_lower = $3)
|
||||||
)
|
)
|
||||||
AND (
|
JOIN
|
||||||
(p.must_be_domain IS TRUE AND u.user_name_lower = $1)
|
|
||||||
OR (p.must_be_domain IS FALSE AND u.user_name_lower = $3)
|
|
||||||
)
|
|
||||||
ORDER BY is_default
|
|
||||||
LIMIT 1
|
|
||||||
) p ON TRUE
|
|
||||||
JOIN
|
|
||||||
projections.login_names3_domains d
|
projections.login_names3_domains d
|
||||||
ON
|
ON
|
||||||
u.instance_id = d.instance_id
|
u.instance_id = d.instance_id
|
||||||
AND u.resource_owner = d.resource_owner
|
AND u.resource_owner = d.resource_owner
|
||||||
AND CASE WHEN p.must_be_domain THEN d.name_lower = $2 ELSE TRUE END
|
AND CASE WHEN COALESCE(p_custom.must_be_domain, p_default.must_be_domain) THEN d.name_lower = $2 ELSE TRUE END
|
||||||
WHERE
|
WHERE
|
||||||
u.instance_id = $4
|
u.instance_id = $4
|
||||||
AND u.user_name_lower IN (
|
AND u.user_name_lower IN (
|
||||||
$1,
|
$1,
|
||||||
$3
|
$3
|
||||||
)
|
)
|
||||||
),
|
),
|
||||||
login_names AS (SELECT
|
login_names AS (SELECT
|
||||||
fu.id user_id
|
fu.id user_id
|
||||||
, fu.instance_id
|
, fu.instance_id
|
||||||
, fu.resource_owner
|
, fu.resource_owner
|
||||||
, fu.user_name
|
, fu.user_name
|
||||||
, d.name domain_name
|
, d.name domain_name
|
||||||
, d.is_primary
|
, d.is_primary
|
||||||
, p.must_be_domain
|
, fu.must_be_domain
|
||||||
, CASE WHEN p.must_be_domain
|
, CASE WHEN fu.must_be_domain
|
||||||
THEN concat(fu.user_name, '@', d.name)
|
THEN concat(fu.user_name, '@', d.name)
|
||||||
ELSE fu.user_name
|
ELSE fu.user_name
|
||||||
END login_name
|
END login_name
|
||||||
FROM
|
FROM
|
||||||
found_users fu
|
found_users fu
|
||||||
JOIN lateral (
|
JOIN
|
||||||
SELECT
|
|
||||||
p.must_be_domain
|
|
||||||
FROM
|
|
||||||
projections.login_names3_policies p
|
|
||||||
WHERE
|
|
||||||
fu.instance_id = p.instance_id
|
|
||||||
AND (
|
|
||||||
(p.is_default IS TRUE AND p.instance_id = $4)
|
|
||||||
OR (p.instance_id = $4 AND p.resource_owner = fu.resource_owner)
|
|
||||||
)
|
|
||||||
ORDER BY is_default
|
|
||||||
LIMIT 1
|
|
||||||
) p ON TRUE
|
|
||||||
JOIN
|
|
||||||
projections.login_names3_domains d
|
projections.login_names3_domains d
|
||||||
ON
|
ON
|
||||||
fu.instance_id = d.instance_id
|
fu.instance_id = d.instance_id
|
||||||
AND fu.resource_owner = d.resource_owner
|
AND fu.resource_owner = d.resource_owner
|
||||||
)
|
)
|
||||||
SELECT
|
SELECT
|
||||||
u.id
|
u.id
|
||||||
, u.creation_date
|
, u.creation_date
|
||||||
, u.change_date
|
, u.change_date
|
||||||
@ -113,6 +92,6 @@ LEFT JOIN
|
|||||||
ON
|
ON
|
||||||
fu.id = n.user_id
|
fu.id = n.user_id
|
||||||
AND fu.instance_id = n.instance_id
|
AND fu.instance_id = n.instance_id
|
||||||
WHERE
|
WHERE
|
||||||
u.instance_id = $4
|
u.instance_id = $4
|
||||||
;
|
;
|
||||||
Loading…
x
Reference in New Issue
Block a user