fix: check if project has resourceOwner and ownerID (#8725)

# Which Problems Are Solved There is no check that the creation of a project also has a resource owner. # How the Problems Are Solved Check if resource owner and the ID of the owner are provided on command side. # Additional Changes None # Additional Context Closes #7794
2024-11-21 16:30:53 +00:00 · 2024-10-08 17:07:27 +02:00 · 2024-10-08 17:07:27 +02:00 · 911cb42d70
commit 911cb42d70
parent 34195157ce
2 changed files with 58 additions and 0 deletions
--- a/internal/command/project.go
+++ b/internal/command/project.go
@ -20,6 +20,12 @@ import (
 func (c *Commands) AddProjectWithID(ctx context.Context, project *domain.Project, resourceOwner, projectID string) (_ *domain.Project, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()
+	if resourceOwner == "" {
+		return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-w8tnSoJxtn", "Errors.ResourceOwnerMissing")
+	}
+	if projectID == "" {
+		return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-nDXf5vXoUj", "Errors.IDMissing")
+	}

 	existingProject, err := c.getProjectWriteModelByID(ctx, projectID, resourceOwner)
 	if err != nil {
@ -35,6 +41,12 @@ func (c *Commands) AddProject(ctx context.Context, project *domain.Project, reso
 	if !project.IsValid() {
 		return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-IOVCC", "Errors.Project.Invalid")
 	}
+	if resourceOwner == "" {
+		return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-fmq7bqQX1s", "Errors.ResourceOwnerMissing")
+	}
+	if ownerUserID == "" {
+		return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-xe95Gl3Dro", "Errors.IDMissing")
+	}

 	projectID, err := c.idGenerator.Next()
 	if err != nil {
--- a/internal/command/project_test.go
+++ b/internal/command/project_test.go
@ -52,6 +52,52 @@ func TestCommandSide_AddProject(t *testing.T) {
 				err: zerrors.IsErrorInvalidArgument,
 			},
 		},
+		{
+			name: "org with project owner, resourceowner empty",
+			fields: fields{
+				eventstore: eventstoreExpect(
+					t,
+				),
+			},
+			args: args{
+				ctx: context.Background(),
+				project: &domain.Project{
+					Name:                   "project",
+					ProjectRoleAssertion:   true,
+					ProjectRoleCheck:       true,
+					HasProjectCheck:        true,
+					PrivateLabelingSetting: domain.PrivateLabelingSettingAllowLoginUserResourceOwnerPolicy,
+				},
+				resourceOwner: "",
+				ownerID:       "user1",
+			},
+			res: res{
+				err: zerrors.IsErrorInvalidArgument,
+			},
+		},
+		{
+			name: "org with project owner, ownerID empty",
+			fields: fields{
+				eventstore: eventstoreExpect(
+					t,
+				),
+			},
+			args: args{
+				ctx: context.Background(),
+				project: &domain.Project{
+					Name:                   "project",
+					ProjectRoleAssertion:   true,
+					ProjectRoleCheck:       true,
+					HasProjectCheck:        true,
+					PrivateLabelingSetting: domain.PrivateLabelingSettingAllowLoginUserResourceOwnerPolicy,
+				},
+				resourceOwner: "org1",
+				ownerID:       "",
+			},
+			res: res{
+				err: zerrors.IsErrorInvalidArgument,
+			},
+		},
 		{
 			name: "org with project owner, error already exists",
 			fields: fields{