From f9742a58f49f7d19d1a088c338b3d3262b61552c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20M=C3=B6hlmann?= Date: Wed, 19 Jun 2024 13:56:33 +0300 Subject: [PATCH] fix(import): add tracing spans to all import related functions (#8160) # Which Problems Are Solved This fix adds tracing spans to all V1 API import related functions. This is to troubleshoot import related performance issues reported to us. # How the Problems Are Solved Add a tracing span to `api/grpc/admin/import.go` and all related functions that are called in the `command` package. # Additional Changes - none # Additional Context - Reported by internal communication --- internal/api/grpc/admin/import.go | 165 +++++++++++++++--- internal/command/idp.go | 4 + internal/command/org.go | 18 +- internal/command/org_action.go | 11 +- internal/command/org_custom_login_text.go | 6 +- internal/command/org_custom_message_text.go | 6 +- internal/command/org_domain.go | 28 ++- internal/command/org_flow.go | 13 +- internal/command/org_idp_config.go | 5 +- internal/command/org_member.go | 10 +- internal/command/org_policy_domain.go | 15 +- internal/command/org_policy_label.go | 20 ++- internal/command/org_policy_lockout.go | 13 +- internal/command/org_policy_login.go | 10 +- .../command/org_policy_password_complexity.go | 13 +- internal/command/org_policy_privacy.go | 7 +- internal/command/project.go | 21 ++- internal/command/project_application.go | 8 +- internal/command/project_application_api.go | 13 +- internal/command/project_application_key.go | 5 + internal/command/project_application_oidc.go | 13 +- internal/command/project_grant.go | 3 + internal/command/project_grant_member.go | 7 +- internal/command/project_member.go | 12 +- internal/command/project_role.go | 4 + internal/command/user.go | 5 +- internal/command/user_domain_policy.go | 11 +- internal/command/user_grant.go | 10 +- internal/command/user_human.go | 13 +- internal/command/user_human_otp.go | 5 +- internal/command/user_idp_link.go | 3 + internal/command/user_machine.go | 14 +- internal/command/user_machine_key.go | 9 +- internal/command/user_metadata.go | 4 + internal/domain/human.go | 6 +- internal/eventstore/repository/sql/crdb.go | 8 +- internal/query/secret_generators.go | 5 +- 37 files changed, 428 insertions(+), 95 deletions(-) diff --git a/internal/api/grpc/admin/import.go b/internal/api/grpc/admin/import.go index 5eab0fb8d7..7c20e7617e 100644 --- a/internal/api/grpc/admin/import.go +++ b/internal/api/grpc/admin/import.go @@ -246,7 +246,10 @@ func (s *Server) transportDataFromFile(ctx context.Context, v1Transformation boo return dataOrgs, nil } -func getFileFromS3(ctx context.Context, input *admin_pb.ImportDataRequest_S3Input) ([]byte, error) { +func getFileFromS3(ctx context.Context, input *admin_pb.ImportDataRequest_S3Input) (_ []byte, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + minioClient, err := minio.New(input.Endpoint, &minio.Options{ Creds: credentials.NewStaticV4(input.AccessKeyId, input.SecretAccessKey, ""), Secure: input.Ssl, @@ -272,7 +275,10 @@ func getFileFromS3(ctx context.Context, input *admin_pb.ImportDataRequest_S3Inpu return ioutil.ReadAll(object) } -func getFileFromGCS(ctx context.Context, input *admin_pb.ImportDataRequest_GCSInput) ([]byte, error) { +func getFileFromGCS(ctx context.Context, input *admin_pb.ImportDataRequest_GCSInput) (_ []byte, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + saJson, err := base64.StdEncoding.DecodeString(input.ServiceaccountJson) if err != nil { return nil, err @@ -292,8 +298,11 @@ func getFileFromGCS(ctx context.Context, input *admin_pb.ImportDataRequest_GCSIn return ioutil.ReadAll(reader) } -func importOrg1(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, ctxData authz.CtxData, org *admin_pb.DataOrg, success *admin_pb.ImportDataSuccess, count *counts, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode crypto.Generator) error { - _, err := s.command.AddOrgWithID(ctx, org.GetOrg().GetName(), ctxData.UserID, ctxData.ResourceOwner, org.GetOrgId(), []string{}) +func importOrg1(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, ctxData authz.CtxData, org *admin_pb.DataOrg, success *admin_pb.ImportDataSuccess, count *counts, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode crypto.Generator) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + + _, err = s.command.AddOrgWithID(ctx, org.GetOrg().GetName(), ctxData.UserID, ctxData.ResourceOwner, org.GetOrgId(), []string{}) if err != nil { *errors = append(*errors, &admin_pb.ImportDataError{Type: "org", Id: org.GetOrgId(), Message: err.Error()}) if _, err := s.query.OrgByID(ctx, true, org.OrgId); err != nil { @@ -328,11 +337,14 @@ func importOrg1(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataEr return importResources(ctx, s, errors, successOrg, org, count, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode) } -func importLabelPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) error { +func importLabelPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.LabelPolicy == nil { return nil } - _, err := s.command.AddLabelPolicy(ctx, org.GetOrgId(), management.AddLabelPolicyToDomain(org.GetLabelPolicy())) + _, err = s.command.AddLabelPolicy(ctx, org.GetOrgId(), management.AddLabelPolicyToDomain(org.GetLabelPolicy())) if err != nil { *errors = append(*errors, &admin_pb.ImportDataError{Type: "label_policy", Id: org.GetOrgId(), Message: err.Error()}) if isCtxTimeout(ctx) { @@ -351,6 +363,9 @@ func importLabelPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.Impor } func importLockoutPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.LockoutPolicy == nil { return } @@ -360,7 +375,10 @@ func importLockoutPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.Imp } } -func importOidcIdps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg) error { +func importOidcIdps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.OidcIdps == nil { return nil } @@ -380,7 +398,10 @@ func importOidcIdps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDa return nil } -func importJwtIdps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg) error { +func importJwtIdps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.JwtIdps == nil { return nil } @@ -401,6 +422,9 @@ func importJwtIdps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDat } func importLoginPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.LoginPolicy == nil { return } @@ -411,6 +435,9 @@ func importLoginPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.Impor } func importPwComlexityPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.PasswordComplexityPolicy == nil { return } @@ -421,6 +448,9 @@ func importPwComlexityPolicy(ctx context.Context, s *Server, errors *[]*admin_pb } func importPrivacyPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.PrivacyPolicy == nil { return } @@ -430,7 +460,10 @@ func importPrivacyPolicy(ctx context.Context, s *Server, errors *[]*admin_pb.Imp } } -func importHumanUsers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode crypto.Generator) error { +func importHumanUsers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode crypto.Generator) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.HumanUsers == nil { return nil } @@ -465,7 +498,10 @@ func importHumanUsers(ctx context.Context, s *Server, errors *[]*admin_pb.Import return nil } -func importMachineUsers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importMachineUsers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.MachineUsers == nil { return nil } @@ -486,7 +522,10 @@ func importMachineUsers(ctx context.Context, s *Server, errors *[]*admin_pb.Impo return nil } -func importUserMetadata(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importUserMetadata(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.UserMetadata == nil { return nil } @@ -507,7 +546,10 @@ func importUserMetadata(ctx context.Context, s *Server, errors *[]*admin_pb.Impo return nil } -func importMachineKeys(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importMachineKeys(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.MachineKeys == nil { return nil } @@ -537,7 +579,10 @@ func importMachineKeys(ctx context.Context, s *Server, errors *[]*admin_pb.Impor return nil } -func importUserLinks(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importUserLinks(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.UserLinks == nil { return nil } @@ -548,6 +593,7 @@ func importUserLinks(ctx context.Context, s *Server, errors *[]*admin_pb.ImportD IDPExternalID: userLinks.ProvidedUserId, DisplayName: userLinks.ProvidedUserName, } + // TBD: why not command.BulkAddedUserIDPLinks? if _, err := s.command.AddUserIDPLink(ctx, userLinks.UserId, org.GetOrgId(), externalIDP); err != nil { *errors = append(*errors, &admin_pb.ImportDataError{Type: "user_link", Id: userLinks.UserId + "_" + userLinks.IdpId, Message: err.Error()}) if isCtxTimeout(ctx) { @@ -563,7 +609,10 @@ func importUserLinks(ctx context.Context, s *Server, errors *[]*admin_pb.ImportD } -func importProjects(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importProjects(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.Projects == nil { return nil } @@ -584,7 +633,10 @@ func importProjects(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDa return nil } -func importOIDCApps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importOIDCApps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.OidcApps == nil { return nil } @@ -605,7 +657,10 @@ func importOIDCApps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDa return nil } -func importAPIApps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importAPIApps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.ApiApps == nil { return nil } @@ -626,7 +681,10 @@ func importAPIApps(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDat return nil } -func importAppKeys(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importAppKeys(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.AppKeys == nil { return nil } @@ -658,7 +716,10 @@ func importAppKeys(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDat return nil } -func importActions(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importActions(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.Actions == nil { return nil } @@ -678,12 +739,17 @@ func importActions(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDat } return nil } -func importProjectRoles(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) error { +func importProjectRoles(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.ProjectRoles == nil { return nil } for _, role := range org.GetProjectRoles() { logging.Debugf("import projectroles: %s", role.ProjectId+"_"+role.RoleKey) + + // TBD: why not command.BulkAddProjectRole? _, err := s.command.AddProjectRole(ctx, management.AddProjectRoleRequestToDomain(role), org.GetOrgId()) if err != nil { *errors = append(*errors, &admin_pb.ImportDataError{Type: "project_role", Id: role.ProjectId + "_" + role.RoleKey, Message: err.Error()}) @@ -700,7 +766,10 @@ func importProjectRoles(ctx context.Context, s *Server, errors *[]*admin_pb.Impo return nil } -func importResources(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode crypto.Generator) error { +func importResources(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg, count *counts, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessInitCode crypto.Generator) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if err := importOrgDomains(ctx, s, errors, successOrg, org); err != nil { return err } @@ -760,7 +829,10 @@ func importResources(ctx context.Context, s *Server, errors *[]*admin_pb.ImportD return nil } -func importOrgDomains(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg) error { +func importOrgDomains(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.Domains == nil { return nil } @@ -799,6 +871,9 @@ func importOrgDomains(ctx context.Context, s *Server, errors *[]*admin_pb.Import } func importLoginTexts(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.LoginTexts == nil { return } @@ -811,6 +886,9 @@ func importLoginTexts(ctx context.Context, s *Server, errors *[]*admin_pb.Import } func importInitMessageTexts(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.InitMessages == nil { return } @@ -823,6 +901,9 @@ func importInitMessageTexts(ctx context.Context, s *Server, errors *[]*admin_pb. } func importPWResetMessageTexts(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.PasswordResetMessages == nil { return } @@ -835,6 +916,9 @@ func importPWResetMessageTexts(ctx context.Context, s *Server, errors *[]*admin_ } func importVerifyEmailMessageTexts(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.VerifyEmailMessages == nil { return } @@ -847,6 +931,9 @@ func importVerifyEmailMessageTexts(ctx context.Context, s *Server, errors *[]*ad } func importVerifyPhoneMessageTexts(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.VerifyPhoneMessages != nil { return } @@ -859,6 +946,9 @@ func importVerifyPhoneMessageTexts(ctx context.Context, s *Server, errors *[]*ad } func importDomainClaimedMessageTexts(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.DomainClaimedMessages == nil { return } @@ -871,6 +961,9 @@ func importDomainClaimedMessageTexts(ctx context.Context, s *Server, errors *[]* } func importPasswordlessRegistrationMessageTexts(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, org *admin_pb.DataOrg) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.End() }() + if org.PasswordlessRegistrationMessages == nil { return } @@ -882,7 +975,10 @@ func importPasswordlessRegistrationMessageTexts(ctx context.Context, s *Server, } } -func importOrg2(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, success *admin_pb.ImportDataSuccess, count *counts, org *admin_pb.DataOrg) error { +func importOrg2(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, success *admin_pb.ImportDataSuccess, count *counts, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + successOrg := findOldOrg(success, org.OrgId) if successOrg == nil { return nil @@ -932,7 +1028,10 @@ func importOrg2(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataEr return nil } -func importOrg3(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, success *admin_pb.ImportDataSuccess, count *counts, org *admin_pb.DataOrg) error { +func importOrg3(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, success *admin_pb.ImportDataSuccess, count *counts, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + successOrg := findOldOrg(success, org.OrgId) if successOrg == nil { return nil @@ -946,7 +1045,10 @@ func importOrg3(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataEr return importProjectMembers(ctx, s, errors, successOrg, count, org) } -func importOrgMembers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, count *counts, org *admin_pb.DataOrg) error { +func importOrgMembers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, count *counts, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.OrgMembers == nil { return nil } @@ -967,7 +1069,10 @@ func importOrgMembers(ctx context.Context, s *Server, errors *[]*admin_pb.Import return nil } -func importProjectGrantMembers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, count *counts, org *admin_pb.DataOrg) error { +func importProjectGrantMembers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, count *counts, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.ProjectGrantMembers == nil { return nil } @@ -988,7 +1093,10 @@ func importProjectGrantMembers(ctx context.Context, s *Server, errors *[]*admin_ return nil } -func importProjectMembers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, count *counts, org *admin_pb.DataOrg) error { +func importProjectMembers(ctx context.Context, s *Server, errors *[]*admin_pb.ImportDataError, successOrg *admin_pb.ImportDataSuccessOrg, count *counts, org *admin_pb.DataOrg) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if org.ProjectMembers == nil { return nil } @@ -1018,7 +1126,10 @@ func findOldOrg(success *admin_pb.ImportDataSuccess, orgId