From a51b35a6b4607246d00dbf05a26ebeeec5abfd87 Mon Sep 17 00:00:00 2001 From: Brian Manifold Date: Fri, 30 May 2025 14:06:35 -0700 Subject: [PATCH] refactor(portal): remove created_by_ columns (#9306) Why: * Now that we have started using the `created_by_subject` field on various tables, we no longer need to keep the `created_by_` fields. This will help remove a foreign key reference and will be one step closer to allowing us to hard delete data rather than soft deleting all data in order to keep foreign key references like these. --- .../api/lib/api/controllers/client_json.ex | 3 +- .../apps/api/lib/api/schemas/client_schema.ex | 19 ++++------- .../controllers/client_controller_test.exs | 12 +++---- elixir/apps/domain/lib/domain/actors/group.ex | 2 -- .../apps/domain/lib/domain/auth/identity.ex | 2 -- .../apps/domain/lib/domain/auth/provider.ex | 2 -- elixir/apps/domain/lib/domain/clients.ex | 8 ----- .../apps/domain/lib/domain/clients/client.ex | 2 -- .../lib/domain/clients/client/changeset.ex | 27 ++------------- .../apps/domain/lib/domain/gateways/group.ex | 2 -- .../apps/domain/lib/domain/policies/policy.ex | 2 -- elixir/apps/domain/lib/domain/relays/group.ex | 2 -- .../apps/domain/lib/domain/repo/changeset.ex | 5 --- .../domain/lib/domain/resources/connection.ex | 2 -- .../domain/lib/domain/resources/resource.ex | 2 -- elixir/apps/domain/lib/domain/tokens/token.ex | 2 -- ...30194329_update_verified_by_constraint.exs | 28 +++++++++++++++ elixir/apps/domain/test/domain/auth_test.exs | 4 --- .../apps/domain/test/domain/clients_test.exs | 34 ++++++++++--------- .../apps/domain/test/domain/gateways_test.exs | 2 -- .../apps/domain/test/domain/relays_test.exs | 18 +++++++--- .../domain/test/domain/resources_test.exs | 2 -- .../domain/test/support/fixtures/clients.ex | 7 ++++ .../web/lib/web/components/core_components.ex | 16 ++++----- elixir/apps/web/lib/web/live/actors/show.ex | 3 +- elixir/apps/web/lib/web/live/clients/show.ex | 4 --- elixir/apps/web/lib/web/live/groups/index.ex | 2 +- elixir/apps/web/lib/web/live/groups/show.ex | 8 +---- elixir/apps/web/lib/web/live/policies/show.ex | 5 --- .../web/lib/web/live/relay_groups/show.ex | 7 +--- .../apps/web/lib/web/live/resources/show.ex | 5 --- .../lib/web/live/settings/api_clients/show.ex | 10 +----- .../google_workspace/show.ex | 16 ++------- .../identity_providers/jumpcloud/show.ex | 16 ++------- .../microsoft_entra/show.ex | 16 ++------- .../settings/identity_providers/mock/show.ex | 16 ++------- .../settings/identity_providers/okta/show.ex | 16 ++------- .../identity_providers/openid_connect/show.ex | 17 ++-------- .../identity_providers/system/show.ex | 17 ++-------- elixir/apps/web/lib/web/live/sites/show.ex | 9 +---- .../web/test/web/live/actors/show_test.exs | 13 ++++--- .../web/test/web/live/groups/new_test.exs | 1 - .../web/test/web/live/groups/show_test.exs | 2 +- .../web/test/web/live/resources/show_test.exs | 18 +++++----- .../google_workspace/show_test.exs | 1 - .../jumpcloud/show_test.exs | 1 - .../microsoft_entra/show_test.exs | 1 - .../identity_providers/okta/show_test.exs | 1 - .../openid_connect/show_test.exs | 1 - .../identity_providers/system/show_test.exs | 1 - 50 files changed, 129 insertions(+), 283 deletions(-) create mode 100644 elixir/apps/domain/priv/repo/migrations/20250530194329_update_verified_by_constraint.exs diff --git a/elixir/apps/api/lib/api/controllers/client_json.ex b/elixir/apps/api/lib/api/controllers/client_json.ex index 6a436258d..4c09ef583 100644 --- a/elixir/apps/api/lib/api/controllers/client_json.ex +++ b/elixir/apps/api/lib/api/controllers/client_json.ex @@ -42,8 +42,7 @@ defmodule API.ClientJSON do firebase_installation_id: client.firebase_installation_id, verified_at: client.verified_at, verified_by: client.verified_by, - verified_by_actor_id: client.verified_by_actor_id, - verified_by_identity_id: client.verified_by_identity_id, + verified_by_subject: client.verified_by_subject, created_at: client.inserted_at, updated_at: client.updated_at } diff --git a/elixir/apps/api/lib/api/schemas/client_schema.ex b/elixir/apps/api/lib/api/schemas/client_schema.ex index 8b91171d7..556d5c55c 100644 --- a/elixir/apps/api/lib/api/schemas/client_schema.ex +++ b/elixir/apps/api/lib/api/schemas/client_schema.ex @@ -85,13 +85,9 @@ defmodule API.Schemas.Client do description: "Client verification method", enum: [:system, :actor, :identity] }, - verified_by_actor_id: %Schema{ - type: :string, - description: "Actor ID who verified the client" - }, - verified_by_identity_id: %Schema{ - type: :string, - description: "Identity ID who verified the client" + verified_by_subject: %Schema{ + type: :object, + description: "Actor Name and/or Identity email who verified the client" }, created_at: %Schema{ type: :string, @@ -220,8 +216,7 @@ defmodule API.Schemas.Client do "firebase_installation_id" => nil, "verified_at" => "2025-01-01T00:00:00Z", "verified_by" => "identity", - "verified_by_actor_id" => nil, - "verified_by_identity_id" => "6ecc106b-75c1-48a5-846c-14782180c1ff", + "verified_by_subject" => %{"name" => "Foo", "email" => "foo@bar.com"}, "created_at" => "2025-01-01T00:00:00Z", "updated_at" => "2025-01-01T00:00:00Z" } @@ -266,8 +261,7 @@ defmodule API.Schemas.Client do "firebase_installation_id" => nil, "verified_at" => "2025-01-01T00:00:00Z", "verified_by" => "identity", - "verified_by_actor_id" => nil, - "verified_by_identity_id" => "6ecc106b-75c1-48a5-846c-14782180c1ff", + "verified_by_subject" => %{"name" => "Foo", "email" => "foo@bar.com"}, "created_at" => "2025-01-01T00:00:00Z", "updated_at" => "2025-01-01T00:00:00Z" }, @@ -293,8 +287,7 @@ defmodule API.Schemas.Client do "firebase_installation_id" => nil, "verified_at" => nil, "verified_by" => nil, - "verified_by_actor_id" => nil, - "verified_by_identity_id" => nil, + "verified_by_subject" => %{"name" => "Foo", "email" => "foo@bar.com"}, "created_at" => "2025-01-01T00:00:00Z", "updated_at" => "2025-01-01T00:00:00Z" } diff --git a/elixir/apps/api/test/api/controllers/client_controller_test.exs b/elixir/apps/api/test/api/controllers/client_controller_test.exs index cc8a36b75..6f9f157c7 100644 --- a/elixir/apps/api/test/api/controllers/client_controller_test.exs +++ b/elixir/apps/api/test/api/controllers/client_controller_test.exs @@ -152,8 +152,7 @@ defmodule API.ClientControllerTest do "updated_at" => client.updated_at && DateTime.to_iso8601(client.updated_at), "verified_at" => client.verified_at && DateTime.to_iso8601(client.verified_at), "verified_by" => client.verified_by, - "verified_by_actor_id" => client.verified_by_actor_id, - "verified_by_identity_id" => client.verified_by_identity_id + "verified_by_subject" => client.verified_by_subject } } end @@ -210,8 +209,7 @@ defmodule API.ClientControllerTest do assert resp["data"]["id"] == client.id assert resp["data"]["verified_at"] assert resp["data"]["verified_by"] - assert resp["data"]["verified_by_actor_id"] - refute resp["data"]["verified_by_identity_id"] + assert resp["data"]["verified_by_subject"] end end @@ -233,8 +231,7 @@ defmodule API.ClientControllerTest do assert resp["data"]["id"] == client.id refute resp["data"]["verified_at"] refute resp["data"]["verified_by"] - refute resp["data"]["verified_by_actor_id"] - refute resp["data"]["verified_by_identity_id"] + refute resp["data"]["verified_by_subject"] end end @@ -285,8 +282,7 @@ defmodule API.ClientControllerTest do "updated_at" => client.updated_at && DateTime.to_iso8601(client.updated_at), "verified_at" => client.verified_at && DateTime.to_iso8601(client.verified_at), "verified_by" => client.verified_by, - "verified_by_actor_id" => client.verified_by_actor_id, - "verified_by_identity_id" => client.verified_by_identity_id + "verified_by_subject" => client.verified_by_subject } } diff --git a/elixir/apps/domain/lib/domain/actors/group.ex b/elixir/apps/domain/lib/domain/actors/group.ex index a1cbebc99..fe15a8b09 100644 --- a/elixir/apps/domain/lib/domain/actors/group.ex +++ b/elixir/apps/domain/lib/domain/actors/group.ex @@ -22,8 +22,6 @@ defmodule Domain.Actors.Group do field :created_by, Ecto.Enum, values: ~w[actor identity provider system]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor belongs_to :account, Domain.Accounts.Account diff --git a/elixir/apps/domain/lib/domain/auth/identity.ex b/elixir/apps/domain/lib/domain/auth/identity.ex index 670beefdc..0d284dce0 100644 --- a/elixir/apps/domain/lib/domain/auth/identity.ex +++ b/elixir/apps/domain/lib/domain/auth/identity.ex @@ -22,8 +22,6 @@ defmodule Domain.Auth.Identity do field :created_by, Ecto.Enum, values: ~w[system provider identity]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor has_many :clients, Domain.Clients.Client, where: [deleted_at: nil] diff --git a/elixir/apps/domain/lib/domain/auth/provider.ex b/elixir/apps/domain/lib/domain/auth/provider.ex index 56a8f9229..af5ea76e9 100644 --- a/elixir/apps/domain/lib/domain/auth/provider.ex +++ b/elixir/apps/domain/lib/domain/auth/provider.ex @@ -19,8 +19,6 @@ defmodule Domain.Auth.Provider do field :created_by, Ecto.Enum, values: ~w[system identity actor]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor field :last_syncs_failed, :integer field :last_sync_error, :string diff --git a/elixir/apps/domain/lib/domain/clients.ex b/elixir/apps/domain/lib/domain/clients.ex index 8d7c5eefb..b947aba71 100644 --- a/elixir/apps/domain/lib/domain/clients.ex +++ b/elixir/apps/domain/lib/domain/clients.ex @@ -201,14 +201,6 @@ defmodule Domain.Clients do with: &Client.Changeset.verify(&1, subject), preload: [:online?] ) - |> case do - {:ok, client} -> - client = Repo.preload(client, [:verified_by_actor, :verified_by_identity]) - {:ok, client} - - {:error, reason} -> - {:error, reason} - end end end diff --git a/elixir/apps/domain/lib/domain/clients/client.ex b/elixir/apps/domain/lib/domain/clients/client.ex index d230496e3..1207b4709 100644 --- a/elixir/apps/domain/lib/domain/clients/client.ex +++ b/elixir/apps/domain/lib/domain/clients/client.ex @@ -37,8 +37,6 @@ defmodule Domain.Clients.Client do field :verified_at, :utc_datetime_usec field :verified_by, Ecto.Enum, values: [:system, :actor, :identity] field :verified_by_subject, :map - belongs_to :verified_by_actor, Domain.Actors.Actor - belongs_to :verified_by_identity, Domain.Auth.Identity field :deleted_at, :utc_datetime_usec timestamps() diff --git a/elixir/apps/domain/lib/domain/clients/client/changeset.ex b/elixir/apps/domain/lib/domain/clients/client/changeset.ex index 9427eda87..d866c1c06 100644 --- a/elixir/apps/domain/lib/domain/clients/client/changeset.ex +++ b/elixir/apps/domain/lib/domain/clients/client/changeset.ex @@ -79,7 +79,7 @@ defmodule Domain.Clients.Client.Changeset do clients, clients.verified_by ), - verified_by_actor_id: + verified_by_subject: fragment( """ CASE WHEN (EXCLUDED.device_serial = ?.device_serial OR ?.device_serial IS NULL) @@ -98,28 +98,7 @@ defmodule Domain.Clients.Client.Changeset do clients, clients, clients, - clients.verified_by_actor_id - ), - verified_by_identity_id: - fragment( - """ - CASE WHEN (EXCLUDED.device_serial = ?.device_serial OR ?.device_serial IS NULL) - AND (EXCLUDED.device_uuid = ?.device_uuid OR ?.device_uuid IS NULL) - AND (EXCLUDED.identifier_for_vendor = ?.identifier_for_vendor OR ?.identifier_for_vendor IS NULL) - AND (EXCLUDED.firebase_installation_id = ?.firebase_installation_id OR ?.firebase_installation_id IS NULL) - THEN ? - ELSE NULL - END - """, - clients, - clients, - clients, - clients, - clients, - clients, - clients, - clients, - clients.verified_by_identity_id + clients.verified_by_subject ) ] ) @@ -181,8 +160,6 @@ defmodule Domain.Clients.Client.Changeset do |> change() |> put_change(:verified_at, nil) |> put_change(:verified_by, nil) - |> put_change(:verified_by_actor_id, nil) - |> put_change(:verified_by_identity_id, nil) |> put_change(:verified_by_subject, nil) end diff --git a/elixir/apps/domain/lib/domain/gateways/group.ex b/elixir/apps/domain/lib/domain/gateways/group.ex index fd2fec400..960e7488c 100644 --- a/elixir/apps/domain/lib/domain/gateways/group.ex +++ b/elixir/apps/domain/lib/domain/gateways/group.ex @@ -17,8 +17,6 @@ defmodule Domain.Gateways.Group do field :created_by, Ecto.Enum, values: ~w[actor identity system]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor field :deleted_at, :utc_datetime_usec timestamps() diff --git a/elixir/apps/domain/lib/domain/policies/policy.ex b/elixir/apps/domain/lib/domain/policies/policy.ex index cad473cb0..329c4adef 100644 --- a/elixir/apps/domain/lib/domain/policies/policy.ex +++ b/elixir/apps/domain/lib/domain/policies/policy.ex @@ -14,8 +14,6 @@ defmodule Domain.Policies.Policy do field :created_by, Ecto.Enum, values: ~w[actor identity]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor belongs_to :replaced_by_policy, Domain.Policies.Policy has_one :replaces_policy, Domain.Policies.Policy, foreign_key: :replaced_by_policy_id diff --git a/elixir/apps/domain/lib/domain/relays/group.ex b/elixir/apps/domain/lib/domain/relays/group.ex index 1ab677976..a264cf1f8 100644 --- a/elixir/apps/domain/lib/domain/relays/group.ex +++ b/elixir/apps/domain/lib/domain/relays/group.ex @@ -10,8 +10,6 @@ defmodule Domain.Relays.Group do field :created_by, Ecto.Enum, values: ~w[system identity]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor field :deleted_at, :utc_datetime_usec timestamps() diff --git a/elixir/apps/domain/lib/domain/repo/changeset.ex