| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | package admin | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							|  |  |  | 	"context" | 
					
						
							| 
									
										
										
										
											2024-03-27 14:48:22 +01:00
										 |  |  | 	"time" | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	"google.golang.org/protobuf/types/known/durationpb" | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	"google.golang.org/protobuf/types/known/timestamppb" | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	authn_grpc "github.com/zitadel/zitadel/internal/api/grpc/authn" | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	text_grpc "github.com/zitadel/zitadel/internal/api/grpc/text" | 
					
						
							|  |  |  | 	"github.com/zitadel/zitadel/internal/domain" | 
					
						
							|  |  |  | 	"github.com/zitadel/zitadel/internal/query" | 
					
						
							|  |  |  | 	"github.com/zitadel/zitadel/internal/telemetry/tracing" | 
					
						
							| 
									
										
										
										
											2023-12-08 16:30:55 +02:00
										 |  |  | 	"github.com/zitadel/zitadel/internal/zerrors" | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	admin_pb "github.com/zitadel/zitadel/pkg/grpc/admin" | 
					
						
							|  |  |  | 	app_pb "github.com/zitadel/zitadel/pkg/grpc/app" | 
					
						
							|  |  |  | 	idp_pb "github.com/zitadel/zitadel/pkg/grpc/idp" | 
					
						
							|  |  |  | 	management_pb "github.com/zitadel/zitadel/pkg/grpc/management" | 
					
						
							|  |  |  | 	org_pb "github.com/zitadel/zitadel/pkg/grpc/org" | 
					
						
							|  |  |  | 	policy_pb "github.com/zitadel/zitadel/pkg/grpc/policy" | 
					
						
							|  |  |  | 	project_pb "github.com/zitadel/zitadel/pkg/grpc/project" | 
					
						
							|  |  |  | 	user_pb "github.com/zitadel/zitadel/pkg/grpc/user" | 
					
						
							|  |  |  | 	v1_pb "github.com/zitadel/zitadel/pkg/grpc/v1" | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) ExportData(ctx context.Context, req *admin_pb.ExportDataRequest) (_ *admin_pb.ExportDataResponse, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	orgSearchQuery := &query.OrgSearchQueries{} | 
					
						
							|  |  |  | 	if len(req.OrgIds) > 0 { | 
					
						
							|  |  |  | 		orgIDsSearchQuery, err := query.NewOrgIDsSearchQuery(req.OrgIds...) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		orgSearchQuery.Queries = []query.SearchQuery{orgIDsSearchQuery} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	queriedOrgs, err := s.query.SearchOrgs(ctx, orgSearchQuery) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	orgs := make([]*admin_pb.DataOrg, len(queriedOrgs.Orgs)) | 
					
						
							|  |  |  | 	processedOrgs := make([]string, len(queriedOrgs.Orgs)) | 
					
						
							|  |  |  | 	processedProjects := make([]string, 0) | 
					
						
							|  |  |  | 	processedGrants := make([]string, 0) | 
					
						
							|  |  |  | 	processedUsers := make([]string, 0) | 
					
						
							|  |  |  | 	processedActions := make([]string, 0) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for i, queriedOrg := range queriedOrgs.Orgs { | 
					
						
							|  |  |  | 		if req.ExcludedOrgIds != nil { | 
					
						
							|  |  |  | 			found := false | 
					
						
							|  |  |  | 			for _, excludedOrg := range req.ExcludedOrgIds { | 
					
						
							|  |  |  | 				if excludedOrg == queriedOrg.ID { | 
					
						
							|  |  |  | 					found = true | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if found { | 
					
						
							|  |  |  | 				continue | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		processedOrgs = append(processedOrgs, queriedOrg.ID) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		/****************************************************************************************************************** | 
					
						
							|  |  |  | 		Organization | 
					
						
							|  |  |  | 		******************************************************************************************************************/ | 
					
						
							|  |  |  | 		org := &admin_pb.DataOrg{OrgId: queriedOrg.ID, Org: &management_pb.AddOrgRequest{Name: queriedOrg.Name}} | 
					
						
							|  |  |  | 		orgs[i] = org | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for _, org := range orgs { | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.DomainPolicy, err = s.getDomainPolicy(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.Domains, err = s.getDomains(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.OidcIdps, org.JwtIdps, err = s.getIDPs(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2022-10-19 12:58:03 +01:00
										 |  |  | 		orgIDPs := make([]string, 0) | 
					
						
							|  |  |  | 		for _, idp := range org.OidcIdps { | 
					
						
							|  |  |  | 			orgIDPs = append(orgIDPs, idp.GetIdpId()) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		for _, idp := range org.JwtIdps { | 
					
						
							|  |  |  | 			orgIDPs = append(orgIDPs, idp.GetIdpId()) | 
					
						
							|  |  |  | 		} | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		org.LabelPolicy, err = s.getLabelPolicy(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-19 12:58:03 +01:00
										 |  |  | 		org.LoginPolicy, err = s.getLoginPolicy(ctx, org.GetOrgId(), orgIDPs) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.UserLinks, err = s.getUserLinks(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.LockoutPolicy, err = s.getLockoutPolicy(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.PasswordComplexityPolicy, err = s.getPasswordComplexityPolicy(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.PrivacyPolicy, err = s.getPrivacyPolicy(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		langResp, err := s.GetSupportedLanguages(ctx, &admin_pb.GetSupportedLanguagesRequest{}) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.LoginTexts, err = s.getCustomLoginTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.InitMessages, err = s.getCustomInitMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.PasswordResetMessages, err = s.getCustomPasswordResetMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.VerifyEmailMessages, err = s.getCustomVerifyEmailMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.VerifyPhoneMessages, err = s.getCustomVerifyPhoneMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-08-09 07:49:12 +02:00
										 |  |  | 		org.VerifySmsOtpMessages, err = s.getCustomVerifySMSOTPMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.VerifyEmailOtpMessages, err = s.getCustomVerifyEmailOTPMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		org.DomainClaimedMessages, err = s.getCustomDomainClaimedMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.PasswordlessRegistrationMessages, err = s.getCustomPasswordlessRegistrationMessageTexts(ctx, org.GetOrgId(), langResp.Languages) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		/****************************************************************************************************************** | 
					
						
							|  |  |  | 		Users | 
					
						
							|  |  |  | 		******************************************************************************************************************/ | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		org.HumanUsers, org.MachineUsers, org.UserMetadata, org.MachineKeys, err = s.getUsers(ctx, org.GetOrgId(), req.WithPasswords, req.WithOtp) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		for _, processedUser := range org.HumanUsers { | 
					
						
							|  |  |  | 			processedUsers = append(processedUsers, processedUser.UserId) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		for _, processedUser := range org.MachineUsers { | 
					
						
							|  |  |  | 			processedUsers = append(processedUsers, processedUser.UserId) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		/****************************************************************************************************************** | 
					
						
							|  |  |  | 		Project and Applications | 
					
						
							|  |  |  | 		******************************************************************************************************************/ | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		org.Projects, org.ProjectRoles, org.OidcApps, org.ApiApps, org.AppKeys, err = s.getProjectsAndApps(ctx, org.GetOrgId()) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		for _, processedProject := range org.Projects { | 
					
						
							|  |  |  | 			processedProjects = append(processedProjects, processedProject.ProjectId) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		/****************************************************************************************************************** | 
					
						
							|  |  |  | 		Actions | 
					
						
							|  |  |  | 		******************************************************************************************************************/ | 
					
						
							|  |  |  | 		org.Actions, err = s.getActions(ctx, org.GetOrgId()) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		for _, processedAction := range org.Actions { | 
					
						
							|  |  |  | 			processedActions = append(processedActions, processedAction.ActionId) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for _, org := range orgs { | 
					
						
							|  |  |  | 		/****************************************************************************************************************** | 
					
						
							|  |  |  | 		  Flows | 
					
						
							|  |  |  | 		  ******************************************************************************************************************/ | 
					
						
							|  |  |  | 		org.TriggerActions, err = s.getTriggerActions(ctx, org.OrgId, processedActions) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		/****************************************************************************************************************** | 
					
