mirror of
https://github.com/zitadel/zitadel.git
synced 2025-12-07 04:42:05 +00:00
99b2c33ccb
* feat: default custom message text * feat: org custom message text * feat: org custom message text * feat: custom messages query side * feat: default messages * feat: message text user fields * feat: check for inactive user * feat: fix send password reset * feat: fix custom org text * feat: add variables to docs * feat: custom text tests * feat: fix notifications * feat: add custom text feature * feat: add custom text feature * feat: feature in custom message texts * feat: add custom text feature in frontend * feat: merge main * feat: feature tests * feat: change phone message in setup * fix: remove unused code, add event translation * fix: merge main and fix problems * fix: english translation file * fix: migration versions * fix: setup * fix: custom login text * feat: add all possible custom texts for login * feat: iam login texts * feat: org login texts * feat: protos * fix: custom text in admin api * fix: add success login text * fix: docs * fix: add custom login texts to management api * fix: add sub messages to custom login texts * fix: setup custom texts * feat: get org login texts * feat: get org login texts * feat: handler in adminapi * feat: handlers in auth and admin * feat: render login texts * feat: custom login text * feat: add all login text keys * feat: handle correct login texts * feat: custom login texts in command side * feat: custom login texts in command side * feat: fix yaml file * feat: merge master and add confirmation text * feat: fix html * feat: read default login texts * feat: get default text files * feat: get custom texts org * feat: tests * feat: change translator handling * fix translator from authReq * feat: change h1 on login screens * feat: add custom login text for remove * feat: add custom login text for remove * feat: cache translation files * feat: cache translation files * feat: zitadel user in env var * feat: add registration user description * feat: better func naming * feat: tests * feat: add mutex to read file * feat: add mutex to read file * fix mutex for accessing translation map * fix: translation key Co-authored-by: Livio Amstutz <livio.a@gmail.com>
172 lines
4.8 KiB
Go
172 lines
4.8 KiB
Go
package handler
|
|
|
|
import (
|
|
"context"
|
|
"github.com/caos/logging"
|
|
"github.com/caos/zitadel/internal/domain"
|
|
caos_errs "github.com/caos/zitadel/internal/errors"
|
|
"github.com/caos/zitadel/internal/eventstore/v1"
|
|
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
|
|
"github.com/caos/zitadel/internal/eventstore/v1/query"
|
|
"github.com/caos/zitadel/internal/eventstore/v1/spooler"
|
|
"github.com/caos/zitadel/internal/iam/repository/eventsourcing"
|
|
iam_es_model "github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
|
|
iam_model "github.com/caos/zitadel/internal/iam/repository/view/model"
|
|
"github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
|
)
|
|
|
|
const (
|
|
loginPolicyTable = "management.login_policies"
|
|
)
|
|
|
|
type LoginPolicy struct {
|
|
handler
|
|
subscription *v1.Subscription
|
|
}
|
|
|
|
func newLoginPolicy(handler handler) *LoginPolicy {
|
|
h := &LoginPolicy{
|
|
handler: handler,
|
|
}
|
|
|
|
h.subscribe()
|
|
|
|
return h
|
|
}
|
|
|
|
func (m *LoginPolicy) subscribe() {
|
|
m.subscription = m.es.Subscribe(m.AggregateTypes()...)
|
|
go func() {
|
|
for event := range m.subscription.Events {
|
|
query.ReduceEvent(m, event)
|
|
}
|
|
}()
|
|
}
|
|
|
|
func (m *LoginPolicy) ViewModel() string {
|
|
return loginPolicyTable
|
|
}
|
|
|
|
func (_ *LoginPolicy) AggregateTypes() []es_models.AggregateType {
|
|
return []es_models.AggregateType{model.OrgAggregate, iam_es_model.IAMAggregate}
|
|
}
|
|
|
|
func (m *LoginPolicy) CurrentSequence() (uint64, error) {
|
|
sequence, err := m.view.GetLatestLoginPolicySequence()
|
|
if err != nil {
|
|
return 0, err
|
|
}
|
|
return sequence.CurrentSequence, nil
|
|
}
|
|
|
|
func (m *LoginPolicy) EventQuery() (*es_models.SearchQuery, error) {
|
|
sequence, err := m.view.GetLatestLoginPolicySequence()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return es_models.NewSearchQuery().
