TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-07-13 09:48:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal/api/grpc/admin/iam_member_converter.go

63 lines
2.0 KiB
Go
Raw Permalink Normal View History

feat: port reduction (#323) * move mgmt pkg * begin package restructure * rename auth package to authz * begin start api * move auth * move admin * fix merge * configs and interceptors * interceptor * revert generate-grpc.sh * some cleanups * console * move console * fix tests and merging * js linting * merge * merging and configs * change k8s base to current ports * fixes * cleanup * regenerate proto * remove unnecessary whitespace * missing param * go mod tidy * fix merging * move login pkg * cleanup * move api pkgs again * fix pkg naming * fix generate-static.sh for login * update workflow * fixes * logging * remove duplicate * comment for optional gateway interfaces * regenerate protos * fix proto imports for grpc web * protos * grpc web generate * grpc web generate * fix changes * add translation interceptor * fix merging * regenerate mgmt proto
2020-07-08 13:56:37 +02:00
package admin
feat: iam members in admin api (#272) * feat: iam members in admin api * feat: add error id in translate error * fix: resolve merge conflicts
2020-06-25 08:12:29 +02:00
import (
chore(v2): move to new org (#3499) * chore: move to new org * logging * fix: org rename caos -> zitadel Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-27 01:01:45 +02:00
member_grpc "github.com/zitadel/zitadel/internal/api/grpc/member"
"github.com/zitadel/zitadel/internal/api/grpc/object"
feat: user profile requests in resource APIs (#10151) # Which Problems Are Solved The commands for the resource based v2beta AuthorizationService API are added. Authorizations, previously knows as user grants, give a user in a specific organization and project context roles. The project can be owned or granted. The given roles can be used to restrict access within the projects applications. The commands for the resource based v2beta InteralPermissionService API are added. Administrators, previously knows as memberships, give a user in a specific organization and project context roles. The project can be owned or granted. The give roles give the user permissions to manage different resources in Zitadel. API definitions from https://github.com/zitadel/zitadel/issues/9165 are implemented. Contains endpoints for user metadata. # How the Problems Are Solved ### New Methods - CreateAuthorization - UpdateAuthorization - DeleteAuthorization - ActivateAuthorization - DeactivateAuthorization - ListAuthorizations - CreateAdministrator - UpdateAdministrator - DeleteAdministrator - ListAdministrators - SetUserMetadata to set metadata on a user - DeleteUserMetadata to delete metadata on a user - ListUserMetadata to query for metadata of a user ## Deprecated Methods ### v1.ManagementService - GetUserGrantByID - ListUserGrants - AddUserGrant - UpdateUserGrant - DeactivateUserGrant - ReactivateUserGrant - RemoveUserGrant - BulkRemoveUserGrant ### v1.AuthService - ListMyUserGrants - ListMyProjectPermissions # Additional Changes - Permission checks for metadata functionality on query and command side - correct existence checks for resources, for example you can only be an administrator on an existing project - combined all member tables to singular query for the administrators - add permission checks for command an query side functionality - combined functions on command side where necessary for easier maintainability # Additional Context Closes #9165 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-07-04 18:12:59 +02:00
"github.com/zitadel/zitadel/internal/command"
chore(v2): move to new org (#3499) * chore: move to new org * logging * fix: org rename caos -> zitadel Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-27 01:01:45 +02:00
"github.com/zitadel/zitadel/internal/query"
admin_pb "github.com/zitadel/zitadel/pkg/grpc/admin"