						
							|  |  |  | 		  Grants | 
					
						
							|  |  |  | 		  ******************************************************************************************************************/ | 
					
						
							|  |  |  | 		org.ProjectGrants, err = s.getNecessaryProjectGrantsForOrg(ctx, org.OrgId, processedOrgs, processedProjects) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		for _, processedGrant := range org.ProjectGrants { | 
					
						
							|  |  |  | 			processedGrants = append(processedGrants, processedGrant.GrantId) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.UserGrants, err = s.getNecessaryUserGrantsForOrg(ctx, org.OrgId, processedProjects, processedGrants, processedUsers) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for _, org := range orgs { | 
					
						
							|  |  |  | 		/****************************************************************************************************************** | 
					
						
							|  |  |  | 		  Members | 
					
						
							|  |  |  | 		  ******************************************************************************************************************/ | 
					
						
							|  |  |  | 		org.OrgMembers, err = s.getNecessaryOrgMembersForOrg(ctx, org.OrgId, processedUsers) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.ProjectMembers, err = s.getNecessaryProjectMembersForOrg(ctx, processedProjects, processedUsers) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		org.ProjectGrantMembers, err = s.getNecessaryProjectGrantMembersForOrg(ctx, org.OrgId, processedProjects, processedGrants, processedUsers) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return &admin_pb.ExportDataResponse{ | 
					
						
							|  |  |  | 		Orgs: orgs, | 
					
						
							|  |  |  | 	}, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getDomainPolicy(ctx context.Context, orgID string) (_ *admin_pb.AddCustomDomainPolicyRequest, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	queriedDomain, err := s.query.DomainPolicyByOrg(ctx, true, orgID, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !queriedDomain.IsDefault { | 
					
						
							|  |  |  | 		return &admin_pb.AddCustomDomainPolicyRequest{ | 
					
						
							|  |  |  | 			OrgId:                                  orgID, | 
					
						
							|  |  |  | 			UserLoginMustBeDomain:                  queriedDomain.UserLoginMustBeDomain, | 
					
						
							|  |  |  | 			ValidateOrgDomains:                     queriedDomain.ValidateOrgDomains, | 
					
						
							|  |  |  | 			SmtpSenderAddressMatchesInstanceDomain: queriedDomain.SMTPSenderAddressMatchesInstanceDomain, | 
					
						
							|  |  |  | 		}, nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getDomains(ctx context.Context, orgID string) (_ []*org_pb.Domain, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	orgDomainOrgIDQuery, err := query.NewOrgDomainOrgIDSearchQuery(orgID) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	orgDomainsQuery, err := s.query.SearchOrgDomains(ctx, &query.OrgDomainSearchQueries{Queries: []query.SearchQuery{orgDomainOrgIDQuery}}, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	orgDomains := make([]*org_pb.Domain, len(orgDomainsQuery.Domains)) | 
					
						
							|  |  |  | 	for i, orgDomain := range orgDomainsQuery.Domains { | 
					
						
							|  |  |  | 		orgDomains[i] = &org_pb.Domain{ | 
					
						
							|  |  |  | 			OrgId:          orgDomain.OrgID, | 
					
						
							|  |  |  | 			DomainName:     orgDomain.Domain, | 
					
						
							|  |  |  | 			IsVerified:     orgDomain.IsVerified, | 
					
						
							|  |  |  | 			IsPrimary:      orgDomain.IsPrimary, | 
					
						
							|  |  |  | 			ValidationType: org_pb.DomainValidationType(orgDomain.ValidationType), | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return orgDomains, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getIDPs(ctx context.Context, orgID string) (_ []*v1_pb.DataOIDCIDP, _ []*v1_pb.DataJWTIDP, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	ownerType, err := query.NewIDPOwnerTypeSearchQuery(domain.IdentityProviderTypeOrg) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	idpQuery, err := query.NewIDPResourceOwnerSearchQuery(orgID) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	idps, err := s.query.IDPs(ctx, &query.IDPSearchQueries{Queries: []query.SearchQuery{idpQuery, ownerType}}, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	oidcIdps := make([]*v1_pb.DataOIDCIDP, 0) | 
					
						
							|  |  |  | 	jwtIdps := make([]*v1_pb.DataJWTIDP, 0) | 
					
						
							|  |  |  | 	for _, idp := range idps.IDPs { | 
					
						
							|  |  |  | 		if idp.OIDCIDP != nil { | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 			clientSecret, err := s.query.GetOIDCIDPClientSecret(ctx, false, orgID, idp.ID, false) | 
					
						
							| 
									
										
										
										
											2023-12-08 16:30:55 +02:00
										 |  |  | 			if err != nil && !zerrors.IsNotFound(err) { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				return nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			oidcIdps = append(oidcIdps, &v1_pb.DataOIDCIDP{ | 
					
						
							|  |  |  | 				IdpId: idp.ID, | 
					
						
							|  |  |  | 				Idp: &management_pb.AddOrgOIDCIDPRequest{ | 
					
						
							|  |  |  | 					Name:               idp.Name, | 
					
						
							|  |  |  | 					StylingType:        idp_pb.IDPStylingType(idp.StylingType), | 
					
						
							|  |  |  | 					ClientId:           idp.ClientID, | 
					
						
							|  |  |  | 					ClientSecret:       clientSecret, | 
					
						
							|  |  |  | 					Issuer:             idp.OIDCIDP.Issuer, | 
					
						
							|  |  |  | 					Scopes:             idp.Scopes, | 
					
						
							|  |  |  | 					DisplayNameMapping: idp_pb.OIDCMappingField(idp.DisplayNameMapping), | 
					
						
							|  |  |  | 					UsernameMapping:    idp_pb.OIDCMappingField(idp.UsernameMapping), | 
					
						
							|  |  |  | 					AutoRegister:       idp.AutoRegister, | 
					
						
							|  |  |  | 				}, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} else if idp.JWTIDP != nil { | 
					
						
							|  |  |  | 			jwtIdps = append(jwtIdps, &v1_pb.DataJWTIDP{ | 
					
						
							|  |  |  | 				IdpId: idp.ID, | 
					
						
							|  |  |  | 				Idp: &management_pb.AddOrgJWTIDPRequest{ | 
					
						
							|  |  |  | 					Name:         idp.Name, | 
					
						
							|  |  |  | 					StylingType:  idp_pb.IDPStylingType(idp.StylingType), | 
					
						
							|  |  |  | 					JwtEndpoint:  idp.JWTIDP.Endpoint, | 
					
						
							|  |  |  | 					Issuer:       idp.JWTIDP.Issuer, | 
					
						
							|  |  |  | 					KeysEndpoint: idp.KeysEndpoint, | 
					
						
							|  |  |  | 					HeaderName:   idp.HeaderName, | 
					
						
							|  |  |  | 					AutoRegister: idp.AutoRegister, | 
					
						
							|  |  |  | 				}, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return oidcIdps, jwtIdps, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getLabelPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomLabelPolicyRequest, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	queriedLabel, err := s.query.ActiveLabelPolicyByOrg(ctx, orgID, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !queriedLabel.IsDefault { | 
					
						
							|  |  |  | 		return &management_pb.AddCustomLabelPolicyRequest{ | 
					
						
							|  |  |  | 			PrimaryColor:        queriedLabel.Light.PrimaryColor, | 
					
						
							|  |  |  | 			HideLoginNameSuffix: queriedLabel.HideLoginNameSuffix, | 
					
						
							|  |  |  | 			WarnColor:           queriedLabel.Light.WarnColor, | 
					
						
							|  |  |  | 			BackgroundColor:     queriedLabel.Light.BackgroundColor, | 
					
						
							|  |  |  | 			FontColor:           queriedLabel.Light.FontColor, | 
					
						
							|  |  |  | 			PrimaryColorDark:    queriedLabel.Dark.PrimaryColor, | 
					
						
							|  |  |  | 			BackgroundColorDark: queriedLabel.Dark.BackgroundColor, | 
					
						
							|  |  |  | 			WarnColorDark:       queriedLabel.Dark.WarnColor, | 
					
						
							|  |  |  | 			FontColorDark:       queriedLabel.Dark.FontColor, | 
					
						
							|  |  |  | 			DisableWatermark:    queriedLabel.WatermarkDisabled, | 
					
						
							|  |  |  | 		}, nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-19 12:58:03 +01:00
										 |  |  | func (s *Server) getLoginPolicy(ctx context.Context, orgID string, orgIDPs []string) (_ *management_pb.AddCustomLoginPolicyRequest, err error) { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	queriedLogin, err := s.query.LoginPolicyByID(ctx, false, orgID, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !queriedLogin.IsDefault { | 
					
						
							| 
									
										
										
