fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Merge branch 'main' into syste-users-permissions

2025-08-22 17:29:58 +00:00 · 2025-03-25 09:37:07 +00:00
parent b0e866c879
commit 22114368a4
2 changed files with 22 additions and 22 deletions
--- a/e2e/config/localhost/docker-compose.yaml
+++ b/e2e/config/localhost/docker-compose.yaml
@@ -30,7 +30,7 @@ services:

  db:
    restart: 'always'
-    image: 'cockroachdb/cockroach:latest-v24.3'
+    image: 'cockroachdb/cockroach:latest'
    command: 'start-single-node --insecure --http-addr :9090'
    healthcheck:
      test: ['CMD', 'curl', '-f', 'http://localhost:9090/health?ready=1']
--- a/internal/query/permission.go
+++ b/internal/query/permission.go
@@ -25,29 +25,29 @@ const (
 // and is typically the `resource_owner` column in ZITADEL.
 // We use full identifiers in the query builder so this function should be
 // called with something like `UserResourceOwnerCol.identifier()` for example.
-func wherePermittedOrgs(ctx context.Context, query sq.SelectBuilder, filterOrgIds, orgIDColumn, permission string) (sq.SelectBuilder, error) {
-	userID := authz.GetCtxData(ctx).UserID
-	logging.WithFields("permission_check_v2_flag", authz.GetFeatures(ctx).PermissionCheckV2, "org_id_column", orgIDColumn, "permission", permission, "user_id", userID).Debug("permitted orgs check used")
+// func wherePermittedOrgs(ctx context.Context, query sq.SelectBuilder, filterOrgIds, orgIDColumn, permission string) (sq.SelectBuilder, error) {
+// 	userID := authz.GetCtxData(ctx).UserID
+// 	logging.WithFields("permission_check_v2_flag", authz.GetFeatures(ctx).PermissionCheckV2, "org_id_column", orgIDColumn, "permission", permission, "user_id", userID).Debug("permitted orgs check used")

-	systemUserPermissions := authz.GetSystemUserPermissions(ctx)
-	var systemUserPermissionsJson []byte
-	if systemUserPermissions != nil {
-		var err error
-		systemUserPermissionsJson, err = json.Marshal(systemUserPermissions)
-		if err != nil {
-			return query, err
-		}
-	}
+// 	systemUserPermissions := authz.GetSystemUserPermissions(ctx)
+// 	var systemUserPermissionsJson []byte
+// 	if systemUserPermissions != nil {
+// 		var err error
+// 		systemUserPermissionsJson, err = json.Marshal(systemUserPermissions)
+// 		if err != nil {
+// 			return query, err
+// 		}
+// 	}

-	return query.Where(
-		fmt.Sprintf(wherePermittedOrgsClause, orgIDColumn),
-		authz.GetInstance(ctx).InstanceID(),
-		userID,
-		systemUserPermissionsJson,
-		permission,
-		filterOrgIds,
-	), nil
-}
+// 	return query.Where(
+// 		fmt.Sprintf(wherePermittedOrgsClause, orgIDColumn),
+// 		authz.GetInstance(ctx).InstanceID(),
+// 		userID,
+// 		systemUserPermissionsJson,
+// 		permission,
+// 		filterOrgIds,
+// 	), nil
+// }

 func wherePermittedOrgsOrCurrentUser(ctx context.Context, query sq.SelectBuilder, filterOrgIds, orgIDColumn, userIdColum, permission string) (sq.SelectBuilder, error) {
 	userID := authz.GetCtxData(ctx).UserID