zitadel/internal/api/grpc/org/v2/org.go

package org

import (
	"context"

	"connectrpc.com/connect"

	"github.com/zitadel/zitadel/internal/api/grpc/object/v2"
	"github.com/zitadel/zitadel/internal/api/grpc/user/v2"
	"github.com/zitadel/zitadel/internal/command"
	"github.com/zitadel/zitadel/internal/zerrors"
	"github.com/zitadel/zitadel/pkg/grpc/org/v2"
)

func (s *Server) AddOrganization(ctx context.Context, request *connect.Request[org.AddOrganizationRequest]) (*connect.Response[org.AddOrganizationResponse], error) {
	orgSetup, err := addOrganizationRequestToCommand(request.Msg)
	if err != nil {
		return nil, err
	}
	createdOrg, err := s.command.SetUpOrg(ctx, orgSetup, false)
	if err != nil {
		return nil, err
	}
	return createdOrganizationToPb(createdOrg)
}

func addOrganizationRequestToCommand(request *org.AddOrganizationRequest) (*command.OrgSetup, error) {
	admins, err := addOrganizationRequestAdminsToCommand(request.GetAdmins())
	if err != nil {
		return nil, err
	}
	return &command.OrgSetup{
		Name:         request.GetName(),
		CustomDomain: "",
		Admins:       admins,
		OrgID:        request.GetOrgId(),
	}, nil
}

func addOrganizationRequestAdminsToCommand(requestAdmins []*org.AddOrganizationRequest_Admin) (admins []*command.OrgSetupAdmin, err error) {
	admins = make([]*command.OrgSetupAdmin, len(requestAdmins))
	for i, admin := range requestAdmins {
		admins[i], err = addOrganizationRequestAdminToCommand(admin)
		if err != nil {
			return nil, err
		}
	}
	return admins, nil
}

func addOrganizationRequestAdminToCommand(admin *org.AddOrganizationRequest_Admin) (*command.OrgSetupAdmin, error) {
	switch a := admin.GetUserType().(type) {
	case *org.AddOrganizationRequest_Admin_UserId:
		return &command.OrgSetupAdmin{
			ID:    a.UserId,
			Roles: admin.GetRoles(),
		}, nil
	case *org.AddOrganizationRequest_Admin_Human:
		human, err := user.AddUserRequestToAddHuman(a.Human)
		if err != nil {
			return nil, err
		}

		return &command.OrgSetupAdmin{
			Human: human,
			Roles: admin.GetRoles(),
		}, nil
	default:
		return nil, zerrors.ThrowUnimplementedf(nil, "ORGv2-SD2r1", "userType oneOf %T in method AddOrganization not implemented", a)
	}
}

func createdOrganizationToPb(createdOrg *command.CreatedOrg) (_ *connect.Response[org.AddOrganizationResponse], err error) {
	admins := make([]*org.AddOrganizationResponse_CreatedAdmin, 0, len(createdOrg.OrgAdmins))
	for _, admin := range createdOrg.OrgAdmins {
		admin, ok := admin.(*command.CreatedOrgAdmin)
		if ok {
			admins = append(admins, &org.AddOrganizationResponse_CreatedAdmin{
				UserId:    admin.GetID(),
				EmailCode: admin.EmailCode,
				PhoneCode: admin.PhoneCode,
			})
		}
	}
	return connect.NewResponse(&org.AddOrganizationResponse{
		Details:        object.DomainToDetailsPb(createdOrg.ObjectDetails),
		OrganizationId: createdOrg.ObjectDetails.ResourceOwner,
		CreatedAdmins:  admins,
	}), nil
}
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`package org`

