fix: new es fix (#1532)

* fix: handle ListMyProjectOrgsRequestToModel queries * fix: sort orgs for admin org list by org name * fix: features converters * fix: remove last role from user grant * fix: ensure limit * fix: ensure limit Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2024-12-12 02:54:20 +00:00 · 2021-04-06 16:03:07 +02:00 · 2021-04-06 16:03:07 +02:00 · 08bfec6652
commit 08bfec6652
parent efc90b382c
38 changed files with 325 additions and 79 deletions
--- a/internal/admin/repository/eventsourcing/eventstore/iam.go
+++ b/internal/admin/repository/eventsourcing/eventstore/iam.go
@ -37,7 +37,10 @@ func (repo *IAMRepository) IAMMemberByID(ctx context.Context, iamID, userID stri
 }

 func (repo *IAMRepository) SearchIAMMembers(ctx context.Context, request *iam_model.IAMMemberSearchRequest) (*iam_model.IAMMemberSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, err := repo.View.GetLatestIAMMemberSequence()
 	logging.Log("EVENT-Slkci").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest iam sequence")
 	members, count, err := repo.View.SearchIAMMembers(request)
@ -101,7 +104,10 @@ func (repo *IAMRepository) ExternalIDPsByIDPConfigIDFromDefaultPolicy(ctx contex
 }

 func (repo *IAMRepository) SearchIDPConfigs(ctx context.Context, request *iam_model.IDPConfigSearchRequest) (*iam_model.IDPConfigSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, err := repo.View.GetLatestIDPConfigSequence()
 	logging.Log("EVENT-Dk8si").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest idp config sequence")
 	idps, count, err := repo.View.SearchIDPConfigs(request)
@ -147,7 +153,10 @@ func (repo *IAMRepository) GetDefaultLoginPolicy(ctx context.Context) (*iam_mode
 }

 func (repo *IAMRepository) SearchDefaultIDPProviders(ctx context.Context, request *iam_model.IDPProviderSearchRequest) (*iam_model.IDPProviderSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	request.AppendAggregateIDQuery(repo.SystemDefaults.IamID)
 	sequence, err := repo.View.GetLatestIDPProviderSequence()
 	logging.Log("EVENT-Tuiks").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest iam sequence")
@ -307,7 +316,10 @@ func (repo *IAMRepository) GetDefaultMailTemplate(ctx context.Context) (*iam_mod
 }

 func (repo *IAMRepository) SearchIAMMembersx(ctx context.Context, request *iam_model.IAMMemberSearchRequest) (*iam_model.IAMMemberSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, err := repo.View.GetLatestIAMMemberSequence()
 	logging.Log("EVENT-Slkci").OnError(err).Warn("could not read latest iam sequence")
 	members, count, err := repo.View.SearchIAMMembers(request)
--- a/internal/admin/repository/eventsourcing/eventstore/org.go
+++ b/internal/admin/repository/eventsourcing/eventstore/org.go
@ -54,7 +54,10 @@ func (repo *OrgRepo) OrgByID(ctx context.Context, id string) (*org_model.OrgView
 }

 func (repo *OrgRepo) SearchOrgs(ctx context.Context, query *org_model.OrgSearchRequest) (*org_model.OrgSearchResult, error) {
-	query.EnsureLimit(repo.SearchLimit)
+	err := query.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, err := repo.View.GetLatestOrgSequence()
 	logging.Log("EVENT-LXo9w").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest iam sequence")
 	orgs, count, err := repo.View.SearchOrgs(query)
--- a/internal/api/grpc/admin/features.go
+++ b/internal/api/grpc/admin/features.go
@ -69,6 +69,8 @@ func setDefaultFeaturesRequestToDomain(req *admin_pb.SetDefaultFeaturesRequest)
 		LoginPolicyPasswordless:  req.LoginPolicyPasswordless,
 		LoginPolicyRegistration:  req.LoginPolicyRegistration,
 		LoginPolicyUsernameLogin: req.LoginPolicyUsernameLogin,
+		PasswordComplexityPolicy: req.PasswordComplexityPolicy,
+		LabelPolicy:              req.LabelPolicy,
 	}
 }

