TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 10:17:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: port reduction (#323)

Browse Source 
* move mgmt pkg

* begin package restructure

* rename auth package to authz

* begin start api

* move auth

* move admin

* fix merge

* configs and interceptors

* interceptor

* revert generate-grpc.sh

* some cleanups

* console

* move console

* fix tests and merging

* js linting

* merge

* merging and configs

* change k8s base to current ports

* fixes

* cleanup

* regenerate proto

* remove unnecessary whitespace

* missing param

* go mod tidy

* fix merging

* move login pkg

* cleanup

* move api pkgs again

* fix pkg naming

* fix generate-static.sh for login

* update workflow

* fixes

* logging

* remove duplicate

* comment for optional gateway interfaces

* regenerate protos

* fix proto imports for grpc web

* protos

* grpc web generate

* grpc web generate

* fix changes

* add translation interceptor

* fix merging

* regenerate mgmt proto
This commit is contained in:
Livio Amstutz
2020-07-08 13:56:37 +02:00
committed by GitHub
parent 708652a655
commit 3549a8b64e
330 changed files with 30495 additions and 30809 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/release.yml vendored
View File

@@ -92,12 +92,12 @@ jobs:
- uses: actions/download-artifact@v2
with:
name: angular
path: console/dist/app
path: console/dist/console
- run: go get github.com/rakyll/statik
- run: ./build/console/generate-static.sh
- run: cat pkg/console/statik/statik.go
- run: cat internal/ui/console/statik/statik.go
- run: ./build/login/generate-static.sh
- run: cat internal/login/statik/statik.go
- run: cat internal/ui/login/statik/statik.go
- run: ./build/notification/generate-static.sh
- run: cat internal/notification/statik/statik.go
- run: ./build/zitadel/generate-static.sh

16
build/console/generate-grpc.sh
View File

@@ -23,19 +23,19 @@ echo "Generate grpc"
protoc \
-I=/usr/local/include \
-I=../pkg/message \
-I=../pkg/management/api/proto \
-I=../pkg/auth/api/proto \
-I=../pkg/admin/api/proto \
-I=../pkg/grpc/message \
-I=../pkg/grpc/management/proto \
-I=../pkg/grpc/auth/proto \
-I=../pkg/grpc/admin/proto \
-I=../internal/protoc/protoc-gen-authoption \
-I=node_modules/google-proto-files \
-I=tmp \
--js_out=import_style=commonjs,binary:$GEN_PATH \
--grpc-web_out=import_style=commonjs+dts,mode=grpcweb:$GEN_PATH \
../pkg/message/*.proto \
../pkg/management/api/proto/*.proto \
../pkg/admin/api/proto/*.proto \
../pkg/auth/api/proto/*.proto
../pkg/grpc/message/proto/*.proto \
../pkg/grpc/management/proto/*.proto \
../pkg/grpc/admin/proto/*.proto \
../pkg/grpc/auth/proto/*.proto
echo "Generate annotations js file (compatibility)"

2
build/console/generate-static.sh
View File

@@ -2,4 +2,4 @@
set -eux
go generate pkg/console/statik/generate.go
go generate internal/ui/console/statik/generate.go

2
build/login/generate-static.sh
View File

@@ -2,4 +2,4 @@
set -eux
go generate internal/login/statik/generate.go
go generate internal/ui/login/statik/generate.go

10
cmd/zitadel/caos_local.sh
View File

@@ -40,10 +40,10 @@ export SMTP_TLS=TRUE
export CHAT_URL=$(gopass zitadel-secrets/zitadel/dev/google-chat-url)
#OIDC
export ZITADEL_ISSUER=http://localhost:50022
export ZITADEL_ACCOUNTS=http://localhost:50031
export ZITADEL_AUTHORIZE=http://localhost:50022
export ZITADEL_OAUTH=http://localhost:50022
export ZITADEL_ISSUER=http://localhost:50002/oauth/v2/
export ZITADEL_ACCOUNTS=http://localhost:50003/login
export ZITADEL_AUTHORIZE=http://localhost:50002/oauth/v2/
export ZITADEL_OAUTH=http://localhost:50002/oauth/v2/
export ZITADEL_CONSOLE=http://localhost:4200
export CAOS_OIDC_DEV=true
export ZITADEL_COOKIE_DOMAIN=localhost
@@ -55,7 +55,7 @@ export ZITADEL_CSRF_DEV=true
export ZITADEL_CACHE_MAXAGE=12h
export ZITADEL_CACHE_SHARED_MAXAGE=168h
export ZITADEL_SHORT_CACHE_MAXAGE=5m
export ZITADEL_SHORT_CACHE_SHARED_MAXAGE=15min
export ZITADEL_SHORT_CACHE_SHARED_MAXAGE=15m
#Console
export ZITADEL_CONSOLE_ENV_DIR=../../console/src/assets/

127
cmd/zitadel/main.go
View File

@@ -3,47 +3,59 @@ package main
import (
"context"
"flag"
"github.com/caos/zitadel/internal/auth/repository/eventsourcing"
"github.com/caos/zitadel/internal/authz"
sd "github.com/caos/zitadel/internal/config/systemdefaults"
"github.com/caos/zitadel/internal/login"
"github.com/caos/logging"
internal_authz "github.com/caos/zitadel/internal/api/auth"
admin_es "github.com/caos/zitadel/internal/admin/repository/eventsourcing"
"github.com/caos/zitadel/internal/api"
internal_authz "github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/api/grpc/admin"
"github.com/caos/zitadel/internal/api/grpc/auth"
"github.com/caos/zitadel/internal/api/grpc/management"
"github.com/caos/zitadel/internal/api/oidc"
auth_es "github.com/caos/zitadel/internal/auth/repository/eventsourcing"
"github.com/caos/zitadel/internal/authz"
authz_repo "github.com/caos/zitadel/internal/authz/repository/eventsourcing"
"github.com/caos/zitadel/internal/config"
sd "github.com/caos/zitadel/internal/config/systemdefaults"
mgmt_es "github.com/caos/zitadel/internal/management/repository/eventsourcing"
"github.com/caos/zitadel/internal/notification"
tracing "github.com/caos/zitadel/internal/tracing/config"
"github.com/caos/zitadel/pkg/admin"
"github.com/caos/zitadel/pkg/auth"
"github.com/caos/zitadel/pkg/console"
"github.com/caos/zitadel/pkg/management"
"github.com/caos/zitadel/internal/ui"
"github.com/caos/zitadel/internal/ui/console"
"github.com/caos/zitadel/internal/ui/login"
)
type Config struct {
Mgmt management.Config
Auth auth.Config
Login login.Config
AuthZ authz.Config
Admin admin.Config
Console console.Config
Notification notification.Config
Log logging.Config
Tracing tracing.TracingConfig
InternalAuthZ internal_authz.Config
SystemDefaults sd.SystemDefaults
AuthZ authz.Config
Auth auth_es.Config
Admin admin_es.Config
Mgmt mgmt_es.Config
API api.Config
UI ui.Config
Notification notification.Config
}
var (
configPaths = config.NewArrayFlags("authz.yaml", "startup.yaml", "system-defaults.yaml")
adminEnabled = flag.Bool("admin", true, "enable admin api")
managementEnabled = flag.Bool("management", true, "enable management api")
authEnabled = flag.Bool("auth", true, "enable auth api")
oidcEnabled = flag.Bool("oidc", true, "enable oidc api")
loginEnabled = flag.Bool("login", true, "enable login ui")
consoleEnabled = flag.Bool("console", true, "enable console ui")
notificationEnabled = flag.Bool("notification", true, "enable notification handler")
)
func main() {
configPaths := config.NewArrayFlags("authz.yaml", "startup.yaml", "system-defaults.yaml")
flag.Var(configPaths, "config-files", "paths to the config files")
managementEnabled := flag.Bool("management", true, "enable management api")
authEnabled := flag.Bool("auth", true, "enable auth api")
loginEnabled := flag.Bool("login", true, "enable login ui")
adminEnabled := flag.Bool("admin", true, "enable admin api")
consoleEnabled := flag.Bool("console", true, "enable console ui")
notificationEnabled := flag.Bool("notification", true, "enable notification handler")
flag.Parse()
conf := new(Config)
@@ -53,31 +65,58 @@ func main() {
ctx := context.Background()
authZRepo, err := authz.Start(ctx, conf.AuthZ, conf.InternalAuthZ, conf.SystemDefaults)
logging.Log("MAIN-s9KOw").OnError(err).Fatal("error starting authz repo")
if *adminEnabled {
admin.Start(ctx, conf.Admin, authZRepo, conf.InternalAuthZ, conf.SystemDefaults)
}
if *managementEnabled {
management.Start(ctx, conf.Mgmt, authZRepo, conf.InternalAuthZ, conf.SystemDefaults)
}
var authRepo *eventsourcing.EsRepository
if *authEnabled || *loginEnabled {
authRepo, err = eventsourcing.Start(conf.Auth.Repository, conf.InternalAuthZ, conf.SystemDefaults, authZRepo)
var authRepo *auth_es.EsRepository
if *authEnabled || *oidcEnabled || *loginEnabled {
authRepo, err = auth_es.Start(conf.Auth, conf.InternalAuthZ, conf.SystemDefaults, authZRepo)
logging.Log("MAIN-9oRw6").OnError(err).Fatal("error starting auth repo")
}
if *authEnabled {
auth.Start(ctx, conf.Auth, authZRepo, conf.InternalAuthZ, conf.SystemDefaults, authRepo)
}
if *loginEnabled {
login.Start(ctx, conf.Login, conf.SystemDefaults, authRepo)
}
startAPI(ctx, conf, authZRepo, authRepo)
startUI(ctx, conf, authRepo)
if *notificationEnabled {
notification.Start(ctx, conf.Notification, conf.SystemDefaults)
}
if *consoleEnabled {
err = console.Start(ctx, conf.Console)
logging.Log("MAIN-3Dfuc").OnError(err).Fatal("error starting console ui")
}
<-ctx.Done()
logging.Log("MAIN-s8d2h").Info("stopping zitadel")
}
func startUI(ctx context.Context, conf *Config, authRepo *auth_es.EsRepository) {
uis := ui.Create(conf.UI)
if *loginEnabled {
uis.RegisterHandler(ui.LoginHandler, login.Start(conf.UI.Login, authRepo, ui.LoginHandler).Handler())
}
if *consoleEnabled {
consoleHandler, err := console.Start(conf.UI.Console)
logging.Log("API-AGD1f").OnError(err).Fatal("error starting console")
uis.RegisterHandler(ui.ConsoleHandler, consoleHandler)
}
uis.Start(ctx)
}
func startAPI(ctx context.Context, conf *Config, authZRepo *authz_repo.EsRepository, authRepo *auth_es.EsRepository) {
apis := api.Create(conf.API, conf.InternalAuthZ, authZRepo, conf.SystemDefaults)
roles := make([]string, len(conf.InternalAuthZ.RolePermissionMappings))
for i, role := range conf.InternalAuthZ.RolePermissionMappings {
roles[i] = role.Role
}
if *adminEnabled {
adminRepo, err := admin_es.Start(ctx, conf.Admin, conf.SystemDefaults, roles)
logging.Log("API-D42tq").OnError(err).Fatal("error starting auth repo")
apis.RegisterServer(ctx, admin.CreateServer(adminRepo))
}
if *managementEnabled {
managementRepo, err := mgmt_es.Start(conf.Mgmt, conf.SystemDefaults, roles)
logging.Log("API-Gd2qq").OnError(err).Fatal("error starting management repo")
apis.RegisterServer(ctx, management.CreateServer(managementRepo, conf.SystemDefaults))
}
if *authEnabled {
apis.RegisterServer(ctx, auth.CreateServer(authRepo))
}
if *oidcEnabled {
op := oidc.NewProvider(ctx, conf.API.OIDC, authRepo)
apis.RegisterHandler("/oauth/v2", op.HttpHandler().Handler)
}
apis.Start(ctx)
}

405
cmd/zitadel/startup.yaml
View File

@@ -1,3 +1,8 @@
Log:
Level: $ZITADEL_LOG_LEVEL
Formatter:
Format: text
Tracing:
Type: google
Config:
@@ -5,168 +10,6 @@ Tracing:
MetricPrefix: ZITADEL-V1
Fraction: $ZITADEL_TRACING_FRACTION
Log:
Level: $ZITADEL_LOG_LEVEL
Formatter:
Format: text
Mgmt:
API:
GRPC:
ServerPort: 50010
GatewayPort: 50011
CustomHeaders:
- x-zitadel-
Repository:
SearchLimit: 100
Domain: $ZITADEL_DEFAULT_DOMAIN
Eventstore:
ServiceName: 'ManagementAPI'
Repository:
SQL:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'management'
Password: $CR_MANAGEMENT_PASSWORD
Database: 'eventstore'
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_MANAGEMENT_CERT
Key: $CR_MANAGEMENT_KEY
Cache:
Type: 'fastcache'
Config:
MaxCacheSizeInByte: 10485760 #10mb
View:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'management'
Password: $CR_MANAGEMENT_PASSWORD
Database: 'management'
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_MANAGEMENT_CERT
Key: $CR_MANAGEMENT_KEY
Spooler:
ConcurrentTasks: 4
BulkLimit: 100
FailureCountUntilSkip: 5
Auth:
API:
GRPC:
ServerPort: 50020
GatewayPort: 50021
CustomHeaders:
- x-zitadel-
OIDC:
OPConfig:
Issuer: $ZITADEL_ISSUER
DefaultLogoutRedirectURI: $ZITADEL_ACCOUNTS/logout/done
Port: 50022
StorageConfig:
DefaultLoginURL: $ZITADEL_ACCOUNTS/login?authRequestID=
DefaultAccessTokenLifetime: 12h
DefaultIdTokenLifetime: 12h
SigningKeyAlgorithm: RS256
UserAgentCookieConfig:
Name: caos.zitadel.useragent
Domain: $ZITADEL_COOKIE_DOMAIN
Key:
EncryptionKeyID: $ZITADEL_COOKIE_KEY
Cache:
MaxAge: $ZITADEL_CACHE_MAXAGE
SharedMaxAge: $ZITADEL_CACHE_SHARED_MAXAGE
Endpoints:
Auth:
Path: 'authorize'
URL: '$ZITADEL_AUTHORIZE/authorize'
Token:
Path: 'token'
URL: '$ZITADEL_OAUTH/token'
EndSession:
Path: 'endsession'
URL: '$ZITADEL_AUTHORIZE/endsession'
Userinfo:
Path: 'userinfo'
URL: '$ZITADEL_OAUTH/userinfo'
Keys:
Path: 'keys'
URL: '$ZITADEL_OAUTH/keys'
Repository:
SearchLimit: 100
Eventstore:
ServiceName: 'authAPI'
Repository:
SQL:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'auth'
Password: $CR_AUTH_PASSWORD
Database: 'eventstore'
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_AUTH_CERT
Key: $CR_AUTH_KEY
Cache:
Type: 'fastcache'
Config:
MaxCacheSizeInByte: 10485760 #10mb
AuthRequest:
Connection:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'auth'
Password: $CR_AUTH_PASSWORD
Database: 'auth'
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_AUTH_CERT
Key: $CR_AUTH_KEY
View:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'auth'
Password: $CR_AUTH_PASSWORD
Database: 'auth'
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_AUTH_CERT
Key: $CR_AUTH_KEY
Spooler:
ConcurrentTasks: 4
BulkLimit: 100
FailureCountUntilSkip: 5
KeyConfig:
Size: 2048
PrivateKeyLifetime: 6h
PublicKeyLifetime: 30h
EncryptionConfig:
EncryptionKeyID: $ZITADEL_OIDC_KEYS_ID
SigningKeyRotation: 10s
Login:
Handler:
Port: 50031
OidcAuthCallbackURL: '$ZITADEL_AUTHORIZE/authorize/'
ZitadelURL: '$ZITADEL_CONSOLE'
LanguageCookieName: 'caos.zitadel.login.lang'
DefaultLanguage: 'de'
CSRF:
CookieName: 'caos.zitadel.login.csrf'
Key:
EncryptionKeyID: $ZITADEL_CSRF_KEY
Development: $ZITADEL_CSRF_DEV
Cache:
MaxAge: $ZITADEL_CACHE_MAXAGE
SharedMaxAge: $ZITADEL_CACHE_SHARED_MAXAGE
AuthZ:
Repository:
Eventstore:
@@ -176,8 +19,8 @@ AuthZ:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'authz'
Password: $CR_AUTHZ_PASSWORD
Database: 'eventstore'
Password: $CR_AUTHZ_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
@@ -191,7 +34,6 @@ AuthZ:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'authz'
Password: $CR_AUTHZ_PASSWORD
Database: 'authz'
SSL:
Mode: $CR_SSL_MODE
@@ -203,61 +45,200 @@ AuthZ:
BulkLimit: 100
FailureCountUntilSkip: 5
Admin:
API:
GRPC:
ServerPort: 50040
GatewayPort: 50041
CustomHeaders:
- x-zitadel-
Repository:
SearchLimit: 100
Domain: $ZITADEL_DEFAULT_DOMAIN
Eventstore:
ServiceName: 'Admin'
Repository:
SQL:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'adminapi'
Password: $CR_ADMINAPI_PASSWORD
Database: 'eventstore'
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_ADMINAPI_CERT
Key: $CR_ADMINAPI_KEY
Cache:
Type: 'fastcache'
Config:
MaxCacheSizeInByte: 10485760 #10mb
View:
Auth:
SearchLimit: 100
Eventstore:
ServiceName: 'authAPI'
Repository:
SQL:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'auth'
Database: 'eventstore'
Password: $CR_AUTH_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_AUTH_CERT
Key: $CR_AUTH_KEY
Cache:
Type: 'fastcache'
Config:
MaxCacheSizeInByte: 10485760 #10mb
AuthRequest:
Connection:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'adminapi'
Password: $CR_ADMINAPI_PASSWORD
Database: 'adminapi'
User: 'auth'
Database: 'auth'
Password: $CR_AUTH_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_ADMINAPI_CERT
Key: $CR_ADMINAPI_KEY
Spooler:
ConcurrentTasks: 1
BulkLimit: 100
FailureCountUntilSkip: 5
Cert: $CR_AUTH_CERT
Key: $CR_AUTH_KEY
View:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'auth'
Database: 'auth'
Password: $CR_AUTH_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_AUTH_CERT
Key: $CR_AUTH_KEY
Spooler:
ConcurrentTasks: 4
BulkLimit: 100
FailureCountUntilSkip: 5
KeyConfig:
Size: 2048
PrivateKeyLifetime: 6h
PublicKeyLifetime: 30h
EncryptionConfig:
EncryptionKeyID: $ZITADEL_OIDC_KEYS_ID
SigningKeyRotation: 10s
Console:
Port: 50050
EnvOverwriteDir: $ZITADEL_CONSOLE_ENV_DIR
ShortCache:
MaxAge: $ZITADEL_SHORT_CACHE_MAXAGE
SharedMaxAge: $ZITADEL_SHORT_CACHE_SHARED_MAXAGE
LongCache:
Admin:
SearchLimit: 100
Domain: $ZITADEL_DEFAULT_DOMAIN
Eventstore:
ServiceName: 'Admin'
Repository:
SQL:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'admin_api'
Database: 'eventstore'
Password: $CR_ADMINAPI_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_ADMINAPI_CERT
Key: $CR_ADMINAPI_KEY
Cache:
Type: 'fastcache'
Config:
MaxCacheSizeInByte: 10485760 #10mb
View:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'admin_api'
Database: 'admin_api'
Password: $CR_ADMINAPI_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_ADMINAPI_CERT
Key: $CR_ADMINAPI_KEY
Spooler:
ConcurrentTasks: 1
BulkLimit: 100
FailureCountUntilSkip: 5
Mgmt:
SearchLimit: 100
Domain: $ZITADEL_DEFAULT_DOMAIN
Eventstore:
ServiceName: 'ManagementAPI'
Repository:
SQL:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'management'
Database: 'eventstore'
Password: $CR_MANAGEMENT_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_MANAGEMENT_CERT
Key: $CR_MANAGEMENT_KEY
Cache:
Type: 'fastcache'
Config:
MaxCacheSizeInByte: 10485760 #10mb
View:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'management'
Database: 'management'
Password: $CR_MANAGEMENT_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
Cert: $CR_MANAGEMENT_CERT
Key: $CR_MANAGEMENT_KEY
Spooler:
ConcurrentTasks: 4
BulkLimit: 100
FailureCountUntilSkip: 5
API:
GRPC:
ServerPort: 50001
GatewayPort: 50002
CustomHeaders:
- x-zitadel-
OIDC:
OPConfig:
Issuer: $ZITADEL_ISSUER
DefaultLogoutRedirectURI: $ZITADEL_ACCOUNTS/logout/done
StorageConfig:
DefaultLoginURL: $ZITADEL_ACCOUNTS/login?authRequestID=
DefaultAccessTokenLifetime: 12h
DefaultIdTokenLifetime: 12h
SigningKeyAlgorithm: RS256
UserAgentCookieConfig:
Name: caos.zitadel.useragent
Domain: $ZITADEL_COOKIE_DOMAIN
Key:
EncryptionKeyID: $ZITADEL_COOKIE_KEY
Cache:
MaxAge: $ZITADEL_CACHE_MAXAGE
SharedMaxAge: $ZITADEL_CACHE_SHARED_MAXAGE
CSPDomain: $ZITADEL_DEFAULT_DOMAIN
Endpoints:
Auth:
Path: 'authorize'
URL: '$ZITADEL_AUTHORIZE/authorize'
Token:
Path: 'token'
URL: '$ZITADEL_OAUTH/token'
EndSession:
Path: 'endsession'
URL: '$ZITADEL_AUTHORIZE/endsession'
Userinfo:
Path: 'userinfo'
URL: '$ZITADEL_OAUTH/userinfo'
Keys:
Path: 'keys'
URL: '$ZITADEL_OAUTH/keys'
UI:
Port: 50003
Login:
Handler:
OidcAuthCallbackURL: '$ZITADEL_AUTHORIZE/authorize/'
ZitadelURL: '$ZITADEL_CONSOLE'
LanguageCookieName: 'caos.zitadel.login.lang'
DefaultLanguage: 'de'
CSRF:
CookieName: 'caos.zitadel.login.csrf'
Key:
EncryptionKeyID: $ZITADEL_CSRF_KEY
Development: $ZITADEL_CSRF_DEV
Cache:
MaxAge: $ZITADEL_CACHE_MAXAGE
SharedMaxAge: $ZITADEL_CACHE_SHARED_MAXAGE
Console:
EnvOverwriteDir: $ZITADEL_CONSOLE_ENV_DIR
ShortCache:
MaxAge: $ZITADEL_SHORT_CACHE_MAXAGE
SharedMaxAge: $ZITADEL_SHORT_CACHE_SHARED_MAXAGE
LongCache:
MaxAge: $ZITADEL_CACHE_MAXAGE
SharedMaxAge: $ZITADEL_CACHE_SHARED_MAXAGE
CSPDomain: $ZITADEL_DEFAULT_DOMAIN
Notification:
Repository:
@@ -270,8 +251,8 @@ Notification:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'notification'
Password: $CR_NOTIFICATION_PASSWORD
Database: 'eventstore'
Password: $CR_NOTIFICATION_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT
@@ -285,8 +266,8 @@ Notification:
Host: $ZITADEL_EVENTSTORE_HOST
Port: $ZITADEL_EVENTSTORE_PORT
User: 'notification'
Password: $CR_NOTIFICATION_PASSWORD
Database: 'notification'
Password: $CR_NOTIFICATION_PASSWORD
SSL:
Mode: $CR_SSL_MODE
RootCert: $CR_ROOT_CERT

2
console/package.json
View File

@@ -5,7 +5,7 @@
"ng": "ng",
"start": "ng serve",
"build": "ng build",
"prodbuild": "ng build --prod",
"prodbuild": "ng build --prod --base-href /console/",
"lint": "ng lint && stylelint './projects/**/*.scss' --syntax scss",
"postinstall": "../build/console/generate-grpc.sh"
},

4
console/src/app/app.component.html
View File

@@ -5,9 +5,9 @@
</button>
<a *ngIf="(isHandset$ | async) == false" class="title" [routerLink]="['/']">
<img class="logo" *ngIf="componentCssClass == 'dark-theme'; else lighttheme"
src="../assets/images/zitadel-logo-oneline-darkdesign.svg" />
src="./assets/images/zitadel-logo-oneline-darkdesign.svg" />
<ng-template #lighttheme>
<img class="logo" src="../assets/images/zitadel-logo-oneline-lightdesign.svg" />
<img class="logo" src="./assets/images/zitadel-logo-oneline-lightdesign.svg" />
</ng-template>
</a>

8
console/src/app/app.module.ts
View File

@@ -1,5 +1,5 @@
import { OverlayModule } from '@angular/cdk/overlay';
import { CommonModule, registerLocaleData } from '@angular/common';
import { APP_BASE_HREF, CommonModule, registerLocaleData, PlatformLocation } from '@angular/common';
import { HttpClient, HttpClientModule } from '@angular/common/http';
import localeDe from '@angular/common/locales/de';
import { APP_INITIALIZER, NgModule } from '@angular/core';
@@ -42,7 +42,7 @@ registerLocaleData(localeDe);
// AoT requires an exported function for factories
export function HttpLoaderFactory(http: HttpClient): TranslateHttpLoader {
return new TranslateHttpLoader(http);
return new TranslateHttpLoader(http, './assets/i18n/');
}
const appInitializerFn = (grpcServ: GrpcService) => {
@@ -57,12 +57,10 @@ const stateHandlerFn = (stateHandler: StatehandlerService) => {
};
};
export let authConfig = {
redirectUri: window.location.origin + '/auth/callback',
const authConfig: AuthConfig = {
scope: 'openid profile email', // offline_access
responseType: 'code',
oidc: true,
postLogoutRedirectUri: window.location.origin + '/signedout',
};
@NgModule({

4
console/src/app/pages/home/home.component.html
View File

@@ -1,8 +1,8 @@
<div class="wrapper">
<div class="header">
<img *ngIf="dark; else lighttheme" src="../assets/images/zitadel-logo-oneline-darkdesign.svg" />
<img *ngIf="dark; else lighttheme" src="./assets/images/zitadel-logo-oneline-darkdesign.svg" />
<ng-template #lighttheme>
<img src="../assets/images/zitadel-logo-oneline-lightdesign.svg" />
<img src="./assets/images/zitadel-logo-oneline-lightdesign.svg" />
</ng-template>
</div>

4
console/src/app/pages/signedout/signedout.component.html
View File

@@ -1,9 +1,9 @@
<div class="wrap">
<div class="block">
<div class="header">
<img *ngIf="dark; else lighttheme" src="../../../assets/images/zitadel-logo-oneline-darkdesign.svg" />
<img *ngIf="dark; else lighttheme" src="./assets/images/zitadel-logo-oneline-darkdesign.svg" />
<ng-template #lighttheme>
<img src="../../../assets/images/zitadel-logo-oneline-lightdesign.svg" />
<img src="./assets/images/zitadel-logo-oneline-lightdesign.svg" />
</ng-template>
<p>{{'USER.SIGNEDOUT' | translate}}</p>

2
console/src/app/services/auth.service.ts
View File

@@ -64,6 +64,8 @@ export class AuthService {
public async authenticate(config?: Partial<AuthConfig>, setState: boolean = true): Promise<boolean> {
this.config.issuer = config?.issuer || this.grpcService.issuer;
this.config.clientId = config?.clientId || this.grpcService.clientid;
this.config.redirectUri = config?.redirectUri || this.grpcService.redirectUri;
this.config.postLogoutRedirectUri = config?.postLogoutRedirectUri || this.grpcService.postLogoutRedirectUri;
this.config.customQueryParams = config?.customQueryParams;
this.oauthService.configure(this.config);
// this.oauthService.setupAutomaticSilentRefresh();

8
console/src/app/services/grpc.service.ts
View File

@@ -1,5 +1,6 @@
import { HttpClient } from '@angular/common/http';
import { Injectable } from '@angular/core';
import { PlatformLocation } from '@angular/common';
import { AdminServicePromiseClient } from '../proto/generated/admin_grpc_web_pb';
import { AuthServicePromiseClient } from '../proto/generated/auth_grpc_web_pb';
@@ -12,6 +13,8 @@ import { GrpcRequestFn } from './grpc-handler';
export class GrpcService {
public issuer: string = '';
public clientid: string = '';
public redirectUri: string = '';
public postLogoutRedirectUri: string = '';
public auth!: AuthServicePromiseClient;
public mgmt!: ManagementServicePromiseClient;
@@ -19,10 +22,11 @@ export class GrpcService {
constructor(
private http: HttpClient,
private platformLocation: PlatformLocation,
) { }
public async loadAppEnvironment(): Promise<any> {
return this.http.get('/assets/environment.json')
return this.http.get('./assets/environment.json')
.toPromise().then((data: any) => {
if (data && data.authServiceUrl && data.mgmtServiceUrl && data.issuer) {
this.auth = new AuthServicePromiseClient(data.authServiceUrl);
@@ -32,6 +36,8 @@ export class GrpcService {
this.issuer = data.issuer;
if (data.clientid) {
this.clientid = data.clientid;
this.redirectUri = window.location.origin + this.platformLocation.getBaseHrefFromDOM() + 'auth/callback';
this.postLogoutRedirectUri = window.location.origin + this.platformLocation.getBaseHrefFromDOM() + 'signedout';
}
}
return Promise.resolve(data);