										
											2024-03-27 14:48:22 +01:00
										 |  |  | 		pwCheck := durationpb.New(time.Duration(queriedLogin.PasswordCheckLifetime)) | 
					
						
							|  |  |  | 		externalLogin := durationpb.New(time.Duration(queriedLogin.ExternalLoginCheckLifetime)) | 
					
						
							|  |  |  | 		mfaInitSkip := durationpb.New(time.Duration(queriedLogin.MFAInitSkipLifetime)) | 
					
						
							|  |  |  | 		secondFactor := durationpb.New(time.Duration(queriedLogin.SecondFactorCheckLifetime)) | 
					
						
							|  |  |  | 		multiFactor := durationpb.New(time.Duration(queriedLogin.MultiFactorCheckLifetime)) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		secondFactors := []policy_pb.SecondFactorType{} | 
					
						
							|  |  |  | 		for _, factor := range queriedLogin.SecondFactors { | 
					
						
							|  |  |  | 			secondFactors = append(secondFactors, policy_pb.SecondFactorType(factor)) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		multiFactors := []policy_pb.MultiFactorType{} | 
					
						
							|  |  |  | 		for _, factor := range queriedLogin.MultiFactors { | 
					
						
							|  |  |  | 			multiFactors = append(multiFactors, policy_pb.MultiFactorType(factor)) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		idpLinksQuery, err := s.query.IDPLoginPolicyLinks(ctx, orgID, &query.IDPLoginPolicyLinksSearchQuery{}, false) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		if err != nil { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		idpLinks := make([]*management_pb.AddCustomLoginPolicyRequest_IDP, 0) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		for _, idpLink := range idpLinksQuery.Links { | 
					
						
							| 
									
										
										
										
											2022-10-19 12:58:03 +01:00
										 |  |  | 			found := false | 
					
						
							|  |  |  | 			for _, orgIDP := range orgIDPs { | 
					
						
							|  |  |  | 				if orgIDP == idpLink.IDPID { | 
					
						
							|  |  |  | 					found = true | 
					
						
							|  |  |  | 					break | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			ownerType := idp_pb.IDPOwnerType_IDP_OWNER_TYPE_UNSPECIFIED | 
					
						
							|  |  |  | 			if found { | 
					
						
							|  |  |  | 				ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_ORG | 
					
						
							|  |  |  | 			} else { | 
					
						
							|  |  |  | 				ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_SYSTEM | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			idpLinks = append(idpLinks, &management_pb.AddCustomLoginPolicyRequest_IDP{ | 
					
						
							|  |  |  | 				IdpId:     idpLink.IDPID, | 
					
						
							| 
									
										
										
										
											2022-10-19 12:58:03 +01:00
										 |  |  | 				OwnerType: ownerType, | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		return &management_pb.AddCustomLoginPolicyRequest{ | 
					
						
							|  |  |  | 			AllowUsernamePassword:      queriedLogin.AllowUsernamePassword, | 
					
						
							|  |  |  | 			AllowRegister:              queriedLogin.AllowRegister, | 
					
						
							|  |  |  | 			AllowExternalIdp:           queriedLogin.AllowExternalIDPs, | 
					
						
							|  |  |  | 			ForceMfa:                   queriedLogin.ForceMFA, | 
					
						
							| 
									
										
										
										
											2023-07-20 06:06:16 +02:00
										 |  |  | 			ForceMfaLocalOnly:          queriedLogin.ForceMFALocalOnly, | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 			PasswordlessType:           policy_pb.PasswordlessType(queriedLogin.PasswordlessType), | 
					
						
							|  |  |  | 			HidePasswordReset:          queriedLogin.HidePasswordReset, | 
					
						
							|  |  |  | 			IgnoreUnknownUsernames:     queriedLogin.IgnoreUnknownUsernames, | 
					
						
							|  |  |  | 			DefaultRedirectUri:         queriedLogin.DefaultRedirectURI, | 
					
						
							|  |  |  | 			PasswordCheckLifetime:      pwCheck, | 
					
						
							|  |  |  | 			ExternalLoginCheckLifetime: externalLogin, | 
					
						
							|  |  |  | 			MfaInitSkipLifetime:        mfaInitSkip, | 
					
						
							|  |  |  | 			SecondFactorCheckLifetime:  secondFactor, | 
					
						
							|  |  |  | 			MultiFactorCheckLifetime:   multiFactor, | 
					
						
							|  |  |  | 			SecondFactors:              secondFactors, | 
					
						
							|  |  |  | 			MultiFactors:               multiFactors, | 
					
						
							|  |  |  | 			Idps:                       idpLinks, | 
					
						
							|  |  |  | 		}, nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return nil, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getUserLinks(ctx context.Context, orgID string) (_ []*idp_pb.IDPUserLink, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	userLinksResourceOwner, err := query.NewIDPUserLinksResourceOwnerSearchQuery(orgID) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	idpUserLinks, err := s.query.IDPUserLinks(ctx, &query.IDPUserLinksSearchQuery{Queries: []query.SearchQuery{userLinksResourceOwner}}, false) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	userLinks := make([]*idp_pb.IDPUserLink, 0) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	for _, idpUserLink := range idpUserLinks.Links { | 
					
						
							|  |  |  | 		userLinks = append(userLinks, &idp_pb.IDPUserLink{ | 
					
						
							|  |  |  | 			UserId:           idpUserLink.UserID, | 
					
						
							|  |  |  | 			IdpId:            idpUserLink.IDPID, | 
					
						
							|  |  |  | 			IdpName:          idpUserLink.IDPName, | 
					
						
							|  |  |  | 			ProvidedUserId:   idpUserLink.ProvidedUserID, | 
					
						
							|  |  |  | 			ProvidedUserName: idpUserLink.ProvidedUsername, | 
					
						
							|  |  |  | 			IdpType:          idp_pb.IDPType(idpUserLink.IDPType), | 
					
						
							|  |  |  | 		}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return userLinks, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getLockoutPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomLockoutPolicyRequest, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-04-10 11:14:55 +02:00
										 |  |  | 	queriedLockout, err := s.query.LockoutPolicyByOrg(ctx, false, orgID) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !queriedLockout.IsDefault { | 
					
						
							|  |  |  | 		return &management_pb.AddCustomLockoutPolicyRequest{ | 
					
						
							|  |  |  | 			MaxPasswordAttempts: uint32(queriedLockout.MaxPasswordAttempts), | 
					
						
							| 
									
										
										
										
											2024-04-10 11:14:55 +02:00
										 |  |  | 			MaxOtpAttempts:      uint32(queriedLockout.MaxOTPAttempts), | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		}, nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getPasswordComplexityPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomPasswordComplexityPolicyRequest, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	queriedPasswordComplexity, err := s.query.PasswordComplexityPolicyByOrg(ctx, false, orgID, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !queriedPasswordComplexity.IsDefault { | 
					
						
							|  |  |  | 		return &management_pb.AddCustomPasswordComplexityPolicyRequest{ | 
					
						
							|  |  |  | 			MinLength:    queriedPasswordComplexity.MinLength, | 
					
						
							|  |  |  | 			HasUppercase: queriedPasswordComplexity.HasUppercase, | 
					
						
							|  |  |  | 			HasLowercase: queriedPasswordComplexity.HasLowercase, | 
					
						
							|  |  |  | 			HasNumber:    queriedPasswordComplexity.HasNumber, | 
					
						
							|  |  |  | 			HasSymbol:    queriedPasswordComplexity.HasSymbol, | 
					
						
							|  |  |  | 		}, nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getPrivacyPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomPrivacyPolicyRequest, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	queriedPrivacy, err := s.query.PrivacyPolicyByOrg(ctx, false, orgID, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if !queriedPrivacy.IsDefault { | 
					
						
							|  |  |  | 		return &management_pb.AddCustomPrivacyPolicyRequest{ | 
					
						
							| 
									
										
										