feat(\internal): sorting column on ListIAMMembersRequest (#9203) # Which Problems Are Solved SortingColumn functionality on system API ListIAMMembers SortingColumn functionality on admin API ListIAMMembers # How the Problems Are Solved I have added enum MemberFieldColumnName in` member.proto `file , consists of names of the columns on which the request can be sorted. MEMBER_FIELD_NAME_UNSPECIFIED = 0; MEMBER_FIELD_NAME_USER_ID=1; MEMBER_FIELD_NAME_CREATION_DATE = 2; MEMBER_FIELD_NAME_CHANGE_DATE=3; MEMBER_FIELD_NAME_USER_RESOURCE_OWNER=4 I have added field Sorting Column for ListIAMMembersRequest in` system.proto` file. I have added field Sorting Column for ListIAMMembersRequest in` admin.proto` file. I have modified ListIAMMembersRequestToQuery function in file `internal/api/grpc/system/instance_converter.go `to include sorting column in the query.SearchRequest{}. I have modified ListIAMMembersRequestToQuery function in file `internal/api/grpc/admin/iam_member_converter.go ` to include sorting column in the query.SearchRequest{}. # Additional Changes Replace this example text with a concise list of additional changes that this PR introduces, that are not directly solving the initial problem but are related. For example: - The docs explicitly describe that the property XY is mandatory - Adds missing translations for validations. # Additional Context Replace this example with links to related issues, discussions, discord threads, or other sources with more context. Use the Closing #issue syntax for issues that are resolved with this PR. - Closes https://github.com/zitadel/zitadel/issues/5063 - Discussion #xxx - Follow-up for PR #xxx - https://discordapp.com/channels/927474939156643850/1329872809488416789/1329872809488416789 --------- Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2025-02-26 16:18:51 +05:30
member_pb "github.com/zitadel/zitadel/pkg/grpc/member"
feat: iam members in admin api (#272) * feat: iam members in admin api * feat: add error id in translate error * fix: resolve merge conflicts
2020-06-25 08:12:29 +02:00
)
feat: user profile requests in resource APIs (#10151) # Which Problems Are Solved The commands for the resource based v2beta AuthorizationService API are added. Authorizations, previously knows as user grants, give a user in a specific organization and project context roles. The project can be owned or granted. The given roles can be used to restrict access within the projects applications. The commands for the resource based v2beta InteralPermissionService API are added. Administrators, previously knows as memberships, give a user in a specific organization and project context roles. The project can be owned or granted. The give roles give the user permissions to manage different resources in Zitadel. API definitions from https://github.com/zitadel/zitadel/issues/9165 are implemented. Contains endpoints for user metadata. # How the Problems Are Solved ### New Methods - CreateAuthorization - UpdateAuthorization - DeleteAuthorization - ActivateAuthorization - DeactivateAuthorization - ListAuthorizations - CreateAdministrator - UpdateAdministrator - DeleteAdministrator - ListAdministrators - SetUserMetadata to set metadata on a user - DeleteUserMetadata to delete metadata on a user - ListUserMetadata to query for metadata of a user ## Deprecated Methods ### v1.ManagementService - GetUserGrantByID - ListUserGrants - AddUserGrant - UpdateUserGrant - DeactivateUserGrant - ReactivateUserGrant - RemoveUserGrant - BulkRemoveUserGrant ### v1.AuthService - ListMyUserGrants - ListMyProjectPermissions # Additional Changes - Permission checks for metadata functionality on query and command side - correct existence checks for resources, for example you can only be an administrator on an existing project - combined all member tables to singular query for the administrators - add permission checks for command an query side functionality - combined functions on command side where necessary for easier maintainability # Additional Context Closes #9165 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-07-04 18:12:59 +02:00
func AddIAMMemberToCommand(req *admin_pb.AddIAMMemberRequest, instanceID string) *command.AddInstanceMember {
return &command.AddInstanceMember{
InstanceID: instanceID,
UserID: req.UserId,
Roles: req.Roles,
