From e7401982f6a5ecef389575c796f1e3be95a34d24 Mon Sep 17 00:00:00 2001 From: Fabi <38692350+fgerschwiler@users.noreply.github.com> Date: Tue, 5 Oct 2021 14:47:24 +0200 Subject: [PATCH] feat: Project projection (#2433) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * job queue * wg improvements * start handler * statement * statements * imporve handler * improve statement * statement in seperate file * move handlers * move query/old to query * handler * read models * bulk works * cleanup * contrib * rename readmodel to projection * rename read_models schema to projections * rename read_models schema to projections * search query as func, bulk iterates as long as new events * add event sequence less query * update checks for events between current sequence and sequence of first statement if it has previous sequence 0 * cleanup crdb projection * refactor projection handler * start with testing * tests for handler * remove todo * refactor statement: remove table name, add tests * improve projection handler shutdown, no savepoint if noop stmt, tests for stmt handler * tests * start failed events * seperate branch for contrib * move statement constructors to crdb pkg * correct import * Subscribe for eventtypes (#1800) * fix: is default (#1737) * fix: use email as username on global org (#1738) * fix: use email as username on global org * Update user_human.go * Update register_handler.go * chore(deps): update docusaurus (#1739) * chore: remove PAT and use GH Token (#1716) * chore: remove PAT and use GH Token * fix env * fix env * fix env * md lint * trigger ci * change user * fix GH bug * replace login part * chore: add GH Token to sem rel (#1746) * chore: add GH Token to sem rel * try branch * add GH Token * remove test branch again * docs: changes acme to acme-caos (#1744) * changes acme to acme-caos * Apply suggestions from code review Co-authored-by: Florian Forster Co-authored-by: Maximilian Panne Co-authored-by: Florian Forster * feat: add additional origins on applications (#1691) * feat: add additional origins on applications * app additional redirects * chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11. - [Release notes](https://github.com/angular/angular-cli/releases) - [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11) Signed-off-by: dependabot[bot] Co-authored-by: Max Peintner Co-authored-by: Silvan Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1. - [Release notes](https://github.com/stylelint/stylelint/releases) - [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md) - [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1) Signed-off-by: dependabot[bot] Co-authored-by: Max Peintner Co-authored-by: Silvan Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot[bot] Co-authored-by: Max Peintner Co-authored-by: Silvan Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0. - [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases) - [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md) - [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0) Signed-off-by: dependabot[bot] Co-authored-by: Max Peintner Co-authored-by: Silvan Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682) Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump @types/google-protobuf in /console (#1681) Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666) Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7. - [Release notes](https://github.com/grpc/grpc-node/releases) - [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * lock * chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump @angular/language-service in /console Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12. - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service) Signed-off-by: dependabot[bot] Co-authored-by: Max Peintner Co-authored-by: Silvan Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * package lock * downgrade grpc * downgrade protobuf types * revert npm packs 🥸 Co-authored-by: Max Peintner Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Silvan * docs: update run and start section texts (#1745) * update run and start section texts * adds showcase Co-authored-by: Maximilian Panne * fix: additional origin list (#1753) * fix: handle api configs in authz handler (#1755) * fix(console): add model for api keys, fix toast, binding (#1757) * fix: add model for api keys, fix toast, binding * show api clientid * fix: missing patchvalue (#1758) * feat: refresh token (#1728) * begin refresh tokens * refresh tokens * list and revoke refresh tokens * handle remove * tests for refresh tokens * uniqueness and default expiration * rename oidc token methods * cleanup * migration version * Update internal/static/i18n/en.yaml Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fixes * feat: update oidc pkg for refresh tokens Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * fix: correct json name of clientId in key.json (#1760) * fix: migration version (#1767) * start subscription * eventtypes * fix(login): links (#1778) * fix(login): href for help * fix(login): correct link to tos * fix: access tokens for service users and refresh token infos (#1779) * fix: access token for service user * handle info from refresh request * uniqueness * postpone access token uniqueness change * chore(coc): recommend code of conduct (#1782) * subscribe for events * feat(console): refresh toggle out of granttype context (#1785) * refresh toggle * disable if not code flow, lint * lint * fix: change oidc config order * accept refresh option within flow Co-authored-by: Livio Amstutz * fix: refresh token activation (#1795) * fix: oidc grant type check * docs: add offline_access scope * docs: update refresh token status in supported grant types * fix: update oidc pkg * fix: check refresh token grant type (#1796) * configuration structs * org admins * failed events * fixes Co-authored-by: Max Peintner Co-authored-by: Livio Amstutz Co-authored-by: Florian Forster Co-authored-by: mffap Co-authored-by: Maximilian Panne Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * remove comment * aggregate reducer * remove eventtypes * add protoc-get-validate to mod * fix transaltion * upsert * add gender on org admins, allow to retry failed stmts after configurable time * remove if * sub queries * fix: tests * add builder to tests * new search query * rename searchquerybuilder to builder * remove comment from code * test with multiple queries * add filters test * current sequences * make org and org_admins work again * add aggregate type to current sequence * fix(contibute): listing * add validate module * fix: search queries * feat(eventstore): previous aggregate root sequence (#1810) * feat(eventstore): previous aggregate root sequence * fix tests * fix: eventstore v1 test * add col to all mocked rows * next try * fix mig * rename aggregate root to aggregate type * update comment Co-authored-by: Livio Amstutz Co-authored-by: Livio Amstutz * small refactorings * allow update multiple current sequences * unique log id * fix migrations * rename org admin to org owner * improve error handling and logging * fix(migration): optimize prev agg root seq * fix: projection handler test * fix: sub queries * small fixes * additional event types * correct org owner projection * fix primary key * feat(eventstore): jobs for projections (#2026) * fix: template names in login (#1974) * fix: template names in login * fix: error.html * fix: check for features on mgmt only (#1976) * fix: add sentry in ui, http and projection handlers (#1977) * fix: add sentry in ui, http and projection handlers * fix test * fix(eventstore): sub queries (#1805) * sub queries * fix: tests * add builder to tests * new search query * rename searchquerybuilder to builder * remove comment from code * test with multiple queries * add filters test * fix(contibute): listing * add validate module * fix: search queries * remove unused event type in query * ignore query if error in marshal * go mod tidy * update privacy policy query * update queries Co-authored-by: Livio Amstutz * feat: Extend oidc idp with oauth endpoints (#1980) * feat: add oauth attributes to oidc idp configuration * feat: return idpconfig id on create idp * feat: tests * feat: descriptions * feat: docs * feat: tests * docs: update to beta 3 (#1984) * fix: role assertion (#1986) * fix: enum to display access token role assertion * improve assertion descriptions * fix nil pointer * docs: eventstore (#1982) * docs: eventstore * Apply suggestions from code review Co-authored-by: Florian Forster Co-authored-by: Florian Forster * fix(sentry): trigger sentry release (#1989) * feat(send sentry release): send sentry release * fix(moved step and added releasetag): moved step and added releasetag * fix: set version for sentry release (#1990) * feat(send sentry release): send sentry release * fix(moved step and added releasetag): moved step and added releasetag * fix(corrected var name): corrected var name Co-authored-by: Livio Amstutz * fix: log error reason on terminate session (#1973) * fix: return default language file, if requested lang does not exist for default login texts (#1988) * fix: return default language file, if requested lang doesnt exists * feat: read default translation file * feat: docs * fix: race condition in auth request unmarshalling (#1993) * feat: handle ui_locales in login (#1994) * fix: handle ui_locales in login * move supportedlanguage func into i18n package * update oidc pkg * fix: handle closed channels on unsubscribe (#1995) * fix: give restore more time (#1997) * fix: translation file read (#2009) * feat: translation file read * feat: readme * fix: enable idp add button for iam users (#2010) * fix: filter event_data (#2011) * feat: Custom message files (#1992) * feat: add get custom message text to admin api * feat: read custom message texts from files * feat: get languages in apis * feat: get languages in apis * feat: get languages in apis * feat: pr feedback * feat: docs * feat: merge main * fix: sms notification (#2013) * fix: phone verifications * feat: fix password reset as sms * fix: phone verification * fix: grpc status in sentry and validation interceptors (#2012) * fix: remove oauth endpoints from oidc config proto (#2014) * try with view * fix(console): disable sw (#2021) * fix: disable sw * angular.json disable sw * project projections * fix typos * customize projections * customizable projections, add change date to projects Co-authored-by: Livio Amstutz Co-authored-by: Max Peintner Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> Co-authored-by: Florian Forster Co-authored-by: mffap Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com> Co-authored-by: Elio Bischof * env file * typo * correct users * correct migration * fix: merge fail * fix test * fix(tests): unordered matcher * improve currentSequenceMatcher * correct certs * correct certs * add zitadel database on database list * refctor switch in match * enable all handlers * Delete io.env * cleanup * add handlers * rename view to projection * rename view to projection * fix type typo * remove unnecessary logs * refactor stmts * simplify interval calculation * fix tests * fix unlock test * fix migration * migs * fix(operator): update cockroach and flyway versions (#2138) * chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3 Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0 Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md) - [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * start update dependencies * update mods and otlp * fix(build): update to go 1.16 * old version for k8s mods * update k8s versions * update orbos * fix(operator): update cockroach and flyway version * Update images.go Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Stefan Benz * fix import * fix typo * fix(migration): add org projection * fix(projection): correct table for org events in org owners * better insert stmt * fix typo * fix typo * set max connection lifetime * set max conns and conn lifetime in eventstore v1 * configure sql connection settings * add mig for agg type index * fix replace tab in yaml * handler interfaces * subscription * first try * handler * move sql client initialization * first part implemented * removed all occurencies of org by id and search orgs * fix merge issues * cleanup code * fix: queries implements orgviewprovider * cleanup * refactor text comparison * remove unused file * remove unused code * log * remove unused code * remove unused field * remove unused file * refactor * tests for search query * remove try * simplify state change mappers * projection tests * query functions * move reusable objects to separate files * rename domain column to primar_domain * fix tests * add current sequence * remove log prints * fix tests * fix: verifier * fix test * rename domain col migrations * simplify search response * feat: project projections * add custom column constructors * feat: project projections * feat: project projections * feat: project projections tests * fix: remove unused code * feat: project grant search * fix: org projection table const * fix: columns * fix: multiple joins * fix: multiple joins * fix: full column name * fix: project grants search * fix: project search * fix: migration * tests: project grant tests * tests: project grant tests * tests: project grant tests * feat: search queries * feat: text query extension * feat: set permission queries * fix: tests for query * feat: project and project grant query side * fix: tests * feat: role projection * feat: project roles * number query * add deprection message * column in a single place (#2416) * column in a single place * use projection for columns * query column with aliases * rename methods * remove unused code * feat: project roles * column for current sequences * feat: project roles * feat: project roles test * feat: remove unused code * fix: migrations * remove wrong projection * feat: pr comments * Update internal/query/project_grant.go Co-authored-by: Silvan * Update internal/query/projection/project.go Co-authored-by: Silvan * fix: pr comments Co-authored-by: adlerhurst Co-authored-by: Max Peintner Co-authored-by: Livio Amstutz Co-authored-by: Florian Forster Co-authored-by: mffap Co-authored-by: Maximilian Panne Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com> Co-authored-by: Elio Bischof Co-authored-by: Stefan Benz --- internal/api/grpc/management/project.go | 74 ++-- .../api/grpc/management/project_converter.go | 61 ++-- internal/api/grpc/management/project_grant.go | 12 +- .../management/project_grant_converter.go | 49 ++- internal/api/grpc/project/converter.go | 165 +++++---- internal/api/grpc/project/project_grant.go | 43 --- .../eventsourcing/eventstore/project.go | 251 ------------- .../eventsourcing/handler/handler.go | 4 - .../eventsourcing/handler/project.go | 102 ------ .../eventsourcing/handler/project_grant.go | 213 ----------- .../repository/eventsourcing/view/project.go | 58 --- .../eventsourcing/view/project_grant.go | 81 ----- internal/management/repository/project.go | 11 - .../view/model/project_grant_member_test.go | 5 +- .../view/model/project_grant_test.go | 22 +- .../view/model/project_member_test.go | 5 +- .../repository/view/model/project_role.go | 14 - .../view/model/project_role_test.go | 3 +- .../repository/view/model/project_test.go | 22 +- internal/query/project.go | 268 ++++++++++++++ internal/query/project_grant.go | 330 ++++++++++++++++++ internal/query/project_role.go | 285 +++++++++++++++ .../{test_event.go => event_test.go} | 0 .../{test_executer.go => executer_test.go} | 3 +- internal/query/projection/project.go | 130 ++++--- internal/query/projection/project_grant.go | 201 +++++++++++ .../query/projection/project_grant_test.go | 214 ++++++++++++ internal/query/projection/project_role.go | 121 +++++++ .../query/projection/project_role_test.go | 150 ++++++++ internal/query/projection/project_test.go | 215 ++++++++++++ internal/query/projection/projection.go | 6 +- internal/query/search_query.go | 53 ++- .../repository/view/model/notify_user_test.go | 50 +-- .../user/repository/view/model/user_test.go | 196 +++++------ .../repository/view/model/user_grant_test.go | 22 +- .../cockroach/V1.75__project_projections.sql | 37 ++ 36 files changed, 2341 insertions(+), 1135 deletions(-) delete mode 100644 internal/api/grpc/project/project_grant.go delete mode 100644 internal/management/repository/eventsourcing/handler/project.go delete mode 100644 internal/management/repository/eventsourcing/handler/project_grant.go delete mode 100644 internal/management/repository/eventsourcing/view/project.go delete mode 100644 internal/management/repository/eventsourcing/view/project_grant.go create mode 100644 internal/query/project.go create mode 100644 internal/query/project_grant.go create mode 100644 internal/query/project_role.go rename internal/query/projection/{test_event.go => event_test.go} (100%) rename internal/query/projection/{test_executer.go => executer_test.go} (94%) create mode 100644 internal/query/projection/project_grant.go create mode 100644 internal/query/projection/project_grant_test.go create mode 100644 internal/query/projection/project_role.go create mode 100644 internal/query/projection/project_role_test.go create mode 100644 internal/query/projection/project_test.go create mode 100644 migrations/cockroach/V1.75__project_projections.sql diff --git a/internal/api/grpc/management/project.go b/internal/api/grpc/management/project.go index 50e9e89cc6..a638091bbf 100644 --- a/internal/api/grpc/management/project.go +++ b/internal/api/grpc/management/project.go @@ -12,39 +12,46 @@ import ( ) func (s *Server) GetProjectByID(ctx context.Context, req *mgmt_pb.GetProjectByIDRequest) (*mgmt_pb.GetProjectByIDResponse, error) { - project, err := s.project.ProjectByID(ctx, req.Id) + project, err := s.query.ProjectByID(ctx, req.Id) if err != nil { return nil, err } return &mgmt_pb.GetProjectByIDResponse{ - Project: project_grpc.ProjectToPb(project), + Project: project_grpc.ProjectViewToPb(project), }, nil } func (s *Server) GetGrantedProjectByID(ctx context.Context, req *mgmt_pb.GetGrantedProjectByIDRequest) (*mgmt_pb.GetGrantedProjectByIDResponse, error) { - project, err := s.project.ProjectGrantViewByID(ctx, req.GrantId) + project, err := s.query.ProjectGrantByID(ctx, req.GrantId) if err != nil { return nil, err } return &mgmt_pb.GetGrantedProjectByIDResponse{ - GrantedProject: project_grpc.GrantedProjectToPb(project), + GrantedProject: project_grpc.GrantedProjectViewToPb(project), }, nil } func (s *Server) ListProjects(ctx context.Context, req *mgmt_pb.ListProjectsRequest) (*mgmt_pb.ListProjectsResponse, error) { - queries, err := ListProjectsRequestToModel(req) + queries, err := listProjectRequestToModel(req) if err != nil { return nil, err } - queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID) - projects, err := s.project.SearchProjects(ctx, queries) + err = queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID) + if err != nil { + return nil, err + } + err = queries.AppendPermissionQueries(authz.GetRequestPermissionsFromCtx(ctx)) + if err != nil { + return nil, err + } + projects, err := s.query.SearchProjects(ctx, queries) if err != nil { return nil, err } return &mgmt_pb.ListProjectsResponse{ - Result: project_grpc.ProjectsToPb(projects.Result), + Result: project_grpc.ProjectViewsToPb(projects.Projects), Details: object_grpc.ToListDetails( - projects.TotalResult, + projects.Count, projects.Sequence, projects.Timestamp, ), @@ -52,19 +59,26 @@ func (s *Server) ListProjects(ctx context.Context, req *mgmt_pb.ListProjectsRequ } func (s *Server) ListGrantedProjects(ctx context.Context, req *mgmt_pb.ListGrantedProjectsRequest) (*mgmt_pb.ListGrantedProjectsResponse, error) { - queries, err := ListGrantedProjectsRequestToModel(req) + queries, err := listGrantedProjectsRequestToModel(req) if err != nil { return nil, err } - queries.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID) - projects, err := s.project.SearchGrantedProjects(ctx, queries) + err = queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID) + if err != nil { + return nil, err + } + err = queries.AppendPermissionQueries(authz.GetRequestPermissionsFromCtx(ctx)) + if err != nil { + return nil, err + } + projects, err := s.query.SearchProjectGrants(ctx, queries) if err != nil { return nil, err } return &mgmt_pb.ListGrantedProjectsResponse{ - Result: project_grpc.GrantedProjectsToPb(projects.Result), + Result: project_grpc.GrantedProjectViewsToPb(projects.ProjectGrants), Details: object_grpc.ToListDetails( - projects.TotalResult, + projects.Count, projects.Sequence, projects.Timestamp, ), @@ -72,19 +86,22 @@ func (s *Server) ListGrantedProjects(ctx context.Context, req *mgmt_pb.ListGrant } func (s *Server) ListGrantedProjectRoles(ctx context.Context, req *mgmt_pb.ListGrantedProjectRolesRequest) (*mgmt_pb.ListGrantedProjectRolesResponse, error) { - queries, err := ListGrantedProjectRolesRequestToModel(req) + queries, err := listGrantedProjectRolesRequestToModel(req) if err != nil { return nil, err } - queries.