@ -84,5 +86,7 @@ func setOrgFeaturesRequestToDomain(req *admin_pb.SetOrgFeaturesRequest) *domain.
 		LoginPolicyPasswordless:  req.LoginPolicyPasswordless,
 		LoginPolicyRegistration:  req.LoginPolicyRegistration,
 		LoginPolicyUsernameLogin: req.LoginPolicyUsernameLogin,
+		PasswordComplexityPolicy: req.PasswordComplexityPolicy,
+		LabelPolicy:              req.LabelPolicy,
 	}
 }
--- a/internal/api/grpc/auth/user.go
+++ b/internal/api/grpc/auth/user.go
@ -82,7 +82,11 @@ func (s *Server) ListMyUserGrants(ctx context.Context, req *auth_pb.ListMyUserGr
 }

 func (s *Server) ListMyProjectOrgs(ctx context.Context, req *auth_pb.ListMyProjectOrgsRequest) (*auth_pb.ListMyProjectOrgsResponse, error) {
-	res, err := s.repo.SearchMyProjectOrgs(ctx, ListMyProjectOrgsRequestToModel(req))
+	r, err := ListMyProjectOrgsRequestToModel(req)
+	if err != nil {
+		return nil, err
+	}
+	res, err := s.repo.SearchMyProjectOrgs(ctx, r)
 	if err != nil {
 		return nil, err
 	}
@ -93,12 +97,16 @@ func (s *Server) ListMyProjectOrgs(ctx context.Context, req *auth_pb.ListMyProje
 	}, nil
 }

-func ListMyProjectOrgsRequestToModel(req *auth_pb.ListMyProjectOrgsRequest) *grant_model.UserGrantSearchRequest {
+func ListMyProjectOrgsRequestToModel(req *auth_pb.ListMyProjectOrgsRequest) (*grant_model.UserGrantSearchRequest, error) {
 	offset, limit, asc := object.ListQueryToModel(req.Query)
-	return &grant_model.UserGrantSearchRequest{
-		Offset: offset,
-		Limit:  limit,
-		Asc:    asc,
-		// Queries: queries,//TODO:user grant queries missing in proto
+	queries, err := org.OrgQueriesToUserGrantModel(req.Queries)
+	if err != nil {
+		return nil, err
 	}
+	return &grant_model.UserGrantSearchRequest{
+		Offset:  offset,
+		Limit:   limit,
+		Asc:     asc,
+		Queries: queries,
+	}, nil
 }
--- a/internal/api/grpc/features/features.go
+++ b/internal/api/grpc/features/features.go
@ -21,6 +21,8 @@ func FeaturesFromModel(features *features_model.FeaturesView) *features_pb.Featu
 		LoginPolicyPasswordless:  features.LoginPolicyPasswordless,
 		LoginPolicyRegistration:  features.LoginPolicyRegistration,
 		LoginPolicyUsernameLogin: features.LoginPolicyUsernameLogin,
+		PasswordComplexityPolicy: features.PasswordComplexityPolicy,
+		LabelPolicy:              features.LabelPolicy,
 	}
 }

--- a/internal/api/grpc/org/converter.go
+++ b/internal/api/grpc/org/converter.go
@ -39,6 +39,36 @@ func OrgQueryToModel(query *org_pb.OrgQuery) (*org_model.OrgSearchQuery, error)
 	}
 }

+func OrgQueriesToUserGrantModel(queries []*org_pb.OrgQuery) (_ []*grant_model.UserGrantSearchQuery, err error) {
+	q := make([]*grant_model.UserGrantSearchQuery, len(queries))
+	for i, query := range queries {
+		q[i], err = OrgQueryToUserGrantQueryModel(query)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return q, nil
+}
+
+func OrgQueryToUserGrantQueryModel(query *org_pb.OrgQuery) (*grant_model.UserGrantSearchQuery, error) {
+	switch q := query.Query.(type) {
+	case *org_pb.OrgQuery_DomainQuery:
+		return &grant_model.UserGrantSearchQuery{
+			Key:    grant_model.UserGrantSearchKeyOrgDomain,
+			Method: object.TextMethodToModel(q.DomainQuery.Method),
+			Value:  q.DomainQuery.Domain,
+		}, nil
+	case *org_pb.OrgQuery_NameQuery:
+		return &grant_model.UserGrantSearchQuery{
+			Key:    grant_model.UserGrantSearchKeyOrgName,
+			Method: object.TextMethodToModel(q.NameQuery.Method),
+			Value:  q.NameQuery.Name,
+		}, nil
+	default:
+		return nil, errors.ThrowInvalidArgument(nil, "ADMIN-ADvsd", "List.Query.Invalid")
+	}
+}
+
 func OrgViewsToPb(orgs []*org_model.OrgView) []*org_pb.Org {
 	o := make([]*org_pb.Org, len(orgs))
 	for i, org := range orgs {
--- a/internal/auth/repository/eventsourcing/eventstore/org.go
+++ b/internal/auth/repository/eventsourcing/eventstore/org.go
@ -29,7 +29,10 @@ type OrgRepository struct {
 }

