mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-10 19:53:41 +00:00
127 lines
3.2 KiB
Go
127 lines
3.2 KiB
Go
package command
|
|
|
|
import (
|
|
"context"
|
|
"time"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
"github.com/zitadel/zitadel/internal/repository/user/authenticator"
|
|
"github.com/zitadel/zitadel/internal/zerrors"
|
|
)
|
|
|
|
type PublicKeyV3WriteModel struct {
|
|
eventstore.WriteModel
|
|
UserID string
|
|
ExpirationDate time.Time
|
|
PublicKey []byte
|
|
|
|
checkPermission domain.PermissionCheck
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) GetWriteModel() *eventstore.WriteModel {
|
|
return &wm.WriteModel
|
|
}
|
|
|
|
func NewPublicKeyV3WriteModel(resourceOwner, userID, id string, checkPermission domain.PermissionCheck) *PublicKeyV3WriteModel {
|
|
return &PublicKeyV3WriteModel{
|
|
WriteModel: eventstore.WriteModel{
|
|
AggregateID: id,
|
|
ResourceOwner: resourceOwner,
|
|
},
|
|
UserID: userID,
|
|
checkPermission: checkPermission,
|
|
}
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) Reduce() error {
|
|
for _, event := range wm.Events {
|
|
switch e := event.(type) {
|
|
case *authenticator.PublicKeyCreatedEvent:
|
|
if e.UserID != wm.UserID {
|
|
continue
|
|
}
|
|
wm.UserID = e.UserID
|
|
wm.PublicKey = e.PublicKey
|
|
wm.ExpirationDate = e.ExpirationDate
|
|
case *authenticator.PublicKeyDeletedEvent:
|
|
wm.UserID = ""
|
|
wm.PublicKey = nil
|
|
wm.ExpirationDate = time.Time{}
|
|
}
|
|
}
|
|
return wm.WriteModel.Reduce()
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) Query() *eventstore.SearchQueryBuilder {
|
|
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
|
|
ResourceOwner(wm.ResourceOwner).
|
|
AddQuery().
|
|
AggregateTypes(authenticator.AggregateType).
|
|
AggregateIDs(wm.AggregateID).
|
|
EventTypes(
|
|
authenticator.PublicKeyCreatedType,
|
|
authenticator.PublicKeyDeletedType,
|
|
).Builder()
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) checkPermissionWrite(ctx context.Context) error {
|
|
if wm.UserID == authz.GetCtxData(ctx).UserID {
|
|
return nil
|
|
}
|
|
if err := wm.checkPermission(ctx, domain.PermissionUserWrite, wm.ResourceOwner, wm.UserID); err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) NewCreate(
|
|
ctx context.Context,
|
|
expirationDate time.Time,
|
|
publicKey []byte,
|
|
) ([]eventstore.Command, error) {
|
|
if err := wm.NotExists(); err != nil {
|
|
return nil, err
|
|
}
|
|
if err := wm.checkPermissionWrite(ctx); err != nil {
|
|
return nil, err
|
|
}
|
|
return []eventstore.Command{
|
|
authenticator.NewPublicKeyCreatedEvent(ctx,
|
|
AuthenticatorAggregateFromWriteModel(wm.GetWriteModel()),
|
|
wm.UserID,
|
|
expirationDate,
|
|
publicKey,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) NewDelete(ctx context.Context) ([]eventstore.Command, error) {
|
|
if err := wm.Exists(); err != nil {
|
|
return nil, err
|
|
}
|
|
if err := wm.checkPermissionWrite(ctx); err != nil {
|
|
return nil, err
|
|
}
|
|
return []eventstore.Command{
|
|
authenticator.NewPublicKeyDeletedEvent(ctx,
|
|
AuthenticatorAggregateFromWriteModel(wm.GetWriteModel()),
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) Exists() error {
|
|
if len(wm.PublicKey) == 0 {
|
|
return zerrors.ThrowNotFound(nil, "COMMAND-CqNteIqtCt", "Errors.User.NotFound")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (wm *PublicKeyV3WriteModel) NotExists() error {
|
|
if err := wm.Exists(); err != nil {
|
|
return nil
|
|
}
|
|
return zerrors.ThrowAlreadyExists(nil, "COMMAND-QkVpJv0DqA", "Errors.User.AlreadyExists")
|
|
}
|