										
											2024-05-13 16:01:50 +02:00
										 |  |  | 			TosLink:        queriedPrivacy.TOSLink, | 
					
						
							|  |  |  | 			PrivacyLink:    queriedPrivacy.PrivacyLink, | 
					
						
							|  |  |  | 			HelpLink:       queriedPrivacy.HelpLink, | 
					
						
							|  |  |  | 			SupportEmail:   string(queriedPrivacy.SupportEmail), | 
					
						
							|  |  |  | 			DocsLink:       queriedPrivacy.DocsLink, | 
					
						
							|  |  |  | 			CustomLink:     queriedPrivacy.CustomLink, | 
					
						
							|  |  |  | 			CustomLinkText: queriedPrivacy.CustomLinkText, | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		}, nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return nil, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | func (s *Server) getUsers(ctx context.Context, org string, withPasswords bool, withOTP bool) (_ []*v1_pb.DataHumanUser, _ []*v1_pb.DataMachineUser, _ []*management_pb.SetUserMetadataRequest, _ []*v1_pb.DataMachineKey, err error) { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	orgSearch, err := query.NewUserResourceOwnerSearchQuery(org, query.TextEquals) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		return nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-11-21 14:11:38 +02:00
										 |  |  | 	users, err := s.query.SearchUsers(ctx, &query.UserSearchQueries{Queries: []query.SearchQuery{orgSearch}}) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	humanUsers := make([]*v1_pb.DataHumanUser, 0) | 
					
						
							|  |  |  | 	machineUsers := make([]*v1_pb.DataMachineUser, 0) | 
					
						
							|  |  |  | 	userMetadata := make([]*management_pb.SetUserMetadataRequest, 0) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	machineKeys := make([]*v1_pb.DataMachineKey, 0) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	for _, user := range users.Users { | 
					
						
							|  |  |  | 		switch user.Type { | 
					
						
							|  |  |  | 		case domain.UserTypeHuman: | 
					
						
							|  |  |  | 			dataUser := &v1_pb.DataHumanUser{ | 
					
						
							|  |  |  | 				UserId: user.ID, | 
					
						
							|  |  |  | 				User: &management_pb.ImportHumanUserRequest{ | 
					
						
							|  |  |  | 					UserName: user.Username, | 
					
						
							|  |  |  | 					Profile: &management_pb.ImportHumanUserRequest_Profile{ | 
					
						
							|  |  |  | 						FirstName:         user.Human.FirstName, | 
					
						
							|  |  |  | 						LastName:          user.Human.LastName, | 
					
						
							|  |  |  | 						NickName:          user.Human.NickName, | 
					
						
							|  |  |  | 						DisplayName:       user.Human.DisplayName, | 
					
						
							|  |  |  | 						PreferredLanguage: user.Human.PreferredLanguage.String(), | 
					
						
							|  |  |  | 						Gender:            user_pb.Gender(user.Human.Gender), | 
					
						
							|  |  |  | 					}, | 
					
						
							|  |  |  | 				}, | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if user.Human.Email != "" { | 
					
						
							|  |  |  | 				dataUser.User.Email = &management_pb.ImportHumanUserRequest_Email{ | 
					
						
							| 
									
										
										
										
											2023-03-14 20:20:38 +01:00
										 |  |  | 					Email:           string(user.Human.Email), | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 					IsEmailVerified: user.Human.IsEmailVerified, | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if user.Human.Phone != "" { | 
					
						
							|  |  |  | 				dataUser.User.Phone = &management_pb.ImportHumanUserRequest_Phone{ | 
					
						
							| 
									
										
										
										
											2023-03-14 20:20:38 +01:00
										 |  |  | 					Phone:           string(user.Human.Phone), | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 					IsPhoneVerified: user.Human.IsPhoneVerified, | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if withPasswords { | 
					
						
							|  |  |  | 				ctx, pwspan := tracing.NewSpan(ctx) | 
					
						
							| 
									
										
										
										
											2023-07-14 09:49:57 +03:00
										 |  |  | 				encodedHash, err := s.query.GetHumanPassword(ctx, org, user.ID) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				pwspan.EndWithError(err) | 
					
						
							| 
									
										
										
										
											2023-12-08 16:30:55 +02:00
										 |  |  | 				if err != nil && !zerrors.IsNotFound(err) { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 					return nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				} | 
					
						
							| 
									
										
										
										
											2023-07-14 09:49:57 +03:00
										 |  |  | 				if err == nil && encodedHash != "" { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 					dataUser.User.HashedPassword = &management_pb.ImportHumanUserRequest_HashedPassword{ | 
					
						
							| 
									
										
										
										
											2023-07-14 09:49:57 +03:00
										 |  |  | 						Value: encodedHash, | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 					} | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if withOTP { | 
					
						
							|  |  |  | 				ctx, otpspan := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 				code, err := s.query.GetHumanOTPSecret(ctx, user.ID, org) | 
					
						
							|  |  |  | 				otpspan.EndWithError(err) | 
					
						
							| 
									
										
										
										
											2023-12-08 16:30:55 +02:00
										 |  |  | 				if err != nil && !zerrors.IsNotFound(err) { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 					return nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				} | 
					
						
							|  |  |  | 				if err == nil && code != "" { | 
					
						
							|  |  |  | 					dataUser.User.OtpCode = code | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			humanUsers = append(humanUsers, dataUser) | 
					
						
							|  |  |  | 		case domain.UserTypeMachine: | 
					
						
							|  |  |  | 			machineUsers = append(machineUsers, &v1_pb.DataMachineUser{ | 
					
						
							|  |  |  | 				UserId: user.ID, | 
					
						
							|  |  |  | 				User: &management_pb.AddMachineUserRequest{ | 
					
						
							|  |  |  | 					UserName:    user.Username, | 
					
						
							|  |  |  | 					Name:        user.Machine.Name, | 
					
						
							|  |  |  | 					Description: user.Machine.Description, | 
					
						
							|  |  |  | 				}, | 
					
						
							|  |  |  | 			}) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			userIDQuery, err := query.NewAuthNKeyAggregateIDQuery(user.ID) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, nil, nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			orgIDQuery, err := query.NewAuthNKeyResourceOwnerQuery(org) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, nil, nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-11-21 14:11:38 +02:00
										 |  |  | 			keys, err := s.query.SearchAuthNKeysData(ctx, &query.AuthNKeySearchQueries{Queries: []query.SearchQuery{userIDQuery, orgIDQuery}}) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, nil, nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			for _, key := range keys.AuthNKeysData { | 
					
						
							|  |  |  | 				machineKeys = append(machineKeys, &v1_pb.DataMachineKey{ | 
					
						
							|  |  |  | 					KeyId:          key.ID, | 
					
						
							|  |  |  | 					UserId:         user.ID, | 
					
						
							|  |  |  | 					Type:           authn_grpc.KeyTypeToPb(key.Type), | 
					
						
							|  |  |  | 					ExpirationDate: timestamppb.New(key.Expiration), | 
					
						
							|  |  |  | 					PublicKey:      key.PublicKey, | 
					
						
							|  |  |  | 				}) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		ctx, metaspan := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 		metadataOrgSearch, err := query.NewUserMetadataResourceOwnerSearchQuery(org) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			return nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		metadataList, err := s.query.SearchUserMetadata(ctx, false, user.ID, &query.UserMetadataSearchQueries{Queries: []query.SearchQuery{metadataOrgSearch}}, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		metaspan.EndWithError(err) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			return nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							|  |  |  | 		for _, metadata := range metadataList.Metadata { | 
					