36
internal/admin/auth/token_verifier.go
View File

@@ -1,36 +0,0 @@
package auth
import (
"context"
"github.com/caos/zitadel/internal/api/auth"
authz_repo "github.com/caos/zitadel/internal/authz/repository/eventsourcing"
)
const (
adminName = "Admin-API"
)
type TokenVerifier struct {
adminID string
authZRepo *authz_repo.EsRepository
}
func Start(authZRepo *authz_repo.EsRepository) (v *TokenVerifier) {
return &TokenVerifier{authZRepo: authZRepo}
}
func (v *TokenVerifier) VerifyAccessToken(ctx context.Context, token string) (string, string, string, error) {
userID, clientID, agentID, err := v.authZRepo.VerifyAccessToken(ctx, token, adminName, v.adminID)
if clientID != "" {
v.adminID = clientID
}
return userID, clientID, agentID, err
}
func (v *TokenVerifier) ResolveGrant(ctx context.Context) (*auth.Grant, error) {
return v.authZRepo.ResolveGrants(ctx)
}
func (v *TokenVerifier) GetProjectIDByClientID(ctx context.Context, clientID string) (string, error) {
return v.authZRepo.ProjectIDByClientID(ctx, clientID)
}

4
internal/admin/config.go
View File

@@ -1,4 +0,0 @@
package admin
type Config struct {
}

9
internal/admin/repository/eventsourcing/eventstore/user.go
View File

@@ -2,7 +2,8 @@ package eventstore
import (
"context"
"github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/api/authz"
org_event "github.com/caos/zitadel/internal/org/repository/eventsourcing"
policy_event "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
usr_model "github.com/caos/zitadel/internal/user/model"
@@ -20,11 +21,11 @@ func (repo *UserRepo) UserByID(ctx context.Context, id string) (project *usr_mod
}
func (repo *UserRepo) CreateUser(ctx context.Context, user *usr_model.User) (*usr_model.User, error) {
pwPolicy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, auth.GetCtxData(ctx).OrgID)
pwPolicy, err := repo.PolicyEvents.GetPasswordComplexityPolicy(ctx, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
orgPolicy, err := repo.OrgEvents.GetOrgIamPolicy(ctx, auth.GetCtxData(ctx).OrgID)
orgPolicy, err := repo.OrgEvents.GetOrgIamPolicy(ctx, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
@@ -32,7 +33,7 @@ func (repo *UserRepo) CreateUser(ctx context.Context, user *usr_model.User) (*us
}
func (repo *UserRepo) RegisterUser(ctx context.Context, user *usr_model.User, resourceOwner string) (*usr_model.User, error) {
policyResourceOwner := auth.GetCtxData(ctx).OrgID
policyResourceOwner := authz.GetCtxData(ctx).OrgID
if resourceOwner != "" {
policyResourceOwner = resourceOwner
}

11
internal/admin/repository/eventsourcing/setup/setup.go
View File

@@ -2,12 +2,11 @@ package setup
import (
"context"
policy_model "github.com/caos/zitadel/internal/policy/model"
policy_event "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
"time"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/config/systemdefaults"
"github.com/caos/zitadel/internal/config/types"
caos_errs "github.com/caos/zitadel/internal/errors"
@@ -16,6 +15,8 @@ import (
iam_event "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
org_model "github.com/caos/zitadel/internal/org/model"
org_event "github.com/caos/zitadel/internal/org/repository/eventsourcing"
policy_model "github.com/caos/zitadel/internal/policy/model"
policy_event "github.com/caos/zitadel/internal/policy/repository/eventsourcing"
proj_model "github.com/caos/zitadel/internal/project/model"
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
usr_model "github.com/caos/zitadel/internal/user/model"
@@ -208,7 +209,7 @@ func (setUp *initializer) org(ctx context.Context, org types.Org) (*org_model.Or
ctx = setSetUpContextData(ctx, "")
createOrg := &org_model.Org{
Name: org.Name,
Domains: []*org_model.OrgDomain{&org_model.OrgDomain{Domain: org.Domain}},
Domains: []*org_model.OrgDomain{{Domain: org.Domain}},
}
return setUp.repos.OrgEvents.CreateOrg(ctx, createOrg)
}
@@ -434,5 +435,5 @@ func getOIDCAuthMethod(authMethod string) proj_model.OIDCAuthMethodType {
}
func setSetUpContextData(ctx context.Context, orgID string) context.Context {
return auth.SetCtxData(ctx, auth.CtxData{UserID: SetupUser, OrgID: orgID})
return authz.SetCtxData(ctx, authz.CtxData{UserID: SetupUser, OrgID: orgID})
}

53
internal/api/api.go Normal file
View File

@@ -0,0 +1,53 @@
package api
import (
"context"
"net/http"
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/api/authz"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/api/grpc/server"
"github.com/caos/zitadel/internal/api/oidc"
authz_es "github.com/caos/zitadel/internal/authz/repository/eventsourcing"
"github.com/caos/zitadel/internal/config/systemdefaults"
)
type Config struct {
GRPC grpc_util.Config
OIDC oidc.OPHandlerConfig
}
type API struct {
grpcServer *grpc.Server
gatewayHandler *server.GatewayHandler
verifier *authz.TokenVerifier
serverPort string
}
func Create(config Config, authZ authz.Config, authZRepo *authz_es.EsRepository, sd systemdefaults.SystemDefaults) *API {
api := &API{
serverPort: config.GRPC.ServerPort,
}
api.verifier = authz.Start(authZRepo)
api.grpcServer = server.CreateServer(api.verifier, authZ, sd.DefaultLanguage)
api.gatewayHandler = server.CreateGatewayHandler(config.GRPC)
return api
}
func (a *API) RegisterServer(ctx context.Context, server server.Server) {
server.RegisterServer(a.grpcServer)
a.gatewayHandler.RegisterGateway(ctx, server)
a.verifier.RegisterServer(server.AppName(), server.MethodPrefix(), server.AuthMethods())
}
func (a *API) RegisterHandler(prefix string, handler http.Handler) {
a.gatewayHandler.RegisterHandler(prefix, handler)
}
func (a *API) Start(ctx context.Context) {
server.Serve(ctx, a.grpcServer, a.serverPort)
a.gatewayHandler.Serve(ctx)
}

91
internal/api/auth/context.go
View File

@@ -1,91 +0,0 @@
package auth
import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/api"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"google.golang.org/grpc/metadata"
"strconv"
)
type key int
const (
permissionsKey key = 1
dataKey key = 2
)
type CtxData struct {
UserID string
OrgID string
ProjectID string
AgentID string
PreferredLanguage string
}
func (ctxData CtxData) IsZero() bool {
return ctxData.UserID == "" || ctxData.OrgID == ""
}
type Grants []*Grant
type Grant struct {
OrgID string
Roles []string
}
type TokenVerifier interface {
VerifyAccessToken(ctx context.Context, token string) (string, string, string, error)
ResolveGrant(ctx context.Context) (*Grant, error)
GetProjectIDByClientID(ctx context.Context, clientID string) (string, error)
}
func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t TokenVerifier) (_ context.Context, err error) {
var userID, projectID, clientID, agentID string
//TODO: Remove as soon an authentification is implemented
if CheckInternal(ctx) {
userID = grpc_util.GetHeader(ctx, api.ZitadelUserID)
clientID = grpc_util.GetHeader(ctx, api.ZitadelClientID)
projectID, err = t.GetProjectIDByClientID(ctx, clientID)
agentID = grpc_util.GetHeader(ctx, api.ZitadelAgentID)
} else {
userID, clientID, agentID, err = verifyAccessToken(ctx, token, t)
if err != nil {
return nil, err
}
projectID, err = t.GetProjectIDByClientID(ctx, clientID)
logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid")
}
return context.WithValue(ctx, dataKey, CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil
}
func SetCtxData(ctx context.Context, ctxData CtxData) context.Context {
return context.WithValue(ctx, dataKey, ctxData)
}
func GetCtxData(ctx context.Context) CtxData {
ctxData, _ := ctx.Value(dataKey).(CtxData)
return ctxData
}
func GetPermissionsFromCtx(ctx context.Context) []string {
ctxPermission, _ := ctx.Value(permissionsKey).([]string)
return ctxPermission
}
//TODO: Remove as soon an authentification is implemented
func CheckInternal(ctx context.Context) bool {
md, ok := metadata.FromIncomingContext(ctx)
if !ok {
return false
}
v, ok := md[api.LoginKey]
if !ok {
return false
}
ok, _ = strconv.ParseBool(v[0])
return ok
}

20
internal/api/auth/token.go
View File

@@ -1,20 +0,0 @@
package auth
import (
"context"
"strings"
"github.com/caos/zitadel/internal/errors"
)
const (
BearerPrefix = "Bearer "
)
func verifyAccessToken(ctx context.Context, token string, t TokenVerifier) (string, string, string, error) {
parts := strings.Split(token, BearerPrefix)
if len(parts) != 2 {
return "", "", "", errors.ThrowUnauthenticated(nil, "AUTH-7fs1e", "invalid auth header")
}
return t.VerifyAccessToken(ctx, parts[1])
}

6
internal/api/auth/authorization.go → internal/api/authz/authorization.go
View File

@@ -1,4 +1,4 @@
package auth
package authz
import (
"context"
@@ -13,8 +13,8 @@ const (
authenticated = "authenticated"
)
func CheckUserAuthorization(ctx context.Context, req interface{}, token, orgID string, verifier TokenVerifier, authConfig *Config, requiredAuthOption Option) (context.Context, error) {
ctx, err := VerifyTokenAndWriteCtxData(ctx, token, orgID, verifier)
func CheckUserAuthorization(ctx context.Context, req interface{}, token, orgID string, verifier *TokenVerifier, authConfig Config, requiredAuthOption Option, method string) (context.Context, error) {
ctx, err := VerifyTokenAndWriteCtxData(ctx, token, orgID, verifier, method)
if err != nil {
return nil, err
}

2
internal/api/auth/authorization_test.go → internal/api/authz/authorization_test.go
View File

@@ -1,4 +1,4 @@
package auth
package authz
import (
"testing"

2
internal/api/auth/config.go → internal/api/authz/config.go
View File

@@ -1,4 +1,4 @@
package auth
package authz
type Config struct {
RolePermissionMappings []RoleMapping

57
internal/api/authz/context.go Normal file
View File

@@ -0,0 +1,57 @@
package authz
import (
"context"
"github.com/caos/logging"
)
type key int
const (
permissionsKey key = 1
dataKey key = 2
)
type CtxData struct {
UserID string
OrgID string
ProjectID string
AgentID string
PreferredLanguage string
}
func (ctxData CtxData) IsZero() bool {
return ctxData.UserID == "" || ctxData.OrgID == ""
}
type Grants []*Grant
type Grant struct {
OrgID string
Roles []string
}
func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t *TokenVerifier, method string) (_ context.Context, err error) {
userID, clientID, agentID, err := verifyAccessToken(ctx, token, t, method)
if err != nil {
return nil, err
}
projectID, err := t.GetProjectIDByClientID(ctx, clientID)
logging.LogWithFields("AUTH-GfAoV", "clientID", clientID).OnError(err).Warn("could not read projectid by clientid")
return context.WithValue(ctx, dataKey, CtxData{UserID: userID, OrgID: orgID, ProjectID: projectID, AgentID: agentID}), nil
}
func SetCtxData(ctx context.Context, ctxData CtxData) context.Context {
return context.WithValue(ctx, dataKey, ctxData)
}
func GetCtxData(ctx context.Context) CtxData {
ctxData, _ := ctx.Value(dataKey).(CtxData)
return ctxData
}
func GetPermissionsFromCtx(ctx context.Context) []string {
ctxPermission, _ := ctx.Value(permissionsKey).([]string)
return ctxPermission
}

2
internal/api/auth/context_mock.go → internal/api/authz/context_mock.go
View File

@@ -1,4 +1,4 @@
package auth
package authz
import "context"

8
internal/api/auth/permissions.go → internal/api/authz/permissions.go
View File

@@ -1,4 +1,4 @@
package auth
package authz
import (
"context"
@@ -6,7 +6,7 @@ import (
"github.com/caos/zitadel/internal/errors"
)
func getUserMethodPermissions(ctx context.Context, t TokenVerifier, requiredPerm string, authConfig *Config) (context.Context, []string, error) {
func getUserMethodPermissions(ctx context.Context, t *TokenVerifier, requiredPerm string, authConfig Config) (context.Context, []string, error) {
ctxData := GetCtxData(ctx)
if ctxData.IsZero() {
return nil, nil, errors.ThrowUnauthenticated(nil, "AUTH-rKLWEH", "context missing")
@@ -22,7 +22,7 @@ func getUserMethodPermissions(ctx context.Context, t TokenVerifier, requiredPerm
return context.WithValue(ctx, permissionsKey, permissions), permissions, nil
}
func mapGrantToPermissions(requiredPerm string, grant *Grant, authConfig *Config) []string {
func mapGrantToPermissions(requiredPerm string, grant *Grant, authConfig Config) []string {
resolvedPermissions := make([]string, 0)
for _, role := range grant.Roles {
resolvedPermissions = mapRoleToPerm(requiredPerm, role, authConfig, resolvedPermissions)
@@ -31,7 +31,7 @@ func mapGrantToPermissions(requiredPerm string, grant *Grant, authConfig *Config
return resolvedPermissions
}
func mapRoleToPerm(requiredPerm, actualRole string, authConfig *Config, resolvedPermissions []string) []string {
func mapRoleToPerm(requiredPerm, actualRole string, authConfig Config, resolvedPermissions []string) []string {
roleName, roleContextID := SplitPermission(actualRole)
perms := authConfig.getPermissionsFromRole(roleName)

100
internal/api/auth/permissions_test.go → internal/api/authz/permissions_test.go
View File

@@ -1,4 +1,4 @@
package auth
package authz
import (
"context"
@@ -15,18 +15,22 @@ type testVerifier struct {
grant *Grant
}
func (v *testVerifier) VerifyAccessToken(ctx context.Context, token string) (string, string, string, error) {
return "userID", "clientID", "agentID", nil
func (v *testVerifier) VerifyAccessToken(ctx context.Context, token, clientID string) (string, string, error) {
return "userID", "agentID", nil
}
func (v *testVerifier) ResolveGrant(ctx context.Context) (*Grant, error) {
func (v *testVerifier) ResolveGrants(ctx context.Context) (*Grant, error) {
return v.grant, nil
}
func (v *testVerifier) GetProjectIDByClientID(ctx context.Context, clientID string) (string, error) {
func (v *testVerifier) ProjectIDByClientID(ctx context.Context, clientID string) (string, error) {
return "", nil
}
func (v *testVerifier) VerifierClientID(ctx context.Context, appName string) (string, error) {
return "clientID", nil
}
func equalStringArray(a, b []string) bool {
if len(a) != len(b) {
return false
@@ -42,9 +46,9 @@ func equalStringArray(a, b []string) bool {
func Test_GetUserMethodPermissions(t *testing.T) {
type args struct {
ctx context.Context
verifier TokenVerifier
verifier *TokenVerifier
requiredPerm string
authConfig *Config
authConfig Config
}
tests := []struct {
name string
@@ -57,16 +61,17 @@ func Test_GetUserMethodPermissions(t *testing.T) {
name: "Empty Context",
args: args{
ctx: getTestCtx("", ""),
verifier: &testVerifier{grant: &Grant{
Roles: []string{"ORG_OWNER"}}},
verifier: Start(&testVerifier{grant: &Grant{
Roles: []string{"ORG_OWNER"},
}}),
requiredPerm: "project.read",
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -81,15 +86,15 @@ func Test_GetUserMethodPermissions(t *testing.T) {
name: "No Grants",
args: args{
ctx: getTestCtx("", ""),
verifier: &testVerifier{grant: &Grant{}},
verifier: Start(&testVerifier{grant: &Grant{}}),
requiredPerm: "project.read",
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -102,16 +107,17 @@ func Test_GetUserMethodPermissions(t *testing.T) {
name: "Get Permissions",
args: args{
ctx: getTestCtx("userID", "orgID"),
verifier: &testVerifier{grant: &Grant{
Roles: []string{"ORG_OWNER"}}},
verifier: Start(&testVerifier{grant: &Grant{
Roles: []string{"ORG_OWNER"},
}}),
requiredPerm: "project.read",
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -144,7 +150,7 @@ func Test_MapGrantsToPermissions(t *testing.T) {
type args struct {
requiredPerm string
grant *Grant
authConfig *Config
authConfig Config
}
tests := []struct {
name string
@@ -156,13 +162,13 @@ func Test_MapGrantsToPermissions(t *testing.T) {
args: args{
requiredPerm: "project.read",
grant: &Grant{Roles: []string{"ORG_OWNER"}},
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -176,13 +182,13 @@ func Test_MapGrantsToPermissions(t *testing.T) {
args: args{
requiredPerm: "project.write",
grant: &Grant{Roles: []string{"ORG_OWNER"}},
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -196,13 +202,13 @@ func Test_MapGrantsToPermissions(t *testing.T) {
args: args{
requiredPerm: "project.read",
grant: &Grant{Roles: []string{"ORG_OWNER", "IAM_OWNER"}},
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -216,13 +222,13 @@ func Test_MapGrantsToPermissions(t *testing.T) {
args: args{
requiredPerm: "project.read",
grant: &Grant{Roles: []string{"ORG_OWNER", "PROJECT_OWNER:1"}},
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "PROJECT_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -246,7 +252,7 @@ func Test_MapRoleToPerm(t *testing.T) {
type args struct {
requiredPerm string
actualRole string
authConfig *Config
authConfig Config
resolvedPermissions []string
}
tests := []struct {
@@ -259,13 +265,13 @@ func Test_MapRoleToPerm(t *testing.T) {
args: args{
requiredPerm: "project.read",
actualRole: "ORG_OWNER",
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -280,13 +286,13 @@ func Test_MapRoleToPerm(t *testing.T) {
args: args{
requiredPerm: "project.read",
actualRole: "ORG_OWNER",
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "IAM_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -301,13 +307,13 @@ func Test_MapRoleToPerm(t *testing.T) {
args: args{
requiredPerm: "project.read",
actualRole: "PROJECT_OWNER:1",
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "PROJECT_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},
@@ -322,13 +328,13 @@ func Test_MapRoleToPerm(t *testing.T) {
args: args{
requiredPerm: "project.read",
actualRole: "PROJECT_OWNER:1",
authConfig: &Config{
authConfig: Config{
RolePermissionMappings: []RoleMapping{
RoleMapping{
{
Role: "PROJECT_OWNER",
Permissions: []string{"project.read"},
},
RoleMapping{
{
Role: "ORG_OWNER",
Permissions: []string{"org.read", "project.read"},
},

105
internal/api/authz/token.go Normal file
View File

@@ -0,0 +1,105 @@
package authz
import (
"context"
"strings"
"sync"
caos_errs "github.com/caos/zitadel/internal/errors"
)
const (
BearerPrefix = "Bearer "
)
type TokenVerifier struct {
authZRepo authZRepo
clients sync.Map
authMethods MethodMapping
}
type authZRepo interface {
VerifyAccessToken(ctx context.Context, token, clientID string) (userID, agentID string, err error)
VerifierClientID(ctx context.Context, name string) (clientID string, err error)
ResolveGrants(ctx context.Context) (grant *Grant, err error)
ProjectIDByClientID(ctx context.Context, clientID string) (projectID string, err error)
}
func Start(authZRepo authZRepo) (v *TokenVerifier) {
return &TokenVerifier{authZRepo: authZRepo}
}
func (v *TokenVerifier) VerifyAccessToken(ctx context.Context, token string, method string) (userID, clientID, agentID string, err error) {
clientID, err = v.clientIDFromMethod(ctx, method)
if err != nil {
return "", "", "", err
}
userID, agentID, err = v.authZRepo.VerifyAccessToken(ctx, token, clientID)
return userID, clientID, agentID, err
}
type client struct {
id string
name string
}
func (v *TokenVerifier) RegisterServer(appName, methodPrefix string, mappings MethodMapping) {
v.clients.Store(methodPrefix, &client{name: appName})
if v.authMethods == nil {
v.authMethods = make(map[string]Option)
}
for method, option := range mappings {
v.authMethods[method] = option
}
}
func prefixFromMethod(method string) (string, bool) {
parts := strings.Split(method, "/")
if len(parts) < 2 {
return "", false
}
return parts[1], true
}
func (v *TokenVerifier) clientIDFromMethod(ctx context.Context, method string) (string, error) {
prefix, ok := prefixFromMethod(method)
if !ok {
return "", caos_errs.ThrowPermissionDenied(nil, "AUTHZ-GRD2Q", "Errors.Internal")
}
app, ok := v.clients.Load(prefix)
if !ok {
return "", caos_errs.ThrowPermissionDenied(nil, "AUTHZ-G2qrh", "Errors.Internal")
}
var err error
c := app.(*client)
if c.id != "" {
return c.id, nil
}
c.id, err = v.authZRepo.VerifierClientID(ctx, c.name)
if err != nil {
return "", caos_errs.ThrowPermissionDenied(err, "AUTHZ-ptTIF2", "Errors.Internal")
}
v.clients.Store(prefix, c)
return c.id, nil
}
func (v *TokenVerifier) ResolveGrant(ctx context.Context) (*Grant, error) {
return v.authZRepo.ResolveGrants(ctx)
}
func (v *TokenVerifier) GetProjectIDByClientID(ctx context.Context, clientID string) (string, error) {
return v.authZRepo.ProjectIDByClientID(ctx, clientID)
}
func (v *TokenVerifier) CheckAuthMethod(method string) (Option, bool) {
authOpt, ok := v.authMethods[method]
return authOpt, ok
}
func verifyAccessToken(ctx context.Context, token string, t *TokenVerifier, method string) (userID, clientID, agentID string, err error) {
parts := strings.Split(token, BearerPrefix)
if len(parts) != 2 {
return "", "", "", caos_errs.ThrowUnauthenticated(nil, "AUTH-7fs1e", "invalid auth header")
}
return t.VerifyAccessToken(ctx, parts[1], method)
}

18
internal/api/auth/token_test.go → internal/api/authz/token_test.go
View File

@@ -1,7 +1,8 @@
package auth
package authz
import (
"context"
"sync"
"testing"
"github.com/caos/zitadel/internal/errors"
@@ -12,7 +13,8 @@ func Test_VerifyAccessToken(t *testing.T) {
type args struct {
ctx context.Context
token string
verifier *testVerifier
verifier *TokenVerifier
method string
}
tests := []struct {
name string
@@ -40,13 +42,23 @@ func Test_VerifyAccessToken(t *testing.T) {
args: args{
ctx: context.Background(),
token: "Bearer AUTH",
verifier: &TokenVerifier{
authZRepo: &testVerifier{grant: &Grant{}},
clients: func() sync.Map {
m := sync.Map{}
m.Store("service", &client{name: "name"})
return m
}(),
authMethods: MethodMapping{"/service/method": Option{Permission: "authenticated"}},
},
method: "/service/method",
},
wantErr: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
_, _, _, err := verifyAccessToken(tt.args.ctx, tt.args.token, tt.args.verifier)
_, _, _, err := verifyAccessToken(tt.args.ctx, tt.args.token, tt.args.verifier, tt.args.method)
if tt.wantErr && err == nil {
t.Errorf("got wrong result, should get err: actual: %v ", err)
}

19
pkg/admin/api/grpc/administrator.go → internal/api/grpc/admin/administrator.go
View File

@@ -1,33 +1,36 @@
package grpc
package admin
import (
"context"
view_model "github.com/caos/zitadel/internal/view/model"
"github.com/golang/protobuf/ptypes/empty"
view_model "github.com/caos/zitadel/internal/view/model"
"github.com/caos/zitadel/pkg/grpc/admin"
)
func (s *Server) GetViews(ctx context.Context, _ *empty.Empty) (_ *Views, err error) {
func (s *Server) GetViews(ctx context.Context, _ *empty.Empty) (_ *admin.Views, err error) {
views, err := s.administrator.GetViews(ctx)
if err != nil {
return nil, err
}
return &Views{Views: viewsFromModel(views)}, nil
return &admin.Views{Views: viewsFromModel(views)}, nil
}
func (s *Server) ClearView(ctx context.Context, viewID *ViewID) (_ *empty.Empty, err error) {
func (s *Server) ClearView(ctx context.Context, viewID *admin.ViewID) (_ *empty.Empty, err error) {
err = s.administrator.ClearView(ctx, viewID.Database, viewID.ViewName)
return &empty.Empty{}, err
}
func (s *Server) GetFailedEvents(ctx context.Context, _ *empty.Empty) (_ *FailedEvents, err error) {
func (s *Server) GetFailedEvents(ctx context.Context, _ *empty.Empty) (_ *admin.FailedEvents, err error) {
failedEvents, err := s.administrator.GetFailedEvents(ctx)
if err != nil {
return nil, err
}
return &FailedEvents{FailedEvents: failedEventsFromModel(failedEvents)}, nil
return &admin.FailedEvents{FailedEvents: failedEventsFromModel(failedEvents)}, nil
}
func (s *Server) RemoveFailedEvent(ctx context.Context, failedEventID *FailedEventID) (_ *empty.Empty, err error) {
func (s *Server) RemoveFailedEvent(ctx context.Context, failedEventID *admin.FailedEventID) (_ *empty.Empty, err error) {
err = s.administrator.RemoveFailedEvent(ctx, &view_model.FailedEvent{Database: failedEventID.Database, ViewName: failedEventID.ViewName, FailedSequence: failedEventID.FailedSequence})
return &empty.Empty{}, err
}

19
pkg/admin/api/grpc/administrator_converter.go → internal/api/grpc/admin/administrator_converter.go
View File

@@ -1,11 +1,12 @@
package grpc
package admin
import (
view_model "github.com/caos/zitadel/internal/view/model"
"github.com/caos/zitadel/pkg/grpc/admin"
)
func viewsFromModel(views []*view_model.View) []*View {
result := make([]*View, len(views))
func viewsFromModel(views []*view_model.View) []*admin.View {
result := make([]*admin.View, len(views))
for i, view := range views {
result[i] = viewFromModel(view)
}
@@ -13,8 +14,8 @@ func viewsFromModel(views []*view_model.View) []*View {
return result
}
func failedEventsFromModel(failedEvents []*view_model.FailedEvent) []*FailedEvent {
result := make([]*FailedEvent, len(failedEvents))
func failedEventsFromModel(failedEvents []*view_model.FailedEvent) []*admin.FailedEvent {
result := make([]*admin.FailedEvent, len(failedEvents))
for i, view := range failedEvents {
result[i] = failedEventFromModel(view)
}
@@ -22,16 +23,16 @@ func failedEventsFromModel(failedEvents []*view_model.FailedEvent) []*FailedEven
return result
}
func viewFromModel(view *view_model.View) *View {
return &View{
func viewFromModel(view *view_model.View) *admin.View {
return &admin.View{
Database: view.Database,
ViewName: view.ViewName,
Sequence: view.CurrentSequence,
}
}
func failedEventFromModel(failedEvent *view_model.FailedEvent) *FailedEvent {
return &FailedEvent{
func failedEventFromModel(failedEvent *view_model.FailedEvent) *admin.FailedEvent {
return &admin.FailedEvent{
Database: failedEvent.Database,
ViewName: failedEvent.ViewName,
FailedSequence: failedEvent.FailedSequence,

16
pkg/admin/api/grpc/iam_member.go → internal/api/grpc/admin/iam_member.go
View File

