TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-07-14 22:28:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal/command/project_application.go
Marco A. 2691dae2b6
feat: App API v2 (#10077) 
# Which Problems Are Solved

This PR *partially* addresses #9450 . Specifically, it implements the
resource based API for the apps. APIs for app keys ARE not part of this
PR.

# How the Problems Are Solved

- `CreateApplication`, `PatchApplication` (update) and
`RegenerateClientSecret` endpoints are now unique for all app types:
API, SAML and OIDC apps.
  - All new endpoints have integration tests
  - All new endpoints are using permission checks V2

# Additional Changes

- The `ListApplications` endpoint allows to do sorting (see protobuf for
details) and filtering by app type (see protobuf).
- SAML and OIDC update endpoint can now receive requests for partial
updates

# Additional Context

Partially addresses #9450
2025-06-27 17:25:44 +02:00

170 lines
6.2 KiB
Go
Raw Blame History

package command
import (
"context"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/repository/project"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
"github.com/zitadel/zitadel/internal/zerrors"
)
type AddApp struct {
Aggregate project.Aggregate
ID string
Name string
}
func (c *Commands) UpdateApplicationName(ctx context.Context, projectID string, appChange domain.Application, resourceOwner string) (*domain.ObjectDetails, error) {
if projectID == "" || appChange.GetAppID() == "" || appChange.GetApplicationName() == "" {
return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-4m9vS", "Errors.Project.App.Invalid")
}
existingApp, err := c.getApplicationWriteModel(ctx, projectID, appChange.GetAppID(), resourceOwner)
if err != nil {
return nil, err
}
if existingApp.State == domain.AppStateUnspecified || existingApp.State == domain.AppStateRemoved {
return nil, zerrors.ThrowNotFound(nil, "COMMAND-28di9", "Errors.Project.App.NotExisting")
}
if existingApp.Name == appChange.GetApplicationName() {
return nil, zerrors.ThrowPreconditionFailed(nil, "COMMAND-2m8vx", "Errors.NoChangesFound")
}
if err := c.eventstore.FilterToQueryReducer(ctx, existingApp); err != nil {
return nil, err
}
if err := c.checkPermissionUpdateApplication(ctx, existingApp.ResourceOwner, existingApp.AggregateID); err != nil {
return nil, err
}
projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel)
pushedEvents, err := c.eventstore.Push(
ctx,
project.NewApplicationChangedEvent(ctx, projectAgg, appChange.GetAppID(), existingApp.Name, appChange.GetApplicationName()))
if err != nil {
return nil, err
}
err = AppendAndReduce(existingApp, pushedEvents...)
if err != nil {
return nil, err
}
return writeModelToObjectDetails(&existingApp.WriteModel), nil
}
func (c *Commands) DeactivateApplication(ctx context.Context, projectID, appID, resourceOwner string) (*domain.ObjectDetails, error) {
if projectID == "" || appID == "" {
return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-88fi0", "Errors.IDMissing")
}
existingApp, err := c.getApplicationWriteModel(ctx, projectID, appID, resourceOwner)
if err != nil {
return nil, err
}
if existingApp.State == domain.AppStateUnspecified || existingApp.State == domain.AppStateRemoved {
return nil, zerrors.ThrowNotFound(nil, "COMMAND-ov9d3", "Errors.Project.App.NotExisting")
}
if existingApp.State != domain.AppStateActive {
return nil, zerrors.ThrowPreconditionFailed(nil, "COMMAND-dsh35", "Errors.Project.App.NotActive")
}
if err := c.eventstore.FilterToQueryReducer(ctx, existingApp); err != nil {
return nil, err
}
if err := c.checkPermissionUpdateApplication(ctx, existingApp.ResourceOwner, existingApp.AggregateID); err != nil {
return nil, err
}
projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel)
pushedEvents, err := c.eventstore.Push(ctx, project.NewApplicationDeactivatedEvent(ctx, projectAgg, appID))
if err != nil {
return nil, err
}
err = AppendAndReduce(existingApp, pushedEvents...)
if err != nil {
return nil, err
}
return writeModelToObjectDetails(&existingApp.WriteModel), nil
}
func (c *Commands) ReactivateApplication(ctx context.Context, projectID, appID, resourceOwner string) (*domain.ObjectDetails, error) {
if projectID == "" || appID == "" {
return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-983dF", "Errors.IDMissing")
}
existingApp, err := c.getApplicationWriteModel(ctx, projectID, appID, resourceOwner)
if err != nil {
return nil, err
}
if existingApp.State == domain.AppStateUnspecified || existingApp.State == domain.AppStateRemoved {
return nil, zerrors.ThrowNotFound(nil, "COMMAND-ov9d3", "Errors.Project.App.NotExisting")
}
if existingApp.State != domain.AppStateInactive {
return nil, zerrors.ThrowPreconditionFailed(nil, "COMMAND-1n8cM", "Errors.Project.App.NotInactive")
}
if err := c.checkPermissionUpdateApplication(ctx, existingApp.ResourceOwner, existingApp.AggregateID); err != nil {
return nil, err
}
projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel)
pushedEvents, err := c.eventstore.Push(ctx, project.NewApplicationReactivatedEvent(ctx, projectAgg, appID))
if err != nil {
return nil, err
}
err = AppendAndReduce(existingApp, pushedEvents...)
if err != nil {
return nil, err
}
return writeModelToObjectDetails(&existingApp.WriteModel), nil
}
func (c *Commands) RemoveApplication(ctx context.Context, projectID, appID, resourceOwner string) (*domain.ObjectDetails, error) {
if projectID == "" || appID == "" {
return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-1b7Jf", "Errors.IDMissing")
}
existingApp, err := c.getApplicationWriteModel(ctx, projectID, appID, resourceOwner)
if err != nil {
return nil, err
}
if existingApp.State == domain.AppStateUnspecified || existingApp.State == domain.AppStateRemoved {
return nil, zerrors.ThrowNotFound(nil, "COMMAND-0po9s", "Errors.Project.App.NotExisting")
}
if err := c.eventstore.FilterToQueryReducer(ctx, existingApp); err != nil {
return nil, err
}
if err := c.checkPermissionDeleteApp(ctx, existingApp.ResourceOwner, existingApp.AggregateID); err != nil {
return nil, err
}
projectAgg := ProjectAggregateFromWriteModel(&existingApp.WriteModel)
entityID := ""
samlWriteModel, err := c.getSAMLAppWriteModel(ctx, projectID, appID, resourceOwner)
if err == nil && samlWriteModel.State != domain.AppStateUnspecified && samlWriteModel.State != domain.AppStateRemoved && samlWriteModel.saml {
entityID = samlWriteModel.EntityID
}
pushedEvents, err := c.eventstore.Push(ctx, project.NewApplicationRemovedEvent(ctx, projectAgg, appID, existingApp.Name, entityID))
if err != nil {
return nil, err
}
err = AppendAndReduce(existingApp, pushedEvents...)
if err != nil {
return nil, err
}
return writeModelToObjectDetails(&existingApp.WriteModel), nil
}
func (c *Commands) getApplicationWriteModel(ctx context.Context, projectID, appID, resourceOwner string) (_ *ApplicationWriteModel, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
appWriteModel := NewApplicationWriteModelWithAppIDC(projectID, appID, resourceOwner)
err = c.eventstore.FilterToQueryReducer(ctx, appWriteModel)
if err != nil {
return nil, err
}
return appWriteModel, nil
}
Reference in New Issue View Git Blame Copy Permalink