package command
import (
"bytes"
"context"
"encoding/json"
"time"
"github.com/zitadel/zitadel/internal/api/authz"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
domain_schema "github.com/zitadel/zitadel/internal/domain/schema"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/repository/user/schemauser"
"github.com/zitadel/zitadel/internal/zerrors"
)
type UserV3WriteModel struct {
eventstore.WriteModel
PhoneWM bool
EmailWM bool
DataWM bool
SchemaID string
SchemaRevision uint64
Email string
IsEmailVerified bool
EmailVerifiedFailedCount int
EmailCode *VerifyCode
Phone string
IsPhoneVerified bool
PhoneVerifiedFailedCount int
PhoneCode *VerifyCode
Data json.RawMessage
Locked bool
State domain.UserState
checkPermission domain.PermissionCheck
writePermissionCheck bool
}
func (wm *UserV3WriteModel) GetWriteModel() *eventstore.WriteModel {
return &wm.WriteModel
}
type VerifyCode struct {
Code *crypto.CryptoValue
CreationDate time.Time
Expiry time.Duration
}
func NewExistsUserV3WriteModel(resourceOwner, userID string, checkPermission domain.PermissionCheck) *UserV3WriteModel {
return &UserV3WriteModel{
WriteModel: eventstore.WriteModel{
AggregateID: userID,
ResourceOwner: resourceOwner,
},
PhoneWM: false,
EmailWM: false,
DataWM: false,
checkPermission: checkPermission,
}
}
func NewUserV3WriteModel(resourceOwner, userID string, checkPermission domain.PermissionCheck) *UserV3WriteModel {
return &UserV3WriteModel{
WriteModel: eventstore.WriteModel{
AggregateID: userID,
ResourceOwner: resourceOwner,
},
PhoneWM: true,
EmailWM: true,
DataWM: true,
checkPermission: checkPermission,
}
}
func NewUserV3EmailWriteModel(resourceOwner, userID string, checkPermission domain.PermissionCheck) *UserV3WriteModel {
return &UserV3WriteModel{
WriteModel: eventstore.WriteModel{
AggregateID: userID,
ResourceOwner: resourceOwner,
},
EmailWM: true,
checkPermission: checkPermission,
}
}
func NewUserV3PhoneWriteModel(resourceOwner, userID string, checkPermission domain.PermissionCheck) *UserV3WriteModel {
return &UserV3WriteModel{
WriteModel: eventstore.WriteModel{
AggregateID: userID,
ResourceOwner: resourceOwner,
},
PhoneWM: true,
checkPermission: checkPermission,
}
}
func (wm *UserV3WriteModel) Reduce() error {
for _, event := range wm.Events {
switch e := event.(type) {
case *schemauser.CreatedEvent:
wm.SchemaID = e.SchemaID
wm.SchemaRevision = e.SchemaRevision
wm.Data = e.Data
wm.Locked = false
wm.State = domain.UserStateActive
case *schemauser.UpdatedEvent:
if e.SchemaID != nil {
wm.SchemaID = *e.SchemaID
}
if e.SchemaRevision != nil {
wm.SchemaRevision = *e.SchemaRevision
}
if len(e.Data) > 0 {
wm.Data = e.Data
}
case *schemauser.DeletedEvent:
wm.State = domain.UserStateDeleted
case *schemauser.EmailUpdatedEvent:
wm.Email = string(e.EmailAddress)
wm.IsEmailVerified = false
wm.EmailVerifiedFailedCount = 0
wm.EmailCode = nil
case *schemauser.EmailCodeAddedEvent:
wm.IsEmailVerified = false
wm.EmailVerifiedFailedCount = 0
wm.EmailCode = &VerifyCode{
Code: e.Code,
CreationDate: e.CreationDate(),
Expiry: e.Expiry,
}
case *schemauser.EmailVerifiedEvent:
wm.IsEmailVerified = true
wm.EmailVerifiedFailedCount = 0
wm.EmailCode = nil
case *schemauser.EmailVerificationFailedEvent:
wm.EmailVerifiedFailedCount += 1
case *schemauser.PhoneUpdatedEvent:
wm.Phone = string(e.PhoneNumber)
wm.IsPhoneVerified = false
wm.PhoneVerifiedFailedCount = 0
wm.EmailCode = nil
case *schemauser.PhoneCodeAddedEvent:
wm.IsPhoneVerified = false
wm.PhoneVerifiedFailedCount = 0
wm.PhoneCode = &VerifyCode{
Code: e.Code,
CreationDate: e.CreationDate(),
Expiry: e.Expiry,
}
case *schemauser.PhoneVerifiedEvent:
wm.PhoneVerifiedFailedCount = 0
wm.IsPhoneVerified = true
wm.PhoneCode = nil
case *schemauser.PhoneVerificationFailedEvent:
wm.PhoneVerifiedFailedCount += 1
case *schemauser.LockedEvent:
wm.Locked = true
case *schemauser.UnlockedEvent:
wm.Locked = false
case *schemauser.DeactivatedEvent:
wm.State = domain.UserStateInactive
case *schemauser.ActivatedEvent:
wm.State = domain.UserStateActive
}
}
return wm.WriteModel.Reduce()
}
func (wm *UserV3WriteModel) Query() *eventstore.SearchQueryBuilder {
builder := eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent)
if wm.ResourceOwner != "" {
builder = builder.ResourceOwner(wm.ResourceOwner)
}
eventtypes := []eventstore.EventType{
schemauser.CreatedType,
schemauser.DeletedType,
schemauser.ActivatedType,
schemauser.DeactivatedType,
schemauser.LockedType,
schemauser.UnlockedType,
}
if wm.DataWM {
eventtypes = append(eventtypes,
schemauser.UpdatedType,
)
}
if wm.EmailWM {
eventtypes = append(eventtypes,
schemauser.EmailUpdatedType,
schemauser.EmailVerifiedType,
schemauser.EmailCodeAddedType,
schemauser.EmailVerificationFailedType,
)
}
if wm.PhoneWM {
eventtypes = append(eventtypes,
schemauser.PhoneUpdatedType,
schemauser.PhoneVerifiedType,
schemauser.PhoneCodeAddedType,
schemauser.PhoneVerificationFailedType,
)
}
return builder.AddQuery().
AggregateTypes(schemauser.AggregateType).
AggregateIDs(wm.AggregateID).
EventTypes(eventtypes...).Builder()
}
func (wm *UserV3WriteModel) NewCreated(
ctx context.Context,
schemaID string,
schemaRevision uint64,
data json.RawMessage,
email *Email,
phone *Phone,
emailCode func(context.Context) (*EncryptedCode, error),
phoneCode func(context.Context) (*EncryptedCode, string, error),
) (_ []eventstore.Command, codeEmail string, codePhone string, err error) {
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, "", "", err
}
if wm.Exists() {
return nil, "", "", zerrors.ThrowPreconditionFailed(nil, "COMMAND-Nn8CRVlkeZ", "Errors.User.AlreadyExists")
}
events := []eventstore.Command{
schemauser.NewCreatedEvent(ctx,
UserV3AggregateFromWriteModel(&wm.WriteModel),
schemaID, schemaRevision, data,
),
}
if email != nil {
emailEvents, plainCodeEmail, err := wm.NewEmailCreate(ctx,
email,
emailCode,
)
if err != nil {
return nil, "", "", err
}
if plainCodeEmail != "" {
codeEmail = plainCodeEmail
}
events = append(events, emailEvents...)
}
if phone != nil {
phoneEvents, plainCodePhone, err := wm.NewPhoneCreate(ctx,
phone,
phoneCode,
)
if err != nil {
return nil, "", "", err
}
if plainCodePhone != "" {
codePhone = plainCodePhone
}
events = append(events, phoneEvents...)