 func (repo *OrgRepository) SearchOrgs(ctx context.Context, request *org_model.OrgSearchRequest) (*org_model.OrgSearchResult, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, err := repo.View.GetLatestOrgSequence()
 	logging.Log("EVENT-7Udhz").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest org sequence")
 	members, count, err := repo.View.SearchOrgs(request)
--- a/internal/auth/repository/eventsourcing/eventstore/user.go
+++ b/internal/auth/repository/eventsourcing/eventstore/user.go
@ -50,7 +50,10 @@ func (repo *UserRepo) MyProfile(ctx context.Context) (*model.Profile, error) {
 }

 func (repo *UserRepo) SearchMyExternalIDPs(ctx context.Context, request *model.ExternalIDPSearchRequest) (*model.ExternalIDPSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, seqErr := repo.View.GetLatestExternalIDPSequence()
 	logging.Log("EVENT-5Jsi8").OnError(seqErr).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest user sequence")
 	request.AppendUserQuery(authz.GetCtxData(ctx).UserID)
--- a/internal/auth/repository/eventsourcing/eventstore/user_grant.go
+++ b/internal/auth/repository/eventsourcing/eventstore/user_grant.go
@ -27,7 +27,10 @@ type UserGrantRepo struct {
 }

 func (repo *UserGrantRepo) SearchMyUserGrants(ctx context.Context, request *grant_model.UserGrantSearchRequest) (*grant_model.UserGrantSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, err := repo.View.GetLatestUserGrantSequence()
 	logging.Log("EVENT-Hd7s3").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest user grant sequence")
 	request.Queries = append(request.Queries, &grant_model.UserGrantSearchQuery{Key: grant_model.UserGrantSearchKeyUserID, Method: domain.SearchMethodEquals, Value: authz.GetCtxData(ctx).UserID})
@ -49,12 +52,15 @@ func (repo *UserGrantRepo) SearchMyUserGrants(ctx context.Context, request *gran
 }

 func (repo *UserGrantRepo) SearchMyProjectOrgs(ctx context.Context, request *grant_model.UserGrantSearchRequest) (*grant_model.ProjectOrgSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	ctxData := authz.GetCtxData(ctx)
 	if ctxData.ProjectID == "" {
 		return nil, caos_errs.ThrowPreconditionFailed(nil, "APP-7lqva", "Could not get ProjectID")
 	}
-	err := repo.AuthZRepo.FillIamProjectID(ctx)
+	err = repo.AuthZRepo.FillIamProjectID(ctx)
 	if err != nil {
 		return nil, err
 	}
@ -94,7 +100,10 @@ func membershipsToOrgResp(memberships []*user_view_model.UserMembershipView, cou
 }

 func (repo *UserGrantRepo) SearchMyUserMemberships(ctx context.Context, request *user_model.UserMembershipSearchRequest) (*user_model.UserMembershipSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestUserMembershipSequence()
 	logging.Log("EVENT-Dn7sf").OnError(sequenceErr).Warn("could not read latest user sequence")

