From fb930854302c256f2dbd04374261ca79e3f41f8a Mon Sep 17 00:00:00 2001 From: Silvan Date: Tue, 31 May 2022 20:39:37 +0200 Subject: [PATCH] fix(projection): add missing col to idp login policy links (#3745) * fix(projection): add missing col to projection * refactor: method naming --- internal/api/grpc/management/policy_login.go | 4 +-- internal/command/instance_idp_config.go | 2 +- internal/command/org_idp_config.go | 26 +++++++++---------- internal/command/org_policy_login.go | 14 +++++----- internal/command/org_policy_login_test.go | 4 +-- .../query/projection/idp_login_policy_link.go | 1 + 6 files changed, 25 insertions(+), 26 deletions(-) diff --git a/internal/api/grpc/management/policy_login.go b/internal/api/grpc/management/policy_login.go index f26d6c255d..3d7fb559a2 100644 --- a/internal/api/grpc/management/policy_login.go +++ b/internal/api/grpc/management/policy_login.go @@ -79,7 +79,7 @@ func (s *Server) ListLoginPolicyIDPs(ctx context.Context, req *mgmt_pb.ListLogin } func (s *Server) AddIDPToLoginPolicy(ctx context.Context, req *mgmt_pb.AddIDPToLoginPolicyRequest) (*mgmt_pb.AddIDPToLoginPolicyResponse, error) { - idp, err := s.command.AddIDPProviderToLoginPolicy(ctx, authz.GetCtxData(ctx).OrgID, &domain.IDPProvider{IDPConfigID: req.IdpId, Type: idp.IDPProviderTypeFromPb(req.OwnerType)}) + idp, err := s.command.AddIDPToLoginPolicy(ctx, authz.GetCtxData(ctx).OrgID, &domain.IDPProvider{IDPConfigID: req.IdpId, Type: idp.IDPProviderTypeFromPb(req.OwnerType)}) if err != nil { return nil, err } @@ -103,7 +103,7 @@ func (s *Server) RemoveIDPFromLoginPolicy(ctx context.Context, req *mgmt_pb.Remo if err != nil { return nil, err } - objectDetails, err := s.command.RemoveIDPProviderFromLoginPolicy(ctx, authz.GetCtxData(ctx).OrgID, &domain.IDPProvider{IDPConfigID: req.IdpId}, user.ExternalIDPViewsToExternalIDPs(userLinks.Links)...) + objectDetails, err := s.command.RemoveIDPFromLoginPolicy(ctx, authz.GetCtxData(ctx).OrgID, &domain.IDPProvider{IDPConfigID: req.IdpId}, user.ExternalIDPViewsToExternalIDPs(userLinks.Links)...) if err != nil { return nil, err } diff --git a/internal/command/instance_idp_config.go b/internal/command/instance_idp_config.go index 551fc1e235..684acb0a3b 100644 --- a/internal/command/instance_idp_config.go +++ b/internal/command/instance_idp_config.go @@ -165,7 +165,7 @@ func (c *Commands) RemoveDefaultIDPConfig(ctx context.Context, idpID string, idp events = append(events, userEvents...) } orgAgg := OrgAggregateFromWriteModel(&NewOrgIdentityProviderWriteModel(idpProvider.AggregateID, idpID).WriteModel) - orgEvents := c.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpID, true) + orgEvents := c.removeIDPFromLoginPolicy(ctx, orgAgg, idpID, true) events = append(events, orgEvents...) } diff --git a/internal/command/org_idp_config.go b/internal/command/org_idp_config.go index b73bb97a8d..21647263ac 100644 --- a/internal/command/org_idp_config.go +++ b/internal/command/org_idp_config.go @@ -3,19 +3,17 @@ package command import ( "context" - "github.com/zitadel/zitadel/internal/domain" - caos_errs "github.com/zitadel/zitadel/internal/errors" - "github.com/zitadel/zitadel/internal/eventstore" - "github.com/zitadel/zitadel/internal/telemetry/tracing" - "github.com/zitadel/zitadel/internal/crypto" + "github.com/zitadel/zitadel/internal/domain" "github.com/zitadel/zitadel/internal/errors" + "github.com/zitadel/zitadel/internal/eventstore" org_repo "github.com/zitadel/zitadel/internal/repository/org" + "github.com/zitadel/zitadel/internal/telemetry/tracing" ) func (c *Commands) AddIDPConfig(ctx context.Context, config *domain.IDPConfig, resourceOwner string) (*domain.IDPConfig, error) { if resourceOwner == "" { - return nil, caos_errs.ThrowInvalidArgument(nil, "Org-0j8gs", "Errors.ResourceOwnerMissing") + return nil, errors.ThrowInvalidArgument(nil, "Org-0j8gs", "Errors.ResourceOwnerMissing") } if config.OIDCConfig == nil && config.JWTConfig == nil { return nil, errors.ThrowInvalidArgument(nil, "Org-eUpQU", "Errors.idp.config.notset") @@ -80,14 +78,14 @@ func (c *Commands) AddIDPConfig(ctx context.Context, config *domain.IDPConfig, r func (c *Commands) ChangeIDPConfig(ctx context.Context, config *domain.IDPConfig, resourceOwner string) (*domain.IDPConfig, error) { if resourceOwner == "" { - return nil, caos_errs.ThrowInvalidArgument(nil, "Org-Gh8ds", "Errors.ResourceOwnerMissing") + return nil, errors.ThrowInvalidArgument(nil, "Org-Gh8ds", "Errors.ResourceOwnerMissing") } existingIDP, err := c.orgIDPConfigWriteModelByID(ctx, config.IDPConfigID, resourceOwner) if err != nil { return nil, err } if existingIDP.State == domain.IDPConfigStateRemoved || existingIDP.State == domain.IDPConfigStateUnspecified { - return nil, caos_errs.ThrowNotFound(nil, "Org-1J9fs", "Errors.Org.IDPConfig.NotExisting") + return nil, errors.ThrowNotFound(nil, "Org-1J9fs", "Errors.Org.IDPConfig.NotExisting") } orgAgg := OrgAggregateFromWriteModel(&existingIDP.WriteModel) @@ -100,7 +98,7 @@ func (c *Commands) ChangeIDPConfig(ctx context.Context, config *domain.IDPConfig config.AutoRegister) if !hasChanged { - return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-jf9w", "Errors.Org.IDPConfig.NotChanged") + return nil, errors.ThrowPreconditionFailed(nil, "Org-jf9w", "Errors.Org.IDPConfig.NotChanged") } pushedEvents, err := c.eventstore.Push(ctx, changedEvent) if err != nil { @@ -119,7 +117,7 @@ func (c *Commands) DeactivateIDPConfig(ctx context.Context, idpID, orgID string) return nil, err } if existingIDP.State != domain.IDPConfigStateActive { - return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-BBmd0", "Errors.Org.IDPConfig.NotActive") + return nil, errors.ThrowPreconditionFailed(nil, "Org-BBmd0", "Errors.Org.IDPConfig.NotActive") } orgAgg := OrgAggregateFromWriteModel(&existingIDP.WriteModel) pushedEvents, err := c.eventstore.Push(ctx, org_repo.NewIDPConfigDeactivatedEvent(ctx, orgAgg, idpID)) @@ -139,7 +137,7 @@ func (c *Commands) ReactivateIDPConfig(ctx context.Context, idpID, orgID string) return nil, err } if existingIDP.State != domain.IDPConfigStateInactive { - return nil, caos_errs.ThrowPreconditionFailed(nil, "Org-5Mo0d", "Errors.Org.IDPConfig.NotInactive") + return nil, errors.ThrowPreconditionFailed(nil, "Org-5Mo0d", "Errors.Org.IDPConfig.NotInactive") } orgAgg := OrgAggregateFromWriteModel(&existingIDP.WriteModel) pushedEvents, err := c.eventstore.Push(ctx, org_repo.NewIDPConfigReactivatedEvent(ctx, orgAgg, idpID)) @@ -175,7 +173,7 @@ func (c *Commands) RemoveIDPConfig(ctx context.Context, idpID, orgID string, cas func (c *Commands) removeIDPConfig(ctx context.Context, existingIDP *OrgIDPConfigWriteModel, cascadeRemoveProvider bool, cascadeExternalIDPs ...