mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 07:37:31 +00:00
feat: block instances (#7129)
* docs: fix init description typos
* feat: block instances using limits
* translate
* unit tests
* fix translations
* redirect /ui/login
* fix http interceptor
* cleanup
* fix http interceptor
* fix: delete cookies on gateway 200
* add integration tests
* add command test
* docs
* fix integration tests
* add bulk api and integration test
* optimize bulk set limits
* unit test bulk limits
* fix broken link
* fix assets middleware
* fix broken link
* validate instance id format
* Update internal/eventstore/search_query.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* remove support for owner bulk limit commands
* project limits to instances
* migrate instances projection
* Revert "migrate instances projection"
This reverts commit 214218732a.
* join limits, remove owner
* remove todo
* use optional bool
* normally validate instance ids
* use 302
* cleanup
* cleanup
* Update internal/api/grpc/system/limits_converter.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* remove owner
* remove owner from reset
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
This commit is contained in:
Elio Bischof
@@ -2,6 +2,7 @@ package command
|
||||
|
||||
import (
|
||||
"context"
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/zitadel/zitadel/internal/api/authz"
|
||||
@@ -14,31 +15,20 @@ import (
|
||||
|
||||
type SetLimits struct {
|
||||
AuditLogRetention *time.Duration
|
||||
Block *bool
|
||||
}
|
||||
|
||||
// SetLimits creates new limits or updates existing limits.
|
||||
func (c *Commands) SetLimits(
|
||||
ctx context.Context,
|
||||
resourceOwner string,
|
||||
setLimits *SetLimits,
|
||||
) (*domain.ObjectDetails, error) {
|
||||
instanceId := authz.GetInstance(ctx).InstanceID()
|
||||
wm, err := c.getLimitsWriteModel(ctx, instanceId, resourceOwner)
|
||||
wm, err := c.getLimitsWriteModel(ctx, instanceId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
aggregateId := wm.AggregateID
|
||||
if aggregateId == "" {
|
||||
aggregateId, err = c.idGenerator.Next()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
createCmds, err := c.SetLimitsCommand(limits.NewAggregate(aggregateId, instanceId, resourceOwner), wm, setLimits)()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cmds, err := createCmds(ctx, nil)
|
||||
cmds, err := c.setLimitsCommands(ctx, wm, setLimits)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -52,19 +42,81 @@ func (c *Commands) SetLimits(
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
return writeModelToObjectDetails(&wm.WriteModel), nil
|
||||
return writeModelToObjectDetails(&wm.WriteModel), err
|
||||
}
|
||||
|
||||
func (c *Commands) ResetLimits(ctx context.Context, resourceOwner string) (*domain.ObjectDetails, error) {
|
||||
type SetInstanceLimitsBulk struct {
|
||||
InstanceID string
|
||||
SetLimits
|
||||
}
|
||||
|
||||
func (c *Commands) SetInstanceLimitsBulk(
|
||||
ctx context.Context,
|
||||
bulk []*SetInstanceLimitsBulk,
|
||||
) (bulkDetails *domain.ObjectDetails, targetsDetails []*domain.ObjectDetails, err error) {
|
||||
bulkWm, err := c.getBulkInstanceLimitsWriteModel(ctx, bulk)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
cmds := make([]eventstore.Command, 0)
|
||||
for _, t := range bulk {
|
||||
targetWM, ok := bulkWm.writeModels[t.InstanceID]
|
||||
if !ok {
|
||||
return nil, nil, zerrors.ThrowInternal(nil, "COMMAND-5HWA9", "Errors.Limits.NotFound")
|
||||
}
|
||||
targetCMDs, setErr := c.setLimitsCommands(ctx, targetWM, &t.SetLimits)
|
||||
err = errors.Join(err, setErr)
|
||||
cmds = append(cmds, targetCMDs...)