@ -185,7 +194,9 @@ func (repo *UserGrantRepo) SearchMyProjectPermissions(ctx context.Context) ([]st
 }

 func (repo *UserGrantRepo) SearchAdminOrgs(request *grant_model.UserGrantSearchRequest) (*grant_model.ProjectOrgSearchResponse, error) {
-	searchRequest := &org_model.OrgSearchRequest{}
+	searchRequest := &org_model.OrgSearchRequest{
+		SortingColumn: org_model.OrgSearchKeyOrgName,
+	}
 	if len(request.Queries) > 0 {
 		for _, q := range request.Queries {
 			if q.Key == grant_model.UserGrantSearchKeyOrgName {
--- a/internal/iam/model/iam_member_view.go
+++ b/internal/iam/model/iam_member_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -55,8 +57,12 @@ type IAMMemberSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *IAMMemberSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *IAMMemberSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-vn8ds", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/iam/model/idp_config_view.go
+++ b/internal/iam/model/idp_config_view.go
@ -3,6 +3,8 @@ package model
 import (
 	"github.com/caos/zitadel/internal/crypto"
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -59,10 +61,14 @@ type IDPConfigSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *IDPConfigSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *IDPConfigSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-Mv9sd", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func (r *IDPConfigSearchRequest) AppendMyOrgQuery(orgID, iamID string) {
--- a/internal/iam/model/idp_provider_view.go
+++ b/internal/iam/model/idp_provider_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -51,10 +53,14 @@ type IDPProviderSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *IDPProviderSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *IDPProviderSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-3n8fs", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func (r *IDPProviderSearchRequest) AppendAggregateIDQuery(aggregateID string) {
--- a/internal/key/model/authn_key.go
+++ b/internal/key/model/authn_key.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"

 	"github.com/caos/zitadel/internal/eventstore/v1/models"
@ -90,10 +92,14 @@ type AuthNKeySearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *AuthNKeySearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *AuthNKeySearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-f9ids", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func DefaultExpiration() (time.Time, error) {
--- a/internal/key/model/key_view.go
+++ b/internal/key/model/key_view.go
@ -65,10 +65,14 @@ type KeySearchResponse struct {
 	Result      []*KeyView
 }

-func (r *KeySearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *KeySearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return errors.ThrowInvalidArgument(nil, "SEARCH-Mf9sd", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func SigningKeyFromKeyView(key *KeyView, alg crypto.EncryptionAlgorithm) (*SigningKey, error) {
--- a/internal/management/repository/eventsourcing/eventstore/org.go
+++ b/internal/management/repository/eventsourcing/eventstore/org.go
@ -73,7 +73,10 @@ func (repo *OrgRepository) GetMyOrgIamPolicy(ctx context.Context) (*iam_model.Or
 }

 func (repo *OrgRepository) SearchMyOrgDomains(ctx context.Context, request *org_model.OrgDomainSearchRequest) (*org_model.OrgDomainSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	request.Queries = append(request.Queries, &org_model.OrgDomainSearchQuery{Key: org_model.OrgDomainSearchKeyOrgID, Method: domain.SearchMethodEquals, Value: authz.GetCtxData(ctx).OrgID})
 	sequence, sequenceErr := repo.View.GetLatestOrgDomainSequence()
 	logging.Log("EVENT-SLowp").OnError(sequenceErr).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest org domain sequence")
@ -123,7 +126,10 @@ func (repo *OrgRepository) OrgMemberByID(ctx context.Context, orgID, userID stri
 }

 func (repo *OrgRepository) SearchMyOrgMembers(ctx context.Context, request *org_model.OrgMemberSearchRequest) (*org_model.OrgMemberSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	request.Queries = append(request.Queries, &org_model.OrgMemberSearchQuery{Key: org_model.OrgMemberSearchKeyOrgID, Method: domain.SearchMethodEquals, Value: authz.GetCtxData(ctx).OrgID})
 	sequence, sequenceErr := repo.View.GetLatestOrgMemberSequence()
 	logging.Log("EVENT-Smu3d").OnError(sequenceErr).Warn("could not read latest org member sequence")
@ -163,7 +169,10 @@ func (repo *OrgRepository) IDPConfigByID(ctx context.Context, idpConfigID string
 }

 func (repo *OrgRepository) SearchIDPConfigs(ctx context.Context, request *iam_model.IDPConfigSearchRequest) (*iam_model.IDPConfigSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	request.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID, repo.SystemDefaults.IamID)

