TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 11:34:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
87560157c1
zitadel/internal/query/lockout_policy.go
Livio Amstutz 958362e6c9
feat: handle instance from context (#3382) 
* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* fix tokens view

* fix steps.yaml and defaults.yaml

* fix projections

* change instance context to interface

* instance interceptors and additional events in setup

* cleanup

* tests for interceptors

* fix label policy

* add todo

* single api endpoint in environment.json

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-29 11:53:19 +02:00

155 lines
3.9 KiB
Go
Raw Blame History

package query
import (
"context"
"database/sql"
errs "errors"
"time"
sq "github.com/Masterminds/squirrel"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/domain"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/query/projection"
)
type LockoutPolicy struct {
ID string
Sequence uint64
CreationDate time.Time
ChangeDate time.Time
ResourceOwner string
State domain.PolicyState
MaxPasswordAttempts uint64
ShowFailures bool
IsDefault bool
}
var (
lockoutTable = table{
name: projection.LockoutPolicyTable,
}
LockoutColID = Column{
name: projection.LockoutPolicyIDCol,
table: lockoutTable,
}
LockoutColInstanceID = Column{
name: projection.LockoutPolicyInstanceIDCol,
table: lockoutTable,
}
LockoutColSequence = Column{
name: projection.LockoutPolicySequenceCol,
table: lockoutTable,
}
LockoutColCreationDate = Column{
name: projection.LockoutPolicyCreationDateCol,
table: lockoutTable,
}
LockoutColChangeDate = Column{
name: projection.LockoutPolicyChangeDateCol,
table: lockoutTable,
}
LockoutColResourceOwner = Column{
name: projection.LockoutPolicyResourceOwnerCol,
table: lockoutTable,
}
LockoutColShowFailures = Column{
name: projection.LockoutPolicyShowLockOutFailuresCol,
table: lockoutTable,
}
LockoutColMaxPasswordAttempts = Column{
name: projection.LockoutPolicyMaxPasswordAttemptsCol,
table: lockoutTable,
}
LockoutColIsDefault = Column{
name: projection.LockoutPolicyIsDefaultCol,
table: lockoutTable,
}
LockoutColState = Column{
name: projection.LockoutPolicyStateCol,
table: lockoutTable,
}
)
func (q *Queries) LockoutPolicyByOrg(ctx context.Context, orgID string) (*LockoutPolicy, error) {
stmt, scan := prepareLockoutPolicyQuery()
query, args, err := stmt.Where(
sq.And{
sq.Eq{
LockoutColInstanceID.identifier(): authz.GetInstance(ctx).InstanceID(),
},
sq.Or{
sq.Eq{
LockoutColID.identifier(): orgID,
},
sq.Eq{
LockoutColID.identifier(): domain.IAMID,
},
},
}).
OrderBy(LockoutColIsDefault.identifier()).
Limit(1).ToSql()
if err != nil {
return nil, errors.ThrowInternal(err, "QUERY-SKR6X", "Errors.Query.SQLStatement")
}
row := q.client.QueryRowContext(ctx, query, args...)
return scan(row)
}
func (q *Queries) DefaultLockoutPolicy(ctx context.Context) (*LockoutPolicy, error) {
stmt, scan := prepareLockoutPolicyQuery()
query, args, err := stmt.Where(sq.Eq{
LockoutColID.identifier(): domain.IAMID,
LockoutColInstanceID.identifier(): authz.GetInstance(ctx).InstanceID(),
}).
OrderBy(LockoutColIsDefault.identifier()).
Limit(1).ToSql()
if err != nil {
return nil, errors.ThrowInternal(err, "QUERY-mN0Ci", "Errors.Query.SQLStatement")
}
row := q.client.QueryRowContext(ctx, query, args...)
return scan(row)
}
func prepareLockoutPolicyQuery() (sq.SelectBuilder, func(*sql.Row) (*LockoutPolicy, error)) {
return sq.Select(
LockoutColID.identifier(),
LockoutColSequence.identifier(),
LockoutColCreationDate.identifier(),
LockoutColChangeDate.identifier(),
LockoutColResourceOwner.identifier(),
LockoutColShowFailures.identifier(),
LockoutColMaxPasswordAttempts.identifier(),
LockoutColIsDefault.identifier(),
LockoutColState.identifier(),
).
From(lockoutTable.identifier()).PlaceholderFormat(sq.Dollar),
func(row *sql.Row) (*LockoutPolicy, error) {
policy := new(LockoutPolicy)
err := row.Scan(
&policy.ID,
&policy.Sequence,
&policy.CreationDate,
&policy.ChangeDate,
&policy.ResourceOwner,
&policy.ShowFailures,
&policy.MaxPasswordAttempts,
&policy.IsDefault,
&policy.State,
)
if err != nil {
if errs.Is(err, sql.ErrNoRows) {
return nil, errors.ThrowNotFound(err, "QUERY-63mtI", "Errors.PasswordComplexityPolicy.NotFound")
}
return nil, errors.ThrowInternal(err, "QUERY-uulCZ", "Errors.Internal")
}
return policy, nil
}
}
Reference in New Issue View Git Blame Copy Permalink