feat: add auth command side (#107)

* fix: query tests

* fix: use prepare funcs

* fix: go mod

* fix: generate files

* fix(eventstore): tests

* fix(eventstore): rename modifier to editor

* fix(migrations): add cluster migration,
fix(migrations): fix typo of host in clean clsuter

* fix(eventstore): move health

* fix(eventstore): AggregateTypeFilter aggregateType as param

* code quality

* fix: go tests

* feat: add member funcs

* feat: add member model

* feat: add member events

* feat: add member repo model

* fix: better error func testing

* fix: project member funcs

* fix: add tests

* fix: add tests

* feat: implement member requests

* fix: merge master

* fix: merge master

* fix: read existing in project repo

* fix: fix tests

* feat: add internal cache

* feat: add cache mock

* fix: return values of cache mock

* feat: add project role

* fix: add cache config

* fix: add role to eventstore

* fix: use eventstore sdk

* fix: use eventstore sdk

* fix: add project role grpc requests

* fix: fix getby id

* fix: changes for mr

* fix: change value to interface

* feat: add app event creations

* fix: searchmethods

* Update internal/project/model/project_member.go

Co-Authored-By: Silvan <silvan.reusser@gmail.com>

* fix: use get project func

* fix: append events

* fix: check if value is string on equal ignore case

* fix: add changes test

* fix: add go mod

* fix: add some tests

* fix: return err not nil

* fix: return err not nil

* fix: add aggregate funcs and tests

* fix: add oidc aggregate funcs and tests

* fix: add oidc

* fix: add some tests

* fix: tests

* feat: eventstore repository

* fix: remove gorm

* version

* feat: pkg

* feat: eventstore without eventstore-lib

* rename files

* gnueg

* fix: global model

* feat: add global view functions

* feat(eventstore): sdk

* fix(eventstore): rename app to eventstore

* delete empty test

* fix(models): delete unused struct

* feat(eventstore): overwrite context data

* fix: use global sql config

* fix: oidc validation

* fix: generate client secret

* fix: generate client id

* fix: test change app

* fix: deactivate/reactivate application

* fix: change oidc config

* fix: change oidc config secret

* begin models

* begin repo

* fix: implement grpc app funcs

* fix: add application requests

* fix: converter

* fix: converter

* fix: converter and generate clientid

* fix: tests

* feat: project grant aggregate

* feat: project grant

* fix: project grant check if role existing

* fix: project grant requests

* fix: project grant fixes

* fix: project grant member model

* fix: project grant member aggregate

* fix: project grant member eventstore

* fix: project grant member requests

* feat: user model

* begin repo

* repo models and more

* feat: user command side

* lots of functions

* user command side

* profile requests

* commit before rebase on user

* save

* local config with gopass and more

* begin new auth command (user centric)

* Update internal/user/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/user_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/eventstore_mock_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* changes from mr review

* save files into basedir

* changes from mr review

* changes from mr review

* move to auth request

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* changes requested on mr

* fix generate codes

* fix return if no events

* password code

* email verification step

* more steps

* lot of mfa

* begin tests

* more next steps

* auth api

* auth api (user)

* auth api (user)

* auth api (user)

* differ requests

* merge

* tests

* fix compilation error

* mock for id generator

* Update internal/user/repository/eventsourcing/model/password.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* requests of mr

* check email

* begin separation of command and query

* otp

* change packages

* some cleanup and fixes

* tests for auth request / next steps

* add VerificationLifetimes to config and make it run

* tests

* fix code challenge validation

* cleanup

* fix merge

* begin view

* repackaging tests and configs

* fix startup config for auth

* add migration

* add PromptSelectAccount

* fix copy / paste

* remove user_agent files

* fixes

* fix sequences in user_session

* token commands

* token queries and signout

* fix

* fix set password test

* add token handler and table

* handle session init

* add session state

* add user view test cases

* change VerifyMyMfaOTP

* some fixes

* fix user repo in auth api

* cleanup

* add user session view test

* fix merge

* fixes

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* extract method usersForUserSelection

