TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-06-12 04:08:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal/command/org_policy_login_factors_model.go
Silvan f3e6f3b23b
feat: remove org (#4148) 
* feat(command): remove org

* refactor: imports, unused code, error handling

* reduce org removed in action

* add org deletion to projections

* add org removal to projections

* add org removal to projections

* org removed projection

* lint import

* projections

* fix: table names in tests

* fix: table names in tests

* logging

* add org state

* fix(domain): add Owner removed to object details

* feat(ListQuery): add with owner removed

* fix(org-delete): add bool to functions to select with owner removed

* fix(org-delete): add bools to user grants with events to determine if dependencies lost owner

* fix(org-delete): add unit tests for owner removed and org removed events

* fix(org-delete): add handling of org remove for grants and members

* fix(org-delete): correction of unit tests for owner removed

* fix(org-delete): update projections, unit tests and get functions

* fix(org-delete): add change date to authnkeys and owner removed to org metadata

* fix(org-delete): include owner removed for login names

* fix(org-delete): some column fixes in projections and build for queries with owner removed

* indexes

* fix(org-delete): include review changes

* fix(org-delete): change user projection name after merge

* fix(org-delete): include review changes for project grant where no project owner is necessary

* fix(org-delete): include auth and adminapi tables with owner removed information

* fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed

* fix(org-delete): add permissions for org.remove

* remove unnecessary unique constraints

* fix column order in primary keys

* fix(org-delete): include review changes

* fix(org-delete): add owner removed indexes and chang setup step to create tables

* fix(org-delete): move PK order of instance_id and change added user_grant from review