feat: iam members in admin api (#272) * feat: iam members in admin api * feat: add error id in translate error * fix: resolve merge conflicts
2020-06-25 08:12:29 +02:00
}
}
feat: user profile requests in resource APIs (#10151) # Which Problems Are Solved The commands for the resource based v2beta AuthorizationService API are added. Authorizations, previously knows as user grants, give a user in a specific organization and project context roles. The project can be owned or granted. The given roles can be used to restrict access within the projects applications. The commands for the resource based v2beta InteralPermissionService API are added. Administrators, previously knows as memberships, give a user in a specific organization and project context roles. The project can be owned or granted. The give roles give the user permissions to manage different resources in Zitadel. API definitions from https://github.com/zitadel/zitadel/issues/9165 are implemented. Contains endpoints for user metadata. # How the Problems Are Solved ### New Methods - CreateAuthorization - UpdateAuthorization - DeleteAuthorization - ActivateAuthorization - DeactivateAuthorization - ListAuthorizations - CreateAdministrator - UpdateAdministrator - DeleteAdministrator - ListAdministrators - SetUserMetadata to set metadata on a user - DeleteUserMetadata to delete metadata on a user - ListUserMetadata to query for metadata of a user ## Deprecated Methods ### v1.ManagementService - GetUserGrantByID - ListUserGrants - AddUserGrant - UpdateUserGrant - DeactivateUserGrant - ReactivateUserGrant - RemoveUserGrant - BulkRemoveUserGrant ### v1.AuthService - ListMyUserGrants - ListMyProjectPermissions # Additional Changes - Permission checks for metadata functionality on query and command side - correct existence checks for resources, for example you can only be an administrator on an existing project - combined all member tables to singular query for the administrators - add permission checks for command an query side functionality - combined functions on command side where necessary for easier maintainability # Additional Context Closes #9165 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-07-04 18:12:59 +02:00
func UpdateIAMMemberToCommand(req *admin_pb.UpdateIAMMemberRequest, instanceID string) *command.ChangeInstanceMember {
return &command.ChangeInstanceMember{
InstanceID: instanceID,
UserID: req.UserId,
Roles: req.Roles,
feat: iam members in admin api (#272) * feat: iam members in admin api * feat: add error id in translate error * fix: resolve merge conflicts
2020-06-25 08:12:29 +02:00
}
}
feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members
2021-12-16 14:25:38 +01:00
func ListIAMMembersRequestToQuery(req *admin_pb.ListIAMMembersRequest) (*query.IAMMembersQuery, error) {
fix: handle possible nil pointer of query (#1407)
2021-03-11 09:40:40 +01:00
offset, limit, asc := object.ListQueryToModel(req.Query)
feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members
2021-12-16 14:25:38 +01:00
queries, err := member_grpc.MemberQueriesToQuery(req.Queries)
if err != nil {
return nil, err
feat: iam members in admin api (#272) * feat: iam members in admin api * feat: add error id in translate error * fix: resolve merge conflicts
2020-06-25 08:12:29 +02:00
}
feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members
2021-12-16 14:25:38 +01:00
return &query.IAMMembersQuery{
MembersQuery: query.MembersQuery{
SearchRequest: query.SearchRequest{
feat(\internal): sorting column on ListIAMMembersRequest (#9203) # Which Problems Are Solved SortingColumn functionality on system API ListIAMMembers SortingColumn functionality on admin API ListIAMMembers # How the Problems Are Solved I have added enum MemberFieldColumnName in` member.proto `file , consists of names of the columns on which the request can be sorted. MEMBER_FIELD_NAME_UNSPECIFIED = 0; MEMBER_FIELD_NAME_USER_ID=1; MEMBER_FIELD_NAME_CREATION_DATE = 2; MEMBER_FIELD_NAME_CHANGE_DATE=3; MEMBER_FIELD_NAME_USER_RESOURCE_OWNER=4 I have added field Sorting Column for ListIAMMembersRequest in` system.proto` file. I have added field Sorting Column for