* add todo for policy check

* id on auth req

* fix enum name

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

internal/view/db_mock_test.go

@@ -1,19 +1,31 @@
 package view
 
 import (
+	"database/sql/driver"
 	"fmt"
-	"github.com/DATA-DOG/go-sqlmock"
-	"github.com/caos/zitadel/internal/model"
-	"github.com/jinzhu/gorm"
+	"strconv"
 	"testing"
+
+	"github.com/DATA-DOG/go-sqlmock"
+	"github.com/jinzhu/gorm"
+
+	"github.com/caos/zitadel/internal/model"
 )
 
 var (
-	expectedGetByID                  = `SELECT \* FROM "%s" WHERE \(%s = \$1\) LIMIT 1`
-	expectedGetByQuery               = `SELECT \* FROM "%s" WHERE \(LOWER\(%s\) %s LOWER\(\$1\)\) LIMIT 1`
-	expectedGetByQueryCaseSensitive  = `SELECT \* FROM "%s" WHERE \(%s %s \$1\) LIMIT 1`
-	expectedSave                     = `UPDATE "%s" SET "test" = \$1 WHERE "%s"."%s" = \$2`
-	expectedRemove                   = `DELETE FROM "%s" WHERE \(%s = \$1\)`
+	expectedGetByID                 = `SELECT \* FROM "%s" WHERE \(%s = \$1\) LIMIT 1`
+	expectedGetByQuery              = `SELECT \* FROM "%s" WHERE \(LOWER\(%s\) %s LOWER\(\$1\)\) LIMIT 1`
+	expectedGetByQueryCaseSensitive = `SELECT \* FROM "%s" WHERE \(%s %s \$1\) LIMIT 1`
+	expectedSave                    = `UPDATE "%s" SET "test" = \$1 WHERE "%s"."%s" = \$2`
+	expectedRemove                  = `DELETE FROM "%s" WHERE \(%s = \$1\)`
+	expectedRemoveByKeys            = func(i int, table string) string {
+		sql := fmt.Sprintf(`DELETE FROM "%s"`, table)
+		sql += ` WHERE \(%s = \$1\)`
+		for j := 1; j < i; j++ {
+			sql = sql + ` AND \(%s = \$` + strconv.Itoa(j+1) + `\)`
+		}
+		return sql
+	}
 	expectedRemoveByObject           = `DELETE FROM "%s" WHERE "%s"."%s" = \$1`
 	expectedRemoveByObjectMultiplePK = `DELETE FROM "%s" WHERE "%s"."%s" = \$1 AND "%s"."%s" = \$2`
 	expectedSearch                   = `SELECT \* FROM "%s" OFFSET 0`
@@ -235,6 +247,21 @@ func (db *dbMock) expectRemove(table, key, value string) *dbMock {
 	return db
 }
 
+func (db *dbMock) expectRemoveKeys(table string, keys ...Key) *dbMock {
+	keynames := make([]interface{}, len(keys))
+	keyvalues := make([]driver.Value, len(keys))
+	for i, key := range keys {
+		keynames[i] = key.Key.ToColumnName()
+		keyvalues[i] = key.Value
+	}
+	query := fmt.Sprintf(expectedRemoveByKeys(len(keys), table), keynames...)
+	db.mock.ExpectExec(query).
+		WithArgs(keyvalues...).
+		WillReturnResult(sqlmock.NewResult(1, 1))
+
+	return db
+}
+
 func (db *dbMock) expectRemoveByObject(table string, object Test) *dbMock {
 	query := fmt.Sprintf(expectedRemoveByObject, table, table, "primary_id")
 	db.mock.ExpectExec(query).

internal/view/requests.go

@@ -3,9 +3,11 @@ package view
 import (
 	"errors"
 	"fmt"
+
 	"github.com/caos/logging"
-	caos_errs "github.com/caos/zitadel/internal/errors"
 	"github.com/jinzhu/gorm"
+
+	caos_errs "github.com/caos/zitadel/internal/errors"
 )
 
 func PrepareGetByKey(table string, key ColumnKey, id string) func(db *gorm.DB, res interface{}) error {
@@ -71,6 +73,27 @@ func PrepareDeleteByKey(table string, key ColumnKey, id string) func(db *gorm.DB
 	}
 }
 