			`import (`
			`"context"`

feat: exchange gRPC server implementation to connectRPC (#10145) # Which Problems Are Solved The current maintained gRPC server in combination with a REST (grpc) gateway is getting harder and harder to maintain. Additionally, there have been and still are issues with supporting / displaying `oneOf`s correctly. We therefore decided to exchange the server implementation to connectRPC, which apart from supporting connect as protocol, also also "standard" gRCP clients as well as HTTP/1.1 / rest like clients, e.g. curl directly call the server without any additional gateway. # How the Problems Are Solved - All v2 services are moved to connectRPC implementation. (v1 services are still served as pure grpc servers) - All gRPC server interceptors were migrated / copied to a corresponding connectRPC interceptor. - API.ListGrpcServices and API. ListGrpcMethods were changed to include the connect services and endpoints. - gRPC server reflection was changed to a `StaticReflector` using the `ListGrpcServices` list. - The `grpc.Server` interfaces was split into different combinations to be able to handle the different cases (grpc server and prefixed gateway, connect server with grpc gateway, connect server only, ...) - Docs of services serving connectRPC only with no additional gateway (instance, webkey, project, app, org v2 beta) are changed to expose that - since the plugin is not yet available on buf, we download it using `postinstall` hook of the docs # Additional Changes - WebKey service is added as v2 service (in addition to the current v2beta) # Additional Context closes #9483 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2025-07-04 10:06:20 -04:00			`"connectrpc.com/connect"`

feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`"github.com/zitadel/zitadel/internal/api/grpc/object/v2"`
			`"github.com/zitadel/zitadel/internal/api/grpc/user/v2"`
			`"github.com/zitadel/zitadel/internal/command"`
refactor: rename package errors to zerrors (#7039) * chore: rename package errors to zerrors * rename package errors to gerrors * fix error related linting issues * fix zitadel error assertion * fix gosimple linting issues * fix deprecated linting issues * resolve gci linting issues * fix import structure --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2023-12-08 16:30:55 +02:00			`"github.com/zitadel/zitadel/internal/zerrors"`
feat: api v2beta to api v2 (#8283) # Which Problems Are Solved The v2beta services are stable but not GA. # How the Problems Are Solved The v2beta services are copied to v2. The corresponding v1 and v2beta services are deprecated. # Additional Context Closes #7236 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2024-07-26 22:39:55 +02:00			`"github.com/zitadel/zitadel/pkg/grpc/org/v2"`
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`)`

feat: exchange gRPC server implementation to connectRPC (#10145) # Which Problems Are Solved The current maintained gRPC server in combination with a REST (grpc) gateway is getting harder and harder to maintain. Additionally, there have been and still are issues with supporting / displaying `oneOf`s correctly. We therefore decided to exchange the server implementation to connectRPC, which apart from supporting connect as protocol, also also "standard" gRCP clients as well as HTTP/1.1 / rest like clients, e.g. curl directly call the server without any additional gateway. # How the Problems Are Solved - All v2 services are moved to connectRPC implementation. (v1 services are still served as pure grpc servers) - All gRPC server interceptors were migrated / copied to a corresponding connectRPC interceptor. - API.ListGrpcServices and API. ListGrpcMethods were changed to include the connect services and endpoints. - gRPC server reflection was changed to a `StaticReflector` using the `ListGrpcServices` list. - The `grpc.Server` interfaces was split into different combinations to be able to handle the different cases (grpc server and prefixed gateway, connect server with grpc gateway, connect server only, ...) - Docs of services serving connectRPC only with no additional gateway (instance, webkey, project, app, org v2 beta) are changed to expose that - since the plugin is not yet available on buf, we download it using `postinstall` hook of the docs # Additional Changes - WebKey service is added as v2 service (in addition to the current v2beta) # Additional Context closes #9483 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2025-07-04 10:06:20 -04:00			`func (s Server) AddOrganization(ctx context.Context, request connect.Request[org.AddOrganizationRequest]) (*connect.Response[org.AddOrganizationResponse], error) {`
			`orgSetup, err := addOrganizationRequestToCommand(request.Msg)`
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`if err != nil {`
			`return nil, err`
			`}`
			`createdOrg, err := s.command.SetUpOrg(ctx, orgSetup, false)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return createdOrganizationToPb(createdOrg)`
			`}`

