feat: actions (#2377)

* feat(actions): begin api

* feat(actions): begin api

* api and projections

* fix: handle multiple statements for a single event in projections

* export func type

* fix test

* update to new reduce interface

* flows in login

* feat: jwt idp

* feat: command side

* feat: add tests

* actions and flows

* fill idp views with jwt idps and return apis

* add jwtEndpoint to jwt idp

* begin jwt request handling

* add feature

* merge

* merge

* handle jwt idp

* cleanup

* bug fixes

* autoregister

* get token from specific header name

* fix: proto

* fixes

* i18n

* begin tests

* fix and log http proxy

* remove docker cache

* fixes

* usergrants in actions api

* tests adn cleanup

* cleanup

* fix add user grant

* set login context

* i18n

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

internal/query/projection/action.go

@@ -0,0 +1,174 @@
+package projection
+
+import (
+	"context"
+
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/domain"
+	"github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore"
+	"github.com/caos/zitadel/internal/eventstore/handler"
+	"github.com/caos/zitadel/internal/eventstore/handler/crdb"
+	"github.com/caos/zitadel/internal/repository/action"
+)
+
+type ActionProjection struct {
+	crdb.StatementHandler
+}
+
+func NewActionProjection(ctx context.Context, config crdb.StatementHandlerConfig) *ActionProjection {
+	p := &ActionProjection{}
+	config.ProjectionName = "projections.actions"
+	config.Reducers = p.reducers()
+	p.StatementHandler = crdb.NewStatementHandler(ctx, config)
+	return p
+}
+
+func (p *ActionProjection) reducers() []handler.AggregateReducer {
+	return []handler.AggregateReducer{
+		{
+			Aggregate: action.AggregateType,
+			EventRedusers: []handler.EventReducer{
+				{
+					Event:  action.AddedEventType,
+					Reduce: p.reduceActionAdded,
+				},
+				{
+					Event:  action.ChangedEventType,
+					Reduce: p.reduceActionChanged,
+				},
+				{
+					Event:  action.DeactivatedEventType,
+					Reduce: p.reduceActionDeactivated,
+				},
+				{
+					Event:  action.ReactivatedEventType,
+					Reduce: p.reduceActionReactivated,
+				},
+				{
+					Event:  action.RemovedEventType,
+					Reduce: p.reduceActionRemoved,
+				},
+			},
+		},
+	}
+}
+
+const (
+	actionIDCol            = "id"
+	actionCreationDateCol  = "creation_date"
+	actionChangeDateCol    = "change_date"
+	actionResourceOwnerCol = "resource_owner"
+	actionStateCol         = "action_state"
+	actionSequenceCol      = "sequence"
+	actionNameCol          = "name"
+	actionScriptCol        = "script"
+	actionTimeoutCol       = "timeout"
+	actionAllowedToFailCol = "allowed_to_fail"
+)
+
+func (p *ActionProjection) reduceActionAdded(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.AddedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-zWCk3", "seq", event.Sequence, "expectedType", action.AddedEventType).Error("was not an  event")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-uYq4r", "reduce.wrong.event.type")
+	}
+	return crdb.NewCreateStatement(
+		e,
+		[]handler.Column{
+			handler.NewCol(actionIDCol, e.Aggregate().ID),
+			handler.NewCol(actionCreationDateCol, e.CreationDate()),
+			handler.NewCol(actionChangeDateCol, e.CreationDate()),
+			handler.NewCol(actionResourceOwnerCol, e.Aggregate().ResourceOwner),
+			handler.NewCol(actionSequenceCol, e.Sequence()),
+			handler.NewCol(actionNameCol, e.Name),
+			handler.NewCol(actionScriptCol, e.Script),
+			handler.NewCol(actionTimeoutCol, e.Timeout),
+			handler.NewCol(actionAllowedToFailCol, e.AllowedToFail),
+			handler.NewCol(actionStateCol, domain.ActionStateActive),
+		},
+	), nil
+}
+
+func (p *ActionProjection) reduceActionChanged(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.ChangedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-q4oq8", "seq", event.Sequence, "expected", action.ChangedEventType).Error("wrong event type")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-Bg8oM", "reduce.wrong.event.type")
+	}
+	values := []handler.Column{
+		handler.NewCol(actionChangeDateCol, e.CreationDate()),
+		handler.NewCol(actionSequenceCol, e.Sequence()),
+	}
+	if e.Name != nil {
+		values = append(values, handler.NewCol(actionNameCol, *e.Name))
+	}
+	if e.Script != nil {
+		values = append(values, handler.NewCol(actionScriptCol, *e.Script))
+	}
+	if e.Timeout != nil {
+		values = append(values, handler.NewCol(actionTimeoutCol, *e.Timeout))
+	}
+	if e.AllowedToFail != nil {
+		values = append(values, handler.NewCol(actionAllowedToFailCol, *e.AllowedToFail))
+	}
+	return crdb.NewUpdateStatement(
+		e,
+		values,
+		[]handler.Condition{
+			handler.NewCond(actionIDCol, e.Aggregate().ID),
+		},
+	), nil
+}
+
+func (p *ActionProjection) reduceActionDeactivated(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.DeactivatedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-1gwdc", "seq", event.Sequence, "expectedType", action.DeactivatedEventType).Error("wrong event type")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-BApK4", "reduce.wrong.event.type")
+	}
+	return crdb.NewUpdateStatement(
+		e,
+		[]handler.Column{
+			handler.NewCol(actionChangeDateCol, e.CreationDate()),
+			handler.NewCol(actionSequenceCol, e.Sequence()),
+			handler.NewCol(actionStateCol, domain.ActionStateInactive),
+		},
+		[]handler.Condition{
+			handler.NewCond(actionIDCol, e.Aggregate().ID),
+		},
+	), nil
+}
+
+func (p *ActionProjection) reduceActionReactivated(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.ReactivatedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-Vjwiy", "seq", event.Sequence, "expectedType", action.ReactivatedEventType).Error("wrong event type")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-o37De", "reduce.wrong.event.type")
+	}
+	return crdb.NewUpdateStatement(
+		e,
+		[]handler.Column{
+			handler.NewCol(actionChangeDateCol, e.CreationDate()),
+			handler.NewCol(actionSequenceCol, e.Sequence()),
+			handler.NewCol(actionStateCol, domain.ActionStateActive),
+		},
+		[]handler.Condition{
+			handler.NewCond(actionIDCol, e.Aggregate().ID),
+		},
+	), nil
+}
+
+func (p *ActionProjection) reduceActionRemoved(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.RemovedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-79OhB", "seq", event.Sequence, "expectedType", action.RemovedEventType).Error("wrong event type")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-4TbKT", "reduce.wrong.event.type")
+	}
+	return crdb.NewDeleteStatement(
+		e,
+		[]handler.Condition{
+			handler.NewCond(actionIDCol, e.Aggregate().ID),
+		},
+	), nil
+}