 	sequence, sequenceErr := repo.View.GetLatestIDPConfigSequence()
@ -295,7 +304,10 @@ func (repo *OrgRepository) SearchIDPProviders(ctx context.Context, request *iam_
 	} else {
 		request.AppendAggregateIDQuery(authz.GetCtxData(ctx).OrgID)
 	}
-	request.EnsureLimit(repo.SearchLimit)
+	err = request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestIDPProviderSequence()
 	logging.Log("EVENT-Tuiks").OnError(sequenceErr).Warn("could not read latest iam sequence")
 	providers, count, err := repo.View.SearchIDPProviders(request)
--- a/internal/management/repository/eventsourcing/eventstore/project.go
+++ b/internal/management/repository/eventsourcing/eventstore/project.go
@ -71,7 +71,10 @@ func (repo *ProjectRepo) ProjectByID(ctx context.Context, id string) (*proj_mode
 }

 func (repo *ProjectRepo) SearchProjects(ctx context.Context, request *proj_model.ProjectViewSearchRequest) (*proj_model.ProjectViewSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestProjectSequence()
 	logging.Log("EVENT-Edc56").OnError(sequenceErr).Warn("could not read latest project sequence")

@ -138,7 +141,10 @@ func (repo *ProjectRepo) ProjectMemberByID(ctx context.Context, projectID, userI
 }

 func (repo *ProjectRepo) SearchProjectMembers(ctx context.Context, request *proj_model.ProjectMemberSearchRequest) (*proj_model.ProjectMemberSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestProjectMemberSequence()
 	logging.Log("EVENT-3dgt6").OnError(sequenceErr).Warn("could not read latest project member sequence")
 	members, count, err := repo.View.SearchProjectMembers(request)
@ -159,7 +165,10 @@ func (repo *ProjectRepo) SearchProjectMembers(ctx context.Context, request *proj
 }

 func (repo *ProjectRepo) SearchProjectRoles(ctx context.Context, projectID string, request *proj_model.ProjectRoleSearchRequest) (*proj_model.ProjectRoleSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	request.AppendProjectQuery(projectID)
 	sequence, sequenceErr := repo.View.GetLatestProjectRoleSequence()
 	logging.Log("LSp0d-47suf").OnError(sequenceErr).Warn("could not read latest project role sequence")
@ -235,7 +244,10 @@ func (repo *ProjectRepo) ApplicationByID(ctx context.Context, projectID, appID s
 }

 func (repo *ProjectRepo) SearchApplications(ctx context.Context, request *proj_model.ApplicationSearchRequest) (*proj_model.ApplicationSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestApplicationSequence()
 	logging.Log("EVENT-SKe8s").OnError(sequenceErr).Warn("could not read latest application sequence")
 	apps, count, err := repo.View.SearchApplications(request)
@ -276,7 +288,10 @@ func (repo *ProjectRepo) ApplicationChanges(ctx context.Context, projectID strin
 }

 func (repo *ProjectRepo) SearchClientKeys(ctx context.Context, request *key_model.AuthNKeySearchRequest) (*key_model.AuthNKeySearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestAuthNKeySequence()
 	logging.Log("EVENT-ADwgw").OnError(sequenceErr).Warn("could not read latest authn key sequence")
 	keys, count, err := repo.View.SearchAuthNKeys(request)
@ -342,7 +357,10 @@ func (repo *ProjectRepo) ProjectGrantsByProjectIDAndRoleKey(ctx context.Context,
 }

 func (repo *ProjectRepo) SearchProjectGrants(ctx context.Context, request *proj_model.ProjectGrantViewSearchRequest) (*proj_model.ProjectGrantViewSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestProjectGrantSequence()
 	logging.Log("EVENT-Skw9f").OnError(sequenceErr).Warn("could not read latest project grant sequence")
 	projects, count, err := repo.View.SearchProjectGrants(request)
@ -363,7 +381,10 @@ func (repo *ProjectRepo) SearchProjectGrants(ctx context.Context, request *proj_
 }

 func (repo *ProjectRepo) SearchGrantedProjects(ctx context.Context, request *proj_model.ProjectGrantViewSearchRequest) (*proj_model.ProjectGrantViewSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestProjectGrantSequence()
 	logging.Log("EVENT-Skw9f").OnError(sequenceErr).Warn("could not read latest project grant sequence")