@@ -1,16 +1,18 @@
package grpc
package admin
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/admin"
)
func (s *Server) GetIamMemberRoles(ctx context.Context, _ *empty.Empty) (*IamMemberRoles, error) {
return &IamMemberRoles{Roles: s.iam.GetIamMemberRoles()}, nil
func (s *Server) GetIamMemberRoles(ctx context.Context, _ *empty.Empty) (*admin.IamMemberRoles, error) {
return &admin.IamMemberRoles{Roles: s.iam.GetIamMemberRoles()}, nil
}
func (s *Server) SearchIamMembers(ctx context.Context, in *IamMemberSearchRequest) (*IamMemberSearchResponse, error) {
func (s *Server) SearchIamMembers(ctx context.Context, in *admin.IamMemberSearchRequest) (*admin.IamMemberSearchResponse, error) {
members, err := s.iam.SearchIamMembers(ctx, iamMemberSearchRequestToModel(in))
if err != nil {
return nil, err
@@ -18,7 +20,7 @@ func (s *Server) SearchIamMembers(ctx context.Context, in *IamMemberSearchReques
return iamMemberSearchResponseFromModel(members), nil
}
func (s *Server) AddIamMember(ctx context.Context, member *AddIamMemberRequest) (*IamMember, error) {
func (s *Server) AddIamMember(ctx context.Context, member *admin.AddIamMemberRequest) (*admin.IamMember, error) {
addedMember, err := s.iam.AddIamMember(ctx, addIamMemberToModel(member))
if err != nil {
return nil, err
@@ -27,7 +29,7 @@ func (s *Server) AddIamMember(ctx context.Context, member *AddIamMemberRequest)
return iamMemberFromModel(addedMember), nil
}
func (s *Server) ChangeIamMember(ctx context.Context, member *ChangeIamMemberRequest) (*IamMember, error) {
func (s *Server) ChangeIamMember(ctx context.Context, member *admin.ChangeIamMemberRequest) (*admin.IamMember, error) {
changedMember, err := s.iam.ChangeIamMember(ctx, changeIamMemberToModel(member))
if err != nil {
return nil, err
@@ -35,7 +37,7 @@ func (s *Server) ChangeIamMember(ctx context.Context, member *ChangeIamMemberReq
return iamMemberFromModel(changedMember), nil
}
func (s *Server) RemoveIamMember(ctx context.Context, member *RemoveIamMemberRequest) (*empty.Empty, error) {
func (s *Server) RemoveIamMember(ctx context.Context, member *admin.RemoveIamMemberRequest) (*empty.Empty, error) {
err := s.iam.RemoveIamMember(ctx, member.UserId)
return &empty.Empty{}, err
}

56
pkg/admin/api/grpc/iam_member_converter.go → internal/api/grpc/admin/iam_member_converter.go
View File

@@ -1,13 +1,15 @@
package grpc
package admin
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/internal/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/admin"
)
func addIamMemberToModel(member *AddIamMemberRequest) *iam_model.IamMember {
func addIamMemberToModel(member *admin.AddIamMemberRequest) *iam_model.IamMember {
memberModel := &iam_model.IamMember{
UserID: member.UserId,
}
@@ -16,7 +18,7 @@ func addIamMemberToModel(member *AddIamMemberRequest) *iam_model.IamMember {
return memberModel
}
func changeIamMemberToModel(member *ChangeIamMemberRequest) *iam_model.IamMember {
func changeIamMemberToModel(member *admin.ChangeIamMemberRequest) *iam_model.IamMember {
memberModel := &iam_model.IamMember{
UserID: member.UserId,
}
@@ -25,14 +27,14 @@ func changeIamMemberToModel(member *ChangeIamMemberRequest) *iam_model.IamMember
return memberModel
}
func iamMemberFromModel(member *iam_model.IamMember) *IamMember {
func iamMemberFromModel(member *iam_model.IamMember) *admin.IamMember {
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-Lsp76").OnError(err).Debug("date parse failed")
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-3fG5s").OnError(err).Debug("date parse failed")
return &IamMember{
return &admin.IamMember{
UserId: member.UserID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -41,7 +43,7 @@ func iamMemberFromModel(member *iam_model.IamMember) *IamMember {
}
}
func iamMemberSearchRequestToModel(request *IamMemberSearchRequest) *iam_model.IamMemberSearchRequest {
func iamMemberSearchRequestToModel(request *admin.IamMemberSearchRequest) *iam_model.IamMemberSearchRequest {
return &iam_model.IamMemberSearchRequest{
Limit: request.Limit,
Offset: request.Offset,
@@ -49,7 +51,7 @@ func iamMemberSearchRequestToModel(request *IamMemberSearchRequest) *iam_model.I
}
}
func iamMemberSearchQueriesToModel(queries []*IamMemberSearchQuery) []*iam_model.IamMemberSearchQuery {
func iamMemberSearchQueriesToModel(queries []*admin.IamMemberSearchQuery) []*iam_model.IamMemberSearchQuery {
modelQueries := make([]*iam_model.IamMemberSearchQuery, len(queries))
for i, query := range queries {
modelQueries[i] = iamMemberSearchQueryToModel(query)
@@ -58,7 +60,7 @@ func iamMemberSearchQueriesToModel(queries []*IamMemberSearchQuery) []*iam_model
return modelQueries
}
func iamMemberSearchQueryToModel(query *IamMemberSearchQuery) *iam_model.IamMemberSearchQuery {
func iamMemberSearchQueryToModel(query *admin.IamMemberSearchQuery) *iam_model.IamMemberSearchQuery {
return &iam_model.IamMemberSearchQuery{
Key: iamMemberSearchKeyToModel(query.Key),
Method: iamMemberSearchMethodToModel(query.Method),
@@ -66,50 +68,50 @@ func iamMemberSearchQueryToModel(query *IamMemberSearchQuery) *iam_model.IamMemb
}
}
func iamMemberSearchKeyToModel(key IamMemberSearchKey) iam_model.IamMemberSearchKey {
func iamMemberSearchKeyToModel(key admin.IamMemberSearchKey) iam_model.IamMemberSearchKey {
switch key {
case IamMemberSearchKey_IAMMEMBERSEARCHKEY_EMAIL:
case admin.IamMemberSearchKey_IAMMEMBERSEARCHKEY_EMAIL:
return iam_model.IamMemberSearchKeyEmail
case IamMemberSearchKey_IAMMEMBERSEARCHKEY_FIRST_NAME:
case admin.IamMemberSearchKey_IAMMEMBERSEARCHKEY_FIRST_NAME:
return iam_model.IamMemberSearchKeyFirstName
case IamMemberSearchKey_IAMMEMBERSEARCHKEY_LAST_NAME:
case admin.IamMemberSearchKey_IAMMEMBERSEARCHKEY_LAST_NAME:
return iam_model.IamMemberSearchKeyLastName
case IamMemberSearchKey_IAMMEMBERSEARCHKEY_USER_ID:
case admin.IamMemberSearchKey_IAMMEMBERSEARCHKEY_USER_ID:
return iam_model.IamMemberSearchKeyUserID
default:
return iam_model.IamMemberSearchKeyUnspecified
}
}
func iamMemberSearchMethodToModel(key SearchMethod) model.SearchMethod {
func iamMemberSearchMethodToModel(key admin.SearchMethod) model.SearchMethod {
switch key {
case SearchMethod_SEARCHMETHOD_CONTAINS:
case admin.SearchMethod_SEARCHMETHOD_CONTAINS:
return model.SearchMethodContains
case SearchMethod_SEARCHMETHOD_CONTAINS_IGNORE_CASE:
case admin.SearchMethod_SEARCHMETHOD_CONTAINS_IGNORE_CASE:
return model.SearchMethodContainsIgnoreCase
case SearchMethod_SEARCHMETHOD_EQUALS:
case admin.SearchMethod_SEARCHMETHOD_EQUALS:
return model.SearchMethodEquals
case SearchMethod_SEARCHMETHOD_EQUALS_IGNORE_CASE:
case admin.SearchMethod_SEARCHMETHOD_EQUALS_IGNORE_CASE:
return model.SearchMethodEqualsIgnoreCase
case SearchMethod_SEARCHMETHOD_STARTS_WITH:
case admin.SearchMethod_SEARCHMETHOD_STARTS_WITH:
return model.SearchMethodStartsWith
case SearchMethod_SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
case admin.SearchMethod_SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
return model.SearchMethodStartsWithIgnoreCase
default:
return -1
}
}
func iamMemberSearchResponseFromModel(resp *iam_model.IamMemberSearchResponse) *IamMemberSearchResponse {
return &IamMemberSearchResponse{
func iamMemberSearchResponseFromModel(resp *iam_model.IamMemberSearchResponse) *admin.IamMemberSearchResponse {
return &admin.IamMemberSearchResponse{
Limit: resp.Limit,
Offset: resp.Offset,
TotalResult: resp.TotalResult,
Result: iamMembersFromView(resp.Result),
}
}
func iamMembersFromView(viewMembers []*iam_model.IamMemberView) []*IamMemberView {
members := make([]*IamMemberView, len(viewMembers))
func iamMembersFromView(viewMembers []*iam_model.IamMemberView) []*admin.IamMemberView {
members := make([]*admin.IamMemberView, len(viewMembers))
for i, member := range viewMembers {
members[i] = iamMemberFromView(member)
@@ -118,13 +120,13 @@ func iamMembersFromView(viewMembers []*iam_model.IamMemberView) []*IamMemberView
return members
}
func iamMemberFromView(member *iam_model.IamMemberView) *IamMemberView {
func iamMemberFromView(member *iam_model.IamMemberView) *admin.IamMemberView {
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-Lso9c").OnError(err).Debug("unable to parse changedate")
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-6szE").OnError(err).Debug("unable to parse creation date")
return &IamMemberView{
return &admin.IamMemberView{
ChangeDate: changeDate,
CreationDate: creationDate,
Roles: member.Roles,

25
pkg/admin/api/grpc/org.go → internal/api/grpc/admin/org.go
View File

@@ -1,11 +1,14 @@
package grpc
package admin
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/admin"
)
func (s *Server) GetOrgByID(ctx context.Context, orgID *OrgID) (_ *Org, err error) {
func (s *Server) GetOrgByID(ctx context.Context, orgID *admin.OrgID) (_ *admin.Org, err error) {
org, err := s.org.OrgByID(ctx, orgID.Id)
if err != nil {
return nil, err
@@ -13,12 +16,12 @@ func (s *Server) GetOrgByID(ctx context.Context, orgID *OrgID) (_ *Org, err erro
return orgFromModel(org), nil
}
func (s *Server) SearchOrgs(ctx context.Context, request *OrgSearchRequest) (_ *OrgSearchResponse, err error) {
func (s *Server) SearchOrgs(ctx context.Context, request *admin.OrgSearchRequest) (_ *admin.OrgSearchResponse, err error) {
result, err := s.org.SearchOrgs(ctx, orgSearchRequestToModel(request))
if err != nil {
return nil, err
}
return &OrgSearchResponse{
return &admin.OrgSearchResponse{
Result: orgViewsFromModel(result.Result),
Limit: request.Limit,
Offset: request.Offset,
@@ -26,13 +29,13 @@ func (s *Server) SearchOrgs(ctx context.Context, request *OrgSearchRequest) (_ *
}, nil
}
func (s *Server) IsOrgUnique(ctx context.Context, request *UniqueOrgRequest) (org *UniqueOrgResponse, err error) {
func (s *Server) IsOrgUnique(ctx context.Context, request *admin.UniqueOrgRequest) (org *admin.UniqueOrgResponse, err error) {
isUnique, err := s.org.IsOrgUnique(ctx, request.Name, request.Domain)
return &UniqueOrgResponse{IsUnique: isUnique}, err
return &admin.UniqueOrgResponse{IsUnique: isUnique}, err
}
func (s *Server) SetUpOrg(ctx context.Context, orgSetUp *OrgSetUpRequest) (_ *OrgSetUpResponse, err error) {
func (s *Server) SetUpOrg(ctx context.Context, orgSetUp *admin.OrgSetUpRequest) (_ *admin.OrgSetUpResponse, err error) {
setUp, err := s.org.SetUpOrg(ctx, setUpRequestToModel(orgSetUp))
if err != nil {
return nil, err
@@ -40,7 +43,7 @@ func (s *Server) SetUpOrg(ctx context.Context, orgSetUp *OrgSetUpRequest) (_ *Or
return setUpOrgResponseFromModel(setUp), err
}
func (s *Server) GetOrgIamPolicy(ctx context.Context, in *OrgIamPolicyID) (_ *OrgIamPolicy, err error) {
func (s *Server) GetOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyID) (_ *admin.OrgIamPolicy, err error) {
policy, err := s.org.GetOrgIamPolicyByID(ctx, in.OrgId)
if err != nil {
return nil, err
@@ -48,7 +51,7 @@ func (s *Server) GetOrgIamPolicy(ctx context.Context, in *OrgIamPolicyID) (_ *Or
return orgIamPolicyFromModel(policy), err
}
func (s *Server) CreateOrgIamPolicy(ctx context.Context, in *OrgIamPolicyRequest) (_ *OrgIamPolicy, err error) {
func (s *Server) CreateOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyRequest) (_ *admin.OrgIamPolicy, err error) {
policy, err := s.org.CreateOrgIamPolicy(ctx, orgIamPolicyRequestToModel(in))
if err != nil {
return nil, err
@@ -56,7 +59,7 @@ func (s *Server) CreateOrgIamPolicy(ctx context.Context, in *OrgIamPolicyRequest
return orgIamPolicyFromModel(policy), err
}
func (s *Server) UpdateOrgIamPolicy(ctx context.Context, in *OrgIamPolicyRequest) (_ *OrgIamPolicy, err error) {
func (s *Server) UpdateOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyRequest) (_ *admin.OrgIamPolicy, err error) {
policy, err := s.org.ChangeOrgIamPolicy(ctx, orgIamPolicyRequestToModel(in))
if err != nil {
return nil, err
@@ -64,7 +67,7 @@ func (s *Server) UpdateOrgIamPolicy(ctx context.Context, in *OrgIamPolicyRequest
return orgIamPolicyFromModel(policy), err
}
func (s *Server) DeleteOrgIamPolicy(ctx context.Context, in *OrgIamPolicyID) (_ *empty.Empty, err error) {
func (s *Server) DeleteOrgIamPolicy(ctx context.Context, in *admin.OrgIamPolicyID) (_ *empty.Empty, err error) {
err = s.org.RemoveOrgIamPolicy(ctx, in.OrgId)
return &empty.Empty{}, err
}

98
pkg/admin/api/grpc/org_converter.go → internal/api/grpc/admin/org_converter.go
View File

@@ -1,24 +1,26 @@
package grpc
package admin
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
admin_model "github.com/caos/zitadel/internal/admin/model"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/model"
org_model "github.com/caos/zitadel/internal/org/model"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
"github.com/caos/zitadel/pkg/grpc/admin"
)
func setUpRequestToModel(setUp *OrgSetUpRequest) *admin_model.SetupOrg {
func setUpRequestToModel(setUp *admin.OrgSetUpRequest) *admin_model.SetupOrg {
return &admin_model.SetupOrg{
Org: orgCreateRequestToModel(setUp.Org),
User: userCreateRequestToModel(setUp.User),
}
}
func orgCreateRequestToModel(org *CreateOrgRequest) *org_model.Org {
func orgCreateRequestToModel(org *admin.CreateOrgRequest) *org_model.Org {
o := &org_model.Org{
Domains: []*org_model.OrgDomain{},
Name: org.Name,
@@ -30,7 +32,7 @@ func orgCreateRequestToModel(org *CreateOrgRequest) *org_model.Org {
return o
}
func userCreateRequestToModel(user *CreateUserRequest) *usr_model.User {
func userCreateRequestToModel(user *admin.CreateUserRequest) *usr_model.User {
preferredLanguage, err := language.Parse(user.PreferredLanguage)
logging.Log("GRPC-30hwz").OnError(err).Debug("unable to parse language")
result := &usr_model.User{
@@ -63,15 +65,15 @@ func userCreateRequestToModel(user *CreateUserRequest) *usr_model.User {
return result
}
func setUpOrgResponseFromModel(setUp *admin_model.SetupOrg) *OrgSetUpResponse {
return &OrgSetUpResponse{
func setUpOrgResponseFromModel(setUp *admin_model.SetupOrg) *admin.OrgSetUpResponse {
return &admin.OrgSetUpResponse{
Org: orgFromModel(setUp.Org),
User: userFromModel(setUp.User),
}
}
func orgViewsFromModel(orgs []*org_model.OrgView) []*Org {
result := make([]*Org, len(orgs))
func orgViewsFromModel(orgs []*org_model.OrgView) []*admin.Org {
result := make([]*admin.Org, len(orgs))
for i, org := range orgs {
result[i] = orgViewFromModel(org)
}
@@ -79,14 +81,14 @@ func orgViewsFromModel(orgs []*org_model.OrgView) []*Org {
return result
}
func orgFromModel(org *org_model.Org) *Org {
func orgFromModel(org *org_model.Org) *admin.Org {
creationDate, err := ptypes.TimestampProto(org.CreationDate)
logging.Log("GRPC-GTHsZ").OnError(err).Debug("unable to get timestamp from time")
changeDate, err := ptypes.TimestampProto(org.ChangeDate)
logging.Log("GRPC-dVnoj").OnError(err).Debug("unable to get timestamp from time")
return &Org{
return &admin.Org{
ChangeDate: changeDate,
CreationDate: creationDate,
Id: org.AggregateID,
@@ -95,14 +97,14 @@ func orgFromModel(org *org_model.Org) *Org {
}
}
func orgViewFromModel(org *org_model.OrgView) *Org {
func orgViewFromModel(org *org_model.OrgView) *admin.Org {
creationDate, err := ptypes.TimestampProto(org.CreationDate)
logging.Log("GRPC-GTHsZ").OnError(err).Debug("unable to get timestamp from time")
changeDate, err := ptypes.TimestampProto(org.ChangeDate)
logging.Log("GRPC-dVnoj").OnError(err).Debug("unable to get timestamp from time")
return &Org{
return &admin.Org{
ChangeDate: changeDate,
CreationDate: creationDate,
Id: org.ID,
@@ -111,14 +113,14 @@ func orgViewFromModel(org *org_model.OrgView) *Org {
}
}
func userFromModel(user *usr_model.User) *User {
func userFromModel(user *usr_model.User) *admin.User {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-8duwe").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(user.ChangeDate)
logging.Log("GRPC-ckoe3d").OnError(err).Debug("unable to parse timestamp")
converted := &User{
converted := &admin.User{
Id: user.AggregateID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
@@ -150,57 +152,57 @@ func userFromModel(user *usr_model.User) *User {
return converted
}
func orgStateFromModel(state org_model.OrgState) OrgState {
func orgStateFromModel(state org_model.OrgState) admin.OrgState {
switch state {
case org_model.OrgStateActive:
return OrgState_ORGSTATE_ACTIVE
return admin.OrgState_ORGSTATE_ACTIVE
case org_model.OrgStateInactive:
return OrgState_ORGSTATE_INACTIVE
return admin.OrgState_ORGSTATE_INACTIVE
default:
return OrgState_ORGSTATE_UNSPECIFIED
return admin.OrgState_ORGSTATE_UNSPECIFIED
}
}
func genderFromModel(gender usr_model.Gender) Gender {
func genderFromModel(gender usr_model.Gender) admin.Gender {
switch gender {
case usr_model.GenderFemale:
return Gender_GENDER_FEMALE
return admin.Gender_GENDER_FEMALE
case usr_model.GenderMale:
return Gender_GENDER_MALE
return admin.Gender_GENDER_MALE
case usr_model.GenderDiverse:
return Gender_GENDER_DIVERSE
return admin.Gender_GENDER_DIVERSE
default:
return Gender_GENDER_UNSPECIFIED
return admin.Gender_GENDER_UNSPECIFIED
}
}
func genderToModel(gender Gender) usr_model.Gender {
func genderToModel(gender admin.Gender) usr_model.Gender {
switch gender {
case Gender_GENDER_FEMALE:
case admin.Gender_GENDER_FEMALE:
return usr_model.GenderFemale
case Gender_GENDER_MALE:
case admin.Gender_GENDER_MALE:
return usr_model.GenderMale
case Gender_GENDER_DIVERSE:
case admin.Gender_GENDER_DIVERSE:
return usr_model.GenderDiverse
default:
return usr_model.GenderUnspecified
}
}
func userStateFromModel(state usr_model.UserState) UserState {
func userStateFromModel(state usr_model.UserState) admin.UserState {
switch state {
case usr_model.UserStateActive:
return UserState_USERSTATE_ACTIVE
return admin.UserState_USERSTATE_ACTIVE
case usr_model.UserStateInactive:
return UserState_USERSTATE_INACTIVE
return admin.UserState_USERSTATE_INACTIVE
case usr_model.UserStateLocked:
return UserState_USERSTATE_LOCKED
return admin.UserState_USERSTATE_LOCKED
default:
return UserState_USERSTATE_UNSPECIFIED
return admin.UserState_USERSTATE_UNSPECIFIED
}
}
func orgSearchRequestToModel(req *OrgSearchRequest) *org_model.OrgSearchRequest {
func orgSearchRequestToModel(req *admin.OrgSearchRequest) *org_model.OrgSearchRequest {
return &org_model.OrgSearchRequest{
Limit: req.Limit,
Asc: req.Asc,
@@ -210,7 +212,7 @@ func orgSearchRequestToModel(req *OrgSearchRequest) *org_model.OrgSearchRequest
}
}
func orgQueriesToModel(queries []*OrgSearchQuery) []*org_model.OrgSearchQuery {
func orgQueriesToModel(queries []*admin.OrgSearchQuery) []*org_model.OrgSearchQuery {
modelQueries := make([]*org_model.OrgSearchQuery, len(queries))
for i, query := range queries {
@@ -220,7 +222,7 @@ func orgQueriesToModel(queries []*OrgSearchQuery) []*org_model.OrgSearchQuery {
return modelQueries
}
func orgQueryToModel(query *OrgSearchQuery) *org_model.OrgSearchQuery {
func orgQueryToModel(query *admin.OrgSearchQuery) *org_model.OrgSearchQuery {
return &org_model.OrgSearchQuery{
Key: orgQueryKeyToModel(query.Key),
Value: query.Value,
@@ -228,40 +230,40 @@ func orgQueryToModel(query *OrgSearchQuery) *org_model.OrgSearchQuery {
}
}
func orgQueryKeyToModel(key OrgSearchKey) org_model.OrgSearchKey {
func orgQueryKeyToModel(key admin.OrgSearchKey) org_model.OrgSearchKey {
switch key {
case OrgSearchKey_ORGSEARCHKEY_DOMAIN:
case admin.OrgSearchKey_ORGSEARCHKEY_DOMAIN:
return org_model.OrgSearchKeyOrgDomain
case OrgSearchKey_ORGSEARCHKEY_ORG_NAME:
case admin.OrgSearchKey_ORGSEARCHKEY_ORG_NAME:
return org_model.OrgSearchKeyOrgName
case OrgSearchKey_ORGSEARCHKEY_STATE:
case admin.OrgSearchKey_ORGSEARCHKEY_STATE:
return org_model.OrgSearchKeyState
default:
return org_model.OrgSearchKeyUnspecified
}
}
func orgQueryMethodToModel(method OrgSearchMethod) model.SearchMethod {
func orgQueryMethodToModel(method admin.OrgSearchMethod) model.SearchMethod {
switch method {
case OrgSearchMethod_ORGSEARCHMETHOD_CONTAINS:
case admin.OrgSearchMethod_ORGSEARCHMETHOD_CONTAINS:
return model.SearchMethodContains
case OrgSearchMethod_ORGSEARCHMETHOD_EQUALS:
case admin.OrgSearchMethod_ORGSEARCHMETHOD_EQUALS:
return model.SearchMethodEquals
case OrgSearchMethod_ORGSEARCHMETHOD_STARTS_WITH:
case admin.OrgSearchMethod_ORGSEARCHMETHOD_STARTS_WITH:
return model.SearchMethodStartsWith
default:
return 0
}
}
func orgIamPolicyFromModel(policy *org_model.OrgIamPolicy) *OrgIamPolicy {
func orgIamPolicyFromModel(policy *org_model.OrgIamPolicy) *admin.OrgIamPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-ush36").OnError(err).Debug("unable to get timestamp from time")
changeDate, err := ptypes.TimestampProto(policy.ChangeDate)
logging.Log("GRPC-Ps9fW").OnError(err).Debug("unable to get timestamp from time")
return &OrgIamPolicy{
return &admin.OrgIamPolicy{
OrgId: policy.AggregateID,
Description: policy.Description,
UserLoginMustBeDomain: policy.UserLoginMustBeDomain,
@@ -271,7 +273,7 @@ func orgIamPolicyFromModel(policy *org_model.OrgIamPolicy) *OrgIamPolicy {
}
}
func orgIamPolicyRequestToModel(policy *OrgIamPolicyRequest) *org_model.OrgIamPolicy {
func orgIamPolicyRequestToModel(policy *admin.OrgIamPolicyRequest) *org_model.OrgIamPolicy {
return &org_model.OrgIamPolicy{
ObjectRoot: models.ObjectRoot{
AggregateID: policy.OrgId,

5
pkg/admin/api/grpc/probes.go → internal/api/grpc/admin/probes.go
View File

@@ -1,11 +1,12 @@
package grpc
package admin
import (
"context"
"github.com/caos/zitadel/internal/errors"
"github.com/golang/protobuf/ptypes/empty"
pb_struct "github.com/golang/protobuf/ptypes/struct"
"github.com/caos/zitadel/internal/errors"
)
func (s *Server) Healthz(_ context.Context, e *empty.Empty) (*empty.Empty, error) {

61
internal/api/grpc/admin/server.go Normal file
View File

@@ -0,0 +1,61 @@
package admin
import (
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/admin/repository"
"github.com/caos/zitadel/internal/admin/repository/eventsourcing"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/api/grpc/server"
"github.com/caos/zitadel/pkg/grpc/admin"
)
const (
adminName = "Admin-API"
)
var _ admin.AdminServiceServer = (*Server)(nil)
type Server struct {
org repository.OrgRepository
iam repository.IamRepository
administrator repository.AdministratorRepository
repo repository.Repository
}
type Config struct {
Repository eventsourcing.Config
}
func CreateServer(repo repository.Repository) *Server {
return &Server{
org: repo,
iam: repo,
administrator: repo,
repo: repo,
}
}
func (s *Server) RegisterServer(grpcServer *grpc.Server) {
admin.RegisterAdminServiceServer(grpcServer, s)
}
func (s *Server) AppName() string {
return adminName
}
func (s *Server) MethodPrefix() string {
return admin.AdminService_MethodPrefix
}
func (s *Server) AuthMethods() authz.MethodMapping {
return admin.AdminService_AuthMethods
}
func (s *Server) RegisterGateway() server.GatewayFunc {
return admin.RegisterAdminServiceHandlerFromEndpoint
}
func (s *Server) GatewayPathPrefix() string {
return "/admin/v1"
}

5
pkg/auth/api/grpc/gateway.go → internal/api/grpc/auth/gateway.go
View File

@@ -1,4 +1,4 @@
package grpc
package auth
import (
"strings"
@@ -7,6 +7,7 @@ import (
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/api/grpc/server"
"github.com/caos/zitadel/pkg/grpc/auth"
)
type Gateway struct {
@@ -24,7 +25,7 @@ func StartGateway(conf grpc_util.GatewayConfig) *Gateway {
}
func (gw *Gateway) Gateway() server.GatewayFunc {
return RegisterAuthServiceHandlerFromEndpoint
return auth.RegisterAuthServiceHandlerFromEndpoint
}
func (gw *Gateway) GRPCEndpoint() string {

10
pkg/auth/api/grpc/policy_complexity_converter.go → internal/api/grpc/auth/policy_complexity_converter.go
View File

@@ -1,19 +1,21 @@
package grpc
package auth
import (
"github.com/caos/logging"
"github.com/caos/zitadel/internal/policy/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/policy/model"
"github.com/caos/zitadel/pkg/grpc/auth"
)
func passwordComplexityPolicyFromModel(policy *model.PasswordComplexityPolicy) *PasswordComplexityPolicy {
func passwordComplexityPolicyFromModel(policy *model.PasswordComplexityPolicy) *auth.PasswordComplexityPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-Lsi3d").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(policy.ChangeDate)
logging.Log("GRPC-P0wr4").OnError(err).Debug("unable to parse timestamp")
return &PasswordComplexityPolicy{
return &auth.PasswordComplexityPolicy{
Id: policy.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,

6
pkg/auth/api/grpc/probes.go → internal/api/grpc/auth/probes.go
View File

@@ -1,10 +1,12 @@
package grpc
package auth
import (
"context"
"github.com/caos/zitadel/internal/errors"
"github.com/golang/protobuf/ptypes/empty"
pb_struct "github.com/golang/protobuf/ptypes/struct"
"github.com/caos/zitadel/internal/errors"
)
func (s *Server) Healthz(_ context.Context, e *empty.Empty) (*empty.Empty, error) {

25
internal/api/grpc/auth/search_converter.go Normal file
View File

@@ -0,0 +1,25 @@
package auth
import (
"github.com/caos/zitadel/internal/model"
"github.com/caos/zitadel/pkg/grpc/auth"
)
func searchMethodToModel(method auth.SearchMethod) model.SearchMethod {
switch method {
case auth.SearchMethod_SEARCHMETHOD_EQUALS:
return model.SearchMethodEquals
case auth.SearchMethod_SEARCHMETHOD_CONTAINS:
return model.SearchMethodContains
case auth.SearchMethod_SEARCHMETHOD_STARTS_WITH:
return model.SearchMethodStartsWith
case auth.SearchMethod_SEARCHMETHOD_EQUALS_IGNORE_CASE:
return model.SearchMethodEqualsIgnoreCase
case auth.SearchMethod_SEARCHMETHOD_CONTAINS_IGNORE_CASE:
return model.SearchMethodContainsIgnoreCase
case auth.SearchMethod_SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
return model.SearchMethodStartsWithIgnoreCase
default:
return model.SearchMethodEquals
}
}

