mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-18 22:07:32 +00:00
8a5badddf6
* fix: change oidc config * fix: change oidc config secret * begin models * begin repo * fix: implement grpc app funcs * fix: add application requests * fix: converter * fix: converter * fix: converter and generate clientid * fix: tests * feat: project grant aggregate * feat: project grant * fix: project grant check if role existing * fix: project grant requests * fix: project grant fixes * fix: project grant member model * fix: project grant member aggregate * fix: project grant member eventstore * fix: project grant member requests * feat: user model * begin repo * repo models and more * feat: user command side * lots of functions * user command side * profile requests * commit before rebase on user * save * local config with gopass and more * begin new auth command (user centric) * Update internal/user/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/address.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/address.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/email.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/email.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/email.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/mfa.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/mfa.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/password.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/password.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/password.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/phone.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/phone.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/phone.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/usergrant/repository/eventsourcing/model/user_grant.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/usergrant/repository/eventsourcing/model/user_grant.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/usergrant/repository/eventsourcing/user_grant.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/user_test.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * Update internal/user/repository/eventsourcing/eventstore_mock_test.go Co-Authored-By: Livio Amstutz <livio.a@gmail.com> * changes from mr review * save files into basedir * changes from mr review * changes from mr review * move to auth request * Update internal/usergrant/repository/eventsourcing/cache.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/usergrant/repository/eventsourcing/cache.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * changes requested on mr * fix generate codes * fix return if no events * password code * email verification step * more steps * lot of mfa * begin tests * more next steps * auth api * auth api (user) * auth api (user) * auth api (user) * differ requests * merge * tests * fix compilation error * mock for id generator * Update internal/user/repository/eventsourcing/model/password.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/user/repository/eventsourcing/model/user.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * requests of mr * check email * begin separation of command and query * otp * change packages * some cleanup and fixes * tests for auth request / next steps * add VerificationLifetimes to config and make it run * tests * fix code challenge validation * cleanup * fix merge * begin view * repackaging tests and configs * fix startup config for auth * add migration * add PromptSelectAccount * fix copy / paste * remove user_agent files * fixes * fix sequences in user_session * token commands * token queries and signout * fix * fix set password test * add token handler and table * handle session init * add session state * add user view test cases * change VerifyMyMfaOTP * some fixes * fix user repo in auth api * cleanup * add user session view test * fix merge * begin oidc * user agent and more * config * keys * key command and query * add login statics * key handler * start login * login handlers * lot of fixes * merge oidc * add missing exports * add missing exports * fix some bugs * authrequestid in htmls * getrequest * update auth request * fix userid check * add username to authrequest * fix user session and auth request handling * fix UserSessionsByAgentID * fix auth request tests * fix user session on UserPasswordChanged and MfaOtpRemoved * fix MfaTypesSetupPossible * handle mfa * fill username * auth request query checks new events * fix userSessionByIDs * fix tokens * fix userSessionByIDs test * add user selection * init code * user code creation date * add init user step * add verification failed types * add verification failures * verify init code * user init code handle * user init code handle * fix userSessionByIDs * update logging * user agent cookie * browserinfo from request * add DeleteAuthRequest * add static login files to binary * add login statik to build * move generate to separate file and remove statik.go files * remove static dirs from startup.yaml * generate into separate namespaces * merge master * auth request code * auth request type mapping * fix keys * improve tokens * improve register and basic styling * fix ailerons font * improve password reset * add audience to token * all oidc apps as audience * fix test nextStep * fix email texts * remove "not set" * lot of style changes * improve copy to clipboard * fix footer * add cookie handler * remove placeholders * fix compilation after merge * fix auth config * remove comments * typo * use new secrets store * change default pws to match default policy * fixes * add todo * enable login * fix db name * Auth queries (#179) * my usersession * org structure/ auth handlers * working user grant spooler * auth internal user grants * search my project orgs * remove permissions file * my zitadel permissions * my zitadel permissions * remove unused code * authz * app searches in view * token verification * fix user grant load * fix tests * fix tests * read configs * remove unused const * remove todos * env variables * app_name * working authz * search projects * global resourceowner * Update internal/api/auth/permissions.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/api/auth/permissions.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * model2 rename * at least it works * check token expiry * search my user grants * remove token table from authz Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix test * fix ports and enable console Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> Co-authored-by: Silvan <silvan.reusser@gmail.com>
549 lines
20 KiB
Go
549 lines
20 KiB
Go
package eventsourcing
|
|
|
|
import (
|
|
"context"
|
|
"github.com/caos/zitadel/internal/crypto"
|
|
"github.com/caos/zitadel/internal/errors"
|
|
"github.com/caos/zitadel/internal/eventstore/models"
|
|
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
|
es_sdk "github.com/caos/zitadel/internal/eventstore/sdk"
|
|
org_es_model "github.com/caos/zitadel/internal/org/repository/eventsourcing/model"
|
|
"github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
|
|
usr_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
|
|
)
|
|
|
|
func ProjectByIDQuery(id string, latestSequence uint64) (*es_models.SearchQuery, error) {
|
|
if id == "" {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-dke74", "id should be filled")
|
|
}
|
|
return ProjectQuery(latestSequence).
