TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 00:27:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: move activity log to queries and remove old code (#3096)

Browse Source 
* move changes to queries and remove old code

* fix changes query

* remove unused code

* fix sorting

* fix sorting

* refactor and remove old code

* remove accidental go.mod replace

* add missing file

* remove listDetail from ChangesResponse
This commit is contained in:
Livio Amstutz
2022-01-26 10:16:33 +01:00
committed by GitHub
parent 52da2354a3
commit e99b7f4972
100 changed files with 579 additions and 3565 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
internal/api/oidc/client.go
View File

@@ -17,7 +17,6 @@ import (
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/query"
"github.com/caos/zitadel/internal/telemetry/tracing"
grant_model "github.com/caos/zitadel/internal/usergrant/model"
)
const (
@@ -108,7 +107,14 @@ func (o *OPStorage) AuthorizeClientIDSecret(ctx context.Context, id string, secr
UserID: oidcCtx,
OrgID: oidcCtx,
})
return o.repo.AuthorizeClientIDSecret(ctx, id, secret)
app, err := o.query.AppByClientID(ctx, id)
if err != nil {
return err
}
if app.OIDCConfig != nil {
return o.command.VerifyOIDCClientSecret(ctx, app.ProjectID, app.ID, secret)
}
return o.command.VerifyAPIClientSecret(ctx, app.ProjectID, app.ID, secret)
}
func (o *OPStorage) SetUserinfoFromToken(ctx context.Context, userInfo oidc.UserInfoSetter, tokenID, subject, origin string) (err error) {
@@ -293,13 +299,23 @@ func (o *OPStorage) assertRoles(ctx context.Context, userID, applicationID strin
if err != nil {
return nil, err
}
grants, err := o.repo.UserGrantsByProjectAndUserID(projectID, userID)
projectQuery, err := query.NewUserGrantProjectIDSearchQuery(projectID)
if err != nil {
return nil, err
}
userIDQuery, err := query.NewUserGrantUserIDSearchQuery(userID)
if err != nil {
return nil, err
}
grants, err := o.query.UserGrants(ctx, &query.UserGrantsQueries{
Queries: []query.SearchQuery{projectQuery, userIDQuery},
})
if err != nil {
return nil, err
}
projectRoles := make(map[string]map[string]string)
for _, requestedRole := range requestedRoles {
for _, grant := range grants {
for _, grant := range grants.UserGrants {
checkGrantedRoles(projectRoles, grant, requestedRole)
}
}
@@ -335,8 +351,8 @@ func (o *OPStorage) assertUserResourceOwner(ctx context.Context, userID string)
}, nil
}
func checkGrantedRoles(roles map[string]map[string]string, grant *grant_model.UserGrantView, requestedRole string) {
for _, grantedRole := range grant.RoleKeys {
func checkGrantedRoles(roles map[string]map[string]string, grant *query.UserGrant, requestedRole string) {
for _, grantedRole := range grant.Roles {
if requestedRole == grantedRole {
appendRole(roles, grantedRole, grant.ResourceOwner, grant.OrgPrimaryDomain)
}