55
internal/api/grpc/auth/server.go Normal file
View File

@@ -0,0 +1,55 @@
package auth
import (
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/api/grpc/server"
"github.com/caos/zitadel/internal/auth/repository"
"github.com/caos/zitadel/internal/auth/repository/eventsourcing"
"github.com/caos/zitadel/pkg/grpc/auth"
)
var _ auth.AuthServiceServer = (*Server)(nil)
const (
authName = "Auth-API"
)
type Server struct {
repo repository.Repository
}
type Config struct {
Repository eventsourcing.Config
}
func CreateServer(authRepo repository.Repository) *Server {
return &Server{
repo: authRepo,
}
}
func (s *Server) RegisterServer(grpcServer *grpc.Server) {
auth.RegisterAuthServiceServer(grpcServer, s)
}
func (s *Server) AppName() string {
return authName
}
func (s *Server) MethodPrefix() string {
return auth.AuthService_MethodPrefix
}
func (s *Server) AuthMethods() authz.MethodMapping {
return auth.AuthService_AuthMethods
}
func (s *Server) RegisterGateway() server.GatewayFunc {
return auth.RegisterAuthServiceHandlerFromEndpoint
}
func (s *Server) GatewayPathPrefix() string {
return "/auth/v1"
}

41
pkg/auth/api/grpc/user.go → internal/api/grpc/auth/user.go
View File

@@ -1,12 +1,14 @@
package grpc
package auth
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/auth"
)
func (s *Server) GetMyUser(ctx context.Context, _ *empty.Empty) (*UserView, error) {
func (s *Server) GetMyUser(ctx context.Context, _ *empty.Empty) (*auth.UserView, error) {
user, err := s.repo.MyUser(ctx)
if err != nil {
return nil, err
@@ -14,7 +16,7 @@ func (s *Server) GetMyUser(ctx context.Context, _ *empty.Empty) (*UserView, erro
return userViewFromModel(user), nil
}
func (s *Server) GetMyUserProfile(ctx context.Context, _ *empty.Empty) (*UserProfileView, error) {
func (s *Server) GetMyUserProfile(ctx context.Context, _ *empty.Empty) (*auth.UserProfileView, error) {
profile, err := s.repo.MyProfile(ctx)
if err != nil {
return nil, err
@@ -22,7 +24,7 @@ func (s *Server) GetMyUserProfile(ctx context.Context, _ *empty.Empty) (*UserPro
return profileViewFromModel(profile), nil
}
func (s *Server) GetMyUserEmail(ctx context.Context, _ *empty.Empty) (*UserEmailView, error) {
func (s *Server) GetMyUserEmail(ctx context.Context, _ *empty.Empty) (*auth.UserEmailView, error) {
email, err := s.repo.MyEmail(ctx)
if err != nil {
return nil, err
@@ -30,7 +32,7 @@ func (s *Server) GetMyUserEmail(ctx context.Context, _ *empty.Empty) (*UserEmail
return emailViewFromModel(email), nil
}
func (s *Server) GetMyUserPhone(ctx context.Context, _ *empty.Empty) (*UserPhoneView, error) {
func (s *Server) GetMyUserPhone(ctx context.Context, _ *empty.Empty) (*auth.UserPhoneView, error) {
phone, err := s.repo.MyPhone(ctx)
if err != nil {
return nil, err
@@ -42,7 +44,8 @@ func (s *Server) RemoveMyUserPhone(ctx context.Context, _ *empty.Empty) (*empty.
err := s.repo.RemoveMyPhone(ctx)
return &empty.Empty{}, err
}
func (s *Server) GetMyUserAddress(ctx context.Context, _ *empty.Empty) (*UserAddressView, error) {
func (s *Server) GetMyUserAddress(ctx context.Context, _ *empty.Empty) (*auth.UserAddressView, error) {
address, err := s.repo.MyAddress(ctx)
if err != nil {
return nil, err
@@ -50,15 +53,15 @@ func (s *Server) GetMyUserAddress(ctx context.Context, _ *empty.Empty) (*UserAdd
return addressViewFromModel(address), nil
}
func (s *Server) GetMyMfas(ctx context.Context, _ *empty.Empty) (*MultiFactors, error) {
func (s *Server) GetMyMfas(ctx context.Context, _ *empty.Empty) (*auth.MultiFactors, error) {
mfas, err := s.repo.MyUserMfas(ctx)
if err != nil {
return nil, err
}
return &MultiFactors{Mfas: mfasFromModel(mfas)}, nil
return &auth.MultiFactors{Mfas: mfasFromModel(mfas)}, nil
}
func (s *Server) UpdateMyUserProfile(ctx context.Context, request *UpdateUserProfileRequest) (*UserProfile, error) {
func (s *Server) UpdateMyUserProfile(ctx context.Context, request *auth.UpdateUserProfileRequest) (*auth.UserProfile, error) {
profile, err := s.repo.ChangeMyProfile(ctx, updateProfileToModel(ctx, request))
if err != nil {
return nil, err
@@ -66,7 +69,7 @@ func (s *Server) UpdateMyUserProfile(ctx context.Context, request *UpdateUserPro
return profileFromModel(profile), nil
}
func (s *Server) ChangeMyUserEmail(ctx context.Context, request *UpdateUserEmailRequest) (*UserEmail, error) {
func (s *Server) ChangeMyUserEmail(ctx context.Context, request *auth.UpdateUserEmailRequest) (*auth.UserEmail, error) {
email, err := s.repo.ChangeMyEmail(ctx, updateEmailToModel(ctx, request))
if err != nil {
return nil, err
@@ -74,7 +77,7 @@ func (s *Server) ChangeMyUserEmail(ctx context.Context, request *UpdateUserEmail
return emailFromModel(email), nil
}
func (s *Server) VerifyMyUserEmail(ctx context.Context, request *VerifyMyUserEmailRequest) (*empty.Empty, error) {
func (s *Server) VerifyMyUserEmail(ctx context.Context, request *auth.VerifyMyUserEmailRequest) (*empty.Empty, error) {
err := s.repo.VerifyMyEmail(ctx, request.Code)
return &empty.Empty{}, err
}
@@ -84,7 +87,7 @@ func (s *Server) ResendMyEmailVerificationMail(ctx context.Context, _ *empty.Emp
return &empty.Empty{}, err
}
func (s *Server) ChangeMyUserPhone(ctx context.Context, request *UpdateUserPhoneRequest) (*UserPhone, error) {
func (s *Server) ChangeMyUserPhone(ctx context.Context, request *auth.UpdateUserPhoneRequest) (*auth.UserPhone, error) {
phone, err := s.repo.ChangeMyPhone(ctx, updatePhoneToModel(ctx, request))
if err != nil {
return nil, err
@@ -92,7 +95,7 @@ func (s *Server) ChangeMyUserPhone(ctx context.Context, request *UpdateUserPhone
return phoneFromModel(phone), nil
}
func (s *Server) VerifyMyUserPhone(ctx context.Context, request *VerifyUserPhoneRequest) (*empty.Empty, error) {
func (s *Server) VerifyMyUserPhone(ctx context.Context, request *auth.VerifyUserPhoneRequest) (*empty.Empty, error) {
err := s.repo.VerifyMyPhone(ctx, request.Code)
return &empty.Empty{}, err
}
@@ -102,7 +105,7 @@ func (s *Server) ResendMyPhoneVerificationCode(ctx context.Context, _ *empty.Emp
return &empty.Empty{}, err
}
func (s *Server) UpdateMyUserAddress(ctx context.Context, request *UpdateUserAddressRequest) (*UserAddress, error) {
func (s *Server) UpdateMyUserAddress(ctx context.Context, request *auth.UpdateUserAddressRequest) (*auth.UserAddress, error) {
address, err := s.repo.ChangeMyAddress(ctx, updateAddressToModel(ctx, request))
if err != nil {
return nil, err
@@ -110,12 +113,12 @@ func (s *Server) UpdateMyUserAddress(ctx context.Context, request *UpdateUserAdd
return addressFromModel(address), nil
}
func (s *Server) ChangeMyPassword(ctx context.Context, request *PasswordChange) (*empty.Empty, error) {
func (s *Server) ChangeMyPassword(ctx context.Context, request *auth.PasswordChange) (*empty.Empty, error) {
err := s.repo.ChangeMyPassword(ctx, request.OldPassword, request.NewPassword)
return &empty.Empty{}, err
}
func (s *Server) GetMyPasswordComplexityPolicy(ctx context.Context, _ *empty.Empty) (*PasswordComplexityPolicy, error) {
func (s *Server) GetMyPasswordComplexityPolicy(ctx context.Context, _ *empty.Empty) (*auth.PasswordComplexityPolicy, error) {
policy, err := s.repo.GetMyPasswordComplexityPolicy(ctx)
if err != nil {
return nil, err
@@ -123,7 +126,7 @@ func (s *Server) GetMyPasswordComplexityPolicy(ctx context.Context, _ *empty.Emp
return passwordComplexityPolicyFromModel(policy), nil
}
func (s *Server) AddMfaOTP(ctx context.Context, _ *empty.Empty) (_ *MfaOtpResponse, err error) {
func (s *Server) AddMfaOTP(ctx context.Context, _ *empty.Empty) (_ *auth.MfaOtpResponse, err error) {
otp, err := s.repo.AddMyMfaOTP(ctx)
if err != nil {
return nil, err
@@ -131,7 +134,7 @@ func (s *Server) AddMfaOTP(ctx context.Context, _ *empty.Empty) (_ *MfaOtpRespon
return otpFromModel(otp), nil
}
func (s *Server) VerifyMfaOTP(ctx context.Context, request *VerifyMfaOtp) (*empty.Empty, error) {
func (s *Server) VerifyMfaOTP(ctx context.Context, request *auth.VerifyMfaOtp) (*empty.Empty, error) {
err := s.repo.VerifyMyMfaOTPSetup(ctx, request.Code)
return &empty.Empty{}, err
}
@@ -141,7 +144,7 @@ func (s *Server) RemoveMfaOTP(ctx context.Context, _ *empty.Empty) (_ *empty.Emp
return &empty.Empty{}, err
}
func (s *Server) GetMyUserChanges(ctx context.Context, request *ChangesRequest) (*Changes, error) {
func (s *Server) GetMyUserChanges(ctx context.Context, request *auth.ChangesRequest) (*auth.Changes, error) {
changes, err := s.repo.MyUserChanges(ctx, request.SequenceOffset, request.Limit, request.Asc)
if err != nil {
return nil, err

134
pkg/auth/api/grpc/user_converter.go → internal/api/grpc/auth/user_converter.go
View File

@@ -1,21 +1,23 @@
package grpc
package auth
import (
"context"
"encoding/json"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/eventstore/models"
usr_model "github.com/caos/zitadel/internal/user/model"
message "github.com/caos/zitadel/pkg/message"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/types/known/structpb"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/eventstore/models"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/grpc/auth"
"github.com/caos/zitadel/pkg/grpc/message"
)
func userViewFromModel(user *usr_model.UserView) *UserView {
func userViewFromModel(user *usr_model.UserView) *auth.UserView {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-sd32g").OnError(err).Debug("unable to parse timestamp")
@@ -28,7 +30,7 @@ func userViewFromModel(user *usr_model.UserView) *UserView {
passwordChanged, err := ptypes.TimestampProto(user.PasswordChanged)
logging.Log("GRPC-fgQFT").OnError(err).Debug("unable to parse timestamp")
return &UserView{
return &auth.UserView{
Id: user.ID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
@@ -58,14 +60,14 @@ func userViewFromModel(user *usr_model.UserView) *UserView {
}
}
func profileFromModel(profile *usr_model.Profile) *UserProfile {
func profileFromModel(profile *usr_model.Profile) *auth.UserProfile {
creationDate, err := ptypes.TimestampProto(profile.CreationDate)
logging.Log("GRPC-56t5s").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(profile.ChangeDate)
logging.Log("GRPC-K58ds").OnError(err).Debug("unable to parse timestamp")
return &UserProfile{
return &auth.UserProfile{
Id: profile.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -80,14 +82,14 @@ func profileFromModel(profile *usr_model.Profile) *UserProfile {
}
}
func profileViewFromModel(profile *usr_model.Profile) *UserProfileView {
func profileViewFromModel(profile *usr_model.Profile) *auth.UserProfileView {
creationDate, err := ptypes.TimestampProto(profile.CreationDate)
logging.Log("GRPC-s9iKs").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(profile.ChangeDate)
logging.Log("GRPC-9sujE").OnError(err).Debug("unable to parse timestamp")
return &UserProfileView{
return &auth.UserProfileView{
Id: profile.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -104,12 +106,12 @@ func profileViewFromModel(profile *usr_model.Profile) *UserProfileView {
}
}
func updateProfileToModel(ctx context.Context, u *UpdateUserProfileRequest) *usr_model.Profile {
func updateProfileToModel(ctx context.Context, u *auth.UpdateUserProfileRequest) *usr_model.Profile {
preferredLanguage, err := language.Parse(u.PreferredLanguage)
logging.Log("GRPC-lk73L").OnError(err).Debug("language malformed")
return &usr_model.Profile{
ObjectRoot: models.ObjectRoot{AggregateID: auth.GetCtxData(ctx).UserID},
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
FirstName: u.FirstName,
LastName: u.LastName,
NickName: u.NickName,
@@ -118,14 +120,14 @@ func updateProfileToModel(ctx context.Context, u *UpdateUserProfileRequest) *usr
}
}
func emailFromModel(email *usr_model.Email) *UserEmail {
func emailFromModel(email *usr_model.Email) *auth.UserEmail {
creationDate, err := ptypes.TimestampProto(email.CreationDate)
logging.Log("GRPC-sdoi3").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(email.ChangeDate)
logging.Log("GRPC-klJK3").OnError(err).Debug("unable to parse timestamp")
return &UserEmail{
return &auth.UserEmail{
Id: email.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -135,14 +137,14 @@ func emailFromModel(email *usr_model.Email) *UserEmail {
}
}
func emailViewFromModel(email *usr_model.Email) *UserEmailView {
func emailViewFromModel(email *usr_model.Email) *auth.UserEmailView {
creationDate, err := ptypes.TimestampProto(email.CreationDate)
logging.Log("GRPC-LSp8s").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(email.ChangeDate)
logging.Log("GRPC-6szJe").OnError(err).Debug("unable to parse timestamp")
return &UserEmailView{
return &auth.UserEmailView{
Id: email.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -152,21 +154,21 @@ func emailViewFromModel(email *usr_model.Email) *UserEmailView {
}
}
func updateEmailToModel(ctx context.Context, e *UpdateUserEmailRequest) *usr_model.Email {
func updateEmailToModel(ctx context.Context, e *auth.UpdateUserEmailRequest) *usr_model.Email {
return &usr_model.Email{
ObjectRoot: models.ObjectRoot{AggregateID: auth.GetCtxData(ctx).UserID},
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
EmailAddress: e.Email,
}
}
func phoneFromModel(phone *usr_model.Phone) *UserPhone {
func phoneFromModel(phone *usr_model.Phone) *auth.UserPhone {
creationDate, err := ptypes.TimestampProto(phone.CreationDate)
logging.Log("GRPC-kjn5J").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(phone.ChangeDate)
logging.Log("GRPC-LKA9S").OnError(err).Debug("unable to parse timestamp")
return &UserPhone{
return &auth.UserPhone{
Id: phone.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -176,14 +178,14 @@ func phoneFromModel(phone *usr_model.Phone) *UserPhone {
}
}
func phoneViewFromModel(phone *usr_model.Phone) *UserPhoneView {
func phoneViewFromModel(phone *usr_model.Phone) *auth.UserPhoneView {
creationDate, err := ptypes.TimestampProto(phone.CreationDate)
logging.Log("GRPC-s5zJS").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(phone.ChangeDate)
logging.Log("GRPC-s9kLe").OnError(err).Debug("unable to parse timestamp")
return &UserPhoneView{
return &auth.UserPhoneView{
Id: phone.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -193,21 +195,21 @@ func phoneViewFromModel(phone *usr_model.Phone) *UserPhoneView {
}
}
func updatePhoneToModel(ctx context.Context, e *UpdateUserPhoneRequest) *usr_model.Phone {
func updatePhoneToModel(ctx context.Context, e *auth.UpdateUserPhoneRequest) *usr_model.Phone {
return &usr_model.Phone{
ObjectRoot: models.ObjectRoot{AggregateID: auth.GetCtxData(ctx).UserID},
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
PhoneNumber: e.Phone,
}
}
func addressFromModel(address *usr_model.Address) *UserAddress {
func addressFromModel(address *usr_model.Address) *auth.UserAddress {
creationDate, err := ptypes.TimestampProto(address.CreationDate)
logging.Log("GRPC-65FRs").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(address.ChangeDate)
logging.Log("GRPC-aslk4").OnError(err).Debug("unable to parse timestamp")
return &UserAddress{
return &auth.UserAddress{
Id: address.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -220,14 +222,14 @@ func addressFromModel(address *usr_model.Address) *UserAddress {
}
}
func addressViewFromModel(address *usr_model.Address) *UserAddressView {
func addressViewFromModel(address *usr_model.Address) *auth.UserAddressView {
creationDate, err := ptypes.TimestampProto(address.CreationDate)
logging.Log("GRPC-sk4fS").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(address.ChangeDate)
logging.Log("GRPC-9siEs").OnError(err).Debug("unable to parse timestamp")
return &UserAddressView{
return &auth.UserAddressView{
Id: address.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -240,9 +242,9 @@ func addressViewFromModel(address *usr_model.Address) *UserAddressView {
}
}
func updateAddressToModel(ctx context.Context, address *UpdateUserAddressRequest) *usr_model.Address {
func updateAddressToModel(ctx context.Context, address *auth.UpdateUserAddressRequest) *usr_model.Address {
return &usr_model.Address{
ObjectRoot: models.ObjectRoot{AggregateID: auth.GetCtxData(ctx).UserID},
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
Country: address.Country,
StreetAddress: address.StreetAddress,
Region: address.Region,
@@ -251,8 +253,8 @@ func updateAddressToModel(ctx context.Context, address *UpdateUserAddressRequest
}
}
func otpFromModel(otp *usr_model.OTP) *MfaOtpResponse {
return &MfaOtpResponse{
func otpFromModel(otp *usr_model.OTP) *auth.MfaOtpResponse {
return &auth.MfaOtpResponse{
UserId: otp.AggregateID,
Url: otp.Url,
Secret: otp.SecretString,
@@ -260,96 +262,96 @@ func otpFromModel(otp *usr_model.OTP) *MfaOtpResponse {
}
}
func userStateFromModel(state usr_model.UserState) UserState {
func userStateFromModel(state usr_model.UserState) auth.UserState {
switch state {
case usr_model.UserStateActive:
return UserState_USERSTATE_ACTIVE
return auth.UserState_USERSTATE_ACTIVE
case usr_model.UserStateInactive:
return UserState_USERSTATE_INACTIVE
return auth.UserState_USERSTATE_INACTIVE
case usr_model.UserStateLocked:
return UserState_USERSTATE_LOCKED
return auth.UserState_USERSTATE_LOCKED
case usr_model.UserStateInitial:
return UserState_USERSTATE_INITIAL
return auth.UserState_USERSTATE_INITIAL
case usr_model.UserStateSuspend:
return UserState_USERSTATE_SUSPEND
return auth.UserState_USERSTATE_SUSPEND
default:
return UserState_USERSTATE_UNSPECIFIED
return auth.UserState_USERSTATE_UNSPECIFIED
}
}
func genderFromModel(gender usr_model.Gender) Gender {
func genderFromModel(gender usr_model.Gender) auth.Gender {
switch gender {
case usr_model.GenderFemale:
return Gender_GENDER_FEMALE
return auth.Gender_GENDER_FEMALE
case usr_model.GenderMale:
return Gender_GENDER_MALE
return auth.Gender_GENDER_MALE
case usr_model.GenderDiverse:
return Gender_GENDER_DIVERSE
return auth.Gender_GENDER_DIVERSE
default:
return Gender_GENDER_UNSPECIFIED
return auth.Gender_GENDER_UNSPECIFIED
}
}
func genderToModel(gender Gender) usr_model.Gender {
func genderToModel(gender auth.Gender) usr_model.Gender {
switch gender {
case Gender_GENDER_FEMALE:
case auth.Gender_GENDER_FEMALE:
return usr_model.GenderFemale
case Gender_GENDER_MALE:
case auth.Gender_GENDER_MALE:
return usr_model.GenderMale
case Gender_GENDER_DIVERSE:
case auth.Gender_GENDER_DIVERSE:
return usr_model.GenderDiverse
default:
return usr_model.GenderUnspecified
}
}
func mfaStateFromModel(state usr_model.MfaState) MFAState {
func mfaStateFromModel(state usr_model.MfaState) auth.MFAState {
switch state {
case usr_model.MfaStateReady:
return MFAState_MFASTATE_READY
return auth.MFAState_MFASTATE_READY
case usr_model.MfaStateNotReady:
return MFAState_MFASTATE_NOT_READY
return auth.MFAState_MFASTATE_NOT_READY
default:
return MFAState_MFASTATE_UNSPECIFIED
return auth.MFAState_MFASTATE_UNSPECIFIED
}
}
func mfasFromModel(mfas []*usr_model.MultiFactor) []*MultiFactor {
converted := make([]*MultiFactor, len(mfas))
func mfasFromModel(mfas []*usr_model.MultiFactor) []*auth.MultiFactor {
converted := make([]*auth.MultiFactor, len(mfas))
for i, mfa := range mfas {
converted[i] = mfaFromModel(mfa)
}
return converted
}
func mfaFromModel(mfa *usr_model.MultiFactor) *MultiFactor {
return &MultiFactor{
func mfaFromModel(mfa *usr_model.MultiFactor) *auth.MultiFactor {
return &auth.MultiFactor{
State: mfaStateFromModel(mfa.State),
Type: mfaTypeFromModel(mfa.Type),
}
}
func mfaTypeFromModel(mfatype usr_model.MfaType) MfaType {
func mfaTypeFromModel(mfatype usr_model.MfaType) auth.MfaType {
switch mfatype {
case usr_model.MfaTypeOTP:
return MfaType_MFATYPE_OTP
return auth.MfaType_MFATYPE_OTP
case usr_model.MfaTypeSMS:
return MfaType_MFATYPE_SMS
return auth.MfaType_MFATYPE_SMS
default:
return MfaType_MFATYPE_UNSPECIFIED
return auth.MfaType_MFATYPE_UNSPECIFIED
}
}
func userChangesToResponse(response *usr_model.UserChanges, offset uint64, limit uint64) (_ *Changes) {
return &Changes{
func userChangesToResponse(response *usr_model.UserChanges, offset uint64, limit uint64) (_ *auth.Changes) {
return &auth.Changes{
Limit: limit,
Offset: offset,
Changes: userChangesToAPI(response),
}
}
func userChangesToAPI(changes *usr_model.UserChanges) (_ []*Change) {
result := make([]*Change, len(changes.Changes))
func userChangesToAPI(changes *usr_model.UserChanges) (_ []*auth.Change) {
result := make([]*auth.Change, len(changes.Changes))
for i, change := range changes.Changes {
var data *structpb.Struct
@@ -359,7 +361,7 @@ func userChangesToAPI(changes *usr_model.UserChanges) (_ []*Change) {
err = protojson.Unmarshal(changedData, data)
logging.Log("GRPC-0kRsY").OnError(err).Debug("unable to marshal changed data to struct")
}
result[i] = &Change{
result[i] = &auth.Change{
ChangeDate: change.ChangeDate,
EventType: message.NewLocalizedEventType(change.EventType),
Sequence: change.Sequence,

17
pkg/auth/api/grpc/user_grant.go → internal/api/grpc/auth/user_grant.go
View File

@@ -1,11 +1,14 @@
package grpc
package auth
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/auth"
)
func (s *Server) SearchMyUserGrant(ctx context.Context, in *UserGrantSearchRequest) (*UserGrantSearchResponse, error) {
func (s *Server) SearchMyUserGrant(ctx context.Context, in *auth.UserGrantSearchRequest) (*auth.UserGrantSearchResponse, error) {
response, err := s.repo.SearchMyUserGrants(ctx, userGrantSearchRequestsToModel(in))
if err != nil {
return nil, err
@@ -13,7 +16,7 @@ func (s *Server) SearchMyUserGrant(ctx context.Context, in *UserGrantSearchReque
return userGrantSearchResponseFromModel(response), nil
}
func (s *Server) SearchMyProjectOrgs(ctx context.Context, in *MyProjectOrgSearchRequest) (*MyProjectOrgSearchResponse, error) {
func (s *Server) SearchMyProjectOrgs(ctx context.Context, in *auth.MyProjectOrgSearchRequest) (*auth.MyProjectOrgSearchResponse, error) {
response, err := s.repo.SearchMyProjectOrgs(ctx, myProjectOrgSearchRequestRequestsToModel(in))
if err != nil {
return nil, err
@@ -21,18 +24,18 @@ func (s *Server) SearchMyProjectOrgs(ctx context.Context, in *MyProjectOrgSearch
return projectOrgSearchResponseFromModel(response), nil
}
func (s *Server) GetMyZitadelPermissions(ctx context.Context, _ *empty.Empty) (*MyPermissions, error) {
func (s *Server) GetMyZitadelPermissions(ctx context.Context, _ *empty.Empty) (*auth.MyPermissions, error) {
perms, err := s.repo.SearchMyZitadelPermissions(ctx)
if err != nil {
return nil, err
}
return &MyPermissions{Permissions: perms}, nil
return &auth.MyPermissions{Permissions: perms}, nil
}
func (s *Server) GetMyProjectPermissions(ctx context.Context, _ *empty.Empty) (*MyPermissions, error) {
func (s *Server) GetMyProjectPermissions(ctx context.Context, _ *empty.Empty) (*auth.MyPermissions, error) {
perms, err := s.repo.SearchMyProjectPermissions(ctx)
if err != nil {
return nil, err
}
return &MyPermissions{Permissions: perms}, nil
return &auth.MyPermissions{Permissions: perms}, nil
}

49
pkg/auth/api/grpc/user_grant_converter.go → internal/api/grpc/auth/user_grant_converter.go
View File