@ -422,7 +443,10 @@ func (repo *ProjectRepo) ProjectGrantMemberByID(ctx context.Context, projectID,
 }

 func (repo *ProjectRepo) SearchProjectGrantMembers(ctx context.Context, request *proj_model.ProjectGrantMemberSearchRequest) (*proj_model.ProjectGrantMemberSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestProjectGrantMemberSequence()
 	logging.Log("EVENT-Du8sk").OnError(sequenceErr).Warn("could not read latest project grant sequence")
 	members, count, err := repo.View.SearchProjectGrantMembers(request)
--- a/internal/management/repository/eventsourcing/eventstore/user.go
+++ b/internal/management/repository/eventsourcing/eventstore/user.go
@ -60,7 +60,10 @@ func (repo *UserRepo) UserByID(ctx context.Context, id string) (*usr_model.UserV
 }

 func (repo *UserRepo) SearchUsers(ctx context.Context, request *usr_model.UserSearchRequest) (*usr_model.UserSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestUserSequence()
 	logging.Log("EVENT-Lcn7d").OnError(sequenceErr).Warn("could not read latest user sequence")
 	users, count, err := repo.View.SearchUsers(request)
@ -157,7 +160,10 @@ func (repo *UserRepo) ProfileByID(ctx context.Context, userID string) (*usr_mode
 }

 func (repo *UserRepo) SearchExternalIDPs(ctx context.Context, request *usr_model.ExternalIDPSearchRequest) (*usr_model.ExternalIDPSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, seqErr := repo.View.GetLatestExternalIDPSequence()
 	logging.Log("EVENT-Qs7uf").OnError(seqErr).Warn("could not read latest external idp sequence")
 	externalIDPS, count, err := repo.View.SearchExternalIDPs(request)
@ -202,7 +208,10 @@ func (repo *UserRepo) GetMachineKey(ctx context.Context, userID, keyID string) (
 }

 func (repo *UserRepo) SearchMachineKeys(ctx context.Context, request *key_model.AuthNKeySearchRequest) (*key_model.AuthNKeySearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, seqErr := repo.View.GetLatestAuthNKeySequence()
 	logging.Log("EVENT-Sk8fs").OnError(seqErr).Warn("could not read latest authn key sequence")
 	keys, count, err := repo.View.SearchAuthNKeys(request)
@ -256,7 +265,10 @@ func (repo *UserRepo) AddressByID(ctx context.Context, userID string) (*usr_mode
 }

 func (repo *UserRepo) SearchUserMemberships(ctx context.Context, request *usr_model.UserMembershipSearchRequest) (*usr_model.UserMembershipSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestUserMembershipSequence()
 	logging.Log("EVENT-Dn7sf").OnError(sequenceErr).Warn("could not read latest user sequence")

--- a/internal/management/repository/eventsourcing/eventstore/user_grant.go
+++ b/internal/management/repository/eventsourcing/eventstore/user_grant.go
@ -58,7 +58,10 @@ func (repo *UserGrantRepo) UserGrantsByUserID(ctx context.Context, userID string
 }

 func (repo *UserGrantRepo) SearchUserGrants(ctx context.Context, request *grant_model.UserGrantSearchRequest) (*grant_model.UserGrantSearchResponse, error) {
-	request.EnsureLimit(repo.SearchLimit)
+	err := request.EnsureLimit(repo.SearchLimit)
+	if err != nil {
+		return nil, err
+	}
 	sequence, sequenceErr := repo.View.GetLatestUserGrantSequence()
 	logging.Log("EVENT-5Viwf").OnError(sequenceErr).Warn("could not read latest user grant sequence")

--- a/internal/org/model/domain_view.go
+++ b/internal/org/model/domain_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -48,8 +50,12 @@ type OrgDomainSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *OrgDomainSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *OrgDomainSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-38fhs", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/org/model/org_member_view.go
+++ b/internal/org/model/org_member_view.go
@ -4,6 +4,7 @@ import (
 	"time"

 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
 )

 type OrgMemberView struct {
@ -56,8 +57,12 @@ type OrgMemberSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *OrgMemberSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *OrgMemberSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-77fu3", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/org/model/org_view.go
+++ b/internal/org/model/org_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"

