mirrors/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel synced 2024-11-22 18:44:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(authz): fix user grant handler (#795)

Browse Source
This commit is contained in:
Silvan 2020-09-30 10:29:41 +02:00 committed by GitHub
parent c2e046548e
commit bdcf9fcc5c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
internal/auth/repository/eventsourcing/handler/user_grant.go
View File

@ -71,7 +71,7 @@ func (u *UserGrant) Reduce(event *models.Event) (err error) {
case proj_es_model.ProjectAggregate:
err = u.processProject(event)
case iam_es_model.IAMAggregate:
err = u.processIamMember(event, "IAM", false)
err = u.processIAMMember(event, "IAM", false)
case org_es_model.OrgAggregate:
return u.processOrg(event)
}
@ -132,7 +132,6 @@ func (u *UserGrant) processUser(event *models.Event) (err error) {
default:
return u.view.ProcessedUserGrantSequence(event.Sequence)
}
return nil
}
func (u *UserGrant) processProject(event *models.Event) (err error) {
@ -161,7 +160,6 @@ func (u *UserGrant) processProject(event *models.Event) (err error) {
default:
return u.view.ProcessedUserGrantSequence(event.Sequence)
}
return nil
}
func (u *UserGrant) processOrg(event *models.Event) (err error) {
@ -175,7 +173,7 @@ func (u *UserGrant) processOrg(event *models.Event) (err error) {
}
}
func (u *UserGrant) processIamMember(event *models.Event, rolePrefix string, suffix bool) error {
func (u *UserGrant) processIAMMember(event *models.Event, rolePrefix string, suffix bool) error {
member := new(iam_es_model.IAMMember)
switch event.Type {

19
internal/authz/repository/eventsourcing/handler/user_grant.go
View File

@ -57,7 +57,7 @@ func (u *UserGrant) Reduce(event *models.Event) (err error) {
case proj_es_model.ProjectAggregate:
err = u.processProject(event)
case iam_es_model.IAMAggregate:
err = u.processIamMember(event, "IAM", false)
err = u.processIAMMember(event, "IAM", false)
case org_es_model.OrgAggregate:
return u.processOrg(event)
}
@ -90,7 +90,7 @@ func (u *UserGrant) processOrg(event *models.Event) (err error) {
}
}
func (u *UserGrant) processIamMember(event *models.Event, rolePrefix string, suffix bool) error {
func (u *UserGrant) processIAMMember(event *models.Event, rolePrefix string, suffix bool) error {
member := new(iam_es_model.IAMMember)
switch event.Type {
@ -158,6 +158,7 @@ func (u *UserGrant) processMember(event *models.Event, rolePrefix, roleSuffix st
RoleKeys: roleKeys,
CreationDate: event.CreationDate,
}
} else {
newRoles := roleKeys
if grant.RoleKeys != nil {
@ -174,10 +175,20 @@ func (u *UserGrant) processMember(event *models.Event, rolePrefix, roleSuffix st
proj_es_model.ProjectGrantMemberRemoved:
grant, err := u.view.UserGrantByIDs(event.ResourceOwner, u.iamProjectID, userID)
if err != nil {
if err != nil && !errors.IsNotFound(err) {
return err
}
return u.view.DeleteUserGrant(grant.ID, event.Sequence)
if errors.IsNotFound(err) {
return u.view.ProcessedUserGrantSequence(event.Sequence)
}
if roleSuffix != "" {
roleKeys = suffixRoles(roleSuffix, roleKeys)
}
if grant.RoleKeys == nil {
return u.view.ProcessedUserGrantSequence(event.Sequence)
}
grant.RoleKeys = mergeExistingRoles(rolePrefix, roleSuffix, grant.RoleKeys, nil)
return u.view.PutUserGrant(grant, event.Sequence)
default:
return u.view.ProcessedUserGrantSequence(event.Sequence)
}