						
							|  |  |  | 			userMetadata = append(userMetadata, &management_pb.SetUserMetadataRequest{ | 
					
						
							|  |  |  | 				Id:    user.ID, | 
					
						
							|  |  |  | 				Key:   metadata.Key, | 
					
						
							|  |  |  | 				Value: metadata.Value, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	return humanUsers, machineUsers, userMetadata, machineKeys, nil | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getTriggerActions(ctx context.Context, org string, processedActions []string) (_ []*management_pb.SetTriggerActionsRequest, err error) { | 
					
						
							|  |  |  | 	ctx, span := tracing.NewSpan(ctx) | 
					
						
							|  |  |  | 	defer func() { span.EndWithError(err) }() | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	flowTypes := []domain.FlowType{domain.FlowTypeExternalAuthentication, domain.FlowTypeInternalAuthentication} | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	triggerActions := make([]*management_pb.SetTriggerActionsRequest, 0) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for _, flowType := range flowTypes { | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 		flow, err := s.query.GetFlow(ctx, flowType, org) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		for triggerType, triggerAction := range flow.TriggerActions { | 
					
						
							|  |  |  | 			actions := make([]string, 0) | 
					
						
							|  |  |  | 			for _, action := range triggerAction { | 
					
						
							|  |  |  | 				for _, actionID := range processedActions { | 
					
						
							|  |  |  | 					if action.ID == actionID { | 
					
						
							|  |  |  | 						actions = append(actions, action.ID) | 
					
						
							|  |  |  | 					} | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			triggerActions = append(triggerActions, &management_pb.SetTriggerActionsRequest{ | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 				FlowType:    flowType.ID(), | 
					
						
							|  |  |  | 				TriggerType: triggerType.ID(), | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				ActionIds:   actions, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return triggerActions, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getActions(ctx context.Context, org string) ([]*v1_pb.DataAction, error) { | 
					
						
							|  |  |  | 	actionSearch, err := query.NewActionResourceOwnerQuery(org) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 	queriedActions, err := s.query.SearchActions(ctx, &query.ActionSearchQueries{Queries: []query.SearchQuery{actionSearch}}, false) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	actions := make([]*v1_pb.DataAction, len(queriedActions.Actions)) | 
					
						
							|  |  |  | 	for i, action := range queriedActions.Actions { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		timeout := durationpb.New(action.Timeout()) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		actions[i] = &v1_pb.DataAction{ | 
					
						
							|  |  |  | 			ActionId: action.ID, | 
					
						
							|  |  |  | 			Action: &management_pb.CreateActionRequest{ | 
					
						
							|  |  |  | 				Name:          action.Name, | 
					
						
							|  |  |  | 				Script:        action.Script, | 
					
						
							|  |  |  | 				Timeout:       timeout, | 
					
						
							|  |  |  | 				AllowedToFail: action.AllowedToFail, | 
					
						
							|  |  |  | 			}, | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return actions, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | func (s *Server) getProjectsAndApps(ctx context.Context, org string) ([]*v1_pb.DataProject, []*management_pb.AddProjectRoleRequest, []*v1_pb.DataOIDCApplication, []*v1_pb.DataAPIApplication, []*v1_pb.DataAppKey, error) { | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	projectSearch, err := query.NewProjectResourceOwnerSearchQuery(org) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		return nil, nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 	queriedProjects, err := s.query.SearchProjects(ctx, &query.ProjectSearchQueries{Queries: []query.SearchQuery{projectSearch}}) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	projects := make([]*v1_pb.DataProject, len(queriedProjects.Projects)) | 
					
						
							|  |  |  | 	orgProjectRoles := make([]*management_pb.AddProjectRoleRequest, 0) | 
					
						
							|  |  |  | 	oidcApps := make([]*v1_pb.DataOIDCApplication, 0) | 
					
						
							|  |  |  | 	apiApps := make([]*v1_pb.DataAPIApplication, 0) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	appKeys := make([]*v1_pb.DataAppKey, 0) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	for i, queriedProject := range queriedProjects.Projects { | 
					
						
							|  |  |  | 		projects[i] = &v1_pb.DataProject{ | 
					
						
							|  |  |  | 			ProjectId: queriedProject.ID, | 
					
						
							|  |  |  | 			Project: &management_pb.AddProjectRequest{ | 
					
						
							|  |  |  | 				Name:                   queriedProject.Name, | 
					
						
							|  |  |  | 				ProjectRoleAssertion:   queriedProject.ProjectRoleAssertion, | 
					
						
							|  |  |  | 				ProjectRoleCheck:       queriedProject.ProjectRoleCheck, | 
					
						
							|  |  |  | 				HasProjectCheck:        queriedProject.HasProjectCheck, | 
					
						
							|  |  |  | 				PrivateLabelingSetting: project_pb.PrivateLabelingSetting(queriedProject.PrivateLabelingSetting), | 
					
						
							|  |  |  | 			}, | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		projectRoleSearch, err := query.NewProjectRoleProjectIDSearchQuery(queriedProject.ID) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			return nil, nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 		queriedProjectRoles, err := s.query.SearchProjectRoles(ctx, false, &query.ProjectRoleSearchQueries{Queries: []query.SearchQuery{projectRoleSearch}}) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		for _, role := range queriedProjectRoles.ProjectRoles { | 
					
						
							|  |  |  | 			orgProjectRoles = append(orgProjectRoles, &management_pb.AddProjectRoleRequest{ | 
					
						
							|  |  |  | 				ProjectId:   role.ProjectID, | 
					
						
							|  |  |  | 				RoleKey:     role.Key, | 
					
						
							|  |  |  | 				DisplayName: role.DisplayName, | 
					
						
							|  |  |  | 				Group:       role.Group, | 
					
						
							|  |  |  | 			}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		appSearch, err := query.NewAppProjectIDSearchQuery(queriedProject.ID) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			return nil, nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		apps, err := s.query.SearchApps(ctx, &query.AppSearchQueries{Queries: []query.SearchQuery{appSearch}}, false) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, nil, nil, nil, nil, err | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		} | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 		for _, app := range apps.Apps { | 
					
						
							|  |  |  | 			if app.OIDCConfig != nil { | 
					
						
							|  |  |  | 				responseTypes := make([]app_pb.OIDCResponseType, 0) | 
					
						
							|  |  |  | 				for _, ty := range app.OIDCConfig.ResponseTypes { | 
					
						
							|  |  |  | 					responseTypes = append(responseTypes, app_pb.OIDCResponseType(ty)) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				} | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 				grantTypes := make([]app_pb.OIDCGrantType, 0) | 
					
						
							|  |  |  | 				for _, ty := range app.OIDCConfig.GrantTypes { | 
					
						
							|  |  |  | 					grantTypes = append(grantTypes, app_pb.OIDCGrantType(ty)) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				} | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 				oidcApps = append(oidcApps, &v1_pb.DataOIDCApplication{ | 
					
						
							|  |  |  | 					AppId: app.ID, | 
					
						
							|  |  |  | 					App: &management_pb.AddOIDCAppRequest{ | 
					
						
							|  |  |  | 						ProjectId:                app.ProjectID, | 
					
						
							|  |  |  | 						Name:                     app.Name, | 
					
						
							|  |  |  | 						RedirectUris:             app.OIDCConfig.RedirectURIs, | 
					
						
							|  |  |  | 						ResponseTypes:            responseTypes, | 
					
						
							|  |  |  | 						GrantTypes:               grantTypes, | 
					
						
							|  |  |  | 						AppType:                  app_pb.OIDCAppType(app.OIDCConfig.AppType), | 
					
						
							|  |  |  | 						AuthMethodType:           app_pb.OIDCAuthMethodType(app.OIDCConfig.AuthMethodType), | 
					
						
							|  |  |  | 						PostLogoutRedirectUris:   app.OIDCConfig.PostLogoutRedirectURIs, | 
					
						
							|  |  |  | 						Version:                  app_pb.OIDCVersion(app.OIDCConfig.Version), | 
					
						
							|  |  |  | 						DevMode:                  app.OIDCConfig.IsDevMode, | 
					
						
							|  |  |  | 						AccessTokenType:          app_pb.OIDCTokenType(app.OIDCConfig.AccessTokenType), | 
					
						
							|  |  |  | 						AccessTokenRoleAssertion: app.OIDCConfig.AssertAccessTokenRole, | 
					
						
							|  |  |  | 						IdTokenRoleAssertion:     app.OIDCConfig.AssertIDTokenRole, | 
					
						
							|  |  |  | 						IdTokenUserinfoAssertion: app.OIDCConfig.AssertIDTokenUserinfo, | 
					
						
							|  |  |  | 						ClockSkew:                durationpb.New(app.OIDCConfig.ClockSkew), | 
					
						
							|  |  |  | 						AdditionalOrigins:        app.OIDCConfig.AdditionalOrigins, | 
					
						
							| 
									
										
										