 	"github.com/caos/zitadel/internal/eventstore/v1/models"
@ -52,10 +54,14 @@ type OrgSearchResult struct {
 	Timestamp   time.Time
 }

-func (r *OrgSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *OrgSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-200ds", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func OrgViewToOrg(o *OrgView) *Org {
--- a/internal/org/repository/view/org_view.go
+++ b/internal/org/repository/view/org_view.go
@ -31,7 +31,7 @@ func OrgByPrimaryDomain(db *gorm.DB, table, primaryDomain string) (*model.OrgVie

 func SearchOrgs(db *gorm.DB, table string, req *org_model.OrgSearchRequest) ([]*model.OrgView, uint64, error) {
 	orgs := make([]*model.OrgView, 0)
-	query := repository.PrepareSearchQuery(table, model.OrgSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	query := repository.PrepareSearchQuery(table, model.OrgSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries, SortingColumn: req.SortingColumn})
 	count, err := query(db, &orgs)
 	if err != nil {
 		return nil, 0, err
--- a/internal/project/model/application_view.go
+++ b/internal/project/model/application_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -70,8 +72,12 @@ type ApplicationSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *ApplicationSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *ApplicationSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-3Mf8s", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/project/model/project_grant_member_view.go
+++ b/internal/project/model/project_grant_member_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -57,8 +59,12 @@ type ProjectGrantMemberSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *ProjectGrantMemberSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *ProjectGrantMemberSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-ZT8df", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/project/model/project_grant_view.go
+++ b/internal/project/model/project_grant_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -77,8 +79,12 @@ func (r *ProjectGrantViewSearchRequest) AppendMyResourceOwnerQuery(orgID string)
 	r.Queries = append(r.Queries, &ProjectGrantViewSearchQuery{Key: GrantedProjectSearchKeyResourceOwner, Method: domain.SearchMethodEquals, Value: orgID})
 }

-func (r *ProjectGrantViewSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *ProjectGrantViewSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-2n8fS", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/project/model/project_member_view.go
+++ b/internal/project/model/project_member_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -55,10 +57,14 @@ type ProjectMemberSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *ProjectMemberSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *ProjectMemberSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-389Nd", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
 func (r *ProjectMemberSearchRequest) AppendProjectQuery(projectID string) {
 	r.Queries = append(r.Queries, &ProjectMemberSearchQuery{Key: ProjectMemberSearchKeyProjectID, Method: domain.SearchMethodEquals, Value: projectID})
--- a/internal/project/model/project_role_view.go
+++ b/internal/project/model/project_role_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -58,8 +60,12 @@ func (r *ProjectRoleSearchRequest) AppendProjectQuery(projectID string) {
 	r.Queries = append(r.Queries, &ProjectRoleSearchQuery{Key: ProjectRoleSearchKeyProjectID, Method: domain.SearchMethodEquals, Value: projectID})
 }

-func (r *ProjectRoleSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *ProjectRoleSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-92hNf", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/project/model/project_view.go
+++ b/internal/project/model/project_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -62,8 +64,12 @@ func (r *ProjectViewSearchRequest) AppendMyResourceOwnerQuery(orgID string) {
 	r.Queries = append(r.Queries, &ProjectViewSearchQuery{Key: ProjectViewSearchKeyResourceOwner, Method: domain.SearchMethodEquals, Value: orgID})
 }

-func (r *ProjectViewSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *ProjectViewSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-2M0ds", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/repository/features/features.go
+++ b/internal/repository/features/features.go
@ -28,7 +28,7 @@ type FeaturesSetEvent struct {
 	LoginPolicyIDP           *bool                 `json:"loginPolicyIDP,omitempty"`
 	LoginPolicyPasswordless  *bool                 `json:"loginPolicyPasswordless,omitempty"`
 	LoginPolicyRegistration  *bool                 `json:"loginPolicyRegistration,omitempty"`
-	LoginPolicyUsernameLogin *bool                 `json:"loginPolicyUsername_login,omitempty"`
+	LoginPolicyUsernameLogin *bool                 `json:"loginPolicyUsernameLogin,omitempty"`
 	PasswordComplexityPolicy *bool                 `json:"passwordComplexityPolicy,omitempty"`
 	LabelPolicy              *bool                 `json:"labelPolicy,omitempty"`
 }
--- a/internal/repository/usergrant/user_grant.go
+++ b/internal/repository/usergrant/user_grant.go
@ -87,7 +87,7 @@ func UserGrantAddedEventMapper(event *repository.Event) (eventstore.EventReader,