			`func addOrganizationRequestToCommand(request org.AddOrganizationRequest) (command.OrgSetup, error) {`
			`admins, err := addOrganizationRequestAdminsToCommand(request.GetAdmins())`
			`if err != nil {`
			`return nil, err`
			`}`
			`return &command.OrgSetup{`
			`Name: request.GetName(),`
			`CustomDomain: "",`
			`Admins: admins,`
feat: add custom org ID to AddOrganizationRequest (#9720) # Which Problems Are Solved - It is not possible to specify a custom organization ID when creating an organization. According to https://github.com/zitadel/zitadel/discussions/9202#discussioncomment-11929464 this is "an inconsistency in the V2 API". # How the Problems Are Solved - Adds the `org_id` as an optional parameter to the `AddOrganizationRequest` in the `v2beta` API. # Additional Changes None. # Additional Context - Discussion [#9202](https://github.com/zitadel/zitadel/discussions/9202) - I was mostly interested in how much work it'd be to add this field. Then after completing this, I thought I'd submit this PR. I won't be angry if you just close this PR with the reasoning "we didn't ask for it". :smile: - Even though I don't think this is a breaking change, I didn't add this to the `v2` API yet (don't know what the process for this is TBH). The changes should be analogous, so if you want me to, just request it. --------- Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2025-05-21 12:55:40 +02:00			`OrgID: request.GetOrgId(),`
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`}, nil`
			`}`

			`func addOrganizationRequestAdminsToCommand(requestAdmins []org.AddOrganizationRequest_Admin) (admins []command.OrgSetupAdmin, err error) {`
			`admins = make([]*command.OrgSetupAdmin, len(requestAdmins))`
			`for i, admin := range requestAdmins {`
			`admins[i], err = addOrganizationRequestAdminToCommand(admin)`
			`if err != nil {`
			`return nil, err`
			`}`
			`}`
			`return admins, nil`
			`}`

			`func addOrganizationRequestAdminToCommand(admin org.AddOrganizationRequest_Admin) (command.OrgSetupAdmin, error) {`
			`switch a := admin.GetUserType().(type) {`
			`case *org.AddOrganizationRequest_Admin_UserId:`
			`return &command.OrgSetupAdmin{`
			`ID: a.UserId,`
			`Roles: admin.GetRoles(),`
			`}, nil`
			`case *org.AddOrganizationRequest_Admin_Human:`
			`human, err := user.AddUserRequestToAddHuman(a.Human)`
			`if err != nil {`
			`return nil, err`
			`}`
fix: custom userID not being added when specified in zitadel.org.v2.AddOrganizationRequest.AddOrganization() request (#9334) # Which Problems Are Solved When specifying a `user_id` as a human admin in `zitadel.org.v2.AddOrganizationRequest.AddOrganization()` the `user_id` specified in the request should have been used, before it was being ignored, this has been fixed with this PR # Additional Context - Closes https://github.com/zitadel/zitadel/issues/9308 --------- Co-authored-by: Iraq Jaber <IraqJaber@gmail.com> 2025-02-13 09:17:05 +00:00
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`return &command.OrgSetupAdmin{`
			`Human: human,`
			`Roles: admin.GetRoles(),`
			`}, nil`
			`default:`
refactor: rename package errors to zerrors (#7039) * chore: rename package errors to zerrors * rename package errors to gerrors * fix error related linting issues * fix zitadel error assertion * fix gosimple linting issues * fix deprecated linting issues * resolve gci linting issues * fix import structure --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2023-12-08 16:30:55 +02:00			`return nil, zerrors.ThrowUnimplementedf(nil, "ORGv2-SD2r1", "userType oneOf %T in method AddOrganization not implemented", a)`
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`}`
			`}`

