zitadel/internal/query/domain_policy.go
Silvan f3e6f3b23b
feat: remove org (#4148)
* feat(command): remove org

* refactor: imports, unused code, error handling

* reduce org removed in action

* add org deletion to projections

* add org removal to projections

* add org removal to projections

* org removed projection

* lint import

* projections

* fix: table names in tests

* fix: table names in tests

* logging

* add org state

* fix(domain): add Owner removed to object details

* feat(ListQuery): add with owner removed

* fix(org-delete): add bool to functions to select with owner removed

* fix(org-delete): add bools to user grants with events to determine if dependencies lost owner

* fix(org-delete): add unit tests for owner removed and org removed events

* fix(org-delete): add handling of org remove for grants and members

* fix(org-delete): correction of unit tests for owner removed

* fix(org-delete): update projections, unit tests and get functions

* fix(org-delete): add change date to authnkeys and owner removed to org metadata

* fix(org-delete): include owner removed for login names

* fix(org-delete): some column fixes in projections and build for queries with owner removed

* indexes

* fix(org-delete): include review changes

* fix(org-delete): change user projection name after merge

* fix(org-delete): include review changes for project grant where no project owner is necessary

* fix(org-delete): include auth and adminapi tables with owner removed information

* fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed

* fix(org-delete): add permissions for org.remove

* remove unnecessary unique constraints

* fix column order in primary keys

* fix(org-delete): include review changes

* fix(org-delete): add owner removed indexes and chang setup step to create tables

* fix(org-delete): move PK order of instance_id and change added user_grant from review