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID) - roles, err := s.project.SearchProjectGrantRoles(ctx, req.ProjectId, req.GrantId, queries) + err = queries.AppendProjectIDQuery(req.ProjectId) + if err != nil { + return nil, err + } + roles, err := s.query.SearchGrantedProjectRoles(ctx, req.GrantId, authz.GetCtxData(ctx).OrgID, queries) if err != nil { return nil, err } return &mgmt_pb.ListGrantedProjectRolesResponse{ - Result: project_grpc.RolesToPb(roles.Result), + Result: project_grpc.RoleViewsToPb(roles.ProjectRoles), Details: object_grpc.ToListDetails( - roles.TotalResult, + roles.Count, roles.Sequence, roles.Timestamp, ), @@ -171,19 +188,26 @@ func (s *Server) RemoveProject(ctx context.Context, req *mgmt_pb.RemoveProjectRe } func (s *Server) ListProjectRoles(ctx context.Context, req *mgmt_pb.ListProjectRolesRequest) (*mgmt_pb.ListProjectRolesResponse, error) { - queries, err := ListProjectRolesRequestToModel(req) + queries, err := listProjectRolesRequestToModel(req) if err != nil { return nil, err } - queries.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID) - roles, err := s.project.SearchProjectRoles(ctx, req.ProjectId, queries) + err = queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID) + if err != nil { + return nil, err + } + err = queries.AppendProjectIDQuery(req.ProjectId) + if err != nil { + return nil, err + } + roles, err := s.query.SearchProjectRoles(ctx, queries) if err != nil { return nil, err } return &mgmt_pb.ListProjectRolesResponse{ - Result: project_grpc.RolesToPb(roles.Result), + Result: project_grpc.RoleViewsToPb(roles.ProjectRoles), Details: object_grpc.ToListDetails( - roles.TotalResult, + roles.Count, roles.Sequence, roles.Timestamp, ), @@ -233,7 +257,7 @@ func (s *Server) RemoveProjectRole(ctx context.Context, req *mgmt_pb.RemoveProje if err != nil { return nil, err } - projectGrants, err := s.project.ProjectGrantsByProjectIDAndRoleKey(ctx, req.ProjectId, req.RoleKey) + projectGrants, err := s.query.SearchProjectGrantsByProjectIDAndRoleKey(ctx, req.ProjectId, req.RoleKey) if err != nil { return nil, err } diff --git a/internal/api/grpc/management/project_converter.go b/internal/api/grpc/management/project_converter.go index 084ec6b685..2cb2876dc4 100644 --- a/internal/api/grpc/management/project_converter.go +++ b/internal/api/grpc/management/project_converter.go @@ -7,6 +7,7 @@ import ( "github.com/caos/zitadel/internal/domain" "github.com/caos/zitadel/internal/eventstore/v1/models" proj_model "github.com/caos/zitadel/internal/project/model" + "github.com/caos/zitadel/internal/query" mgmt_pb "github.com/caos/zitadel/pkg/grpc/management" proj_pb "github.com/caos/zitadel/pkg/grpc/project" ) @@ -82,9 +83,9 @@ func UpdateProjectRoleRequestToDomain(req *mgmt_pb.UpdateProjectRoleRequest) *do } } -func ProjectGrantsToIDs(projectGrants []*proj_model.ProjectGrantView) []string { - converted := make([]string, len(projectGrants)) - for i, grant := range projectGrants { +func ProjectGrantsToIDs(projectGrants *query.ProjectGrants) []string { + converted := make([]string, len(projectGrants.ProjectGrants)) + for i, grant := range projectGrants.ProjectGrants { converted[i] = grant.GrantID } return converted @@ -98,62 +99,66 @@ func UpdateProjectMemberRequestToDomain(req *mgmt_pb.UpdateProjectMemberRequest) return domain.NewMember(req.ProjectId, req.UserId, req.Roles...) } -func ListProjectsRequestToModel(req *mgmt_pb.ListProjectsRequest) (*proj_model.ProjectViewSearchRequest, error) { +func listProjectRequestToModel(req *mgmt_pb.ListProjectsRequest) (*query.ProjectSearchQueries, error) { offset, limit, asc := object.ListQueryToModel(req.Query) queries, err := proj_grpc.ProjectQueriesToModel(req.Queries) if err != nil { return nil, err } - return &proj_model.ProjectViewSearchRequest{ - Offset: offset, - Limit: limit, - Asc: asc, - //SortingColumn: //TODO: sorting + return &query.ProjectSearchQueries{ + SearchRequest: query.SearchRequest{ + Offset: offset, + Limit: limit, + Asc: asc, + }, Queries: queries, }, nil } -func ListGrantedProjectsRequestToModel(req *mgmt_pb.ListGrantedProjectsRequest) (*proj_model.ProjectGrantViewSearchRequest, error) { +func listGrantedProjectsRequestToModel(req *mgmt_pb.ListGrantedProjectsRequest) (*query.ProjectGrantSearchQueries, error) { offset, limit, asc := object.ListQueryToModel(req.Query) - queries, err := proj_grpc.GrantedProjectQueriesToModel(req.Queries) + queries, err := proj_grpc.ProjectQueriesToModel(req.Queries) if err != nil { return nil, err } - return &proj_model.ProjectGrantViewSearchRequest{ - Offset: offset, - Limit: limit, - Asc: asc, - //SortingColumn: //TODO: sorting + return &query.ProjectGrantSearchQueries{ + SearchRequest: query.SearchRequest{ + Offset: offset, + Limit: limit, + Asc: asc, + }, Queries: queries, }, nil } -func ListProjectRolesRequestToModel(req *mgmt_pb.ListProjectRolesRequest) (*proj_model.ProjectRoleSearchRequest, error) { +func listProjectRolesRequestToModel(req *mgmt_pb.ListProjectRolesRequest) (*query.ProjectRoleSearchQueries, error) { offset, limit, asc := object.ListQueryToModel(req.Query) queries, err := proj_grpc.RoleQueriesToModel(req.Queries) if err != nil { return nil, err } - return &proj_model.ProjectRoleSearchRequest{ - Offset: offset, - Limit: limit, - Asc: asc, - //SortingColumn: //TODO: sorting + return &query.ProjectRoleSearchQueries{ + SearchRequest: query.SearchRequest{ + Offset: offset, + Limit: limit, + Asc: asc, + }, Queries: queries, }, nil } -func ListGrantedProjectRolesRequestToModel(req *mgmt_pb.ListGrantedProjectRolesRequest) (*proj_model.ProjectRoleSearchRequest, error) { +func listGrantedProjectRolesRequestToModel(req *mgmt_pb.ListGrantedProjectRolesRequest) (*query.ProjectRoleSearchQueries, error) { offset, limit, asc := object.ListQueryToModel(req.Query) queries, err := proj_grpc.RoleQueriesToModel(req.Queries) if err != nil { return nil, err } - return &proj_model.ProjectRoleSearchRequest{ - Offset: offset, - Limit: limit, - Asc: asc, - //SortingColumn: //TODO: sorting + return &query.ProjectRoleSearchQueries{ + SearchRequest: query.SearchRequest{ + Offset: offset, + Limit: limit, + Asc: asc, + }, Queries: queries, }, nil } diff --git a/internal/api/grpc/management/project_grant.go b/internal/api/grpc/management/project_grant.go index 554d90fbbb..e4250c7a9b 100644 --- a/internal/api/grpc/management/project_grant.go +++ b/internal/api/grpc/management/project_grant.go @@ -12,29 +12,29 @@ import ( ) func (s *Server) GetProjectGrantByID(ctx context.Context, req *mgmt_pb.GetProjectGrantByIDRequest) (*mgmt_pb.GetProjectGrantByIDResponse, error) { - grant, err := s.project.ProjectGrantByID(ctx, req.GrantId) + grant, err := s.query.ProjectGrantByID(ctx, req.GrantId) if err != nil { return nil, err } return &mgmt_pb.GetProjectGrantByIDResponse{ - ProjectGrant: proj_grpc.GrantedProjectToPb(grant), + ProjectGrant: proj_grpc.GrantedProjectViewToPb(grant), }, nil } func (s *Server) ListProjectGrants(ctx context.Context, req *mgmt_pb.ListProjectGrantsRequest) (*mgmt_pb.ListProjectGrantsResponse, error) { - queries, err := ListProjectGrantsRequestToModel(req) + queries, err := listProjectGrantsRequestToModel(req) if err != nil { return nil, err } queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID) - domains, err := s.project.SearchProjectGrants(ctx, queries) + domains, err := s.query.SearchProjectGrants(ctx, queries) if err != nil { return nil, err } return &mgmt_pb.ListProjectGrantsResponse{ - Result: proj_grpc.GrantedProjectsToPb(domains.Result), + Result: proj_grpc.GrantedProjectViewsToPb(domains.ProjectGrants), Details: object_grpc.ToListDetails( - domains.TotalResult, + domains.Count, domains.Sequence, domains.Timestamp, ), diff --git a/internal/api/grpc/management/project_grant_converter.go b/internal/api/grpc/management/project_grant_converter.go index 41c86c9a16..d843d60f80 100644 --- a/internal/api/grpc/management/project_grant_converter.go +++ b/internal/api/grpc/management/project_grant_converter.go @@ -3,30 +3,53 @@ package management import ( member_grpc "github.com/caos/zitadel/internal/api/grpc/member" "github.com/caos/zitadel/internal/api/grpc/object" - proj_grpc "github.com/caos/zitadel/internal/api/grpc/project" "github.com/caos/zitadel/internal/domain" + "github.com/caos/zitadel/internal/errors" "github.com/caos/zitadel/internal/eventstore/v1/models" proj_model "github.com/caos/zitadel/internal/project/model" + "github.com/caos/zitadel/internal/query" mgmt_pb "github.com/caos/zitadel/pkg/grpc/management" + proj_pb "github.com/caos/zitadel/pkg/grpc/project" ) -func ListProjectGrantsRequestToModel(req *mgmt_pb.ListProjectGrantsRequest) (*proj_model.ProjectGrantViewSearchRequest, error) { +func listProjectGrantsRequestToModel(req *mgmt_pb.ListProjectGrantsRequest) (*query.ProjectGrantSearchQueries, error) { offset, limit, asc := object.ListQueryToModel(req.Query) - queries := proj_grpc.ProjectGrantQueriesToModel(req.Queries) - queries = append(queries, &proj_model.ProjectGrantViewSearchQuery{ - Key: proj_model.GrantedProjectSearchKeyProjectID, - Method: domain.SearchMethodEquals, - Value: req.ProjectId, - }) - return &proj_model.ProjectGrantViewSearchRequest{ - Offset: offset, - Limit: limit, - Asc: asc, - //SortingColumn: //TODO: sorting + queries, err := ProjectGrantQueriesToModel(req.Queries) + if err != nil { + return nil, err + } + return &query.ProjectGrantSearchQueries{ + SearchRequest: query.SearchRequest{ + Offset: offset, + Limit: limit, + Asc: asc, + }, Queries: queries, }, nil } +func ProjectGrantQueriesToModel(queries []*proj_pb.ProjectGrantQuery) (_ []query.SearchQuery, err error) { + q := make([]query.SearchQuery, len(queries)) + for i, query := range queries { + q[i], err = ProjectGrantQueryToModel(query) + if err != nil { + return nil, err + } + } + return q, nil +} + +func ProjectGrantQueryToModel(apiQuery *proj_pb.ProjectGrantQuery) (query.SearchQuery, error) { + switch q := apiQuery.Query.(type) { + case *proj_pb.ProjectGrantQuery_ProjectNameQuery: + return query.NewProjectGrantProjectNameSearchQuery(object.TextMethodToQuery(q.ProjectNameQuery.Method), q.ProjectNameQuery.Name) + case *proj_pb.ProjectGrantQuery_RoleKeyQuery: + return query.NewProjectGrantRoleKeySearchQuery(q.RoleKeyQuery.RoleKey) + default: + return nil, errors.ThrowInvalidArgument(nil, "PROJECT-M099f", "List.Query.Invalid") + } +} + func AddProjectGrantRequestToDomain(req *mgmt_pb.AddProjectGrantRequest) *domain.ProjectGrant { return &domain.ProjectGrant{ ObjectRoot: models.ObjectRoot{ diff --git a/internal/api/grpc/project/converter.go b/internal/api/grpc/project/converter.go index 3176527651..e3490dfc15 100644 --- a/internal/api/grpc/project/converter.go +++ b/internal/api/grpc/project/converter.go @@ -1,68 +1,100 @@ package project import ( - object_grpc "github.com/caos/zitadel/internal/api/grpc/object" + "github.com/caos/zitadel/internal/api/grpc/object" "github.com/caos/zitadel/internal/domain" "github.com/caos/zitadel/internal/errors" proj_model "github.com/caos/zitadel/internal/project/model" + "github.com/caos/zitadel/internal/query" proj_pb "github.com/caos/zitadel/pkg/grpc/project" ) -func ProjectToPb(project *proj_model.ProjectView) *proj_pb.Project { +func ProjectViewsToPb(projects []*query.Project) []*proj_pb.Project { + o := make([]*proj_pb.Project, len(projects)) + for i, org := range projects { + o[i] = ProjectViewToPb(org) + } + return o +} + +func ProjectViewToPb(project *query.Project) *proj_pb.Project { return &proj_pb.Project{ - Id: project.ProjectID, - Details: object_grpc.ToViewDetailsPb(project.Sequence, project.CreationDate, project.ChangeDate, project.ResourceOwner), - Name: project.Name, - State: projectStateToPb(project.State), - ProjectRoleAssertion: project.ProjectRoleAssertion, - ProjectRoleCheck: project.ProjectRoleCheck, - HasProjectCheck: project.HasProjectCheck, - PrivateLabelingSetting: privateLabelingSettingToPb(project.PrivateLabelingSetting), + Id: project.ID, + State: projectStateToPb(project.State), + Name: project.Name, + Details: object.ToViewDetailsPb( + project.Sequence, + project.CreationDate, + project.ChangeDate, + project.ResourceOwner, + ), } } -func GrantedProjectToPb(project *proj_model.ProjectGrantView) *proj_pb.GrantedProject { +func GrantedProjectViewsToPb(projects []*query.ProjectGrant) []*proj_pb.GrantedProject { + p := make([]*proj_pb.GrantedProject, len(projects)) + for i, project := range projects { + p[i] = GrantedProjectViewToPb(project) + } + return p +} + +func GrantedProjectViewToPb(project *query.ProjectGrant) *proj_pb.GrantedProject { return &proj_pb.GrantedProject{ - GrantId: project.GrantID, ProjectId: project.ProjectID, - Details: object_grpc.ToViewDetailsPb(project.Sequence, project.CreationDate, project.ChangeDate, project.ResourceOwner), - ProjectName: project.Name, - State: grantedProjectStateToPb(project.State), + GrantId: project.GrantID, + Details: object.ToViewDetailsPb(project.Sequence, project.CreationDate, project.ChangeDate, project.ResourceOwner), + ProjectName: project.ProjectName, + State: projectGrantStateToPb(project.State), ProjectOwnerId: project.ResourceOwner, ProjectOwnerName: project.ResourceOwnerName, - GrantedOrgId: project.OrgID, + GrantedOrgId: project.GrantedOrgID, GrantedOrgName: project.OrgName, GrantedRoleKeys: project.GrantedRoleKeys, } } - -func ProjectsToPb(projects []*proj_model.ProjectView) []*proj_pb.Project { - p := make([]*proj_pb.Project, len(projects)) - for i, project := range projects { - p[i] = ProjectToPb(project) +func ProjectQueriesToModel(queries []*proj_pb.ProjectQuery) (_ []query.SearchQuery, err error) { + q := make([]query.SearchQuery, len(queries)) + for i, query := range queries { + q[i], err = ProjectQueryToModel(query) + if err != nil { + return nil, err + } } - return p + return q, nil } -func GrantedProjectsToPb(projects []*proj_model.ProjectGrantView) []*proj_pb.GrantedProject { - p := make([]*proj_pb.GrantedProject, len(projects)) - for i, project := range projects { - p[i] = GrantedProjectToPb(project) +func ProjectQueryToModel(apiQuery *proj_pb.ProjectQuery) (query.SearchQuery, error) { + switch q := apiQuery.Query.(type) { + case *proj_pb.ProjectQuery_NameQuery: + return query.NewProjectNameSearchQuery(object.TextMethodToQuery(q.NameQuery.Method), q.NameQuery.Name) + default: + return nil, errors.ThrowInvalidArgument(nil, "ORG-vR9nC", "List.Query.Invalid") } - return p } -func projectStateToPb(state proj_model.ProjectState) proj_pb.ProjectState { +func projectStateToPb(state domain.ProjectState) proj_pb.ProjectState { switch state { - case proj_model.ProjectStateActive: + case domain.ProjectStateActive: return proj_pb.ProjectState_PROJECT_STATE_ACTIVE - case proj_model.ProjectStateInactive: + case domain.ProjectStateInactive: return proj_pb.ProjectState_PROJECT_STATE_INACTIVE default: return proj_pb.ProjectState_PROJECT_STATE_UNSPECIFIED } } +func projectGrantStateToPb(state domain.ProjectGrantState) proj_pb.ProjectGrantState { + switch state { + case domain.ProjectGrantStateActive: + return proj_pb.ProjectGrantState_PROJECT_GRANT_STATE_ACTIVE + case domain.ProjectGrantStateInactive: + return proj_pb.ProjectGrantState_PROJECT_GRANT_STATE_INACTIVE + default: + return proj_pb.ProjectGrantState_PROJECT_GRANT_STATE_UNSPECIFIED + } +} + func privateLabelingSettingToPb(setting domain.PrivateLabelingSetting) proj_pb.PrivateLabelingSetting { switch setting { case domain.PrivateLabelingSettingAllowLoginUserResourceOwnerPolicy: @@ -85,34 +117,6 @@ func grantedProjectStateToPb(state proj_model.ProjectState) proj_pb.ProjectGrant } } -func ProjectQueriesToModel(queries []*proj_pb.ProjectQuery) (_ []*proj_model.ProjectViewSearchQuery, err error) { - q := make([]*proj_model.ProjectViewSearchQuery, len(queries)) - for i, query := range queries { - q[i], err = ProjectQueryToModel(query) - if err != nil { - return nil, err - } - } - return q, nil -} - -func ProjectQueryToModel(query *proj_pb.ProjectQuery) (*proj_model.ProjectViewSearchQuery, error) { - switch q := query.Query.(type) { - case *proj_pb.ProjectQuery_NameQuery: - return ProjectQueryNameToModel(q.NameQuery), nil - default: - return nil, errors.ThrowInvalidArgument(nil, "ORG-Ags42", "List.Query.Invalid") - } -} - -func ProjectQueryNameToModel(query *proj_pb.ProjectNameQuery) *proj_model.ProjectViewSearchQuery { - return &proj_model.ProjectViewSearchQuery{ - Key: proj_model.ProjectViewSearchKeyName, - Method: object_grpc.TextMethodToModel(query.Method), - Value: query.Name, - } -} - func GrantedProjectQueriesToModel(queries []*proj_pb.ProjectQuery) (_ []*proj_model.ProjectGrantViewSearchQuery, err error) { q := make([]*proj_model.ProjectGrantViewSearchQuery, len(queries)) for i, query := range queries { @@ -136,13 +140,13 @@ func GrantedProjectQueryToModel(query *proj_pb.ProjectQuery) (*proj_model.Projec func GrantedProjectQueryNameToModel(query *proj_pb.ProjectNameQuery) *proj_model.ProjectGrantViewSearchQuery { return &proj_model.ProjectGrantViewSearchQuery{ Key: proj_model.GrantedProjectSearchKeyName, - Method: object_grpc.TextMethodToModel(query.Method), + Method: object.TextMethodToModel(query.Method), Value: query.Name, } } -func RoleQueriesToModel(queries []*proj_pb.RoleQuery) (_ []*proj_model.ProjectRoleSearchQuery, err error) { - q := make([]*proj_model.ProjectRoleSearchQuery, len(queries)) +func RoleQueriesToModel(queries []*proj_pb.RoleQuery) (_ []query.SearchQuery, err error) { + q := make([]query.SearchQuery, len(queries)) for i, query := range queries { q[i], err = RoleQueryToModel(query) if err != nil { @@ -152,30 +156,37 @@ func RoleQueriesToModel(queries []*proj_pb.RoleQuery) (_ []*proj_model.ProjectRo return q, nil } -func RoleQueryToModel(query *proj_pb.RoleQuery) (*proj_model.ProjectRoleSearchQuery, error) { - switch q := query.Query.(type) { +func RoleQueryToModel(apiQuery *proj_pb.RoleQuery) (query.SearchQuery, error) { + switch q := apiQuery.Query.(type) { case *proj_pb.RoleQuery_KeyQuery: - return RoleQueryKeyToModel(q.KeyQuery), nil + return query.NewProjectRoleKeySearchQuery(object.TextMethodToQuery(q.KeyQuery.Method), q.KeyQuery.Key) case *proj_pb.RoleQuery_DisplayNameQuery: - return RoleQueryDisplayNameToModel(q.DisplayNameQuery), nil + return query.NewProjectRoleDisplayNameSearchQuery(object.TextMethodToQuery(q.DisplayNameQuery.Method), q.DisplayNameQuery.DisplayName) default: - return nil, errors.ThrowInvalidArgument(nil, "ORG-Ags42", "List.Query.Invalid") + return nil, errors.ThrowInvalidArgument(nil, "PROJECT-fms0e", "List.Query.Invalid") } } -func RoleQueryKeyToModel(query *proj_pb.RoleKeyQuery) *proj_model.ProjectRoleSearchQuery { - return &proj_model.ProjectRoleSearchQuery{ - Key: proj_model.ProjectRoleSearchKeyKey, - Method: object_grpc.TextMethodToModel(query.Method), - Value: query.Key, +func RoleViewsToPb(roles []*query.ProjectRole) []*proj_pb.Role { + o := make([]*proj_pb.Role, len(roles)) + for i, org := range roles { + o[i] = RoleViewToPb(org) } + return o } -func RoleQueryDisplayNameToModel(query *proj_pb.RoleDisplayNameQuery) *proj_model.ProjectRoleSearchQuery { - return &proj_model.ProjectRoleSearchQuery{ - Key: proj_model.ProjectRoleSearchKeyDisplayName, - Method: object_grpc.TextMethodToModel(query.Method), - Value: query.DisplayName, +func RoleViewToPb(role *query.ProjectRole) *proj_pb.Role { + return &proj_pb.Role{ + Key: role.Key, + DisplayName: role.DisplayName, + Group: role.Group, + Details: object.ToViewDetailsPb( + + role.Sequence, + role.CreationDate, + role.ChangeDate, + role.ResourceOwner, + ), } } @@ -190,7 +201,7 @@ func RolesToPb(roles []*proj_model.ProjectRoleView) []*proj_pb.Role { func RoleToPb(role *proj_model.ProjectRoleView) *proj_pb.Role { return &proj_pb.Role{ Key: role.Key, - Details: object_grpc.ToViewDetailsPb(role.Sequence, role.CreationDate, role.ChangeDate, role.ResourceOwner), + Details: object.ToViewDetailsPb(role.Sequence, role.CreationDate, role.ChangeDate, role.ResourceOwner), DisplayName: role.DisplayName, Group: role.Group, } diff --git a/internal/api/grpc/project/project_grant.go b/internal/api/grpc/project/project_grant.go deleted file mode 100644 index d97c01b983..0000000000 --- a/internal/api/grpc/project/project_grant.go +++ /dev/null @@ -1,43 +0,0 @@ -package project - -import ( - object_grpc "github.com/caos/zitadel/internal/api/grpc/object" - proj_model "github.com/caos/zitadel/internal/project/model" - "github.com/caos/zitadel/pkg/grpc/project" - proj_pb "github.com/caos/zitadel/pkg/grpc/project" -) - -func ProjectGrantQueriesToModel(queries []*project.ProjectGrantQuery) []*proj_model.ProjectGrantViewSearchQuery { - q := make([]*proj_model.ProjectGrantViewSearchQuery, len(queries)) - for i, query := range queries { - q[i] = ProjectGrantQueryToModel(query) - } - return q -} - -func ProjectGrantQueryToModel(query *project.ProjectGrantQuery) *proj_model.ProjectGrantViewSearchQuery { - switch q := query.Query.