+type Key struct {
+	Key   ColumnKey
+	Value string
+}
+
+func PrepareDeleteByKeys(table string, keys ...Key) func(db *gorm.DB) error {
+	return func(db *gorm.DB) error {
+		for _, key := range keys {
+			db = db.Table(table).
+				Where(fmt.Sprintf("%s = ?", key.Key.ToColumnName()), key.Value)
+		}
+		err := db.
+			Delete(nil).
+			Error
+		if err != nil {
+			return caos_errs.ThrowInternal(err, "VIEW-die73", "could not delete object")
+		}
+		return nil
+	}
+}
+
 func PrepareDeleteByObject(table string, object interface{}) func(db *gorm.DB) error {
 	return func(db *gorm.DB) error {
 		err := db.Table(table).

internal/view/requests_test.go

@@ -391,6 +391,97 @@ func TestPrepareDelete(t *testing.T) {
 	}
 }
 
+func TestPrepareDeleteByKeys(t *testing.T) {
+	type args struct {
+		table string
+		keys  []Key
+	}
+	type res struct {
+		result  Test
+		wantErr bool
+		errFunc func(err error) bool
+	}
+	tests := []struct {
+		name string
+		db   *dbMock
+		args args
+		res  res
+	}{
+		{
+			"delete single key",
+			mockDB(t).
+				expectBegin(nil).
+				expectRemoveKeys("TESTTABLE", Key{Key: TestSearchKey_ID, Value: "VALUE"}).
+				expectCommit(nil),
+			args{
+				table: "TESTTABLE",
+				keys: []Key{
+					{Key: TestSearchKey_ID, Value: "VALUE"},
+				},
+			},
+			res{
+				result:  Test{ID: "VALUE"},
+				wantErr: false,
+			},
+		},
+		{
+			"delete multiple keys",
+			mockDB(t).
+				expectBegin(nil).
+				expectRemoveKeys("TESTTABLE", Key{Key: TestSearchKey_ID, Value: "VALUE"}, Key{Key: TestSearchKey_TEST, Value: "VALUE2"}).
+				expectCommit(nil),
+			args{
+				table: "TESTTABLE",
+				keys: []Key{
+					{Key: TestSearchKey_ID, Value: "VALUE"},
+					{Key: TestSearchKey_TEST, Value: "VALUE2"},
+				},
+			},
+			res{
+				result:  Test{ID: "VALUE"},
+				wantErr: false,
+			},
+		},
+		{
+			"db error",
+			mockDB(t).
+				expectBegin(nil).
+				expectRemoveErr("TESTTABLE", "id", "VALUE", gorm.ErrUnaddressable).
+				expectCommit(nil),
+			args{
+				table: "TESTTABLE",
+				keys: []Key{
+					{Key: TestSearchKey_ID, Value: "VALUE"},
+				},
+			},
+			res{
+				result:  Test{ID: "VALUE"},
+				wantErr: true,
+				errFunc: caos_errs.IsInternal,
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			getDelete := PrepareDeleteByKeys(tt.args.table, tt.args.keys...)
+			err := getDelete(tt.db.db)
+
+			if !tt.res.wantErr && err != nil {
+				t.Errorf("got wrong err should be nil: %v ", err)
+			}
+
+			if tt.res.wantErr && !tt.res.errFunc(err) {
+				t.Errorf("got wrong err: %v ", err)
+			}
+			if err := tt.db.mock.ExpectationsWereMet(); !tt.res.wantErr && err != nil {
+				t.Errorf("there were unfulfilled expectations: %s", err)
+			}
+
+			tt.db.close()
+		})
+	}
+}
+
 func TestPrepareDeleteByObject(t *testing.T) {
 	type args struct {
 		table  string