										
											2023-04-11 17:07:32 +02:00
										 |  |  | 						SkipNativeAppSuccessPage: app.OIDCConfig.SkipNativeAppSuccessPage, | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 					}, | 
					
						
							|  |  |  | 				}) | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			if app.APIConfig != nil { | 
					
						
							|  |  |  | 				apiApps = append(apiApps, &v1_pb.DataAPIApplication{ | 
					
						
							|  |  |  | 					AppId: app.ID, | 
					
						
							|  |  |  | 					App: &management_pb.AddAPIAppRequest{ | 
					
						
							|  |  |  | 						ProjectId:      app.ProjectID, | 
					
						
							|  |  |  | 						Name:           app.Name, | 
					
						
							|  |  |  | 						AuthMethodType: app_pb.APIAuthMethodType(app.APIConfig.AuthMethodType), | 
					
						
							|  |  |  | 					}, | 
					
						
							|  |  |  | 				}) | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			appIDQuery, err := query.NewAuthNKeyObjectIDQuery(app.ID) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, nil, nil, nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			projectIDQuery, err := query.NewAuthNKeyAggregateIDQuery(app.ProjectID) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, nil, nil, nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			orgIDQuery, err := query.NewAuthNKeyResourceOwnerQuery(org) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, nil, nil, nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2023-11-21 14:11:38 +02:00
										 |  |  | 			keys, err := s.query.SearchAuthNKeysData(ctx, &query.AuthNKeySearchQueries{Queries: []query.SearchQuery{appIDQuery, projectIDQuery, orgIDQuery}}) | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, nil, nil, nil, nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			for _, key := range keys.AuthNKeysData { | 
					
						
							|  |  |  | 				appKeys = append(appKeys, &v1_pb.DataAppKey{ | 
					
						
							|  |  |  | 					Id:             key.ID, | 
					
						
							|  |  |  | 					ProjectId:      app.ProjectID, | 
					
						
							|  |  |  | 					AppId:          app.ID, | 
					
						
							|  |  |  | 					Type:           authn_grpc.KeyTypeToPb(key.Type), | 
					
						
							|  |  |  | 					ExpirationDate: timestamppb.New(key.Expiration), | 
					
						
							|  |  |  | 					ClientId:       key.Identifier, | 
					
						
							|  |  |  | 					PublicKey:      key.PublicKey, | 
					
						
							|  |  |  | 				}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-10-18 16:07:30 +01:00
										 |  |  | 	return projects, orgProjectRoles, oidcApps, apiApps, appKeys, nil | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getNecessaryProjectGrantMembersForOrg(ctx context.Context, org string, processedProjects []string, processedGrants []string, processedUsers []string) ([]*management_pb.AddProjectGrantMemberRequest, error) { | 
					
						
							|  |  |  | 	projectMembers := make([]*management_pb.AddProjectGrantMemberRequest, 0) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for _, projectID := range processedProjects { | 
					
						
							|  |  |  | 		for _, grantID := range processedGrants { | 
					
						
							|  |  |  | 			search, err := query.NewMemberResourceOwnerSearchQuery(org) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 			queriedProjectMembers, err := s.query.ProjectGrantMembers(ctx, &query.ProjectGrantMembersQuery{ProjectID: projectID, OrgID: org, GrantID: grantID, MembersQuery: query.MembersQuery{Queries: []query.SearchQuery{search}}}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return nil, err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			for _, projectMember := range queriedProjectMembers.Members { | 
					
						
							|  |  |  | 				for _, userID := range processedUsers { | 
					
						
							|  |  |  | 					if userID == projectMember.UserID { | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 						projectMembers = append(projectMembers, &management_pb.AddProjectGrantMemberRequest{ | 
					
						
							|  |  |  | 							ProjectId: projectID, | 
					
						
							|  |  |  | 							UserId:    userID, | 
					
						
							|  |  |  | 							GrantId:   grantID, | 
					
						
							|  |  |  | 							Roles:     projectMember.Roles, | 
					
						
							|  |  |  | 						}) | 
					
						
							|  |  |  | 						break | 
					
						
							|  |  |  | 					} | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return projectMembers, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getNecessaryProjectMembersForOrg(ctx context.Context, processedProjects []string, processedUsers []string) ([]*management_pb.AddProjectMemberRequest, error) { | 
					
						
							|  |  |  | 	projectMembers := make([]*management_pb.AddProjectMemberRequest, 0) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	for _, projectID := range processedProjects { | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 		queriedProjectMembers, err := s.query.ProjectMembers(ctx, &query.ProjectMembersQuery{ProjectID: projectID}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		for _, projectMember := range queriedProjectMembers.Members { | 
					
						
							|  |  |  | 			for _, userID := range processedUsers { | 
					
						
							|  |  |  | 				if userID == projectMember.UserID { | 
					
						
							|  |  |  | 					projectMembers = append(projectMembers, &management_pb.AddProjectMemberRequest{ | 
					
						
							|  |  |  | 						ProjectId: projectID, | 
					
						
							|  |  |  | 						UserId:    userID, | 
					
						
							|  |  |  | 						Roles:     projectMember.Roles, | 
					
						
							|  |  |  | 					}) | 
					
						
							|  |  |  | 					break | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return projectMembers, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getNecessaryOrgMembersForOrg(ctx context.Context, org string, processedUsers []string) ([]*management_pb.AddOrgMemberRequest, error) { | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 	queriedOrgMembers, err := s.query.OrgMembers(ctx, &query.OrgMembersQuery{OrgID: org}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	orgMembers := make([]*management_pb.AddOrgMemberRequest, 0, len(queriedOrgMembers.Members)) | 
					
						
							|  |  |  | 	for _, orgMember := range queriedOrgMembers.Members { | 
					
						
							|  |  |  | 		for _, userID := range processedUsers { | 
					
						
							|  |  |  | 			if userID == orgMember.UserID { | 
					
						
							|  |  |  | 				orgMembers = append(orgMembers, &management_pb.AddOrgMemberRequest{ | 
					
						
							|  |  |  | 					UserId: orgMember.UserID, | 
					
						
							|  |  |  | 					Roles:  orgMember.Roles, | 
					
						
							|  |  |  | 				}) | 
					
						
							|  |  |  | 				break | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return orgMembers, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getNecessaryProjectGrantsForOrg(ctx context.Context, org string, processedOrgs []string, processedProjects []string) ([]*v1_pb.DataProjectGrant, error) { | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	projectGrantSearchOrg, err := query.NewProjectGrantResourceOwnerSearchQuery(org) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 	queriedProjectGrants, err := s.query.SearchProjectGrants(ctx, &query.ProjectGrantSearchQueries{Queries: []query.SearchQuery{projectGrantSearchOrg}}) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	projectGrants := make([]*v1_pb.DataProjectGrant, 0, len(queriedProjectGrants.ProjectGrants)) | 
					
