Identity: Add read-only identity apiserver (#90418)
This commit is contained in:
Ryan McKinley
GitHub
@@ -20,8 +20,10 @@ import (
|
||||
type store interface {
|
||||
Insert(context.Context, *user.User) (int64, error)
|
||||
GetByID(context.Context, int64) (*user.User, error)
|
||||
GetByUID(ctx context.Context, orgId int64, uid string) (*user.User, error)
|
||||
GetByLogin(context.Context, *user.GetUserByLoginQuery) (*user.User, error)
|
||||
GetByEmail(context.Context, *user.GetUserByEmailQuery) (*user.User, error)
|
||||
List(context.Context, *user.ListUsersCommand) (*user.ListUserResult, error)
|
||||
Delete(context.Context, int64) error
|
||||
LoginConflict(ctx context.Context, login, email string) error
|
||||
Update(context.Context, *user.UpdateUserCommand) error
|
||||
@@ -107,6 +109,24 @@ func (ss *sqlStore) GetByID(ctx context.Context, userID int64) (*user.User, erro
|
||||
return &usr, err
|
||||
}
|
||||
|
||||
func (ss *sqlStore) GetByUID(ctx context.Context, orgId int64, uid string) (*user.User, error) {
|
||||
var usr user.User
|
||||
|
||||
err := ss.db.WithDbSession(ctx, func(sess *db.Session) error {
|
||||
has, err := sess.Table("user").
|
||||
Where("org_id = ? AND uid = ?", orgId, uid).
|
||||
Get(&usr)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
} else if !has {
|
||||
return user.ErrUserNotFound
|
||||
}
|
||||
return nil
|
||||
})
|
||||
return &usr, err
|
||||
}
|
||||
|
||||
func (ss *sqlStore) notServiceAccountFilter() string {
|
||||
return fmt.Sprintf("%s.is_service_account = %s",
|
||||
ss.dialect.Quote("user"),
|
||||
@@ -506,7 +526,7 @@ func (ss *sqlStore) Search(ctx context.Context, query *user.SearchUsersQuery) (*
|
||||
sess.Limit(query.Limit, offset)
|
||||
}
|
||||
|
||||
sess.Cols("u.id", "u.email", "u.name", "u.login", "u.is_admin", "u.is_disabled", "u.last_seen_at", "user_auth.auth_module")
|
||||
sess.Cols("u.id", "u.uid", "u.email", "u.name", "u.login", "u.is_admin", "u.is_disabled", "u.last_seen_at", "user_auth.auth_module")
|
||||
|
||||
if len(query.SortOpts) > 0 {
|
||||
for i := range query.SortOpts {
|
||||
@@ -559,6 +579,40 @@ func (ss *sqlStore) Search(ctx context.Context, query *user.SearchUsersQuery) (*
|
||||
return &result, err
|
||||
}
|
||||
|
||||
func (ss *sqlStore) List(ctx context.Context, query *user.ListUsersCommand) (*user.ListUserResult, error) {
|
||||
limit := int(query.Limit)
|
||||
if limit <= 0 {
|
||||
limit = 25
|
||||
}
|
||||
result := &user.ListUserResult{
|
||||
Users: make([]*user.User, 0),
|
||||
}
|
||||
max := ""
|
||||
err := ss.db.WithDbSession(ctx, func(dbSess *db.Session) error {
|
||||
sess := dbSess.Table("user")
|
||||
sess.Where("id >= ? AND is_service_account = ?", query.ContinueID, query.IsServiceAccount)
|
||||
err := sess.OrderBy("id asc").Limit(limit + 1).Find(&result.Users)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Set the revision version
|
||||
_, err = dbSess.Table("user").Select("MAX(updated)").Get(&max)
|
||||
return err
|
||||
})
|
||||
if max != "" {
|
||||
t, err := time.Parse(time.DateTime, max)
|
||||
if err == nil {
|
||||
result.RV = t.UnixMilli()
|
||||
}
|
||||
}
|
||||
if len(result.Users) > limit {
|
||||
result.ContinueID = result.Users[limit].ID
|
||||
result.Users = result.Users[:limit]
|
||||
}
|
||||
return result, err
|
||||
}
|
||||
|
||||
func setOptional[T any](v *T, add func(v T)) {
|
||||
if v != nil {
|
||||
add(*v)
|
||||
|
||||
@@ -212,6 +212,16 @@ func (s *Service) GetByID(ctx context.Context, query *user.GetUserByIDQuery) (*u
|
||||
return s.store.GetByID(ctx, query.ID)
|
||||
}
|
||||
|
||||
func (s *Service) GetByUID(ctx context.Context, query *user.GetUserByUIDQuery) (*user.User, error) {
|
||||
ctx, span := s.tracer.Start(ctx, "user.GetByUID", trace.WithAttributes(
|
||||
attribute.Int64("orgID", query.OrgID),
|
||||
attribute.String("userUID", query.UID),
|
||||
))
|
||||
defer span.End()
|
||||
|
||||
return s.store.GetByUID(ctx, query.OrgID, query.UID)
|
||||
}
|
||||
|
||||
func (s *Service) GetByLogin(ctx context.Context, query *user.GetUserByLoginQuery) (*user.User, error) {
|
||||
ctx, span := s.tracer.Start(ctx, "user.GetByLogin")
|
||||
defer span.End()
|
||||
@@ -368,6 +378,15 @@ func (s *Service) getSignedInUser(ctx context.Context, query *user.GetSignedInUs
|
||||
return usr, err
|
||||
}
|
||||
|
||||
func (s *Service) List(ctx context.Context, query *user.ListUsersCommand) (*user.ListUserResult, error) {
|
||||
ctx, span := s.tracer.Start(ctx, "user.List", trace.WithAttributes(
|
||||
attribute.Int64("orgID", query.OrgID),
|
||||
))
|
||||
defer span.End()
|
||||
|
||||
return s.store.List(ctx, query)
|
||||
}
|
||||
|
||||
func (s *Service) Search(ctx context.Context, query *user.SearchUsersQuery) (*user.SearchUserQueryResult, error) {
|
||||
ctx, span := s.tracer.Start(ctx, "user.Search", trace.WithAttributes(
|
||||
attribute.Int64("orgID", query.OrgID),
|
||||
|
||||
@@ -291,6 +291,10 @@ func (f *FakeUserStore) GetByID(context.Context, int64) (*user.User, error) {
|
||||
return f.ExpectedUser, f.ExpectedError
|
||||
}
|
||||
|
||||
func (f *FakeUserStore) GetByUID(context.Context, int64, string) (*user.User, error) {
|
||||
return f.ExpectedUser, f.ExpectedError
|
||||
}
|
||||
|
||||
func (f *FakeUserStore) LoginConflict(context.Context, string, string) error {
|
||||
return f.ExpectedError
|
||||
}
|
||||
@@ -327,6 +331,10 @@ func (f *FakeUserStore) Search(ctx context.Context, query *user.SearchUsersQuery
|
||||
return f.ExpectedSearchUserQueryResult, f.ExpectedError
|
||||
}
|
||||
|
||||
func (f *FakeUserStore) List(ctx context.Context, query *user.ListUsersCommand) (*user.ListUserResult, error) {
|
||||
return nil, f.ExpectedError
|
||||
}
|
||||
|
||||
func (f *FakeUserStore) Count(ctx context.Context) (int64, error) {
|
||||
return 0, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user