internal/query/projection/flow/flow.go

@@ -0,0 +1,184 @@
+package flow
+
+import (
+	"context"
+
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore"
+	"github.com/caos/zitadel/internal/eventstore/handler"
+	"github.com/caos/zitadel/internal/eventstore/handler/crdb"
+	"github.com/caos/zitadel/internal/repository/action"
+	"github.com/caos/zitadel/internal/repository/org"
+)
+
+type FlowProjection struct {
+	crdb.StatementHandler
+}
+
+func NewFlowProjection(ctx context.Context, config crdb.StatementHandlerConfig) *FlowProjection {
+	p := &FlowProjection{}
+	config.ProjectionName = "projections.flows"
+	config.Reducers = p.reducers()
+	p.StatementHandler = crdb.NewStatementHandler(ctx, config)
+	return p
+}
+
+func (p *FlowProjection) reducers() []handler.AggregateReducer {
+	return []handler.AggregateReducer{
+		{
+			Aggregate: org.AggregateType,
+			EventRedusers: []handler.EventReducer{
+				{
+					Event:  org.TriggerActionsSetEventType,
+					Reduce: p.reduceTriggerActionsSetEventType,
+				},
+				{
+					Event:  org.FlowClearedEventType,
+					Reduce: p.reduceFlowClearedEventType,
+				},
+			},
+		},
+		{
+			Aggregate: action.AggregateType,
+			EventRedusers: []handler.EventReducer{
+				{
+					Event:  action.AddedEventType,
+					Reduce: p.reduceFlowActionAdded,
+				},
+				{
+					Event:  action.ChangedEventType,
+					Reduce: p.reduceFlowActionChanged,
+				},
+				{
+					Event:  action.RemovedEventType,
+					Reduce: p.reduceFlowActionRemoved,
+				},
+			},
+		},
+	}
+}
+
+const (
+	triggerTableSuffix           = "triggers"
+	flowTypeCol                  = "flow_type"
+	flowTriggerTypeCol           = "trigger_type"
+	flowResourceOwnerCol         = "resource_owner"
+	flowActionTriggerSequenceCol = "trigger_sequence"
+	flowActionIDCol              = "action_id"
+
+	actionTableSuffix      = "actions"
+	actionIDCol            = "id"
+	actionCreationDateCol  = "creation_date"
+	actionChangeDateCol    = "change_date"
+	actionResourceOwnerCol = "resource_owner"
+	actionSequenceCol      = "sequence"
+	actionNameCol          = "name"
+	actionScriptCol        = "script"
+)
+
+func (p *FlowProjection) reduceTriggerActionsSetEventType(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*org.TriggerActionsSetEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-zWCk3", "seq", event.Sequence, "expectedType", action.AddedEventType).Error("was not an trigger actions set event")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-uYq4r", "reduce.wrong.event.type")
+	}
+	stmts := make([]func(reader eventstore.EventReader) crdb.Exec, len(e.ActionIDs)+1)
+	stmts[0] = crdb.AddDeleteStatement(
+		[]handler.Condition{
+			handler.NewCond(flowTypeCol, e.FlowType),
+			handler.NewCond(flowTriggerTypeCol, e.TriggerType),
+		},
+		crdb.WithTableSuffix(triggerTableSuffix),
+	)
+	for i, id := range e.ActionIDs {
+		stmts[i+1] = crdb.AddCreateStatement(
+			[]handler.Column{
+				handler.NewCol(flowResourceOwnerCol, e.Aggregate().ResourceOwner),
+				handler.NewCol(flowTypeCol, e.FlowType),
+				handler.NewCol(flowTriggerTypeCol, e.TriggerType),
+				handler.NewCol(flowActionIDCol, id),
+				handler.NewCol(flowActionTriggerSequenceCol, i),
+			},
+			crdb.WithTableSuffix(triggerTableSuffix),
+		)
+	}
+	return crdb.NewMultiStatement(e, stmts...), nil
+}
+
+func (p *FlowProjection) reduceFlowClearedEventType(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*org.FlowClearedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-zWCk3", "seq", event.Sequence, "expectedType", action.AddedEventType).Error("was not an trigger actions set event")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-uYq4r", "reduce.wrong.event.type")
+	}