						
							|  |  |  | 	for _, projectGrant := range queriedProjectGrants.ProjectGrants { | 
					
						
							|  |  |  | 		for _, projectID := range processedProjects { | 
					
						
							|  |  |  | 			if projectID == projectGrant.ProjectID { | 
					
						
							|  |  |  | 				foundOrg := false | 
					
						
							|  |  |  | 				for _, orgID := range processedOrgs { | 
					
						
							|  |  |  | 					if orgID == projectGrant.GrantedOrgID { | 
					
						
							|  |  |  | 						projectGrants = append(projectGrants, &v1_pb.DataProjectGrant{ | 
					
						
							|  |  |  | 							GrantId: projectGrant.GrantID, | 
					
						
							|  |  |  | 							ProjectGrant: &management_pb.AddProjectGrantRequest{ | 
					
						
							|  |  |  | 								ProjectId:    projectGrant.ProjectID, | 
					
						
							|  |  |  | 								GrantedOrgId: projectGrant.GrantedOrgID, | 
					
						
							|  |  |  | 								RoleKeys:     projectGrant.GrantedRoleKeys, | 
					
						
							|  |  |  | 							}, | 
					
						
							|  |  |  | 						}) | 
					
						
							|  |  |  | 						foundOrg = true | 
					
						
							|  |  |  | 						break | 
					
						
							|  |  |  | 					} | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 				if foundOrg { | 
					
						
							|  |  |  | 					break | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return projectGrants, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getNecessaryUserGrantsForOrg(ctx context.Context, org string, processedProjects []string, processedGrants []string, processedUsers []string) ([]*management_pb.AddUserGrantRequest, error) { | 
					
						
							|  |  |  | 	userGrantSearchOrg, err := query.NewUserGrantResourceOwnerSearchQuery(org) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-01-08 16:26:30 +01:00
										 |  |  | 	queriedUserGrants, err := s.query.UserGrants(ctx, &query.UserGrantsQueries{Queries: []query.SearchQuery{userGrantSearchOrg}}, true) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	userGrants := make([]*management_pb.AddUserGrantRequest, 0, len(queriedUserGrants.UserGrants)) | 
					
						
							|  |  |  | 	for _, userGrant := range queriedUserGrants.UserGrants { | 
					
						
							|  |  |  | 		for _, projectID := range processedProjects { | 
					
						
							|  |  |  | 			if projectID == userGrant.ProjectID { | 
					
						
							|  |  |  | 				//if usergrant is on a granted project | 
					
						
							|  |  |  | 				if userGrant.GrantID != "" { | 
					
						
							|  |  |  | 					for _, grantID := range processedGrants { | 
					
						
							|  |  |  | 						if grantID == userGrant.GrantID { | 
					
						
							|  |  |  | 							for _, userID := range processedUsers { | 
					
						
							|  |  |  | 								if userID == userGrant.UserID { | 
					
						
							|  |  |  | 									userGrants = append(userGrants, &management_pb.AddUserGrantRequest{ | 
					
						
							|  |  |  | 										UserId:         userGrant.UserID, | 
					
						
							|  |  |  | 										ProjectId:      userGrant.ProjectID, | 
					
						
							|  |  |  | 										ProjectGrantId: userGrant.GrantID, | 
					
						
							|  |  |  | 										RoleKeys:       userGrant.Roles, | 
					
						
							|  |  |  | 									}) | 
					
						
							|  |  |  | 								} | 
					
						
							|  |  |  | 							} | 
					
						
							|  |  |  | 						} | 
					
						
							|  |  |  | 					} | 
					
						
							|  |  |  | 				} else { | 
					
						
							|  |  |  | 					for _, userID := range processedUsers { | 
					
						
							|  |  |  | 						if userID == userGrant.UserID { | 
					
						
							|  |  |  | 							userGrants = append(userGrants, &management_pb.AddUserGrantRequest{ | 
					
						
							|  |  |  | 								UserId:         userGrant.UserID, | 
					
						
							|  |  |  | 								ProjectId:      userGrant.ProjectID, | 
					
						
							|  |  |  | 								ProjectGrantId: userGrant.GrantID, | 
					
						
							|  |  |  | 								RoleKeys:       userGrant.Roles, | 
					
						
							|  |  |  | 							}) | 
					
						
							|  |  |  | 						} | 
					
						
							|  |  |  | 					} | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return userGrants, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | func (s *Server) getCustomLoginTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomLoginTextsRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomLoginTextsRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							|  |  |  | 		text, err := s.query.GetCustomLoginTexts(ctx, org, lang) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomLoginTextsRequest{ | 
					
						
							|  |  |  | 				Language:                             lang, | 
					
						
							|  |  |  | 				SelectAccountText:                    text_grpc.SelectAccountScreenToPb(text.SelectAccount), | 
					
						
							|  |  |  | 				LoginText:                            text_grpc.LoginScreenTextToPb(text.Login), | 
					
						
							|  |  |  | 				PasswordText:                         text_grpc.PasswordScreenTextToPb(text.Password), | 
					
						
							|  |  |  | 				UsernameChangeText:                   text_grpc.UsernameChangeScreenTextToPb(text.UsernameChange), | 
					
						
							|  |  |  | 				UsernameChangeDoneText:               text_grpc.UsernameChangeDoneScreenTextToPb(text.UsernameChangeDone), | 
					
						
							|  |  |  | 				InitPasswordText:                     text_grpc.InitPasswordScreenTextToPb(text.InitPassword), | 
					
						
							|  |  |  | 				InitPasswordDoneText:                 text_grpc.InitPasswordDoneScreenTextToPb(text.InitPasswordDone), | 
					
						
							|  |  |  | 				EmailVerificationText:                text_grpc.EmailVerificationScreenTextToPb(text.EmailVerification), | 
					
						
							|  |  |  | 				EmailVerificationDoneText:            text_grpc.EmailVerificationDoneScreenTextToPb(text.EmailVerificationDone), | 
					
						
							|  |  |  | 				InitializeUserText:                   text_grpc.InitializeUserScreenTextToPb(text.InitUser), | 
					
						
							|  |  |  | 				InitializeDoneText:                   text_grpc.InitializeUserDoneScreenTextToPb(text.InitUserDone), | 
					
						
							|  |  |  | 				InitMfaPromptText:                    text_grpc.InitMFAPromptScreenTextToPb(text.InitMFAPrompt), | 
					
						
							|  |  |  | 				InitMfaOtpText:                       text_grpc.InitMFAOTPScreenTextToPb(text.InitMFAOTP), | 
					
						
							|  |  |  | 				InitMfaU2FText:                       text_grpc.InitMFAU2FScreenTextToPb(text.InitMFAU2F), | 
					
						
							|  |  |  | 				InitMfaDoneText:                      text_grpc.InitMFADoneScreenTextToPb(text.InitMFADone), | 
					
						
							|  |  |  | 				MfaProvidersText:                     text_grpc.MFAProvidersTextToPb(text.MFAProvider), | 
					
						
							|  |  |  | 				VerifyMfaOtpText:                     text_grpc.VerifyMFAOTPScreenTextToPb(text.VerifyMFAOTP), | 
					
						
							|  |  |  | 				VerifyMfaU2FText:                     text_grpc.VerifyMFAU2FScreenTextToPb(text.VerifyMFAU2F), | 
					
						
							|  |  |  | 				PasswordlessText:                     text_grpc.PasswordlessScreenTextToPb(text.Passwordless), | 
					
						
							|  |  |  | 				PasswordlessPromptText:               text_grpc.PasswordlessPromptScreenTextToPb(text.PasswordlessPrompt), | 
					
						
							|  |  |  | 				PasswordlessRegistrationText:         text_grpc.PasswordlessRegistrationScreenTextToPb(text.PasswordlessRegistration), | 
					
						
							|  |  |  | 				PasswordlessRegistrationDoneText:     text_grpc.PasswordlessRegistrationDoneScreenTextToPb(text.PasswordlessRegistrationDone), | 
					
						
							|  |  |  | 				PasswordChangeText:                   text_grpc.PasswordChangeScreenTextToPb(text.PasswordChange), | 
					
						
							|  |  |  | 				PasswordChangeDoneText:               text_grpc.PasswordChangeDoneScreenTextToPb(text.PasswordChangeDone), | 
					
						
							|  |  |  | 				PasswordResetDoneText:                text_grpc.PasswordResetDoneScreenTextToPb(text.PasswordResetDone), | 
					
						
							|  |  |  | 				RegistrationOptionText:               text_grpc.RegistrationOptionScreenTextToPb(text.RegisterOption), | 
					
						
							|  |  |  | 				RegistrationUserText:                 text_grpc.RegistrationUserScreenTextToPb(text.RegistrationUser), | 
					
						
							|  |  |  | 				ExternalRegistrationUserOverviewText: text_grpc.ExternalRegistrationUserOverviewScreenTextToPb(text.ExternalRegistrationUserOverview), | 
					
						
							|  |  |  | 				RegistrationOrgText:                  text_grpc.RegistrationOrgScreenTextToPb(text.RegistrationOrg), | 
					
						
							| 
									
										
										