|
|
AggregateIDFilter(id), nil
|
|
}
|
|
|
|
func ProjectQuery(latestSequence uint64) *es_models.SearchQuery {
|
|
return es_models.NewSearchQuery().
|
|
AggregateTypeFilter(model.ProjectAggregate).
|
|
LatestSequenceFilter(latestSequence)
|
|
}
|
|
|
|
func ProjectAggregate(ctx context.Context, aggCreator *es_models.AggregateCreator, project *model.Project) (*es_models.Aggregate, error) {
|
|
if project == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-doe93", "existing project should not be nil")
|
|
}
|
|
return aggCreator.NewAggregate(ctx, project.AggregateID, model.ProjectAggregate, model.ProjectVersion, project.Sequence)
|
|
}
|
|
|
|
func ProjectCreateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if project == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-kdie6", "project should not be nil")
|
|
}
|
|
|
|
agg, err := ProjectAggregate(ctx, aggCreator, project)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
validationQuery := es_models.NewSearchQuery().
|
|
AggregateTypeFilter(model.ProjectAggregate).
|
|
EventTypesFilter(model.ProjectAdded, model.ProjectChanged, model.ProjectRemoved)
|
|
|
|
validation := addProjectValidation(project.Name)
|
|
return agg.SetPrecondition(validationQuery, validation).AppendEvent(model.ProjectAdded, project)
|
|
}
|
|
}
|
|
|
|
func ProjectUpdateAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, new *model.Project) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if new == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-dhr74", "new project should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
changes := existing.Changes(new)
|
|
if len(changes) == 0 {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-9soPE", "no changes found")
|
|
}
|
|
if existing.Name != new.Name {
|
|
validationQuery := es_models.NewSearchQuery().
|
|
AggregateTypeFilter(model.ProjectAggregate).
|
|
EventTypesFilter(model.ProjectAdded, model.ProjectChanged, model.ProjectRemoved)
|
|
|
|
validation := addProjectValidation(new.Name)
|
|
agg.SetPrecondition(validationQuery, validation)
|
|
}
|
|
return agg.AppendEvent(model.ProjectChanged, changes)
|
|
}
|
|
}
|
|
|
|
func ProjectDeactivateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return projectStateAggregate(aggCreator, project, model.ProjectDeactivated)
|
|
}
|
|
|
|
func ProjectReactivateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return projectStateAggregate(aggCreator, project, model.ProjectReactivated)
|
|
}
|
|
|
|
func projectStateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project, state models.EventType) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
agg, err := ProjectAggregate(ctx, aggCreator, project)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(state, nil)
|
|
}
|
|
}
|
|
|
|
func ProjectMemberAddedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, member *model.ProjectMember) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if member == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-ie34f", "member should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
validationQuery := es_models.NewSearchQuery().
|
|
AggregateTypeFilter(usr_model.UserAggregate).