@@ -1,10 +1,11 @@
package grpc
package auth
import (
grant_model "github.com/caos/zitadel/internal/usergrant/model"
"github.com/caos/zitadel/pkg/grpc/auth"
)
func userGrantSearchRequestsToModel(request *UserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
func userGrantSearchRequestsToModel(request *auth.UserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
return &grant_model.UserGrantSearchRequest{
Offset: request.Offset,
Limit: request.Limit,
@@ -12,7 +13,7 @@ func userGrantSearchRequestsToModel(request *UserGrantSearchRequest) *grant_mode
}
}
func userGrantSearchQueriesToModel(queries []*UserGrantSearchQuery) []*grant_model.UserGrantSearchQuery {
func userGrantSearchQueriesToModel(queries []*auth.UserGrantSearchQuery) []*grant_model.UserGrantSearchQuery {
converted := make([]*grant_model.UserGrantSearchQuery, len(queries))
for i, q := range queries {
converted[i] = userGrantSearchQueryToModel(q)
@@ -20,7 +21,7 @@ func userGrantSearchQueriesToModel(queries []*UserGrantSearchQuery) []*grant_mod
return converted
}
func userGrantSearchQueryToModel(query *UserGrantSearchQuery) *grant_model.UserGrantSearchQuery {
func userGrantSearchQueryToModel(query *auth.UserGrantSearchQuery) *grant_model.UserGrantSearchQuery {
return &grant_model.UserGrantSearchQuery{
Key: userGrantSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -28,18 +29,18 @@ func userGrantSearchQueryToModel(query *UserGrantSearchQuery) *grant_model.UserG
}
}
func userGrantSearchKeyToModel(key UserGrantSearchKey) grant_model.UserGrantSearchKey {
func userGrantSearchKeyToModel(key auth.UserGrantSearchKey) grant_model.UserGrantSearchKey {
switch key {
case UserGrantSearchKey_UserGrantSearchKey_ORG_ID:
case auth.UserGrantSearchKey_UserGrantSearchKey_ORG_ID:
return grant_model.UserGrantSearchKeyResourceOwner
case UserGrantSearchKey_UserGrantSearchKey_PROJECT_ID:
case auth.UserGrantSearchKey_UserGrantSearchKey_PROJECT_ID:
return grant_model.UserGrantSearchKeyProjectID
default:
return grant_model.UserGrantSearchKeyUnspecified
}
}
func myProjectOrgSearchRequestRequestsToModel(request *MyProjectOrgSearchRequest) *grant_model.UserGrantSearchRequest {
func myProjectOrgSearchRequestRequestsToModel(request *auth.MyProjectOrgSearchRequest) *grant_model.UserGrantSearchRequest {
return &grant_model.UserGrantSearchRequest{
Offset: request.Offset,
Limit: request.Limit,
@@ -49,7 +50,7 @@ func myProjectOrgSearchRequestRequestsToModel(request *MyProjectOrgSearchRequest
}
}
func myProjectOrgSearchQueriesToModel(queries []*MyProjectOrgSearchQuery) []*grant_model.UserGrantSearchQuery {
func myProjectOrgSearchQueriesToModel(queries []*auth.MyProjectOrgSearchQuery) []*grant_model.UserGrantSearchQuery {
converted := make([]*grant_model.UserGrantSearchQuery, len(queries))
for i, q := range queries {
converted[i] = myProjectOrgSearchQueryToModel(q)
@@ -57,7 +58,7 @@ func myProjectOrgSearchQueriesToModel(queries []*MyProjectOrgSearchQuery) []*gra
return converted
}
func myProjectOrgSearchQueryToModel(query *MyProjectOrgSearchQuery) *grant_model.UserGrantSearchQuery {
func myProjectOrgSearchQueryToModel(query *auth.MyProjectOrgSearchQuery) *grant_model.UserGrantSearchQuery {
return &grant_model.UserGrantSearchQuery{
Key: myProjectOrgSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -65,17 +66,17 @@ func myProjectOrgSearchQueryToModel(query *MyProjectOrgSearchQuery) *grant_model
}
}
func myProjectOrgSearchKeyToModel(key MyProjectOrgSearchKey) grant_model.UserGrantSearchKey {
func myProjectOrgSearchKeyToModel(key auth.MyProjectOrgSearchKey) grant_model.UserGrantSearchKey {
switch key {
case MyProjectOrgSearchKey_MYPROJECTORGSEARCHKEY_ORG_NAME:
case auth.MyProjectOrgSearchKey_MYPROJECTORGSEARCHKEY_ORG_NAME:
return grant_model.UserGrantSearchKeyOrgName
default:
return grant_model.UserGrantSearchKeyUnspecified
}
}
func userGrantSearchResponseFromModel(response *grant_model.UserGrantSearchResponse) *UserGrantSearchResponse {
return &UserGrantSearchResponse{
func userGrantSearchResponseFromModel(response *grant_model.UserGrantSearchResponse) *auth.UserGrantSearchResponse {
return &auth.UserGrantSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -83,16 +84,16 @@ func userGrantSearchResponseFromModel(response *grant_model.UserGrantSearchRespo
}
}
func userGrantViewsFromModel(users []*grant_model.UserGrantView) []*UserGrantView {
converted := make([]*UserGrantView, len(users))
func userGrantViewsFromModel(users []*grant_model.UserGrantView) []*auth.UserGrantView {
converted := make([]*auth.UserGrantView, len(users))
for i, user := range users {
converted[i] = userGrantViewFromModel(user)
}
return converted
}
func userGrantViewFromModel(grant *grant_model.UserGrantView) *UserGrantView {
return &UserGrantView{
func userGrantViewFromModel(grant *grant_model.UserGrantView) *auth.UserGrantView {
return &auth.UserGrantView{
UserId: grant.UserID,
OrgId: grant.ResourceOwner,
OrgName: grant.OrgName,
@@ -101,8 +102,8 @@ func userGrantViewFromModel(grant *grant_model.UserGrantView) *UserGrantView {
}
}
func projectOrgSearchResponseFromModel(response *grant_model.ProjectOrgSearchResponse) *MyProjectOrgSearchResponse {
return &MyProjectOrgSearchResponse{
func projectOrgSearchResponseFromModel(response *grant_model.ProjectOrgSearchResponse) *auth.MyProjectOrgSearchResponse {
return &auth.MyProjectOrgSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -110,16 +111,16 @@ func projectOrgSearchResponseFromModel(response *grant_model.ProjectOrgSearchRes
}
}
func projectOrgsFromModel(projectOrgs []*grant_model.Org) []*Org {
converted := make([]*Org, len(projectOrgs))
func projectOrgsFromModel(projectOrgs []*grant_model.Org) []*auth.Org {
converted := make([]*auth.Org, len(projectOrgs))
for i, org := range projectOrgs {
converted[i] = projectOrgFromModel(org)
}
return converted
}
func projectOrgFromModel(org *grant_model.Org) *Org {
return &Org{
func projectOrgFromModel(org *grant_model.Org) *auth.Org {
return &auth.Org{
Id: org.OrgID,
Name: org.OrgName,
}

9
pkg/auth/api/grpc/user_session.go → internal/api/grpc/auth/user_session.go
View File

@@ -1,14 +1,17 @@
package grpc
package auth
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/auth"
)
func (s *Server) GetMyUserSessions(ctx context.Context, _ *empty.Empty) (_ *UserSessionViews, err error) {
func (s *Server) GetMyUserSessions(ctx context.Context, _ *empty.Empty) (_ *auth.UserSessionViews, err error) {
userSessions, err := s.repo.GetMyUserSessions(ctx)
if err != nil {
return nil, err
}
return &UserSessionViews{UserSessions: userSessionViewsFromModel(userSessions)}, nil
return &auth.UserSessionViews{UserSessions: userSessionViewsFromModel(userSessions)}, nil
}

19
pkg/auth/api/grpc/user_session_converter.go → internal/api/grpc/auth/user_session_converter.go
View File

@@ -1,20 +1,21 @@
package grpc
package auth
import (
auth_req_model "github.com/caos/zitadel/internal/auth_request/model"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/grpc/auth"
)
func userSessionViewsFromModel(userSessions []*usr_model.UserSessionView) []*UserSessionView {
converted := make([]*UserSessionView, len(userSessions))
func userSessionViewsFromModel(userSessions []*usr_model.UserSessionView) []*auth.UserSessionView {
converted := make([]*auth.UserSessionView, len(userSessions))
for i, s := range userSessions {
converted[i] = userSessionViewFromModel(s)
}
return converted
}
func userSessionViewFromModel(userSession *usr_model.UserSessionView) *UserSessionView {
return &UserSessionView{
func userSessionViewFromModel(userSession *usr_model.UserSessionView) *auth.UserSessionView {
return &auth.UserSessionView{
Sequence: userSession.Sequence,
AgentId: userSession.UserAgentID,
UserId: userSession.UserID,
@@ -25,13 +26,13 @@ func userSessionViewFromModel(userSession *usr_model.UserSessionView) *UserSessi
}
}
func userSessionStateFromModel(state auth_req_model.UserSessionState) UserSessionState {
func userSessionStateFromModel(state auth_req_model.UserSessionState) auth.UserSessionState {
switch state {
case auth_req_model.UserSessionStateActive:
return UserSessionState_USERSESSIONSTATE_ACTIVE
return auth.UserSessionState_USERSESSIONSTATE_ACTIVE
case auth_req_model.UserSessionStateTerminated:
return UserSessionState_USERSESSIONSTATE_TERMINATED
return auth.UserSessionState_USERSESSIONSTATE_TERMINATED
default:
return UserSessionState_USERSESSIONSTATE_UNSPECIFIED
return auth.UserSessionState_USERSESSIONSTATE_UNSPECIFIED
}
}

12
internal/api/grpc/caos_errors.go
View File

@@ -4,15 +4,17 @@ import (
"context"
"github.com/caos/logging"
"github.com/caos/zitadel/pkg/message"
"github.com/caos/zitadel/pkg/grpc/message"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/i18n"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
)
func CaosToGRPCError(err error, ctx context.Context, translator *i18n.Translator) error {
func CaosToGRPCError(ctx context.Context, err error, translator *i18n.Translator) error {
if err == nil {
return nil
}
@@ -39,7 +41,7 @@ func ExtractCaosError(err error) (c codes.Code, msg, id string, ok bool) {
return codes.AlreadyExists, caosErr.GetMessage(), caosErr.GetID(), true
case *caos_errs.DeadlineExceededError:
return codes.DeadlineExceeded, caosErr.GetMessage(), caosErr.GetID(), true
case caos_errs.InternalError:
case *caos_errs.InternalError:
return codes.Internal, caosErr.GetMessage(), caosErr.GetID(), true
case *caos_errs.InvalidArgumentError:
return codes.InvalidArgument, caosErr.GetMessage(), caosErr.GetID(), true

167
internal/api/grpc/caos_errors_test.go Normal file
View File

@@ -0,0 +1,167 @@
package grpc
import (
"context"
"errors"
"testing"
"google.golang.org/grpc/codes"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/i18n"
)
func TestCaosToGRPCError(t *testing.T) {
type args struct {
err error
translator *i18n.Translator
}
tests := []struct {
name string
args args
wantErr bool
}{
{
"no error",
args{},
false,
},
{
"unknown error",
args{errors.New("unknown"), nil},
true,
},
{
"caos error",
args{caos_errs.ThrowInternal(nil, "", "message"), nil},
true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if err := CaosToGRPCError(context.Background(), tt.args.err, tt.args.translator); (err != nil) != tt.wantErr {
t.Errorf("CaosToGRPCError() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}
func Test_Extract(t *testing.T) {
type args struct {
err error
}
tests := []struct {
name string
args args
wantC codes.Code
wantMsg string
wantID string
wantOk bool
}{
{
"already exists",
args{caos_errs.ThrowAlreadyExists(nil, "id", "already exists")},
codes.AlreadyExists,
"already exists",
"id",
true,
},
{
"deadline exceeded",
args{caos_errs.ThrowDeadlineExceeded(nil, "id", "deadline exceeded")},
codes.DeadlineExceeded,
"deadline exceeded",
"id",
true,
},
{
"internal error",
args{caos_errs.ThrowInternal(nil, "id", "internal error")},
codes.Internal,
"internal error",
"id",
true,
},
{
"invalid argument",
args{caos_errs.ThrowInvalidArgument(nil, "id", "invalid argument")},
codes.InvalidArgument,
"invalid argument",
"id",
true,
},
{
"not found",
args{caos_errs.ThrowNotFound(nil, "id", "not found")},
codes.NotFound,
"not found",
"id",
true,
},
{
"permission denied",
args{caos_errs.ThrowPermissionDenied(nil, "id", "permission denied")},
codes.PermissionDenied,
"permission denied",
"id",
true,
},
{
"precondition failed",
args{caos_errs.ThrowPreconditionFailed(nil, "id", "precondition failed")},
codes.FailedPrecondition,
"precondition failed",
"id",
true,
},
{
"unauthenticated",
args{caos_errs.ThrowUnauthenticated(nil, "id", "unauthenticated")},
codes.Unauthenticated,
"unauthenticated",
"id",
true,
},
{
"unavailable",
args{caos_errs.ThrowUnavailable(nil, "id", "unavailable")},
codes.Unavailable,
"unavailable",
"id",
true,
},
{
"unimplemented",
args{caos_errs.ThrowUnimplemented(nil, "id", "unimplemented")},
codes.Unimplemented,
"unimplemented",
"id",
true,
},
{
"unknown",
args{errors.New("unknown")},
codes.Unknown,
"unknown",
"",
false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
gotC, gotMsg, gotID, gotOk := ExtractCaosError(tt.args.err)
if gotC != tt.wantC {
t.Errorf("extract() gotC = %v, want %v", gotC, tt.wantC)
}
if gotMsg != tt.wantMsg {
t.Errorf("extract() gotMsg = %v, want %v", gotMsg, tt.wantMsg)
}
if gotID != tt.wantID {
t.Errorf("extract() gotID = %v, want %v", gotID, tt.wantID)
}
if gotOk != tt.wantOk {
t.Errorf("extract() gotOk = %v, want %v", gotOk, tt.wantOk)
}
})
}
}

68
internal/api/grpc/client/middleware/tacing_test.go Normal file
View File

@@ -0,0 +1,68 @@
package middleware
import (
"context"
"testing"
"go.opencensus.io/plugin/ocgrpc"
"go.opencensus.io/trace"
"google.golang.org/grpc/stats"
)
func Test_tracingClientHandler_TagRPC(t *testing.T) {
type fields struct {
IgnoredMethods []GRPCMethod
ClientHandler ocgrpc.ClientHandler
}
type args struct {
ctx context.Context
tagInfo *stats.RPCTagInfo
}
tests := []struct {
name string
fields fields
args args
wantSpan bool
}{
{
"ignored method",
fields{
IgnoredMethods: []GRPCMethod{"ignore"},
ClientHandler: ocgrpc.ClientHandler{},
},
args{
ctx: context.Background(),
tagInfo: &stats.RPCTagInfo{
FullMethodName: "ignore",
},
},
false,
},
{
"tag",
fields{
IgnoredMethods: []GRPCMethod{"ignore"},
ClientHandler: ocgrpc.ClientHandler{},
},
args{
ctx: context.Background(),
tagInfo: &stats.RPCTagInfo{
FullMethodName: "tag",
},
},
true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := &tracingClientHandler{
IgnoredMethods: tt.fields.IgnoredMethods,
ClientHandler: tt.fields.ClientHandler,
}
got := s.TagRPC(tt.args.ctx, tt.args.tagInfo)
if (trace.FromContext(got) != nil) != tt.wantSpan {
t.Errorf("TagRPC() = %v, want %v", got, tt.wantSpan)
}
})
}
}

15
internal/api/grpc/client/middleware/tracing.go
View File

@@ -9,18 +9,27 @@ import (
"google.golang.org/grpc"
"google.golang.org/grpc/stats"
"github.com/caos/zitadel/internal/api"
"github.com/caos/zitadel/internal/api/http"
"github.com/caos/zitadel/internal/tracing"
)
type GRPCMethod string
func TracingStatsClient(ignoredMethods ...GRPCMethod) grpc.DialOption {
return grpc.WithStatsHandler(&tracingClientHandler{ignoredMethods, ocgrpc.ClientHandler{StartOptions: trace.StartOptions{Sampler: tracing.Sampler(), SpanKind: trace.SpanKindClient}}})
return grpc.WithStatsHandler(
&tracingClientHandler{
ignoredMethods,
ocgrpc.ClientHandler{
StartOptions: trace.StartOptions{
Sampler: tracing.Sampler(),
SpanKind: trace.SpanKindClient},
},
},
)
}
func DefaultTracingStatsClient() grpc.DialOption {
return TracingStatsClient(api.Healthz, api.Readiness, api.Validation)
return TracingStatsClient(http.Healthz, http.Readiness, http.Validation)
}
type tracingClientHandler struct {

4
internal/api/grpc/header.go
View File

@@ -5,7 +5,7 @@ import (
"github.com/grpc-ecosystem/go-grpc-middleware/util/metautils"
"github.com/caos/zitadel/internal/api"
"github.com/caos/zitadel/internal/api/http"
)
func GetHeader(ctx context.Context, headername string) string {
@@ -13,5 +13,5 @@ func GetHeader(ctx context.Context, headername string) string {
}
func GetAuthorizationHeader(ctx context.Context) string {
return GetHeader(ctx, api.Authorization)
return GetHeader(ctx, http.Authorization)
}

92
internal/api/grpc/header_test.go Normal file
View File

@@ -0,0 +1,92 @@
package grpc
import (
"context"
"testing"
"google.golang.org/grpc/metadata"
)
func TestGetHeader(t *testing.T) {
type args struct {
ctx context.Context
headername string
}
tests := []struct {
name string
args args
want string
}{
{
"empty context",
args{
ctx: context.Background(),
headername: "header",
},
"",
},
{
"context without header",
args{
ctx: metadata.NewIncomingContext(context.Background(), metadata.Pairs("header2", "value")),
headername: "header",
},
"",
},
{
"context with header",
args{
ctx: metadata.NewIncomingContext(context.Background(), metadata.Pairs("header", "value")),
headername: "header",
},
"value",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := GetHeader(tt.args.ctx, tt.args.headername); got != tt.want {
t.Errorf("GetHeader() = %v, want %v", got, tt.want)
}
})
}
}
func TestGetAuthorizationHeader(t *testing.T) {
type args struct {
ctx context.Context
}
tests := []struct {
name string
args args
want string
}{
{
"empty context",
args{
ctx: context.Background(),
},
"",
},
{
"context without header",
args{
ctx: metadata.NewIncomingContext(context.Background(), metadata.Pairs("header", "value")),
},
"",
},
{
"context with header",
args{
ctx: metadata.NewIncomingContext(context.Background(), metadata.Pairs("authorization", "value")),
},
"value",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := GetAuthorizationHeader(tt.args.ctx); got != tt.want {
t.Errorf("GetAuthorizationHeader() = %v, want %v", got, tt.want)
}
})
}
}

26
pkg/management/api/grpc/application.go → internal/api/grpc/management/application.go
View File

@@ -1,12 +1,14 @@
package grpc
package management
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) SearchApplications(ctx context.Context, in *ApplicationSearchRequest) (*ApplicationSearchResponse, error) {
func (s *Server) SearchApplications(ctx context.Context, in *management.ApplicationSearchRequest) (*management.ApplicationSearchResponse, error) {
response, err := s.project.SearchApplications(ctx, applicationSearchRequestsToModel(in))
if err != nil {
return nil, err
@@ -14,7 +16,7 @@ func (s *Server) SearchApplications(ctx context.Context, in *ApplicationSearchRe
return applicationSearchResponseFromModel(response), nil
}
func (s *Server) ApplicationByID(ctx context.Context, in *ApplicationID) (*ApplicationView, error) {
func (s *Server) ApplicationByID(ctx context.Context, in *management.ApplicationID) (*management.ApplicationView, error) {
app, err := s.project.ApplicationByID(ctx, in.Id)
if err != nil {
return nil, err
@@ -22,28 +24,28 @@ func (s *Server) ApplicationByID(ctx context.Context, in *ApplicationID) (*Appli
return applicationViewFromModel(app), nil
}
func (s *Server) CreateOIDCApplication(ctx context.Context, in *OIDCApplicationCreate) (*Application, error) {
func (s *Server) CreateOIDCApplication(ctx context.Context, in *management.OIDCApplicationCreate) (*management.Application, error) {
app, err := s.project.AddApplication(ctx, oidcAppCreateToModel(in))
if err != nil {
return nil, err
}
return appFromModel(app), nil
}
func (s *Server) UpdateApplication(ctx context.Context, in *ApplicationUpdate) (*Application, error) {
func (s *Server) UpdateApplication(ctx context.Context, in *management.ApplicationUpdate) (*management.Application, error) {
app, err := s.project.ChangeApplication(ctx, appUpdateToModel(in))
if err != nil {
return nil, err
}
return appFromModel(app), nil
}
func (s *Server) DeactivateApplication(ctx context.Context, in *ApplicationID) (*Application, error) {
func (s *Server) DeactivateApplication(ctx context.Context, in *management.ApplicationID) (*management.Application, error) {
app, err := s.project.DeactivateApplication(ctx, in.ProjectId, in.Id)
if err != nil {
return nil, err
}
return appFromModel(app), nil
}
func (s *Server) ReactivateApplication(ctx context.Context, in *ApplicationID) (*Application, error) {
func (s *Server) ReactivateApplication(ctx context.Context, in *management.ApplicationID) (*management.Application, error) {
app, err := s.project.ReactivateApplication(ctx, in.ProjectId, in.Id)
if err != nil {
return nil, err
@@ -51,12 +53,12 @@ func (s *Server) ReactivateApplication(ctx context.Context, in *ApplicationID) (
return appFromModel(app), nil
}
func (s *Server) RemoveApplication(ctx context.Context, in *ApplicationID) (*empty.Empty, error) {
func (s *Server) RemoveApplication(ctx context.Context, in *management.ApplicationID) (*empty.Empty, error) {
err := s.project.RemoveApplication(ctx, in.ProjectId, in.Id)
return &empty.Empty{}, err
}
func (s *Server) UpdateApplicationOIDCConfig(ctx context.Context, in *OIDCConfigUpdate) (*OIDCConfig, error) {
func (s *Server) UpdateApplicationOIDCConfig(ctx context.Context, in *management.OIDCConfigUpdate) (*management.OIDCConfig, error) {
config, err := s.project.ChangeOIDCConfig(ctx, oidcConfigUpdateToModel(in))
if err != nil {
return nil, err
@@ -64,15 +66,15 @@ func (s *Server) UpdateApplicationOIDCConfig(ctx context.Context, in *OIDCConfig
return oidcConfigFromModel(config), nil
}
func (s *Server) RegenerateOIDCClientSecret(ctx context.Context, in *ApplicationID) (*ClientSecret, error) {
func (s *Server) RegenerateOIDCClientSecret(ctx context.Context, in *management.ApplicationID) (*management.ClientSecret, error) {
config, err := s.project.ChangeOIDConfigSecret(ctx, in.ProjectId, in.Id)
if err != nil {
return nil, err
}
return &ClientSecret{ClientSecret: config.ClientSecretString}, nil
return &management.ClientSecret{ClientSecret: config.ClientSecretString}, nil
}
func (s *Server) ApplicationChanges(ctx context.Context, changesRequest *ChangeRequest) (*Changes, error) {
func (s *Server) ApplicationChanges(ctx context.Context, changesRequest *management.ChangeRequest) (*management.Changes, error) {
response, err := s.project.ApplicationChanges(ctx, changesRequest.Id, changesRequest.SecId, changesRequest.SequenceOffset, changesRequest.Limit, changesRequest.Asc)
if err != nil {
return nil, err

149
pkg/management/api/grpc/application_converter.go → internal/api/grpc/management/application_converter.go
View File

