TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-01-10 09:23:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal/auth/repository/eventsourcing/eventstore/org.go
Fabi 320ddfa46d
feat: Identity brokering (#730) 
* feat: add/ remove external idps

* feat: external idp add /remove

* fix: auth proto

* fix: handle login

* feat: loginpolicy on authrequest

* feat: idp providers on login

* feat: link external idp

* fix: check login policy on check username

* feat: add mapping fields for idp config

* feat: use user org id if existing

* feat: use user org id if existing

* feat: register external user

* feat: register external user

* feat: user linking

* feat: user linking

* feat: design external login

* feat: design external login

* fix: tests

* fix: regenerate login design

* feat: next step test linking process

* feat: next step test linking process

* feat: cascade remove external idps on user

* fix: tests

* fix: tests

* feat: external idp requsts on users

* fix: generate protos

* feat: login styles

* feat: login styles

* fix: link user

* fix: register user on specifig org

* fix: user linking

* fix: register external, linking auto

* fix: remove unnecessary request from proto

* fix: tests

* fix: new oidc package

* fix: migration version

* fix: policy permissions

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/renderer.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/renderer.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: pr requests

* Update internal/ui/login/handler/link_users_handler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: pr requests

* fix: pr requests

* fix: pr requests

* fix: login name size

* fix: profile image light

* fix: colors

* fix: pr requests

* fix: remove redirect uri validator

* fix: remove redirect uri validator

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-09-18 13:26:28 +02:00

113 lines
3.8 KiB
Go
Raw Blame History

package eventstore
import (
"context"
"github.com/caos/logging"
iam_model "github.com/caos/zitadel/internal/iam/model"
iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
auth_model "github.com/caos/zitadel/internal/auth/model"
auth_view "github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/eventstore/sdk"
org_model "github.com/caos/zitadel/internal/org/model"
org_es "github.com/caos/zitadel/internal/org/repository/eventsourcing"
"github.com/caos/zitadel/internal/org/repository/view/model"
policy_model "github.com/caos/zitadel/internal/policy/model"
policy_es "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
usr_es "github.com/caos/zitadel/internal/user/repository/eventsourcing"
)
const (
orgOwnerRole = "ORG_OWNER"
)
type OrgRepository struct {
SearchLimit uint64
OrgEventstore *org_es.OrgEventstore
UserEventstore *usr_es.UserEventstore
PolicyEventstore *policy_es.PolicyEventstore
View *auth_view.View
}
func (repo *OrgRepository) SearchOrgs(ctx context.Context, request *org_model.OrgSearchRequest) (*org_model.OrgSearchResult, error) {
request.EnsureLimit(repo.SearchLimit)
sequence, err := repo.View.GetLatestOrgSequence()
logging.Log("EVENT-7Udhz").OnError(err).Warn("could not read latest org sequence")
members, count, err := repo.View.SearchOrgs(request)
if err != nil {
return nil, err
}
result := &org_model.OrgSearchResult{
Offset: request.Offset,
Limit: request.Limit,
TotalResult: count,
Result: model.OrgsToModel(members),
}
if err == nil {
result.Sequence = sequence.CurrentSequence
result.Timestamp = sequence.CurrentTimestamp
}
return result, nil
}
func (repo *OrgRepository) RegisterOrg(ctx context.Context, register *auth_model.RegisterOrg) (*auth_model.RegisterOrg, error) {
pwPolicy, err := repo.PolicyEventstore.GetPasswordComplexityPolicy(ctx, policy_model.DefaultPolicy)
if err != nil {
return nil, err
}
orgPolicy, err := repo.OrgEventstore.GetOrgIAMPolicy(ctx, policy_model.DefaultPolicy)
if err != nil {
return nil, err
}
users := func(ctx context.Context, domain string) ([]*es_models.Aggregate, error) {
userIDs, err := repo.View.UserIDsByDomain(domain)
if err != nil {
return nil, err
}
return repo.UserEventstore.PrepareDomainClaimed(ctx, userIDs)
}
org, aggregates, err := repo.OrgEventstore.PrepareCreateOrg(ctx, register.Org, users)
if err != nil {
return nil, err
}
user, userAggregates, err := repo.UserEventstore.PrepareRegisterUser(ctx, register.User, nil, pwPolicy, orgPolicy, org.AggregateID)
if err != nil {
return nil, err
}
aggregates = append(aggregates, userAggregates...)
registerModel := &Register{Org: org, User: user}
member := org_model.NewOrgMemberWithRoles(org.AggregateID, user.AggregateID, orgOwnerRole)
_, memberAggregate, err := repo.OrgEventstore.PrepareAddOrgMember(ctx, member, org.AggregateID)
if err != nil {
return nil, err
}
aggregates = append(aggregates, memberAggregate)
err = sdk.PushAggregates(ctx, repo.OrgEventstore.PushAggregates, registerModel.AppendEvents, aggregates...)
if err != nil {
return nil, err
}
return RegisterToModel(registerModel), nil
}
func (repo *OrgRepository) GetDefaultOrgIamPolicy(ctx context.Context) *org_model.OrgIAMPolicy {
return repo.OrgEventstore.GetDefaultOrgIAMPolicy(ctx)
}
func (repo *OrgRepository) GetOrgIamPolicy(ctx context.Context, orgID string) (*org_model.OrgIAMPolicy, error) {
return repo.OrgEventstore.GetOrgIAMPolicy(ctx, orgID)
}
func (repo *OrgRepository) GetIDPConfigByID(ctx context.Context, idpConfigID string) (*iam_model.IDPConfigView, error) {
idpConfig, err := repo.View.IDPConfigByID(idpConfigID)
if err != nil {
return nil, err
}
return iam_view_model.IDPConfigViewToModel(idpConfig), nil
}
Reference in New Issue View Git Blame Copy Permalink