mirror of
https://github.com/zitadel/zitadel.git
synced 2025-10-24 21:19:43 +00:00

# Which Problems Are Solved In versions previous to v2.66 it was possible to set a different resource owner on project grants. This was introduced with the new resource based API. The resource owner was possible to overwrite using the x-zitadel-org header. Because of this issue project grants got the wrong resource owner, instead of the owner of the project it got the granted org which is wrong because a resource owner of an aggregate is not allowed to change. # How the Problems Are Solved - The wrong owners of the events are set to the original owner of the project. - A new event is pushed to these aggregates `project.owner.corrected` - The projection updates the owners of the user grants if that event was written # Additional Changes The eventstore push function (replaced in version 2.66) writes the correct resource owner. # Additional Context closes https://github.com/zitadel/zitadel/issues/9072
41 lines
773 B
Go
41 lines
773 B
Go
package owner
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
)
|
|
|
|
const OwnerCorrectedType = ".owner.corrected"
|
|
|
|
type Corrected struct {
|
|
eventstore.BaseEvent `json:"-"`
|
|
|
|
PreviousOwners map[uint32]string `json:"previousOwners,omitempty"`
|
|
}
|
|
|
|
var _ eventstore.Command = (*Corrected)(nil)
|
|
|
|
func (e *Corrected) Payload() interface{} {
|
|
return e
|
|
}
|
|
|
|
func (e *Corrected) UniqueConstraints() []*eventstore.UniqueConstraint {
|
|
return nil
|
|
}
|
|
|
|
func NewCorrected(
|
|
ctx context.Context,
|
|
aggregate *eventstore.Aggregate,
|
|
previousOwners map[uint32]string,
|
|
) *Corrected {
|
|
return &Corrected{
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
ctx,
|
|
aggregate,
|
|
eventstore.EventType(aggregate.Type+OwnerCorrectedType),
|
|
),
|
|
PreviousOwners: previousOwners,
|
|
}
|
|
}
|