2021-01-04 13:52:13 +00:00
|
|
|
package command
|
|
|
|
|
|
|
|
|
|
import (
|
2021-01-12 11:59:51 +00:00
|
|
|
"strings"
|
|
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
2021-07-06 11:55:57 +00:00
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
|
|
|
caos_errors "github.com/zitadel/zitadel/internal/errors"
|
|
|
|
|
"github.com/zitadel/zitadel/internal/repository/user"
|
2021-01-04 13:52:13 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type UserWriteModel struct {
|
|
|
|
|
eventstore.WriteModel
|
|
|
|
|
|
2021-11-02 09:08:47 +00:00
|
|
|
UserName string
|
|
|
|
|
IDPLinks []*domain.UserIDPLink
|
|
|
|
|
UserState domain.UserState
|
2022-02-08 08:37:28 +00:00
|
|
|
UserType domain.UserType
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
|
2021-01-12 11:59:51 +00:00
|
|
|
func NewUserWriteModel(userID, resourceOwner string) *UserWriteModel {
|
2021-01-04 13:52:13 +00:00
|
|
|
return &UserWriteModel{
|
|
|
|
|
WriteModel: eventstore.WriteModel{
|
2021-01-12 11:59:51 +00:00
|
|
|
AggregateID: userID,
|
|
|
|
|
ResourceOwner: resourceOwner,
|
2021-01-04 13:52:13 +00:00
|
|
|
},
|
2021-11-02 09:08:47 +00:00
|
|
|
IDPLinks: make([]*domain.UserIDPLink, 0),
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (wm *UserWriteModel) Reduce() error {
|
|
|
|
|
for _, event := range wm.Events {
|
|
|
|
|
switch e := event.(type) {
|
|
|
|
|
case *user.HumanAddedEvent:
|
|
|
|
|
wm.UserName = e.UserName
|
2021-03-22 13:40:25 +00:00
|
|
|
wm.UserState = domain.UserStateActive
|
2022-02-08 08:37:28 +00:00
|
|
|
wm.UserType = domain.UserTypeHuman
|
2021-01-04 13:52:13 +00:00
|
|
|
case *user.HumanRegisteredEvent:
|
|
|
|
|
wm.UserName = e.UserName
|
2021-03-22 13:40:25 +00:00
|
|
|
wm.UserState = domain.UserStateActive
|
2022-02-08 08:37:28 +00:00
|
|
|
wm.UserType = domain.UserTypeHuman
|
2021-03-22 13:40:25 +00:00
|
|
|
case *user.HumanInitialCodeAddedEvent:
|
2021-01-04 13:52:13 +00:00
|
|
|
wm.UserState = domain.UserStateInitial
|
2021-02-08 10:30:30 +00:00
|
|
|
case *user.HumanInitializedCheckSucceededEvent:
|
|
|
|
|
wm.UserState = domain.UserStateActive
|
2021-11-02 09:08:47 +00:00
|
|
|
case *user.UserIDPLinkAddedEvent:
|
|
|
|
|
wm.IDPLinks = append(wm.IDPLinks, &domain.UserIDPLink{IDPConfigID: e.IDPConfigID, ExternalUserID: e.ExternalUserID})
|
|
|
|
|
case *user.UserIDPLinkRemovedEvent:
|
|
|
|
|
idx, _ := wm.IDPLinkByID(e.IDPConfigID, e.ExternalUserID)
|
2021-08-24 07:22:21 +00:00
|
|
|
if idx < 0 {
|
|
|
|
|
continue
|
|
|
|
|
}
|
2021-11-02 09:08:47 +00:00
|
|
|
copy(wm.IDPLinks[idx:], wm.IDPLinks[idx+1:])
|
|
|
|
|
wm.IDPLinks[len(wm.IDPLinks)-1] = nil
|
|
|
|
|
wm.IDPLinks = wm.IDPLinks[:len(wm.IDPLinks)-1]
|
|
|
|
|
case *user.UserIDPLinkCascadeRemovedEvent:
|
|
|
|
|
idx, _ := wm.IDPLinkByID(e.IDPConfigID, e.ExternalUserID)
|
2021-08-24 07:22:21 +00:00
|
|
|
if idx < 0 {
|
|
|
|
|
continue
|
|
|
|
|
}
|
2021-11-02 09:08:47 +00:00
|
|
|
copy(wm.IDPLinks[idx:], wm.IDPLinks[idx+1:])
|
|
|
|
|
wm.IDPLinks[len(wm.IDPLinks)-1] = nil
|
|
|
|
|
wm.IDPLinks = wm.IDPLinks[:len(wm.IDPLinks)-1]
|
2021-01-04 13:52:13 +00:00
|
|
|
case *user.MachineAddedEvent:
|
|
|
|
|
wm.UserName = e.UserName
|
|
|
|
|
wm.UserState = domain.UserStateActive
|
2022-02-08 08:37:28 +00:00
|
|
|
wm.UserType = domain.UserTypeMachine
|
2021-01-07 15:06:45 +00:00
|
|
|
case *user.UsernameChangedEvent:
|
|
|
|
|
wm.UserName = e.UserName
|
2021-01-04 13:52:13 +00:00
|
|
|
case *user.UserLockedEvent:
|
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
|
wm.UserState = domain.UserStateLocked
|
|
|
|
|
}
|
|
|
|
|
case *user.UserUnlockedEvent:
|
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
|
wm.UserState = domain.UserStateActive
|
|
|
|
|
}
|
|
|
|
|
case *user.UserDeactivatedEvent:
|
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
|
wm.UserState = domain.UserStateInactive
|
|
|
|
|
}
|
|
|
|
|
case *user.UserReactivatedEvent:
|
|
|
|
|
if wm.UserState != domain.UserStateDeleted {
|
|
|
|
|
wm.UserState = domain.UserStateActive
|
|
|
|
|
}
|
|
|
|
|
case *user.UserRemovedEvent:
|
|
|
|
|
wm.UserState = domain.UserStateDeleted
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return wm.WriteModel.Reduce()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (wm *UserWriteModel) Query() *eventstore.SearchQueryBuilder {
|
2021-07-06 11:55:57 +00:00
|
|
|
query := eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
|
|
|
|
|
AddQuery().