b/elixir/apps/domain/lib/domain/repo/changeset.ex index 07ea03126..38651053d 100644 --- a/elixir/apps/domain/lib/domain/repo/changeset.ex +++ b/elixir/apps/domain/lib/domain/repo/changeset.ex @@ -163,7 +163,6 @@ defmodule Domain.Repo.Changeset do changeset |> put_default_value(field, :actor) |> put_default_value(:"#{field}_subject", %{"name" => subject.actor.name, "email" => nil}) - |> put_default_value(:"#{field}_actor_id", subject.actor.id) end def put_subject_trail(changeset, field, %Domain.Auth.Subject{} = subject) do @@ -173,15 +172,11 @@ defmodule Domain.Repo.Changeset do "name" => subject.actor.name, "email" => subject.identity.email }) - |> put_default_value(:"#{field}_actor_id", subject.actor.id) - |> put_default_value(:"#{field}_identity_id", subject.identity.id) end def reset_created_by(changeset) do changeset |> put_change(:created_by, nil) - |> put_change(:created_by_identity_id, nil) - |> put_change(:created_by_actor_id, nil) |> put_change(:created_by_subject, nil) end diff --git a/elixir/apps/domain/lib/domain/resources/connection.ex b/elixir/apps/domain/lib/domain/resources/connection.ex index 112acee61..ea217918d 100644 --- a/elixir/apps/domain/lib/domain/resources/connection.ex +++ b/elixir/apps/domain/lib/domain/resources/connection.ex @@ -8,8 +8,6 @@ defmodule Domain.Resources.Connection do field :created_by, Ecto.Enum, values: ~w[actor identity system]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor belongs_to :account, Domain.Accounts.Account end diff --git a/elixir/apps/domain/lib/domain/resources/resource.ex b/elixir/apps/domain/lib/domain/resources/resource.ex index 7dc1c4ea9..44e743b06 100644 --- a/elixir/apps/domain/lib/domain/resources/resource.ex +++ b/elixir/apps/domain/lib/domain/resources/resource.ex @@ -30,8 +30,6 @@ defmodule Domain.Resources.Resource do field :created_by, Ecto.Enum, values: ~w[identity actor system]a field :created_by_subject, :map - belongs_to :created_by_actor, Domain.Actors.Actor - belongs_to :created_by_identity, Domain.Auth.Identity belongs_to :replaced_by_resource, Domain.Resources.Resource has_one :replaces_resource, Domain.Resources.Resource, foreign_key: :replaced_by_resource_id diff --git a/elixir/apps/domain/lib/domain/tokens/token.ex b/elixir/apps/domain/lib/domain/tokens/token.ex index f71f75516..6b140e8c6 100644 --- a/elixir/apps/domain/lib/domain/tokens/token.ex +++ b/elixir/apps/domain/lib/domain/tokens/token.ex @@ -45,8 +45,6 @@ defmodule Domain.Tokens.Token do # Maybe this is not needed and they should be in the join tables (eg. relay_group_tokens) field :created_by, Ecto.Enum, values: ~w[actor identity system]a field :created_by_subject, :map - belongs_to :created_by_identity, Domain.Auth.Identity - belongs_to :created_by_actor, Domain.Actors.Actor field :created_by_user_agent, :string field :created_by_remote_ip, Domain.Types.IP diff --git a/elixir/apps/domain/priv/repo/migrations/20250530194329_update_verified_by_constraint.exs b/elixir/apps/domain/priv/repo/migrations/20250530194329_update_verified_by_constraint.exs new file mode 100644 index 000000000..9cab3d4b5 --- /dev/null +++ b/elixir/apps/domain/priv/repo/migrations/20250530194329_update_verified_by_constraint.exs @@ -0,0 +1,28 @@ +defmodule Domain.Repo.Migrations.UpdateVerifiedByConstraint do + use Ecto.Migration + + def change do + execute(""" + ALTER TABLE clients + DROP CONSTRAINT IF EXISTS verified_fields_set + """) + + create( + constraint(:clients, :verified_fields_set, + check: """ + ( + verified_at IS NULL + AND verified_by IS NULL + AND verified_by_subject IS NULL + ) + OR + ( + verified_at IS NOT NULL + AND verified_by IS NOT NULL + AND verified_by_subject IS NOT NULL + ) + """ + ) + ) + end +end diff --git a/elixir/apps/domain/test/domain/auth_test.exs b/elixir/apps/domain/test/domain/auth_test.exs index ab7099f9f..d5ac1b096 100644 --- a/elixir/apps/domain/test/domain/auth_test.exs +++ b/elixir/apps/domain/test/domain/auth_test.exs @@ -780,7 +780,6 @@ defmodule Domain.AuthTest do assert provider.created_by == :system assert provider.created_by_subject == %{"email" => nil, "name" => "System"} - assert is_nil(provider.created_by_identity_id) assert is_nil(provider.disabled_at) assert is_nil(provider.deleted_at) @@ -842,7 +841,6 @@ defmodule Domain.AuthTest do assert {:ok, provider} = create_provider(account, attrs, subject) assert provider.created_by == :identity - assert provider.created_by_identity_id == subject.identity.id assert provider.created_by_subject == %{ "email" => subject.identity.email, @@ -4094,7 +4092,6 @@ defmodule Domain.AuthTest do refute token.identity_id assert token.actor_id == actor.id assert token.created_by == :identity - assert token.created_by_identity_id == subject.identity.id assert token.created_by_user_agent == context.user_agent assert token.created_by_remote_ip.address == context.remote_ip @@ -4208,7 +4205,6 @@ defmodule Domain.AuthTest do refute token.identity_id assert token.actor_id == actor.id assert token.created_by == :identity - assert token.created_by_identity_id == subject.identity.id assert token.created_by_user_agent == context.user_agent assert token.created_by_remote_ip.address == context.remote_ip diff --git a/elixir/apps/domain/test/domain/clients_test.exs b/elixir/apps/domain/test/domain/clients_test.exs index a60502ae8..6ad5ae657 100644 --- a/elixir/apps/domain/test/domain/clients_test.exs +++ b/elixir/apps/domain/test/domain/clients_test.exs @@ -469,7 +469,7 @@ defmodule Domain.ClientsTest do Fixtures.Auth.create_subject(account: account, identity: previous_identity) client = Fixtures.Clients.create_client(subject: previous_subject) - client = Fixtures.Clients.verify_client(client) + client = Fixtures.Clients.verify_client(client, previous_subject) attrs = Fixtures.Clients.client_attrs( @@ -528,8 +528,11 @@ defmodule Domain.ClientsTest do assert updated_client.verified_at == client.verified_at assert updated_client.verified_by == client.verified_by - assert updated_client.verified_by_actor_id == client.verified_by_actor_id - assert updated_client.verified_by_identity_id == client.verified_by_identity_id + + assert updated_client.verified_by_subject == %{ + "email" => previous_subject.identity.email, + "name" => previous_subject.actor.name + } assert updated_client.device_serial == client.device_serial assert updated_client.device_uuid == client.device_uuid @@ -602,8 +605,7 @@ defmodule Domain.ClientsTest do refute created_client.verified_at refute created_client.verified_by - refute created_client.verified_by_actor_id - refute created_client.verified_by_identity_id + refute created_client.verified_by_subject assert created_client.device_serial == attrs.device_serial assert