*domain.UserIDPLink) ([]eventstore.Command, error) { if existingIDP.State == domain.IDPConfigStateRemoved || existingIDP.State == domain.IDPConfigStateUnspecified { - return nil, caos_errs.ThrowNotFound(nil, "Org-Yx9vd", "Errors.Org.IDPConfig.NotExisting") + return nil, errors.ThrowNotFound(nil, "Org-Yx9vd", "Errors.Org.IDPConfig.NotExisting") } orgAgg := OrgAggregateFromWriteModel(&existingIDP.WriteModel) @@ -184,7 +182,7 @@ func (c *Commands) removeIDPConfig(ctx context.Context, existingIDP *OrgIDPConfi } if cascadeRemoveProvider { - removeIDPEvents := c.removeIDPProviderFromLoginPolicy(ctx, orgAgg, existingIDP.ConfigID, true, cascadeExternalIDPs...) + removeIDPEvents := c.removeIDPFromLoginPolicy(ctx, orgAgg, existingIDP.ConfigID, true, cascadeExternalIDPs...) events = append(events, removeIDPEvents...) } return events, nil @@ -196,7 +194,7 @@ func (c *Commands) getOrgIDPConfigByID(ctx context.Context, idpID, orgID string) return nil, err } if !config.State.Exists() { - return nil, caos_errs.ThrowNotFound(nil, "ORG-2m90f", "Errors.Org.IDPConfig.NotExisting") + return nil, errors.ThrowNotFound(nil, "ORG-2m90f", "Errors.Org.IDPConfig.NotExisting") } return writeModelToIDPConfig(&config.IDPConfigWriteModel), nil } diff --git a/internal/command/org_policy_login.go b/internal/command/org_policy_login.go index 55dcfeb107..6cbcfc0538 100644 --- a/internal/command/org_policy_login.go +++ b/internal/command/org_policy_login.go @@ -162,7 +162,7 @@ func (c *Commands) RemoveLoginPolicy(ctx context.Context, orgID string) (*domain if existingPolicy.State == domain.PolicyStateUnspecified || existingPolicy.State == domain.PolicyStateRemoved { return nil, caos_errs.ThrowNotFound(nil, "Org-GHB37", "Errors.Org.LoginPolicy.NotFound") } - orgAgg := OrgAggregateFromWriteModel(&existingPolicy.LoginPolicyWriteModel.WriteModel) + orgAgg := OrgAggregateFromWriteModel(&existingPolicy.WriteModel) pushedEvents, err := c.eventstore.Push(ctx, org.NewLoginPolicyRemovedEvent(ctx, orgAgg)) if err != nil { return nil, err @@ -171,10 +171,10 @@ func (c *Commands) RemoveLoginPolicy(ctx context.Context, orgID string) (*domain if err != nil { return nil, err } - return writeModelToObjectDetails(&existingPolicy.LoginPolicyWriteModel.WriteModel), nil + return writeModelToObjectDetails(&existingPolicy.WriteModel), nil } -func (c *Commands) AddIDPProviderToLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider) (*domain.IDPProvider, error) { +func (c *Commands) AddIDPToLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider) (*domain.IDPProvider, error) { if resourceOwner == "" { return nil, caos_errs.ThrowInvalidArgument(nil, "Org-M0fs9", "Errors.ResourceOwnerMissing") } @@ -218,7 +218,7 @@ func (c *Commands) AddIDPProviderToLoginPolicy(ctx context.Context, resourceOwne return writeModelToIDPProvider(&idpModel.IdentityProviderWriteModel), nil } -func (c *Commands) RemoveIDPProviderFromLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider, cascadeExternalIDPs ...*domain.UserIDPLink) (*domain.ObjectDetails, error) { +func (c *Commands) RemoveIDPFromLoginPolicy(ctx context.Context, resourceOwner string, idpProvider *domain.IDPProvider, cascadeExternalIDPs ...