@@ -1,27 +1,28 @@
package grpc
package management
import (
"encoding/json"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/model"
proj_model "github.com/caos/zitadel/internal/project/model"
"github.com/caos/zitadel/pkg/message"
"github.com/golang/protobuf/ptypes"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/types/known/structpb"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/model"
proj_model "github.com/caos/zitadel/internal/project/model"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/caos/zitadel/pkg/grpc/message"
)
func appFromModel(app *proj_model.Application) *Application {
func appFromModel(app *proj_model.Application) *management.Application {
creationDate, err := ptypes.TimestampProto(app.CreationDate)
logging.Log("GRPC-iejs3").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(app.ChangeDate)
logging.Log("GRPC-di7rw").OnError(err).Debug("unable to parse timestamp")
return &Application{
return &management.Application{
Id: app.AppID,
State: appStateFromModel(app.State),
CreationDate: creationDate,
@@ -32,17 +33,17 @@ func appFromModel(app *proj_model.Application) *Application {
}
}
func appConfigFromModel(app *proj_model.Application) isApplication_AppConfig {
func appConfigFromModel(app *proj_model.Application) management.AppConfig {
if app.Type == proj_model.AppTypeOIDC {
return &Application_OidcConfig{
return &management.Application_OidcConfig{
OidcConfig: oidcConfigFromModel(app.OIDCConfig),
}
}
return nil
}
func oidcConfigFromModel(config *proj_model.OIDCConfig) *OIDCConfig {
return &OIDCConfig{
func oidcConfigFromModel(config *proj_model.OIDCConfig) *management.OIDCConfig {
return &management.OIDCConfig{
RedirectUris: config.RedirectUris,
ResponseTypes: oidcResponseTypesFromModel(config.ResponseTypes),
GrantTypes: oidcGrantTypesFromModel(config.GrantTypes),
@@ -54,8 +55,8 @@ func oidcConfigFromModel(config *proj_model.OIDCConfig) *OIDCConfig {
}
}
func oidcConfigFromApplicationViewModel(app *proj_model.ApplicationView) *OIDCConfig {
return &OIDCConfig{
func oidcConfigFromApplicationViewModel(app *proj_model.ApplicationView) *management.OIDCConfig {
return &management.OIDCConfig{
RedirectUris: app.OIDCRedirectUris,
ResponseTypes: oidcResponseTypesFromModel(app.OIDCResponseTypes),
GrantTypes: oidcGrantTypesFromModel(app.OIDCGrantTypes),
@@ -66,7 +67,7 @@ func oidcConfigFromApplicationViewModel(app *proj_model.ApplicationView) *OIDCCo
}
}
func oidcAppCreateToModel(app *OIDCApplicationCreate) *proj_model.Application {
func oidcAppCreateToModel(app *management.OIDCApplicationCreate) *proj_model.Application {
return &proj_model.Application{
ObjectRoot: models.ObjectRoot{
AggregateID: app.ProjectId,
@@ -84,7 +85,7 @@ func oidcAppCreateToModel(app *OIDCApplicationCreate) *proj_model.Application {
}
}
func appUpdateToModel(app *ApplicationUpdate) *proj_model.Application {
func appUpdateToModel(app *management.ApplicationUpdate) *proj_model.Application {
return &proj_model.Application{
ObjectRoot: models.ObjectRoot{
AggregateID: app.ProjectId,
@@ -94,7 +95,7 @@ func appUpdateToModel(app *ApplicationUpdate) *proj_model.Application {
}
}
func oidcConfigUpdateToModel(app *OIDCConfigUpdate) *proj_model.OIDCConfig {
func oidcConfigUpdateToModel(app *management.OIDCConfigUpdate) *proj_model.OIDCConfig {
return &proj_model.OIDCConfig{
ObjectRoot: models.ObjectRoot{
AggregateID: app.ProjectId,
@@ -109,7 +110,7 @@ func oidcConfigUpdateToModel(app *OIDCConfigUpdate) *proj_model.OIDCConfig {
}
}
func applicationSearchRequestsToModel(request *ApplicationSearchRequest) *proj_model.ApplicationSearchRequest {
func applicationSearchRequestsToModel(request *management.ApplicationSearchRequest) *proj_model.ApplicationSearchRequest {
return &proj_model.ApplicationSearchRequest{
Offset: request.Offset,
Limit: request.Limit,
@@ -117,7 +118,7 @@ func applicationSearchRequestsToModel(request *ApplicationSearchRequest) *proj_m
}
}
func applicationSearchQueriesToModel(projectID string, queries []*ApplicationSearchQuery) []*proj_model.ApplicationSearchQuery {
func applicationSearchQueriesToModel(projectID string, queries []*management.ApplicationSearchQuery) []*proj_model.ApplicationSearchQuery {
converted := make([]*proj_model.ApplicationSearchQuery, len(queries)+1)
for i, q := range queries {
converted[i] = applicationSearchQueryToModel(q)
@@ -127,7 +128,7 @@ func applicationSearchQueriesToModel(projectID string, queries []*ApplicationSea
return converted
}
func applicationSearchQueryToModel(query *ApplicationSearchQuery) *proj_model.ApplicationSearchQuery {
func applicationSearchQueryToModel(query *management.ApplicationSearchQuery) *proj_model.ApplicationSearchQuery {
return &proj_model.ApplicationSearchQuery{
Key: applicationSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -135,17 +136,17 @@ func applicationSearchQueryToModel(query *ApplicationSearchQuery) *proj_model.Ap
}
}
func applicationSearchKeyToModel(key ApplicationSearchKey) proj_model.AppSearchKey {
func applicationSearchKeyToModel(key management.ApplicationSearchKey) proj_model.AppSearchKey {
switch key {
case ApplicationSearchKey_APPLICATIONSEARCHKEY_APP_NAME:
case management.ApplicationSearchKey_APPLICATIONSEARCHKEY_APP_NAME:
return proj_model.AppSearchKeyName
default:
return proj_model.AppSearchKeyUnspecified
}
}
func applicationSearchResponseFromModel(response *proj_model.ApplicationSearchResponse) *ApplicationSearchResponse {
return &ApplicationSearchResponse{
func applicationSearchResponseFromModel(response *proj_model.ApplicationSearchResponse) *management.ApplicationSearchResponse {
return &management.ApplicationSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -153,22 +154,22 @@ func applicationSearchResponseFromModel(response *proj_model.ApplicationSearchRe
}
}
func applicationViewsFromModel(apps []*proj_model.ApplicationView) []*ApplicationView {
converted := make([]*ApplicationView, len(apps))
func applicationViewsFromModel(apps []*proj_model.ApplicationView) []*management.ApplicationView {
converted := make([]*management.ApplicationView, len(apps))
for i, app := range apps {
converted[i] = applicationViewFromModel(app)
}
return converted
}
func applicationViewFromModel(application *proj_model.ApplicationView) *ApplicationView {
func applicationViewFromModel(application *proj_model.ApplicationView) *management.ApplicationView {
creationDate, err := ptypes.TimestampProto(application.CreationDate)
logging.Log("GRPC-lo9sw").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(application.ChangeDate)
logging.Log("GRPC-8uwsd").OnError(err).Debug("unable to parse timestamp")
converted := &ApplicationView{
converted := &management.ApplicationView{
Id: application.ID,
State: appStateFromModel(application.State),
CreationDate: creationDate,
@@ -177,25 +178,25 @@ func applicationViewFromModel(application *proj_model.ApplicationView) *Applicat
Sequence: application.Sequence,
}
if application.IsOIDC {
converted.AppConfig = &ApplicationView_OidcConfig{
converted.AppConfig = &management.ApplicationView_OidcConfig{
OidcConfig: oidcConfigFromApplicationViewModel(application),
}
}
return converted
}
func appStateFromModel(state proj_model.AppState) AppState {
func appStateFromModel(state proj_model.AppState) management.AppState {
switch state {
case proj_model.AppStateActive:
return AppState_APPSTATE_ACTIVE
return management.AppState_APPSTATE_ACTIVE
case proj_model.AppStateInactive:
return AppState_APPSTATE_INACTIVE
return management.AppState_APPSTATE_INACTIVE
default:
return AppState_APPSTATE_UNSPECIFIED
return management.AppState_APPSTATE_UNSPECIFIED
}
}
func oidcResponseTypesToModel(responseTypes []OIDCResponseType) []proj_model.OIDCResponseType {
func oidcResponseTypesToModel(responseTypes []management.OIDCResponseType) []proj_model.OIDCResponseType {
if responseTypes == nil || len(responseTypes) == 0 {
return []proj_model.OIDCResponseType{proj_model.OIDCResponseTypeCode}
}
@@ -203,11 +204,11 @@ func oidcResponseTypesToModel(responseTypes []OIDCResponseType) []proj_model.OID
for i, responseType := range responseTypes {
switch responseType {
case OIDCResponseType_OIDCRESPONSETYPE_CODE:
case management.OIDCResponseType_OIDCRESPONSETYPE_CODE:
oidcResponseTypes[i] = proj_model.OIDCResponseTypeCode
case OIDCResponseType_OIDCRESPONSETYPE_ID_TOKEN:
case management.OIDCResponseType_OIDCRESPONSETYPE_ID_TOKEN:
oidcResponseTypes[i] = proj_model.OIDCResponseTypeIDToken
case OIDCResponseType_OIDCRESPONSETYPE_TOKEN:
case management.OIDCResponseType_OIDCRESPONSETYPE_TOKEN:
oidcResponseTypes[i] = proj_model.OIDCResponseTypeToken
}
}
@@ -215,24 +216,24 @@ func oidcResponseTypesToModel(responseTypes []OIDCResponseType) []proj_model.OID
return oidcResponseTypes
}
func oidcResponseTypesFromModel(responseTypes []proj_model.OIDCResponseType) []OIDCResponseType {
oidcResponseTypes := make([]OIDCResponseType, len(responseTypes))
func oidcResponseTypesFromModel(responseTypes []proj_model.OIDCResponseType) []management.OIDCResponseType {
oidcResponseTypes := make([]management.OIDCResponseType, len(responseTypes))
for i, responseType := range responseTypes {
switch responseType {
case proj_model.OIDCResponseTypeCode:
oidcResponseTypes[i] = OIDCResponseType_OIDCRESPONSETYPE_CODE
oidcResponseTypes[i] = management.OIDCResponseType_OIDCRESPONSETYPE_CODE
case proj_model.OIDCResponseTypeIDToken:
oidcResponseTypes[i] = OIDCResponseType_OIDCRESPONSETYPE_ID_TOKEN
oidcResponseTypes[i] = management.OIDCResponseType_OIDCRESPONSETYPE_ID_TOKEN
case proj_model.OIDCResponseTypeToken:
oidcResponseTypes[i] = OIDCResponseType_OIDCRESPONSETYPE_TOKEN
oidcResponseTypes[i] = management.OIDCResponseType_OIDCRESPONSETYPE_TOKEN
}
}
return oidcResponseTypes
}
func oidcGrantTypesToModel(grantTypes []OIDCGrantType) []proj_model.OIDCGrantType {
func oidcGrantTypesToModel(grantTypes []management.OIDCGrantType) []proj_model.OIDCGrantType {
if grantTypes == nil || len(grantTypes) == 0 {
return []proj_model.OIDCGrantType{proj_model.OIDCGrantTypeAuthorizationCode}
}
@@ -240,94 +241,94 @@ func oidcGrantTypesToModel(grantTypes []OIDCGrantType) []proj_model.OIDCGrantTyp
for i, grantType := range grantTypes {
switch grantType {
case OIDCGrantType_OIDCGRANTTYPE_AUTHORIZATION_CODE:
case management.OIDCGrantType_OIDCGRANTTYPE_AUTHORIZATION_CODE:
oidcGrantTypes[i] = proj_model.OIDCGrantTypeAuthorizationCode
case OIDCGrantType_OIDCGRANTTYPE_IMPLICIT:
case management.OIDCGrantType_OIDCGRANTTYPE_IMPLICIT:
oidcGrantTypes[i] = proj_model.OIDCGrantTypeImplicit
case OIDCGrantType_OIDCGRANTTYPE_REFRESH_TOKEN:
case management.OIDCGrantType_OIDCGRANTTYPE_REFRESH_TOKEN:
oidcGrantTypes[i] = proj_model.OIDCGrantTypeRefreshToken
}
}
return oidcGrantTypes
}
func oidcGrantTypesFromModel(grantTypes []proj_model.OIDCGrantType) []OIDCGrantType {
oidcGrantTypes := make([]OIDCGrantType, len(grantTypes))
func oidcGrantTypesFromModel(grantTypes []proj_model.OIDCGrantType) []management.OIDCGrantType {
oidcGrantTypes := make([]management.OIDCGrantType, len(grantTypes))
for i, grantType := range grantTypes {
switch grantType {
case proj_model.OIDCGrantTypeAuthorizationCode:
oidcGrantTypes[i] = OIDCGrantType_OIDCGRANTTYPE_AUTHORIZATION_CODE
oidcGrantTypes[i] = management.OIDCGrantType_OIDCGRANTTYPE_AUTHORIZATION_CODE
case proj_model.OIDCGrantTypeImplicit:
oidcGrantTypes[i] = OIDCGrantType_OIDCGRANTTYPE_IMPLICIT
oidcGrantTypes[i] = management.OIDCGrantType_OIDCGRANTTYPE_IMPLICIT
case proj_model.OIDCGrantTypeRefreshToken:
oidcGrantTypes[i] = OIDCGrantType_OIDCGRANTTYPE_REFRESH_TOKEN
oidcGrantTypes[i] = management.OIDCGrantType_OIDCGRANTTYPE_REFRESH_TOKEN
}
}
return oidcGrantTypes
}
func oidcApplicationTypeToModel(appType OIDCApplicationType) proj_model.OIDCApplicationType {
func oidcApplicationTypeToModel(appType management.OIDCApplicationType) proj_model.OIDCApplicationType {
switch appType {
case OIDCApplicationType_OIDCAPPLICATIONTYPE_WEB:
case management.OIDCApplicationType_OIDCAPPLICATIONTYPE_WEB:
return proj_model.OIDCApplicationTypeWeb
case OIDCApplicationType_OIDCAPPLICATIONTYPE_USER_AGENT:
case management.OIDCApplicationType_OIDCAPPLICATIONTYPE_USER_AGENT:
return proj_model.OIDCApplicationTypeUserAgent
case OIDCApplicationType_OIDCAPPLICATIONTYPE_NATIVE:
case management.OIDCApplicationType_OIDCAPPLICATIONTYPE_NATIVE:
return proj_model.OIDCApplicationTypeNative
}
return proj_model.OIDCApplicationTypeWeb
}
func oidcApplicationTypeFromModel(appType proj_model.OIDCApplicationType) OIDCApplicationType {
func oidcApplicationTypeFromModel(appType proj_model.OIDCApplicationType) management.OIDCApplicationType {
switch appType {
case proj_model.OIDCApplicationTypeWeb:
return OIDCApplicationType_OIDCAPPLICATIONTYPE_WEB
return management.OIDCApplicationType_OIDCAPPLICATIONTYPE_WEB
case proj_model.OIDCApplicationTypeUserAgent:
return OIDCApplicationType_OIDCAPPLICATIONTYPE_USER_AGENT
return management.OIDCApplicationType_OIDCAPPLICATIONTYPE_USER_AGENT
case proj_model.OIDCApplicationTypeNative:
return OIDCApplicationType_OIDCAPPLICATIONTYPE_NATIVE
return management.OIDCApplicationType_OIDCAPPLICATIONTYPE_NATIVE
default:
return OIDCApplicationType_OIDCAPPLICATIONTYPE_WEB
return management.OIDCApplicationType_OIDCAPPLICATIONTYPE_WEB
}
}
func oidcAuthMethodTypeToModel(authType OIDCAuthMethodType) proj_model.OIDCAuthMethodType {
func oidcAuthMethodTypeToModel(authType management.OIDCAuthMethodType) proj_model.OIDCAuthMethodType {
switch authType {
case OIDCAuthMethodType_OIDCAUTHMETHODTYPE_BASIC:
case management.OIDCAuthMethodType_OIDCAUTHMETHODTYPE_BASIC:
return proj_model.OIDCAuthMethodTypeBasic
case OIDCAuthMethodType_OIDCAUTHMETHODTYPE_POST:
case management.OIDCAuthMethodType_OIDCAUTHMETHODTYPE_POST:
return proj_model.OIDCAuthMethodTypePost
case OIDCAuthMethodType_OIDCAUTHMETHODTYPE_NONE:
case management.OIDCAuthMethodType_OIDCAUTHMETHODTYPE_NONE:
return proj_model.OIDCAuthMethodTypeNone
default:
return proj_model.OIDCAuthMethodTypeBasic
}
}
func oidcAuthMethodTypeFromModel(authType proj_model.OIDCAuthMethodType) OIDCAuthMethodType {
func oidcAuthMethodTypeFromModel(authType proj_model.OIDCAuthMethodType) management.OIDCAuthMethodType {
switch authType {
case proj_model.OIDCAuthMethodTypeBasic:
return OIDCAuthMethodType_OIDCAUTHMETHODTYPE_BASIC
return management.OIDCAuthMethodType_OIDCAUTHMETHODTYPE_BASIC
case proj_model.OIDCAuthMethodTypePost:
return OIDCAuthMethodType_OIDCAUTHMETHODTYPE_POST
return management.OIDCAuthMethodType_OIDCAUTHMETHODTYPE_POST
case proj_model.OIDCAuthMethodTypeNone:
return OIDCAuthMethodType_OIDCAUTHMETHODTYPE_NONE
return management.OIDCAuthMethodType_OIDCAUTHMETHODTYPE_NONE
default:
return OIDCAuthMethodType_OIDCAUTHMETHODTYPE_BASIC
return management.OIDCAuthMethodType_OIDCAUTHMETHODTYPE_BASIC
}
}
func appChangesToResponse(response *proj_model.ApplicationChanges, offset uint64, limit uint64) (_ *Changes) {
return &Changes{
func appChangesToResponse(response *proj_model.ApplicationChanges, offset uint64, limit uint64) (_ *management.Changes) {
return &management.Changes{
Limit: limit,
Offset: offset,
Changes: appChangesToMgtAPI(response),
}
}
func appChangesToMgtAPI(changes *proj_model.ApplicationChanges) (_ []*Change) {
result := make([]*Change, len(changes.Changes))
func appChangesToMgtAPI(changes *proj_model.ApplicationChanges) (_ []*management.Change) {
result := make([]*management.Change, len(changes.Changes))
for i, change := range changes.Changes {
b, err := json.Marshal(change.Data)
@@ -335,7 +336,7 @@ func appChangesToMgtAPI(changes *proj_model.ApplicationChanges) (_ []*Change) {
err = protojson.Unmarshal(b, data)
if err != nil {
}
result[i] = &Change{
result[i] = &management.Change{
ChangeDate: change.ChangeDate,
EventType: message.NewLocalizedEventType(change.EventType),
Sequence: change.Sequence,

11
pkg/management/api/grpc/gateway.go → internal/api/grpc/management/gateway.go
View File

@@ -1,10 +1,13 @@
package grpc
package management
import (
"strings"
"github.com/grpc-ecosystem/grpc-gateway/runtime"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/api/grpc/server"
"github.com/grpc-ecosystem/grpc-gateway/runtime"
"strings"
"github.com/caos/zitadel/pkg/grpc/management"
)
type Gateway struct {
@@ -22,7 +25,7 @@ func StartGateway(conf grpc_util.GatewayConfig) *Gateway {
}
func (gw *Gateway) Gateway() server.GatewayFunc {
return RegisterManagementServiceHandlerFromEndpoint
return management.RegisterManagementServiceHandlerFromEndpoint
}
func (gw *Gateway) GRPCEndpoint() string {

7
pkg/management/api/grpc/iam.go → internal/api/grpc/management/iam.go
View File

@@ -1,11 +1,14 @@
package grpc
package management
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) GetIam(ctx context.Context, _ *empty.Empty) (*Iam, error) {
func (s *Server) GetIam(ctx context.Context, _ *empty.Empty) (*management.Iam, error) {
iam, err := s.iam.IamByID(ctx, s.systemDefaults.IamID)
if err != nil {
return nil, err

7
pkg/management/api/grpc/iam_converter.go → internal/api/grpc/management/iam_converter.go
View File

@@ -1,11 +1,12 @@
package grpc
package management
import (
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/pkg/grpc/management"
)
func iamFromModel(iam *iam_model.Iam) *Iam {
return &Iam{
func iamFromModel(iam *iam_model.Iam) *management.Iam {
return &management.Iam{
IamProjectId: iam.IamProjectID,
GlobalOrgId: iam.GlobalOrgID,
SetUpDone: iam.SetUpDone,

30
pkg/management/api/grpc/org.go → internal/api/grpc/management/org.go
View File

@@ -1,21 +1,23 @@
package grpc
package management
import (
"context"
"github.com/caos/zitadel/internal/api/auth"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) GetMyOrg(ctx context.Context, _ *empty.Empty) (*OrgView, error) {
org, err := s.org.OrgByID(ctx, auth.GetCtxData(ctx).OrgID)
func (s *Server) GetMyOrg(ctx context.Context, _ *empty.Empty) (*management.OrgView, error) {
org, err := s.org.OrgByID(ctx, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
return orgViewFromModel(org), nil
}
func (s *Server) GetOrgByDomainGlobal(ctx context.Context, in *Domain) (*OrgView, error) {
func (s *Server) GetOrgByDomainGlobal(ctx context.Context, in *management.Domain) (*management.OrgView, error) {
org, err := s.org.OrgByDomainGlobal(ctx, in.Domain)
if err != nil {
return nil, err
@@ -23,23 +25,23 @@ func (s *Server) GetOrgByDomainGlobal(ctx context.Context, in *Domain) (*OrgView
return orgViewFromModel(org), nil
}
func (s *Server) DeactivateMyOrg(ctx context.Context, _ *empty.Empty) (*Org, error) {
org, err := s.org.DeactivateOrg(ctx, auth.GetCtxData(ctx).OrgID)
func (s *Server) DeactivateMyOrg(ctx context.Context, _ *empty.Empty) (*management.Org, error) {
org, err := s.org.DeactivateOrg(ctx, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
return orgFromModel(org), nil
}
func (s *Server) ReactivateMyOrg(ctx context.Context, _ *empty.Empty) (*Org, error) {
org, err := s.org.ReactivateOrg(ctx, auth.GetCtxData(ctx).OrgID)
func (s *Server) ReactivateMyOrg(ctx context.Context, _ *empty.Empty) (*management.Org, error) {
org, err := s.org.ReactivateOrg(ctx, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
return orgFromModel(org), nil
}
func (s *Server) SearchMyOrgDomains(ctx context.Context, in *OrgDomainSearchRequest) (*OrgDomainSearchResponse, error) {
func (s *Server) SearchMyOrgDomains(ctx context.Context, in *management.OrgDomainSearchRequest) (*management.OrgDomainSearchResponse, error) {
domains, err := s.org.SearchMyOrgDomains(ctx, orgDomainSearchRequestToModel(in))
if err != nil {
return nil, err
@@ -47,7 +49,7 @@ func (s *Server) SearchMyOrgDomains(ctx context.Context, in *OrgDomainSearchRequ
return orgDomainSearchResponseFromModel(domains), nil
}
func (s *Server) AddMyOrgDomain(ctx context.Context, in *AddOrgDomainRequest) (*OrgDomain, error) {
func (s *Server) AddMyOrgDomain(ctx context.Context, in *management.AddOrgDomainRequest) (*management.OrgDomain, error) {
domain, err := s.org.AddMyOrgDomain(ctx, addOrgDomainToModel(in))
if err != nil {
return nil, err
@@ -55,12 +57,12 @@ func (s *Server) AddMyOrgDomain(ctx context.Context, in *AddOrgDomainRequest) (*
return orgDomainFromModel(domain), nil
}
func (s *Server) RemoveMyOrgDomain(ctx context.Context, in *RemoveOrgDomainRequest) (*empty.Empty, error) {
func (s *Server) RemoveMyOrgDomain(ctx context.Context, in *management.RemoveOrgDomainRequest) (*empty.Empty, error) {
err := s.org.RemoveMyOrgDomain(ctx, in.Domain)
return &empty.Empty{}, err
}
func (s *Server) OrgChanges(ctx context.Context, changesRequest *ChangeRequest) (*Changes, error) {
func (s *Server) OrgChanges(ctx context.Context, changesRequest *management.ChangeRequest) (*management.Changes, error) {
response, err := s.org.OrgChanges(ctx, changesRequest.Id, changesRequest.SequenceOffset, changesRequest.Limit, changesRequest.Asc)
if err != nil {
return nil, err
@@ -68,7 +70,7 @@ func (s *Server) OrgChanges(ctx context.Context, changesRequest *ChangeRequest)
return orgChangesToResponse(response, changesRequest.GetSequenceOffset(), changesRequest.GetLimit()), nil
}
func (s *Server) GetMyOrgIamPolicy(ctx context.Context, _ *empty.Empty) (_ *OrgIamPolicy, err error) {
func (s *Server) GetMyOrgIamPolicy(ctx context.Context, _ *empty.Empty) (_ *management.OrgIamPolicy, err error) {
policy, err := s.org.GetMyOrgIamPolicy(ctx)
if err != nil {
return nil, err

71
pkg/management/api/grpc/org_converter.go → internal/api/grpc/management/org_converter.go
View File

@@ -1,33 +1,34 @@
package grpc
package management
import (
"encoding/json"
"github.com/caos/logging"
org_model "github.com/caos/zitadel/internal/org/model"
"github.com/caos/zitadel/pkg/message"
"github.com/golang/protobuf/ptypes"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/types/known/structpb"
org_model "github.com/caos/zitadel/internal/org/model"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/caos/zitadel/pkg/grpc/message"
)
func orgsFromModel(orgs []*org_model.Org) []*Org {
orgList := make([]*Org, len(orgs))
func orgsFromModel(orgs []*org_model.Org) []*management.Org {
orgList := make([]*management.Org, len(orgs))
for i, org := range orgs {
orgList[i] = orgFromModel(org)
}
return orgList
}
func orgFromModel(org *org_model.Org) *Org {
func orgFromModel(org *org_model.Org) *management.Org {
creationDate, err := ptypes.TimestampProto(org.CreationDate)
logging.Log("GRPC-GTHsZ").OnError(err).Debug("unable to get timestamp from time")
changeDate, err := ptypes.TimestampProto(org.ChangeDate)
logging.Log("GRPC-dVnoj").OnError(err).Debug("unable to get timestamp from time")
return &Org{
return &management.Org{
ChangeDate: changeDate,
CreationDate: creationDate,
Id: org.AggregateID,
@@ -36,14 +37,14 @@ func orgFromModel(org *org_model.Org) *Org {
}
}
func orgViewFromModel(org *org_model.OrgView) *OrgView {
func orgViewFromModel(org *org_model.OrgView) *management.OrgView {
creationDate, err := ptypes.TimestampProto(org.CreationDate)
logging.Log("GRPC-GTHsZ").OnError(err).Debug("unable to get timestamp from time")
changeDate, err := ptypes.TimestampProto(org.ChangeDate)
logging.Log("GRPC-dVnoj").OnError(err).Debug("unable to get timestamp from time")
return &OrgView{
return &management.OrgView{
ChangeDate: changeDate,
CreationDate: creationDate,
Id: org.ID,
@@ -52,29 +53,29 @@ func orgViewFromModel(org *org_model.OrgView) *OrgView {
}
}
func orgStateFromModel(state org_model.OrgState) OrgState {
func orgStateFromModel(state org_model.OrgState) management.OrgState {
switch state {
case org_model.OrgStateActive:
return OrgState_ORGSTATE_ACTIVE
return management.OrgState_ORGSTATE_ACTIVE
case org_model.OrgStateInactive:
return OrgState_ORGSTATE_INACTIVE
return management.OrgState_ORGSTATE_INACTIVE
default:
return OrgState_ORGSTATE_UNSPECIFIED
return management.OrgState_ORGSTATE_UNSPECIFIED
}
}
func addOrgDomainToModel(domain *AddOrgDomainRequest) *org_model.OrgDomain {
func addOrgDomainToModel(domain *management.AddOrgDomainRequest) *org_model.OrgDomain {
return &org_model.OrgDomain{Domain: domain.Domain}
}
func orgDomainFromModel(domain *org_model.OrgDomain) *OrgDomain {
func orgDomainFromModel(domain *org_model.OrgDomain) *management.OrgDomain {
creationDate, err := ptypes.TimestampProto(domain.CreationDate)
logging.Log("GRPC-u8Ksj").OnError(err).Debug("unable to get timestamp from time")
changeDate, err := ptypes.TimestampProto(domain.ChangeDate)
logging.Log("GRPC-9osFS").OnError(err).Debug("unable to get timestamp from time")
return &OrgDomain{
return &management.OrgDomain{
ChangeDate: changeDate,
CreationDate: creationDate,
OrgId: domain.AggregateID,
@@ -84,14 +85,14 @@ func orgDomainFromModel(domain *org_model.OrgDomain) *OrgDomain {
}
}
func orgDomainViewFromModel(domain *org_model.OrgDomainView) *OrgDomainView {
func orgDomainViewFromModel(domain *org_model.OrgDomainView) *management.OrgDomainView {
creationDate, err := ptypes.TimestampProto(domain.CreationDate)
logging.Log("GRPC-7sjDs").OnError(err).Debug("unable to get timestamp from time")
changeDate, err := ptypes.TimestampProto(domain.ChangeDate)
logging.Log("GRPC-8iSji").OnError(err).Debug("unable to get timestamp from time")
return &OrgDomainView{
return &management.OrgDomainView{
ChangeDate: changeDate,
CreationDate: creationDate,
OrgId: domain.OrgID,
@@ -101,7 +102,7 @@ func orgDomainViewFromModel(domain *org_model.OrgDomainView) *OrgDomainView {
}
}
func orgDomainSearchRequestToModel(request *OrgDomainSearchRequest) *org_model.OrgDomainSearchRequest {
func orgDomainSearchRequestToModel(request *management.OrgDomainSearchRequest) *org_model.OrgDomainSearchRequest {
return &org_model.OrgDomainSearchRequest{
Limit: request.Limit,
Offset: request.Offset,
@@ -109,7 +110,7 @@ func orgDomainSearchRequestToModel(request *OrgDomainSearchRequest) *org_model.O
}
}
func orgDomainSearchQueriesToModel(queries []*OrgDomainSearchQuery) []*org_model.OrgDomainSearchQuery {
func orgDomainSearchQueriesToModel(queries []*management.OrgDomainSearchQuery) []*org_model.OrgDomainSearchQuery {
modelQueries := make([]*org_model.OrgDomainSearchQuery, len(queries))
for i, query := range queries {
@@ -119,7 +120,7 @@ func orgDomainSearchQueriesToModel(queries []*OrgDomainSearchQuery) []*org_model
return modelQueries
}
func orgDomainSearchQueryToModel(query *OrgDomainSearchQuery) *org_model.OrgDomainSearchQuery {
func orgDomainSearchQueryToModel(query *management.OrgDomainSearchQuery) *org_model.OrgDomainSearchQuery {
return &org_model.OrgDomainSearchQuery{
Key: orgDomainSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -127,25 +128,25 @@ func orgDomainSearchQueryToModel(query *OrgDomainSearchQuery) *org_model.OrgDoma
}
}
func orgDomainSearchKeyToModel(key OrgDomainSearchKey) org_model.OrgDomainSearchKey {
func orgDomainSearchKeyToModel(key management.OrgDomainSearchKey) org_model.OrgDomainSearchKey {
switch key {
case OrgDomainSearchKey_ORGDOMAINSEARCHKEY_DOMAIN:
case management.OrgDomainSearchKey_ORGDOMAINSEARCHKEY_DOMAIN:
return org_model.OrgDomainSearchKeyDomain
default:
return org_model.OrgDomainSearchKeyUnspecified
}
}
func orgDomainSearchResponseFromModel(resp *org_model.OrgDomainSearchResponse) *OrgDomainSearchResponse {
return &OrgDomainSearchResponse{
func orgDomainSearchResponseFromModel(resp *org_model.OrgDomainSearchResponse) *management.OrgDomainSearchResponse {
return &management.OrgDomainSearchResponse{
Limit: resp.Limit,
Offset: resp.Offset,
TotalResult: resp.TotalResult,
Result: orgDomainsFromModel(resp.Result),
}
}
func orgDomainsFromModel(viewDomains []*org_model.OrgDomainView) []*OrgDomainView {
domains := make([]*OrgDomainView, len(viewDomains))
func orgDomainsFromModel(viewDomains []*org_model.OrgDomainView) []*management.OrgDomainView {
domains := make([]*management.OrgDomainView, len(viewDomains))
for i, domain := range viewDomains {
domains[i] = orgDomainViewFromModel(domain)
@@ -154,16 +155,16 @@ func orgDomainsFromModel(viewDomains []*org_model.OrgDomainView) []*OrgDomainVie
return domains
}
func orgChangesToResponse(response *org_model.OrgChanges, offset uint64, limit uint64) (_ *Changes) {
return &Changes{
func orgChangesToResponse(response *org_model.OrgChanges, offset uint64, limit uint64) (_ *management.Changes) {
return &management.Changes{
Limit: limit,
Offset: offset,
Changes: orgChangesToMgtAPI(response),
}
}
func orgChangesToMgtAPI(changes *org_model.OrgChanges) (_ []*Change) {
result := make([]*Change, len(changes.Changes))
func orgChangesToMgtAPI(changes *org_model.OrgChanges) (_ []*management.Change) {
result := make([]*management.Change, len(changes.Changes))
for i, change := range changes.Changes {
b, err := json.Marshal(change.Data)
@@ -171,7 +172,7 @@ func orgChangesToMgtAPI(changes *org_model.OrgChanges) (_ []*Change) {
err = protojson.Unmarshal(b, data)
if err != nil {
}
result[i] = &Change{
result[i] = &management.Change{
ChangeDate: change.ChangeDate,
EventType: message.NewLocalizedEventType(change.EventType),
Sequence: change.Sequence,
@@ -184,8 +185,8 @@ func orgChangesToMgtAPI(changes *org_model.OrgChanges) (_ []*Change) {
return result
}
func orgIamPolicyFromModel(policy *org_model.OrgIamPolicy) *OrgIamPolicy {
return &OrgIamPolicy{
func orgIamPolicyFromModel(policy *org_model.OrgIamPolicy) *management.OrgIamPolicy {
return &management.OrgIamPolicy{
OrgId: policy.AggregateID,
Description: policy.Description,
UserLoginMustBeDomain: policy.UserLoginMustBeDomain,

16
pkg/management/api/grpc/org_member.go → internal/api/grpc/management/org_member.go
View File

@@ -1,16 +1,18 @@
package grpc
package management
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) GetOrgMemberRoles(ctx context.Context, _ *empty.Empty) (*OrgMemberRoles, error) {
return &OrgMemberRoles{Roles: s.org.GetOrgMemberRoles()}, nil
func (s *Server) GetOrgMemberRoles(ctx context.Context, _ *empty.Empty) (*management.OrgMemberRoles, error) {
return &management.OrgMemberRoles{Roles: s.org.GetOrgMemberRoles()}, nil
}
func (s *Server) SearchMyOrgMembers(ctx context.Context, in *OrgMemberSearchRequest) (*OrgMemberSearchResponse, error) {
func (s *Server) SearchMyOrgMembers(ctx context.Context, in *management.OrgMemberSearchRequest) (*management.OrgMemberSearchResponse, error) {
members, err := s.org.SearchMyOrgMembers(ctx, orgMemberSearchRequestToModel(in))
if err != nil {
return nil, err
@@ -18,7 +20,7 @@ func (s *Server) SearchMyOrgMembers(ctx context.Context, in *OrgMemberSearchRequ
return orgMemberSearchResponseFromModel(members), nil
}
func (s *Server) AddMyOrgMember(ctx context.Context, member *AddOrgMemberRequest) (*OrgMember, error) {
func (s *Server) AddMyOrgMember(ctx context.Context, member *management.AddOrgMemberRequest) (*management.OrgMember, error) {
addedMember, err := s.org.AddMyOrgMember(ctx, addOrgMemberToModel(member))
if err != nil {
return nil, err
@@ -27,7 +29,7 @@ func (s *Server) AddMyOrgMember(ctx context.Context, member *AddOrgMemberRequest
return orgMemberFromModel(addedMember), nil
}
func (s *Server) ChangeMyOrgMember(ctx context.Context, member *ChangeOrgMemberRequest) (*OrgMember, error) {
func (s *Server) ChangeMyOrgMember(ctx context.Context, member *management.ChangeOrgMemberRequest) (*management.OrgMember, error) {
changedMember, err := s.org.ChangeMyOrgMember(ctx, changeOrgMemberToModel(member))
if err != nil {
return nil, err
@@ -35,7 +37,7 @@ func (s *Server) ChangeMyOrgMember(ctx context.Context, member *ChangeOrgMemberR
return orgMemberFromModel(changedMember), nil
}
func (s *Server) RemoveMyOrgMember(ctx context.Context, member *RemoveOrgMemberRequest) (*empty.Empty, error) {
func (s *Server) RemoveMyOrgMember(ctx context.Context, member *management.RemoveOrgMemberRequest) (*empty.Empty, error) {
err := s.org.RemoveMyOrgMember(ctx, member.UserId)
return &empty.Empty{}, err
}

