mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-24 00:28:18 +00:00
632639ae7f
* feat: enable iframe use * cleanup * fix mocks * fix linting * docs: add iframe usage to solution scenarios configurations * improve api * feat(console): security policy * description * remove unnecessary line * disable input button and urls when not enabled * add image to docs Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
74 lines
2.0 KiB
Go
74 lines
2.0 KiB
Go
package command
|
|
|
|
import (
|
|
"context"
|
|
"reflect"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
"github.com/zitadel/zitadel/internal/repository/instance"
|
|
)
|
|
|
|
type InstanceSecurityPolicyWriteModel struct {
|
|
eventstore.WriteModel
|
|
|
|
Enabled bool
|
|
AllowedOrigins []string
|
|
}
|
|
|
|
func NewInstanceSecurityPolicyWriteModel(ctx context.Context) *InstanceSecurityPolicyWriteModel {
|
|
return &InstanceSecurityPolicyWriteModel{
|
|
WriteModel: eventstore.WriteModel{
|
|
AggregateID: authz.GetInstance(ctx).InstanceID(),
|
|
ResourceOwner: authz.GetInstance(ctx).InstanceID(),
|
|
},
|
|
}
|
|
}
|
|
|
|
func (wm *InstanceSecurityPolicyWriteModel) Reduce() error {
|
|
for _, event := range wm.Events {
|
|
if e, ok := event.(*instance.SecurityPolicySetEvent); ok {
|
|
if e.Enabled != nil {
|
|
wm.Enabled = *e.Enabled
|
|
}
|
|
if e.AllowedOrigins != nil {
|
|
wm.AllowedOrigins = *e.AllowedOrigins
|
|
}
|
|
}
|
|
}
|
|
return wm.WriteModel.Reduce()
|
|
}
|
|
|
|
func (wm *InstanceSecurityPolicyWriteModel) Query() *eventstore.SearchQueryBuilder {
|
|
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
|
|
ResourceOwner(wm.ResourceOwner).
|
|
AddQuery().
|
|
AggregateTypes(instance.AggregateType).
|
|
AggregateIDs(wm.AggregateID).
|
|
EventTypes(
|
|
instance.SecurityPolicySetEventType).
|
|
Builder()
|
|
}
|
|
|
|
func (wm *InstanceSecurityPolicyWriteModel) NewSetEvent(
|
|
ctx context.Context,
|
|
aggregate *eventstore.Aggregate,
|
|
enabled bool,
|
|
allowedOrigins []string,
|
|
) (*instance.SecurityPolicySetEvent, error) {
|
|
changes := make([]instance.SecurityPolicyChanges, 0, 2)
|
|
var err error
|
|
|
|
if wm.Enabled != enabled {
|
|
changes = append(changes, instance.ChangeSecurityPolicyEnabled(enabled))
|
|
}
|
|
if enabled && !reflect.DeepEqual(wm.AllowedOrigins, allowedOrigins) {
|
|
changes = append(changes, instance.ChangeSecurityPolicyAllowedOrigins(allowedOrigins))
|
|
}
|
|
changeEvent, err := instance.NewSecurityPolicySetEvent(ctx, aggregate, changes)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return changeEvent, nil
|
|
}
|