* fix(org-delete): no params for prepareUserQuery

* change to step 6

* merge main

* fix(org-delete): OldUserName rename to private

* fix linting

* cleanup

* fix: remove org test

* create prerelease

* chore: delete org-delete as prerelease

Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2022-11-30 17:01:17 +01:00

176 lines
5.1 KiB
Go

package query
import (
"context"
"database/sql"
errs "errors"
"time"
sq "github.com/Masterminds/squirrel"
"github.com/zitadel/zitadel/internal/api/authz"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/errors"
"github.com/zitadel/zitadel/internal/query/projection"
)
type DomainPolicy struct {
ID string
Sequence uint64
CreationDate time.Time
ChangeDate time.Time
ResourceOwner string
State domain.PolicyState
UserLoginMustBeDomain bool
ValidateOrgDomains bool
SMTPSenderAddressMatchesInstanceDomain bool
IsDefault bool
}
var (
domainPolicyTable = table{
name: projection.DomainPolicyTable,
instanceIDCol: projection.DomainPolicyInstanceIDCol,
}
DomainPolicyColID = Column{
name: projection.DomainPolicyIDCol,
table: domainPolicyTable,
}
DomainPolicyColSequence = Column{
name: projection.DomainPolicySequenceCol,
table: domainPolicyTable,
}
DomainPolicyColCreationDate = Column{
name: projection.DomainPolicyCreationDateCol,
table: domainPolicyTable,
}
DomainPolicyColChangeDate = Column{
name: projection.DomainPolicyChangeDateCol,
table: domainPolicyTable,
}
DomainPolicyColResourceOwner = Column{
name: projection.DomainPolicyResourceOwnerCol,
table: domainPolicyTable,
}
DomainPolicyColInstanceID = Column{
name: projection.DomainPolicyInstanceIDCol,
table: domainPolicyTable,
}
DomainPolicyColUserLoginMustBeDomain = Column{
name: projection.DomainPolicyUserLoginMustBeDomainCol,
table: domainPolicyTable,
}
DomainPolicyColValidateOrgDomains = Column{
name: projection.DomainPolicyValidateOrgDomainsCol,
table: domainPolicyTable,
}
DomainPolicyColSMTPSenderAddressMatchesInstanceDomain = Column{
name: projection.DomainPolicySMTPSenderAddressMatchesInstanceDomainCol,
table: domainPolicyTable,
}
DomainPolicyColIsDefault = Column{
name: projection.DomainPolicyIsDefaultCol,
table: domainPolicyTable,
}
DomainPolicyColState = Column{
name: projection.DomainPolicyStateCol,
table: domainPolicyTable,
}
DomainPolicyColOwnerRemoved = Column{
name: projection.DomainPolicyOwnerRemovedCol,
table: domainPolicyTable,
}
)
func (q *Queries) DomainPolicyByOrg(ctx context.Context, shouldTriggerBulk bool, orgID string, withOwnerRemoved bool) (*DomainPolicy, error) {
if shouldTriggerBulk {
projection.DomainPolicyProjection.Trigger(ctx)
}
eq := sq.And{
sq.Eq{DomainPolicyColInstanceID.identifier(): authz.GetInstance(ctx).InstanceID()},
sq.Or{
sq.Eq{DomainPolicyColID.identifier(): orgID},
sq.Eq{DomainPolicyColID.identifier(): authz.GetInstance(ctx).InstanceID()},
},
}
if !withOwnerRemoved {
eq = sq.And{
sq.Eq{
DomainPolicyColInstanceID.identifier(): authz.GetInstance(ctx).InstanceID(),
DomainPolicyColOwnerRemoved.identifier(): false,
},
sq.Or{
sq.Eq{DomainPolicyColID.identifier(): orgID},
sq.Eq{DomainPolicyColID.identifier(): authz.GetInstance(ctx).InstanceID()},
},
}
}
stmt, scan := prepareDomainPolicyQuery()
query, args, err := stmt.Where(eq).OrderBy(DomainPolicyColIsDefault.identifier()).
Limit(1).ToSql()
if err != nil {
return nil, errors.ThrowInternal(err, "QUERY-D3CqT", "Errors.Query.SQLStatement")
}
row := q.client.QueryRowContext(ctx, query, args...)
return scan(row)
}
func (q *Queries) DefaultDomainPolicy(ctx context.Context) (*DomainPolicy, error) {
stmt, scan := prepareDomainPolicyQuery()
query, args, err := stmt.Where(sq.Eq{
DomainPolicyColID.identifier(): authz.GetInstance(ctx).InstanceID(),
DomainPolicyColInstanceID.identifier(): authz.GetInstance(ctx).InstanceID(),
}).
OrderBy(DomainPolicyColIsDefault.identifier()).
Limit(1).ToSql()
if err != nil {
return nil, errors.ThrowInternal(err, "QUERY-pM7lP", "Errors.Query.SQLStatement")
}
row := q.client.QueryRowContext(ctx, query, args...)
return scan(row)
}
func prepareDomainPolicyQuery() (sq.SelectBuilder, func(*sql.Row) (*DomainPolicy, error)) {
return sq.Select(
DomainPolicyColID.identifier(),
DomainPolicyColSequence.identifier(),
DomainPolicyColCreationDate.identifier(),
DomainPolicyColChangeDate.identifier(),
DomainPolicyColResourceOwner.identifier(),
DomainPolicyColUserLoginMustBeDomain.identifier(),
DomainPolicyColValidateOrgDomains.identifier(),
DomainPolicyColSMTPSenderAddressMatchesInstanceDomain.identifier(),
DomainPolicyColIsDefault.identifier(),
DomainPolicyColState.identifier(),
).
From(domainPolicyTable.identifier()).PlaceholderFormat(sq.Dollar),
func(row *sql.Row) (*DomainPolicy, error) {
policy := new(DomainPolicy)
err := row.Scan(
&policy.ID,
&policy.Sequence,
&policy.CreationDate,
&policy.ChangeDate,
&policy.ResourceOwner,
&policy.UserLoginMustBeDomain,
&policy.ValidateOrgDomains,
&policy.SMTPSenderAddressMatchesInstanceDomain,
&policy.IsDefault,
&policy.State,
)
if err != nil {
if errs.Is(err, sql.ErrNoRows) {
return nil, errors.ThrowNotFound(err, "QUERY-K0Jr5", "Errors.DomainPolicy.NotFound")
}
return nil, errors.ThrowInternal(err, "QUERY-rIy6j", "Errors.Internal")
}
return policy, nil
}
}