56
pkg/management/api/grpc/org_member_converter.go → internal/api/grpc/management/org_member_converter.go
View File

@@ -1,13 +1,15 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/model"
org_model "github.com/caos/zitadel/internal/org/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func addOrgMemberToModel(member *AddOrgMemberRequest) *org_model.OrgMember {
func addOrgMemberToModel(member *management.AddOrgMemberRequest) *org_model.OrgMember {
memberModel := &org_model.OrgMember{
UserID: member.UserId,
}
@@ -16,7 +18,7 @@ func addOrgMemberToModel(member *AddOrgMemberRequest) *org_model.OrgMember {
return memberModel
}
func changeOrgMemberToModel(member *ChangeOrgMemberRequest) *org_model.OrgMember {
func changeOrgMemberToModel(member *management.ChangeOrgMemberRequest) *org_model.OrgMember {
memberModel := &org_model.OrgMember{
UserID: member.UserId,
}
@@ -25,14 +27,14 @@ func changeOrgMemberToModel(member *ChangeOrgMemberRequest) *org_model.OrgMember
return memberModel
}
func orgMemberFromModel(member *org_model.OrgMember) *OrgMember {
func orgMemberFromModel(member *org_model.OrgMember) *management.OrgMember {
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-jC5wY").OnError(err).Debug("date parse failed")
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-Nc2jJ").OnError(err).Debug("date parse failed")
return &OrgMember{
return &management.OrgMember{
UserId: member.UserID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -41,7 +43,7 @@ func orgMemberFromModel(member *org_model.OrgMember) *OrgMember {
}
}
func orgMemberSearchRequestToModel(request *OrgMemberSearchRequest) *org_model.OrgMemberSearchRequest {
func orgMemberSearchRequestToModel(request *management.OrgMemberSearchRequest) *org_model.OrgMemberSearchRequest {
return &org_model.OrgMemberSearchRequest{
Limit: request.Limit,
Offset: request.Offset,
@@ -49,7 +51,7 @@ func orgMemberSearchRequestToModel(request *OrgMemberSearchRequest) *org_model.O
}
}
func orgMemberSearchQueriesToModel(queries []*OrgMemberSearchQuery) []*org_model.OrgMemberSearchQuery {
func orgMemberSearchQueriesToModel(queries []*management.OrgMemberSearchQuery) []*org_model.OrgMemberSearchQuery {
modelQueries := make([]*org_model.OrgMemberSearchQuery, len(queries)+1)
for i, query := range queries {
@@ -59,7 +61,7 @@ func orgMemberSearchQueriesToModel(queries []*OrgMemberSearchQuery) []*org_model
return modelQueries
}
func orgMemberSearchQueryToModel(query *OrgMemberSearchQuery) *org_model.OrgMemberSearchQuery {
func orgMemberSearchQueryToModel(query *management.OrgMemberSearchQuery) *org_model.OrgMemberSearchQuery {
return &org_model.OrgMemberSearchQuery{
Key: orgMemberSearchKeyToModel(query.Key),
Method: orgMemberSearchMethodToModel(query.Method),
@@ -67,50 +69,50 @@ func orgMemberSearchQueryToModel(query *OrgMemberSearchQuery) *org_model.OrgMemb
}
}
func orgMemberSearchKeyToModel(key OrgMemberSearchKey) org_model.OrgMemberSearchKey {
func orgMemberSearchKeyToModel(key management.OrgMemberSearchKey) org_model.OrgMemberSearchKey {
switch key {
case OrgMemberSearchKey_ORGMEMBERSEARCHKEY_EMAIL:
case management.OrgMemberSearchKey_ORGMEMBERSEARCHKEY_EMAIL:
return org_model.OrgMemberSearchKeyEmail
case OrgMemberSearchKey_ORGMEMBERSEARCHKEY_FIRST_NAME:
case management.OrgMemberSearchKey_ORGMEMBERSEARCHKEY_FIRST_NAME:
return org_model.OrgMemberSearchKeyFirstName
case OrgMemberSearchKey_ORGMEMBERSEARCHKEY_LAST_NAME:
case management.OrgMemberSearchKey_ORGMEMBERSEARCHKEY_LAST_NAME:
return org_model.OrgMemberSearchKeyLastName
case OrgMemberSearchKey_ORGMEMBERSEARCHKEY_USER_ID:
case management.OrgMemberSearchKey_ORGMEMBERSEARCHKEY_USER_ID:
return org_model.OrgMemberSearchKeyUserID
default:
return org_model.OrgMemberSearchKeyUnspecified
}
}
func orgMemberSearchMethodToModel(key SearchMethod) model.SearchMethod {
func orgMemberSearchMethodToModel(key management.SearchMethod) model.SearchMethod {
switch key {
case SearchMethod_SEARCHMETHOD_CONTAINS:
case management.SearchMethod_SEARCHMETHOD_CONTAINS:
return model.SearchMethodContains
case SearchMethod_SEARCHMETHOD_CONTAINS_IGNORE_CASE:
case management.SearchMethod_SEARCHMETHOD_CONTAINS_IGNORE_CASE:
return model.SearchMethodContainsIgnoreCase
case SearchMethod_SEARCHMETHOD_EQUALS:
case management.SearchMethod_SEARCHMETHOD_EQUALS:
return model.SearchMethodEquals
case SearchMethod_SEARCHMETHOD_EQUALS_IGNORE_CASE:
case management.SearchMethod_SEARCHMETHOD_EQUALS_IGNORE_CASE:
return model.SearchMethodEqualsIgnoreCase
case SearchMethod_SEARCHMETHOD_STARTS_WITH:
case management.SearchMethod_SEARCHMETHOD_STARTS_WITH:
return model.SearchMethodStartsWith
case SearchMethod_SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
case management.SearchMethod_SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
return model.SearchMethodStartsWithIgnoreCase
default:
return -1
}
}
func orgMemberSearchResponseFromModel(resp *org_model.OrgMemberSearchResponse) *OrgMemberSearchResponse {
return &OrgMemberSearchResponse{
func orgMemberSearchResponseFromModel(resp *org_model.OrgMemberSearchResponse) *management.OrgMemberSearchResponse {
return &management.OrgMemberSearchResponse{
Limit: resp.Limit,
Offset: resp.Offset,
TotalResult: resp.TotalResult,
Result: orgMembersFromView(resp.Result),
}
}
func orgMembersFromView(viewMembers []*org_model.OrgMemberView) []*OrgMemberView {
members := make([]*OrgMemberView, len(viewMembers))
func orgMembersFromView(viewMembers []*org_model.OrgMemberView) []*management.OrgMemberView {
members := make([]*management.OrgMemberView, len(viewMembers))
for i, member := range viewMembers {
members[i] = orgMemberFromView(member)
@@ -119,13 +121,13 @@ func orgMembersFromView(viewMembers []*org_model.OrgMemberView) []*OrgMemberView
return members
}
func orgMemberFromView(member *org_model.OrgMemberView) *OrgMemberView {
func orgMemberFromView(member *org_model.OrgMemberView) *management.OrgMemberView {
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-S9LAZ").OnError(err).Debug("unable to parse changedate")
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-oJN56").OnError(err).Debug("unable to parse creation date")
return &OrgMemberView{
return &management.OrgMemberView{
ChangeDate: changeDate,
CreationDate: creationDate,
Roles: member.Roles,

30
pkg/management/api/grpc/policy.go → internal/api/grpc/management/policy.go
View File

@@ -1,13 +1,15 @@
package grpc
package management
import (
"context"
"github.com/caos/zitadel/internal/errors"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) CreatePasswordComplexityPolicy(ctx context.Context, policy *PasswordComplexityPolicyCreate) (*PasswordComplexityPolicy, error) {
func (s *Server) CreatePasswordComplexityPolicy(ctx context.Context, policy *management.PasswordComplexityPolicyCreate) (*management.PasswordComplexityPolicy, error) {
policyresp, err := s.policy.CreatePasswordComplexityPolicy(ctx, passwordComplexityPolicyCreateToModel(policy))
if err != nil {
return nil, err
@@ -16,7 +18,7 @@ func (s *Server) CreatePasswordComplexityPolicy(ctx context.Context, policy *Pas
return passwordComplexityPolicyFromModel(policyresp), nil
}
func (s *Server) GetPasswordComplexityPolicy(ctx context.Context, _ *empty.Empty) (*PasswordComplexityPolicy, error) {
func (s *Server) GetPasswordComplexityPolicy(ctx context.Context, _ *empty.Empty) (*management.PasswordComplexityPolicy, error) {
policy, err := s.policy.GetPasswordComplexityPolicy(ctx)
if err != nil {
return nil, err
@@ -25,7 +27,7 @@ func (s *Server) GetPasswordComplexityPolicy(ctx context.Context, _ *empty.Empty
return passwordComplexityPolicyFromModel(policy), nil
}
func (s *Server) UpdatePasswordComplexityPolicy(ctx context.Context, policy *PasswordComplexityPolicyUpdate) (*PasswordComplexityPolicy, error) {
func (s *Server) UpdatePasswordComplexityPolicy(ctx context.Context, policy *management.PasswordComplexityPolicyUpdate) (*management.PasswordComplexityPolicy, error) {
policyresp, err := s.policy.UpdatePasswordComplexityPolicy(ctx, passwordComplexityPolicyUpdateToModel(policy))
if err != nil {
return nil, err
@@ -34,11 +36,11 @@ func (s *Server) UpdatePasswordComplexityPolicy(ctx context.Context, policy *Pas
return passwordComplexityPolicyFromModel(policyresp), nil
}
func (s *Server) DeletePasswordComplexityPolicy(ctx context.Context, ID *PasswordComplexityPolicyID) (*empty.Empty, error) {
func (s *Server) DeletePasswordComplexityPolicy(ctx context.Context, ID *management.PasswordComplexityPolicyID) (*empty.Empty, error) {
return nil, errors.ThrowUnimplemented(nil, "GRPC-skw3f", "Not implemented")
}
func (s *Server) CreatePasswordAgePolicy(ctx context.Context, policy *PasswordAgePolicyCreate) (*PasswordAgePolicy, error) {
func (s *Server) CreatePasswordAgePolicy(ctx context.Context, policy *management.PasswordAgePolicyCreate) (*management.PasswordAgePolicy, error) {
policyresp, err := s.policy.CreatePasswordAgePolicy(ctx, passwordAgePolicyCreateToModel(policy))
if err != nil {
return nil, err
@@ -47,7 +49,7 @@ func (s *Server) CreatePasswordAgePolicy(ctx context.Context, policy *PasswordAg
return passwordAgePolicyFromModel(policyresp), nil
}
func (s *Server) GetPasswordAgePolicy(ctx context.Context, _ *empty.Empty) (*PasswordAgePolicy, error) {
func (s *Server) GetPasswordAgePolicy(ctx context.Context, _ *empty.Empty) (*management.PasswordAgePolicy, error) {
policy, err := s.policy.GetPasswordAgePolicy(ctx)
if err != nil {
return nil, err
@@ -56,7 +58,7 @@ func (s *Server) GetPasswordAgePolicy(ctx context.Context, _ *empty.Empty) (*Pas
return passwordAgePolicyFromModel(policy), nil
}
func (s *Server) UpdatePasswordAgePolicy(ctx context.Context, policy *PasswordAgePolicyUpdate) (*PasswordAgePolicy, error) {
func (s *Server) UpdatePasswordAgePolicy(ctx context.Context, policy *management.PasswordAgePolicyUpdate) (*management.PasswordAgePolicy, error) {
policyresp, err := s.policy.UpdatePasswordAgePolicy(ctx, passwordAgePolicyUpdateToModel(policy))
if err != nil {
return nil, err
@@ -65,11 +67,11 @@ func (s *Server) UpdatePasswordAgePolicy(ctx context.Context, policy *PasswordAg
return passwordAgePolicyFromModel(policyresp), nil
}
func (s *Server) DeletePasswordAgePolicy(ctx context.Context, ID *PasswordAgePolicyID) (*empty.Empty, error) {
func (s *Server) DeletePasswordAgePolicy(ctx context.Context, ID *management.PasswordAgePolicyID) (*empty.Empty, error) {
return nil, errors.ThrowUnimplemented(nil, "GRPC-plo67", "Not implemented")
}
func (s *Server) CreatePasswordLockoutPolicy(ctx context.Context, policy *PasswordLockoutPolicyCreate) (*PasswordLockoutPolicy, error) {
func (s *Server) CreatePasswordLockoutPolicy(ctx context.Context, policy *management.PasswordLockoutPolicyCreate) (*management.PasswordLockoutPolicy, error) {
policyresp, err := s.policy.CreatePasswordLockoutPolicy(ctx, passwordLockoutPolicyCreateToModel(policy))
if err != nil {
return nil, err
@@ -78,7 +80,7 @@ func (s *Server) CreatePasswordLockoutPolicy(ctx context.Context, policy *Passwo
return passwordLockoutPolicyFromModel(policyresp), nil
}
func (s *Server) GetPasswordLockoutPolicy(ctx context.Context, _ *empty.Empty) (*PasswordLockoutPolicy, error) {
func (s *Server) GetPasswordLockoutPolicy(ctx context.Context, _ *empty.Empty) (*management.PasswordLockoutPolicy, error) {
policy, err := s.policy.GetPasswordLockoutPolicy(ctx)
if err != nil {
return nil, err
@@ -87,7 +89,7 @@ func (s *Server) GetPasswordLockoutPolicy(ctx context.Context, _ *empty.Empty) (
return passwordLockoutPolicyFromModel(policy), nil
}
func (s *Server) UpdatePasswordLockoutPolicy(ctx context.Context, policy *PasswordLockoutPolicyUpdate) (*PasswordLockoutPolicy, error) {
func (s *Server) UpdatePasswordLockoutPolicy(ctx context.Context, policy *management.PasswordLockoutPolicyUpdate) (*management.PasswordLockoutPolicy, error) {
policyresp, err := s.policy.UpdatePasswordLockoutPolicy(ctx, passwordLockoutPolicyUpdateToModel(policy))
if err != nil {
return nil, err
@@ -96,6 +98,6 @@ func (s *Server) UpdatePasswordLockoutPolicy(ctx context.Context, policy *Passwo
return passwordLockoutPolicyFromModel(policyresp), nil
}
func (s *Server) DeletePasswordLockoutPolicy(ctx context.Context, ID *PasswordLockoutPolicyID) (*empty.Empty, error) {
func (s *Server) DeletePasswordLockoutPolicy(ctx context.Context, ID *management.PasswordLockoutPolicyID) (*empty.Empty, error) {
return nil, errors.ThrowUnimplemented(nil, "GRPC-GHkd9", "Not implemented")
}

16
pkg/management/api/grpc/policy_age_converter.go → internal/api/grpc/management/policy_age_converter.go
View File

@@ -1,20 +1,22 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/policy/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func passwordAgePolicyFromModel(policy *model.PasswordAgePolicy) *PasswordAgePolicy {
func passwordAgePolicyFromModel(policy *model.PasswordAgePolicy) *management.PasswordAgePolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-6ILdB").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(policy.ChangeDate)
logging.Log("GRPC-ngUzJ").OnError(err).Debug("unable to parse timestamp")
return &PasswordAgePolicy{
return &management.PasswordAgePolicy{
Id: policy.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -26,7 +28,7 @@ func passwordAgePolicyFromModel(policy *model.PasswordAgePolicy) *PasswordAgePol
}
}
func passwordAgePolicyToModel(policy *PasswordAgePolicy) *model.PasswordAgePolicy {
func passwordAgePolicyToModel(policy *management.PasswordAgePolicy) *model.PasswordAgePolicy {
creationDate, err := ptypes.Timestamp(policy.CreationDate)
logging.Log("GRPC-2QSfU").OnError(err).Debug("unable to parse timestamp")
@@ -46,7 +48,7 @@ func passwordAgePolicyToModel(policy *PasswordAgePolicy) *model.PasswordAgePolic
}
}
func passwordAgePolicyCreateToModel(policy *PasswordAgePolicyCreate) *model.PasswordAgePolicy {
func passwordAgePolicyCreateToModel(policy *management.PasswordAgePolicyCreate) *model.PasswordAgePolicy {
return &model.PasswordAgePolicy{
Description: policy.Description,
ExpireWarnDays: policy.ExpireWarnDays,
@@ -54,7 +56,7 @@ func passwordAgePolicyCreateToModel(policy *PasswordAgePolicyCreate) *model.Pass
}
}
func passwordAgePolicyUpdateToModel(policy *PasswordAgePolicyUpdate) *model.PasswordAgePolicy {
func passwordAgePolicyUpdateToModel(policy *management.PasswordAgePolicyUpdate) *model.PasswordAgePolicy {
return &model.PasswordAgePolicy{
ObjectRoot: models.ObjectRoot{
AggregateID: policy.Id,

17
pkg/management/api/grpc/policy_complexity_converter.go → internal/api/grpc/management/policy_complexity_converter.go
View File

@@ -1,20 +1,23 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/policy/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func passwordComplexityPolicyFromModel(policy *model.PasswordComplexityPolicy) *PasswordComplexityPolicy {
func passwordComplexityPolicyFromModel(policy *model.PasswordComplexityPolicy) *management.PasswordComplexityPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-cQRHE").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(policy.ChangeDate)
logging.Log("GRPC-PVA1c").OnError(err).Debug("unable to parse timestamp")
return &PasswordComplexityPolicy{
return &management.PasswordComplexityPolicy{
Id: policy.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -29,7 +32,7 @@ func passwordComplexityPolicyFromModel(policy *model.PasswordComplexityPolicy) *
}
}
func passwordComplexityPolicyToModel(policy *PasswordComplexityPolicy) *model.PasswordComplexityPolicy {
func passwordComplexityPolicyToModel(policy *management.PasswordComplexityPolicy) *model.PasswordComplexityPolicy {
creationDate, err := ptypes.Timestamp(policy.CreationDate)
logging.Log("GRPC-asmEZ").OnError(err).Debug("unable to parse timestamp")
@@ -52,7 +55,7 @@ func passwordComplexityPolicyToModel(policy *PasswordComplexityPolicy) *model.Pa
}
}
func passwordComplexityPolicyCreateToModel(policy *PasswordComplexityPolicyCreate) *model.PasswordComplexityPolicy {
func passwordComplexityPolicyCreateToModel(policy *management.PasswordComplexityPolicyCreate) *model.PasswordComplexityPolicy {
return &model.PasswordComplexityPolicy{
Description: policy.Description,
MinLength: policy.MinLength,
@@ -63,7 +66,7 @@ func passwordComplexityPolicyCreateToModel(policy *PasswordComplexityPolicyCreat
}
}
func passwordComplexityPolicyUpdateToModel(policy *PasswordComplexityPolicyUpdate) *model.PasswordComplexityPolicy {
func passwordComplexityPolicyUpdateToModel(policy *management.PasswordComplexityPolicyUpdate) *model.PasswordComplexityPolicy {
return &model.PasswordComplexityPolicy{
ObjectRoot: models.ObjectRoot{
AggregateID: policy.Id,

17
pkg/management/api/grpc/policy_lockout_converter.go → internal/api/grpc/management/policy_lockout_converter.go
View File

@@ -1,20 +1,23 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/policy/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func passwordLockoutPolicyFromModel(policy *model.PasswordLockoutPolicy) *PasswordLockoutPolicy {
func passwordLockoutPolicyFromModel(policy *model.PasswordLockoutPolicy) *management.PasswordLockoutPolicy {
creationDate, err := ptypes.TimestampProto(policy.CreationDate)
logging.Log("GRPC-JRSbT").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(policy.ChangeDate)
logging.Log("GRPC-1sizr").OnError(err).Debug("unable to parse timestamp")
return &PasswordLockoutPolicy{
return &management.PasswordLockoutPolicy{
Id: policy.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -26,7 +29,7 @@ func passwordLockoutPolicyFromModel(policy *model.PasswordLockoutPolicy) *Passwo
}
}
func passwordLockoutPolicyToModel(policy *PasswordLockoutPolicy) *model.PasswordLockoutPolicy {
func passwordLockoutPolicyToModel(policy *management.PasswordLockoutPolicy) *model.PasswordLockoutPolicy {
creationDate, err := ptypes.Timestamp(policy.CreationDate)
logging.Log("GRPC-8a511").OnError(err).Debug("unable to parse timestamp")
@@ -47,7 +50,7 @@ func passwordLockoutPolicyToModel(policy *PasswordLockoutPolicy) *model.Password
}
}
func passwordLockoutPolicyCreateToModel(policy *PasswordLockoutPolicyCreate) *model.PasswordLockoutPolicy {
func passwordLockoutPolicyCreateToModel(policy *management.PasswordLockoutPolicyCreate) *model.PasswordLockoutPolicy {
return &model.PasswordLockoutPolicy{
Description: policy.Description,
MaxAttempts: policy.MaxAttempts,
@@ -55,7 +58,7 @@ func passwordLockoutPolicyCreateToModel(policy *PasswordLockoutPolicyCreate) *mo
}
}
func passwordLockoutPolicyUpdateToModel(policy *PasswordLockoutPolicyUpdate) *model.PasswordLockoutPolicy {
func passwordLockoutPolicyUpdateToModel(policy *management.PasswordLockoutPolicyUpdate) *model.PasswordLockoutPolicy {
return &model.PasswordLockoutPolicy{
ObjectRoot: models.ObjectRoot{
AggregateID: policy.Id,

2
pkg/management/api/grpc/probes.go → internal/api/grpc/management/probes.go
View File

@@ -1,4 +1,4 @@
package grpc
package management
import (
"context"

44
pkg/management/api/grpc/project.go → internal/api/grpc/management/project.go
View File

@@ -1,36 +1,38 @@
package grpc
package management
import (
"context"
"github.com/caos/zitadel/internal/api"
"github.com/caos/zitadel/internal/api/auth"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/internal/api/authz"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/api/http"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) CreateProject(ctx context.Context, in *ProjectCreateRequest) (*Project, error) {
func (s *Server) CreateProject(ctx context.Context, in *management.ProjectCreateRequest) (*management.Project, error) {
project, err := s.project.CreateProject(ctx, in.Name)
if err != nil {
return nil, err
}
return projectFromModel(project), nil
}
func (s *Server) UpdateProject(ctx context.Context, in *ProjectUpdateRequest) (*Project, error) {
func (s *Server) UpdateProject(ctx context.Context, in *management.ProjectUpdateRequest) (*management.Project, error) {
project, err := s.project.UpdateProject(ctx, projectUpdateToModel(in))
if err != nil {
return nil, err
}
return projectFromModel(project), nil
}
func (s *Server) DeactivateProject(ctx context.Context, in *ProjectID) (*Project, error) {
func (s *Server) DeactivateProject(ctx context.Context, in *management.ProjectID) (*management.Project, error) {
project, err := s.project.DeactivateProject(ctx, in.Id)
if err != nil {
return nil, err
}
return projectFromModel(project), nil
}
func (s *Server) ReactivateProject(ctx context.Context, in *ProjectID) (*Project, error) {
func (s *Server) ReactivateProject(ctx context.Context, in *management.ProjectID) (*management.Project, error) {
project, err := s.project.ReactivateProject(ctx, in.Id)
if err != nil {
return nil, err
@@ -38,9 +40,9 @@ func (s *Server) ReactivateProject(ctx context.Context, in *ProjectID) (*Project
return projectFromModel(project), nil
}
func (s *Server) SearchProjects(ctx context.Context, in *ProjectSearchRequest) (*ProjectSearchResponse, error) {
func (s *Server) SearchProjects(ctx context.Context, in *management.ProjectSearchRequest) (*management.ProjectSearchResponse, error) {
request := projectSearchRequestsToModel(in)
request.AppendMyResourceOwnerQuery(grpc_util.GetHeader(ctx, api.ZitadelOrgID))
request.AppendMyResourceOwnerQuery(grpc_util.GetHeader(ctx, http.ZitadelOrgID))
response, err := s.project.SearchProjects(ctx, request)
if err != nil {
return nil, err
@@ -48,7 +50,7 @@ func (s *Server) SearchProjects(ctx context.Context, in *ProjectSearchRequest) (
return projectSearchResponseFromModel(response), nil
}
func (s *Server) ProjectByID(ctx context.Context, id *ProjectID) (*ProjectView, error) {
func (s *Server) ProjectByID(ctx context.Context, id *management.ProjectID) (*management.ProjectView, error) {
project, err := s.project.ProjectByID(ctx, id.Id)
if err != nil {
return nil, err
@@ -56,9 +58,9 @@ func (s *Server) ProjectByID(ctx context.Context, id *ProjectID) (*ProjectView,
return projectViewFromModel(project), nil
}
func (s *Server) SearchGrantedProjects(ctx context.Context, in *GrantedProjectSearchRequest) (*ProjectGrantSearchResponse, error) {
func (s *Server) SearchGrantedProjects(ctx context.Context, in *management.GrantedProjectSearchRequest) (*management.ProjectGrantSearchResponse, error) {
request := grantedProjectSearchRequestsToModel(in)
request.AppendMyOrgQuery(grpc_util.GetHeader(ctx, api.ZitadelOrgID))
request.AppendMyOrgQuery(grpc_util.GetHeader(ctx, http.ZitadelOrgID))
response, err := s.project.SearchProjectGrants(ctx, request)
if err != nil {
return nil, err
@@ -66,7 +68,7 @@ func (s *Server) SearchGrantedProjects(ctx context.Context, in *GrantedProjectSe
return projectGrantSearchResponseFromModel(response), nil
}
func (s *Server) GetGrantedProjectByID(ctx context.Context, in *ProjectGrantID) (*ProjectGrantView, error) {
func (s *Server) GetGrantedProjectByID(ctx context.Context, in *management.ProjectGrantID) (*management.ProjectGrantView, error) {
project, err := s.project.ProjectGrantViewByID(ctx, in.Id)
if err != nil {
return nil, err
@@ -74,7 +76,7 @@ func (s *Server) GetGrantedProjectByID(ctx context.Context, in *ProjectGrantID)
return projectGrantFromGrantedProjectModel(project), nil
}
func (s *Server) AddProjectRole(ctx context.Context, in *ProjectRoleAdd) (*ProjectRole, error) {
func (s *Server) AddProjectRole(ctx context.Context, in *management.ProjectRoleAdd) (*management.ProjectRole, error) {
role, err := s.project.AddProjectRole(ctx, projectRoleAddToModel(in))
if err != nil {
return nil, err
@@ -82,12 +84,12 @@ func (s *Server) AddProjectRole(ctx context.Context, in *ProjectRoleAdd) (*Proje
return projectRoleFromModel(role), nil
}
func (s *Server) BulkAddProjectRole(ctx context.Context, in *ProjectRoleAddBulk) (*empty.Empty, error) {
func (s *Server) BulkAddProjectRole(ctx context.Context, in *management.ProjectRoleAddBulk) (*empty.Empty, error) {
err := s.project.BulkAddProjectRole(ctx, projectRoleAddBulkToModel(in))
return &empty.Empty{}, err
}
func (s *Server) ChangeProjectRole(ctx context.Context, in *ProjectRoleChange) (*ProjectRole, error) {
func (s *Server) ChangeProjectRole(ctx context.Context, in *management.ProjectRoleChange) (*management.ProjectRole, error) {
role, err := s.project.ChangeProjectRole(ctx, projectRoleChangeToModel(in))
if err != nil {
return nil, err
@@ -95,14 +97,14 @@ func (s *Server) ChangeProjectRole(ctx context.Context, in *ProjectRoleChange) (
return projectRoleFromModel(role), nil
}
func (s *Server) RemoveProjectRole(ctx context.Context, in *ProjectRoleRemove) (*empty.Empty, error) {
func (s *Server) RemoveProjectRole(ctx context.Context, in *management.ProjectRoleRemove) (*empty.Empty, error) {
err := s.project.RemoveProjectRole(ctx, in.Id, in.Key)
return &empty.Empty{}, err
}
func (s *Server) SearchProjectRoles(ctx context.Context, in *ProjectRoleSearchRequest) (*ProjectRoleSearchResponse, error) {
func (s *Server) SearchProjectRoles(ctx context.Context, in *management.ProjectRoleSearchRequest) (*management.ProjectRoleSearchResponse, error) {
request := projectRoleSearchRequestsToModel(in)
request.AppendMyOrgQuery(auth.GetCtxData(ctx).OrgID)
request.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID)
request.AppendProjectQuery(in.ProjectId)
response, err := s.project.SearchProjectRoles(ctx, request)
if err != nil {
@@ -111,7 +113,7 @@ func (s *Server) SearchProjectRoles(ctx context.Context, in *ProjectRoleSearchRe
return projectRoleSearchResponseFromModel(response), nil
}
func (s *Server) ProjectChanges(ctx context.Context, changesRequest *ChangeRequest) (*Changes, error) {
func (s *Server) ProjectChanges(ctx context.Context, changesRequest *management.ChangeRequest) (*management.Changes, error) {
response, err := s.project.ProjectChanges(ctx, changesRequest.Id, changesRequest.SequenceOffset, changesRequest.Limit, changesRequest.Asc)
if err != nil {
return nil, err