(type) { - case *proj_pb.ProjectGrantQuery_ProjectNameQuery: - return ProjectGrantNameToProjectQuery(q.ProjectNameQuery) - case *proj_pb.ProjectGrantQuery_RoleKeyQuery: - return ProjectGrantRoleToProjectQuery(q.RoleKeyQuery) - default: - return nil - } -} - -func ProjectGrantNameToProjectQuery(query *proj_pb.GrantProjectNameQuery) *proj_model.ProjectGrantViewSearchQuery { - return &proj_model.ProjectGrantViewSearchQuery{ - Key: proj_model.GrantedProjectSearchKeyName, - Method: object_grpc.TextMethodToModel(query.Method), - Value: query.Name, - } -} - -func ProjectGrantRoleToProjectQuery(query *proj_pb.GrantRoleKeyQuery) *proj_model.ProjectGrantViewSearchQuery { - return &proj_model.ProjectGrantViewSearchQuery{ - Key: proj_model.GrantedProjectSearchKeyRoleKeys, - Method: object_grpc.TextMethodToModel(query.Method), - Value: query.RoleKey, - } -} diff --git a/internal/management/repository/eventsourcing/eventstore/project.go b/internal/management/repository/eventsourcing/eventstore/project.go index 5b1e86e731..762d0a9ff5 100644 --- a/internal/management/repository/eventsourcing/eventstore/project.go +++ b/internal/management/repository/eventsourcing/eventstore/project.go @@ -38,106 +38,6 @@ type ProjectRepo struct { PrefixAvatarURL string } -func (repo *ProjectRepo) ProjectByID(ctx context.Context, id string) (*proj_model.ProjectView, error) { - project, viewErr := repo.View.ProjectByID(id) - if viewErr != nil && !caos_errs.IsNotFound(viewErr) { - return nil, viewErr - } - if caos_errs.IsNotFound(viewErr) { - project = new(model.ProjectView) - } - - sequence := project.Sequence - currentSequence, err := repo.View.GetLatestProjectSequence() - if err == nil { - sequence = currentSequence.CurrentSequence - } - - events, esErr := repo.getProjectEvents(ctx, id, sequence) - if caos_errs.IsNotFound(viewErr) && len(events) == 0 { - return nil, caos_errs.ThrowNotFound(nil, "EVENT-8yfKu", "Errors.Project.NotFound") - } - - if esErr != nil { - logging.Log("EVENT-V9x1V").WithError(viewErr).Debug("error retrieving new events") - return model.ProjectToModel(project), nil - } - - viewProject := *project - for _, event := range events { - err := project.AppendEvent(event) - if err != nil { - return model.ProjectToModel(&viewProject), nil - } - } - if viewProject.State == int32(proj_model.ProjectStateRemoved) { - return nil, caos_errs.ThrowNotFound(nil, "EVENT-3Mo0s", "Errors.Project.NotFound") - } - return model.ProjectToModel(project), nil -} - -func (repo *ProjectRepo) SearchProjects(ctx context.Context, request *proj_model.ProjectViewSearchRequest) (*proj_model.ProjectViewSearchResponse, error) { - err := request.EnsureLimit(repo.SearchLimit) - if err != nil { - return nil, err - } - sequence, sequenceErr := repo.View.GetLatestProjectSequence() - logging.Log("EVENT-Edc56").OnError(sequenceErr).Warn("could not read latest project sequence") - - permissions := authz.GetRequestPermissionsFromCtx(ctx) - if !authz.HasGlobalPermission(permissions) { - ids := authz.GetAllPermissionCtxIDs(permissions) - if _, q := request.GetSearchQuery(proj_model.ProjectViewSearchKeyProjectID); q != nil { - containsID := false - for _, id := range ids { - if id == q.Value { - containsID = true - break - } - } - if !containsID { - result := &proj_model.ProjectViewSearchResponse{ - Offset: request.Offset, - Limit: request.Limit, - TotalResult: uint64(0), - Result: []*proj_model.ProjectView{}, - } - if sequenceErr == nil { - result.Sequence = sequence.CurrentSequence - result.Timestamp = sequence.LastSuccessfulSpoolerRun - } - return result, nil - } - } else { - request.Queries = append(request.Queries, &proj_model.ProjectViewSearchQuery{Key: proj_model.ProjectViewSearchKeyProjectID, Method: domain.SearchMethodIsOneOf, Value: ids}) - } - } - - projects, count, err := repo.View.SearchProjects(request) - if err != nil { - return nil, err - } - result := &proj_model.ProjectViewSearchResponse{ - Offset: request.Offset, - Limit: request.Limit, - TotalResult: uint64(count), - Result: model.ProjectsToModel(projects), - } - if sequenceErr == nil { - result.Sequence = sequence.CurrentSequence - result.Timestamp = sequence.LastSuccessfulSpoolerRun - } - return result, nil -} - -func (repo *ProjectRepo) ProjectGrantViewByID(ctx context.Context, grantID string) (project *proj_model.ProjectGrantView, err error) { - p, err := repo.View.ProjectGrantByID(grantID) - if err != nil { - return nil, err - } - return model.ProjectGrantToModel(p), nil -} - func (repo *ProjectRepo) ProjectMemberByID(ctx context.Context, projectID, userID string) (*proj_model.ProjectMemberView, error) { member, err := repo.View.ProjectMemberByIDs(projectID, userID) if err != nil { @@ -170,32 +70,6 @@ func (repo *ProjectRepo) SearchProjectMembers(ctx context.Context, request *proj return result, nil } -func (repo *ProjectRepo) SearchProjectRoles(ctx context.Context, projectID string, request *proj_model.ProjectRoleSearchRequest) (*proj_model.ProjectRoleSearchResponse, error) { - err := request.EnsureLimit(repo.SearchLimit) - if err != nil { - return nil, err - } - request.AppendProjectQuery(projectID) - sequence, sequenceErr := repo.View.GetLatestProjectRoleSequence() - logging.Log("LSp0d-47suf").OnError(sequenceErr).Warn("could not read latest project role sequence") - roles, count, err := repo.View.SearchProjectRoles(request) - if err != nil { - return nil, err - } - - result := &proj_model.ProjectRoleSearchResponse{ - Offset: request.Offset, - Limit: request.Limit, - TotalResult: count, - Result: model.ProjectRolesToModel(roles), - } - if sequenceErr == nil { - result.Sequence = sequence.CurrentSequence - result.Timestamp = sequence.LastSuccessfulSpoolerRun - } - return result, nil -} - func (repo *ProjectRepo) ProjectChanges(ctx context.Context, id string, lastSequence uint64, limit uint64, sortAscending bool, retention time.Duration) (*proj_model.ProjectChanges, error) { changes, err := repo.getProjectChanges(ctx, id, lastSequence, limit, sortAscending, retention) if err != nil { @@ -352,100 +226,6 @@ func (repo *ProjectRepo) GetClientKey(ctx context.Context, projectID, applicatio return key_view_model.AuthNKeyToModel(key), nil } -func (repo *ProjectRepo) ProjectGrantByID(ctx context.Context, grantID string) (*proj_model.ProjectGrantView, error) { - grant, err := repo.View.ProjectGrantByID(grantID) - if err != nil { - return nil, err - } - return model.ProjectGrantToModel(grant), nil -} - -func (repo *ProjectRepo) ProjectGrantsByProjectIDAndRoleKey(ctx context.Context, projectID, roleKey string) ([]*proj_model.ProjectGrantView, error) { - grants, err := repo.View.ProjectGrantsByProjectIDAndRoleKey(projectID, roleKey) - if err != nil { - return nil, err - } - return model.ProjectGrantsToModel(grants), nil -} - -func (repo *ProjectRepo) SearchProjectGrants(ctx context.Context, request *proj_model.ProjectGrantViewSearchRequest) (*proj_model.ProjectGrantViewSearchResponse, error) { - err := request.EnsureLimit(repo.SearchLimit) - if err != nil { - return nil, err - } - sequence, sequenceErr := repo.View.GetLatestProjectGrantSequence() - logging.Log("EVENT-Skw9f").OnError(sequenceErr).Warn("could not read latest project grant sequence") - projects, count, err := repo.View.SearchProjectGrants(request) - if err != nil { - return nil, err - } - result := &proj_model.ProjectGrantViewSearchResponse{ - Offset: request.Offset, - Limit: request.Limit, - TotalResult: count, - Result: model.ProjectGrantsToModel(projects), - } - if sequenceErr == nil { - result.Sequence = sequence.CurrentSequence - result.Timestamp = sequence.LastSuccessfulSpoolerRun - } - return result, nil -} - -func (repo *ProjectRepo) SearchGrantedProjects(ctx context.Context, request *proj_model.ProjectGrantViewSearchRequest) (*proj_model.ProjectGrantViewSearchResponse, error) { - err := request.EnsureLimit(repo.SearchLimit) - if err != nil { - return nil, err - } - sequence, sequenceErr := repo.View.GetLatestProjectGrantSequence() - logging.Log("EVENT-Skw9f").OnError(sequenceErr).Warn("could not read latest project grant sequence") - - permissions := authz.GetRequestPermissionsFromCtx(ctx) - if !authz.HasGlobalPermission(permissions) { - ids := authz.GetAllPermissionCtxIDs(permissions) - if _, q := request.GetSearchQuery(proj_model.GrantedProjectSearchKeyGrantID); q != nil { - containsID := false - for _, id := range ids { - if id == q.Value { - containsID = true - break - } - } - if !containsID { - result := &proj_model.ProjectGrantViewSearchResponse{ - Offset: request.Offset, - Limit: request.Limit, - TotalResult: uint64(0), - Result: []*proj_model.ProjectGrantView{}, - } - if sequenceErr == nil { - result.Sequence = sequence.CurrentSequence - result.Timestamp = sequence.LastSuccessfulSpoolerRun - } - return result, nil - } - } else { - request.Queries = append(request.Queries, &proj_model.ProjectGrantViewSearchQuery{Key: proj_model.GrantedProjectSearchKeyGrantID, Method: domain.SearchMethodIsOneOf, Value: ids}) - } - } - - projects, count, err := repo.View.SearchProjectGrants(request) - if err != nil { - return nil, err - } - result := &proj_model.ProjectGrantViewSearchResponse{ - Offset: request.Offset, - Limit: request.Limit, - TotalResult: count, - Result: model.ProjectGrantsToModel(projects), - } - if sequenceErr == nil { - result.Sequence = sequence.CurrentSequence - result.Timestamp = sequence.LastSuccessfulSpoolerRun - } - return result, nil -} - func (repo *ProjectRepo) ProjectGrantMemberByID(ctx context.Context, projectID, userID string) (*proj_model.ProjectGrantMemberView, error) { member, err := repo.View.ProjectGrantMemberByIDs(projectID, userID) if err != nil { @@ -454,37 +234,6 @@ func (repo *ProjectRepo) ProjectGrantMemberByID(ctx context.Context, projectID, return model.ProjectGrantMemberToModel(member, repo.PrefixAvatarURL), nil } -func (repo *ProjectRepo) SearchProjectGrantRoles(ctx context.Context, projectID, grantID string, request *proj_model.ProjectRoleSearchRequest) (*proj_model.ProjectRoleSearchResponse, error) { - projectGrant, err := repo.ProjectGrantByID(ctx, grantID) - if err != nil { - return nil, err - } - err = request.EnsureLimit(repo.SearchLimit) - if err != nil { - return nil, err - } - request.AppendProjectQuery(projectID) - request.AppendRoleKeysQuery(projectGrant.GrantedRoleKeys) - sequence, sequenceErr := repo.View.GetLatestProjectRoleSequence() - logging.Log("EVENT-3M9fs").OnError(sequenceErr).Warn("could not read latest project role sequence") - roles, count, err := repo.View.SearchProjectRoles(request) - if err != nil { - return nil, err - } - - result := &proj_model.ProjectRoleSearchResponse{ - Offset: request.Offset, - Limit: request.Limit, - TotalResult: count, - Result: model.ProjectRolesToModel(roles), - } - if sequenceErr == nil { - result.Sequence = sequence.CurrentSequence - result.Timestamp = sequence.LastSuccessfulSpoolerRun - } - return result, nil -} - func (repo *ProjectRepo) SearchProjectGrantMembers(ctx context.Context, request *proj_model.ProjectGrantMemberSearchRequest) (*proj_model.ProjectGrantMemberSearchResponse, error) { err := request.EnsureLimit(repo.SearchLimit) if err != nil { diff --git a/internal/management/repository/eventsourcing/handler/handler.go b/internal/management/repository/eventsourcing/handler/handler.go index d2c4ecb2b7..4b67bc0a7b 100644 --- a/internal/management/repository/eventsourcing/handler/handler.go +++ b/internal/management/repository/eventsourcing/handler/handler.go @@ -33,10 +33,6 @@ func (h *handler) Eventstore() v1.Eventstore { func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, es v1.Eventstore, defaults systemdefaults.SystemDefaults, staticStorage static.Storage) []query.Handler { return []query.Handler{ - newProject( - handler{view, bulkLimit, configs.cycleDuration("Project"), errorCount, es}), - newProjectGrant( - handler{view, bulkLimit, configs.cycleDuration("ProjectGrant"), errorCount, es}), newProjectRole(handler{view, bulkLimit, configs.cycleDuration("ProjectRole"), errorCount, es}), newProjectMember(handler{view, bulkLimit, configs.cycleDuration("ProjectMember"), errorCount, es}), newProjectGrantMember(handler{view, bulkLimit, configs.cycleDuration("ProjectGrantMember"), errorCount, es}), diff --git a/internal/management/repository/eventsourcing/handler/project.go b/internal/management/repository/eventsourcing/handler/project.go deleted file mode 100644 index 22fb60b28b..0000000000 --- a/internal/management/repository/eventsourcing/handler/project.go +++ /dev/null @@ -1,102 +0,0 @@ -package handler - -import ( - "github.com/caos/logging" - "github.com/caos/zitadel/internal/eventstore/v1" - - "github.com/caos/zitadel/internal/eventstore/v1/models" - "github.com/caos/zitadel/internal/eventstore/v1/query" - "github.com/caos/zitadel/internal/eventstore/v1/spooler" - es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model" - proj_view "github.com/caos/zitadel/internal/project/repository/view" - view_model "github.com/caos/zitadel/internal/project/repository/view/model" -) - -const ( - projectTable = "management.projects" -) - -type Project struct { - handler - subscription *v1.Subscription -} - -func newProject(handler handler) *Project { - h := &Project{ - handler: handler, - } - - h.subscribe() - - return h -} - -func (m *Project) subscribe() { - m.subscription = m.es.Subscribe(m.AggregateTypes()...) - go func() { - for event := range m.subscription.Events { - query.ReduceEvent(m, event) - } - }() -} - -func (p *Project) ViewModel() string { - return projectTable -} - -func (p *Project) Subscription() *v1.Subscription { - return p.subscription -} - -func (_ *Project) AggregateTypes() []models.AggregateType { - return []models.AggregateType{es_model.ProjectAggregate} -} - -func (p *Project) CurrentSequence() (uint64, error) { - sequence, err := p.view.GetLatestProjectSequence() - if err != nil { - return 0, err - } - return sequence.CurrentSequence, nil -} - -func (p *Project) EventQuery() (*models.SearchQuery, error) { - sequence, err := p.view.GetLatestProjectSequence() - if err != nil { - return nil, err - } - return proj_view.ProjectQuery(sequence.CurrentSequence), nil -} - -func (p *Project) Reduce(event *models.Event) (err error) { - project := new(view_model.ProjectView) - switch event.Type { - case es_model.ProjectAdded: - err = project.AppendEvent(event) - case es_model.ProjectChanged, - es_model.ProjectDeactivated, - es_model.ProjectReactivated: - project, err = p.view.ProjectByID(event.AggregateID) - if err != nil { - return err - } - err = project.AppendEvent(event) - case es_model.ProjectRemoved: - return p.view.DeleteProject(event.AggregateID, event) - default: - return p.view.ProcessedProjectSequence(event) - } - if err != nil { - return err - } - return p.view.PutProject(project, event) -} - -func (p *Project) OnError(event *models.Event, err error) error { - logging.LogWithFields("SPOOL-dLsop3", "id", event.AggregateID).WithError(err).Warn("something went wrong in projecthandler") - return spooler.HandleError(event, err, p.view.GetLatestProjectFailedEvent, p.view.ProcessedProjectFailedEvent, p.view.ProcessedProjectSequence, p.errorCountUntilSkip) -} - -func (p *Project) OnSuccess() error { - return spooler.HandleSuccess(p.view.UpdateProjectSpoolerRunTimestamp) -} diff --git a/internal/management/repository/eventsourcing/handler/project_grant.go b/internal/management/repository/eventsourcing/handler/project_grant.go deleted file mode 100644 index 3b0366a7d1..0000000000 --- a/internal/management/repository/eventsourcing/handler/project_grant.go +++ /dev/null @@ -1,213 +0,0 @@ -package handler - -import ( - "context" - "github.com/caos/zitadel/internal/eventstore/v1" - - "github.com/caos/logging" - - "github.com/caos/zitadel/internal/errors" - "github.com/caos/zitadel/internal/eventstore/v1/models" - "github.com/caos/zitadel/internal/eventstore/v1/query" - es_sdk "github.com/caos/zitadel/internal/eventstore/v1/sdk" - "github.com/caos/zitadel/internal/eventstore/v1/spooler" - org_model "github.com/caos/zitadel/internal/org/model" - org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model" - "github.com/caos/zitadel/internal/org/repository/view" - proj_model "github.com/caos/zitadel/internal/project/model" - es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model" - proj_view "github.com/caos/zitadel/internal/project/repository/view" - view_model "github.com/caos/zitadel/internal/project/repository/view/model" -) - -const ( - grantedProjectTable = "management.project_grants" -) - -type ProjectGrant struct { - handler - subscription *v1.Subscription -} - -func newProjectGrant( - handler handler, -) *ProjectGrant { - h := &ProjectGrant{ - handler: handler, - } - - h.subscribe() - - return h -} - -func (m *ProjectGrant) subscribe() { - m.subscription = m.es.Subscribe(m.AggregateTypes()...) - go func() { - for event := range m.subscription.Events { - query.ReduceEvent(m, event) - } - }() -} - -func (p *ProjectGrant) ViewModel() string { - return grantedProjectTable -} - -func (p *ProjectGrant) Subscription() *v1.Subscription { - return p.subscription -} - -func (_ *ProjectGrant) AggregateTypes() []models.AggregateType { - return []models.AggregateType{es_model.ProjectAggregate} -} - -func (p *ProjectGrant) CurrentSequence() (uint64, error) { - sequence, err := p.view.GetLatestProjectGrantSequence() - if err != nil { - return 0, err - } - return sequence.CurrentSequence, nil -} - -func (p *ProjectGrant) EventQuery() (*models.SearchQuery, error) { - sequence, err := p.view.GetLatestProjectGrantSequence() - if err != nil { - return nil, err - } - return proj_view.ProjectQuery(sequence.CurrentSequence), nil -} - -func (p *ProjectGrant) Reduce(event *models.Event) (err error) { - grantedProject := new(view_model.ProjectGrantView) - switch event.Type { - case es_model.ProjectChanged: - project, err := p.view.ProjectByID(event.AggregateID) - if err != nil { - return err - } - return p.updateExistingProjects(project, event) - case es_model.ProjectGrantAdded: - err = grantedProject.AppendEvent(event) - if err != nil { - return err - } - project, err := p.getProject(grantedProject.ProjectID) - if err != nil { - return err - } - grantedProject.Name = project.Name - - org, err := p.getOrgByID(context.TODO(), grantedProject.OrgID) - if err != nil { - return err - } - resourceOwner, err := p.getOrgByID(context.TODO(), grantedProject.ResourceOwner) - if err != nil { - return err - } - p.fillOrgData(grantedProject, org, resourceOwner) - case es_model.ProjectGrantChanged, es_model.ProjectGrantCascadeChanged: - grant := new(view_model.ProjectGrant) - err = grant.SetData(event) - if err != nil { - return err - } - grantedProject, err = p.view.ProjectGrantByID(grant.GrantID) - if err != nil { - return err - } - err = grantedProject.AppendEvent(event) - case es_model.ProjectGrantRemoved: - grant := new(view_model.ProjectGrant) - err := grant.SetData(event) - if err != nil { - return err - } - return p.view.DeleteProjectGrant(grant.GrantID, event) - case es_model.ProjectRemoved: - err = p.view.DeleteProjectGrantsByProjectID(event.AggregateID) - if err != nil { - return err - } - return p.view.ProcessedProjectGrantSequence(event) - default: - return p.view.ProcessedProjectGrantSequence(event) - } - if err != nil { - return err - } - return p.view.PutProjectGrant(grantedProject, event) -} - -func (p *ProjectGrant) fillOrgData(grantedProject *view_model.ProjectGrantView, org, resourceOwner *org_model.Org) { - grantedProject.OrgName = org.Name - grantedProject.ResourceOwnerName = resourceOwner.Name -} - -func (p *ProjectGrant) getProject(projectID string) (*proj_model.Project, error) { - return p.getProjectByID(context.Background(), projectID) -} - -func (p *ProjectGrant) updateExistingProjects(project *view_model.ProjectView, event *models.Event) error { - projectGrants, err := p.view.ProjectGrantsByProjectID(project.ProjectID) - if err != nil { - logging.LogWithFields("SPOOL-los03", "id", project.ProjectID).WithError(err).Warn("could not update existing projects") - } - for _, existingGrant := range projectGrants { - existingGrant.Name = project.Name - } - return p.view.PutProjectGrants(projectGrants, event) -} - -func (p *ProjectGrant) OnError(event *models.Event, err error) error { - logging.LogWithFields("SPOOL-sQqOg", "id", event.AggregateID).WithError(err).Warn("something went wrong in granted projecthandler") - return spooler.HandleError(event, err, p.view.GetLatestProjectGrantFailedEvent, p.view.ProcessedProjectGrantFailedEvent, p.view.ProcessedProjectGrantSequence, p.errorCountUntilSkip) -} - -func (p *ProjectGrant) OnSuccess() error { - return spooler.HandleSuccess(p.view.UpdateProjectGrantSpoolerRunTimestamp) -} - -func (u *ProjectGrant) getOrgByID(ctx context.Context, orgID string) (*org_model.Org, error) { - query, err := view.OrgByIDQuery(orgID, 0) - if err != nil { - return nil, err - } - - esOrg := &org_es_model.Org{ - ObjectRoot: models.ObjectRoot{ - AggregateID: orgID, - }, - } - err = es_sdk.Filter(ctx, u.Eventstore().FilterEvents, esOrg.AppendEvents, query) - if err != nil && !errors.IsNotFound(err) { - return nil, err - } - if esOrg.Sequence == 0 { - return nil, errors.ThrowNotFound(nil, "EVENT-3m9vs", "Errors.Org.NotFound") - } - - return org_es_model.OrgToModel(esOrg), nil -} - -func (u *ProjectGrant) getProjectByID(ctx context.Context, projID string) (*proj_model.Project, error) { - query, err := proj_view.ProjectByIDQuery(projID, 0) - if err != nil { - return nil, err - } - esProject := &es_model.Project{ - ObjectRoot: models.ObjectRoot{ - AggregateID: projID, - }, - } - err = es_sdk.Filter(ctx, u.Eventstore().FilterEvents, esProject.AppendEvents, query) - if err != nil && !errors.IsNotFound(err) { - return nil, err - } - if esProject.Sequence == 0 { - return nil, errors.ThrowNotFound(nil, "EVENT-NBrw2", "Errors.Project.NotFound") - } - - return es_model.ProjectToModel(esProject), nil -} diff --git a/internal/management/repository/eventsourcing/view/project.go b/internal/management/repository/eventsourcing/view/project.go deleted file mode 100644 index ef5ebd8967..0000000000 --- a/internal/management/repository/eventsourcing/view/project.go +++ /dev/null @@ -1,58 +0,0 @@ -package view - -import ( - "github.com/caos/zitadel/internal/errors" - "github.com/caos/zitadel/internal/eventstore/v1/models" - proj_model "github.com/caos/zitadel/internal/project/model" - "github.com/caos/zitadel/internal/project/repository/view" - "github.com/caos/zitadel/internal/project/repository/view/model" - "github.com/caos/zitadel/internal/view/repository" -) - -const ( - projectTable = "management.projects" -) - -func (v *View) ProjectByID(projectID string) (*model.ProjectView, error) { - return view.ProjectByID(v.Db, projectTable, projectID) -} - -func (v *View) SearchProjects(request *proj_model.ProjectViewSearchRequest) ([]*model.ProjectView, uint64, error) { - return view.SearchProjects(v.Db, projectTable, request) -} - -func (v *View) PutProject(project *model.ProjectView, event *models.Event) error { - err := view.PutProject(v.Db, projectTable, project) - if err != nil { - return err - } - return v.ProcessedProjectSequence(event) -} - -func (v *View) DeleteProject(projectID string, event *models.Event) error { - err := view.DeleteProject(v.Db, projectTable, projectID) - if err != nil && !errors.IsNotFound(err) { - return err - } - return v.ProcessedProjectSequence(event) -} - -func (v *View) GetLatestProjectSequence() (*repository.CurrentSequence, error) { - return v.latestSequence(projectTable) -} - -func (v *View) ProcessedProjectSequence(event *models.Event) error { - return v.saveCurrentSequence(projectTable, event) -} - -func (v *View) UpdateProjectSpoolerRunTimestamp() error { - return v.updateSpoolerRunSequence(projectTable) -} - -func (v *View) GetLatestProjectFailedEvent(sequence uint64) (*repository.FailedEvent, error) { - return v.latestFailedEvent(projectTable, sequence) -} - -func (v *View) ProcessedProjectFailedEvent(failedEvent *repository.FailedEvent) error { - return v.saveFailedEvent(failedEvent) -} diff --git a/internal/management/repository/eventsourcing/view/project_grant.go b/internal/management/repository/eventsourcing/view/project_grant.go deleted file mode 100644 index 1630d09080..0000000000 --- a/internal/management/repository/eventsourcing/view/project_grant.go +++ /dev/null @@ -1,81 +0,0 @@ -package view - -import ( - "github.com/caos/zitadel/internal/eventstore/v1/models" - proj_model "github.com/caos/zitadel/internal/project/model" - "github.com/caos/zitadel/internal/project/repository/view" - "github.com/caos/zitadel/internal/project/repository/view/model" - "github.com/caos/zitadel/internal/view/repository" -) - -const ( - grantedProjectTable = "management.project_grants" -) - -func (v *View) ProjectGrantByID(grantID string) (*model.ProjectGrantView, error) { - return view.ProjectGrantByID(v.Db, grantedProjectTable, grantID) -} - -func (v *View) ProjectGrantByProjectAndOrg(projectID, orgID string) (*model.ProjectGrantView, error) { - return view.ProjectGrantByProjectAndOrg(v.Db, grantedProjectTable, projectID, orgID) -} - -func (v *View) ProjectGrantsByProjectID(projectID string) ([]*model.ProjectGrantView, error) { - return view.ProjectGrantsByProjectID(v.Db, grantedProjectTable, projectID) -} - -func (v *View) ProjectGrantsByProjectIDAndRoleKey(projectID, key string) ([]*model.ProjectGrantView, error) { - return view.ProjectGrantsByProjectIDAndRoleKey(v.Db, grantedProjectTable, projectID, key) -} - -func (v *View) SearchProjectGrants(request *proj_model.ProjectGrantViewSearchRequest) ([]*model.ProjectGrantView, uint64, error) { - return view.SearchProjectGrants(v.Db, grantedProjectTable, request) -} - -func (v *View) PutProjectGrant(grant *model.ProjectGrantView, event *models.Event) error { - err := view.PutProjectGrant(v.Db, grantedProjectTable, grant) - if err != nil { - return err - } - return v.ProcessedProjectGrantSequence(event) -} - -func (v *View) PutProjectGrants(grants []*model.ProjectGrantView, event *models.Event) error { - err := view.PutProjectGrants(v.Db, grantedProjectTable, grants...) - if err != nil { - return err - } - return v.ProcessedProjectGrantSequence(event) -} - -func (v *View) DeleteProjectGrant(grantID string, event *models.Event) error { - err := view.DeleteProjectGrant(v.Db, grantedProjectTable, grantID) - if err != nil { - return err - } - return v.ProcessedProjectGrantSequence(event) -} - -func (v *View) DeleteProjectGrantsByProjectID(projectID string) error { - return view.DeleteProjectGrantsByProjectID(v.Db, grantedProjectTable, projectID) -} - -func (v *View) GetLatestProjectGrantSequence() (*repository.CurrentSequence, error) { - return v.latestSequence(grantedProjectTable) -} - -func (v *View) ProcessedProjectGrantSequence(event *models.Event) error { - return v.saveCurrentSequence(grantedProjectTable, event) -} - -func (v *View) UpdateProjectGrantSpoolerRunTimestamp() error { - return v.updateSpoolerRunSequence(grantedProjectTable) -} - -func (v *View) GetLatestProjectGrantFailedEvent(sequence uint64) (*repository.FailedEvent, error) { - return v.latestFailedEvent(grantedProjectTable, sequence) -} - -func (v *View) ProcessedProjectGrantFailedEvent(failedEvent *repository.FailedEvent) error { - return v.saveFailedEvent(failedEvent) -} diff --git a/internal/management/repository/project.go b/internal/management/repository/project.go index 155ae53636..bf4b94b19a 100644 --- a/internal/management/repository/project.go +++ b/internal/management/repository/project.go @@ -11,19 +11,10 @@ import ( ) type ProjectRepository interface { - ProjectByID(ctx context.Context, id string) (*model.ProjectView, error) - SearchProjects(ctx context.Context, request *model.ProjectViewSearchRequest) (*model.ProjectViewSearchResponse, error) - - ProjectGrantsByProjectIDAndRoleKey(ctx context.Context, projectID, roleKey string) ([]*model.ProjectGrantView, error) - SearchProjectGrants(ctx context.Context, request *model.ProjectGrantViewSearchRequest) (*model.ProjectGrantViewSearchResponse, error) - SearchGrantedProjects(ctx context.Context, request *model.ProjectGrantViewSearchRequest) (*model.ProjectGrantViewSearchResponse, error) - ProjectGrantViewByID(ctx context.Context, grantID string) (*model.ProjectGrantView, error) - ProjectMemberByID(ctx context.Context, projectID, userID string) (*model.ProjectMemberView, error) SearchProjectMembers(ctx context.Context, request *model.ProjectMemberSearchRequest) (*model.ProjectMemberSearchResponse, error) GetProjectMemberRoles(ctx context.Context) ([]string, error) - SearchProjectRoles(ctx context.Context, projectId string, request *model.ProjectRoleSearchRequest) (*model.ProjectRoleSearchResponse, error) ProjectChanges(ctx context.Context, id string, lastSequence uint64, limit uint64, sortAscending bool, retention time.Duration) (*model.ProjectChanges, error) ApplicationByID(ctx context.Context, projectID, appID string) (*model.ApplicationView, error) @@ -32,9 +23,7 @@ type ProjectRepository interface { SearchClientKeys(ctx context.Context, request *key_model.AuthNKeySearchRequest) (*key_model.AuthNKeySearchResponse, error) GetClientKey(ctx context.Context, projectID, applicationID, keyID string) (*key_model.AuthNKeyView, error) - ProjectGrantByID(ctx context.Context, grantID string) (*model.ProjectGrantView, error) SearchProjectGrantMembers(ctx context.Context, request *model.ProjectGrantMemberSearchRequest) (*model.ProjectGrantMemberSearchResponse, error) - SearchProjectGrantRoles(ctx context.Context, projectID, grantID string, request *model.ProjectRoleSearchRequest) (*model.ProjectRoleSearchResponse, error) ProjectGrantMemberByID(ctx context.Context, projectID, userID string) (*model.ProjectGrantMemberView, error) GetProjectGrantMemberRoles() []string diff --git a/internal/project/repository/view/model/project_grant_member_test.go b/internal/project/repository/view/model/project_grant_member_test.go index d41b49f35f..87d65e9dfc 100644 --- a/internal/project/repository/view/model/project_grant_member_test.go +++ b/internal/project/repository/view/model/project_grant_member_test.go @@ -2,11 +2,12 @@ package model import ( "encoding/json" + "reflect" + "testing" + es_models "github.com/caos/zitadel/internal/eventstore/v1/models" es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model" "github.com/lib/pq" - "reflect" - "testing" ) func mockProjectGrantMemberData(member *es_model.ProjectGrantMember) []byte { diff --git a/internal/project/repository/view/model/project_grant_test.go b/internal/project/repository/view/model/project_grant_test.go index 4cc811ee90..bd59a2397b 100644 --- a/internal/project/repository/view/model/project_grant_test.go +++ b/internal/project/repository/view/model/project_grant_test.go @@ -33,34 +33,34 @@ func TestProjectGrantAppendEvent(t *testing.T) { { name: "append added project grant event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantAdded, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID", GrantedOrgID: "GrantedOrgID", RoleKeys: pq.StringArray{"Role"}})}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantAdded, ResourceOwner: "GrantedOrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID", GrantedOrgID: "GrantedOrgID", RoleKeys: pq.StringArray{"Role"}})}, project: &ProjectGrantView{}, }, - result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, + result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, }, { name: "append change project grant event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantChanged, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID", RoleKeys: pq.StringArray{"RoleChanged"}})}, - project: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantChanged, ResourceOwner: "GrantedOrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID", RoleKeys: pq.StringArray{"RoleChanged"}})}, + project: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, }, - result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"RoleChanged"}}, + result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"RoleChanged"}}, }, { name: "append deactivate project grant event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantDeactivated, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID"})}, - project: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantDeactivated, ResourceOwner: "GrantedOrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID"})}, + project: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, }, - result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateInactive), GrantedRoleKeys: pq.StringArray{"Role"}}, + result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateInactive), GrantedRoleKeys: pq.StringArray{"Role"}}, }, { name: "append reactivate project grant event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantReactivated, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID"})}, - project: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateInactive), GrantedRoleKeys: pq.StringArray{"Role"}}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantReactivated, ResourceOwner: "GrantedOrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "ProjectGrantID"})}, + project: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateInactive), GrantedRoleKeys: pq.StringArray{"Role"}}, }, - result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, + result: &ProjectGrantView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", OrgID: "GrantedOrgID", State: int32(model.ProjectStateActive), GrantedRoleKeys: pq.StringArray{"Role"}}, }, } for _, tt := range tests { diff --git a/internal/project/repository/view/model/project_member_test.go b/internal/project/repository/view/model/project_member_test.go index 9265a1e04d..8de576ec73 100644 --- a/internal/project/repository/view/model/project_member_test.go +++ b/internal/project/repository/view/model/project_member_test.go @@ -2,11 +2,12 @@ package model import ( "encoding/json" + "reflect" + "testing" + es_models "github.com/caos/zitadel/internal/eventstore/v1/models" es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model" "github.com/lib/pq" - "reflect" - "testing" ) func mockProjectMemberData(member *es_model.ProjectMember) []byte { diff --git a/internal/project/repository/view/model/project_role.go b/internal/project/repository/view/model/project_role.go index a1c3da4798..99d4e56355 100644 --- a/internal/project/repository/view/model/project_role.go +++ b/internal/project/repository/view/model/project_role.go @@ -31,20 +31,6 @@ type ProjectRoleView struct { ChangeDate time.Time `json:"-" gorm:"column:change_date"` } -func ProjectRoleViewFromModel(role *model.ProjectRoleView) *ProjectRoleView { - return &ProjectRoleView{ - ResourceOwner: role.ResourceOwner, - OrgID: role.OrgID, - ProjectID: role.ProjectID, - Key: role.Key, - DisplayName: role.DisplayName, - Group: role.Group, - Sequence: role.Sequence, - CreationDate: role.CreationDate, - ChangeDate: role.ChangeDate, - } -} - func ProjectRoleToModel(role *ProjectRoleView) *model.ProjectRoleView { return &model.ProjectRoleView{ ResourceOwner: role.ResourceOwner, diff --git a/internal/project/repository/view/model/project_role_test.go b/internal/project/repository/view/model/project_role_test.go index 46e3cafb02..352351b8ec 100644 --- a/internal/project/repository/view/model/project_role_test.go +++ b/internal/project/repository/view/model/project_role_test.go @@ -2,9 +2,10 @@ package model import ( "encoding/json" + "testing" + es_models "github.com/caos/zitadel/internal/eventstore/v1/models" es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model" - "testing" ) func mockProjectRoleData(member *es_model.ProjectRole) []byte { diff --git a/internal/project/repository/view/model/project_test.go b/internal/project/repository/view/model/project_test.go index 1a004b4c50..ec726ae882 100644 --- a/internal/project/repository/view/model/project_test.go +++ b/internal/project/repository/view/model/project_test.go @@ -20,34 +20,34 @@ func TestProjectAppendEvent(t *testing.T) { { name: "append added project event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectAdded, ResourceOwner: "OrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectName"})}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectAdded, ResourceOwner: "GrantedOrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectName"})}, project: &ProjectView{}, }, - result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, + result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, }, { name: "append change project event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectChanged, ResourceOwner: "OrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectNameChanged"})}, - project: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectChanged, ResourceOwner: "GrantedOrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectNameChanged"})}, + project: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, }, - result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", Name: "ProjectNameChanged", State: int32(model.ProjectStateActive)}, + result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", Name: "ProjectNameChanged", State: int32(model.ProjectStateActive)}, }, { name: "append project deactivate event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectDeactivated, ResourceOwner: "OrgID"}, - project: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectDeactivated, ResourceOwner: "GrantedOrgID"}, + project: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, }, - result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.ProjectStateInactive)}, + result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", Name: "ProjectName", State: int32(model.ProjectStateInactive)}, }, { name: "append project reactivate event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectReactivated, ResourceOwner: "OrgID"}, - project: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.ProjectStateInactive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectReactivated, ResourceOwner: "GrantedOrgID"}, + project: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", Name: "ProjectName", State: int32(model.ProjectStateInactive)}, }, - result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, + result: &ProjectView{ProjectID: "AggregateID", ResourceOwner: "GrantedOrgID", Name: "ProjectName", State: int32(model.ProjectStateActive)}, }, } for _, tt := range tests { diff --git a/internal/query/project.go b/internal/query/project.go new file mode 100644 index 0000000000..b6d37a3054 --- /dev/null +++ b/internal/query/project.go @@ -0,0 +1,268 @@ +package query + +import ( + "context" + "database/sql" + errs "errors" + "time" + + sq "github.com/Masterminds/squirrel" + "github.com/caos/zitadel/internal/api/authz" + "github.com/caos/zitadel/internal/query/projection" + + "github.com/caos/zitadel/internal/domain" + "github.com/caos/zitadel/internal/errors" +) + +var ( + projectsTable = table{ + name: projection.ProjectProjectionTable, + } + ProjectColumnID = Column{ + name: projection.ProjectColumnID, + table: projectsTable, + } + ProjectColumnName = Column{ + name: projection.ProjectColumnName, + table: projectsTable, + } + ProjectColumnProjectRoleAssertion = Column{ + name: projection.ProjectColumnProjectRoleAssertion, + table: projectsTable, + } + ProjectColumnProjectRoleCheck = Column{ + name: projection.ProjectColumnProjectRoleCheck, + table: projectsTable, + } + ProjectColumnHasProjectCheck = Column{ + name: projection.ProjectColumnHasProjectCheck, + table: projectsTable, + } + ProjectColumnPrivateLabelingSetting = Column{ + name: projection.ProjectColumnPrivateLabelingSetting, + table: projectsTable, + } + ProjectColumnCreationDate = Column{ + name: projection.ProjectColumnCreationDate, + table: projectsTable, + } + ProjectColumnChangeDate = Column{ + name: projection.ProjectColumnChangeDate, + table: projectsTable, + } + ProjectColumnResourceOwner = Column{ + name: projection.ProjectColumnResourceOwner, + table: projectsTable, + } + ProjectColumnCreator = Column{ + name: projection.ProjectColumnCreator, + table: projectsTable, + } + ProjectColumnSequence = Column{ + name: projection.ProjectColumnSequence, + table: projectsTable, + } + ProjectColumnState = Column{ + name: projection.ProjectColumnState, + table: projectsTable, + } +) + +type Projects struct { + SearchResponse + Projects []*Project +} + +type Project struct { + ID string + CreationDate time.Time + ChangeDate time.Time + ResourceOwner string + State domain.ProjectState + Sequence uint64 + + Name string + ProjectRoleAssertion bool + ProjectRoleCheck bool + HasProjectCheck bool + PrivateLabelingSetting domain.PrivateLabelingSetting +} + +type ProjectSearchQueries struct { + SearchRequest + Queries []SearchQuery +} + +func (q *Queries) ProjectByID(ctx context.Context, id string) (*Project, error) { + stmt, scan := prepareProjectQuery() + query, args, err := stmt.Where(sq.Eq{ + ProjectColumnID.identifier(): id, + }).ToSql() + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-2m00Q", "Errors.Query.SQLStatment") + } + + row := q.client.QueryRowContext(ctx, query, args...) + return scan(row) +} + +func (q *Queries) ExistsProject(ctx context.Context, id string) (err error) { + _, err = q.ProjectByID(ctx, id) + return err +} + +func (q *Queries) SearchProjects(ctx context.Context, queries *ProjectSearchQueries) (projects *Projects, err error) { + query, scan := prepareProjectsQuery() + stmt, args, err := queries.toQuery(query).ToSql() + if err != nil { + return nil, errors.ThrowInvalidArgument(err, "QUERY-fn9ew", "Errors.Query.InvalidRequest") + } + + rows, err := q.client.QueryContext(ctx, stmt, args...) + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-2j00f", "Errors.Internal") + } + projects, err = scan(rows) + if err != nil { + return nil, err + } + projects.LatestSequence, err = q.latestSequence(ctx, projectsTable) + return projects, err +} + +func NewProjectNameSearchQuery(method TextComparison, value string) (SearchQuery, error) { + return NewTextQuery(ProjectColumnName, value, method) +} + +func NewProjectIDSearchQuery(ids []string) (SearchQuery, error) { + list := make([]interface{}, len(ids)) + for i, value := range ids { + list[i] = value + } + return NewListQuery(ProjectColumnID, list, ListIn) +} + +func NewProjectResourceOwnerSearchQuery(value string) (SearchQuery, error) { + return NewTextQuery(ProjectColumnResourceOwner, value, TextEquals) +} + +func (r *ProjectSearchQueries) AppendMyResourceOwnerQuery(orgID string) error { + query, err := NewProjectResourceOwnerSearchQuery(orgID) + if err != nil { + return err + } + r.Queries = append(r.Queries, query) + return nil +} + +func (r ProjectSearchQueries) AppendPermissionQueries(permissions []string) error { + if !authz.HasGlobalPermission(permissions) { + ids := authz.GetAllPermissionCtxIDs(permissions) + query, err := NewProjectIDSearchQuery(ids) + if err != nil { + return err + } + r.Queries = append(r.Queries, query) + } + return nil +} + +func (q *ProjectSearchQueries) toQuery(query sq.SelectBuilder) sq.SelectBuilder { + query = q.SearchRequest.toQuery(query) + for _, q := range q.Queries { + query = q.ToQuery(query) + } + return query +} + +func prepareProjectQuery() (sq.SelectBuilder, func(*sql.Row) (*Project, error)) { + return sq.Select( + ProjectColumnID.identifier(), + ProjectColumnCreationDate.identifier(), + ProjectColumnChangeDate.identifier(), + ProjectColumnResourceOwner.identifier(), + ProjectColumnState.identifier(), + ProjectColumnSequence.identifier(), + ProjectColumnName.identifier(), + ProjectColumnProjectRoleAssertion.identifier(), + ProjectColumnProjectRoleCheck.identifier(), + ProjectColumnHasProjectCheck.identifier(), + ProjectColumnPrivateLabelingSetting.identifier()). + From(projectsTable.identifier()).PlaceholderFormat(sq.Dollar), + func(row *sql.Row) (*Project, error) { + p := new(Project) + err := row.Scan( + &p.ID, + &p.CreationDate, + &p.ChangeDate, + &p.ResourceOwner, + &p.State, + &p.Sequence, + &p.Name, + &p.ProjectRoleAssertion, + &p.ProjectRoleCheck, + &p.HasProjectCheck, + &p.PrivateLabelingSetting, + ) + if err != nil { + if errs.Is(err, sql.ErrNoRows) { + return nil, errors.ThrowNotFound(err, "QUERY-fk2fs", "Errors.Project.NotFound") + } + return nil, errors.ThrowInternal(err, "QUERY-dj2FF", "Errors.Internal") + } + return p, nil + } +} + +func prepareProjectsQuery() (sq.SelectBuilder, func(*sql.Rows) (*Projects, error)) { + return sq.Select( + ProjectColumnID.identifier(), + ProjectColumnCreationDate.identifier(), + ProjectColumnChangeDate.identifier(), + ProjectColumnResourceOwner.identifier(), + ProjectColumnState.identifier(), + ProjectColumnSequence.identifier(), + ProjectColumnName.identifier(), + ProjectColumnProjectRoleAssertion.identifier(), + ProjectColumnProjectRoleCheck.identifier(), + ProjectColumnHasProjectCheck.identifier(), + ProjectColumnPrivateLabelingSetting.identifier(), + countColumn.identifier()). + From(projectsTable.identifier()).PlaceholderFormat(sq.Dollar), + func(rows *sql.Rows) (*Projects, error) { + projects := make([]*Project, 0) + var count uint64 + for rows.Next() { + project := new(Project) + err := rows.Scan( + &project.ID, + &project.CreationDate, + &project.ChangeDate, + &project.ResourceOwner, + &project.State, + &project.Sequence, + &project.Name, + &project.ProjectRoleAssertion, + &project.ProjectRoleCheck, + &project.HasProjectCheck, + &project.PrivateLabelingSetting, + &count, + ) + if err != nil { + return nil, err + } + projects = append(projects, project) + } + + if err := rows.Close(); err != nil { + return nil, errors.ThrowInternal(err, "QUERY-QMXJv", "Errors.Query.CloseRows") + } + + return &Projects{ + Projects: projects, + SearchResponse: SearchResponse{ + Count: count, + }, + }, nil + } +} diff --git a/internal/query/project_grant.go b/internal/query/project_grant.go new file mode 100644 index 0000000000..8b058bd9a9 --- /dev/null +++ b/internal/query/project_grant.go @@ -0,0 +1,330 @@ +package query + +import ( + "context" + "database/sql" + errs "errors" + "time" + + sq "github.com/Masterminds/squirrel" + "github.com/caos/zitadel/internal/api/authz" + "github.com/caos/zitadel/internal/query/projection" + "github.com/lib/pq" + + "github.com/caos/zitadel/internal/domain" + "github.com/caos/zitadel/internal/errors" +) + +const ( + ProjectGrantGrantedOrgTableAlias = "o" + ProjectGrantResourceOwnerTableAlias = "r" +) + +var ( + projectGrantsTable = table{ + name: projection.ProjectGrantProjectionTable, + } + ProjectGrantColumnCreationDate = Column{ + name: projection.ProjectGrantColumnCreationDate, + table: projectGrantsTable, + } + ProjectGrantColumnChangeDate = Column{ + name: projection.ProjectGrantColumnChangeDate, + table: projectGrantsTable, + } + ProjectGrantColumnResourceOwner = Column{ + name: projection.ProjectGrantColumnResourceOwner, + table: projectGrantsTable, + } + ProjectGrantColumnState = Column{ + name: projection.ProjectGrantColumnState, + table: projectGrantsTable, + } + ProjectGrantColumnSequence = Column{ + name: projection.ProjectGrantColumnSequence, + table: projectGrantsTable, + } + ProjectGrantColumnProjectID = Column{ + name: projection.ProjectGrantColumnProjectID, + table: projectGrantsTable, + } + ProjectGrantColumnGrantedOrgID = Column{ + name: projection.ProjectGrantColumnGrantedOrgID, + table: projectGrantsTable, + } + ProjectGrantColumnGrantID = Column{ + name: projection.ProjectGrantColumnGrantID, + table: projectGrantsTable, + } + ProjectGrantColumnGrantedRoleKeys = Column{ + name: projection.ProjectGrantColumnRoleKeys, + table: projectGrantsTable, + } + ProjectGrantColumnCreator = Column{ + name: projection.ProjectGrantColumnCreator, + table: projectGrantsTable, + } + ProjectGrantColumnGrantedOrgName = Column{ + name: projection.OrgColumnName, + table: orgsTable.setAlias(ProjectGrantGrantedOrgTableAlias), + } + ProjectGrantColumnResourceOwnerName = Column{ + name: projection.OrgColumnName, + table: orgsTable.setAlias(ProjectGrantResourceOwnerTableAlias), + } +) + +type ProjectGrants struct { + SearchResponse + ProjectGrants []*ProjectGrant +} + +type ProjectGrant struct { + ProjectID string + GrantID string + CreationDate time.Time + ChangeDate time.Time + ResourceOwner string + State domain.ProjectGrantState + Sequence uint64 + + ProjectName string + GrantedOrgID string + OrgName string + GrantedRoleKeys pq.StringArray + ResourceOwnerName string +} + +type ProjectGrantSearchQueries struct { + SearchRequest + Queries []SearchQuery +} + +func (q *Queries) ProjectGrantByID(ctx context.Context, id string) (*ProjectGrant, error) { + stmt, scan := prepareProjectGrantQuery() + query, args, err := stmt.Where(sq.Eq{ + ProjectGrantColumnGrantID.identifier(): id, + }).ToSql() + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-Nf93d", "Errors.Query.SQLStatment") + } + + row := q.client.QueryRowContext(ctx, query, args...) + return scan(row) +} + +func (q *Queries) ProjectGrantByIDAndGrantedOrg(ctx context.Context, id, grantedOrg string) (*ProjectGrant, error) { + stmt, scan := prepareProjectGrantQuery() + query, args, err := stmt.Where(sq.Eq{ + ProjectGrantColumnGrantID.identifier(): id, + ProjectGrantColumnGrantedOrgID.identifier(): grantedOrg, + }).ToSql() + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-MO9fs", "Errors.Query.SQLStatment") + } + + row := q.client.QueryRowContext(ctx, query, args...) + return scan(row) +} + +func (q *Queries) ExistsProjectGrant(ctx context.Context, id string) (err error) { + _, err = q.ProjectGrantByID(ctx, id) + return err +} + +func (q *Queries) SearchProjectGrants(ctx context.Context, queries *ProjectGrantSearchQueries) (projects *ProjectGrants, err error) { + query, scan := prepareProjectGrantsQuery() + stmt, args, err := queries.toQuery(query).ToSql() + if err != nil { + return nil, errors.ThrowInvalidArgument(err, "QUERY-N9fsg", "Errors.Query.InvalidRequest") + } + + rows, err := q.client.QueryContext(ctx, stmt, args...) + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-PP02n", "Errors.Internal") + } + projects, err = scan(rows) + if err != nil { + return nil, err + } + projects.LatestSequence, err = q.latestSequence(ctx, projectGrantsTable) + return projects, err +} + +func (q *Queries) SearchProjectGrantsByProjectIDAndRoleKey(ctx context.Context, projectID, roleKey string) (projects *ProjectGrants, err error) { + searchQuery := &ProjectGrantSearchQueries{ + SearchRequest: SearchRequest{}, + Queries: make([]SearchQuery, 2), + } + searchQuery.Queries[0], err = NewProjectGrantProjectIDSearchQuery(TextEquals, projectID) + if err != nil { + return nil, err + } + searchQuery.Queries[1], err = NewProjectGrantRoleKeySearchQuery(roleKey) + if err != nil { + return nil, err + } + return q.SearchProjectGrants(ctx, searchQuery) +} + +func NewProjectGrantProjectIDSearchQuery(method TextComparison, value string) (SearchQuery, error) { + return NewTextQuery(ProjectGrantColumnProjectID, value, method) +} + +func NewProjectGrantIDsSearchQuery(values []string) (SearchQuery, error) { + list := make([]interface{}, len(values)) + for i, value := range values { + list[i] = value + } + return NewListQuery(ProjectGrantColumnGrantID, list, ListIn) +} +func NewProjectGrantProjectNameSearchQuery(method TextComparison, value string) (SearchQuery, error) { + return NewTextQuery(ProjectColumnName, value, method) +} + +func NewProjectGrantRoleKeySearchQuery(value string) (SearchQuery, error) { + return NewTextQuery(ProjectGrantColumnGrantedRoleKeys, value, TextListContains) +} + +func NewProjectGrantResourceOwnerSearchQuery(value string) (SearchQuery, error) { + return NewTextQuery(ProjectGrantColumnResourceOwner, value, TextEquals) +} + +func (r *ProjectGrantSearchQueries) AppendMyResourceOwnerQuery(orgID string) error { + query, err := NewProjectGrantResourceOwnerSearchQuery(orgID) + if err != nil { + return err + } + r.Queries = append(r.Queries, query) + return nil +} + +func (r ProjectGrantSearchQueries) AppendPermissionQueries(permissions []string) error { + if !authz.HasGlobalPermission(permissions) { + ids := authz.GetAllPermissionCtxIDs(permissions) + query, err := NewProjectGrantIDsSearchQuery(ids) + if err != nil { + return err + } + r.Queries = append(r.Queries, query) + } + return nil +} + +func (q *ProjectGrantSearchQueries) toQuery(query sq.SelectBuilder) sq.SelectBuilder { + query = q.SearchRequest.toQuery(query) + for _, q := range q.Queries { + query = q.ToQuery(query) + } + return query +} + +func prepareProjectGrantQuery() (sq.SelectBuilder, func(*sql.Row) (*ProjectGrant, error)) { + resourceOwnerOrgTable := orgsTable.setAlias(ProjectGrantResourceOwnerTableAlias) + resourceOwnerIDColumn := OrgColumnID.setTable(resourceOwnerOrgTable) + grantedOrgTable := orgsTable.setAlias(ProjectGrantGrantedOrgTableAlias) + grantedOrgIDColumn := OrgColumnID.setTable(grantedOrgTable) + return sq.Select( + ProjectGrantColumnProjectID.identifier(), + ProjectGrantColumnGrantID.identifier(), + ProjectGrantColumnCreationDate.identifier(), + ProjectGrantColumnChangeDate.identifier(), + ProjectGrantColumnResourceOwner.identifier(), + ProjectGrantColumnState.identifier(), + ProjectGrantColumnSequence.identifier(), + ProjectColumnName.identifier(), + ProjectGrantColumnGrantedOrgID.identifier(), + ProjectGrantColumnGrantedOrgName.identifier(), + ProjectGrantColumnGrantedRoleKeys.identifier(), + ProjectGrantColumnResourceOwnerName.identifier()). + From(projectGrantsTable.identifier()).PlaceholderFormat(sq.Dollar). + LeftJoin(join(ProjectColumnID, ProjectGrantColumnProjectID)). + LeftJoin(join(resourceOwnerIDColumn, ProjectGrantColumnResourceOwner)). + LeftJoin(join(grantedOrgIDColumn, ProjectGrantColumnResourceOwner)), + func(row *sql.Row) (*ProjectGrant, error) { + p := new(ProjectGrant) + err := row.Scan( + &p.ProjectID, + &p.GrantID, + &p.CreationDate, + &p.ChangeDate, + &p.ResourceOwner, + &p.State, + &p.Sequence, + &p.ProjectName, + &p.GrantedOrgID, + &p.OrgName, + &p.GrantedRoleKeys, + &p.ResourceOwnerName, + ) + if err != nil { + if errs.Is(err, sql.ErrNoRows) { + return nil, errors.ThrowNotFound(err, "QUERY-n98GGs", "Errors.ProjectGrant.NotFound") + } + return nil, errors.ThrowInternal(err, "QUERY-w9fsH", "Errors.Internal") + } + return p, nil + } +} + +func prepareProjectGrantsQuery() (sq.SelectBuilder, func(*sql.Rows) (*ProjectGrants, error)) { + resourceOwnerOrgTable := orgsTable.setAlias(ProjectGrantResourceOwnerTableAlias) + resourceOwnerIDColumn := OrgColumnID.setTable(resourceOwnerOrgTable) + grantedOrgTable := orgsTable.setAlias(ProjectGrantGrantedOrgTableAlias) + grantedOrgIDColumn := OrgColumnID.setTable(grantedOrgTable) + return sq.Select( + ProjectGrantColumnProjectID.identifier(), + ProjectGrantColumnGrantID.identifier(), + ProjectGrantColumnCreationDate.identifier(), + ProjectGrantColumnChangeDate.identifier(), + ProjectGrantColumnResourceOwner.identifier(), + ProjectGrantColumnState.identifier(), + ProjectGrantColumnSequence.identifier(), + ProjectColumnName.identifier(), + ProjectGrantColumnGrantedOrgID.identifier(), + ProjectGrantColumnGrantedOrgName.identifier(), + ProjectGrantColumnGrantedRoleKeys.identifier(), + ProjectGrantColumnResourceOwnerName.identifier(), + countColumn.identifier()). + From(projectGrantsTable.identifier()).PlaceholderFormat(sq.Dollar). + LeftJoin(join(ProjectColumnID, ProjectGrantColumnProjectID)). + LeftJoin(join(resourceOwnerIDColumn, ProjectGrantColumnResourceOwner)). + LeftJoin(join(grantedOrgIDColumn, ProjectGrantColumnResourceOwner)), + func(rows *sql.Rows) (*ProjectGrants, error) { + projects := make([]*ProjectGrant, 0) + var count uint64 + for rows.Next() { + project := new(ProjectGrant) + err := rows.Scan( + &project.ProjectID, + &project.GrantID, + &project.CreationDate, + &project.ChangeDate, + &project.ResourceOwner, + &project.State, + &project.Sequence, + &project.ProjectName, + &project.GrantedOrgID, + &project.OrgName, + &project.GrantedRoleKeys, + &project.ResourceOwnerName, + &count, + ) + if err != nil { + return nil, err + } + projects = append(projects, project) + } + + if err := rows.Close(); err != nil { + return nil, errors.ThrowInternal(err, "QUERY-K9gEE", "Errors.Query.CloseRows") + } + + return &ProjectGrants{ + ProjectGrants: projects, + SearchResponse: SearchResponse{ + Count: count, + }, + }, nil + } +} diff --git a/internal/query/project_role.go b/internal/query/project_role.go new file mode 100644 index 0000000000..172d36223c --- /dev/null +++ b/internal/query/project_role.go @@ -0,0 +1,285 @@ +package query + +import ( + "context" + "database/sql" + errs "errors" + "time" + + sq "github.com/Masterminds/squirrel" + "github.com/caos/zitadel/internal/errors" + "github.com/caos/zitadel/internal/query/projection" +) + +var ( + projectRolesTable = table{ + name: projection.ProjectRoleProjectionTable, + } + ProjectRoleColumnCreationDate = Column{ + name: projection.ProjectRoleColumnCreationDate, + table: projectRolesTable, + } + ProjectRoleColumnChangeDate = Column{ + name: projection.ProjectRoleColumnChangeDate, + table: projectRolesTable, + } + ProjectRoleColumnResourceOwner = Column{ + name: projection.ProjectRoleColumnResourceOwner, + table: projectRolesTable, + } + ProjectRoleColumnSequence = Column{ + name: projection.ProjectRoleColumnSequence, + table: projectRolesTable, + } + ProjectRoleColumnProjectID = Column{ + name: projection.ProjectRoleColumnProjectID, + table: projectRolesTable, + } + ProjectRoleColumnKey = Column{ + name: projection.ProjectRoleColumnKey, + table: projectRolesTable, + } + ProjectRoleColumnDisplayName = Column{ + name: projection.ProjectRoleColumnDisplayName, + table: projectRolesTable, + } + ProjectRoleColumnGroupName = Column{ + name: projection.ProjectRoleColumnGroupName, + table: projectRolesTable, + } + ProjectRoleColumnCreator = Column{ + name: projection.ProjectRoleColumnCreator, + table: projectRolesTable, + } +) + +type ProjectRoles struct { + SearchResponse + ProjectRoles []*ProjectRole +} + +type ProjectRole struct { + ProjectID string + CreationDate time.Time + ChangeDate time.Time + ResourceOwner string + Sequence uint64 + + Key string + DisplayName string + Group string +} + +type ProjectRoleSearchQueries struct { + SearchRequest + Queries []SearchQuery +} + +func (q *Queries) ProjectRoleByID(ctx context.Context, projectID, key string) (*ProjectRole, error) { + stmt, scan := prepareProjectRoleQuery() + query, args, err := stmt. + Where(sq.Eq{ + ProjectRoleColumnProjectID.identifier(): projectID, + ProjectRoleColumnKey.identifier(): key, + }).ToSql() + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-2N0fs", "Errors.Query.SQLStatment") + } + + row := q.client.QueryRowContext(ctx, query, args...) + return scan(row) +} + +func (q *Queries) ExistsProjectRole(ctx context.Context, projectID, key string) (err error) { + _, err = q.ProjectRoleByID(ctx, projectID, key) + return err +} + +func (q *Queries) SearchProjectRoles(ctx context.Context, queries *ProjectRoleSearchQueries) (projects *ProjectRoles, err error) { + query, scan := q.prepareProjectRolesQuery() + stmt, args, err := queries.toQuery(query).ToSql() + if err != nil { + return nil, errors.ThrowInvalidArgument(err, "QUERY-3N9ff", "Errors.Query.InvalidRequest") + } + + rows, err := q.client.QueryContext(ctx, stmt, args...) + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-5Ngd9", "Errors.Internal") + } + projects, err = scan(rows) + if err != nil { + return nil, err + } + projects.LatestSequence, err = q.latestSequence(ctx, projectRolesTable) + return projects, err +} + +func (q *Queries) SearchGrantedProjectRoles(ctx context.Context, grantID, grantedOrg string, queries *ProjectRoleSearchQueries) (projects *ProjectRoles, err error) { + grant, err := q.ProjectGrantByIDAndGrantedOrg(ctx, grantID, grantedOrg) + if err != nil { + return nil, err + } + err = queries.AppendRoleKeysQuery(grant.GrantedRoleKeys) + if err != nil { + return nil, err + } + query, scan := q.prepareProjectRolesQuery() + stmt, args, err := queries.toQuery(query).ToSql() + if err != nil { + return nil, errors.ThrowInvalidArgument(err, "QUERY-3N9ff", "Errors.Query.InvalidRequest") + } + + rows, err := q.client.QueryContext(ctx, stmt, args...) + if err != nil { + return nil, errors.ThrowInternal(err, "QUERY-5Ngd9", "Errors.Internal") + } + projects, err = scan(rows) + if err != nil { + return nil, err + } + projects.LatestSequence, err = q.latestSequence(ctx, projectRolesTable) + return projects, err +} + +func NewProjectRoleProjectIDSearchQuery(method TextComparison, value string) (SearchQuery, error) { + return NewTextQuery(ProjectRoleColumnProjectID, value, method) +} + +func NewProjectRoleResourceOwnerSearchQuery(value string) (SearchQuery, error) { + return NewTextQuery(ProjectRoleColumnResourceOwner, value, TextEquals) +} + +func NewProjectRoleKeySearchQuery(method TextComparison, value string) (SearchQuery, error) { + return NewTextQuery(ProjectRoleColumnKey, value, method) +} + +func NewProjectRoleKeysSearchQuery(values []string) (SearchQuery, error) { + list := make([]interface{}, len(values)) + for i, value := range values { + list[i] = value + } + return NewListQuery(ProjectRoleColumnKey, list, ListIn) +} + +func NewProjectRoleDisplayNameSearchQuery(method TextComparison, value string) (SearchQuery, error) { + return NewTextQuery(ProjectRoleColumnDisplayName, value, method) +} + +func NewProjectRoleGroupSearchQuery(method TextComparison, value string) (SearchQuery, error) { + return NewTextQuery(ProjectRoleColumnGroupName, value, method) +} + +func (r *ProjectRoleSearchQueries) AppendProjectIDQuery(projectID string) error { + query, err := NewProjectRoleProjectIDSearchQuery(TextEquals, projectID) + if err != nil { + return err + } + r.Queries = append(r.Queries, query) + return nil +} + +func (r *ProjectRoleSearchQueries) AppendMyResourceOwnerQuery(orgID string) error { + query, err := NewProjectRoleResourceOwnerSearchQuery(orgID) + if err != nil { + return err + } + r.Queries = append(r.Queries, query) + return nil +} + +func (r *ProjectRoleSearchQueries) AppendRoleKeysQuery(keys []string) error { + query, err := NewProjectRoleKeysSearchQuery(keys) + if err != nil { + return err + } + r.Queries = append(r.Queries, query) + return nil +} + +func (q *ProjectRoleSearchQueries) toQuery(query sq.SelectBuilder) sq.SelectBuilder { + query = q.SearchRequest.toQuery(query) + for _, q := range q.Queries { + query = q.ToQuery(query) + } + return query +} + +func prepareProjectRoleQuery() (sq.SelectBuilder, func(*sql.Row) (*ProjectRole, error)) { + return sq.Select( + ProjectRoleColumnProjectID.identifier(), + ProjectRoleColumnCreationDate.identifier(), + ProjectRoleColumnChangeDate.identifier(), + ProjectRoleColumnResourceOwner.identifier(), + ProjectRoleColumnSequence.identifier(), + ProjectRoleColumnKey.identifier(), + ProjectRoleColumnDisplayName.identifier(), + ProjectRoleColumnGroupName.identifier()). + From(projectRolesTable.identifier()).PlaceholderFormat(sq.Dollar), + func(row *sql.Row) (*ProjectRole, error) { + p := new(ProjectRole) + err := row.Scan( + &p.ProjectID, + &p.CreationDate, + &p.ChangeDate, + &p.ResourceOwner, + &p.Sequence, + &p.Key, + &p.DisplayName, + &p.Group, + ) + if err != nil { + if errs.Is(err, sql.ErrNoRows) { + return nil, errors.ThrowNotFound(err, "QUERY-Mf0wf", "Errors.ProjectRole.NotFound") + } + return nil, errors.ThrowInternal(err, "QUERY-M00sf", "Errors.Internal") + } + return p, nil + } +} + +func (q *Queries) prepareProjectRolesQuery() (sq.SelectBuilder, func(*sql.Rows) (*ProjectRoles, error)) { + return sq.Select( + ProjectRoleColumnProjectID.identifier(), + ProjectRoleColumnCreationDate.identifier(), + ProjectRoleColumnChangeDate.identifier(), + ProjectRoleColumnResourceOwner.identifier(), + ProjectRoleColumnSequence.identifier(), + ProjectRoleColumnKey.identifier(), + ProjectRoleColumnDisplayName.identifier(), + ProjectRoleColumnGroupName.identifier(), + countColumn.identifier()). + From(projectRolesTable.identifier()).PlaceholderFormat(sq.Dollar), + func(rows *sql.Rows) (*ProjectRoles, error) { + projects := make([]*ProjectRole, 0) + var count uint64 + for rows.Next() { + project := new(ProjectRole) + err := rows.Scan( + &project.ProjectID, + &project.CreationDate, + &project.ChangeDate, + &project.ResourceOwner, + &project.Sequence, + &project.Key, + &project.DisplayName, + &project.Group, + &count, + ) + if err != nil { + return nil, err + } + projects = append(projects, project) + } + + if err := rows.Close(); err != nil { + return nil, errors.ThrowInternal(err, "QUERY-ML0Fs", "Errors.Query.CloseRows") + } + + return &ProjectRoles{ + ProjectRoles: projects, + SearchResponse: SearchResponse{ + Count: count, + }, + }, nil + } +} diff --git a/internal/query/projection/test_event.go b/internal/query/projection/event_test.go similarity index 100% rename from internal/query/projection/test_event.go rename to internal/query/projection/event_test.go diff --git a/internal/query/projection/test_executer.go b/internal/query/projection/executer_test.go similarity index 94% rename from internal/query/projection/test_executer.go rename to internal/query/projection/executer_test.go index e22528e7ab..9b25f814c2 100644 --- a/internal/query/projection/test_executer.go +++ b/internal/query/projection/executer_test.go @@ -2,6 +2,7 @@ package projection import ( "database/sql" + "reflect" "testing" "github.com/caos/zitadel/internal/errors" @@ -46,7 +47,7 @@ func (e *testExecuter) Validate(t *testing.T) { if _, ok := execution.expectedArgs[i].