mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-24 00:28:18 +00:00
b5564572bc
This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
207 lines
5.7 KiB
Go
207 lines
5.7 KiB
Go
package query
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
errs "errors"
|
|
"time"
|
|
|
|
sq "github.com/Masterminds/squirrel"
|
|
|
|
"github.com/zitadel/logging"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/api/call"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
"github.com/zitadel/zitadel/internal/eventstore/handler/v2"
|
|
"github.com/zitadel/zitadel/internal/query/projection"
|
|
"github.com/zitadel/zitadel/internal/telemetry/tracing"
|
|
)
|
|
|
|
type PrivacyPolicy struct {
|
|
ID string
|
|
Sequence uint64
|
|
CreationDate time.Time
|
|
ChangeDate time.Time
|
|
ResourceOwner string
|
|
State domain.PolicyState
|
|
|
|
TOSLink string
|
|
PrivacyLink string
|
|
HelpLink string
|
|
SupportEmail domain.EmailAddress
|
|
|
|
IsDefault bool
|
|
}
|
|
|
|
var (
|
|
privacyTable = table{
|
|
name: projection.PrivacyPolicyTable,
|
|
instanceIDCol: projection.PrivacyPolicyInstanceIDCol,
|
|
}
|
|
PrivacyColID = Column{
|
|
name: projection.PrivacyPolicyIDCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColSequence = Column{
|
|
name: projection.PrivacyPolicySequenceCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColCreationDate = Column{
|
|
name: projection.PrivacyPolicyCreationDateCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColChangeDate = Column{
|
|
name: projection.PrivacyPolicyChangeDateCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColResourceOwner = Column{
|
|
name: projection.PrivacyPolicyResourceOwnerCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColInstanceID = Column{
|
|
name: projection.PrivacyPolicyInstanceIDCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColPrivacyLink = Column{
|
|
name: projection.PrivacyPolicyPrivacyLinkCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColTOSLink = Column{
|
|
name: projection.PrivacyPolicyTOSLinkCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColHelpLink = Column{
|
|
name: projection.PrivacyPolicyHelpLinkCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColSupportEmail = Column{
|
|
name: projection.PrivacyPolicySupportEmailCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColIsDefault = Column{
|
|
name: projection.PrivacyPolicyIsDefaultCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColState = Column{
|
|
name: projection.PrivacyPolicyStateCol,
|
|
table: privacyTable,
|
|
}
|
|
PrivacyColOwnerRemoved = Column{
|
|
name: projection.PrivacyPolicyOwnerRemovedCol,
|
|
table: privacyTable,
|
|
}
|
|
)
|
|
|
|
func (q *Queries) PrivacyPolicyByOrg(ctx context.Context, shouldTriggerBulk bool, orgID string, withOwnerRemoved bool) (policy *PrivacyPolicy, err error) {
|
|
ctx, span := tracing.NewSpan(ctx)
|
|
defer func() { span.EndWithError(err) }()
|
|
|
|
if shouldTriggerBulk {
|
|
ctx, err = projection.PrivacyPolicyProjection.Trigger(ctx, handler.WithAwaitRunning())
|
|
logging.OnError(err).Debug("trigger failed")
|
|
}
|
|
eq := sq.Eq{PrivacyColInstanceID.identifier(): authz.GetInstance(ctx).InstanceID()}
|
|
if !withOwnerRemoved {
|
|
eq[PrivacyColOwnerRemoved.identifier()] = false
|
|
}
|
|
stmt, scan := preparePrivacyPolicyQuery(ctx, q.client)
|
|
query, args, err := stmt.Where(
|
|
sq.And{
|
|
eq,
|
|
sq.Or{
|
|
sq.Eq{PrivacyColID.identifier(): orgID},
|
|
sq.Eq{PrivacyColID.identifier(): authz.GetInstance(ctx).InstanceID()},
|
|
},
|
|
}).
|
|
OrderBy(PrivacyColIsDefault.identifier()).Limit(1).ToSql()
|
|
if err != nil {
|
|
return nil, errors.ThrowInternal(err, "QUERY-UXuPI", "Errors.Query.SQLStatement")
|
|
}
|
|
|
|
err = q.client.QueryRowContext(ctx, func(row *sql.Row) error {
|
|
policy, err = scan(row)
|
|
return err
|
|
}, query, args...)