string) *admin_pb.Imp return nil } -func (s *Server) importData(ctx context.Context, orgs []*admin_pb.DataOrg) (*admin_pb.ImportDataResponse, *counts, error) { +func (s *Server) importData(ctx context.Context, orgs []*admin_pb.DataOrg) (_ *admin_pb.ImportDataResponse, _ *counts, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + errors := make([]*admin_pb.ImportDataError, 0) success := &admin_pb.ImportDataSuccess{} count := &counts{} diff --git a/internal/command/idp.go b/internal/command/idp.go index 229d19b6e1..84e6a7ddc2 100644 --- a/internal/command/idp.go +++ b/internal/command/idp.go @@ -7,6 +7,7 @@ import ( "github.com/zitadel/zitadel/internal/command/preparation" "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/repository/idp" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -133,6 +134,9 @@ type AppleProvider struct { // ExistsIDPOnOrgOrInstance query first org level IDPs and then instance level IDPs, no check if the IDP is active func ExistsIDPOnOrgOrInstance(ctx context.Context, filter preparation.FilterToQueryReducer, instanceID, orgID, id string) (exists bool, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + writeModel := NewOrgIDPRemoveWriteModel(orgID, id) events, err := filter(ctx, writeModel.Query()) if err != nil { diff --git a/internal/command/org.go b/internal/command/org.go index db963762b1..570455794a 100644 --- a/internal/command/org.go +++ b/internal/command/org.go @@ -11,6 +11,7 @@ import ( "github.com/zitadel/zitadel/internal/repository/org" "github.com/zitadel/zitadel/internal/repository/project" "github.com/zitadel/zitadel/internal/repository/user" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -275,7 +276,10 @@ func (c *Commands) checkOrgExists(ctx context.Context, orgID string) error { return nil } -func (c *Commands) AddOrgWithID(ctx context.Context, name, userID, resourceOwner, orgID string, claimedUserIDs []string) (*domain.Org, error) { +func (c *Commands) AddOrgWithID(ctx context.Context, name, userID, resourceOwner, orgID string, claimedUserIDs []string) (_ *domain.Org, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingOrg, err := c.getOrgWriteModelByID(ctx, orgID) if err != nil { return nil, err @@ -300,7 +304,10 @@ func (c *Commands) AddOrg(ctx context.Context, name, userID, resourceOwner strin return c.addOrgWithIDAndMember(ctx, name, userID, resourceOwner, orgID, claimedUserIDs) } -func (c *Commands) addOrgWithIDAndMember(ctx context.Context, name, userID, resourceOwner, orgID string, claimedUserIDs []string) (*domain.Org, error) { +func (c *Commands) addOrgWithIDAndMember(ctx context.Context, name, userID, resourceOwner, orgID string, claimedUserIDs []string) (_ *domain.Org, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + orgAgg, addedOrg, events, err := c.addOrgWithID(ctx, &domain.Org{Name: name}, orgID, claimedUserIDs) if err != nil { return nil, err @@ -717,9 +724,12 @@ func (c *Commands) addOrgWithID(ctx context.Context, organisation *domain.Org, o return orgAgg, addedOrg, events, nil } -func (c *Commands) getOrgWriteModelByID(ctx context.Context, orgID string) (*OrgWriteModel, error) { +func (c *Commands) getOrgWriteModelByID(ctx context.Context, orgID string) (_ *OrgWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + orgWriteModel := NewOrgWriteModel(orgID) - err := c.eventstore.FilterToQueryReducer(ctx, orgWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, orgWriteModel) if err != nil { return nil, err } diff --git a/internal/command/org_action.go b/internal/command/org_action.go index 945fd929de..f8776dcba0 100644 --- a/internal/command/org_action.go +++ b/internal/command/org_action.go @@ -8,10 +8,14 @@ import ( "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/action" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) func (c *Commands) AddActionWithID(ctx context.Context, addAction *domain.Action, resourceOwner, actionID string) (_ string, _ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingAction, err := c.getActionWriteModelByID(ctx, actionID, resourceOwner) if err != nil { return "", nil, err @@ -227,9 +231,12 @@ func (c *Commands) deactivateNotAllowedActionsFromOrg(ctx context.Context, resou return events, nil } -func (c *Commands) getActionWriteModelByID(ctx context.Context, actionID string, resourceOwner string) (*ActionWriteModel, error) { +func (c *Commands) getActionWriteModelByID(ctx context.Context, actionID string, resourceOwner string) (_ *ActionWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + actionWriteModel := NewActionWriteModel(actionID, resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, actionWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, actionWriteModel) if err != nil { return nil, err } diff --git a/internal/command/org_custom_login_text.go b/internal/command/org_custom_login_text.go index 1f906972bf..f5d19716b8 100644 --- a/internal/command/org_custom_login_text.go +++ b/internal/command/org_custom_login_text.go @@ -9,12 +9,16 @@ import ( "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/i18n" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) // SetOrgLoginText only validates if the language is supported, not if it is allowed. // This enables setting texts before allowing a language -func (c *Commands) SetOrgLoginText(ctx context.Context, resourceOwner string, loginText *domain.CustomLoginText) (*domain.ObjectDetails, error) { +func (c *Commands) SetOrgLoginText(ctx context.Context, resourceOwner string, loginText *domain.CustomLoginText) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if resourceOwner == "" { return nil, zerrors.ThrowInvalidArgument(nil, "ORG-m29rF", "Errors.ResourceOwnerMissing") } diff --git a/internal/command/org_custom_message_text.go b/internal/command/org_custom_message_text.go index 266b502090..a1cf009335 100644 --- a/internal/command/org_custom_message_text.go +++ b/internal/command/org_custom_message_text.go @@ -9,12 +9,16 @@ import ( "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/i18n" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) // SetOrgMessageText only validates if the language is supported, not if it is allowed. // This enables setting texts before allowing a language -func (c *Commands) SetOrgMessageText(ctx context.Context, resourceOwner string, messageText *domain.CustomMessageText) (*domain.ObjectDetails, error) { +func (c *Commands) SetOrgMessageText(ctx context.Context, resourceOwner string, messageText *domain.CustomMessageText) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if resourceOwner == "" { return nil, zerrors.ThrowInvalidArgument(nil, "ORG-2biiR", "Errors.ResourceOwnerMissing") } diff --git a/internal/command/org_domain.go b/internal/command/org_domain.go index 98519bfc5d..2837c7c31c 100644 --- a/internal/command/org_domain.go +++ b/internal/command/org_domain.go @@ -14,6 +14,7 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -22,7 +23,10 @@ func (c *Commands) prepareAddOrgDomain(a *org.Aggregate, addDomain string, userI if addDomain = strings.TrimSpace(addDomain); addDomain == "" { return nil, zerrors.ThrowInvalidArgument(nil, "ORG-r3h4J", "Errors.Invalid.Argument") } - return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) { + return func(ctx context.Context, filter preparation.FilterToQueryReducer) (_ []eventstore.Command, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existing, err := orgDomain(ctx, filter, a.ID, addDomain) if err != nil && !errors.Is(err, zerrors.ThrowNotFound(nil, "", "")) { return nil, err @@ -101,7 +105,10 @@ func orgDomain(ctx context.Context, filter preparation.FilterToQueryReducer, org return wm, nil } -func (c *Commands) VerifyOrgDomain(ctx context.Context, orgID, domain string) (*domain.ObjectDetails, error) { +func (c *Commands) VerifyOrgDomain(ctx context.Context, orgID, domain string) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + orgAgg := org.NewAggregate(orgID) cmds, err := preparation.PrepareCommands(ctx, c.eventstore.Filter, verifyOrgDomain(orgAgg, domain)) if err != nil { @@ -114,7 +121,10 @@ func (c *Commands) VerifyOrgDomain(ctx