feat: exchange gRPC server implementation to connectRPC (#10145) # Which Problems Are Solved The current maintained gRPC server in combination with a REST (grpc) gateway is getting harder and harder to maintain. Additionally, there have been and still are issues with supporting / displaying `oneOf`s correctly. We therefore decided to exchange the server implementation to connectRPC, which apart from supporting connect as protocol, also also "standard" gRCP clients as well as HTTP/1.1 / rest like clients, e.g. curl directly call the server without any additional gateway. # How the Problems Are Solved - All v2 services are moved to connectRPC implementation. (v1 services are still served as pure grpc servers) - All gRPC server interceptors were migrated / copied to a corresponding connectRPC interceptor. - API.ListGrpcServices and API. ListGrpcMethods were changed to include the connect services and endpoints. - gRPC server reflection was changed to a `StaticReflector` using the `ListGrpcServices` list. - The `grpc.Server` interfaces was split into different combinations to be able to handle the different cases (grpc server and prefixed gateway, connect server with grpc gateway, connect server only, ...) - Docs of services serving connectRPC only with no additional gateway (instance, webkey, project, app, org v2 beta) are changed to expose that - since the plugin is not yet available on buf, we download it using `postinstall` hook of the docs # Additional Changes - WebKey service is added as v2 service (in addition to the current v2beta) # Additional Context closes #9483 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2025-07-04 10:06:20 -04:00			`func createdOrganizationToPb(createdOrg command.CreatedOrg) (_ connect.Response[org.AddOrganizationResponse], err error) {`
feat(api): reworking AddOrganization() API call to return all admins (#9900) 2025-06-05 11:05:35 +02:00			`admins := make([]*org.AddOrganizationResponse_CreatedAdmin, 0, len(createdOrg.OrgAdmins))`
			`for _, admin := range createdOrg.OrgAdmins {`
			`admin, ok := admin.(*command.CreatedOrgAdmin)`
			`if ok {`
			`admins = append(admins, &org.AddOrganizationResponse_CreatedAdmin{`
			`UserId: admin.GetID(),`
			`EmailCode: admin.EmailCode,`
			`PhoneCode: admin.PhoneCode,`
			`})`
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`}`
			`}`
feat: exchange gRPC server implementation to connectRPC (#10145) # Which Problems Are Solved The current maintained gRPC server in combination with a REST (grpc) gateway is getting harder and harder to maintain. Additionally, there have been and still are issues with supporting / displaying `oneOf`s correctly. We therefore decided to exchange the server implementation to connectRPC, which apart from supporting connect as protocol, also also "standard" gRCP clients as well as HTTP/1.1 / rest like clients, e.g. curl directly call the server without any additional gateway. # How the Problems Are Solved - All v2 services are moved to connectRPC implementation. (v1 services are still served as pure grpc servers) - All gRPC server interceptors were migrated / copied to a corresponding connectRPC interceptor. - API.ListGrpcServices and API. ListGrpcMethods were changed to include the connect services and endpoints. - gRPC server reflection was changed to a `StaticReflector` using the `ListGrpcServices` list. - The `grpc.Server` interfaces was split into different combinations to be able to handle the different cases (grpc server and prefixed gateway, connect server with grpc gateway, connect server only, ...) - Docs of services serving connectRPC only with no additional gateway (instance, webkey, project, app, org v2 beta) are changed to expose that - since the plugin is not yet available on buf, we download it using `postinstall` hook of the docs # Additional Changes - WebKey service is added as v2 service (in addition to the current v2beta) # Additional Context closes #9483 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2025-07-04 10:06:20 -04:00			`return connect.NewResponse(&org.AddOrganizationResponse{`
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`Details: object.DomainToDetailsPb(createdOrg.ObjectDetails),`
			`OrganizationId: createdOrg.ObjectDetails.ResourceOwner,`
			`CreatedAdmins: admins,`
feat: exchange gRPC server implementation to connectRPC (#10145) # Which Problems Are Solved The current maintained gRPC server in combination with a REST (grpc) gateway is getting harder and harder to maintain. Additionally, there have been and still are issues with supporting / displaying `oneOf`s correctly. We therefore decided to exchange the server implementation to connectRPC, which apart from supporting connect as protocol, also also "standard" gRCP clients as well as HTTP/1.1 / rest like clients, e.g. curl directly call the server without any additional gateway. # How the Problems Are Solved - All v2 services are moved to connectRPC implementation. (v1 services are still served as pure grpc servers) - All gRPC server interceptors were migrated / copied to a corresponding connectRPC interceptor. - API.ListGrpcServices and API. ListGrpcMethods were changed to include the connect services and endpoints. - gRPC server reflection was changed to a `StaticReflector` using the `ListGrpcServices` list. - The `grpc.Server` interfaces was split into different combinations to be able to handle the different cases (grpc server and prefixed gateway, connect server with grpc gateway, connect server only, ...) - Docs of services serving connectRPC only with no additional gateway (instance, webkey, project, app, org v2 beta) are changed to expose that - since the plugin is not yet available on buf, we download it using `postinstall` hook of the docs # Additional Changes - WebKey service is added as v2 service (in addition to the current v2beta) # Additional Context closes #9483 --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2025-07-04 10:06:20 -04:00			`}), nil`
feat(api): add organisation service (#6340) * setup org with multiple admins * tests * add missing proto * remove machine users (for now) * update tests with idp case * fix package * organisation -> organization * fix test 2023-08-11 16:19:14 +02:00			`}`