}
return events, codeEmail, codePhone, nil
}
func (wm *UserV3WriteModel) getSchemaRoleForWrite(ctx context.Context, resourceOwner, userID string) (domain_schema.Role, error) {
if userID == authz.GetCtxData(ctx).UserID {
return domain_schema.RoleSelf, nil
}
if err := wm.checkPermission(ctx, domain.PermissionUserWrite, resourceOwner, userID); err != nil {
return domain_schema.RoleUnspecified, err
}
return domain_schema.RoleOwner, nil
}
func (wm *UserV3WriteModel) validateData(ctx context.Context, data []byte, schemaWM *UserSchemaWriteModel) (string, uint64, error) {
// get role for permission check in schema through extension
role, err := wm.getSchemaRoleForWrite(ctx, wm.ResourceOwner, wm.AggregateID)
if err != nil {
return "", 0, err
}
schema, err := domain_schema.NewSchema(role, bytes.NewReader(schemaWM.Schema))
if err != nil {
return "", 0, err
}
// if data not changed but a new schema or revision should be used
if data == nil {
data = wm.Data
}
var v interface{}
if err := json.Unmarshal(data, &v); err != nil {
return "", 0, zerrors.ThrowInvalidArgument(nil, "COMMAND-7o3ZGxtXUz", "Errors.User.Invalid")
}
if err := schema.Validate(v); err != nil {
return "", 0, zerrors.ThrowPreconditionFailed(nil, "COMMAND-SlKXqLSeL6", "Errors.UserSchema.Data.Invalid")
}
return schemaWM.AggregateID, schemaWM.SchemaRevision, nil
}
func (wm *UserV3WriteModel) NewUpdate(
ctx context.Context,
schemaWM *UserSchemaWriteModel,
user *SchemaUser,
email *Email,
phone *Phone,
emailCode func(context.Context) (*EncryptedCode, error),
phoneCode func(context.Context) (*EncryptedCode, string, error),
) (_ []eventstore.Command, codeEmail string, codePhone string, err error) {
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, "", "", err
}
if !wm.Exists() {
return nil, "", "", zerrors.ThrowPreconditionFailed(nil, "COMMAND-Nn8CRVlkeZ", "Errors.User.NotFound")
}
events := make([]eventstore.Command, 0)
if user != nil {
schemaID, schemaRevision, err := wm.validateData(ctx, user.Data, schemaWM)
if err != nil {
return nil, "", "", err
}
userEvents := wm.newUpdatedEvents(ctx,
schemaID,
schemaRevision,
user.Data,
)
events = append(events, userEvents...)
}
if email != nil {
emailEvents, plainCodeEmail, err := wm.NewEmailUpdate(ctx,
email,
emailCode,
)
if err != nil {
return nil, "", "", err
}
if plainCodeEmail != "" {
codeEmail = plainCodeEmail
}
events = append(events, emailEvents...)
}
if phone != nil {
phoneEvents, plainCodePhone, err := wm.NewPhoneCreate(ctx,
phone,
phoneCode,
)
if err != nil {
return nil, "", "", err
}
if plainCodePhone != "" {
codePhone = plainCodePhone
}
events = append(events, phoneEvents...)
}
return events, codeEmail, codePhone, nil
}
func (wm *UserV3WriteModel) newUpdatedEvents(
ctx context.Context,
schemaID string,
schemaRevision uint64,
data json.RawMessage,
) []eventstore.Command {
changes := make([]schemauser.Changes, 0)
if wm.SchemaID != schemaID {
changes = append(changes, schemauser.ChangeSchemaID(schemaID))
}
if wm.SchemaRevision != schemaRevision {
changes = append(changes, schemauser.ChangeSchemaRevision(schemaRevision))
}
if data != nil && !bytes.Equal(wm.Data, data) {
changes = append(changes, schemauser.ChangeData(data))
}
if len(changes) == 0 {
return nil
}
return []eventstore.Command{schemauser.NewUpdatedEvent(ctx, UserV3AggregateFromWriteModel(&wm.WriteModel), changes)}
}
func (wm *UserV3WriteModel) NewDelete(
ctx context.Context,
) (_ []eventstore.Command, err error) {
if !wm.Exists() {
return nil, zerrors.ThrowNotFound(nil, "COMMAND-syHyCsGmvM", "Errors.User.NotFound")
}
if err := wm.checkPermissionDelete(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, err
}
return []eventstore.Command{schemauser.NewDeletedEvent(ctx, UserV3AggregateFromWriteModel(&wm.WriteModel))}, nil
}