|
|
AggregateIDFilter(member.UserID)
|
|
|
|
validation := addProjectMemberValidation()
|
|
return agg.SetPrecondition(validationQuery, validation).AppendEvent(model.ProjectMemberAdded, member)
|
|
}
|
|
}
|
|
|
|
func ProjectMemberChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, member *model.ProjectMember) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if member == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-d34fs", "member should not be nil")
|
|
}
|
|
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(model.ProjectMemberChanged, member)
|
|
}
|
|
}
|
|
|
|
func ProjectMemberRemovedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, member *model.ProjectMember) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if member == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-dieu7", "member should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(model.ProjectMemberRemoved, member)
|
|
}
|
|
}
|
|
|
|
func ProjectRoleAddedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, role *model.ProjectRole) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if role == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-sleo9", "role should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(model.ProjectRoleAdded, role)
|
|
}
|
|
}
|
|
|
|
func ProjectRoleChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, role *model.ProjectRole) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if role == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-oe8sf", "member should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(model.ProjectRoleChanged, role)
|
|
}
|
|
}
|
|
|
|
func ProjectRoleRemovedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, role *model.ProjectRole) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if role == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-d8eis", "member should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(model.ProjectRoleRemoved, role)
|
|
}
|
|
}
|
|
|
|
func ApplicationAddedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, app *model.Application) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if app == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-09du7", "app should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
agg.AppendEvent(model.ApplicationAdded, app)
|
|
if app.OIDCConfig != nil {
|
|
agg.AppendEvent(model.OIDCConfigAdded, app.OIDCConfig)
|
|
}
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ApplicationChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, app *model.Application) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if app == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-sleo9", "app should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var changes map[string]interface{}
|
|
for _, a := range existing.Applications {
|
|
if a.AppID == app.AppID {
|
|
changes = a.Changes(app)
|
|
}
|
|
}
|
|
agg.AppendEvent(model.ApplicationChanged, changes)
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ApplicationRemovedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, app *model.Application) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if app == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-se23g", "app should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
agg.AppendEvent(model.ApplicationRemoved, &model.ApplicationID{AppID: app.AppID})
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ApplicationDeactivatedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, app *model.Application) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if app == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-slfi3", "app should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
agg.AppendEvent(model.ApplicationDeactivated, &model.ApplicationID{AppID: app.AppID})
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ApplicationReactivatedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, app *model.Application) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if app == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-slf32", "app should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
agg.AppendEvent(model.ApplicationReactivated, &model.ApplicationID{AppID: app.AppID})
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func OIDCConfigChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, config *model.OIDCConfig) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if config == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-slf32", "config should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var changes map[string]interface{}
|
|
for _, a := range existing.Applications {
|
|
if a.AppID == config.AppID {
|
|
if a.OIDCConfig != nil {
|
|
changes = a.OIDCConfig.Changes(config)
|
|
}
|
|
}
|
|
}
|
|
agg.AppendEvent(model.OIDCConfigChanged, changes)
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func OIDCConfigSecretChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, appID string, secret *crypto.CryptoValue) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
changes := make(map[string]interface{}, 2)
|
|
changes["appId"] = appID
|
|
changes["clientSecret"] = secret
|
|
|
|
agg.AppendEvent(model.OIDCConfigSecretChanged, changes)
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func OIDCClientSecretCheckSucceededAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, appID string) es_sdk.AggregateFunc {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
changes := make(map[string]interface{}, 1)
|
|
changes["appId"] = appID
|
|
|
|
agg.AppendEvent(model.OIDCClientSecretCheckSucceeded, changes)
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func OIDCClientSecretCheckFailedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, appID string) es_sdk.AggregateFunc {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
changes := make(map[string]interface{}, 1)
|
|
changes["appId"] = appID
|
|
|
|
agg.AppendEvent(model.OIDCClientSecretCheckFailed, changes)
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ProjectGrantAddedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, grant *model.ProjectGrant) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if grant == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-kd89w", "grant should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
validationQuery := es_models.NewSearchQuery().
|
|
AggregateTypeFilter(org_es_model.OrgAggregate).
|
|
AggregateIDFilter(grant.GrantedOrgID)
|
|
|
|
validation := addProjectGrantValidation()
|
|
agg.SetPrecondition(validationQuery, validation).AppendEvent(model.ProjectGrantAdded, grant)
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ProjectGrantChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, grant *model.ProjectGrant) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if grant == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-d9ie2", "grant should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var changes map[string]interface{}
|
|
for _, g := range existing.Grants {
|
|
if g.GrantID == grant.GrantID {
|
|
changes = g.Changes(grant)
|
|
}
|
|
}
|
|
agg.AppendEvent(model.ProjectGrantChanged, changes)
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ProjectGrantRemovedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, grant *model.ProjectGrant) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if grant == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-kci8d", "grant should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
agg.AppendEvent(model.ProjectGrantRemoved, &model.ProjectGrantID{GrantID: grant.GrantID})
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ProjectGrantDeactivatedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, grant *model.ProjectGrant) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if grant == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-id832", "grant should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
agg.AppendEvent(model.ProjectGrantDeactivated, &model.ProjectGrantID{GrantID: grant.GrantID})
|
|
|
|
return agg, nil
|
|
}
|
|
}
|
|
|
|
func ProjectGrantReactivatedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, grant *model.ProjectGrant) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if grant == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-8diw2", "grant should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(model.ProjectGrantReactivated, &model.ProjectGrantID{GrantID: grant.GrantID})
|
|
}
|
|
}
|
|
|
|
func ProjectGrantMemberAddedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, member *model.ProjectGrantMember) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if member == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-4ufh6", "grant should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
validationQuery := es_models.NewSearchQuery().
