feat: list users scim v2 endpoint (#9187)

# Which Problems Are Solved
- Adds support for the list users SCIM v2 endpoint

# How the Problems Are Solved
- Adds support for the list users SCIM v2 endpoints under `GET
/scim/v2/{orgID}/Users` and `POST /scim/v2/{orgID}/Users/.search`

# Additional Changes
- adds a new function `SearchUserMetadataForUsers` to the query layer to
query a metadata keyset for given user ids
- adds a new function `NewUserMetadataExistsQuery` to the query layer to
query a given metadata key value pair exists
- adds a new function `CountUsers` to the query layer to count users
without reading any rows
- handle `ErrorAlreadyExists` as scim errors `uniqueness`
- adds `NumberLessOrEqual` and `NumberGreaterOrEqual` query comparison
methods
- adds `BytesQuery` with `BytesEquals` and `BytesNotEquals` query
comparison methods

# Additional Context
Part of #8140
Supported fields for scim filters:
* `meta.created`
* `meta.lastModified`
* `id`
* `username`
* `name.familyName`
* `name.givenName`
* `emails` and `emails.value`
* `active` only eq and ne
* `externalId` only eq and ne

internal/query/search_query_test.go

@@ -6,6 +6,7 @@ import (
 	"testing"
 
 	sq "github.com/Masterminds/squirrel"
+	"github.com/stretchr/testify/require"
 
 	"github.com/zitadel/zitadel/internal/domain"
 )
@@ -1540,6 +1541,17 @@ func TestNumberQuery_comp(t *testing.T) {
 				query: sq.Lt{"test_table.test_col": 42},
 			},
 		},
+		{
+			name: "less or equal",
+			fields: fields{
+				Column:  testCol,
+				Number:  42,
+				Compare: NumberLessOrEqual,
+			},
+			want: want{
+				query: sq.LtOrEq{"test_table.test_col": 42},
+			},
+		},
 		{
 			name: "greater",
 			fields: fields{
@@ -1551,6 +1563,17 @@ func TestNumberQuery_comp(t *testing.T) {
 				query: sq.Gt{"test_table.test_col": 42},
 			},
 		},
+		{
+			name: "greater or equal",
+			fields: fields{
+				Column:  testCol,
+				Number:  42,
+				Compare: NumberGreaterOrEqual,
+			},
+			want: want{
+				query: sq.GtOrEq{"test_table.test_col": 42},
+			},
+		},
 		{
 			name: "list containts",
 			fields: fields{
@@ -2193,3 +2216,98 @@ func TestInTextQuery_comp(t *testing.T) {
 		})
 	}
 }
+
+func TestBytesQuery_comp(t *testing.T) {
+	type fields struct {
+		Column  Column
+		Value   []byte
+		Compare BytesComparison
+	}
+	type want struct {
+		query interface{}
+		err   bool
+		isNil bool
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		want   want
+	}{
+		{
+			name: "equals",
+			fields: fields{
+				Column:  testCol,
+				Value:   []byte("foo"),
+				Compare: BytesEquals,
+			},
+			want: want{
+				query: sq.Eq{"test_table.test_col": []byte("foo")},
+			},
+		},
+		{
+			name: "not equals",
+			fields: fields{
+				Column:  testCol,
+				Value:   []byte("foo"),
+				Compare: BytesNotEquals,
+			},
+			want: want{
+				query: sq.NotEq{"test_table.test_col": []byte("foo")},
+			},
+		},
+		{
+			name: "unknown comparison",
+			fields: fields{
+				Column:  testCol,
+				Value:   []byte("foo"),
+				Compare: -1,
+			},
+			want: want{
+				err:   true,
+				isNil: true,
+			},
+		},
+		{
+			name: "zero col",
+			fields: fields{
+				Column:  Column{},
+				Value:   []byte("foo"),
+				Compare: BytesEquals,
+			},
+			want: want{
+				err:   true,
+				query: sq.Eq{"": []byte("foo")},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			s, err := NewBytesQuery(tt.fields.Column, tt.fields.Value, tt.fields.Compare)
+			if tt.want.err {
+				require.Error(t, err)
+
+				// still test comp
+				s = &BytesQuery{
+					Column:  tt.fields.Column,
+					Value:   tt.fields.Value,
+					Compare: tt.fields.Compare,
+				}
+			} else {
+				require.NoError(t, err)
+			}
+
+			query := s.comp()
+
+			if tt.want.isNil {
+				require.Nil(t, query)
+				return
+			}
+
+			require.NotNil(t, query)
+
+			if !reflect.DeepEqual(query, tt.want.query) {
+				t.Errorf("wrong query: want: %v, (%T), got: %v, (%T)", tt.want.query, tt.want.query, query, query)
+			}
+		})
+	}
+}