func UserV3AggregateFromWriteModel(wm *eventstore.WriteModel) *eventstore.Aggregate {
return &eventstore.Aggregate{
ID: wm.AggregateID,
Type: schemauser.AggregateType,
ResourceOwner: wm.ResourceOwner,
InstanceID: wm.InstanceID,
Version: schemauser.AggregateVersion,
}
}
func (wm *UserV3WriteModel) Exists() bool {
return wm.State != domain.UserStateDeleted && wm.State != domain.UserStateUnspecified
}
func (wm *UserV3WriteModel) checkPermissionWrite(
ctx context.Context,
resourceOwner string,
userID string,
) error {
if wm.writePermissionCheck {
return nil
}
if userID != "" && userID == authz.GetCtxData(ctx).UserID {
return nil
}
if err := wm.checkPermission(ctx, domain.PermissionUserWrite, resourceOwner, userID); err != nil {
return err
}
wm.writePermissionCheck = true
return nil
}
func (wm *UserV3WriteModel) checkPermissionDelete(
ctx context.Context,
resourceOwner string,
userID string,
) error {
if userID != "" && userID == authz.GetCtxData(ctx).UserID {
return nil
}
return wm.checkPermission(ctx, domain.PermissionUserDelete, resourceOwner, userID)
}
func (wm *UserV3WriteModel) NewEmailCreate(
ctx context.Context,
email *Email,
code func(context.Context) (*EncryptedCode, error),
) (_ []eventstore.Command, plainCode string, err error) {
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, "", err
}
if email == nil || wm.Email == string(email.Address) {
return nil, "", nil
}
events := []eventstore.Command{
schemauser.NewEmailUpdatedEvent(ctx,
UserV3AggregateFromWriteModel(&wm.WriteModel),
email.Address,
),
}
if email.Verified {
events = append(events, wm.newEmailVerifiedEvent(ctx))
} else {
codeEvent, code, err := wm.newEmailCodeAddedEvent(ctx, code, email.URLTemplate, email.ReturnCode)
if err != nil {
return nil, "", err
}
events = append(events, codeEvent)
if code != "" {
plainCode = code
}
}
return events, plainCode, nil
}
func (wm *UserV3WriteModel) NewEmailUpdate(
ctx context.Context,
email *Email,
code func(context.Context) (*EncryptedCode, error),
) (_ []eventstore.Command, plainCode string, err error) {
if !wm.EmailWM {
return nil, "", nil
}
if !wm.Exists() {
return nil, "", zerrors.ThrowNotFound(nil, "COMMAND-nJ0TQFuRmP", "Errors.User.NotFound")
}
return wm.NewEmailCreate(ctx, email, code)
}
func (wm *UserV3WriteModel) NewEmailVerify(
ctx context.Context,
verify func(creationDate time.Time, expiry time.Duration, cryptoCode *crypto.CryptoValue) error,
) ([]eventstore.Command, error) {
if !wm.EmailWM {
return nil, nil
}
if !wm.Exists() {
return nil, zerrors.ThrowNotFound(nil, "COMMAND-qbGyMPvjvj", "Errors.User.NotFound")
}
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, err
}
if wm.EmailCode == nil {
return nil, nil
}
if err := verify(wm.EmailCode.CreationDate, wm.EmailCode.Expiry, wm.EmailCode.Code); err != nil {
return nil, err
}
return []eventstore.Command{wm.newEmailVerifiedEvent(ctx)}, nil
}
func (wm *UserV3WriteModel) newEmailVerifiedEvent(
ctx context.Context,
) *schemauser.EmailVerifiedEvent {
return schemauser.NewEmailVerifiedEvent(ctx, UserV3AggregateFromWriteModel(&wm.WriteModel))
}
func (wm *UserV3WriteModel) NewResendEmailCode(
ctx context.Context,
code func(context.Context) (*EncryptedCode, error),
urlTemplate string,
isReturnCode bool,
) (_ []eventstore.Command, plainCode string, err error) {
if !wm.EmailWM {
return nil, "", nil
}
if !wm.Exists() {
return nil, "", zerrors.ThrowNotFound(nil, "COMMAND-EajeF6ypOV", "Errors.User.NotFound")
}
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, "", err
}
if wm.EmailCode == nil {
return nil, "", zerrors.ThrowPreconditionFailed(err, "COMMAND-QRkNTBwF8q", "Errors.User.Code.Empty")
}
event, plainCode, err := wm.newEmailCodeAddedEvent(ctx, code, urlTemplate, isReturnCode)
if err != nil {
return nil, "", err
}
return []eventstore.Command{event}, plainCode, nil
}