|
|
|
|
|
AggregateTypes(user.AggregateType).
|
2021-02-18 13:48:27 +00:00
|
|
|
AggregateIDs(wm.AggregateID).
|
|
|
|
|
EventTypes(
|
|
|
|
|
user.HumanAddedType,
|
|
|
|
|
user.HumanRegisteredType,
|
|
|
|
|
user.HumanInitializedCheckSucceededType,
|
2021-11-02 09:08:47 +00:00
|
|
|
user.UserIDPLinkAddedType,
|
|
|
|
|
user.UserIDPLinkRemovedType,
|
|
|
|
|
user.UserIDPLinkCascadeRemovedType,
|
2021-02-18 13:48:27 +00:00
|
|
|
user.MachineAddedEventType,
|
|
|
|
|
user.UserUserNameChangedType,
|
|
|
|
|
user.MachineChangedEventType,
|
|
|
|
|
user.UserLockedType,
|
|
|
|
|
user.UserUnlockedType,
|
|
|
|
|
user.UserDeactivatedType,
|
|
|
|
|
user.UserReactivatedType,
|
2021-04-06 07:57:58 +00:00
|
|
|
user.UserRemovedType,
|
|
|
|
|
user.UserV1AddedType,
|
|
|
|
|
user.UserV1RegisteredType,
|
2021-07-06 11:55:57 +00:00
|
|
|
user.UserV1InitializedCheckSucceededType).
|
|
|
|
|
Builder()
|
|
|
|
|
|
2021-01-28 05:35:26 +00:00
|
|
|
if wm.ResourceOwner != "" {
|
|
|
|
|
query.ResourceOwner(wm.ResourceOwner)
|
|
|
|
|
}
|
|
|
|
|
return query
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
|
2021-02-18 13:48:27 +00:00
|
|
|
func UserAggregateFromWriteModel(wm *eventstore.WriteModel) *eventstore.Aggregate {
|
|
|
|
|
return eventstore.AggregateFromWriteModel(wm, user.AggregateType, user.AggregateVersion)
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
2021-01-07 15:06:45 +00:00
|
|
|
|
2022-03-24 16:21:34 +00:00
|
|
|
func CheckDomainPolicyForUserName(userName string, policy *domain.DomainPolicy) error {
|
2021-01-07 15:06:45 +00:00
|
|
|
if policy == nil {
|
2022-03-28 08:05:09 +00:00
|
|
|
return caos_errors.ThrowPreconditionFailed(nil, "COMMAND-3Mb9s", "Errors.Users.DomainPolicyNil")
|
2021-01-07 15:06:45 +00:00
|
|
|
}
|
|
|
|
|
if policy.UserLoginMustBeDomain && strings.Contains(userName, "@") {
|
2022-05-16 12:00:33 +00:00
|
|
|
return caos_errors.ThrowPreconditionFailed(nil, "COMMAND-2k9fD", "Errors.User.EmailAsUsernameNotAllowed")
|
2021-01-07 15:06:45 +00:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2021-02-18 13:48:27 +00:00
|
|
|
|
|
|
|
|
func isUserStateExists(state domain.UserState) bool {
|
|
|
|
|
return !hasUserState(state, domain.UserStateDeleted, domain.UserStateUnspecified)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func isUserStateInactive(state domain.UserState) bool {
|
|
|
|
|
return hasUserState(state, domain.UserStateInactive)
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-25 10:54:36 +00:00
|
|
|
func isUserStateInitial(state domain.UserState) bool {
|
|
|
|
|
return hasUserState(state, domain.UserStateInitial)
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-18 13:48:27 +00:00
|
|
|
func hasUserState(check domain.UserState, states ...domain.UserState) bool {
|
|
|
|
|
for _, state := range states {
|
|
|
|
|
if check == state {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false
|
|
|
|
|
}
|
2021-08-24 07:22:21 +00:00
|
|
|
|
2021-11-02 09:08:47 +00:00
|
|
|
func (wm *UserWriteModel) IDPLinkByID(idpID, externalUserID string) (idx int, idp *domain.UserIDPLink) {
|
|
|
|
|
for idx, idp = range wm.IDPLinks {
|
2021-08-24 07:22:21 +00:00
|
|
|
if idp.IDPConfigID == idpID && idp.ExternalUserID == externalUserID {
|
|
|
|
|
return idx, idp
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return -1, nil
|
|
|
|
|
}
|