|
|
return policy, err
|
|
}
|
|
|
|
func (q *Queries) DefaultPrivacyPolicy(ctx context.Context, shouldTriggerBulk bool) (policy *PrivacyPolicy, err error) {
|
|
ctx, span := tracing.NewSpan(ctx)
|
|
defer func() { span.EndWithError(err) }()
|
|
|
|
if shouldTriggerBulk {
|
|
ctx, err = projection.PrivacyPolicyProjection.Trigger(ctx, handler.WithAwaitRunning())
|
|
logging.OnError(err).Debug("trigger failed")
|
|
}
|
|
|
|
stmt, scan := preparePrivacyPolicyQuery(ctx, q.client)
|
|
query, args, err := stmt.Where(sq.Eq{
|
|
PrivacyColID.identifier(): authz.GetInstance(ctx).InstanceID(),
|
|
PrivacyColInstanceID.identifier(): authz.GetInstance(ctx).InstanceID(),
|
|
}).
|
|
OrderBy(PrivacyColIsDefault.identifier()).
|
|
Limit(1).ToSql()
|
|
if err != nil {
|
|
return nil, errors.ThrowInternal(err, "QUERY-LkFZ7", "Errors.Query.SQLStatement")
|
|
}
|
|
|
|
err = q.client.QueryRowContext(ctx, func(row *sql.Row) error {
|
|
policy, err = scan(row)
|
|
return err
|
|
}, query, args...)
|
|
return policy, err
|
|
}
|
|
|
|
func preparePrivacyPolicyQuery(ctx context.Context, db prepareDatabase) (sq.SelectBuilder, func(*sql.Row) (*PrivacyPolicy, error)) {
|
|
return sq.Select(
|
|
PrivacyColID.identifier(),
|
|
PrivacyColSequence.identifier(),
|
|
PrivacyColCreationDate.identifier(),
|
|
PrivacyColChangeDate.identifier(),
|
|
PrivacyColResourceOwner.identifier(),
|
|
PrivacyColPrivacyLink.identifier(),
|
|
PrivacyColTOSLink.identifier(),
|
|
PrivacyColHelpLink.identifier(),
|
|
PrivacyColSupportEmail.identifier(),
|
|
PrivacyColIsDefault.identifier(),
|
|
PrivacyColState.identifier(),
|
|
).
|
|
From(privacyTable.identifier() + db.Timetravel(call.Took(ctx))).
|
|
PlaceholderFormat(sq.Dollar),
|
|
func(row *sql.Row) (*PrivacyPolicy, error) {
|
|
policy := new(PrivacyPolicy)
|
|
err := row.Scan(
|
|
&policy.ID,
|
|
&policy.Sequence,
|
|
&policy.CreationDate,
|
|
&policy.ChangeDate,
|
|
&policy.ResourceOwner,
|
|
&policy.PrivacyLink,
|
|
&policy.TOSLink,
|
|
&policy.HelpLink,
|
|
&policy.SupportEmail,
|
|
&policy.IsDefault,
|
|
&policy.State,
|
|
)
|
|
if err != nil {
|
|
if errs.Is(err, sql.ErrNoRows) {
|
|
return nil, errors.ThrowNotFound(err, "QUERY-vNMHL", "Errors.PrivacyPolicy.NotFound")
|
|
}
|
|
return nil, errors.ThrowInternal(err, "QUERY-csrdo", "Errors.Internal")
|
|
}
|
|
return policy, nil
|
|
}
|
|
}
|
|
|
|
func (p *PrivacyPolicy) ToDomain() *domain.PrivacyPolicy {
|
|
return &domain.PrivacyPolicy{
|
|
TOSLink: p.TOSLink,
|
|
PrivacyLink: p.PrivacyLink,
|
|
HelpLink: p.HelpLink,
|
|
SupportEmail: p.SupportEmail,
|
|
Default: p.IsDefault,
|
|
}
|
|
}
|