 type UserGrantChangedEvent struct {
 	eventstore.BaseEvent `json:"-"`
-	RoleKeys             []string `json:"roleKeys,omitempty"`
+	RoleKeys             []string `json:"roleKeys"`
 }

 func (e *UserGrantChangedEvent) Data() interface{} {
--- a/internal/static/i18n/de.yaml
+++ b/internal/static/i18n/de.yaml
@ -4,6 +4,8 @@ Errors:
  OriginNotAllowed: Dieser "Origin" ist nicht freigeschaltet
  IDMissing: ID fehlt
  ResourceOwnerMissing: Organisation fehlt
+  Limit:
+    ExceedsDefault: Limit überschreitet default Limit
  User:
    NotFound: Benutzer konnte nicht gefunden werden
    AlreadyExists: Benutzer existierts bereits
--- a/internal/static/i18n/en.yaml
+++ b/internal/static/i18n/en.yaml
@ -4,6 +4,8 @@ Errors:
  OriginNotAllowed: This "Origin" is not allowed
  IDMissing: ID missing
  ResourceOwnerMissing: Resource Owner Organisation missing
+  Limit:
+    ExceedsDefault: Limit exceeds default limit
  User:
    NotFound: User could not be found
    AlreadyExists: User already exists
--- a/internal/user/model/external_idp_view.go
+++ b/internal/user/model/external_idp_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -50,10 +52,14 @@ type ExternalIDPSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *ExternalIDPSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *ExternalIDPSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-3n8fM", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func (r *ExternalIDPSearchRequest) AppendUserQuery(userID string) {
--- a/internal/user/model/token_view.go
+++ b/internal/user/model/token_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -53,8 +55,12 @@ type TokenSearchResponse struct {
 	Result      []*Token
 }

-func (r *TokenSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *TokenSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-M0fse", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/user/model/user_membership_view.go
+++ b/internal/user/model/user_membership_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -65,10 +67,14 @@ type UserMembershipSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *UserMembershipSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *UserMembershipSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-288fJ", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func (r *UserMembershipSearchRequest) GetSearchQuery(key UserMembershipSearchKey) (int, *UserMembershipSearchQuery) {
--- a/internal/user/model/user_session_view.go
+++ b/internal/user/model/user_session_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"

 	req_model "github.com/caos/zitadel/internal/auth_request/model"
@ -59,8 +61,12 @@ type UserSessionSearchResponse struct {
 	Result      []*UserSessionView
 }

-func (r *UserSessionSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *UserSessionSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-27ifs", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }
--- a/internal/user/model/user_view.go
+++ b/internal/user/model/user_view.go
@ -128,10 +128,14 @@ const (
 	GenderDiverse
 )

-func (r *UserSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *UserSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return errors.ThrowInvalidArgument(nil, "SEARCH-zz62F", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func (r *UserSearchRequest) AppendMyOrgQuery(orgID string) {
--- a/internal/usergrant/model/user_grant_view.go
+++ b/internal/usergrant/model/user_grant_view.go
@ -2,6 +2,8 @@ package model

 import (
 	"github.com/caos/zitadel/internal/domain"
+	caos_errors "github.com/caos/zitadel/internal/errors"
+
 	"time"
 )

@ -81,10 +83,14 @@ type UserGrantSearchResponse struct {
 	Timestamp   time.Time
 }

-func (r *UserGrantSearchRequest) EnsureLimit(limit uint64) {
-	if r.Limit == 0 || r.Limit > limit {
+func (r *UserGrantSearchRequest) EnsureLimit(limit uint64) error {
+	if r.Limit > limit {
+		return caos_errors.ThrowInvalidArgument(nil, "SEARCH-1N9ds", "Errors.Limit.ExceedsDefault")
+	}
+	if r.Limit == 0 {
 		r.Limit = limit
 	}
+	return nil
 }

 func (r *UserGrantSearchRequest) GetSearchQuery(key UserGrantSearchKey) (int, *UserGrantSearchQuery) {