(anyArg); ok { continue } - if execution.expectedArgs[i] != execution.gottenArgs[i] { + if !reflect.DeepEqual(execution.expectedArgs[i], execution.gottenArgs[i]) { t.Errorf("wrong argument at index %d: got: %v want: %v", i, execution.gottenArgs[i], execution.expectedArgs[i]) } } diff --git a/internal/query/projection/project.go b/internal/query/projection/project.go index c8c9ee8acf..b6a6997e7c 100644 --- a/internal/query/projection/project.go +++ b/internal/query/projection/project.go @@ -3,6 +3,9 @@ package projection import ( "context" + "github.com/caos/logging" + "github.com/caos/zitadel/internal/domain" + "github.com/caos/zitadel/internal/errors" "github.com/caos/zitadel/internal/eventstore" "github.com/caos/zitadel/internal/eventstore/handler" "github.com/caos/zitadel/internal/eventstore/handler/crdb" @@ -13,9 +16,13 @@ type ProjectProjection struct { crdb.StatementHandler } +const ( + ProjectProjectionTable = "zitadel.projections.projects" +) + func NewProjectProjection(ctx context.Context, config crdb.StatementHandlerConfig) *ProjectProjection { p := &ProjectProjection{} - config.ProjectionName = "zitadel.projections.projects" + config.ProjectionName = ProjectProjectionTable config.Reducers = p.reducers() p.StatementHandler = crdb.NewStatementHandler(ctx, config) return p @@ -51,94 +58,131 @@ func (p *ProjectProjection) reducers() []handler.AggregateReducer { } } -type projectState int8 - const ( - projectIDCol = "id" - projectNameCol = "name" - projectCreationDateCol = "creation_date" - projectChangeDateCol = "change_date" - projectOwnerCol = "owner_id" - projectCreatorCol = "creator_id" - projectStateCol = "state" - - projectActive projectState = iota - projectInactive + ProjectColumnID = "id" + ProjectColumnName = "name" + ProjectColumnProjectRoleAssertion = "project_role_assertion" + ProjectColumnProjectRoleCheck = "project_role_check" + ProjectColumnHasProjectCheck = "has_project_check" + ProjectColumnPrivateLabelingSetting = "private_labeling_setting" + ProjectColumnCreationDate = "creation_date" + ProjectColumnChangeDate = "change_date" + ProjectColumnResourceOwner = "resource_owner" + ProjectColumnCreator = "creator_id" + ProjectColumnState = "state" + ProjectColumnSequence = "sequence" ) func (p *ProjectProjection) reduceProjectAdded(event eventstore.EventReader) (*handler.Statement, error) { - e := event.(*project.ProjectAddedEvent) - + e, ok := event.(*project.ProjectAddedEvent) + if !ok { + logging.LogWithFields("HANDL-MFOsd", "seq", event.Sequence(), "expectedType", project.ProjectAddedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-l000S", "reduce.wrong.event.type") + } return crdb.NewCreateStatement( e, []handler.Column{ - handler.NewCol(projectIDCol, e.Aggregate().ID), - handler.NewCol(projectNameCol, e.Name), - handler.NewCol(projectCreationDateCol, e.CreationDate()), - handler.NewCol(projectChangeDateCol, e.CreationDate()), - handler.NewCol(projectOwnerCol, e.Aggregate().ResourceOwner), - handler.NewCol(projectCreatorCol, e.EditorUser()), - handler.NewCol(projectStateCol, projectActive), + handler.NewCol(ProjectColumnID, e.Aggregate().ID), + handler.NewCol(ProjectColumnCreationDate, e.CreationDate()), + handler.NewCol(ProjectColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectColumnResourceOwner, e.Aggregate().ResourceOwner), + handler.NewCol(ProjectColumnSequence, e.Sequence()), + handler.NewCol(ProjectColumnName, e.Name), + handler.NewCol(ProjectColumnProjectRoleAssertion, e.ProjectRoleAssertion), + handler.NewCol(ProjectColumnProjectRoleCheck, e.ProjectRoleCheck), + handler.NewCol(ProjectColumnHasProjectCheck, e.HasProjectCheck), + handler.NewCol(ProjectColumnPrivateLabelingSetting, e.PrivateLabelingSetting), + handler.NewCol(ProjectColumnState, domain.ProjectStateActive), + handler.NewCol(ProjectColumnCreator, e.EditorUser()), }, ), nil } func (p *ProjectProjection) reduceProjectChanged(event eventstore.EventReader) (*handler.Statement, error) { - e := event.(*project.ProjectChangeEvent) - - if e.Name == nil { + e, ok := event.(*project.ProjectChangeEvent) + if !ok { + logging.LogWithFields("HANDL-dk2iF", "seq", event.Sequence(), "expected", project.ProjectChangedType).Error("wrong event type") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-s00Fs", "reduce.wrong.event.type") + } + if e.Name == nil && e.HasProjectCheck == nil && e.ProjectRoleAssertion == nil && e.ProjectRoleCheck == nil && e.PrivateLabelingSetting == nil { return crdb.NewNoOpStatement(e), nil } + columns := make([]handler.Column, 0, 7) + columns = append(columns, handler.NewCol(ProjectColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectColumnSequence, e.Sequence())) + if e.Name != nil { + columns = append(columns, handler.NewCol(ProjectColumnName, *e.Name)) + } + if e.ProjectRoleAssertion != nil { + columns = append(columns, handler.NewCol(ProjectColumnProjectRoleAssertion, *e.ProjectRoleAssertion)) + } + if e.ProjectRoleCheck != nil { + columns = append(columns, handler.NewCol(ProjectColumnProjectRoleCheck, *e.ProjectRoleCheck)) + } + if e.HasProjectCheck != nil { + columns = append(columns, handler.NewCol(ProjectColumnHasProjectCheck, *e.HasProjectCheck)) + } + if e.PrivateLabelingSetting != nil { + columns = append(columns, handler.NewCol(ProjectColumnPrivateLabelingSetting, *e.PrivateLabelingSetting)) + } return crdb.NewUpdateStatement( e, - []handler.Column{ - handler.NewCol(projectNameCol, e.Name), - handler.NewCol(projectChangeDateCol, e.CreationDate()), - }, + columns, []handler.Condition{ - handler.NewCond(projectIDCol, e.Aggregate().ID), + handler.NewCond(ProjectColumnID, e.Aggregate().ID), }, ), nil } func (p *ProjectProjection) reduceProjectDeactivated(event eventstore.EventReader) (*handler.Statement, error) { - e := event.(*project.ProjectDeactivatedEvent) - + e, ok := event.(*project.ProjectDeactivatedEvent) + if !ok { + logging.LogWithFields("HANDL-8Nf2s", "seq", event.Sequence(), "expectedType", project.ProjectDeactivatedType).Error("wrong event type") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-LLp0f", "reduce.wrong.event.type") + } return crdb.NewUpdateStatement( e, []handler.Column{ - handler.NewCol(projectStateCol, projectInactive), - handler.NewCol(projectChangeDateCol, e.CreationDate()), + handler.NewCol(ProjectColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectColumnSequence, e.Sequence()), + handler.NewCol(ProjectColumnState, domain.ProjectStateInactive), }, []handler.Condition{ - handler.NewCond(projectIDCol, e.Aggregate().ID), + handler.NewCond(ProjectColumnID, e.Aggregate().ID), }, ), nil } func (p *ProjectProjection) reduceProjectReactivated(event eventstore.EventReader) (*handler.Statement, error) { - e := event.(*project.ProjectReactivatedEvent) - + e, ok := event.(*project.ProjectReactivatedEvent) + if !ok { + logging.LogWithFields("HANDL-sm99f", "seq", event.Sequence(), "expectedType", project.ProjectReactivatedType).Error("wrong event type") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-9J98f", "reduce.wrong.event.type") + } return crdb.NewUpdateStatement( e, []handler.Column{ - handler.NewCol(projectStateCol, projectActive), - handler.NewCol(projectChangeDateCol, e.CreationDate()), + handler.NewCol(ProjectColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectColumnSequence, e.Sequence()), + handler.NewCol(ProjectColumnState, domain.ProjectStateActive), }, []handler.Condition{ - handler.NewCond(projectIDCol, e.Aggregate().ID), + handler.NewCond(ProjectColumnID, e.Aggregate().ID), }, ), nil } func (p *ProjectProjection) reduceProjectRemoved(event eventstore.EventReader) (*handler.Statement, error) { - e := event.(*project.ProjectRemovedEvent) - + e, ok := event.(*project.ProjectRemovedEvent) + if !ok { + logging.LogWithFields("HANDL-mL0sf", "seq", event.Sequence(), "expectedType", project.ProjectRemovedType).Error("wrong event type") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-5N9fs", "reduce.wrong.event.type") + } return crdb.NewDeleteStatement( e, []handler.Condition{ - handler.NewCond(projectIDCol, e.Aggregate().ID), + handler.NewCond(ProjectColumnID, e.Aggregate().ID), }, ), nil } diff --git a/internal/query/projection/project_grant.go b/internal/query/projection/project_grant.go new file mode 100644 index 0000000000..dcd46240a5 --- /dev/null +++ b/internal/query/projection/project_grant.go @@ -0,0 +1,201 @@ +package projection + +import ( + "context" + + "github.com/caos/logging" + "github.com/caos/zitadel/internal/domain" + "github.com/caos/zitadel/internal/errors" + "github.com/caos/zitadel/internal/eventstore" + "github.com/caos/zitadel/internal/eventstore/handler" + "github.com/caos/zitadel/internal/eventstore/handler/crdb" + "github.com/caos/zitadel/internal/repository/project" + "github.com/lib/pq" +) + +type ProjectGrantProjection struct { + crdb.StatementHandler +} + +const ProjectGrantProjectionTable = "zitadel.projections.project_grants" + +func NewProjectGrantProjection(ctx context.Context, config crdb.StatementHandlerConfig) *ProjectGrantProjection { + p := &ProjectGrantProjection{} + config.ProjectionName = ProjectGrantProjectionTable + config.Reducers = p.reducers() + p.StatementHandler = crdb.NewStatementHandler(ctx, config) + return p +} + +func (p *ProjectGrantProjection) reducers() []handler.AggregateReducer { + return []handler.AggregateReducer{ + { + Aggregate: project.AggregateType, + EventRedusers: []handler.EventReducer{ + { + Event: project.GrantAddedType, + Reduce: p.reduceProjectGrantAdded, + }, + { + Event: project.GrantChangedType, + Reduce: p.reduceProjectGrantChanged, + }, + { + Event: project.GrantCascadeChangedType, + Reduce: p.reduceProjectGrantCascadeChanged, + }, + { + Event: project.GrantDeactivatedType, + Reduce: p.reduceProjectGrantDeactivated, + }, + { + Event: project.GrantReactivatedType, + Reduce: p.reduceProjectGrantReactivated, + }, + { + Event: project.GrantRemovedType, + Reduce: p.reduceProjectGrantRemoved, + }, + }, + }, + } +} + +const ( + ProjectGrantColumnProjectID = "project_id" + ProjectGrantColumnGrantID = "grant_id" + ProjectGrantColumnCreationDate = "creation_date" + ProjectGrantColumnChangeDate = "change_date" + ProjectGrantColumnResourceOwner = "resource_owner" + ProjectGrantColumnState = "state" + ProjectGrantColumnSequence = "sequence" + ProjectGrantColumnGrantedOrgID = "granted_org_id" + ProjectGrantColumnRoleKeys = "granted_role_keys" + ProjectGrantColumnCreator = "creator_id" +) + +func (p *ProjectGrantProjection) reduceProjectGrantAdded(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.GrantAddedEvent) + if !ok { + logging.LogWithFields("HANDL-Mi4g9", "seq", event.Sequence(), "expectedType", project.GrantAddedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-g92Fg", "reduce.wrong.event.type") + } + return crdb.NewCreateStatement( + e, + []handler.Column{ + handler.NewCol(ProjectGrantColumnGrantID, e.GrantID), + handler.NewCol(ProjectGrantColumnProjectID, e.Aggregate().ID), + handler.NewCol(ProjectGrantColumnCreationDate, e.CreationDate()), + handler.NewCol(ProjectGrantColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectGrantColumnResourceOwner, e.Aggregate().ResourceOwner), + handler.NewCol(ProjectGrantColumnState, domain.ProjectGrantStateActive), + handler.NewCol(ProjectGrantColumnSequence, e.Sequence()), + handler.NewCol(ProjectGrantColumnGrantedOrgID, e.GrantedOrgID), + handler.NewCol(ProjectGrantColumnRoleKeys, pq.StringArray(e.RoleKeys)), + handler.NewCol(ProjectGrantColumnCreator, e.EditorUser()), + }, + ), nil +} + +func (p *ProjectGrantProjection) reduceProjectGrantChanged(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.GrantChangedEvent) + if !ok { + logging.LogWithFields("HANDL-M00fH", "seq", event.Sequence(), "expectedType", project.GrantChangedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-g0fg4", "reduce.wrong.event.type") + } + if e.RoleKeys == nil { + return crdb.NewNoOpStatement(e), nil + } + + return crdb.NewUpdateStatement( + e, + []handler.Column{ + handler.NewCol(ProjectColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectGrantColumnSequence, e.Sequence()), + handler.NewCol(ProjectGrantColumnRoleKeys, pq.StringArray(e.RoleKeys)), + }, + []handler.Condition{ + handler.NewCond(ProjectGrantColumnGrantID, e.GrantID), + handler.NewCond(ProjectGrantColumnProjectID, e.Aggregate().ID), + }, + ), nil +} + +func (p *ProjectGrantProjection) reduceProjectGrantCascadeChanged(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.GrantChangedEvent) + if !ok { + logging.LogWithFields("HANDL-K0fwR", "seq", event.Sequence(), "expectedType", project.GrantCascadeChangedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-ll9Ts", "reduce.wrong.event.type") + } + if e.RoleKeys == nil { + return crdb.NewNoOpStatement(e), nil + } + + return crdb.NewUpdateStatement( + e, + []handler.Column{ + handler.NewCol(ProjectGrantColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectGrantColumnSequence, e.Sequence()), + handler.NewCol(ProjectGrantColumnRoleKeys, e.RoleKeys), + }, + []handler.Condition{ + handler.NewCond(ProjectGrantColumnGrantID, e.GrantID), + handler.NewCond(ProjectGrantColumnProjectID, e.Aggregate().ID), + }, + ), nil +} + +func (p *ProjectGrantProjection) reduceProjectGrantDeactivated(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.GrantDeactivateEvent) + if !ok { + logging.LogWithFields("HANDL-Ple9f", "seq", event.Sequence(), "expectedType", project.GrantDeactivatedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-0fj2f", "reduce.wrong.event.type") + } + return crdb.NewUpdateStatement( + e, + []handler.Column{ + handler.NewCol(ProjectGrantColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectGrantColumnSequence, e.Sequence()), + handler.NewCol(ProjectGrantColumnState, domain.ProjectGrantStateInactive), + }, + []handler.Condition{ + handler.NewCond(ProjectGrantColumnGrantID, e.GrantID), + handler.NewCond(ProjectGrantColumnProjectID, e.Aggregate().ID), + }, + ), nil +} + +func (p *ProjectGrantProjection) reduceProjectGrantReactivated(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.GrantReactivatedEvent) + if !ok { + logging.LogWithFields("HANDL-Ip0hr", "seq", event.Sequence(), "expectedType", project.GrantReactivatedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-2M0ve", "reduce.wrong.event.type") + } + return crdb.NewUpdateStatement( + e, + []handler.Column{ + handler.NewCol(ProjectGrantColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectGrantColumnSequence, e.Sequence()), + handler.NewCol(ProjectGrantColumnState, domain.ProjectGrantStateActive), + }, + []handler.Condition{ + handler.NewCond(ProjectGrantColumnGrantID, e.GrantID), + handler.NewCond(ProjectGrantColumnProjectID, e.Aggregate().ID), + }, + ), nil +} + +func (p *ProjectGrantProjection) reduceProjectGrantRemoved(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.GrantRemovedEvent) + if !ok { + logging.LogWithFields("HANDL-M0pfs", "seq", event.Sequence(), "expectedType", project.GrantRemovedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-o0w4f", "reduce.wrong.event.type") + } + return crdb.NewDeleteStatement( + e, + []handler.Condition{ + handler.NewCond(ProjectGrantColumnGrantID, e.GrantID), + handler.NewCond(ProjectGrantColumnProjectID, e.Aggregate().ID), + }, + ), nil +} diff --git a/internal/query/projection/project_grant_test.go b/internal/query/projection/project_grant_test.go new file mode 100644 index 0000000000..2c50258604 --- /dev/null +++ b/internal/query/projection/project_grant_test.go @@ -0,0 +1,214 @@ +package projection + +import ( + "testing" + + "github.com/caos/zitadel/internal/domain" + "github.com/caos/zitadel/internal/errors" + "github.com/caos/zitadel/internal/eventstore" + "github.com/caos/zitadel/internal/eventstore/handler" + "github.com/caos/zitadel/internal/eventstore/repository" + "github.com/caos/zitadel/internal/repository/project" + "github.com/lib/pq" +) + +func TestProjectGrantProjection_reduces(t *testing.T) { + type args struct { + event func(t *testing.T) eventstore.EventReader + } + tests := []struct { + name string + args args + reduce func(event eventstore.EventReader) (*handler.Statement, error) + want wantReduce + }{ + { + name: "reduceProjectGrantRemoved", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.GrantRemovedType), + project.AggregateType, + []byte(`{"grantId": "grant-id"}`), + ), project.GrantRemovedEventMapper), + }, + reduce: (&ProjectGrantProjection{}).reduceProjectGrantRemoved, + want: wantReduce{ + projection: ProjectGrantProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "DELETE FROM zitadel.projections.project_grants WHERE (grant_id = $1) AND (project_id = $2)", + expectedArgs: []interface{}{ + "grant-id", + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectGrantReactivated", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.GrantReactivatedType), + project.AggregateType, + []byte(`{"grantId": "grant-id"}`), + ), project.GrantReactivatedEventMapper), + }, + reduce: (&ProjectGrantProjection{}).reduceProjectGrantReactivated, + want: wantReduce{ + projection: ProjectGrantProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "UPDATE zitadel.projections.project_grants SET (change_date, sequence, state) = ($1, $2, $3) WHERE (grant_id = $4) AND (project_id = $5)", + expectedArgs: []interface{}{ + anyArg{}, + uint64(15), + domain.ProjectGrantStateActive, + "grant-id", + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectGrantDeactivated", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.GrantDeactivatedType), + project.AggregateType, + []byte(`{"grantId": "grant-id"}`), + ), project.GrantDeactivateEventMapper), + }, + reduce: (&ProjectGrantProjection{}).reduceProjectGrantDeactivated, + want: wantReduce{ + projection: ProjectGrantProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "UPDATE zitadel.projections.project_grants SET (change_date, sequence, state) = ($1, $2, $3) WHERE (grant_id = $4) AND (project_id = $5)", + expectedArgs: []interface{}{ + anyArg{}, + uint64(15), + domain.ProjectGrantStateInactive, + "grant-id", + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectGrantChanged", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.GrantChangedType), + project.AggregateType, + []byte(`{"grantId": "grant-id", "roleKeys": ["admin", "user"] }`), + ), project.GrantChangedEventMapper), + }, + reduce: (&ProjectGrantProjection{}).reduceProjectGrantChanged, + want: wantReduce{ + projection: ProjectGrantProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "UPDATE zitadel.projections.project_grants SET (change_date, sequence, granted_role_keys) = ($1, $2, $3) WHERE (grant_id = $4) AND (project_id = $5)", + expectedArgs: []interface{}{ + anyArg{}, + uint64(15), + pq.StringArray{"admin", "user"}, + "grant-id", + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectGrantChanged no changes", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.GrantChangedType), + project.AggregateType, + []byte(`{}`), + ), project.GrantChangedEventMapper), + }, + reduce: (&ProjectGrantProjection{}).reduceProjectGrantChanged, + want: wantReduce{ + projection: ProjectGrantProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{}, + }, + }, + { + name: "reduceProjectGrantAdded", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.GrantAddedType), + project.AggregateType, + []byte(`{"grantId": "grant-id", "grantedOrgId": "granted-org-id", "roleKeys": ["admin", "user"] }`), + ), project.GrantAddedEventMapper), + }, + reduce: (&ProjectGrantProjection{}).reduceProjectGrantAdded, + want: wantReduce{ + projection: ProjectGrantProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "INSERT INTO zitadel.projections.project_grants (grant_id, project_id, creation_date, change_date, resource_owner, state, sequence, granted_org_id, granted_role_keys, creator_id) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)", + expectedArgs: []interface{}{ + "grant-id", + "agg-id", + anyArg{}, + anyArg{}, + "ro-id", + domain.ProjectGrantStateActive, + uint64(15), + "granted-org-id", + pq.StringArray{"admin", "user"}, + "editor-user", + }, + }, + }, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + event := baseEvent(t) + got, err := tt.reduce(event) + if _, ok := err.