context.Context, orgID, domain string) (* return pushedEventsToObjectDetails(pushedEvents), nil } -func (c *Commands) AddOrgDomain(ctx context.Context, orgID, domain string, claimedUserIDs []string) (*domain.ObjectDetails, error) { +func (c *Commands) AddOrgDomain(ctx context.Context, orgID, domain string, claimedUserIDs []string) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + orgAgg := org.NewAggregate(orgID) cmds, err := preparation.PrepareCommands(ctx, c.eventstore.Filter, c.prepareAddOrgDomain(orgAgg, domain, claimedUserIDs)) if err != nil { @@ -220,7 +230,10 @@ func (c *Commands) ValidateOrgDomain(ctx context.Context, orgDomain *domain.OrgD return nil, err } -func (c *Commands) SetPrimaryOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) (*domain.ObjectDetails, error) { +func (c *Commands) SetPrimaryOrgDomain(ctx context.Context, orgDomain *domain.OrgDomain) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if orgDomain == nil || !orgDomain.IsValid() || orgDomain.AggregateID == "" { return nil, zerrors.ThrowInvalidArgument(nil, "ORG-SsDG2", "Errors.Org.InvalidDomain") } @@ -366,9 +379,12 @@ func (c *Commands) removeCustomDomains(ctx context.Context, orgID string) ([]eve return events, nil } -func (c *Commands) getOrgDomainWriteModel(ctx context.Context, orgID, domain string) (*OrgDomainWriteModel, error) { +func (c *Commands) getOrgDomainWriteModel(ctx context.Context, orgID, domain string) (_ *OrgDomainWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + domainWriteModel := NewOrgDomainWriteModel(orgID, domain) - err := c.eventstore.FilterToQueryReducer(ctx, domainWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, domainWriteModel) if err != nil { return nil, err } diff --git a/internal/command/org_flow.go b/internal/command/org_flow.go index 9a9d47c966..eff7a90286 100644 --- a/internal/command/org_flow.go +++ b/internal/command/org_flow.go @@ -6,6 +6,7 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -32,7 +33,10 @@ func (c *Commands) ClearFlow(ctx context.Context, flowType domain.FlowType, reso return writeModelToObjectDetails(&existingFlow.WriteModel), nil } -func (c *Commands) SetTriggerActions(ctx context.Context, flowType domain.FlowType, triggerType domain.TriggerType, actionIDs []string, resourceOwner string) (*domain.ObjectDetails, error) { +func (c *Commands) SetTriggerActions(ctx context.Context, flowType domain.FlowType, triggerType domain.TriggerType, actionIDs []string, resourceOwner string) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if !flowType.Valid() || !triggerType.Valid() || resourceOwner == "" { return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-Dfhj5", "Errors.Flow.FlowTypeMissing") } @@ -67,9 +71,12 @@ func (c *Commands) SetTriggerActions(ctx context.Context, flowType domain.FlowTy return writeModelToObjectDetails(&existingFlow.WriteModel), nil } -func (c *Commands) getOrgFlowWriteModelByType(ctx context.Context, flowType domain.FlowType, resourceOwner string) (*OrgFlowWriteModel, error) { +func (c *Commands) getOrgFlowWriteModelByType(ctx context.Context, flowType domain.FlowType, resourceOwner string) (_ *OrgFlowWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + flowWriteModel := NewOrgFlowWriteModel(flowType, resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, flowWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, flowWriteModel) if err != nil { return nil, err } diff --git a/internal/command/org_idp_config.go b/internal/command/org_idp_config.go index 8b4954c015..b9921cd209 100644 --- a/internal/command/org_idp_config.go +++ b/internal/command/org_idp_config.go @@ -11,7 +11,10 @@ import ( "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) ImportIDPConfig(ctx context.Context, config *domain.IDPConfig, idpConfigID, resourceOwner string) (*domain.IDPConfig, error) { +func (c *Commands) ImportIDPConfig(ctx context.Context, config *domain.IDPConfig, idpConfigID, resourceOwner string) (_ *domain.IDPConfig, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingIDP, err := c.orgIDPConfigWriteModelByID(ctx, idpConfigID, resourceOwner) if err != nil { return nil, err diff --git a/internal/command/org_member.go b/internal/command/org_member.go index 9ba7ecbfff..ae9bef2151 100644 --- a/internal/command/org_member.go +++ b/internal/command/org_member.go @@ -24,7 +24,10 @@ func (c *Commands) AddOrgMemberCommand(a *org.Aggregate, userID string, roles .. if len(domain.CheckForInvalidRoles(roles, domain.OrgRolePrefix, c.zitadelRoles)) > 0 && len(domain.CheckForInvalidRoles(roles, domain.RoleSelfManagementGlobal, c.zitadelRoles)) > 0 { return nil, zerrors.ThrowInvalidArgument(nil, "Org-4N8es", "Errors.Org.MemberInvalid") } - return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) { + return func(ctx context.Context, filter preparation.FilterToQueryReducer) (_ []eventstore.Command, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if exists, err := ExistsUser(ctx, filter, userID, ""); err != nil || !exists { return nil, zerrors.ThrowPreconditionFailed(err, "ORG-GoXOn", "Errors.User.NotFound") } @@ -73,7 +76,10 @@ func IsOrgMember(ctx context.Context, filter preparation.FilterToQueryReducer, o return isMember, nil } -func (c *Commands) AddOrgMember(ctx context.Context, orgID, userID string, roles ...string) (*domain.Member, error) { +func (c *Commands) AddOrgMember(ctx context.Context, orgID, userID string, roles ...string) (_ *domain.Member, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + orgAgg := org.NewAggregate(orgID) cmds, err := preparation.PrepareCommands(ctx, c.eventstore.Filter, c.AddOrgMemberCommand(orgAgg, userID, roles...)) if err != nil { diff --git a/internal/command/org_policy_domain.go b/internal/command/org_policy_domain.go index f4e4b59a93..c9a4fd547c 100644 --- a/internal/command/org_policy_domain.go +++ b/internal/command/org_policy_domain.go @@ -11,7 +11,10 @@ import ( "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) AddOrgDomainPolicy(ctx context.Context, resourceOwner string, userLoginMustBeDomain, validateOrgDomains, smtpSenderAddressMatchesInstanceDomain bool) (*domain.ObjectDetails, error) { +func (c *Commands) AddOrgDomainPolicy(ctx context.Context, resourceOwner string, userLoginMustBeDomain, validateOrgDomains, smtpSenderAddressMatchesInstanceDomain bool) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if resourceOwner == "" { return nil, zerrors.ThrowInvalidArgument(nil, "Org-4Jfsf", "Errors.ResourceOwnerMissing") } @@ -60,7 +63,10 @@ func (c *Commands) RemoveOrgDomainPolicy(ctx context.Context, orgID string) (*do } // Deprecated: Use commands.domainPolicyWriteModel directly, to remove the domain.DomainPolicy struct -func (c *Commands) getOrgDomainPolicy(ctx context.Context, orgID string) (*domain.DomainPolicy, error) { +func (c *Commands) getOrgDomainPolicy(ctx context.Context, orgID string) (_ *domain.DomainPolicy, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + policy, err := c.orgDomainPolicyWriteModel(ctx, orgID) if err != nil { return nil, err @@ -90,7 +96,10 @@ func prepareAddOrgDomainPolicy( smtpSenderAddressMatchesInstanceDomain bool, ) preparation.Validation { return func() (preparation.CreateCommands, error) { - return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) { + return func(ctx context.Context, filter preparation.FilterToQueryReducer) (_ []eventstore.Command, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + writeModel, err := orgDomainPolicy(ctx, filter, a.ID) if err != nil { return nil, err diff --git a/internal/command/org_policy_label.go b/internal/command/org_policy_label.go index 4a1fff05d4..1b815585e7 100644 --- a/internal/command/org_policy_label.go +++ b/internal/command/org_policy_label.go @@ -6,10 +6,14 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/repository/org" "github.com/zitadel/zitadel/internal/static" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) AddLabelPolicy(ctx context.Context, resourceOwner string, policy *domain.LabelPolicy) (*domain.LabelPolicy, error) { +func (c *Commands) AddLabelPolicy(ctx context.Context, resourceOwner