created_client.device_uuid == attrs.device_uuid @@ -653,14 +655,14 @@ defmodule Domain.ClientsTest do ) attrs = Map.put(attrs, field, Ecto.UUID.generate()) + assert {:ok, updated_client} = upsert_client(attrs, subject) assert updated_client.id == client.id assert Map.get(updated_client, field) == Map.get(attrs, field) assert is_nil(updated_client.verified_at) assert is_nil(updated_client.verified_by) - assert is_nil(updated_client.verified_by_actor_id) - assert is_nil(updated_client.verified_by_identity_id) + assert is_nil(updated_client.verified_by_subject) end end @@ -694,7 +696,7 @@ defmodule Domain.ClientsTest do :firebase_installation_id ] do client = Fixtures.Clients.create_client(subject: previous_subject) - client = Fixtures.Clients.verify_client(client) + client = Fixtures.Clients.verify_client(client, previous_subject) attrs = Fixtures.Clients.client_attrs( @@ -712,8 +714,7 @@ defmodule Domain.ClientsTest do assert is_nil(updated_client.verified_at) assert is_nil(updated_client.verified_by) - assert is_nil(updated_client.verified_by_actor_id) - assert is_nil(updated_client.verified_by_identity_id) + assert is_nil(updated_client.verified_by_subject) end end @@ -762,8 +763,7 @@ defmodule Domain.ClientsTest do refute is_nil(updated_client.verified_at) refute is_nil(updated_client.verified_by) - refute is_nil(updated_client.verified_by_actor_id) - refute is_nil(updated_client.verified_by_identity_id) + refute is_nil(updated_client.verified_by_subject) end test "does not reserve additional addresses on update", %{ @@ -1014,8 +1014,11 @@ defmodule Domain.ClientsTest do assert {:ok, client} = verify_client(client, subject) assert client.verified_at assert client.verified_by == :identity - assert client.verified_by_actor_id == subject.actor.id - assert client.verified_by_identity_id == subject.identity.id + + assert client.verified_by_subject == %{ + "email" => subject.identity.email, + "name" => actor.name + } assert {:ok, double_verified_client} = verify_client(client, subject) assert double_verified_client.verified_at == client.verified_at @@ -1053,8 +1056,7 @@ defmodule Domain.ClientsTest do assert is_nil(client.verified_at) assert is_nil(client.verified_by) - assert is_nil(client.verified_by_actor_id) - assert is_nil(client.verified_by_identity_id) + assert is_nil(client.verified_by_subject) end test "expires flows for the unverified client", %{ diff --git a/elixir/apps/domain/test/domain/gateways_test.exs b/elixir/apps/domain/test/domain/gateways_test.exs index 8cfac84b2..a71f7f60a 100644 --- a/elixir/apps/domain/test/domain/gateways_test.exs +++ b/elixir/apps/domain/test/domain/gateways_test.exs @@ -214,7 +214,6 @@ defmodule Domain.GatewaysTest do assert group.name == "foo" assert group.created_by == :identity - assert group.created_by_identity_id == subject.identity.id assert group.created_by_subject == %{ "name" => subject.actor.name, @@ -469,7 +468,6 @@ defmodule Domain.GatewaysTest do assert token.account_id == account.id assert token.gateway_group_id == group.id assert token.created_by == :identity - assert token.created_by_identity_id == subject.identity.id assert token.created_by_user_agent == context.user_agent assert token.created_by_remote_ip.address == context.remote_ip diff --git a/elixir/apps/domain/test/domain/relays_test.exs b/elixir/apps/domain/test/domain/relays_test.exs index 5986f49b0..f806eddcd 100644 --- a/elixir/apps/domain/test/domain/relays_test.exs +++ b/elixir/apps/domain/test/domain/relays_test.exs @@ -173,7 +173,6 @@ defmodule Domain.RelaysTest do assert group.name == attrs.name assert group.created_by == :identity - assert group.created_by_identity_id == subject.identity.id assert group.created_by_subject == %{ "name" => subject.actor.name, @@ -225,7 +224,6 @@ defmodule Domain.RelaysTest do assert group.name == attrs.name assert group.created_by == :system - assert is_nil(group.created_by_identity_id) assert group.created_by_subject == %{"name" => "System", "email" => nil} end end @@ -436,7 +434,12 @@ defmodule Domain.RelaysTest do assert token.account_id == account.id assert token.relay_group_id == group.id assert token.created_by == :identity - assert token.created_by_identity_id == subject.identity.id + + assert token.created_by_subject == %{ + "email" => subject.identity.email, + "name" => subject.actor.name + } + assert token.created_by_user_agent == subject.context.user_agent assert token.created_by_remote_ip.address == subject.context.remote_ip refute token.expires_at @@ -453,7 +456,7 @@ defmodule Domain.RelaysTest do refute token.account_id assert token.relay_group_id == group.id assert token.created_by == :system - refute token.created_by_identity_id + assert token.created_by_subject == %{"email" => nil, "name" => "System"} refute token.created_by_user_agent refute token.created_by_remote_ip refute token.expires_at @@ -503,7 +506,12 @@ defmodule Domain.RelaysTest do assert token.account_id == account.id assert token.relay_group_id == group.id assert token.created_by == :identity - assert token.created_by_identity_id == subject.identity.id + + assert token.created_by_subject == %{ + "email" => subject.identity.email, + "name" => subject.actor.name + } + assert token.created_by_user_agent == context.user_agent assert token.created_by_remote_ip.address == context.remote_ip refute token.expires_at diff --git a/elixir/apps/domain/test/domain/resources_test.exs b/elixir/apps/domain/test/domain/resources_test.exs index ee5d0e104..0d4e5b862 100644 --- a/elixir/apps/domain/test/domain/resources_test.exs +++ b/elixir/apps/domain/test/domain/resources_test.exs @@ -1235,7 +1235,6 @@ defmodule Domain.ResourcesTest do assert resource.account_id == account.id assert resource.created_by == :identity - assert resource.created_by_identity_id == subject.identity.id assert resource.created_by_subject == %{ "name" => subject.actor.name, @@ -1247,7 +1246,6 @@ defmodule Domain.ResourcesTest do assert connection.gateway_group_id == gateway.group_id assert connection.account_id == account.id assert connection.created_by == :identity - assert connection.created_by_identity_id == subject.identity.id assert resource.created_by_subject == %{ "name" => subject.actor.name, diff --git a/elixir/apps/domain/test/support/fixtures/clients.ex b/elixir/apps/domain/test/support/fixtures/clients.ex index 0e8ed65e5..0e0a3db15 100644 --- a/elixir/apps/domain/test/support/fixtures/clients.ex +++ b/elixir/apps/domain/test/support/fixtures/clients.ex @@ -86,4 +86,11 @@ defmodule Domain.Fixtures.Clients do {:ok, client} = Clients.verify_client(client, subject) client end + + def verify_client(client, subject) do + client = Repo.preload(client, :account) + + {:ok, client} = Clients.verify_client(client, subject) + client + end end diff --git a/elixir/apps/web/lib/web/components/core_components.ex b/elixir/apps/web/lib/web/components/core_components.ex index e1d6056b9..ab2c58df4 100644 --- a/elixir/apps/web/lib/web/components/core_components.ex +++ b/elixir/apps/web/lib/web/components/core_components.ex @@ -1115,7 +1115,7 @@ defmodule Web.CoreComponents do end @doc """ - Renders creation timestamp and entity. + Renders creation timestamp from created_by_subject """ attr :schema, :any, required: true @@ -1125,6 +1125,12 @@ defmodule Web.CoreComponents do """ end + def created_by(%{schema: %{created_by: :provider}} = assigns) do + ~H""" + <.relative_datetime datetime={@schema.inserted_at} /> by Directory Sync + """ + end + def created_by(%{schema: %{created_by: :actor}} = assigns) do ~H""" <.relative_datetime datetime={@schema.inserted_at} /> by {@schema.created_by_subject["name"]} @@ -1137,14 +1143,8 @@ defmodule Web.CoreComponents do """ end - def created_by(%{schema: %{created_by: :provider}} = assigns) do - ~H""" - <.relative_datetime datetime={@schema.inserted_at} /> by Directory Sync - """ - end - @doc """ - Renders verification timestamp and entity. + Renders verification timestamp and entity from verified_by_subject. """ attr :schema, :any, required: true diff --git a/elixir/apps/web/lib/web/live/actors/show.ex b/elixir/apps/web/lib/web/live/actors/show.ex index 2c4778646..c882eba19 100644 --- a/elixir/apps/web/lib/web/live/actors/show.ex +++ b/elixir/apps/web/lib/web/live/actors/show.ex @@ -76,7 +76,7 @@ defmodule Web.Actors.Show do end def handle_identities_update!(socket, list_opts) do - list_opts = Keyword.put(list_opts, :preload, [:provider, created_by_identity: [:actor]]) + list_opts = Keyword.put(list_opts, :preload, [:provider]) with {:ok, identities, metadata} <- Auth.list_identities_for(socket.assigns.actor, socket.assigns.subject, list_opts) do @@ -105,7 +105,6 @@ defmodule Web.Actors.Show do list_opts = Keyword.put(list_opts, :preload, identity: [:provider], - created_by_identity: [:actor], clients: [] ) diff --git a/elixir/apps/web/lib/web/live/clients/show.ex b/elixir/apps/web/lib/web/live/clients/show.ex index ac98e0fe2..2dedd96ba 100644 --- a/elixir/apps/web/lib/web/live/clients/show.ex +++ b/elixir/apps/web/lib/web/live/clients/show.ex @@ -10,8 +10,6 @@ defmodule Web.Clients.Show do preload: [ :online?, :actor, - :verified_by_identity, - :verified_by_actor, last_used_token: [identity: [:provider]] ] ) do @@ -425,8 +423,6 @@ defmodule Web.Clients.Show do Clients.fetch_client_by_id(client.id, socket.assigns.subject, preload: [ :actor, - :verified_by_identity, - :verified_by_actor, last_used_token: [identity: [:provider]] ] ) diff --git a/elixir/apps/web/lib/web/live/groups/index.ex b/elixir/apps/web/lib/web/live/groups/index.ex index c309c1dd0..bf25f7dc9 100644 --- a/elixir/apps/web/lib/web/live/groups/index.ex +++ b/elixir/apps/web/lib/web/live/groups/index.ex @@ -24,7 +24,7 @@ defmodule Web.Groups.Index do end def handle_groups_update!(socket, list_opts) do - list_opts = Keyword.put(list_opts, :preload, [:provider, created_by_identity: [:actor]]) + list_opts = Keyword.put(list_opts, :preload, [:provider]) with {:ok, groups, metadata} <- Actors.list_groups(socket.assigns.subject, list_opts), {:ok, group_actors} <- Actors.peek_group_actors(groups, 3, socket.assigns.subject) do diff --git a/elixir/apps/web/lib/web/live/groups/show.ex b/elixir/apps/web/lib/web/live/groups/show.ex index 1645300da..8112fcf5f 100644 --- a/elixir/apps/web/lib/web/live/groups/show.ex +++ b/elixir/apps/web/lib/web/live/groups/show.ex @@ -5,13 +5,7 @@ defmodule Web.Groups.Show do def mount(%{"id" => id}, _session, socket) do with {:ok, group} <- - Actors.fetch_group_by_id(id, socket.assigns.subject, - preload: [ - provider: [], - created_by_identity: [:actor], - created_by_actor: [] - ] - ) do + Actors.fetch_group_by_id(id, socket.assigns.subject, preload: :provider) do socket = assign(socket, page_title: "Group #{group.name}", diff --git a/elixir/apps/web/lib/web/live/policies/show.ex b/elixir/apps/web/lib/web/live/policies/show.ex index 2b97ef9d3..88511114e 100644 --- a/elixir/apps/web/lib/web/live/policies/show.ex +++ b/elixir/apps/web/lib/web/live/policies/show.ex @@ -9,8 +9,6 @@ defmodule Web.Policies.Show do preload: [ actor_group: [:provider], resource: [], - created_by_identity: :actor, - created_by_actor: [], replaced_by_policy: [:actor_group, :resource], replaces_policy: [:actor_group, :resource] ] @@ -318,7 +316,6 @@ defmodule Web.Policies.Show do preload: [ actor_group: [:provider], resource: [], - created_by_identity: :actor, replaced_by_policy: [:actor_group, :resource], replaces_policy: [:actor_group, :resource] ] @@ -337,7 +334,6 @@ defmodule Web.Policies.Show do policy | actor_group: socket.assigns.policy.actor_group, resource: socket.assigns.policy.resource, - created_by_identity: socket.assigns.policy.created_by_identity, replaced_by_policy: socket.assigns.policy.replaced_by_policy, replaces_policy: socket.assigns.policy.replaces_policy } @@ -352,7 +348,6 @@ defmodule Web.Policies.Show do policy | actor_group: socket.assigns.policy.actor_group, resource: socket.assigns.policy.resource, - created_by_identity: socket.assigns.policy.created_by_identity, replaced_by_policy: socket.assigns.policy.replaced_by_policy, replaces_policy: socket.assigns.policy.replaces_policy } diff --git a/elixir/apps/web/lib/web/live/relay_groups/show.ex b/elixir/apps/web/lib/web/live/relay_groups/show.ex index e3c135006..766a3ef30 100644 --- a/elixir/apps/web/lib/web/live/relay_groups/show.ex +++ b/elixir/apps/web/lib/web/live/relay_groups/show.ex @@ -4,12 +4,7 @@ defmodule Web.RelayGroups.Show do def mount(%{"id" => id}, _session, socket) do with true <- Accounts.self_hosted_relays_enabled?(socket.assigns.account), - {:ok, group} <- - Relays.fetch_group_by_id(id, socket.assigns.subject, - preload: [ - created_by_identity: [:actor] - ] - ) do + {:ok, group} <- Relays.fetch_group_by_id(id, socket.assigns.subject) do if connected?