(errors.InvalidArgument); !ok { + t.Errorf("no wrong event mapping: %v, got: %v", err, got) + } + + event = tt.args.event(t) + got, err = tt.reduce(event) + assertReduce(t, got, err, tt.want) + }) + } +} diff --git a/internal/query/projection/project_role.go b/internal/query/projection/project_role.go new file mode 100644 index 0000000000..2fcadd7d66 --- /dev/null +++ b/internal/query/projection/project_role.go @@ -0,0 +1,121 @@ +package projection + +import ( + "context" + + "github.com/caos/logging" + "github.com/caos/zitadel/internal/errors" + "github.com/caos/zitadel/internal/eventstore" + "github.com/caos/zitadel/internal/eventstore/handler" + "github.com/caos/zitadel/internal/eventstore/handler/crdb" + "github.com/caos/zitadel/internal/repository/project" +) + +type ProjectRoleProjection struct { + crdb.StatementHandler +} + +const ProjectRoleProjectionTable = "zitadel.projections.project_roles" + +func NewProjectRoleProjection(ctx context.Context, config crdb.StatementHandlerConfig) *ProjectRoleProjection { + p := &ProjectRoleProjection{} + config.ProjectionName = ProjectRoleProjectionTable + config.Reducers = p.reducers() + p.StatementHandler = crdb.NewStatementHandler(ctx, config) + return p +} + +func (p *ProjectRoleProjection) reducers() []handler.AggregateReducer { + return []handler.AggregateReducer{ + { + Aggregate: project.AggregateType, + EventRedusers: []handler.EventReducer{ + { + Event: project.RoleAddedType, + Reduce: p.reduceProjectRoleAdded, + }, + { + Event: project.RoleChangedType, + Reduce: p.reduceProjectRoleChanged, + }, + { + Event: project.RoleRemovedType, + Reduce: p.reduceProjectRoleRemoved, + }, + }, + }, + } +} + +const ( + ProjectRoleColumnProjectID = "project_id" + ProjectRoleColumnKey = "role_key" + ProjectRoleColumnCreationDate = "creation_date" + ProjectRoleColumnChangeDate = "change_date" + ProjectRoleColumnResourceOwner = "resource_owner" + ProjectRoleColumnSequence = "sequence" + ProjectRoleColumnDisplayName = "display_name" + ProjectRoleColumnGroupName = "group_name" + ProjectRoleColumnCreator = "creator_id" +) + +func (p *ProjectRoleProjection) reduceProjectRoleAdded(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.RoleAddedEvent) + if !ok { + logging.LogWithFields("HANDL-Fmre5", "seq", event.Sequence(), "expectedType", project.RoleAddedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-g92Fg", "reduce.wrong.event.type") + } + return crdb.NewCreateStatement( + e, + []handler.Column{ + handler.NewCol(ProjectRoleColumnKey, e.Key), + handler.NewCol(ProjectRoleColumnProjectID, e.Aggregate().ID), + handler.NewCol(ProjectRoleColumnCreationDate, e.CreationDate()), + handler.NewCol(ProjectRoleColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectRoleColumnResourceOwner, e.Aggregate().ResourceOwner), + handler.NewCol(ProjectRoleColumnSequence, e.Sequence()), + handler.NewCol(ProjectRoleColumnDisplayName, e.DisplayName), + handler.NewCol(ProjectRoleColumnGroupName, e.Group), + handler.NewCol(ProjectRoleColumnCreator, e.EditorUser()), + }, + ), nil +} + +func (p *ProjectRoleProjection) reduceProjectRoleChanged(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.RoleChangedEvent) + if !ok { + logging.LogWithFields("HANDL-M0fwg", "seq", event.Sequence(), "expectedType", project.GrantChangedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-sM0f", "reduce.wrong.event.type") + } + if e.DisplayName == nil && e.Group == nil { + return crdb.NewNoOpStatement(e), nil + } + return crdb.NewUpdateStatement( + e, + []handler.Column{ + handler.NewCol(ProjectColumnChangeDate, e.CreationDate()), + handler.NewCol(ProjectRoleColumnSequence, e.Sequence()), + handler.NewCol(ProjectRoleColumnDisplayName, *e.DisplayName), + handler.NewCol(ProjectRoleColumnGroupName, *e.Group), + }, + []handler.Condition{ + handler.NewCond(ProjectRoleColumnKey, e.Key), + handler.NewCond(ProjectRoleColumnProjectID, e.Aggregate().ID), + }, + ), nil +} + +func (p *ProjectRoleProjection) reduceProjectRoleRemoved(event eventstore.EventReader) (*handler.Statement, error) { + e, ok := event.(*project.RoleRemovedEvent) + if !ok { + logging.LogWithFields("HANDL-MlokF", "seq", event.Sequence(), "expectedType", project.GrantRemovedType).Error("was not an event") + return nil, errors.ThrowInvalidArgument(nil, "HANDL-L0fJf", "reduce.wrong.event.type") + } + return crdb.NewDeleteStatement( + e, + []handler.Condition{ + handler.NewCond(ProjectRoleColumnKey, e.Key), + handler.NewCond(ProjectRoleColumnProjectID, e.Aggregate().ID), + }, + ), nil +} diff --git a/internal/query/projection/project_role_test.go b/internal/query/projection/project_role_test.go new file mode 100644 index 0000000000..17c3bce16d --- /dev/null +++ b/internal/query/projection/project_role_test.go @@ -0,0 +1,150 @@ +package projection + +import ( + "testing" + + "github.com/caos/zitadel/internal/errors" + "github.com/caos/zitadel/internal/eventstore" + "github.com/caos/zitadel/internal/eventstore/handler" + "github.com/caos/zitadel/internal/eventstore/repository" + "github.com/caos/zitadel/internal/repository/project" +) + +func TestProjectRoleProjection_reduces(t *testing.T) { + type args struct { + event func(t *testing.T) eventstore.EventReader + } + tests := []struct { + name string + args args + reduce func(event eventstore.EventReader) (*handler.Statement, error) + want wantReduce + }{ + { + name: "reduceProjectRoleRemoved", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.RoleRemovedType), + project.AggregateType, + []byte(`{"key": "key"}`), + ), project.RoleRemovedEventMapper), + }, + reduce: (&ProjectRoleProjection{}).reduceProjectRoleRemoved, + want: wantReduce{ + projection: ProjectRoleProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "DELETE FROM zitadel.projections.project_roles WHERE (role_key = $1) AND (project_id = $2)", + expectedArgs: []interface{}{ + "key", + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectRoleChanged", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.RoleChangedType), + project.AggregateType, + []byte(`{"key": "key", "displayName": "New Key", "group": "New Group"}`), + ), project.RoleChangedEventMapper), + }, + reduce: (&ProjectRoleProjection{}).reduceProjectRoleChanged, + want: wantReduce{ + projection: ProjectRoleProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "UPDATE zitadel.projections.project_roles SET (change_date, sequence, display_name, group_name) = ($1, $2, $3, $4) WHERE (role_key = $5) AND (project_id = $6)", + expectedArgs: []interface{}{ + anyArg{}, + uint64(15), + "New Key", + "New Group", + "key", + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectRoleChanged no changes", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.RoleChangedType), + project.AggregateType, + []byte(`{}`), + ), project.RoleChangedEventMapper), + }, + reduce: (&ProjectRoleProjection{}).reduceProjectRoleChanged, + want: wantReduce{ + projection: ProjectRoleProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{}, + }, + }, + { + name: "reduceProjectRoleAdded", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.RoleAddedType), + project.AggregateType, + []byte(`{"key": "key", "displayName": "Key", "group": "Group"}`), + ), project.RoleAddedEventMapper), + }, + reduce: (&ProjectRoleProjection{}).reduceProjectRoleAdded, + want: wantReduce{ + projection: ProjectRoleProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "INSERT INTO zitadel.projections.project_roles (role_key, project_id, creation_date, change_date, resource_owner, sequence, display_name, group_name, creator_id) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)", + expectedArgs: []interface{}{ + "key", + "agg-id", + anyArg{}, + anyArg{}, + "ro-id", + uint64(15), + "Key", + "Group", + "editor-user", + }, + }, + }, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + event := baseEvent(t) + got, err := tt.reduce(event) + if _, ok := err.(errors.InvalidArgument); !ok { + t.Errorf("no wrong event mapping: %v, got: %v", err, got) + } + + event = tt.args.event(t) + got, err = tt.reduce(event) + assertReduce(t, got, err, tt.want) + }) + } +} diff --git a/internal/query/projection/project_test.go b/internal/query/projection/project_test.go new file mode 100644 index 0000000000..1c98d0c34f --- /dev/null +++ b/internal/query/projection/project_test.go @@ -0,0 +1,215 @@ +package projection + +import ( + "testing" + + "github.com/caos/zitadel/internal/domain" + "github.com/caos/zitadel/internal/errors" + "github.com/caos/zitadel/internal/eventstore" + "github.com/caos/zitadel/internal/eventstore/handler" + "github.com/caos/zitadel/internal/eventstore/repository" + "github.com/caos/zitadel/internal/repository/project" +) + +func TestProjectProjection_reduces(t *testing.T) { + type args struct { + event func(t *testing.T) eventstore.EventReader + } + tests := []struct { + name string + args args + reduce func(event eventstore.EventReader) (*handler.Statement, error) + want wantReduce + }{ + { + name: "reduceProjectRemoved", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.ProjectRemovedType), + project.AggregateType, + nil, + ), project.ProjectRemovedEventMapper), + }, + reduce: (&ProjectProjection{}).reduceProjectRemoved, + want: wantReduce{ + projection: ProjectProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "DELETE FROM zitadel.projections.projects WHERE (id = $1)", + expectedArgs: []interface{}{ + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectReactivated", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.ProjectReactivatedType), + project.AggregateType, + nil, + ), project.ProjectReactivatedEventMapper), + }, + reduce: (&ProjectProjection{}).reduceProjectReactivated, + want: wantReduce{ + projection: ProjectProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "UPDATE zitadel.projections.projects SET (change_date, sequence, state) = ($1, $2, $3) WHERE (id = $4)", + expectedArgs: []interface{}{ + anyArg{}, + uint64(15), + domain.ProjectStateActive, + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectDeactivated", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.ProjectDeactivatedType), + project.AggregateType, + nil, + ), project.ProjectDeactivatedEventMapper), + }, + reduce: (&ProjectProjection{}).reduceProjectDeactivated, + want: wantReduce{ + projection: ProjectProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "UPDATE zitadel.projections.projects SET (change_date, sequence, state) = ($1, $2, $3) WHERE (id = $4)", + expectedArgs: []interface{}{ + anyArg{}, + uint64(15), + domain.ProjectStateInactive, + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectChanged", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.ProjectChangedType), + project.AggregateType, + []byte(`{"name": "new name", "projectRoleAssertion": true, "projectRoleCheck": true, "hasProjectCheck": true, "privateLabelingSetting": 1}`), + ), project.ProjectChangeEventMapper), + }, + reduce: (&ProjectProjection{}).reduceProjectChanged, + want: wantReduce{ + projection: ProjectProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "UPDATE zitadel.projections.projects SET (change_date, sequence, name, project_role_assertion, project_role_check, has_project_check, private_labeling_setting) = ($1, $2, $3, $4, $5, $6, $7) WHERE (id = $8)", + expectedArgs: []interface{}{ + anyArg{}, + uint64(15), + "new name", + true, + true, + true, + domain.PrivateLabelingSettingEnforceProjectResourceOwnerPolicy, + "agg-id", + }, + }, + }, + }, + }, + }, + { + name: "reduceProjectChanged no changes", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.ProjectChangedType), + project.AggregateType, + []byte(`{}`), + ), project.ProjectChangeEventMapper), + }, + reduce: (&ProjectProjection{}).reduceProjectChanged, + want: wantReduce{ + projection: ProjectProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{}, + }, + }, + { + name: "reduceProjectAdded", + args: args{ + event: getEvent(testEvent( + repository.EventType(project.ProjectAddedType), + project.AggregateType, + []byte(`{"name": "name", "projectRoleAssertion": true, "projectRoleCheck": true, "hasProjectCheck": true, "privateLabelingSetting": 1}`), + ), project.ProjectAddedEventMapper), + }, + reduce: (&ProjectProjection{}).reduceProjectAdded, + want: wantReduce{ + projection: ProjectProjectionTable, + aggregateType: eventstore.AggregateType("project"), + sequence: 15, + previousSequence: 10, + executer: &testExecuter{ + executions: []execution{ + { + expectedStmt: "INSERT INTO zitadel.projections.projects (id, creation_date, change_date, resource_owner, sequence, name, project_role_assertion, project_role_check, has_project_check, private_labeling_setting, state, creator_id) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12)", + expectedArgs: []interface{}{ + "agg-id", + anyArg{}, + anyArg{}, + "ro-id", + uint64(15), + "name", + true, + true, + true, + domain.PrivateLabelingSettingEnforceProjectResourceOwnerPolicy, + domain.ProjectStateActive, + "editor-user", + }, + }, + }, + }, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + event := baseEvent(t) + got, err := tt.reduce(event) + if _, ok := err.(errors.InvalidArgument); !ok { + t.Errorf("no wrong event mapping: %v, got: %v", err, got) + } + + event = tt.args.event(t) + got, err = tt.reduce(event) + assertReduce(t, got, err, tt.want) + }) + } +} diff --git a/internal/query/projection/projection.go b/internal/query/projection/projection.go index 112c448235..e567d88470 100644 --- a/internal/query/projection/projection.go +++ b/internal/query/projection/projection.go @@ -34,10 +34,12 @@ func Start(ctx context.Context, sqlClient *sql.DB, es *eventstore.Eventstore, co } NewOrgProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["orgs"])) - //NewProjectProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["projects"])) - //owner.NewOrgOwnerProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["org_owners"])) NewActionProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["actions"])) NewFlowProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["flows"])) + NewProjectProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["projects"])) + NewProjectGrantProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["project_grants"])) + NewProjectRoleProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["project_roles"])) + return nil } diff --git a/internal/query/search_query.go b/internal/query/search_query.go index bbcc206006..bb66d47252 100644 --- a/internal/query/search_query.go +++ b/internal/query/search_query.go @@ -5,9 +5,8 @@ import ( "reflect" sq "github.com/Masterminds/squirrel" - "github.com/lib/pq" - "github.com/caos/zitadel/internal/domain" + "github.com/lib/pq" ) type SearchResponse struct { @@ -221,6 +220,56 @@ func NumberComparisonFromMethod(m domain.SearchMethod) NumberComparison { } } +type ListQuery struct { + Column Column + List []interface{} + Compare ListComparison +} + +func NewListQuery(column Column, value []interface{}, compare ListComparison) (*ListQuery, error) { + if compare < 0 || compare >= listCompareMax { + return nil, ErrInvalidCompare + } + if column.isZero() { + return nil, ErrMissingColumn + } + return &ListQuery{ + Column: column, + List: value, + Compare: compare, + }, nil +} + +func (q *ListQuery) ToQuery(query sq.SelectBuilder) sq.SelectBuilder { + where, args := q.comp() + return query.Where(where, args...) +} + +func (s *ListQuery) comp() (interface{}, []interface{}) { + switch s.Compare { + case ListIn: + return sq.Eq{s.Column.identifier(): s.List}, nil + } + return nil, nil +} + +type ListComparison int + +const ( + ListIn ListComparison = iota + + listCompareMax +) + +func ListComparisonFromMethod(m domain.SearchMethod) ListComparison { + switch m { + case domain.SearchMethodEquals: + return ListIn + default: + return listCompareMax + } +} + var ( //countColumn represents the default counter for search responses countColumn = Column{ diff --git a/internal/user/repository/view/model/notify_user_test.go b/internal/user/repository/view/model/notify_user_test.go index 3b4a033638..c241b03c23 100644 --- a/internal/user/repository/view/model/notify_user_test.go +++ b/internal/user/repository/view/model/notify_user_test.go @@ -20,74 +20,74 @@ func TestNotifyUserAppendEvent(t *testing.T) { { name: "append added user event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(nil))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(nil))}, user: &NotifyUser{}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, { name: "append added human event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(nil))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(nil))}, user: &NotifyUser{}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, { name: "append change user profile event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserProfileChanged, ResourceOwner: "OrgID", Data: mockProfileData(&es_model.Profile{FirstName: "FirstNameChanged"})}, - user: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserProfileChanged, ResourceOwner: "GrantedOrgID", Data: mockProfileData(&es_model.Profile{FirstName: "FirstNameChanged"})}, + user: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstNameChanged", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstNameChanged", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, { name: "append change user email event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailChanged, ResourceOwner: "OrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, - user: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailChanged, ResourceOwner: "GrantedOrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, + user: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "EmailChanged", LastPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "EmailChanged", LastPhone: "Phone"}, }, { name: "append change user email event, existing email", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailChanged, ResourceOwner: "OrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, - user: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", VerifiedEmail: "Email", LastPhone: "Phone"}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailChanged, ResourceOwner: "GrantedOrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, + user: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", VerifiedEmail: "Email", LastPhone: "Phone"}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "EmailChanged", VerifiedEmail: "Email", LastPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "EmailChanged", VerifiedEmail: "Email", LastPhone: "Phone"}, }, { name: "append verify user email event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailVerified, ResourceOwner: "OrgID"}, - user: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailVerified, ResourceOwner: "GrantedOrgID"}, + user: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", VerifiedEmail: "Email", LastPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", VerifiedEmail: "Email", LastPhone: "Phone"}, }, { name: "append change user phone