mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-13 11:34:26 +00:00
c5b99274d7
* commander * commander * selber! * move to packages * fix(errors): implement Is interface * test: command * test: commands * add init steps * setup tenant * add default step yaml * possibility to set password * merge v2 into v2-commander * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: search query builder can filter events in memory * fix: filters for add member * fix(setup): add `ExternalSecure` to config * chore: name iam to instance * fix: matching * remove unsued func * base url * base url * test(command): filter funcs * test: commands * fix: rename orgiampolicy to domain policy * start from init * commands * config * fix indexes and add constraints * fixes * fix: merge conflicts * fix: protos * fix: md files * setup * add deprecated org iam policy again * typo * fix search query * fix filter * Apply suggestions from code review * remove custom org from org setup * add todos for verification * change apps creation * simplify package structure * fix error * move preparation helper for tests * fix unique constraints * fix config mapping in setup * fix error handling in encryption_keys.go * fix projection config * fix query from old views to projection * fix setup of mgmt api * set iam project and fix instance projection * imports Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
66 lines
1.9 KiB
Go
66 lines
1.9 KiB
Go
package command
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/caos/zitadel/internal/command/v2/preparation"
|
|
"github.com/caos/zitadel/internal/errors"
|
|
"github.com/caos/zitadel/internal/eventstore"
|
|
"github.com/caos/zitadel/internal/repository/org"
|
|
)
|
|
|
|
func AddOrgMember(a *org.Aggregate, userID string, roles ...string) preparation.Validation {
|
|
return func() (preparation.CreateCommands, error) {
|
|
if userID == "" {
|
|
return nil, errors.ThrowInvalidArgument(nil, "ORG-4Mlfs", "Errors.Invalid.Argument")
|
|
}
|
|
// TODO: check roles
|
|
return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) {
|
|
if exists, err := ExistsUser(ctx, filter, userID, a.ID); err != nil || !exists {
|
|
return nil, errors.ThrowNotFound(err, "ORG-GoXOn", "Errors.User.NotFound")
|
|
}
|
|
if isMember, err := IsOrgMember(ctx, filter, a.ID, userID); err != nil || isMember {
|
|
return nil, errors.ThrowAlreadyExists(err, "ORG-poWwe", "Errors.Org.Member.AlreadyExists")
|
|
}
|
|
return []eventstore.Command{org.NewMemberAddedEvent(ctx, &a.Aggregate, userID, roles...)}, nil
|
|
},
|
|
nil
|
|
}
|
|
}
|
|
|
|
func IsOrgMember(ctx context.Context, filter preparation.FilterToQueryReducer, orgID, userID string) (isMember bool, err error) {
|
|
events, err := filter(ctx, eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
|
|
ResourceOwner(orgID).
|
|
OrderAsc().
|
|
AddQuery().
|
|
AggregateIDs(orgID).
|
|
AggregateTypes(org.AggregateType).
|
|
EventTypes(
|
|
org.MemberAddedEventType,
|
|
org.MemberRemovedEventType,
|
|
org.MemberCascadeRemovedEventType,
|
|
).Builder())
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
for _, event := range events {
|
|
switch e := event.(type) {
|
|
case *org.MemberAddedEvent:
|
|
if e.UserID == userID {
|
|
isMember = true
|
|
}
|
|
case *org.MemberRemovedEvent:
|
|
if e.UserID == userID {
|
|
isMember = false
|
|
}
|
|
case *org.MemberCascadeRemovedEvent:
|
|
if e.UserID == userID {
|
|
isMember = false
|
|
}
|
|
}
|
|
}
|
|
|
|
return isMember, nil
|
|
}
|