|
|
AggregateTypeFilter(m.AggregateTypes()...).
|
|
LatestSequenceFilter(sequence.CurrentSequence), nil
|
|
}
|
|
|
|
func (m *LoginPolicy) Reduce(event *es_models.Event) (err error) {
|
|
switch event.AggregateType {
|
|
case model.OrgAggregate, iam_es_model.IAMAggregate:
|
|
err = m.processLoginPolicy(event)
|
|
}
|
|
return err
|
|
}
|
|
|
|
func (m *LoginPolicy) processLoginPolicy(event *es_models.Event) (err error) {
|
|
policy := new(iam_model.LoginPolicyView)
|
|
switch event.Type {
|
|
case model.OrgAdded:
|
|
policy, err = m.getDefaultLoginPolicy()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
policy.AggregateID = event.AggregateID
|
|
policy.Default = true
|
|
case iam_es_model.LoginPolicyAdded, model.LoginPolicyAdded:
|
|
err = policy.AppendEvent(event)
|
|
case iam_es_model.LoginPolicyChanged,
|
|
iam_es_model.LoginPolicySecondFactorAdded,
|
|
iam_es_model.LoginPolicySecondFactorRemoved,
|
|
iam_es_model.LoginPolicyMultiFactorAdded,
|
|
iam_es_model.LoginPolicyMultiFactorRemoved:
|
|
policies, err := m.view.AllDefaultLoginPolicies()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
for _, policy := range policies {
|
|
err = policy.AppendEvent(event)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
return m.view.PutLoginPolicies(policies, event)
|
|
case model.LoginPolicyChanged,
|
|
model.LoginPolicySecondFactorAdded,
|
|
model.LoginPolicySecondFactorRemoved,
|
|
model.LoginPolicyMultiFactorAdded,
|
|
model.LoginPolicyMultiFactorRemoved:
|
|
policy, err = m.view.LoginPolicyByAggregateID(event.AggregateID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
err = policy.AppendEvent(event)
|
|
case model.LoginPolicyRemoved:
|
|
policy, err = m.getDefaultLoginPolicy()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
policy.AggregateID = event.AggregateID
|
|
policy.Default = true
|
|
default:
|
|
return m.view.ProcessedLoginPolicySequence(event)
|
|
}
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return m.view.PutLoginPolicy(policy, event)
|
|
}
|
|
|
|
func (m *LoginPolicy) OnError(event *es_models.Event, err error) error {
|
|
logging.LogWithFields("SPOOL-92n8F", "id", event.AggregateID).WithError(err).Warn("something went wrong in login policy handler")
|
|
return spooler.HandleError(event, err, m.view.GetLatestLoginPolicyFailedEvent, m.view.ProcessedLoginPolicyFailedEvent, m.view.ProcessedLoginPolicySequence, m.errorCountUntilSkip)
|
|
}
|
|
|
|
func (m *LoginPolicy) OnSuccess() error {
|
|
return spooler.HandleSuccess(m.view.UpdateLoginPolicySpoolerRunTimestamp)
|
|
}
|
|
|
|
func (p *LoginPolicy) getDefaultLoginPolicy() (*iam_model.LoginPolicyView, error) {
|
|
policy, policyErr := p.view.LoginPolicyByAggregateID(domain.IAMID)
|
|
if policyErr != nil && !caos_errs.IsNotFound(policyErr) {
|
|
return nil, policyErr
|
|
}
|
|
if policy == nil {
|
|
policy = &iam_model.LoginPolicyView{}
|
|
}
|
|
events, err := p.getIAMEvents(policy.Sequence)
|
|
if err != nil {
|
|
return policy, policyErr
|
|
}
|
|
policyCopy := *policy
|
|
for _, event := range events {
|
|
if err := policyCopy.AppendEvent(event); err != nil {
|
|
return policy, nil
|
|
}
|
|
}
|
|
return &policyCopy, nil
|
|
}
|
|
|
|
func (p *LoginPolicy) getIAMEvents(sequence uint64) ([]*es_models.Event, error) {
|
|
query, err := eventsourcing.IAMByIDQuery(domain.IAMID, sequence)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return p.es.FilterEvents(context.Background(), query)
|
|
}
|