(socket) do :ok = Relays.subscribe_to_relays_presence_in_group(group) end diff --git a/elixir/apps/web/lib/web/live/resources/show.ex b/elixir/apps/web/lib/web/live/resources/show.ex index f409310fe..c8812d618 100644 --- a/elixir/apps/web/lib/web/live/resources/show.ex +++ b/elixir/apps/web/lib/web/live/resources/show.ex @@ -401,7 +401,6 @@ defmodule Web.Resources.Show do preload: [ :gateway_groups, :policies, - created_by_identity: [:actor], replaced_by_resource: [], replaces_resource: [] ] @@ -439,8 +438,6 @@ defmodule Web.Resources.Show do Resources.fetch_internet_resource(subject, preload: [ :gateway_groups, - :created_by_actor, - created_by_identity: [:actor], replaced_by_resource: [], replaces_resource: [] ] @@ -451,8 +448,6 @@ defmodule Web.Resources.Show do Resources.fetch_resource_by_id_or_persistent_id(id, subject, preload: [ :gateway_groups, - :created_by_actor, - created_by_identity: [:actor], replaced_by_resource: [], replaces_resource: [] ] diff --git a/elixir/apps/web/lib/web/live/settings/api_clients/show.ex b/elixir/apps/web/lib/web/live/settings/api_clients/show.ex index d7ae5d072..dfa14eb28 100644 --- a/elixir/apps/web/lib/web/live/settings/api_clients/show.ex +++ b/elixir/apps/web/lib/web/live/settings/api_clients/show.ex @@ -30,9 +30,6 @@ defmodule Web.Settings.ApiClients.Show do end def handle_tokens_update!(socket, list_opts) do - list_opts = - Keyword.put(list_opts, :preload, created_by_identity: [:actor]) - with {:ok, tokens, metadata} <- Tokens.list_tokens_for(socket.assigns.actor, socket.assigns.subject, list_opts) do {:ok, @@ -170,12 +167,7 @@ defmodule Web.Settings.ApiClients.Show do {Cldr.DateTime.Formatter.date(token.expires_at, 1, "en", Web.CLDR, [])} <:col :let={token} label="created by"> - <.link - class={[link_style()]} - navigate={~p"/#{@account}/actors/#{token.created_by_actor_id}"} - > - {get_identity_email(token.created_by_identity)} - + {token.created_by_subject["name"]} <:col :let={token} label="last used"> <.relative_datetime datetime={token.last_seen_at} /> diff --git a/elixir/apps/web/lib/web/live/settings/identity_providers/google_workspace/show.ex b/elixir/apps/web/lib/web/live/settings/identity_providers/google_workspace/show.ex index a574bc634..459a3cc6a 100644 --- a/elixir/apps/web/lib/web/live/settings/identity_providers/google_workspace/show.ex +++ b/elixir/apps/web/lib/web/live/settings/identity_providers/google_workspace/show.ex @@ -5,9 +5,7 @@ defmodule Web.Settings.IdentityProviders.GoogleWorkspace.Show do def mount(%{"provider_id" => provider_id}, _session, socket) do with {:ok, provider} <- - Auth.fetch_provider_by_id(provider_id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ), + Auth.fetch_provider_by_id(provider_id, socket.assigns.subject), {:ok, identities_count_by_provider_id} <- Auth.fetch_identities_count_grouped_by_provider_id(socket.assigns.subject), {:ok, groups_count_by_provider_id} <- @@ -255,11 +253,7 @@ defmodule Web.Settings.IdentityProviders.GoogleWorkspace.Show do def handle_event("enable", _params, socket) do attrs = %{disabled_at: nil} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end @@ -267,11 +261,7 @@ defmodule Web.Settings.IdentityProviders.GoogleWorkspace.Show do def handle_event("disable", _params, socket) do attrs = %{disabled_at: DateTime.utc_now()} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end diff --git a/elixir/apps/web/lib/web/live/settings/identity_providers/jumpcloud/show.ex b/elixir/apps/web/lib/web/live/settings/identity_providers/jumpcloud/show.ex index 9f5667908..30cd8514d 100644 --- a/elixir/apps/web/lib/web/live/settings/identity_providers/jumpcloud/show.ex +++ b/elixir/apps/web/lib/web/live/settings/identity_providers/jumpcloud/show.ex @@ -5,9 +5,7 @@ defmodule Web.Settings.IdentityProviders.JumpCloud.Show do def mount(%{"provider_id" => provider_id}, _session, socket) do with {:ok, provider} <- - Auth.fetch_provider_by_id(provider_id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ), + Auth.fetch_provider_by_id(provider_id, socket.assigns.subject), {:ok, identities_count_by_provider_id} <- Auth.fetch_identities_count_grouped_by_provider_id(socket.assigns.subject), {:ok, groups_count_by_provider_id} <- @@ -266,11 +264,7 @@ defmodule Web.Settings.IdentityProviders.JumpCloud.Show do def handle_event("enable", _params, socket) do attrs = %{disabled_at: nil} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end @@ -278,11 +272,7 @@ defmodule Web.Settings.IdentityProviders.JumpCloud.Show do def handle_event("disable", _params, socket) do attrs = %{disabled_at: DateTime.utc_now()} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end diff --git a/elixir/apps/web/lib/web/live/settings/identity_providers/microsoft_entra/show.ex b/elixir/apps/web/lib/web/live/settings/identity_providers/microsoft_entra/show.ex index 79612b931..cb5198276 100644 --- a/elixir/apps/web/lib/web/live/settings/identity_providers/microsoft_entra/show.ex +++ b/elixir/apps/web/lib/web/live/settings/identity_providers/microsoft_entra/show.ex @@ -5,9 +5,7 @@ defmodule Web.Settings.IdentityProviders.MicrosoftEntra.Show do def mount(%{"provider_id" => provider_id}, _session, socket) do with {:ok, provider} <- - Auth.fetch_provider_by_id(provider_id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ), + Auth.fetch_provider_by_id(provider_id, socket.assigns.subject), {:ok, identities_count_by_provider_id} <- Auth.fetch_identities_count_grouped_by_provider_id(socket.assigns.subject), {:ok, groups_count_by_provider_id} <- @@ -253,11 +251,7 @@ defmodule Web.Settings.IdentityProviders.MicrosoftEntra.Show do def handle_event("enable", _params, socket) do attrs = %{disabled_at: nil} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end @@ -265,11 +259,7 @@ defmodule Web.Settings.IdentityProviders.MicrosoftEntra.Show do def handle_event("disable", _params, socket) do attrs = %{disabled_at: DateTime.utc_now()} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end diff --git a/elixir/apps/web/lib/web/live/settings/identity_providers/mock/show.ex b/elixir/apps/web/lib/web/live/settings/identity_providers/mock/show.ex index fc1e3d99e..d680e4aa2 100644 --- a/elixir/apps/web/lib/web/live/settings/identity_providers/mock/show.ex +++ b/elixir/apps/web/lib/web/live/settings/identity_providers/mock/show.ex @@ -5,9 +5,7 @@ defmodule Web.Settings.IdentityProviders.Mock.Show do def mount(%{"provider_id" => provider_id}, _session, socket) do with {:ok, provider} <- - Auth.fetch_provider_by_id(provider_id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ), + Auth.fetch_provider_by_id(provider_id, socket.assigns.subject), {:ok, identities_count_by_provider_id} <- Auth.fetch_identities_count_grouped_by_provider_id(socket.assigns.subject), {:ok, groups_count_by_provider_id} <- @@ -258,11 +256,7 @@ defmodule Web.Settings.IdentityProviders.Mock.Show do def handle_event("enable", _params, socket) do attrs = %{disabled_at: nil} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end @@ -270,11 +264,7 @@ defmodule Web.Settings.IdentityProviders.Mock.Show do def handle_event("disable", _params, socket) do attrs = %{disabled_at: DateTime.utc_now()} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end diff --git a/elixir/apps/web/lib/web/live/settings/identity_providers/okta/show.ex b/elixir/apps/web/lib/web/live/settings/identity_providers/okta/show.ex index 6e85f4f78..d1a237c25 