string, policy *domain.LabelPolicy) (_ *domain.LabelPolicy, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if resourceOwner == "" { return nil, zerrors.ThrowInvalidArgument(nil, "Org-Fn8ds", "Errors.ResourceOwnerMissing") } @@ -17,7 +21,7 @@ func (c *Commands) AddLabelPolicy(ctx context.Context, resourceOwner string, pol return nil, err } addedPolicy := NewOrgLabelPolicyWriteModel(resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err = c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } @@ -98,7 +102,10 @@ func (c *Commands) ChangeLabelPolicy(ctx context.Context, resourceOwner string, return writeModelToLabelPolicy(&existingPolicy.LabelPolicyWriteModel), nil } -func (c *Commands) ActivateLabelPolicy(ctx context.Context, orgID string) (*domain.ObjectDetails, error) { +func (c *Commands) ActivateLabelPolicy(ctx context.Context, orgID string) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if orgID == "" { return nil, zerrors.ThrowInvalidArgument(nil, "Org-KKd4X", "Errors.ResourceOwnerMissing") } @@ -457,9 +464,12 @@ func (c *Commands) removeLabelPolicyAssets(ctx context.Context, existingPolicy * return org.NewLabelPolicyAssetsRemovedEvent(ctx, orgAgg), nil } -func (c *Commands) orgLabelPolicyWriteModelByID(ctx context.Context, orgID string) (*OrgLabelPolicyWriteModel, error) { +func (c *Commands) orgLabelPolicyWriteModelByID(ctx context.Context, orgID string) (_ *OrgLabelPolicyWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + policy := NewOrgLabelPolicyWriteModel(orgID) - err := c.eventstore.FilterToQueryReducer(ctx, policy) + err = c.eventstore.FilterToQueryReducer(ctx, policy) if err != nil { return nil, err } diff --git a/internal/command/org_policy_lockout.go b/internal/command/org_policy_lockout.go index d7ace6f69e..7f59507528 100644 --- a/internal/command/org_policy_lockout.go +++ b/internal/command/org_policy_lockout.go @@ -6,10 +6,14 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) AddLockoutPolicy(ctx context.Context, resourceOwner string, policy *domain.LockoutPolicy) (*domain.LockoutPolicy, error) { +func (c *Commands) AddLockoutPolicy(ctx context.Context, resourceOwner string, policy *domain.LockoutPolicy) (_ *domain.LockoutPolicy, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if resourceOwner == "" { return nil, zerrors.ThrowInvalidArgument(nil, "Org-8fJif", "Errors.ResourceOwnerMissing") } @@ -105,9 +109,12 @@ func (c *Commands) removeLockoutPolicyIfExists(ctx context.Context, orgID string return org.NewLockoutPolicyRemovedEvent(ctx, orgAgg), nil } -func orgLockoutPolicyWriteModelByID(ctx context.Context, orgID string, queryReducer func(ctx context.Context, r eventstore.QueryReducer) error) (*OrgLockoutPolicyWriteModel, error) { +func orgLockoutPolicyWriteModelByID(ctx context.Context, orgID string, queryReducer func(ctx context.Context, r eventstore.QueryReducer) error) (_ *OrgLockoutPolicyWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + policy := NewOrgLockoutPolicyWriteModel(orgID) - err := queryReducer(ctx, policy) + err = queryReducer(ctx, policy) if err != nil { return nil, err } diff --git a/internal/command/org_policy_login.go b/internal/command/org_policy_login.go index a7b2378ec3..8ae746a298 100644 --- a/internal/command/org_policy_login.go +++ b/internal/command/org_policy_login.go @@ -63,7 +63,10 @@ type ChangeLoginPolicy struct { DisableLoginWithPhone bool } -func (c *Commands) AddLoginPolicy(ctx context.Context, resourceOwner string, policy *AddLoginPolicy) (*domain.ObjectDetails, error) { +func (c *Commands) AddLoginPolicy(ctx context.Context, resourceOwner string, policy *AddLoginPolicy) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + orgAgg := org.NewAggregate(resourceOwner) cmds, err := preparation.PrepareCommands(ctx, c.eventstore.Filter, prepareAddLoginPolicy(orgAgg, policy)) if err != nil { @@ -411,7 +414,10 @@ func prepareAddLoginPolicy(a *org.Aggregate, policy *AddLoginPolicy) preparation return nil, zerrors.ThrowInvalidArgument(nil, "Org-WSfrg", "Errors.Org.LoginPolicy.MFA.Unspecified") } } - return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) { + return func(ctx context.Context, filter preparation.FilterToQueryReducer) (_ []eventstore.Command, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if exists, err := exists(ctx, filter, NewOrgLoginPolicyWriteModel(a.ID)); exists || err != nil { return nil, zerrors.ThrowAlreadyExists(nil, "Org-Dgfb2", "Errors.Org.LoginPolicy.AlreadyExists") } diff --git a/internal/command/org_policy_password_complexity.go b/internal/command/org_policy_password_complexity.go index 932b598afc..01ba58c98c 100644 --- a/internal/command/org_policy_password_complexity.go +++ b/internal/command/org_policy_password_complexity.go @@ -5,10 +5,14 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) getOrgPasswordComplexityPolicy(ctx context.Context, orgID string) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) getOrgPasswordComplexityPolicy(ctx context.Context, orgID string) (_ *domain.PasswordComplexityPolicy, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + policy, err := c.orgPasswordComplexityPolicyWriteModelByID(ctx, orgID) if err != nil { return nil, err @@ -28,7 +32,10 @@ func (c *Commands) orgPasswordComplexityPolicyWriteModelByID(ctx context.Context return policy, nil } -func (c *Commands) AddPasswordComplexityPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordComplexityPolicy) (*domain.PasswordComplexityPolicy, error) { +func (c *Commands) AddPasswordComplexityPolicy(ctx context.Context, resourceOwner string, policy *domain.PasswordComplexityPolicy) (_ *domain.PasswordComplexityPolicy, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if resourceOwner == "" { return nil, zerrors.ThrowInvalidArgument(nil, "Org-7ufEs", "Errors.ResourceOwnerMissing") } @@ -36,7 +43,7 @@ func (c *Commands) AddPasswordComplexityPolicy(ctx context.Context, resourceOwne return nil, err } addedPolicy := NewOrgPasswordComplexityPolicyWriteModel(resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err = c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } diff --git a/internal/command/org_policy_privacy.go b/internal/command/org_policy_privacy.go index 3e0497ccb4..26546b05aa 100644 --- a/internal/command/org_policy_privacy.go +++ b/internal/command/org_policy_privacy.go @@ -5,6 +5,7 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -28,7 +29,9 @@ func (c *Commands) orgPrivacyPolicyWriteModelByID(ctx context.Context, orgID str return policy, nil } -func (c *Commands) AddPrivacyPolicy(ctx context.Context, resourceOwner string, policy *domain.PrivacyPolicy) (*domain.PrivacyPolicy, error) { +func (c *Commands) AddPrivacyPolicy(ctx context.Context, resourceOwner string, policy *domain.PrivacyPolicy) (_ *domain.PrivacyPolicy, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() if policy.SupportEmail != "" { if err := policy.SupportEmail.Validate(); err != nil { @@ -41,7 +44,7 @@ func (c *Commands) AddPrivacyPolicy(ctx context.Context, resourceOwner string, p return nil, zerrors.ThrowInvalidArgument(nil, "Org-MMk9fs", "Errors.ResourceOwnerMissing") } addedPolicy := NewOrgPrivacyPolicyWriteModel(resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, addedPolicy) + err = c.eventstore.FilterToQueryReducer(ctx, addedPolicy) if err != nil { return nil, err } diff --git a/internal/command/project.go b/internal/command/project.go index 6837fabd90..be8ea242c9 100644 --- a/internal/command/project.go +++ b/internal/command/project.go @@ -10,10 +10,14 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/project" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) func (c *Commands) AddProjectWithID(ctx context.Context, project *domain.Project, resourceOwner, projectID string) (_ *domain.Project, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingProject, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return nil, err @@ -147,7 +151,10 @@ func projectWriteModel(ctx context.Context, filter preparation.FilterToQueryRedu return project, nil } -func (c *Commands) getProjectByID(ctx context.Context, projectID, resourceOwner