package projection
import (
"context"
"github.com/zitadel/zitadel/internal/eventstore"
old_handler "github.com/zitadel/zitadel/internal/eventstore/handler"
"github.com/zitadel/zitadel/internal/eventstore/handler/v2"
"github.com/zitadel/zitadel/internal/repository/instance"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
SecurityPolicyProjectionTable = "projections.security_policies2"
SecurityPolicyColumnInstanceID = "instance_id"
SecurityPolicyColumnCreationDate = "creation_date"
SecurityPolicyColumnChangeDate = "change_date"
SecurityPolicyColumnSequence = "sequence"
SecurityPolicyColumnEnableIframeEmbedding = "enable_iframe_embedding"
SecurityPolicyColumnAllowedOrigins = "origins"
SecurityPolicyColumnEnableImpersonation = "enable_impersonation"
)
type securityPolicyProjection struct{}
func newSecurityPolicyProjection(ctx context.Context, config handler.Config) *handler.Handler {
return handler.NewHandler(ctx, &config, new(securityPolicyProjection))
}
func (*securityPolicyProjection) Name() string {
return SecurityPolicyProjectionTable
}
func (*securityPolicyProjection) Init() *old_handler.Check {
return handler.NewTableCheck(
handler.NewTable([]*handler.InitColumn{
handler.NewColumn(SecurityPolicyColumnCreationDate, handler.ColumnTypeTimestamp),
handler.NewColumn(SecurityPolicyColumnChangeDate, handler.ColumnTypeTimestamp),
handler.NewColumn(SecurityPolicyColumnInstanceID, handler.ColumnTypeText),
handler.NewColumn(SecurityPolicyColumnSequence, handler.ColumnTypeInt64),
handler.NewColumn(SecurityPolicyColumnEnableIframeEmbedding, handler.ColumnTypeBool, handler.Default(false)),
handler.NewColumn(SecurityPolicyColumnAllowedOrigins, handler.ColumnTypeTextArray, handler.Nullable()),
handler.NewColumn(SecurityPolicyColumnEnableImpersonation, handler.ColumnTypeBool, handler.Default(false)),
},
handler.NewPrimaryKey(SecurityPolicyColumnInstanceID),
),
)
}
func (p *securityPolicyProjection) Reducers() []handler.AggregateReducer {
return []handler.AggregateReducer{
{
Aggregate: instance.AggregateType,
EventReducers: []handler.EventReducer{
{
Event: instance.SecurityPolicySetEventType,
Reduce: p.reduceSecurityPolicySet,
},
{
Event: instance.InstanceRemovedEventType,
Reduce: reduceInstanceRemovedHelper(SecurityPolicyColumnInstanceID),
},
},
},
}
}
func (p *securityPolicyProjection) reduceSecurityPolicySet(event eventstore.Event) (*handler.Statement, error) {
e, ok := event.(*instance.SecurityPolicySetEvent)
if !ok {
return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-D3g87", "reduce.wrong.event.type %s", instance.SecurityPolicySetEventType)
}
changes := []handler.Column{
handler.NewCol(SecurityPolicyColumnCreationDate, handler.OnlySetValueOnInsert(SecurityPolicyProjectionTable, e.CreationDate())),
handler.NewCol(SecurityPolicyColumnChangeDate, e.CreationDate()),
handler.NewCol(SecurityPolicyColumnInstanceID, e.Aggregate().InstanceID),
handler.NewCol(SecurityPolicyColumnSequence, e.Sequence()),
}
if e.EnableIframeEmbedding != nil {
changes = append(changes, handler.NewCol(SecurityPolicyColumnEnableIframeEmbedding, *e.EnableIframeEmbedding))
} else if e.Enabled != nil {
changes = append(changes, handler.NewCol(SecurityPolicyColumnEnableIframeEmbedding, *e.Enabled))
}
if e.AllowedOrigins != nil {
changes = append(changes, handler.NewCol(SecurityPolicyColumnAllowedOrigins, e.AllowedOrigins))
}
if e.EnableImpersonation != nil {
changes = append(changes, handler.NewCol(SecurityPolicyColumnEnableImpersonation, e.EnableImpersonation))
}
return handler.NewUpsertStatement(
e,
[]handler.Column{
handler.NewCol(SecurityPolicyColumnInstanceID, ""),
},
changes,
), nil
}