mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 19:14:23 +00:00
959530ddad
* fix: correct selectors for extended writemodel * fix: no previous checks in eventstore * start check previous * feat: auth user commands * feat: auth user commands * feat: auth user commands * feat: otp * feat: corrections from pr merge * feat: webauthn * feat: comment old webauthn * feat: refactor user, human, machine * feat: webauth command side * feat: command and query side in login * feat: fix user writemodel append events * fix: remove creation dates on command side * fix: remove previous sequence * previous sequence * fix: external idps * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/user_human_email.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: pr changes * fix: phone verification Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com>
91 lines
2.6 KiB
Go
91 lines
2.6 KiB
Go
package command
|
|
|
|
import (
|
|
"strings"
|
|
|
|
caos_errors "github.com/caos/zitadel/internal/errors"
|
|
"github.com/caos/zitadel/internal/eventstore/v2"
|
|
"github.com/caos/zitadel/internal/v2/domain"
|
|
"github.com/caos/zitadel/internal/v2/repository/user"
|
|
)
|
|
|
|
type UserWriteModel struct {
|
|
eventstore.WriteModel
|
|
|
|
UserName string
|
|
UserState domain.UserState
|
|
}
|
|
|
|
func NewUserWriteModel(userID, resourceOwner string) *UserWriteModel {
|
|
return &UserWriteModel{
|
|
WriteModel: eventstore.WriteModel{
|
|
AggregateID: userID,
|
|
ResourceOwner: resourceOwner,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (wm *UserWriteModel) AppendEvents(events ...eventstore.EventReader) {
|
|
wm.WriteModel.AppendEvents(events...)
|
|
}
|
|
|
|
//TODO: Compute OTPState? initial/active
|
|
func (wm *UserWriteModel) Reduce() error {
|
|
for _, event := range wm.Events {
|
|
switch e := event.(type) {
|
|
case *user.HumanAddedEvent:
|
|
wm.UserName = e.UserName
|
|
wm.UserState = domain.UserStateInitial
|
|
case *user.HumanRegisteredEvent:
|
|
wm.UserName = e.UserName
|
|
wm.UserState = domain.UserStateInitial
|
|
case *user.MachineAddedEvent:
|
|
wm.UserName = e.UserName
|
|
wm.UserState = domain.UserStateActive
|
|
case *user.UsernameChangedEvent:
|
|
wm.UserName = e.UserName
|
|
case *user.UserLockedEvent:
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
wm.UserState = domain.UserStateLocked
|
|
}
|
|
case *user.UserUnlockedEvent:
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
wm.UserState = domain.UserStateActive
|
|
}
|
|
case *user.UserDeactivatedEvent:
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
wm.UserState = domain.UserStateInactive
|
|
}
|
|
case *user.UserReactivatedEvent:
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
wm.UserState = domain.UserStateActive
|
|
}
|
|
case *user.UserRemovedEvent:
|
|
wm.UserState = domain.UserStateDeleted
|
|
}
|
|
}
|
|
return wm.WriteModel.Reduce()
|
|
}
|
|
|
|
func (wm *UserWriteModel) Query() *eventstore.SearchQueryBuilder {
|
|
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent, user.AggregateType).
|
|
AggregateIDs(wm.AggregateID).
|
|
ResourceOwner(wm.ResourceOwner)
|
|
}
|
|
|
|
func UserAggregateFromWriteModel(wm *eventstore.WriteModel) *user.Aggregate {
|
|
return &user.Aggregate{
|
|
Aggregate: *eventstore.AggregateFromWriteModel(wm, user.AggregateType, user.AggregateVersion),
|
|
}
|
|
}
|
|
|
|
func CheckOrgIAMPolicyForUserName(userName string, policy *domain.OrgIAMPolicy) error {
|
|
if policy == nil {
|
|
return caos_errors.ThrowPreconditionFailed(nil, "COMMAND-3Mb9s", "Errors.Users.OrgIamPolicyNil")
|
|
}
|
|
if policy.UserLoginMustBeDomain && strings.Contains(userName, "@") {
|
|
return caos_errors.ThrowPreconditionFailed(nil, "COMMAND-4M9vs", "Errors.User.EmailAsUsernameNotAllowed")
|
|
}
|
|
return nil
|
|
}
|