mirror of
https://github.com/zitadel/zitadel.git
synced 2025-03-04 14:05:14 +00:00
f3e6f3b23b
* feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
193 lines
5.1 KiB
Go
193 lines
5.1 KiB
Go
package query
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
|
|
sq "github.com/Masterminds/squirrel"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
"github.com/zitadel/zitadel/internal/query/projection"
|
|
)
|
|
|
|
var (
|
|
instanceMemberTable = table{
|
|
name: projection.InstanceMemberProjectionTable,
|
|
alias: "members",
|
|
instanceIDCol: projection.MemberInstanceID,
|
|
}
|
|
InstanceMemberUserID = Column{
|
|
name: projection.MemberUserIDCol,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberRoles = Column{
|
|
name: projection.MemberRolesCol,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberCreationDate = Column{
|
|
name: projection.MemberCreationDate,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberChangeDate = Column{
|
|
name: projection.MemberChangeDate,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberSequence = Column{
|
|
name: projection.MemberSequence,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberResourceOwner = Column{
|
|
name: projection.MemberResourceOwner,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberInstanceID = Column{
|
|
name: projection.MemberInstanceID,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberIAMID = Column{
|
|
name: projection.InstanceMemberIAMIDCol,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberOwnerRemoved = Column{
|
|
name: projection.MemberOwnerRemoved,
|
|
table: instanceMemberTable,
|
|
}
|
|
InstanceMemberOwnerRemovedUser = Column{
|
|
name: projection.MemberUserOwnerRemoved,
|
|
table: instanceMemberTable,
|
|
}
|
|
)
|
|
|
|
type IAMMembersQuery struct {
|
|
MembersQuery
|
|
}
|
|
|
|
func (q *IAMMembersQuery) toQuery(query sq.SelectBuilder) sq.SelectBuilder {
|
|
return q.MembersQuery.
|
|
toQuery(query)
|
|
}
|
|
|
|
func addIamMemberWithoutOwnerRemoved(eq map[string]interface{}) {
|
|
eq[InstanceMemberOwnerRemoved.identifier()] = false
|
|
eq[InstanceMemberOwnerRemovedUser.identifier()] = false
|
|
}
|
|
|
|
func (q *Queries) IAMMembers(ctx context.Context, queries *IAMMembersQuery, withOwnerRemoved bool) (*Members, error) {
|
|
query, scan := prepareInstanceMembersQuery()
|
|
eq := sq.Eq{InstanceMemberInstanceID.identifier(): authz.GetInstance(ctx).InstanceID()}
|
|
if !withOwnerRemoved {
|
|
addIamMemberWithoutOwnerRemoved(eq)
|
|
addLoginNameWithoutOwnerRemoved(eq)
|
|
}
|
|
stmt, args, err := queries.toQuery(query).Where(eq).ToSql()
|
|
if err != nil {
|
|
return nil, errors.ThrowInvalidArgument(err, "QUERY-USNwM", "Errors.Query.InvalidRequest")
|
|
}
|
|
|
|
currentSequence, err := q.latestSequence(ctx, instanceMemberTable)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
rows, err := q.client.QueryContext(ctx, stmt, args...)
|
|
if err != nil {
|
|
return nil, errors.ThrowInternal(err, "QUERY-Pdg1I", "Errors.Internal")
|
|
}
|
|
members, err := scan(rows)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
members.LatestSequence = currentSequence
|
|
return members, err
|
|
}
|
|
|
|
func prepareInstanceMembersQuery() (sq.SelectBuilder, func(*sql.Rows) (*Members, error)) {
|
|
return sq.Select(
|
|
InstanceMemberCreationDate.identifier(),
|
|
InstanceMemberChangeDate.identifier(),
|
|
InstanceMemberSequence.identifier(),
|
|
InstanceMemberResourceOwner.identifier(),
|
|
InstanceMemberUserID.identifier(),
|
|
InstanceMemberRoles.identifier(),
|
|
LoginNameNameCol.identifier(),
|
|
HumanEmailCol.identifier(),
|
|
HumanFirstNameCol.identifier(),
|
|
HumanLastNameCol.identifier(),
|
|
HumanDisplayNameCol.identifier(),
|
|
MachineNameCol.identifier(),
|
|
HumanAvatarURLCol.identifier(),
|
|
countColumn.identifier(),
|
|
).From(instanceMemberTable.identifier()).
|
|
LeftJoin(join(HumanUserIDCol, InstanceMemberUserID)).
|
|
LeftJoin(join(MachineUserIDCol, InstanceMemberUserID)).
|
|
LeftJoin(join(LoginNameUserIDCol, InstanceMemberUserID)).
|
|
Where(
|
|
sq.Eq{LoginNameIsPrimaryCol.identifier(): true},
|
|
).PlaceholderFormat(sq.Dollar),
|
|
func(rows *sql.Rows) (*Members, error) {
|
|
members := make([]*Member, 0)
|
|
var count uint64
|
|
|
|
for rows.Next() {
|
|
member := new(Member)
|
|
|
|
var (
|
|
preferredLoginName = sql.NullString{}
|
|
email = sql.NullString{}
|
|
firstName = sql.NullString{}
|
|
lastName = sql.NullString{}
|
|
displayName = sql.NullString{}
|
|
machineName = sql.NullString{}
|
|
avatarURL = sql.NullString{}
|
|
)
|
|
|
|
err := rows.Scan(
|
|
&member.CreationDate,
|
|
&member.ChangeDate,
|
|
&member.Sequence,
|
|
&member.ResourceOwner,
|
|
&member.UserID,
|
|
&member.Roles,
|
|
&preferredLoginName,
|
|
&email,
|
|
&firstName,
|
|
&lastName,
|
|
&displayName,
|
|
&machineName,
|
|
&avatarURL,
|
|
|
|
&count,
|
|
)
|
|
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
member.PreferredLoginName = preferredLoginName.String
|
|
member.Email = email.String
|
|
member.FirstName = firstName.String
|
|
member.LastName = lastName.String
|
|
member.AvatarURL = avatarURL.String
|
|
if displayName.Valid {
|
|
member.DisplayName = displayName.String
|
|
} else {
|
|
member.DisplayName = machineName.String
|
|
}
|
|
|
|
members = append(members, member)
|
|
}
|
|
|
|
if err := rows.Close(); err != nil {
|
|
return nil, errors.ThrowInternal(err, "QUERY-EqJFc", "Errors.Query.CloseRows")
|
|
}
|
|
|
|
return &Members{
|
|
Members: members,
|
|
SearchResponse: SearchResponse{
|
|
Count: count,
|
|
},
|
|
}, nil
|
|
}
|
|
}
|