* fix(org-delete): no params for prepareUserQuery

* change to step 6

* merge main

* fix(org-delete): OldUserName rename to private

* fix linting

* cleanup

* fix: remove org test

* create prerelease

* chore: delete org-delete as prerelease

Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2022-11-30 17:01:17 +01:00

226 lines
7.3 KiB
Go
Raw Blame History

package command
import (
"context"
"github.com/zitadel/zitadel/internal/api/authz"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/repository/instance"
"github.com/zitadel/zitadel/internal/repository/org"
)
type OrgSecondFactorWriteModel struct {
SecondFactorWriteModel
}
func NewOrgSecondFactorWriteModel(orgID string, factorType domain.SecondFactorType) *OrgSecondFactorWriteModel {
return &OrgSecondFactorWriteModel{
SecondFactorWriteModel{
WriteModel: eventstore.WriteModel{
AggregateID: orgID,
ResourceOwner: orgID,
},
MFAType: factorType,
},
}
}
func (wm *OrgSecondFactorWriteModel) AppendEvents(events ...eventstore.Event) {
for _, event := range events {
switch e := event.(type) {
case *org.LoginPolicySecondFactorAddedEvent:
if wm.MFAType == e.MFAType {
wm.WriteModel.AppendEvents(&e.SecondFactorAddedEvent)
}
case *org.LoginPolicySecondFactorRemovedEvent:
if wm.MFAType == e.MFAType {
wm.WriteModel.AppendEvents(&e.SecondFactorRemovedEvent)
}
case *org.LoginPolicyRemovedEvent:
wm.WriteModel.AppendEvents(&e.LoginPolicyRemovedEvent)
}
}
}
func (wm *OrgSecondFactorWriteModel) Reduce() error {
return wm.SecondFactorWriteModel.Reduce()
}
func (wm *OrgSecondFactorWriteModel) Query() *eventstore.SearchQueryBuilder {
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
ResourceOwner(wm.ResourceOwner).
AddQuery().
AggregateTypes(org.AggregateType).
AggregateIDs(wm.WriteModel.AggregateID).
EventTypes(
org.LoginPolicySecondFactorAddedEventType,
org.LoginPolicySecondFactorRemovedEventType,
org.LoginPolicyRemovedEventType).
Builder()
}
type OrgMultiFactorWriteModel struct {
MultiFactorWriteModel
}
func NewOrgMultiFactorWriteModel(orgID string, factorType domain.MultiFactorType) *OrgMultiFactorWriteModel {
return &OrgMultiFactorWriteModel{
MultiFactorWriteModel{
WriteModel: eventstore.WriteModel{
AggregateID: orgID,
ResourceOwner: orgID,
},
MFAType: factorType,
},
}
}
func (wm *OrgMultiFactorWriteModel) AppendEvents(events ...eventstore.Event) {
for _, event := range events {
switch e := event.(type) {
case *org.LoginPolicyMultiFactorAddedEvent:
if wm.MFAType == e.MFAType {
wm.WriteModel.AppendEvents(&e.MultiFactorAddedEvent)
}
case *org.LoginPolicyMultiFactorRemovedEvent:
if wm.MFAType == e.MFAType {
wm.WriteModel.AppendEvents(&e.MultiFactorRemovedEvent)
}
case *org.LoginPolicyRemovedEvent:
wm.WriteModel.AppendEvents(&e.LoginPolicyRemovedEvent)
}
}
}
func (wm *OrgMultiFactorWriteModel) Reduce() error {
return wm.MultiFactorWriteModel.Reduce()
}
func (wm *OrgMultiFactorWriteModel) Query() *eventstore.SearchQueryBuilder {
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
ResourceOwner(wm.ResourceOwner).
AddQuery().
AggregateTypes(org.AggregateType).
AggregateIDs(wm.WriteModel.AggregateID).
EventTypes(
org.LoginPolicyMultiFactorAddedEventType,
org.LoginPolicyMultiFactorRemovedEventType,
org.LoginPolicyRemovedEventType).
Builder()
}
func NewOrgAuthFactorsAllowedWriteModel(ctx context.Context, orgID string) *OrgAuthFactorsAllowedWriteModel {
return &OrgAuthFactorsAllowedWriteModel{
WriteModel: eventstore.WriteModel{
InstanceID: authz.GetInstance(ctx).InstanceID(),
AggregateID: orgID,
ResourceOwner: orgID,
},
SecondFactors: map[domain.SecondFactorType]*factorState{},
MultiFactors: map[domain.MultiFactorType]*factorState{},
}
}
type OrgAuthFactorsAllowedWriteModel struct {
eventstore.WriteModel
SecondFactors map[domain.SecondFactorType]*factorState
MultiFactors map[domain.MultiFactorType]*factorState
}
type factorState struct {
IAM domain.FactorState
Org domain.FactorState
}
func (wm *OrgAuthFactorsAllowedWriteModel) Reduce() error {
for _, event := range wm.Events {
switch e := event.(type) {
case *instance.LoginPolicySecondFactorAddedEvent:
wm.ensureSecondFactor(e.MFAType)
wm.SecondFactors[e.MFAType].IAM = domain.FactorStateActive
case *instance.LoginPolicySecondFactorRemovedEvent:
wm.ensureSecondFactor(e.MFAType)
wm.SecondFactors[e.MFAType].IAM = domain.FactorStateRemoved
case *org.LoginPolicySecondFactorAddedEvent:
wm.ensureSecondFactor(e.MFAType)
wm.SecondFactors[e.MFAType].Org = domain.FactorStateActive
case *org.LoginPolicySecondFactorRemovedEvent:
wm.ensureSecondFactor(e.MFAType)
wm.SecondFactors[e.MFAType].Org = domain.FactorStateRemoved
case *instance.LoginPolicyMultiFactorAddedEvent:
wm.ensureMultiFactor(e.MFAType)
wm.MultiFactors[e.MFAType].IAM = domain.FactorStateActive
case *instance.LoginPolicyMultiFactorRemovedEvent:
wm.ensureMultiFactor(e.MFAType)
wm.MultiFactors[e.MFAType].IAM = domain.FactorStateRemoved
case *org.LoginPolicyMultiFactorAddedEvent:
wm.ensureMultiFactor(e.MFAType)
wm.MultiFactors[e.MFAType].Org = domain.FactorStateActive
case *org.LoginPolicyMultiFactorRemovedEvent:
wm.ensureMultiFactor(e.MFAType)
wm.MultiFactors[e.MFAType].Org = domain.FactorStateRemoved
case *org.LoginPolicyRemovedEvent:
for factorType := range wm.SecondFactors {
wm.SecondFactors[factorType].Org = domain.FactorStateRemoved
}
for factorType := range wm.MultiFactors {
wm.MultiFactors[factorType].Org = domain.FactorStateRemoved
}
}
}
return wm.WriteModel.Reduce()
}
func (wm *OrgAuthFactorsAllowedWriteModel) ensureSecondFactor(secondFactor domain.SecondFactorType) {
_, ok := wm.SecondFactors[secondFactor]
if !ok {
wm.SecondFactors[secondFactor] = &factorState{}
}
}
func (wm *OrgAuthFactorsAllowedWriteModel) ensureMultiFactor(multiFactor domain.MultiFactorType) {
_, ok := wm.MultiFactors[multiFactor]
if !ok {
wm.MultiFactors[multiFactor] = &factorState{}
}
}
func (wm *OrgAuthFactorsAllowedWriteModel) Query() *eventstore.SearchQueryBuilder {
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
AddQuery().
AggregateTypes(instance.AggregateType).
AggregateIDs(wm.InstanceID).
EventTypes(
instance.LoginPolicySecondFactorAddedEventType,
instance.LoginPolicySecondFactorRemovedEventType,
instance.LoginPolicyMultiFactorAddedEventType,
instance.LoginPolicyMultiFactorRemovedEventType,
).
Or().
AggregateTypes(org.AggregateType).
AggregateIDs(wm.WriteModel.AggregateID).
EventTypes(
org.LoginPolicySecondFactorAddedEventType,
org.LoginPolicySecondFactorRemovedEventType,
org.LoginPolicyMultiFactorAddedEventType,
org.LoginPolicyMultiFactorRemovedEventType,
org.LoginPolicyRemovedEventType,
).
Builder()
}
func (wm *OrgAuthFactorsAllowedWriteModel) ToSecondFactorWriteModel(factor domain.SecondFactorType) *OrgSecondFactorWriteModel {
orgSecondFactorWriteModel := NewOrgSecondFactorWriteModel(wm.AggregateID, factor)
orgSecondFactorWriteModel.ProcessedSequence = wm.ProcessedSequence
orgSecondFactorWriteModel.State = wm.SecondFactors[factor].Org
return orgSecondFactorWriteModel
}
func (wm *OrgAuthFactorsAllowedWriteModel) ToMultiFactorWriteModel(factor domain.MultiFactorType) *OrgMultiFactorWriteModel {
orgMultiFactorWriteModel := NewOrgMultiFactorWriteModel(wm.AggregateID, factor)
orgMultiFactorWriteModel.ProcessedSequence = wm.ProcessedSequence
orgMultiFactorWriteModel.State = wm.MultiFactors[factor].Org
return orgMultiFactorWriteModel
}
Reference in New Issue View Git Blame Copy Permalink