event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneChanged, ResourceOwner: "OrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, - user: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneChanged, ResourceOwner: "GrantedOrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, + user: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "PhoneChanged"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "PhoneChanged"}, }, { name: "append change user phone event, existing phone", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneChanged, ResourceOwner: "OrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, - user: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone", VerifiedPhone: "Phone"}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneChanged, ResourceOwner: "GrantedOrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, + user: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone", VerifiedPhone: "Phone"}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "PhoneChanged", VerifiedPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "PhoneChanged", VerifiedPhone: "Phone"}, }, { name: "append verify user phone event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneVerified, ResourceOwner: "OrgID"}, - user: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneVerified, ResourceOwner: "GrantedOrgID"}, + user: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone"}, }, - result: &NotifyUser{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone", VerifiedPhone: "Phone"}, + result: &NotifyUser{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", FirstName: "FirstName", LastName: "LastName", LastEmail: "Email", LastPhone: "Phone", VerifiedPhone: "Phone"}, }, } for _, tt := range tests { diff --git a/internal/user/repository/view/model/user_test.go b/internal/user/repository/view/model/user_test.go index d067b1cd02..ba7bee9dc5 100644 --- a/internal/user/repository/view/model/user_test.go +++ b/internal/user/repository/view/model/user_test.go @@ -86,282 +86,282 @@ func TestUserAppendEvent(t *testing.T) { { name: "append added user event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(nil))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(nil))}, user: &UserView{}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, { name: "append added human event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(nil))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(nil))}, user: &UserView{}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, { name: "append added machine event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MachineAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullMachine())}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MachineAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullMachine())}, user: &UserView{}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", MachineView: &MachineView{Description: "Description", Name: "Machine"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", MachineView: &MachineView{Description: "Description", Name: "Machine"}, State: int32(model.UserStateActive)}, }, { name: "append added user with password event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(&es_model.Password{Secret: &crypto.CryptoValue{}}))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(&es_model.Password{Secret: &crypto.CryptoValue{}}))}, user: &UserView{}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateInitial)}, }, { name: "append added human with password event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(&es_model.Password{Secret: &crypto.CryptoValue{}}))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(&es_model.Password{Secret: &crypto.CryptoValue{}}))}, user: &UserView{}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateInitial)}, }, { name: "append added user with password but change required event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}}))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}}))}, user: &UserView{}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateInitial)}, }, { name: "append added human with password but change required event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "OrgID", Data: mockUserData(getFullHuman(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}}))}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAdded, ResourceOwner: "GrantedOrgID", Data: mockUserData(getFullHuman(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}}))}, user: &UserView{}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateInitial)}, }, { name: "append password change event on user", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPasswordChanged, ResourceOwner: "OrgID", Data: mockPasswordData(&es_model.Password{Secret: &crypto.CryptoValue{}})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPasswordChanged, ResourceOwner: "GrantedOrgID", Data: mockPasswordData(&es_model.Password{Secret: &crypto.CryptoValue{}})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateActive)}, }, { name: "append password change event on human", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPasswordChanged, ResourceOwner: "OrgID", Data: mockPasswordData(&es_model.Password{Secret: &crypto.CryptoValue{}})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPasswordChanged, ResourceOwner: "GrantedOrgID", Data: mockPasswordData(&es_model.Password{Secret: &crypto.CryptoValue{}})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true}, State: int32(model.UserStateActive)}, }, { name: "append password change with change required event on user", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPasswordChanged, ResourceOwner: "OrgID", Data: mockPasswordData(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPasswordChanged, ResourceOwner: "GrantedOrgID", Data: mockPasswordData(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateActive)}, }, { name: "append password change with change required event on human", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPasswordChanged, ResourceOwner: "OrgID", Data: mockPasswordData(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPasswordChanged, ResourceOwner: "GrantedOrgID", Data: mockPasswordData(&es_model.Password{ChangeRequired: true, Secret: &crypto.CryptoValue{}})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country", PasswordSet: true, PasswordChangeRequired: true}, State: int32(model.UserStateActive)}, }, { name: "append change user profile event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserProfileChanged, ResourceOwner: "OrgID", Data: mockProfileData(&es_model.Profile{FirstName: "FirstNameChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserProfileChanged, ResourceOwner: "GrantedOrgID", Data: mockProfileData(&es_model.Profile{FirstName: "FirstNameChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstNameChanged", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstNameChanged", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, { name: "append change human profile event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanProfileChanged, ResourceOwner: "OrgID", Data: mockProfileData(&es_model.Profile{FirstName: "FirstNameChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanProfileChanged, ResourceOwner: "GrantedOrgID", Data: mockProfileData(&es_model.Profile{FirstName: "FirstNameChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstNameChanged", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstNameChanged", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, { name: "append change user email event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailChanged, ResourceOwner: "OrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailChanged, ResourceOwner: "GrantedOrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "EmailChanged", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "EmailChanged", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append change human email event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanEmailChanged, ResourceOwner: "OrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanEmailChanged, ResourceOwner: "GrantedOrgID", Data: mockEmailData(&es_model.Email{EmailAddress: "EmailChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "EmailChanged", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "EmailChanged", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append verify user email event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailVerified, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserEmailVerified, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append verify human email event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanEmailVerified, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanEmailVerified, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInitial)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append change user phone event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneChanged, ResourceOwner: "OrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneChanged, ResourceOwner: "GrantedOrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "PhoneChanged", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "PhoneChanged", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append change human phone event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPhoneChanged, ResourceOwner: "OrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPhoneChanged, ResourceOwner: "GrantedOrgID", Data: mockPhoneData(&es_model.Phone{PhoneNumber: "PhoneChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "PhoneChanged", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "PhoneChanged", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append verify user phone event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneVerified, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserPhoneVerified, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", IsPhoneVerified: true, Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", IsPhoneVerified: true, Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append verify human phone event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPhoneVerified, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanPhoneVerified, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", IsPhoneVerified: true, Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", IsPhoneVerified: true, Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append change user address event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAddressChanged, ResourceOwner: "OrgID", Data: mockAddressData(&es_model.Address{Country: "CountryChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserAddressChanged, ResourceOwner: "GrantedOrgID", Data: mockAddressData(&es_model.Address{Country: "CountryChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "CountryChanged"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "CountryChanged"}, State: int32(model.UserStateActive)}, }, { name: "append change human address event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAddressChanged, ResourceOwner: "OrgID", Data: mockAddressData(&es_model.Address{Country: "CountryChanged"})}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanAddressChanged, ResourceOwner: "GrantedOrgID", Data: mockAddressData(&es_model.Address{Country: "CountryChanged"})}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "CountryChanged"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", IsEmailVerified: true, Phone: "Phone", Country: "CountryChanged"}, State: int32(model.UserStateActive)}, }, { name: "append user deactivate event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserDeactivated, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserDeactivated, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInactive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInactive)}, }, { name: "append user reactivate event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserReactivated, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInactive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserReactivated, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateInactive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append user lock event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserLocked, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserLocked, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateLocked)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateLocked)}, }, { name: "append user unlock event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserUnlocked, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateLocked)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserUnlocked, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateLocked)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, { name: "append user add otp event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MFAOTPAdded, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MFAOTPAdded, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, }, { name: "append human add otp event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanMFAOTPAdded, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanMFAOTPAdded, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, }, { name: "append user verify otp event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MFAOTPVerified, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MFAOTPVerified, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, }, { name: "append human verify otp event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanMFAOTPVerified, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanMFAOTPVerified, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateNotReady)}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, }, { name: "append user remove otp event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MFAOTPRemoved, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.MFAOTPRemoved, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateUnspecified)}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateUnspecified)}, State: int32(model.UserStateActive)}, }, { name: "append human remove otp event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanMFAOTPRemoved, ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.HumanMFAOTPRemoved, ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateReady)}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateUnspecified)}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", OTPState: int32(model.MFAStateUnspecified)}, State: int32(model.UserStateActive)}, }, { name: "append user mfa init skipped event", args: args{ - event: &es_models.Event{Sequence: 1, CreationDate: time.Now().UTC(), Type: es_model.MFAInitSkipped, AggregateID: "AggregateID", ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{Sequence: 1, CreationDate: time.Now().UTC(), Type: es_model.MFAInitSkipped, AggregateID: "AggregateID", ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", MFAInitSkipped: time.Now().UTC()}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", MFAInitSkipped: time.Now().UTC()}, State: int32(model.UserStateActive)}, }, { name: "append human mfa init skipped event", args: args{ - event: &es_models.Event{Sequence: 1, CreationDate: time.Now().UTC(), Type: es_model.HumanMFAInitSkipped, AggregateID: "AggregateID", ResourceOwner: "OrgID"}, - user: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, + event: &es_models.Event{Sequence: 1, CreationDate: time.Now().UTC(), Type: es_model.HumanMFAInitSkipped, AggregateID: "AggregateID", ResourceOwner: "GrantedOrgID"}, + user: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country"}, State: int32(model.UserStateActive)}, }, - result: &UserView{ID: "AggregateID", ResourceOwner: "OrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", MFAInitSkipped: time.Now().UTC()}, State: int32(model.UserStateActive)}, + result: &UserView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserName: "UserName", HumanView: &HumanView{FirstName: "FirstName", LastName: "LastName", Email: "Email", Phone: "Phone", Country: "Country", MFAInitSkipped: time.Now().UTC()}, State: int32(model.UserStateActive)}, }, } for _, tt := range tests { diff --git a/internal/usergrant/repository/view/model/user_grant_test.go b/internal/usergrant/repository/view/model/user_grant_test.go index 8cd32381e6..aab0e6e1b9 100644 --- a/internal/usergrant/repository/view/model/user_grant_test.go +++ b/internal/usergrant/repository/view/model/user_grant_test.go @@ -29,34 +29,34 @@ func TestUserAppendEvent(t *testing.T) { { name: "append added grant event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantAdded, ResourceOwner: "OrgID", Data: mockUserGrantData(&es_model.UserGrant{UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}})}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantAdded, ResourceOwner: "GrantedOrgID", Data: mockUserGrantData(&es_model.UserGrant{UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}})}, grant: &UserGrantView{}, }, - result: &UserGrantView{ID: "AggregateID", ResourceOwner: "OrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, + result: &UserGrantView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, }, { name: "append change grant profile event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantChanged, ResourceOwner: "OrgID", Data: mockUserGrantData(&es_model.UserGrant{RoleKeys: pq.StringArray{"KeysChanged"}})}, - grant: &UserGrantView{ID: "AggregateID", ResourceOwner: "OrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantChanged, ResourceOwner: "GrantedOrgID", Data: mockUserGrantData(&es_model.UserGrant{RoleKeys: pq.StringArray{"KeysChanged"}})}, + grant: &UserGrantView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, }, - result: &UserGrantView{ID: "AggregateID", ResourceOwner: "OrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"KeysChanged"}, State: int32(model.UserGrantStateActive)}, + result: &UserGrantView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"KeysChanged"}, State: int32(model.UserGrantStateActive)}, }, { name: "append grant deactivate event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantDeactivated, ResourceOwner: "OrgID"}, - grant: &UserGrantView{ID: "AggregateID", ResourceOwner: "OrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantDeactivated, ResourceOwner: "GrantedOrgID"}, + grant: &UserGrantView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, }, - result: &UserGrantView{ID: "AggregateID", ResourceOwner: "OrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateInactive)}, + result: &UserGrantView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateInactive)}, }, { name: "append grant reactivate event", args: args{ - event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantReactivated, ResourceOwner: "OrgID"}, - grant: &UserGrantView{ID: "AggregateID", ResourceOwner: "OrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateInactive)}, + event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.UserGrantReactivated, ResourceOwner: "GrantedOrgID"}, + grant: &UserGrantView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateInactive)}, }, - result: &UserGrantView{ID: "AggregateID", ResourceOwner: "OrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, + result: &UserGrantView{ID: "AggregateID", ResourceOwner: "GrantedOrgID", UserID: "UserID", ProjectID: "ProjectID", RoleKeys: pq.StringArray{"Keys"}, State: int32(model.UserGrantStateActive)}, }, } for _, tt := range tests { diff --git a/migrations/cockroach/V1.75__project_projections.sql b/migrations/cockroach/V1.75__project_projections.sql new file mode 100644 index 0000000000..d58af27269 --- /dev/null +++ b/migrations/cockroach/V1.75__project_projections.sql @@ -0,0 +1,37 @@ +ALTER TABLE zitadel.projections.projects ADD COLUMN project_role_assertion BOOLEAN; +ALTER TABLE zitadel.projections.projects ADD COLUMN project_role_check BOOLEAN; +ALTER TABLE zitadel.projections.projects ADD COLUMN has_project_check BOOLEAN; +ALTER TABLE zitadel.projections.projects ADD COLUMN private_labeling_setting SMALLINT; +ALTER TABLE zitadel.projections.projects ADD COLUMN sequence BIGINT; +ALTER TABLE zitadel.projections.projects RENAME COLUMN owner_id TO resource_owner; + +CREATE TABLE zitadel.projections.project_grants ( + project_id TEXT, + grant_id TEXT, + creation_date TIMESTAMPTZ, + change_date TIMESTAMPTZ, + resource_owner TEXT, + state INT2, + sequence BIGINT, + + granted_org_id TEXT, + granted_role_keys TEXT Array, + creator_id TEXT, + + PRIMARY KEY (grant_id) +); + +CREATE TABLE zitadel.projections.project_roles ( + project_id TEXT, + creation_date TIMESTAMPTZ, + change_date TIMESTAMPTZ, + resource_owner TEXT, + sequence BIGINT, + + role_key TEXT, + display_name TEXT, + group_name TEXT, + creator_id TEXT, + + PRIMARY KEY (project_id, role_key) +);