ListIAMMembersRequest in` admin.proto` file. I have modified ListIAMMembersRequestToQuery function in file `internal/api/grpc/system/instance_converter.go `to include sorting column in the query.SearchRequest{}. I have modified ListIAMMembersRequestToQuery function in file `internal/api/grpc/admin/iam_member_converter.go ` to include sorting column in the query.SearchRequest{}. # Additional Changes Replace this example text with a concise list of additional changes that this PR introduces, that are not directly solving the initial problem but are related. For example: - The docs explicitly describe that the property XY is mandatory - Adds missing translations for validations. # Additional Context Replace this example with links to related issues, discussions, discord threads, or other sources with more context. Use the Closing #issue syntax for issues that are resolved with this PR. - Closes https://github.com/zitadel/zitadel/issues/5063 - Discussion #xxx - Follow-up for PR #xxx - https://discordapp.com/channels/927474939156643850/1329872809488416789/1329872809488416789 --------- Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2025-02-26 16:18:51 +05:30
Offset: offset,
Limit: limit,
Asc: asc,
SortingColumn: fieldNameToMemberColumn(req.SortingColumn),
feat: member queries (#2796) * refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members
2021-12-16 14:25:38 +01:00
},
Queries: queries,
},
}, nil
feat: iam members in admin api (#272) * feat: iam members in admin api * feat: add error id in translate error * fix: resolve merge conflicts
2020-06-25 08:12:29 +02:00
}
feat(\internal): sorting column on ListIAMMembersRequest (#9203) # Which Problems Are Solved SortingColumn functionality on system API ListIAMMembers SortingColumn functionality on admin API ListIAMMembers # How the Problems Are Solved I have added enum MemberFieldColumnName in` member.proto `file , consists of names of the columns on which the request can be sorted. MEMBER_FIELD_NAME_UNSPECIFIED = 0; MEMBER_FIELD_NAME_USER_ID=1; MEMBER_FIELD_NAME_CREATION_DATE = 2; MEMBER_FIELD_NAME_CHANGE_DATE=3; MEMBER_FIELD_NAME_USER_RESOURCE_OWNER=4 I have added field Sorting Column for ListIAMMembersRequest in` system.proto` file. I have added field Sorting Column for ListIAMMembersRequest in` admin.proto` file. I have modified ListIAMMembersRequestToQuery function in file `internal/api/grpc/system/instance_converter.go `to include sorting column in the query.SearchRequest{}. I have modified ListIAMMembersRequestToQuery function in file `internal/api/grpc/admin/iam_member_converter.go ` to include sorting column in the query.SearchRequest{}. # Additional Changes Replace this example text with a concise list of additional changes that this PR introduces, that are not directly solving the initial problem but are related. For example: - The docs explicitly describe that the property XY is mandatory - Adds missing translations for validations. # Additional Context Replace this example with links to related issues, discussions, discord threads, or other sources with more context. Use the Closing #issue syntax for issues that are resolved with this PR. - Closes https://github.com/zitadel/zitadel/issues/5063 - Discussion #xxx - Follow-up for PR #xxx - https://discordapp.com/channels/927474939156643850/1329872809488416789/1329872809488416789 --------- Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2025-02-26 16:18:51 +05:30
func fieldNameToMemberColumn(fieldName member_pb.MemberFieldColumnName) query.Column {
switch fieldName {
case member_pb.MemberFieldColumnName_MEMBER_FIELD_NAME_UNSPECIFIED:
return query.InstanceMemberInstanceID
case member_pb.MemberFieldColumnName_MEMBER_FIELD_NAME_USER_ID:
return query.InstanceMemberUserID
case member_pb.MemberFieldColumnName_MEMBER_FIELD_NAME_CREATION_DATE:
return query.InstanceMemberCreationDate
case member_pb.MemberFieldColumnName_MEMBER_FIELD_NAME_CHANGE_DATE:
return query.InstanceMemberChangeDate
case member_pb.MemberFieldColumnName_MEMBER_FIELD_NAME_USER_RESOURCE_OWNER:
return query.InstanceMemberResourceOwner
default:
return query.Column{}
}
}
Reference in New Issue Copy Permalink