string) (*domain.Project, error) { +func (c *Commands) getProjectByID(ctx context.Context, projectID, resourceOwner string) (_ *domain.Project, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + projectWriteModel, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return nil, err @@ -158,7 +165,10 @@ func (c *Commands) getProjectByID(ctx context.Context, projectID, resourceOwner return projectWriteModelToProject(projectWriteModel), nil } -func (c *Commands) checkProjectExists(ctx context.Context, projectID, resourceOwner string) error { +func (c *Commands) checkProjectExists(ctx context.Context, projectID, resourceOwner string) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + projectWriteModel, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner) if err != nil { return err @@ -312,9 +322,12 @@ func (c *Commands) RemoveProject(ctx context.Context, projectID, resourceOwner s return writeModelToObjectDetails(&existingProject.WriteModel), nil } -func (c *Commands) getProjectWriteModelByID(ctx context.Context, projectID, resourceOwner string) (*ProjectWriteModel, error) { +func (c *Commands) getProjectWriteModelByID(ctx context.Context, projectID, resourceOwner string) (_ *ProjectWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + projectWriteModel := NewProjectWriteModel(projectID, resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, projectWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, projectWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_application.go b/internal/command/project_application.go index 07bfa837b1..0ccf5dc852 100644 --- a/internal/command/project_application.go +++ b/internal/command/project_application.go @@ -5,6 +5,7 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/repository/project" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -129,9 +130,12 @@ func (c *Commands) RemoveApplication(ctx context.Context, projectID, appID, reso return writeModelToObjectDetails(&existingApp.WriteModel), nil } -func (c *Commands) getApplicationWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*ApplicationWriteModel, error) { +func (c *Commands) getApplicationWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (_ *ApplicationWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + appWriteModel := NewApplicationWriteModelWithAppIDC(projectID, appID, resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, appWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, appWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_application_api.go b/internal/command/project_application_api.go index b1af6c1e5d..a697305ac9 100644 --- a/internal/command/project_application_api.go +++ b/internal/command/project_application_api.go @@ -68,6 +68,9 @@ func (c *Commands) AddAPIAppCommand(app *addAPIApp) preparation.Validation { } func (c *Commands) AddAPIApplicationWithID(ctx context.Context, apiApp *domain.APIApp, resourceOwner, appID string) (_ *domain.APIApp, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingAPI, err := c.getAPIAppWriteModel(ctx, apiApp.AggregateID, appID, resourceOwner) if err != nil { return nil, err @@ -105,6 +108,9 @@ func (c *Commands) AddAPIApplication(ctx context.Context, apiApp *domain.APIApp, } func (c *Commands) addAPIApplicationWithID(ctx context.Context, apiApp *domain.APIApp, resourceOwner string, project *domain.Project, appID string) (_ *domain.APIApp, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + apiApp.AppID = appID addedApplication := NewAPIApplicationWriteModel(apiApp.AggregateID, resourceOwner) @@ -262,9 +268,12 @@ func (c *Commands) APISecretCheckFailed(ctx context.Context, appID, projectID, r c.apiSecretCheckFailed(ctx, &agg.Aggregate, appID) } -func (c *Commands) getAPIAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*APIApplicationWriteModel, error) { +func (c *Commands) getAPIAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (_ *APIApplicationWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + appWriteModel := NewAPIApplicationWriteModelWithAppID(projectID, appID, resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, appWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, appWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_application_key.go b/internal/command/project_application_key.go index 1b791c2670..519e9fc30a 100644 --- a/internal/command/project_application_key.go +++ b/internal/command/project_application_key.go @@ -10,6 +10,9 @@ import ( ) func (c *Commands) AddApplicationKeyWithID(ctx context.Context, key *domain.ApplicationKey, resourceOwner string) (_ *domain.ApplicationKey, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + writeModel, err := c.applicationKeyWriteModelByID(ctx, key.AggregateID, key.ApplicationID, key.KeyID, resourceOwner) if err != nil { return nil, err @@ -47,6 +50,8 @@ func (c *Commands) AddApplicationKey(ctx context.Context, key *domain.Applicatio } func (c *Commands) addApplicationKey(ctx context.Context, key *domain.ApplicationKey, resourceOwner string) (_ *domain.ApplicationKey, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() keyWriteModel := NewApplicationKeyWriteModel(key.AggregateID, key.ApplicationID, key.KeyID, resourceOwner) err = c.eventstore.FilterToQueryReducer(ctx, keyWriteModel) diff --git a/internal/command/project_application_oidc.go b/internal/command/project_application_oidc.go index b4a9eaae9b..6c9df8a69a 100644 --- a/internal/command/project_application_oidc.go +++ b/internal/command/project_application_oidc.go @@ -115,6 +115,9 @@ func (c *Commands) AddOIDCAppCommand(app *addOIDCApp) preparation.Validation { } func (c *Commands) AddOIDCApplicationWithID(ctx context.Context, oidcApp *domain.OIDCApp, resourceOwner, appID string) (_ *domain.OIDCApp, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingApp, err := c.getOIDCAppWriteModel(ctx, oidcApp.AggregateID, appID, resourceOwner) if err != nil { return nil, err @@ -153,6 +156,9 @@ func (c *Commands) AddOIDCApplication(ctx context.Context, oidcApp *domain.OIDCA } func (c *Commands) addOIDCApplicationWithID(ctx context.Context, oidcApp *domain.OIDCApp, resourceOwner string, project *domain.Project, appID string) (_ *domain.OIDCApp, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + addedApplication := NewOIDCApplicationWriteModel(oidcApp.AggregateID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&addedApplication.WriteModel) @@ -343,9 +349,12 @@ func (c *Commands) OIDCSecretCheckFailed(ctx context.Context, appID, projectID, c.oidcSecretCheckFailed(ctx, &agg.Aggregate, appID) } -func (c *Commands) getOIDCAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (*OIDCApplicationWriteModel, error) { +func (c *Commands) getOIDCAppWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (_ *OIDCApplicationWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + appWriteModel := NewOIDCApplicationWriteModelWithAppID(projectID, appID, resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, appWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, appWriteModel) if err != nil { return nil, err } diff --git a/internal/command/project_grant.go b/internal/command/project_grant.go index c53e5252df..6a5ab96fee 100644 --- a/internal/command/project_grant.go +++ b/internal/command/project_grant.go @@ -14,6 +14,9 @@ import ( ) func (c *Commands) AddProjectGrantWithID(ctx context.Context, grant *domain.ProjectGrant, grantID string, resourceOwner string) (_ *domain.ProjectGrant, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingMember, err := c.projectGrantWriteModelByID(ctx, grantID, grant.AggregateID, resourceOwner) if err != nil && !zerrors.IsNotFound(err) { return nil, err diff --git a/internal/command/project_grant_member.go b/internal/command/project_grant_member.go index 096851fb42..9208ebf011 100644 --- a/internal/command/project_grant_member.go +++ b/internal/command/project_grant_member.go @@ -11,14 +11,17 @@ import ( "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) AddProjectGrantMember(ctx context.Context, member *domain.ProjectGrantMember) (*domain.ProjectGrantMember, error) { +func (c *Commands) AddProjectGrantMember(ctx context.Context, member *domain.ProjectGrantMember) (_ *domain.ProjectGrantMember, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if !member.IsValid() { return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-8fi7G", "Errors.Project.Grant.Member.Invalid") } if len(domain.CheckForInvalidRoles(member.Roles, domain.ProjectGrantRolePrefix, c.zitadelRoles)) > 0 { return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-m9gKK", "Errors.Project.Grant.Member.Invalid") } - err := c.checkUserExists(ctx, member.UserID, "") + err = c.checkUserExists(ctx, member.UserID, "") if err != nil { return nil, err } diff --git a/internal/command/project_member.go b/internal/command/project_member.go index e47a4c85ee..a2e4fae553 100644 --- a/internal/command/project_member.go +++ b/internal/command/project_member.go @@ -11,7 +11,10 @@ import ( "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) AddProjectMember(ctx context.Context, member *domain.Member, resourceOwner string) (*domain.Member, error) { +func (c *Commands) AddProjectMember(ctx context.Context, member *domain.Member, resourceOwner string) (_ *domain.Member, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + addedMember := NewProjectMemberWriteModel(member.AggregateID, member.UserID, resourceOwner) projectAgg := ProjectAggregateFromWriteModel(&addedMember.WriteModel) event, err := c.addProjectMember(ctx, projectAgg, addedMember, member) @@ -31,7 +34,10 @@ func (c *Commands) AddProjectMember(ctx context.Context, member *domain.Member, return memberWriteModelToMember(&addedMember.MemberWriteModel), nil } -func (c *Commands) addProjectMember(ctx context.Context, projectAgg *eventstore.Aggregate, addedMember *ProjectMemberWriteModel, member *domain.Member) (eventstore.Command, error) { +func (c *Commands) addProjectMember(ctx context.Context, projectAgg *eventstore.Aggregate, addedMember *ProjectMemberWriteModel, member *domain.Member) (_ eventstore.Command, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if !member.IsValid() { return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-W8m4l", "Errors.Project.Member.Invalid") } @@ -39,7 +45,7 @@ func (c *Commands) addProjectMember(ctx context.Context, projectAgg *eventstore. return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-3m9ds", "Errors.Project.Member.Invalid") } - err := c.checkUserExists(ctx, addedMember.UserID, "") + err = c.checkUserExists(ctx, addedMember.UserID, "") if err != nil { return nil, err } diff --git a/internal/command/project_role.go b/internal/command/project_role.go index 065d784efc..ec9a426242 100644 --- a/internal/command/project_role.go +++ b/internal/command/project_role.go @@ -8,10 +8,14 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/project" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) func (c *Commands) AddProjectRole(ctx context.Context, projectRole *domain.ProjectRole, resourceOwner string) (_ *domain.ProjectRole, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + err = c.checkProjectExists(ctx, projectRole.AggregateID, resourceOwner) if err != nil { return nil, err diff --git a/internal/command/user.go b/internal/command/user.go index 17b0913c5e..053095d7e8 100644 --- a/internal/command/user.go +++ b/internal/command/user.go @@ -336,7 +336,10 @@ func (c *Commands) UserDomainClaimedSent(ctx context.Context, orgID, userID stri return err } -func (c *Commands) checkUserExists(ctx context.Context, userID, resourceOwner string) error { +func (c *Commands) checkUserExists(ctx context.Context, userID, resourceOwner string) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + existingUser, err := c.userWriteModelByID(ctx, userID, resourceOwner) if err != nil { return err diff --git a/internal/command/user_domain_policy.go b/internal/command/user_domain_policy.go index 2226608ff1..cce68bd10b 100644 --- a/internal/command/user_domain_policy.go +++ b/internal/command/user_domain_policy.go @@ -4,6 +4,7 @@ import ( "context" "github.com/zitadel/zitadel/internal/command/preparation" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -60,7 +61,10 @@ func orgDomainPolicy(ctx context.Context, filter preparation.FilterToQueryReduce } // Deprecated: Use commands.instanceDomainPolicyWriteModel directly, to remove use of eventstore.Filter function -func instanceDomainPolicy(ctx context.Context, filter preparation.FilterToQueryReducer) (*InstanceDomainPolicyWriteModel, error) { +func instanceDomainPolicy(ctx context.Context, filter preparation.FilterToQueryReducer) (_ *InstanceDomainPolicyWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + policy := NewInstanceDomainPolicyWriteModel(ctx) events, err := filter(ctx, policy.Query()) if err != nil { @@ -74,7 +78,10 @@ func instanceDomainPolicy(ctx context.Context, filter preparation.FilterToQueryR return policy, err } -func domainPolicyUsernames(ctx context.Context, filter preparation.FilterToQueryReducer, orgID string) (*DomainPolicyUsernamesWriteModel, error) { +func domainPolicyUsernames(ctx context.Context, filter preparation.FilterToQueryReducer, orgID string) (_ *DomainPolicyUsernamesWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + policy := NewDomainPolicyUsernamesWriteModel(orgID) events, err := filter(ctx, policy.Query()) if err != nil { diff --git a/internal/command/user_grant.go b/internal/command/user_grant.go index f2a8a3ddbe..b37571cd37 100644 --- a/internal/command/user_grant.go +++ b/internal/command/user_grant.go @@ -12,6 +12,9 @@ import ( ) func (c *Commands) AddUserGrant(ctx context.Context, usergrant *domain.UserGrant, resourceOwner string) (_ *domain.UserGrant, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + event, addedUserGrant, err := c.addUserGrant(ctx, usergrant, resourceOwner) if err != nil { return nil, err @@ -284,9 +287,12 @@ func (c *Commands) userGrantWriteModelByID(ctx context.Context, userGrantID, res return writeModel, nil } -func (c *Commands) checkUserGrantPreCondition(ctx context.Context, usergrant *domain.UserGrant, resourceOwner string) error { +func (c *Commands) checkUserGrantPreCondition(ctx context.Context, usergrant *domain.UserGrant, resourceOwner string) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + preConditions := NewUserGrantPreConditionReadModel(usergrant.UserID, usergrant.ProjectID, usergrant.ProjectGrantID, resourceOwner) - err := c.eventstore.FilterToQueryReducer(ctx, preConditions) + err = c.eventstore.FilterToQueryReducer(ctx, preConditions) if err != nil { return err } diff --git a/internal/command/user_human.go b/internal/command/user_human.go index 7f117751b7..35ae22e1bf 100644 --- a/internal/command/user_human.go +++ b/internal/command/user_human.go @@ -422,6 +422,9 @@ func (h *AddHuman) shouldAddInitCode() bool { // Deprecated: use commands.AddUserHuman func (c *Commands) ImportHuman(ctx context.Context, orgID string, human *domain.Human, passwordless bool, links []*domain.UserIDPLink, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator crypto.Generator) (_ *domain.Human, passwordlessCode *domain.PasswordlessInitCode, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if orgID == "" { return nil, nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-5N8fs", "Errors.ResourceOwnerMissing") } @@ -470,6 +473,9 @@ func (c *Commands) ImportHuman(ctx context.Context, orgID string, human *domain. } func (c *Commands) importHuman(ctx context.Context, orgID string, human *domain.Human, passwordless bool, links []*domain.UserIDPLink, domainPolicy *domain.DomainPolicy, pwPolicy *domain.PasswordComplexityPolicy, initCodeGenerator, emailCodeGenerator, phoneCodeGenerator, passwordlessCodeGenerator crypto.Generator) (events []eventstore.Command, humanWriteModel *HumanWriteModel, passwordlessCodeWriteModel *HumanPasswordlessInitCodeWriteModel, code string, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if orgID == "" { return nil, nil, nil, "", zerrors.ThrowInvalidArgument(nil, "COMMAND-00p2b", "Errors.Org.Empty") } @@ -652,9 +658,12 @@ func (c *Commands) HumansSignOut(ctx context.Context, agentID string, userIDs [] return err } -func (c *Commands) getHumanWriteModelByID(ctx context.Context, userID, resourceowner string) (*HumanWriteModel, error) { +func (c *Commands) getHumanWriteModelByID(ctx context.Context, userID, resourceowner string) (_ *HumanWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + humanWriteModel := NewHumanWriteModel(userID, resourceowner) - err := c.eventstore.FilterToQueryReducer(ctx, humanWriteModel) + err = c.eventstore.FilterToQueryReducer(ctx, humanWriteModel) if err != nil { return nil, err } diff --git a/internal/command/user_human_otp.go b/internal/command/user_human_otp.go index 39abab3b86..bc65ba7245 100644 --- a/internal/command/user_human_otp.go +++ b/internal/command/user_human_otp.go @@ -16,7 +16,10 @@ import ( "github.com/zitadel/zitadel/internal/zerrors" ) -func (c *Commands) ImportHumanTOTP(ctx context.Context, userID, userAgentID, resourceOwner string, key string) error { +func (c *Commands) ImportHumanTOTP(ctx context.Context, userID, userAgentID, resourceOwner string, key string) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + encryptedSecret, err := crypto.Encrypt([]byte(key), c.multifactors.OTP.CryptoMFA) if err != nil { return err diff --git a/internal/command/user_idp_link.go b/internal/command/user_idp_link.go index 38d913ca6a..14f05964a1 100644 --- a/internal/command/user_idp_link.go +++ b/internal/command/user_idp_link.go @@ -12,6 +12,9 @@ import ( ) func (c *Commands) AddUserIDPLink(ctx context.Context, userID, resourceOwner string, link *AddLink) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if userID == "" { return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-03j8f", "Errors.IDMissing") } diff --git a/internal/command/user_machine.go b/internal/command/user_machine.go index 77953010d3..1ec32450ac 100644 --- a/internal/command/user_machine.go +++ b/internal/command/user_machine.go @@ -8,6 +8,7 @@ import ( "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/eventstore/v1/models" "github.com/zitadel/zitadel/internal/repository/user" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -45,6 +46,9 @@ func AddMachineCommand(a *user.Aggregate, machine *Machine) preparation.Validati return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-bm9Ds", "Errors.User.Invalid") } return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + writeModel, err := getMachineWriteModel(ctx, a.ID, a.ResourceOwner, filter) if err != nil { return nil, err @@ -63,7 +67,10 @@ func AddMachineCommand(a *user.Aggregate, machine *Machine) preparation.Validati } } -func (c *Commands) AddMachine(ctx context.Context, machine *Machine) (*domain.ObjectDetails, error) { +func (c *Commands) AddMachine(ctx context.Context, machine *Machine) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if machine.AggregateID == "" { userID, err := c.idGenerator.Next() if err != nil { @@ -140,7 +147,10 @@ func changeMachineCommand(a *user.Aggregate, machine *Machine) preparation.Valid } } -func getMachineWriteModel(ctx context.Context, userID, resourceOwner string, filter preparation.FilterToQueryReducer) (*MachineWriteModel, error) { +func getMachineWriteModel(ctx context.Context, userID, resourceOwner string, filter preparation.FilterToQueryReducer) (_ *MachineWriteModel, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + writeModel := NewMachineWriteModel(userID, resourceOwner) events, err := filter(ctx, writeModel.Query()) if err != nil { diff --git a/internal/command/user_machine_key.go b/internal/command/user_machine_key.go index d6abdd9545..8a0f0f437b 100644 --- a/internal/command/user_machine_key.go +++ b/internal/command/user_machine_key.go @@ -10,6 +10,7 @@ import ( "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/eventstore/v1/models" "github.com/zitadel/zitadel/internal/repository/user" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -96,7 +97,10 @@ func (key *MachineKey) checkAggregate(ctx context.Context, filter preparation.Fi return nil } -func (c *Commands) AddUserMachineKey(ctx context.Context, machineKey *MachineKey) (*domain.ObjectDetails, error) { +func (c *Commands) AddUserMachineKey(ctx context.Context, machineKey *MachineKey) (_ *domain.ObjectDetails, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if machineKey.KeyID == "" { keyID, err := c.idGenerator.Next() if err != nil { @@ -127,6 +131,9 @@ func prepareAddUserMachineKey(machineKey *MachineKey, keySize int) preparation.V return nil, err } return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if err := machineKey.checkAggregate(ctx, filter); err != nil { return nil, err } diff --git a/internal/command/user_metadata.go b/internal/command/user_metadata.go index e33da532cd..d47c5b61d0 100644 --- a/internal/command/user_metadata.go +++ b/internal/command/user_metadata.go @@ -6,10 +6,14 @@ import ( "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/repository/user" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) func (c *Commands) SetUserMetadata(ctx context.Context, metadata *domain.Metadata, userID, resourceOwner string) (_ *domain.Metadata, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + err = c.checkUserExists(ctx, userID, resourceOwner) if err != nil { return nil, err diff --git a/internal/domain/human.go b/internal/domain/human.go index d81aed1f71..f917831375 100644 --- a/internal/domain/human.go +++ b/internal/domain/human.go @@ -8,6 +8,7 @@ import ( "github.com/zitadel/zitadel/internal/crypto" es_models "github.com/zitadel/zitadel/internal/eventstore/v1/models" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -104,7 +105,10 @@ func (u *Human) EnsureDisplayName() { u.DisplayName = u.Username } -func (u *Human) HashPasswordIfExisting(ctx context.Context, policy *PasswordComplexityPolicy, hasher *crypto.Hasher, onetime bool) error { +func (u *Human) HashPasswordIfExisting(ctx context.Context, policy *PasswordComplexityPolicy, hasher *crypto.Hasher, onetime bool) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + if u.Password != nil { u.Password.ChangeRequired = onetime return u.Password.HashPasswordIfExisting(ctx, policy, hasher) diff --git a/internal/eventstore/repository/sql/crdb.go b/internal/eventstore/repository/sql/crdb.go index 9f925d4635..a60a2ef7b8 100644 --- a/internal/eventstore/repository/sql/crdb.go +++ b/internal/eventstore/repository/sql/crdb.go @@ -18,6 +18,7 @@ import ( "github.com/zitadel/zitadel/internal/database/dialect" "github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/eventstore/repository" + "github.com/zitadel/zitadel/internal/telemetry/tracing" "github.com/zitadel/zitadel/internal/zerrors" ) @@ -248,8 +249,11 @@ func (db *CRDB) handleUniqueConstraints(ctx context.Context, tx *sql.Tx, uniqueC } // FilterToReducer finds all events matching the given search query and passes them to the reduce function. -func (crdb *CRDB) FilterToReducer(ctx context.Context, searchQuery *eventstore.SearchQueryBuilder, reduce eventstore.Reducer) error { - err := query(ctx, crdb, searchQuery, reduce, false) +func (crdb *CRDB) FilterToReducer(ctx context.Context, searchQuery *eventstore.SearchQueryBuilder, reduce eventstore.Reducer) (err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + + err = query(ctx, crdb, searchQuery, reduce, false) if err == nil { return nil } diff --git a/internal/query/secret_generators.go b/internal/query/secret_generators.go index 9517f53f4c..ffd62bd26f 100644 --- a/internal/query/secret_generators.go +++ b/internal/query/secret_generators.go @@ -102,7 +102,10 @@ type SecretGeneratorSearchQueries struct { Queries []SearchQuery } -func (q *Queries) InitEncryptionGenerator(ctx context.Context, generatorType domain.SecretGeneratorType, algorithm crypto.EncryptionAlgorithm) (crypto.Generator, error) { +func (q *Queries) InitEncryptionGenerator(ctx context.Context, generatorType domain.SecretGeneratorType, algorithm crypto.EncryptionAlgorithm) (_ crypto.Generator, err error) { + ctx, span := tracing.NewSpan(ctx) + defer func() { span.EndWithError(err) }() + generatorConfig, err := q.SecretGeneratorByType(ctx, generatorType) if err != nil { return nil, err