										
											2024-04-10 17:46:30 +02:00
										 |  |  | 				LinkingUserPromptText:                text_grpc.LinkingUserPromptScreenTextToPb(text.LinkingUserPrompt), | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				LinkingUserDoneText:                  text_grpc.LinkingUserDoneScreenTextToPb(text.LinkingUsersDone), | 
					
						
							| 
									
										
										
										
											2022-12-01 12:31:46 +00:00
										 |  |  | 				ExternalUserNotFoundText:             text_grpc.ExternalUserNotFoundScreenTextToPb(text.ExternalNotFound), | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 				SuccessLoginText:                     text_grpc.SuccessLoginScreenTextToPb(text.LoginSuccess), | 
					
						
							|  |  |  | 				LogoutText:                           text_grpc.LogoutDoneScreenTextToPb(text.LogoutDone), | 
					
						
							|  |  |  | 				FooterText:                           text_grpc.FooterTextToPb(text.Footer), | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getCustomInitMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomInitMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomInitMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.InitCodeMessageType, lang, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomInitMessageTextRequest{ | 
					
						
							|  |  |  | 				Language:   lang, | 
					
						
							|  |  |  | 				Title:      text.Title, | 
					
						
							|  |  |  | 				PreHeader:  text.PreHeader, | 
					
						
							|  |  |  | 				Subject:    text.Subject, | 
					
						
							|  |  |  | 				Greeting:   text.Greeting, | 
					
						
							|  |  |  | 				Text:       text.Text, | 
					
						
							|  |  |  | 				ButtonText: text.ButtonText, | 
					
						
							|  |  |  | 				FooterText: text.Footer, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getCustomPasswordResetMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomPasswordResetMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomPasswordResetMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.PasswordResetMessageType, lang, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomPasswordResetMessageTextRequest{ | 
					
						
							|  |  |  | 				Language:   lang, | 
					
						
							|  |  |  | 				Title:      text.Title, | 
					
						
							|  |  |  | 				PreHeader:  text.PreHeader, | 
					
						
							|  |  |  | 				Subject:    text.Subject, | 
					
						
							|  |  |  | 				Greeting:   text.Greeting, | 
					
						
							|  |  |  | 				Text:       text.Text, | 
					
						
							|  |  |  | 				ButtonText: text.ButtonText, | 
					
						
							|  |  |  | 				FooterText: text.Footer, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getCustomVerifyEmailMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifyEmailMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomVerifyEmailMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifyEmailMessageType, lang, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomVerifyEmailMessageTextRequest{ | 
					
						
							|  |  |  | 				Language:   lang, | 
					
						
							|  |  |  | 				Title:      text.Title, | 
					
						
							|  |  |  | 				PreHeader:  text.PreHeader, | 
					
						
							|  |  |  | 				Subject:    text.Subject, | 
					
						
							|  |  |  | 				Greeting:   text.Greeting, | 
					
						
							|  |  |  | 				Text:       text.Text, | 
					
						
							|  |  |  | 				ButtonText: text.ButtonText, | 
					
						
							|  |  |  | 				FooterText: text.Footer, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getCustomVerifyPhoneMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifyPhoneMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomVerifyPhoneMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifyPhoneMessageType, lang, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomVerifyPhoneMessageTextRequest{ | 
					
						
							|  |  |  | 				Language:   lang, | 
					
						
							|  |  |  | 				Title:      text.Title, | 
					
						
							|  |  |  | 				PreHeader:  text.PreHeader, | 
					
						
							|  |  |  | 				Subject:    text.Subject, | 
					
						
							|  |  |  | 				Greeting:   text.Greeting, | 
					
						
							|  |  |  | 				Text:       text.Text, | 
					
						
							|  |  |  | 				ButtonText: text.ButtonText, | 
					
						
							|  |  |  | 				FooterText: text.Footer, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-08-09 07:49:12 +02:00
										 |  |  | func (s *Server) getCustomVerifySMSOTPMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifySMSOTPMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomVerifySMSOTPMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							|  |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifySMSOTPMessageType, lang, false) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomVerifySMSOTPMessageTextRequest{ | 
					
						
							|  |  |  | 				Language: lang, | 
					
						
							|  |  |  | 				Text:     text.Text, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getCustomVerifyEmailOTPMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifyEmailOTPMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomVerifyEmailOTPMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							|  |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifyEmailOTPMessageType, lang, false) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomVerifyEmailOTPMessageTextRequest{ | 
					
						
							|  |  |  | 				Language:   lang, | 
					
						
							|  |  |  | 				Title:      text.Title, | 
					
						
							|  |  |  | 				PreHeader:  text.PreHeader, | 
					
						
							|  |  |  | 				Subject:    text.Subject, | 
					
						
							|  |  |  | 				Greeting:   text.Greeting, | 
					
						
							|  |  |  | 				Text:       text.Text, | 
					
						
							|  |  |  | 				ButtonText: text.ButtonText, | 
					
						
							|  |  |  | 				FooterText: text.Footer, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | func (s *Server) getCustomDomainClaimedMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomDomainClaimedMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomDomainClaimedMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.DomainClaimedMessageType, lang, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomDomainClaimedMessageTextRequest{ | 
					
						
							|  |  |  | 				Language:   lang, | 
					
						
							|  |  |  | 				Title:      text.Title, | 
					
						
							|  |  |  | 				PreHeader:  text.PreHeader, | 
					
						
							|  |  |  | 				Subject:    text.Subject, | 
					
						
							|  |  |  | 				Greeting:   text.Greeting, | 
					
						
							|  |  |  | 				Text:       text.Text, | 
					
						
							|  |  |  | 				ButtonText: text.ButtonText, | 
					
						
							|  |  |  | 				FooterText: text.Footer, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (s *Server) getCustomPasswordlessRegistrationMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomPasswordlessRegistrationMessageTextRequest, error) { | 
					
						
							|  |  |  | 	customTexts := make([]*management_pb.SetCustomPasswordlessRegistrationMessageTextRequest, 0, len(languages)) | 
					
						
							|  |  |  | 	for _, lang := range languages { | 
					
						
							| 
									
										
										
										
											2022-11-30 17:01:17 +01:00
										 |  |  | 		text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.DomainClaimedMessageType, lang, false) | 
					
						
							| 
									
										
										
										
											2022-07-28 15:42:35 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		if !text.IsDefault { | 
					
						
							|  |  |  | 			customTexts = append(customTexts, &management_pb.SetCustomPasswordlessRegistrationMessageTextRequest{ | 
					
						
							|  |  |  | 				Language:   lang, | 
					
						
							|  |  |  | 				Title:      text.Title, | 
					
						
							|  |  |  | 				PreHeader:  text.PreHeader, | 
					
						
							|  |  |  | 				Subject:    text.Subject, | 
					
						
							|  |  |  | 				Greeting:   text.Greeting, | 
					
						
							|  |  |  | 				Text:       text.Text, | 
					
						
							|  |  |  | 				ButtonText: text.ButtonText, | 
					
						
							|  |  |  | 				FooterText: text.Footer, | 
					
						
							|  |  |  | 			}) | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	return customTexts, nil | 
					
						
							|  |  |  | } |