100644 --- a/elixir/apps/web/lib/web/live/settings/identity_providers/okta/show.ex +++ b/elixir/apps/web/lib/web/live/settings/identity_providers/okta/show.ex @@ -5,9 +5,7 @@ defmodule Web.Settings.IdentityProviders.Okta.Show do def mount(%{"provider_id" => provider_id}, _session, socket) do with {:ok, provider} <- - Auth.fetch_provider_by_id(provider_id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ), + Auth.fetch_provider_by_id(provider_id, socket.assigns.subject), {:ok, identities_count_by_provider_id} <- Auth.fetch_identities_count_grouped_by_provider_id(socket.assigns.subject), {:ok, groups_count_by_provider_id} <- @@ -273,11 +271,7 @@ defmodule Web.Settings.IdentityProviders.Okta.Show do def handle_event("enable", _params, socket) do attrs = %{disabled_at: nil} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end @@ -285,11 +279,7 @@ defmodule Web.Settings.IdentityProviders.Okta.Show do def handle_event("disable", _params, socket) do attrs = %{disabled_at: DateTime.utc_now()} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end diff --git a/elixir/apps/web/lib/web/live/settings/identity_providers/openid_connect/show.ex b/elixir/apps/web/lib/web/live/settings/identity_providers/openid_connect/show.ex index e8fb7d26f..66e60ce13 100644 --- a/elixir/apps/web/lib/web/live/settings/identity_providers/openid_connect/show.ex +++ b/elixir/apps/web/lib/web/live/settings/identity_providers/openid_connect/show.ex @@ -4,10 +4,7 @@ defmodule Web.Settings.IdentityProviders.OpenIDConnect.Show do alias Domain.{Auth, Actors} def mount(%{"provider_id" => provider_id}, _session, socket) do - with {:ok, provider} <- - Auth.fetch_provider_by_id(provider_id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) do + with {:ok, provider} <- Auth.fetch_provider_by_id(provider_id, socket.assigns.subject) do safe_to_delete_actors_count = Actors.count_synced_actors_for_provider(provider) socket = @@ -227,11 +224,7 @@ defmodule Web.Settings.IdentityProviders.OpenIDConnect.Show do def handle_event("enable", _params, socket) do attrs = %{disabled_at: nil} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end @@ -239,11 +232,7 @@ defmodule Web.Settings.IdentityProviders.OpenIDConnect.Show do def handle_event("disable", _params, socket) do attrs = %{disabled_at: DateTime.utc_now()} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end diff --git a/elixir/apps/web/lib/web/live/settings/identity_providers/system/show.ex b/elixir/apps/web/lib/web/live/settings/identity_providers/system/show.ex index 1cf9abd34..acd469656 100644 --- a/elixir/apps/web/lib/web/live/settings/identity_providers/system/show.ex +++ b/elixir/apps/web/lib/web/live/settings/identity_providers/system/show.ex @@ -4,10 +4,7 @@ defmodule Web.Settings.IdentityProviders.System.Show do alias Domain.Auth def mount(%{"provider_id" => provider_id}, _session, socket) do - with {:ok, provider} <- - Auth.fetch_provider_by_id(provider_id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) do + with {:ok, provider} <- Auth.fetch_provider_by_id(provider_id, socket.assigns.subject) do socket = assign(socket, provider: provider, page_title: "Identity Provider #{provider.name}") @@ -122,11 +119,7 @@ defmodule Web.Settings.IdentityProviders.System.Show do def handle_event("enable", _params, socket) do attrs = %{disabled_at: nil} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end @@ -134,11 +127,7 @@ defmodule Web.Settings.IdentityProviders.System.Show do def handle_event("disable", _params, socket) do attrs = %{disabled_at: DateTime.utc_now()} {:ok, provider} = Auth.update_provider(socket.assigns.provider, attrs, socket.assigns.subject) - - {:ok, provider} = - Auth.fetch_provider_by_id(provider.id, socket.assigns.subject, - preload: [created_by_identity: [:actor]] - ) + {:ok, provider} = Auth.fetch_provider_by_id(provider.id, socket.assigns.subject) {:noreply, assign(socket, provider: provider)} end diff --git a/elixir/apps/web/lib/web/live/sites/show.ex b/elixir/apps/web/lib/web/live/sites/show.ex index 090054956..f863a2d8e 100644 --- a/elixir/apps/web/lib/web/live/sites/show.ex +++ b/elixir/apps/web/lib/web/live/sites/show.ex @@ -4,12 +4,7 @@ defmodule Web.Sites.Show do def mount(%{"id" => id}, _session, socket) do with {:ok, group} <- - Gateways.fetch_group_by_id(id, socket.assigns.subject, - preload: [ - created_by_identity: [:actor], - created_by_actor: [] - ] - ) do + Gateways.fetch_group_by_id(id, socket.assigns.subject) do if connected?(socket) do :ok = Gateways.subscribe_to_gateways_presence_in_group(group) end @@ -32,8 +27,6 @@ defmodule Web.Sites.Show do Resources.fetch_internet_resource(socket.assigns.subject, preload: [ :gateway_groups, - :created_by_actor, - created_by_identity: [:actor], replaced_by_resource: [], replaces_resource: [] ] diff --git a/elixir/apps/web/test/web/live/actors/show_test.exs b/elixir/apps/web/test/web/live/actors/show_test.exs index e39297c44..84ff34a4a 100644 --- a/elixir/apps/web/test/web/live/actors/show_test.exs +++ b/elixir/apps/web/test/web/live/actors/show_test.exs @@ -323,8 +323,7 @@ defmodule Web.Live.Actors.ShowTest do Fixtures.Auth.create_identity(account: account, actor: actor) |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: admin_identity.id, - created_by_subject: %{"name" => actor.name, "email" => admin_identity.email} + created_by_subject: %{"email" => admin_identity.email, "name" => actor.name} ) |> Repo.update!() @@ -386,7 +385,7 @@ defmodule Web.Live.Actors.ShowTest do Fixtures.Auth.create_identity(account: account, actor: actor, provider: provider) |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: admin_identity.id + created_by_subject: %{"email" => admin_identity.email, "name" => ""} ) |> Repo.update!() @@ -425,7 +424,7 @@ defmodule Web.Live.Actors.ShowTest do ) |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: admin_identity.id + created_by_subject: %{"email" => admin_identity.email, "name" => ""} ) |> Repo.update!() @@ -457,7 +456,7 @@ defmodule Web.Live.Actors.ShowTest do Fixtures.Auth.create_identity(account: account, actor: actor, provider: provider) |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: admin_identity.id + created_by_subject: %{"email" => admin_identity.email, "name" => ""} ) |> Repo.update!() @@ -536,7 +535,7 @@ defmodule Web.Live.Actors.ShowTest do Fixtures.Auth.create_identity(account: account, actor: actor, provider: email_provider) |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: admin_identity.id + created_by_subject: %{"email" => admin_identity.email, "name" => ""} ) |> Repo.update!() @@ -582,7 +581,7 @@ defmodule Web.Live.Actors.ShowTest do Fixtures.Auth.create_identity(account: account, actor: actor) |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: admin_identity.id + created_by_subject: %{"email" => admin_identity.email, "name" => ""} ) |> Repo.update!