|
||||
}
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
if len(cmds) > 0 {
|
||||
events, err := c.eventstore.Push(ctx, cmds...)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
err = AppendAndReduce(bulkWm, events...)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
}
|
||||
targetDetails := make([]*domain.ObjectDetails, len(bulk))
|
||||
for i, t := range bulk {
|
||||
targetDetails[i] = writeModelToObjectDetails(&bulkWm.writeModels[t.InstanceID].WriteModel)
|
||||
}
|
||||
details := writeModelToObjectDetails(&bulkWm.WriteModel)
|
||||
details.ResourceOwner = ""
|
||||
return details, targetDetails, err
|
||||
}
|
||||
|
||||
func (c *Commands) setLimitsCommands(ctx context.Context, wm *limitsWriteModel, setLimits *SetLimits) (cmds []eventstore.Command, err error) {
|
||||
aggregateId := wm.AggregateID
|
||||
if aggregateId == "" {
|
||||
aggregateId, err = c.idGenerator.Next()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
aggregate := limits.NewAggregate(aggregateId, wm.InstanceID)
|
||||
createCmds, err := c.SetLimitsCommand(aggregate, wm, setLimits)()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
cmds, err = createCmds(ctx, nil)
|
||||
return cmds, err
|
||||
}
|
||||
|
||||
func (c *Commands) ResetLimits(ctx context.Context) (*domain.ObjectDetails, error) {
|
||||
instanceId := authz.GetInstance(ctx).InstanceID()
|
||||
wm, err := c.getLimitsWriteModel(ctx, instanceId, resourceOwner)
|
||||
wm, err := c.getLimitsWriteModel(ctx, instanceId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if wm.AggregateID == "" {
|
||||
return nil, zerrors.ThrowNotFound(nil, "COMMAND-9JToT", "Errors.Limits.NotFound")
|
||||
}
|
||||
aggregate := limits.NewAggregate(wm.AggregateID, instanceId, resourceOwner)
|
||||
aggregate := limits.NewAggregate(wm.AggregateID, instanceId)
|
||||
events := []eventstore.Command{limits.NewResetEvent(ctx, &aggregate.Aggregate)}
|
||||
pushedEvents, err := c.eventstore.Push(ctx, events...)
|
||||
if err != nil {
|
||||
@@ -77,14 +129,22 @@ func (c *Commands) ResetLimits(ctx context.Context, resourceOwner string) (*doma
|
||||
return writeModelToObjectDetails(&wm.WriteModel), nil
|
||||
}
|
||||
|
||||
func (c *Commands) getLimitsWriteModel(ctx context.Context, instanceId, resourceOwner string) (*limitsWriteModel, error) {
|
||||
wm := newLimitsWriteModel(instanceId, resourceOwner)
|
||||
func (c *Commands) getLimitsWriteModel(ctx context.Context, instanceId string) (*limitsWriteModel, error) {
|
||||
wm := newLimitsWriteModel(instanceId)
|
||||
return wm, c.eventstore.FilterToQueryReducer(ctx, wm)
|
||||
}
|
||||
|
||||
func (c *Commands) getBulkInstanceLimitsWriteModel(ctx context.Context, target []*SetInstanceLimitsBulk) (*limitsBulkWriteModel, error) {
|
||||
wm := newLimitsBulkWriteModel()
|
||||
for _, t := range target {
|
||||
wm.addWriteModel(t.InstanceID)
|
||||
}
|
||||
return wm, c.eventstore.FilterToQueryReducer(ctx, wm)
|
||||
}
|
||||
|
||||
func (c *Commands) SetLimitsCommand(a *limits.Aggregate, wm *limitsWriteModel, setLimits *SetLimits) preparation.Validation {
|
||||
return func() (preparation.CreateCommands, error) {
|
||||
if setLimits == nil || setLimits.AuditLogRetention == nil {
|
||||
if setLimits == nil || (setLimits.AuditLogRetention == nil && setLimits.Block == nil) {
|
||||
return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-4M9vs", "Errors.Limits.NoneSpecified")
|
||||
}
|
||||
return func(ctx context.Context, _ preparation.FilterToQueryReducer) ([]eventstore.Command, error) {
|
||||
|
||||
Reference in New Issue
Block a user