|
|
AggregateTypeFilter(usr_model.UserAggregate).
|
|
AggregateIDFilter(member.UserID)
|
|
|
|
validation := addProjectGrantMemberValidation()
|
|
return agg.SetPrecondition(validationQuery, validation).AppendEvent(model.ProjectGrantMemberAdded, member)
|
|
}
|
|
}
|
|
|
|
func ProjectGrantMemberChangedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, member *model.ProjectGrantMember) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if member == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-d8i4h", "member should not be nil")
|
|
}
|
|
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
changes := make(map[string]interface{}, 1)
|
|
changes["grantId"] = member.GrantID
|
|
changes["userId"] = member.UserID
|
|
changes["roles"] = member.Roles
|
|
|
|
return agg.AppendEvent(model.ProjectGrantMemberChanged, changes)
|
|
}
|
|
}
|
|
|
|
func ProjectGrantMemberRemovedAggregate(aggCreator *es_models.AggregateCreator, existing *model.Project, member *model.ProjectGrantMember) func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
return func(ctx context.Context) (*es_models.Aggregate, error) {
|
|
if member == nil {
|
|
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-slp0r", "member should not be nil")
|
|
}
|
|
agg, err := ProjectAggregate(ctx, aggCreator, existing)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return agg.AppendEvent(model.ProjectGrantMemberRemoved, member)
|
|
}
|
|
}
|
|
|
|
func addProjectValidation(projectName string) func(...*es_models.Event) error {
|
|
return func(events ...*es_models.Event) error {
|
|
projects := make([]*model.Project, 0)
|
|
for _, event := range events {
|
|
switch event.Type {
|
|
case model.ProjectAdded:
|
|
project := &model.Project{ObjectRoot: es_models.ObjectRoot{AggregateID: event.AggregateID}}
|
|
project.AppendAddProjectEvent(event)
|
|
projects = append(projects, project)
|
|
case model.ProjectChanged:
|
|
_, project := model.GetProject(projects, event.AggregateID)
|
|
project.AppendAddProjectEvent(event)
|
|
case model.ProjectRoleRemoved:
|
|
for i, project := range projects {
|
|
if project.AggregateID == event.AggregateID {
|
|
projects[i] = projects[len(projects)-1]
|
|
projects[len(projects)-1] = nil
|
|
projects = projects[:len(projects)-1]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
for _, p := range projects {
|
|
if p.Name == projectName {
|
|
return errors.ThrowPreconditionFailed(nil, "EVENT-s9oPw", "conditions not met")
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func addProjectMemberValidation() func(...*es_models.Event) error {
|
|
return func(events ...*es_models.Event) error {
|
|
return checkExistsUser(events...)
|
|
}
|
|
}
|
|
|
|
func addProjectGrantValidation() func(...*es_models.Event) error {
|
|
return func(events ...*es_models.Event) error {
|
|
existsOrg := false
|
|
for _, event := range events {
|
|
switch event.AggregateType {
|
|
case org_es_model.OrgAggregate:
|
|
switch event.Type {
|
|
case org_es_model.OrgAdded:
|
|
existsOrg = true
|
|
case org_es_model.OrgRemoved:
|
|
existsOrg = false
|
|
}
|
|
}
|
|
}
|
|
if existsOrg {
|
|
return nil
|
|
}
|
|
return errors.ThrowPreconditionFailed(nil, "EVENT-3OfIm", "conditions not met")
|
|
}
|
|
}
|
|
|
|
func addProjectGrantMemberValidation() func(...*es_models.Event) error {
|
|
return func(events ...*es_models.Event) error {
|
|
return checkExistsUser(events...)
|
|
}
|
|
}
|
|
|
|
func checkExistsUser(events ...*es_models.Event) error {
|
|
existsUser := false
|
|
for _, event := range events {
|
|
switch event.AggregateType {
|
|
case usr_model.UserAggregate:
|
|
switch event.Type {
|
|
case usr_model.UserAdded, usr_model.UserRegistered:
|
|
existsUser = true
|
|
case usr_model.UserRemoved:
|
|
existsUser = false
|
|
}
|
|
}
|
|
}
|
|
if existsUser {
|
|
return nil
|
|
}
|
|
return errors.ThrowPreconditionFailed(nil, "EVENT-3OfIm", "conditions not met")
|
|
}
|