+	return crdb.NewDeleteStatement(
+		e,
+		[]handler.Condition{
+			handler.NewCond(flowTypeCol, e.FlowType),
+		},
+		crdb.WithTableSuffix(triggerTableSuffix),
+	), nil
+}
+
+func (p *FlowProjection) reduceFlowActionAdded(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.AddedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-zWCk3", "seq", event.Sequence, "expectedType", action.AddedEventType).Error("was not an flow action added event")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-uYq4r", "reduce.wrong.event.type")
+	}
+	return crdb.NewCreateStatement(
+		e,
+		[]handler.Column{
+			handler.NewCol(actionIDCol, e.Aggregate().ID),
+			handler.NewCol(actionCreationDateCol, e.CreationDate()),
+			handler.NewCol(actionChangeDateCol, e.CreationDate()),
+			handler.NewCol(actionResourceOwnerCol, e.Aggregate().ResourceOwner),
+			handler.NewCol(actionSequenceCol, e.Sequence()),
+			handler.NewCol(actionNameCol, e.Name),
+			handler.NewCol(actionScriptCol, e.Script),
+		},
+		crdb.WithTableSuffix(actionTableSuffix),
+	), nil
+}
+
+func (p *FlowProjection) reduceFlowActionChanged(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.ChangedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-q4oq8", "seq", event.Sequence, "expected", action.ChangedEventType).Error("wrong event type")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-Bg8oM", "reduce.wrong.event.type")
+	}
+	values := []handler.Column{
+		handler.NewCol(actionChangeDateCol, e.CreationDate()),
+		handler.NewCol(actionSequenceCol, e.Sequence()),
+	}
+	if e.Name != nil {
+		values = append(values, handler.NewCol(actionNameCol, *e.Name))
+	}
+	if e.Script != nil {
+		values = append(values, handler.NewCol(actionScriptCol, *e.Script))
+	}
+	return crdb.NewUpdateStatement(
+		e,
+		values,
+		[]handler.Condition{
+			handler.NewCond(actionIDCol, e.Aggregate().ID),
+		},
+		crdb.WithTableSuffix(actionTableSuffix),
+	), nil
+}
+
+func (p *FlowProjection) reduceFlowActionRemoved(event eventstore.EventReader) (*handler.Statement, error) {
+	e, ok := event.(*action.RemovedEvent)
+	if !ok {
+		logging.LogWithFields("HANDL-79OhB", "seq", event.Sequence, "expectedType", action.RemovedEventType).Error("wrong event type")
+		return nil, errors.ThrowInvalidArgument(nil, "HANDL-4TbKT", "reduce.wrong.event.type")
+	}
+	return crdb.NewDeleteStatement(
+		e,
+		[]handler.Condition{
+			handler.NewCond(actionIDCol, e.Aggregate().ID),
+		},
+		crdb.WithTableSuffix(actionTableSuffix),
+	), nil
+}

internal/query/projection/projection.go

@@ -6,7 +6,7 @@ import (
 	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/eventstore/handler"
 	"github.com/caos/zitadel/internal/eventstore/handler/crdb"
-	"github.com/caos/zitadel/internal/query/projection/org/owner"
+	"github.com/caos/zitadel/internal/query/projection/flow"
 )
 
 const (
@@ -37,9 +37,12 @@ func Start(ctx context.Context, es *eventstore.Eventstore, config Config) error
 		BulkLimit:         config.BulkLimit,
 	}
 
-	NewOrgProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["orgs"]))
-	NewProjectProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["projects"]))
-	owner.NewOrgOwnerProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["org_owners"]))
+	// turned off for this release
+	//NewOrgProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["orgs"]))
+	//NewProjectProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["projects"]))
+	//owner.NewOrgOwnerProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["org_owners"]))
+	NewActionProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["actions"]))
+	flow.NewFlowProjection(ctx, applyCustomConfig(projectionConfig, config.Customizations["flows"]))
 	return nil
 }