() diff --git a/elixir/apps/web/test/web/live/groups/new_test.exs b/elixir/apps/web/test/web/live/groups/new_test.exs index 4141e1301..3f53f389c 100644 --- a/elixir/apps/web/test/web/live/groups/new_test.exs +++ b/elixir/apps/web/test/web/live/groups/new_test.exs @@ -135,7 +135,6 @@ defmodule Web.Live.Groups.NewTest do refute group.provider_identifier assert group.created_by == :identity - assert group.created_by_identity_id == identity.id assert group.created_by_subject == %{"email" => identity.email, "name" => actor.name} assert group.account_id == account.id diff --git a/elixir/apps/web/test/web/live/groups/show_test.exs b/elixir/apps/web/test/web/live/groups/show_test.exs index d4d28e8ac..82129c55b 100644 --- a/elixir/apps/web/test/web/live/groups/show_test.exs +++ b/elixir/apps/web/test/web/live/groups/show_test.exs @@ -124,7 +124,7 @@ defmodule Web.Live.Groups.ShowTest do group |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: identity.id + created_by_subject: %{"email" => identity.email, "name" => actor.name} ) |> Repo.update!() diff --git a/elixir/apps/web/test/web/live/resources/show_test.exs b/elixir/apps/web/test/web/live/resources/show_test.exs index e37979466..b83bb9f9b 100644 --- a/elixir/apps/web/test/web/live/resources/show_test.exs +++ b/elixir/apps/web/test/web/live/resources/show_test.exs @@ -345,14 +345,18 @@ defmodule Web.Live.Resources.ShowTest do assert Repo.get(Domain.Resources.Resource, resource.id).deleted_at end - test "renders created_by link when created by Identity", %{ + test "renders created_by info when created by Identity", %{ account: account, + actor: actor, identity: identity, conn: conn } do + subject = Fixtures.Auth.create_subject(account: account, actor: actor) + resource = Fixtures.Resources.create_resource( account: account, + subject: subject, address_description: "http://example.com" ) @@ -361,13 +365,10 @@ defmodule Web.Live.Resources.ShowTest do |> authorize_conn(identity) |> live(~p"/#{account}/resources/#{resource}") - assert Floki.find( - html, - "a[href='#{~p"/#{account}/actors/#{resource.created_by_actor_id}"}']" - ) + assert html =~ "by #{actor.name}" end - test "renders created_by link when created by API client", %{ + test "renders created_by info when created by API client", %{ account: account, identity: identity, conn: conn @@ -387,9 +388,6 @@ defmodule Web.Live.Resources.ShowTest do |> authorize_conn(identity) |> live(~p"/#{account}/resources/#{resource}") - assert Floki.find( - html, - "a[href='#{~p"/#{account}/settings/api_clients/#{resource.created_by_actor_id}"}']" - ) + assert html =~ "by #{subject.actor.name}" end end diff --git a/elixir/apps/web/test/web/live/settings/identity_providers/google_workspace/show_test.exs b/elixir/apps/web/test/web/live/settings/identity_providers/google_workspace/show_test.exs index 6adc9fcea..b597f7d2a 100644 --- a/elixir/apps/web/test/web/live/settings/identity_providers/google_workspace/show_test.exs +++ b/elixir/apps/web/test/web/live/settings/identity_providers/google_workspace/show_test.exs @@ -142,7 +142,6 @@ defmodule Web.Live.Settings.IdentityProviders.GoogleWorkspace.ShowTest do provider |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: identity.id, created_by_subject: %{"name" => actor.name, "email" => identity.email} ) |> Repo.update!() diff --git a/elixir/apps/web/test/web/live/settings/identity_providers/jumpcloud/show_test.exs b/elixir/apps/web/test/web/live/settings/identity_providers/jumpcloud/show_test.exs index 3d6259fd3..8b92c210c 100644 --- a/elixir/apps/web/test/web/live/settings/identity_providers/jumpcloud/show_test.exs +++ b/elixir/apps/web/test/web/live/settings/identity_providers/jumpcloud/show_test.exs @@ -163,7 +163,6 @@ defmodule Web.Live.Settings.IdentityProviders.JumpCloud.ShowTest do provider |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: identity.id, created_by_subject: %{"name" => actor.name, "email" => identity.email} ) |> Repo.update!() diff --git a/elixir/apps/web/test/web/live/settings/identity_providers/microsoft_entra/show_test.exs b/elixir/apps/web/test/web/live/settings/identity_providers/microsoft_entra/show_test.exs index dc34ffa0b..48b23d430 100644 --- a/elixir/apps/web/test/web/live/settings/identity_providers/microsoft_entra/show_test.exs +++ b/elixir/apps/web/test/web/live/settings/identity_providers/microsoft_entra/show_test.exs @@ -142,7 +142,6 @@ defmodule Web.Live.Settings.IdentityProviders.MicrosoftEntra.ShowTest do provider |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: identity.id, created_by_subject: %{"name" => actor.name, "email" => identity.email} ) |> Repo.update!() diff --git a/elixir/apps/web/test/web/live/settings/identity_providers/okta/show_test.exs b/elixir/apps/web/test/web/live/settings/identity_providers/okta/show_test.exs index 6a2343f8d..ce7dc30d4 100644 --- a/elixir/apps/web/test/web/live/settings/identity_providers/okta/show_test.exs +++ b/elixir/apps/web/test/web/live/settings/identity_providers/okta/show_test.exs @@ -142,7 +142,6 @@ defmodule Web.Live.Settings.IdentityProviders.Okta.ShowTest do provider |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: identity.id, created_by_subject: %{"name" => actor.name, "email" => identity.email} ) |> Repo.update!() diff --git a/elixir/apps/web/test/web/live/settings/identity_providers/openid_connect/show_test.exs b/elixir/apps/web/test/web/live/settings/identity_providers/openid_connect/show_test.exs index 01f97229e..31538a931 100644 --- a/elixir/apps/web/test/web/live/settings/identity_providers/openid_connect/show_test.exs +++ b/elixir/apps/web/test/web/live/settings/identity_providers/openid_connect/show_test.exs @@ -103,7 +103,6 @@ defmodule Web.Live.Settings.IdentityProviders.OpenIDConnect.ShowTest do provider |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: identity.id, created_by_subject: %{"name" => actor.name, "email" => identity.email} ) |> Repo.update!() diff --git a/elixir/apps/web/test/web/live/settings/identity_providers/system/show_test.exs b/elixir/apps/web/test/web/live/settings/identity_providers/system/show_test.exs index c1def093c..a0dc6c849 100644 --- a/elixir/apps/web/test/web/live/settings/identity_providers/system/show_test.exs +++ b/elixir/apps/web/test/web/live/settings/identity_providers/system/show_test.exs @@ -92,7 +92,6 @@ defmodule Web.Live.Settings.IdentityProviders.System.ShowTest do provider |> Ecto.Changeset.change( created_by: :identity, - created_by_identity_id: identity.id, created_by_subject: %{"name" => actor.name, "email" => identity.email} ) |> Repo.update!()