func (wm *UserV3WriteModel) newEmailCodeAddedEvent(
ctx context.Context,
code func(context.Context) (*EncryptedCode, error),
urlTemplate string,
isReturnCode bool,
) (_ *schemauser.EmailCodeAddedEvent, plainCode string, err error) {
cryptoCode, err := code(ctx)
if err != nil {
return nil, "", err
}
if isReturnCode {
plainCode = cryptoCode.Plain
}
return schemauser.NewEmailCodeAddedEvent(ctx,
UserV3AggregateFromWriteModel(&wm.WriteModel),
cryptoCode.Crypted,
cryptoCode.Expiry,
urlTemplate,
isReturnCode,
), plainCode, nil
}
func (wm *UserV3WriteModel) NewPhoneCreate(
ctx context.Context,
phone *Phone,
code func(context.Context) (*EncryptedCode, string, error),
) (_ []eventstore.Command, plainCode string, err error) {
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, "", err
}
if phone == nil || wm.Phone == string(phone.Number) {
return nil, "", nil
}
events := []eventstore.Command{
schemauser.NewPhoneUpdatedEvent(ctx,
UserV3AggregateFromWriteModel(&wm.WriteModel),
phone.Number,
),
}
if phone.Verified {
events = append(events, wm.newPhoneVerifiedEvent(ctx))
} else {
codeEvent, code, err := wm.newPhoneCodeAddedEvent(ctx, code, phone.ReturnCode)
if err != nil {
return nil, "", err
}
events = append(events, codeEvent)
if code != "" {
plainCode = code
}
}
return events, plainCode, nil
}
func (wm *UserV3WriteModel) NewPhoneUpdate(
ctx context.Context,
phone *Phone,
code func(context.Context) (*EncryptedCode, string, error),
) (_ []eventstore.Command, plainCode string, err error) {
if !wm.PhoneWM {
return nil, "", nil
}
if !wm.Exists() {
return nil, "", zerrors.ThrowNotFound(nil, "COMMAND-b33QAVgel6", "Errors.User.NotFound")
}
return wm.NewPhoneCreate(ctx, phone, code)
}
func (wm *UserV3WriteModel) NewPhoneVerify(
ctx context.Context,
verify func(creationDate time.Time, expiry time.Duration, cryptoCode *crypto.CryptoValue) error,
) ([]eventstore.Command, error) {
if !wm.PhoneWM {
return nil, nil
}
if !wm.Exists() {
return nil, zerrors.ThrowNotFound(nil, "COMMAND-bx2OLtgGNS", "Errors.User.NotFound")
}
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, err
}
if wm.PhoneCode == nil {
return nil, nil
}
if err := verify(wm.PhoneCode.CreationDate, wm.PhoneCode.Expiry, wm.PhoneCode.Code); err != nil {
return nil, err
}
return []eventstore.Command{wm.newPhoneVerifiedEvent(ctx)}, nil
}
func (wm *UserV3WriteModel) newPhoneVerifiedEvent(
ctx context.Context,
) *schemauser.PhoneVerifiedEvent {
return schemauser.NewPhoneVerifiedEvent(ctx, UserV3AggregateFromWriteModel(&wm.WriteModel))
}
func (wm *UserV3WriteModel) NewResendPhoneCode(
ctx context.Context,
code func(context.Context) (*EncryptedCode, string, error),
isReturnCode bool,
) (_ []eventstore.Command, plainCode string, err error) {
if !wm.PhoneWM {
return nil, "", nil
}
if !wm.Exists() {
return nil, "", zerrors.ThrowNotFound(nil, "COMMAND-z8Bu9vuL9s", "Errors.User.NotFound")
}
if err := wm.checkPermissionWrite(ctx, wm.ResourceOwner, wm.AggregateID); err != nil {
return nil, "", err
}
if wm.PhoneCode == nil {
return nil, "", zerrors.ThrowPreconditionFailed(err, "COMMAND-fEsHdqECzb", "Errors.User.Code.Empty")
}
event, plainCode, err := wm.newPhoneCodeAddedEvent(ctx, code, isReturnCode)
if err != nil {
return nil, "", err
}
return []eventstore.Command{event}, plainCode, nil
}
func (wm *UserV3WriteModel) newPhoneCodeAddedEvent(
ctx context.Context,
code func(context.Context) (*EncryptedCode, string, error),
isReturnCode bool,
) (_ *schemauser.PhoneCodeAddedEvent, plainCode string, err error) {
cryptoCode, generatorID, err := code(ctx)
if err != nil {
return nil, "", err
}
if isReturnCode {
plainCode = cryptoCode.Plain
}
return schemauser.NewPhoneCodeAddedEvent(ctx,
UserV3AggregateFromWriteModel(&wm.WriteModel),
cryptoCode.CryptedCode(),
cryptoCode.CodeExpiry(),
isReturnCode,
generatorID,
), plainCode, nil
}