TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 19:14:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
029a6d393a
zitadel/internal/command/user_machine_model.go
Tim Möhlmann 2089992d75
feat(crypto): use passwap for machine and app secrets (#7657) 
* feat(crypto): use passwap for machine and app secrets

* fix command package tests

* add hash generator command test

* naming convention, fix query tests

* rename PasswordHasher and cleanup start commands

* add reducer tests

* fix intergration tests, cleanup old config

* add app secret unit tests

* solve setup panics

* fix push of updated events

* add missing event translations

* update documentation

* solve linter errors

* remove nolint:SA1019 as it doesn't seem to help anyway

* add nolint to deprecated filter usage

* update users migration version

* remove unused ClientSecret from APIConfigChangedEvent

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-04-05 09:35:49 +00:00

131 lines
3.5 KiB
Go
Raw Blame History

package command
import (
"context"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/repository/user"
)
type MachineWriteModel struct {
eventstore.WriteModel
UserName string
Name string
Description string
UserState domain.UserState
AccessTokenType domain.OIDCTokenType
HashedSecret string
}
func NewMachineWriteModel(userID, resourceOwner string) *MachineWriteModel {
return &MachineWriteModel{
WriteModel: eventstore.WriteModel{
AggregateID: userID,
ResourceOwner: resourceOwner,
},
}
}
func (wm *MachineWriteModel) Reduce() error {
for _, event := range wm.Events {
switch e := event.(type) {
case *user.MachineAddedEvent:
wm.UserName = e.UserName
wm.Name = e.Name
wm.Description = e.Description
wm.AccessTokenType = e.AccessTokenType
wm.UserState = domain.UserStateActive
case *user.UsernameChangedEvent:
wm.UserName = e.UserName
case *user.MachineChangedEvent:
if e.Name != nil {
wm.Name = *e.Name
}
if e.Description != nil {
wm.Description = *e.Description
}
if e.AccessTokenType != nil {
wm.AccessTokenType = *e.AccessTokenType
}
case *user.UserLockedEvent:
if wm.UserState != domain.UserStateDeleted {
wm.UserState = domain.UserStateLocked
}
case *user.UserUnlockedEvent:
if wm.UserState != domain.UserStateDeleted {
wm.UserState = domain.UserStateActive
}
case *user.UserDeactivatedEvent:
if wm.UserState != domain.UserStateDeleted {
wm.UserState = domain.UserStateInactive
}
case *user.UserReactivatedEvent:
if wm.UserState != domain.UserStateDeleted {
wm.UserState = domain.UserStateActive
}
case *user.UserRemovedEvent:
wm.UserState = domain.UserStateDeleted
case *user.MachineSecretSetEvent:
wm.HashedSecret = crypto.SecretOrEncodedHash(e.ClientSecret, e.HashedSecret)
case *user.MachineSecretRemovedEvent:
wm.HashedSecret = ""
case *user.MachineSecretHashUpdatedEvent:
wm.HashedSecret = e.HashedSecret
}
}
return wm.WriteModel.Reduce()
}
func (wm *MachineWriteModel) Query() *eventstore.SearchQueryBuilder {
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
ResourceOwner(wm.ResourceOwner).
AddQuery().
AggregateTypes(user.AggregateType).
AggregateIDs(wm.AggregateID).
EventTypes(user.MachineAddedEventType,
user.UserUserNameChangedType,
user.MachineChangedEventType,
user.UserLockedType,
user.UserUnlockedType,
user.UserDeactivatedType,
user.UserReactivatedType,
user.UserRemovedType,
user.MachineSecretSetType,
user.MachineSecretRemovedType,
user.MachineSecretHashUpdatedType,
).Builder()
}
func (wm *MachineWriteModel) NewChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
name,
description string,
accessTokenType domain.OIDCTokenType,
) (*user.MachineChangedEvent, bool, error) {
changes := make([]user.MachineChanges, 0)
var err error
if wm.Name != name {
changes = append(changes, user.ChangeName(name))
}
if wm.Description != description {
changes = append(changes, user.ChangeDescription(description))
}
if wm.AccessTokenType != accessTokenType {
changes = append(changes, user.ChangeAccessTokenType(accessTokenType))
}
if len(changes) == 0 {
return nil, false, nil
}
changeEvent, err := user.NewMachineChangedEvent(ctx, aggregate, changes)
if err != nil {
return nil, false, err
}
return changeEvent, true, nil
}
Reference in New Issue View Git Blame Copy Permalink