zitadel/internal/query/zitadel_permission.go

package query

import (
	"context"

	"github.com/caos/zitadel/internal/domain"
)

func (q *Queries) MyZitadelPermissions(ctx context.Context, userID string) (*domain.Permissions, error) {
	userIDQuery, err := NewMembershipUserIDQuery(userID)
	if err != nil {
		return nil, err
	}
	memberships, err := q.Memberships(ctx, &MembershipSearchQuery{
		Queries: []SearchQuery{userIDQuery},
	})
	if err != nil {
		return nil, err
	}
	permissions := &domain.Permissions{Permissions: []string{}}
	for _, membership := range memberships.Memberships {
		for _, role := range membership.Roles {
			permissions = q.mapRoleToPermission(permissions, membership, role)
		}
	}
	return permissions, nil
}

func (q *Queries) mapRoleToPermission(permissions *domain.Permissions, membership *Membership, role string) *domain.Permissions {
	for _, mapping := range q.zitadelRoles {
		if mapping.Role == role {
			ctxID := ""
			if membership.Project != nil {
				ctxID = membership.Project.ProjectID
			} else if membership.ProjectGrant != nil {
				ctxID = membership.ProjectGrant.GrantID
			}
			permissions.AppendPermissions(ctxID, mapping.Permissions...)
		}
	}
	return permissions
}
fix: move activity log to queries and remove old code (#3096) * move changes to queries and remove old code * fix changes query * remove unused code * fix sorting * fix sorting * refactor and remove old code * remove accidental go.mod replace * add missing file * remove listDetail from ChangesResponse 2022-01-26 09:16:33 +00:00			`package query`

			`import (`
			`"context"`

			`"github.com/caos/zitadel/internal/domain"`
			`)`

			`func (q Queries) MyZitadelPermissions(ctx context.Context, userID string) (domain.Permissions, error) {`
			`userIDQuery, err := NewMembershipUserIDQuery(userID)`
			`if err != nil {`
			`return nil, err`
			`}`
			`memberships, err := q.Memberships(ctx, &MembershipSearchQuery{`
			`Queries: []SearchQuery{userIDQuery},`
			`})`
			`if err != nil {`
			`return nil, err`
			`}`
			`permissions := &domain.Permissions{Permissions: []string{}}`
			`for _, membership := range memberships.Memberships {`
			`for _, role := range membership.Roles {`
			`permissions = q.mapRoleToPermission(permissions, membership, role)`
			`}`
			`}`
			`return permissions, nil`
			`}`

			`func (q Queries) mapRoleToPermission(permissions domain.Permissions, membership Membership, role string) domain.Permissions {`
			`for _, mapping := range q.zitadelRoles {`
			`if mapping.Role == role {`
			`ctxID := ""`
			`if membership.Project != nil {`
			`ctxID = membership.Project.ProjectID`
			`} else if membership.ProjectGrant != nil {`
			`ctxID = membership.ProjectGrant.GrantID`
			`}`
			`permissions.AppendPermissions(ctxID, mapping.Permissions...)`
			`}`
			`}`
			`return permissions`
			`}`