Fabi bc951985ed
feat: Lockout policy (#2121)
* feat: lock users if lockout policy is set

* feat: setup

* feat: lock user on password failes

* feat: render error

* feat: lock user on command side

* feat: auth_req tests

* feat: lockout policy docs

* feat: remove show lockout failures from proto

* fix: console lockout

* feat: tests

* fix: tests

* unlock function

* add unlock button

* fix migration version

* lockout policy

* lint

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: err message

* Update internal/command/setup_step4.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2021-08-11 06:36:32 +00:00

109 lines
2.6 KiB
Go

package model
import (
"strings"
"github.com/golang/protobuf/ptypes/timestamp"
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
iam_model "github.com/caos/zitadel/internal/iam/model"
)
type Org struct {
es_models.ObjectRoot
State OrgState
Name string
Domains []*OrgDomain
Members []*OrgMember
OrgIamPolicy *iam_model.OrgIAMPolicy
LoginPolicy *iam_model.LoginPolicy
LabelPolicy *iam_model.LabelPolicy
MailTemplate *iam_model.MailTemplate
MailTexts []*iam_model.MailText
PasswordComplexityPolicy *iam_model.PasswordComplexityPolicy
PasswordAgePolicy *iam_model.PasswordAgePolicy
LockoutPolicy *iam_model.LockoutPolicy
IDPs []*iam_model.IDPConfig
}
type OrgChanges struct {
Changes []*OrgChange
LastSequence uint64
}
type OrgChange struct {
ChangeDate *timestamp.Timestamp `json:"changeDate,omitempty"`
EventType string `json:"eventType,omitempty"`
Sequence uint64 `json:"sequence,omitempty"`
ModifierId string `json:"modifierUser,omitempty"`
ModifierName string `json:"-"`
ModifierLoginName string `json:"-"`
ModifierAvatarURL string `json:"-"`
Data interface{} `json:"data,omitempty"`
}
type OrgState int32
const (
OrgStateActive OrgState = iota
OrgStateInactive
)
func NewOrg(id string) *Org {
return &Org{ObjectRoot: es_models.ObjectRoot{AggregateID: id}, State: OrgStateActive}
}
func (o *Org) IsActive() bool {
return o.State == OrgStateActive
}
func (o *Org) IsValid() bool {
return o.Name != ""
}
func (o *Org) GetDomain(domain *OrgDomain) (int, *OrgDomain) {
for i, d := range o.Domains {
if d.Domain == domain.Domain {
return i, d
}
}
return -1, nil
}
func (o *Org) GetIDP(idpID string) (int, *iam_model.IDPConfig) {
for i, idp := range o.IDPs {
if idp.IDPConfigID == idpID {
return i, idp
}
}
return -1, nil
}
func (o *Org) GetPrimaryDomain() *OrgDomain {
for _, d := range o.Domains {
if d.Primary {
return d
}
}
return nil
}
func (o *Org) MemeberByUserID(userID string) (*OrgMember, int) {
for i, member := range o.Members {
if member.UserID == userID {
return member, i
}
}
return nil, -1
}
func (o *Org) nameForDomain(iamDomain string) string {
return strings.ToLower(strings.ReplaceAll(o.Name, " ", "-") + "." + iamDomain)
}
func (o *Org) AddIAMDomain(iamDomain string) {
o.Domains = append(o.Domains, &OrgDomain{Domain: o.nameForDomain(iamDomain), Verified: true, Primary: true})
}