*domain.UserIDPLink) (*domain.ObjectDetails, error) { if resourceOwner == "" { return nil, caos_errs.ThrowInvalidArgument(nil, "Org-M0fs9", "Errors.ResourceOwnerMissing") } @@ -243,7 +243,7 @@ func (c *Commands) RemoveIDPProviderFromLoginPolicy(ctx context.Context, resourc } orgAgg := OrgAggregateFromWriteModel(&idpModel.IdentityProviderWriteModel.WriteModel) - events := c.removeIDPProviderFromLoginPolicy(ctx, orgAgg, idpProvider.IDPConfigID, false, cascadeExternalIDPs...) + events := c.removeIDPFromLoginPolicy(ctx, orgAgg, idpProvider.IDPConfigID, false, cascadeExternalIDPs...) pushedEvents, err := c.eventstore.Push(ctx, events...) if err != nil { @@ -256,7 +256,7 @@ func (c *Commands) RemoveIDPProviderFromLoginPolicy(ctx context.Context, resourc return writeModelToObjectDetails(&idpModel.WriteModel), nil } -func (c *Commands) removeIDPProviderFromLoginPolicy(ctx context.Context, orgAgg *eventstore.Aggregate, idpConfigID string, cascade bool, cascadeExternalIDPs ...*domain.UserIDPLink) []eventstore.Command { +func (c *Commands) removeIDPFromLoginPolicy(ctx context.Context, orgAgg *eventstore.Aggregate, idpConfigID string, cascade bool, cascadeExternalIDPs ...*domain.UserIDPLink) []eventstore.Command { var events []eventstore.Command if cascade { events = append(events, org.NewIdentityProviderCascadeRemovedEvent(ctx, orgAgg, idpConfigID)) @@ -371,7 +371,7 @@ func (c *Commands) AddMultiFactorToLoginPolicy(ctx context.Context, multiFactor if err != nil { return domain.MultiFactorTypeUnspecified, nil, err } - return multiFactorModel.MultiFactorWriteModel.MFAType, writeModelToObjectDetails(&multiFactorModel.WriteModel), nil + return multiFactorModel.MFAType, writeModelToObjectDetails(&multiFactorModel.WriteModel), nil } func (c *Commands) addMultiFactorToLoginPolicy(ctx context.Context, multiFactorModel *OrgMultiFactorWriteModel, multiFactor domain.MultiFactorType) (*org.LoginPolicyMultiFactorAddedEvent, error) { diff --git a/internal/command/org_policy_login_test.go b/internal/command/org_policy_login_test.go index fe1fc7fc70..98b528cb0a 100644 --- a/internal/command/org_policy_login_test.go +++ b/internal/command/org_policy_login_test.go @@ -1047,7 +1047,7 @@ func TestCommandSide_AddIDPProviderLoginPolicy(t *testing.T) { r := &Commands{ eventstore: tt.fields.eventstore, } - got, err := r.AddIDPProviderToLoginPolicy(tt.args.ctx, tt.args.resourceOwner, tt.args.provider) + got, err := r.AddIDPToLoginPolicy(tt.args.ctx, tt.args.resourceOwner, tt.args.provider) if tt.res.err == nil { assert.NoError(t, err) } @@ -1442,7 +1442,7 @@ func TestCommandSide_RemoveIDPProviderLoginPolicy(t *testing.T) { r := &Commands{ eventstore: tt.fields.eventstore, } - got, err := r.RemoveIDPProviderFromLoginPolicy(tt.args.ctx, tt.args.resourceOwner, tt.args.provider, tt.args.cascadeExternalIDPs...) + got, err := r.RemoveIDPFromLoginPolicy(tt.args.ctx, tt.args.resourceOwner, tt.args.provider, tt.args.cascadeExternalIDPs...) if tt.res.err == nil { assert.NoError(t, err) } diff --git a/internal/query/projection/idp_login_policy_link.go b/internal/query/projection/idp_login_policy_link.go index b8b67fe5d7..31e1688876 100644 --- a/internal/query/projection/idp_login_policy_link.go +++ b/internal/query/projection/idp_login_policy_link.go @@ -43,6 +43,7 @@ func NewIDPLoginPolicyLinkProjection(ctx context.Context, config crdb.StatementH crdb.NewColumn(IDPLoginPolicyLinkSequenceCol, crdb.ColumnTypeInt64), crdb.NewColumn(IDPLoginPolicyLinkResourceOwnerCol, crdb.ColumnTypeText), crdb.NewColumn(IDPLoginPolicyLinkInstanceIDCol, crdb.ColumnTypeText), + crdb.NewColumn(IDPLoginPolicyLinkProviderTypeCol, crdb.ColumnTypeText), }, crdb.NewPrimaryKey(IDPLoginPolicyLinkInstanceIDCol, IDPLoginPolicyLinkAggregateIDCol, IDPLoginPolicyLinkIDPIDCol), crdb.WithIndex(crdb.NewIndex("ro_idx", []string{IDPLoginPolicyLinkResourceOwnerCol})),