101
pkg/management/api/grpc/project_converter.go → internal/api/grpc/management/project_converter.go
View File

@@ -1,26 +1,27 @@
package grpc
package management
import (
"encoding/json"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
proj_model "github.com/caos/zitadel/internal/project/model"
"github.com/caos/zitadel/pkg/message"
"github.com/golang/protobuf/ptypes"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/types/known/structpb"
"github.com/caos/zitadel/internal/eventstore/models"
proj_model "github.com/caos/zitadel/internal/project/model"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/caos/zitadel/pkg/grpc/message"
)
func projectFromModel(project *proj_model.Project) *Project {
func projectFromModel(project *proj_model.Project) *management.Project {
creationDate, err := ptypes.TimestampProto(project.CreationDate)
logging.Log("GRPC-iejs3").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(project.ChangeDate)
logging.Log("GRPC-di7rw").OnError(err).Debug("unable to parse timestamp")
return &Project{
return &management.Project{
Id: project.AggregateID,
State: projectStateFromModel(project.State),
CreationDate: creationDate,
@@ -30,8 +31,8 @@ func projectFromModel(project *proj_model.Project) *Project {
}
}
func projectSearchResponseFromModel(response *proj_model.ProjectViewSearchResponse) *ProjectSearchResponse {
return &ProjectSearchResponse{
func projectSearchResponseFromModel(response *proj_model.ProjectViewSearchResponse) *management.ProjectSearchResponse {
return &management.ProjectSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -39,22 +40,22 @@ func projectSearchResponseFromModel(response *proj_model.ProjectViewSearchRespon
}
}
func projectViewsFromModel(projects []*proj_model.ProjectView) []*ProjectView {
converted := make([]*ProjectView, len(projects))
func projectViewsFromModel(projects []*proj_model.ProjectView) []*management.ProjectView {
converted := make([]*management.ProjectView, len(projects))
for i, project := range projects {
converted[i] = projectViewFromModel(project)
}
return converted
}
func projectViewFromModel(project *proj_model.ProjectView) *ProjectView {
func projectViewFromModel(project *proj_model.ProjectView) *management.ProjectView {
creationDate, err := ptypes.TimestampProto(project.CreationDate)
logging.Log("GRPC-dlso3").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(project.ChangeDate)
logging.Log("GRPC-sope3").OnError(err).Debug("unable to parse timestamp")
return &ProjectView{
return &management.ProjectView{
ProjectId: project.ProjectID,
State: projectStateFromModel(project.State),
CreationDate: creationDate,
@@ -65,8 +66,8 @@ func projectViewFromModel(project *proj_model.ProjectView) *ProjectView {
}
}
func projectRoleSearchResponseFromModel(response *proj_model.ProjectRoleSearchResponse) *ProjectRoleSearchResponse {
return &ProjectRoleSearchResponse{
func projectRoleSearchResponseFromModel(response *proj_model.ProjectRoleSearchResponse) *management.ProjectRoleSearchResponse {
return &management.ProjectRoleSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -74,19 +75,19 @@ func projectRoleSearchResponseFromModel(response *proj_model.ProjectRoleSearchRe
}
}
func projectRoleViewsFromModel(roles []*proj_model.ProjectRoleView) []*ProjectRoleView {
converted := make([]*ProjectRoleView, len(roles))
func projectRoleViewsFromModel(roles []*proj_model.ProjectRoleView) []*management.ProjectRoleView {
converted := make([]*management.ProjectRoleView, len(roles))
for i, role := range roles {
converted[i] = projectRoleViewFromModel(role)
}
return converted
}
func projectRoleViewFromModel(role *proj_model.ProjectRoleView) *ProjectRoleView {
func projectRoleViewFromModel(role *proj_model.ProjectRoleView) *management.ProjectRoleView {
creationDate, err := ptypes.TimestampProto(role.CreationDate)
logging.Log("GRPC-dlso3").OnError(err).Debug("unable to parse timestamp")
return &ProjectRoleView{
return &management.ProjectRoleView{
ProjectId: role.ProjectID,
CreationDate: creationDate,
Key: role.Key,
@@ -96,18 +97,18 @@ func projectRoleViewFromModel(role *proj_model.ProjectRoleView) *ProjectRoleView
}
}
func projectStateFromModel(state proj_model.ProjectState) ProjectState {
func projectStateFromModel(state proj_model.ProjectState) management.ProjectState {
switch state {
case proj_model.ProjectStateActive:
return ProjectState_PROJECTSTATE_ACTIVE
return management.ProjectState_PROJECTSTATE_ACTIVE
case proj_model.ProjectStateInactive:
return ProjectState_PROJECTSTATE_INACTIVE
return management.ProjectState_PROJECTSTATE_INACTIVE
default:
return ProjectState_PROJECTSTATE_UNSPECIFIED
return management.ProjectState_PROJECTSTATE_UNSPECIFIED
}
}
func projectUpdateToModel(project *ProjectUpdateRequest) *proj_model.Project {
func projectUpdateToModel(project *management.ProjectUpdateRequest) *proj_model.Project {
return &proj_model.Project{
ObjectRoot: models.ObjectRoot{
AggregateID: project.Id,
@@ -116,14 +117,14 @@ func projectUpdateToModel(project *ProjectUpdateRequest) *proj_model.Project {
}
}
func projectRoleFromModel(role *proj_model.ProjectRole) *ProjectRole {
func projectRoleFromModel(role *proj_model.ProjectRole) *management.ProjectRole {
creationDate, err := ptypes.TimestampProto(role.CreationDate)
logging.Log("GRPC-due83").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(role.ChangeDate)
logging.Log("GRPC-id93s").OnError(err).Debug("unable to parse timestamp")
return &ProjectRole{
return &management.ProjectRole{
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: role.Sequence,
@@ -133,7 +134,7 @@ func projectRoleFromModel(role *proj_model.ProjectRole) *ProjectRole {
}
}
func projectRoleAddBulkToModel(bulk *ProjectRoleAddBulk) []*proj_model.ProjectRole {
func projectRoleAddBulkToModel(bulk *management.ProjectRoleAddBulk) []*proj_model.ProjectRole {
roles := make([]*proj_model.ProjectRole, len(bulk.ProjectRoles))
for i, role := range bulk.ProjectRoles {
roles[i] = &proj_model.ProjectRole{
@@ -148,7 +149,7 @@ func projectRoleAddBulkToModel(bulk *ProjectRoleAddBulk) []*proj_model.ProjectRo
return roles
}
func projectRoleAddToModel(role *ProjectRoleAdd) *proj_model.ProjectRole {
func projectRoleAddToModel(role *management.ProjectRoleAdd) *proj_model.ProjectRole {
return &proj_model.ProjectRole{
ObjectRoot: models.ObjectRoot{
AggregateID: role.Id,
@@ -159,7 +160,7 @@ func projectRoleAddToModel(role *ProjectRoleAdd) *proj_model.ProjectRole {
}
}
func projectRoleChangeToModel(role *ProjectRoleChange) *proj_model.ProjectRole {
func projectRoleChangeToModel(role *management.ProjectRoleChange) *proj_model.ProjectRole {
return &proj_model.ProjectRole{
ObjectRoot: models.ObjectRoot{
AggregateID: role.Id,
@@ -170,14 +171,14 @@ func projectRoleChangeToModel(role *ProjectRoleChange) *proj_model.ProjectRole {
}
}
func projectSearchRequestsToModel(project *ProjectSearchRequest) *proj_model.ProjectViewSearchRequest {
func projectSearchRequestsToModel(project *management.ProjectSearchRequest) *proj_model.ProjectViewSearchRequest {
return &proj_model.ProjectViewSearchRequest{
Offset: project.Offset,
Limit: project.Limit,
Queries: projectSearchQueriesToModel(project.Queries),
}
}
func grantedProjectSearchRequestsToModel(request *GrantedProjectSearchRequest) *proj_model.ProjectGrantViewSearchRequest {
func grantedProjectSearchRequestsToModel(request *management.GrantedProjectSearchRequest) *proj_model.ProjectGrantViewSearchRequest {
return &proj_model.ProjectGrantViewSearchRequest{
Offset: request.Offset,
Limit: request.Limit,
@@ -185,7 +186,7 @@ func grantedProjectSearchRequestsToModel(request *GrantedProjectSearchRequest) *
}
}
func projectSearchQueriesToModel(queries []*ProjectSearchQuery) []*proj_model.ProjectViewSearchQuery {
func projectSearchQueriesToModel(queries []*management.ProjectSearchQuery) []*proj_model.ProjectViewSearchQuery {
converted := make([]*proj_model.ProjectViewSearchQuery, len(queries))
for i, q := range queries {
converted[i] = projectSearchQueryToModel(q)
@@ -193,7 +194,7 @@ func projectSearchQueriesToModel(queries []*ProjectSearchQuery) []*proj_model.Pr
return converted
}
func projectSearchQueryToModel(query *ProjectSearchQuery) *proj_model.ProjectViewSearchQuery {
func projectSearchQueryToModel(query *management.ProjectSearchQuery) *proj_model.ProjectViewSearchQuery {
return &proj_model.ProjectViewSearchQuery{
Key: projectSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -201,16 +202,16 @@ func projectSearchQueryToModel(query *ProjectSearchQuery) *proj_model.ProjectVie
}
}
func projectSearchKeyToModel(key ProjectSearchKey) proj_model.ProjectViewSearchKey {
func projectSearchKeyToModel(key management.ProjectSearchKey) proj_model.ProjectViewSearchKey {
switch key {
case ProjectSearchKey_PROJECTSEARCHKEY_PROJECT_NAME:
case management.ProjectSearchKey_PROJECTSEARCHKEY_PROJECT_NAME:
return proj_model.ProjectViewSearchKeyName
default:
return proj_model.ProjectViewSearchKeyUnspecified
}
}
func grantedPRojectSearchQueriesToModel(queries []*ProjectSearchQuery) []*proj_model.ProjectGrantViewSearchQuery {
func grantedPRojectSearchQueriesToModel(queries []*management.ProjectSearchQuery) []*proj_model.ProjectGrantViewSearchQuery {
converted := make([]*proj_model.ProjectGrantViewSearchQuery, len(queries))
for i, q := range queries {
converted[i] = grantedProjectSearchQueryToModel(q)
@@ -218,7 +219,7 @@ func grantedPRojectSearchQueriesToModel(queries []*ProjectSearchQuery) []*proj_m
return converted
}
func grantedProjectSearchQueryToModel(query *ProjectSearchQuery) *proj_model.ProjectGrantViewSearchQuery {
func grantedProjectSearchQueryToModel(query *management.ProjectSearchQuery) *proj_model.ProjectGrantViewSearchQuery {
return &proj_model.ProjectGrantViewSearchQuery{
Key: projectGrantSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -226,16 +227,16 @@ func grantedProjectSearchQueryToModel(query *ProjectSearchQuery) *proj_model.Pro
}
}
func projectGrantSearchKeyToModel(key ProjectSearchKey) proj_model.ProjectGrantViewSearchKey {
func projectGrantSearchKeyToModel(key management.ProjectSearchKey) proj_model.ProjectGrantViewSearchKey {
switch key {
case ProjectSearchKey_PROJECTSEARCHKEY_PROJECT_NAME:
case management.ProjectSearchKey_PROJECTSEARCHKEY_PROJECT_NAME:
return proj_model.GrantedProjectSearchKeyName
default:
return proj_model.GrantedProjectSearchKeyUnspecified
}
}
func projectRoleSearchRequestsToModel(role *ProjectRoleSearchRequest) *proj_model.ProjectRoleSearchRequest {
func projectRoleSearchRequestsToModel(role *management.ProjectRoleSearchRequest) *proj_model.ProjectRoleSearchRequest {
return &proj_model.ProjectRoleSearchRequest{
Offset: role.Offset,
Limit: role.Limit,
@@ -243,7 +244,7 @@ func projectRoleSearchRequestsToModel(role *ProjectRoleSearchRequest) *proj_mode
}
}
func projectRoleSearchQueriesToModel(queries []*ProjectRoleSearchQuery) []*proj_model.ProjectRoleSearchQuery {
func projectRoleSearchQueriesToModel(queries []*management.ProjectRoleSearchQuery) []*proj_model.ProjectRoleSearchQuery {
converted := make([]*proj_model.ProjectRoleSearchQuery, len(queries))
for i, q := range queries {
converted[i] = projectRoleSearchQueryToModel(q)
@@ -251,7 +252,7 @@ func projectRoleSearchQueriesToModel(queries []*ProjectRoleSearchQuery) []*proj_
return converted
}
func projectRoleSearchQueryToModel(query *ProjectRoleSearchQuery) *proj_model.ProjectRoleSearchQuery {
func projectRoleSearchQueryToModel(query *management.ProjectRoleSearchQuery) *proj_model.ProjectRoleSearchQuery {
return &proj_model.ProjectRoleSearchQuery{
Key: projectRoleSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -259,27 +260,27 @@ func projectRoleSearchQueryToModel(query *ProjectRoleSearchQuery) *proj_model.Pr
}
}
func projectRoleSearchKeyToModel(key ProjectRoleSearchKey) proj_model.ProjectRoleSearchKey {
func projectRoleSearchKeyToModel(key management.ProjectRoleSearchKey) proj_model.ProjectRoleSearchKey {
switch key {
case ProjectRoleSearchKey_PROJECTROLESEARCHKEY_KEY:
case management.ProjectRoleSearchKey_PROJECTROLESEARCHKEY_KEY:
return proj_model.ProjectRoleSearchKeyKey
case ProjectRoleSearchKey_PROJECTROLESEARCHKEY_DISPLAY_NAME:
case management.ProjectRoleSearchKey_PROJECTROLESEARCHKEY_DISPLAY_NAME:
return proj_model.ProjectRoleSearchKeyDisplayName
default:
return proj_model.ProjectRoleSearchKeyUnspecified
}
}
func projectChangesToResponse(response *proj_model.ProjectChanges, offset uint64, limit uint64) (_ *Changes) {
return &Changes{
func projectChangesToResponse(response *proj_model.ProjectChanges, offset uint64, limit uint64) (_ *management.Changes) {
return &management.Changes{
Limit: limit,
Offset: offset,
Changes: projectChangesToMgtAPI(response),
}
}
func projectChangesToMgtAPI(changes *proj_model.ProjectChanges) (_ []*Change) {
result := make([]*Change, len(changes.Changes))
func projectChangesToMgtAPI(changes *proj_model.ProjectChanges) (_ []*management.Change) {
result := make([]*management.Change, len(changes.Changes))
for i, change := range changes.Changes {
b, err := json.Marshal(change.Data)
@@ -287,7 +288,7 @@ func projectChangesToMgtAPI(changes *proj_model.ProjectChanges) (_ []*Change) {
err = protojson.Unmarshal(b, data)
if err != nil {
}
result[i] = &Change{
result[i] = &management.Change{
ChangeDate: change.ChangeDate,
EventType: message.NewLocalizedEventType(change.EventType),
Sequence: change.Sequence,

24
pkg/management/api/grpc/project_grant.go → internal/api/grpc/management/project_grant.go
View File

@@ -1,16 +1,18 @@
package grpc
package management
import (
"context"
"github.com/caos/zitadel/internal/api"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/golang/protobuf/ptypes/empty"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/api/http"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) SearchProjectGrants(ctx context.Context, in *ProjectGrantSearchRequest) (*ProjectGrantSearchResponse, error) {
func (s *Server) SearchProjectGrants(ctx context.Context, in *management.ProjectGrantSearchRequest) (*management.ProjectGrantSearchResponse, error) {
request := projectGrantSearchRequestsToModel(in)
orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)
orgID := grpc_util.GetHeader(ctx, http.ZitadelOrgID)
request.AppendMyResourceOwnerQuery(orgID)
request.AppendNotMyOrgQuery(orgID)
response, err := s.project.SearchProjectGrants(ctx, request)
@@ -20,7 +22,7 @@ func (s *Server) SearchProjectGrants(ctx context.Context, in *ProjectGrantSearch
return projectGrantSearchResponseFromModel(response), nil
}
func (s *Server) ProjectGrantByID(ctx context.Context, in *ProjectGrantID) (*ProjectGrantView, error) {
func (s *Server) ProjectGrantByID(ctx context.Context, in *management.ProjectGrantID) (*management.ProjectGrantView, error) {
grant, err := s.project.ProjectGrantByID(ctx, in.Id)
if err != nil {
return nil, err
@@ -28,21 +30,21 @@ func (s *Server) ProjectGrantByID(ctx context.Context, in *ProjectGrantID) (*Pro
return projectGrantFromGrantedProjectModel(grant), nil
}
func (s *Server) CreateProjectGrant(ctx context.Context, in *ProjectGrantCreate) (*ProjectGrant, error) {
func (s *Server) CreateProjectGrant(ctx context.Context, in *management.ProjectGrantCreate) (*management.ProjectGrant, error) {
grant, err := s.project.AddProjectGrant(ctx, projectGrantCreateToModel(in))
if err != nil {
return nil, err
}
return projectGrantFromModel(grant), nil
}
func (s *Server) UpdateProjectGrant(ctx context.Context, in *ProjectGrantUpdate) (*ProjectGrant, error) {
func (s *Server) UpdateProjectGrant(ctx context.Context, in *management.ProjectGrantUpdate) (*management.ProjectGrant, error) {
grant, err := s.project.ChangeProjectGrant(ctx, projectGrantUpdateToModel(in))
if err != nil {
return nil, err
}
return projectGrantFromModel(grant), nil
}
func (s *Server) DeactivateProjectGrant(ctx context.Context, in *ProjectGrantID) (*ProjectGrant, error) {
func (s *Server) DeactivateProjectGrant(ctx context.Context, in *management.ProjectGrantID) (*management.ProjectGrant, error) {
grant, err := s.project.DeactivateProjectGrant(ctx, in.ProjectId, in.Id)
if err != nil {
return nil, err
@@ -50,7 +52,7 @@ func (s *Server) DeactivateProjectGrant(ctx context.Context, in *ProjectGrantID)
return projectGrantFromModel(grant), nil
}
func (s *Server) ReactivateProjectGrant(ctx context.Context, in *ProjectGrantID) (*ProjectGrant, error) {
func (s *Server) ReactivateProjectGrant(ctx context.Context, in *management.ProjectGrantID) (*management.ProjectGrant, error) {
grant, err := s.project.ReactivateProjectGrant(ctx, in.ProjectId, in.Id)
if err != nil {
return nil, err
@@ -58,7 +60,7 @@ func (s *Server) ReactivateProjectGrant(ctx context.Context, in *ProjectGrantID)
return projectGrantFromModel(grant), nil
}
func (s *Server) RemoveProjectGrant(ctx context.Context, in *ProjectGrantID) (*empty.Empty, error) {
func (s *Server) RemoveProjectGrant(ctx context.Context, in *management.ProjectGrantID) (*empty.Empty, error) {
err := s.project.RemoveProjectGrant(ctx, in.ProjectId, in.Id)
return &empty.Empty{}, err
}

55
pkg/management/api/grpc/project_grant_converter.go → internal/api/grpc/management/project_grant_converter.go
View File

@@ -1,21 +1,24 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/model"
proj_model "github.com/caos/zitadel/internal/project/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func projectGrantFromModel(grant *proj_model.ProjectGrant) *ProjectGrant {
func projectGrantFromModel(grant *proj_model.ProjectGrant) *management.ProjectGrant {
creationDate, err := ptypes.TimestampProto(grant.CreationDate)
logging.Log("GRPC-8d73s").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(grant.ChangeDate)
logging.Log("GRPC-dlso3").OnError(err).Debug("unable to parse timestamp")
return &ProjectGrant{
return &management.ProjectGrant{
Id: grant.GrantID,
State: projectGrantStateFromModel(grant.State),
CreationDate: creationDate,
@@ -27,7 +30,7 @@ func projectGrantFromModel(grant *proj_model.ProjectGrant) *ProjectGrant {
}
}
func projectGrantCreateToModel(grant *ProjectGrantCreate) *proj_model.ProjectGrant {
func projectGrantCreateToModel(grant *management.ProjectGrantCreate) *proj_model.ProjectGrant {
return &proj_model.ProjectGrant{
ObjectRoot: models.ObjectRoot{
AggregateID: grant.ProjectId,
@@ -37,7 +40,7 @@ func projectGrantCreateToModel(grant *ProjectGrantCreate) *proj_model.ProjectGra
}
}
func projectGrantUpdateToModel(grant *ProjectGrantUpdate) *proj_model.ProjectGrant {
func projectGrantUpdateToModel(grant *management.ProjectGrantUpdate) *proj_model.ProjectGrant {
return &proj_model.ProjectGrant{
ObjectRoot: models.ObjectRoot{
AggregateID: grant.ProjectId,
@@ -47,7 +50,7 @@ func projectGrantUpdateToModel(grant *ProjectGrantUpdate) *proj_model.ProjectGra
}
}
func projectGrantSearchRequestsToModel(request *ProjectGrantSearchRequest) *proj_model.ProjectGrantViewSearchRequest {
func projectGrantSearchRequestsToModel(request *management.ProjectGrantSearchRequest) *proj_model.ProjectGrantViewSearchRequest {
return &proj_model.ProjectGrantViewSearchRequest{
Offset: request.Offset,
Limit: request.Limit,
@@ -55,7 +58,7 @@ func projectGrantSearchRequestsToModel(request *ProjectGrantSearchRequest) *proj
}
}
func projectGrantSearchQueriesToModel(projectId string, queries []*ProjectGrantSearchQuery) []*proj_model.ProjectGrantViewSearchQuery {
func projectGrantSearchQueriesToModel(projectId string, queries []*management.ProjectGrantSearchQuery) []*proj_model.ProjectGrantViewSearchQuery {
converted := make([]*proj_model.ProjectGrantViewSearchQuery, 0)
converted = append(converted, &proj_model.ProjectGrantViewSearchQuery{
Key: proj_model.GrantedProjectSearchKeyProjectID,
@@ -68,7 +71,7 @@ func projectGrantSearchQueriesToModel(projectId string, queries []*ProjectGrantS
return converted
}
func projectGrantSearchQueryToModel(query *ProjectGrantSearchQuery) *proj_model.ProjectGrantViewSearchQuery {
func projectGrantSearchQueryToModel(query *management.ProjectGrantSearchQuery) *proj_model.ProjectGrantViewSearchQuery {
return &proj_model.ProjectGrantViewSearchQuery{
Key: projectGrantViewSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -76,19 +79,19 @@ func projectGrantSearchQueryToModel(query *ProjectGrantSearchQuery) *proj_model.
}
}
func projectGrantViewSearchKeyToModel(key ProjectGrantSearchKey) proj_model.ProjectGrantViewSearchKey {
func projectGrantViewSearchKeyToModel(key management.ProjectGrantSearchKey) proj_model.ProjectGrantViewSearchKey {
switch key {
case ProjectGrantSearchKey_PROJECTGRANTSEARCHKEY_PROJECT_NAME:
case management.ProjectGrantSearchKey_PROJECTGRANTSEARCHKEY_PROJECT_NAME:
return proj_model.GrantedProjectSearchKeyProjectID
case ProjectGrantSearchKey_PROJECTGRANTSEARCHKEY_ROLE_KEY:
case management.ProjectGrantSearchKey_PROJECTGRANTSEARCHKEY_ROLE_KEY:
return proj_model.GrantedProjectSearchKeyRoleKeys
default:
return proj_model.GrantedProjectSearchKeyUnspecified
}
}
func projectGrantSearchResponseFromModel(response *proj_model.ProjectGrantViewSearchResponse) *ProjectGrantSearchResponse {
return &ProjectGrantSearchResponse{
func projectGrantSearchResponseFromModel(response *proj_model.ProjectGrantViewSearchResponse) *management.ProjectGrantSearchResponse {
return &management.ProjectGrantSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -96,22 +99,22 @@ func projectGrantSearchResponseFromModel(response *proj_model.ProjectGrantViewSe
}
}
func projectGrantsFromGrantedProjectModel(projects []*proj_model.ProjectGrantView) []*ProjectGrantView {
converted := make([]*ProjectGrantView, len(projects))
func projectGrantsFromGrantedProjectModel(projects []*proj_model.ProjectGrantView) []*management.ProjectGrantView {
converted := make([]*management.ProjectGrantView, len(projects))
for i, project := range projects {
converted[i] = projectGrantFromGrantedProjectModel(project)
}
return converted
}
func projectGrantFromGrantedProjectModel(project *proj_model.ProjectGrantView) *ProjectGrantView {
func projectGrantFromGrantedProjectModel(project *proj_model.ProjectGrantView) *management.ProjectGrantView {
creationDate, err := ptypes.TimestampProto(project.CreationDate)
logging.Log("GRPC-dlso3").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(project.ChangeDate)
logging.Log("GRPC-sope3").OnError(err).Debug("unable to parse timestamp")
return &ProjectGrantView{
return &management.ProjectGrantView{
ProjectId: project.ProjectID,
State: projectGrantStateFromProjectStateModel(project.State),
CreationDate: creationDate,
@@ -127,24 +130,24 @@ func projectGrantFromGrantedProjectModel(project *proj_model.ProjectGrantView) *
}
}
func projectGrantStateFromModel(state proj_model.ProjectGrantState) ProjectGrantState {
func projectGrantStateFromModel(state proj_model.ProjectGrantState) management.ProjectGrantState {
switch state {
case proj_model.ProjectGrantStateActive:
return ProjectGrantState_PROJECTGRANTSTATE_ACTIVE
return management.ProjectGrantState_PROJECTGRANTSTATE_ACTIVE
case proj_model.ProjectGrantStateInactive:
return ProjectGrantState_PROJECTGRANTSTATE_INACTIVE
return management.ProjectGrantState_PROJECTGRANTSTATE_INACTIVE
default:
return ProjectGrantState_PROJECTGRANTSTATE_UNSPECIFIED
return management.ProjectGrantState_PROJECTGRANTSTATE_UNSPECIFIED
}
}
func projectGrantStateFromProjectStateModel(state proj_model.ProjectState) ProjectGrantState {
func projectGrantStateFromProjectStateModel(state proj_model.ProjectState) management.ProjectGrantState {
switch state {
case proj_model.ProjectStateActive:
return ProjectGrantState_PROJECTGRANTSTATE_ACTIVE
return management.ProjectGrantState_PROJECTGRANTSTATE_ACTIVE
case proj_model.ProjectStateInactive:
return ProjectGrantState_PROJECTGRANTSTATE_INACTIVE
return management.ProjectGrantState_PROJECTGRANTSTATE_INACTIVE
default:
return ProjectGrantState_PROJECTGRANTSTATE_UNSPECIFIED
return management.ProjectGrantState_PROJECTGRANTSTATE_UNSPECIFIED
}
}

16
pkg/management/api/grpc/project_grant_member.go → internal/api/grpc/management/project_grant_member.go
View File

@@ -1,16 +1,18 @@
package grpc
package management
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) GetProjectGrantMemberRoles(ctx context.Context, _ *empty.Empty) (*ProjectGrantMemberRoles, error) {
return &ProjectGrantMemberRoles{Roles: s.project.GetProjectGrantMemberRoles()}, nil
func (s *Server) GetProjectGrantMemberRoles(ctx context.Context, _ *empty.Empty) (*management.ProjectGrantMemberRoles, error) {
return &management.ProjectGrantMemberRoles{Roles: s.project.GetProjectGrantMemberRoles()}, nil
}
func (s *Server) SearchProjectGrantMembers(ctx context.Context, in *ProjectGrantMemberSearchRequest) (*ProjectGrantMemberSearchResponse, error) {
func (s *Server) SearchProjectGrantMembers(ctx context.Context, in *management.ProjectGrantMemberSearchRequest) (*management.ProjectGrantMemberSearchResponse, error) {
response, err := s.project.SearchProjectGrantMembers(ctx, projectGrantMemberSearchRequestsToModel(in))
if err != nil {
return nil, err
@@ -18,7 +20,7 @@ func (s *Server) SearchProjectGrantMembers(ctx context.Context, in *ProjectGrant
return projectGrantMemberSearchResponseFromModel(response), nil
}
func (s *Server) AddProjectGrantMember(ctx context.Context, in *ProjectGrantMemberAdd) (*ProjectGrantMember, error) {
func (s *Server) AddProjectGrantMember(ctx context.Context, in *management.ProjectGrantMemberAdd) (*management.ProjectGrantMember, error) {
member, err := s.project.AddProjectGrantMember(ctx, projectGrantMemberAddToModel(in))
if err != nil {
return nil, err
@@ -26,7 +28,7 @@ func (s *Server) AddProjectGrantMember(ctx context.Context, in *ProjectGrantMemb
return projectGrantMemberFromModel(member), nil
}
func (s *Server) ChangeProjectGrantMember(ctx context.Context, in *ProjectGrantMemberChange) (*ProjectGrantMember, error) {
func (s *Server) ChangeProjectGrantMember(ctx context.Context, in *management.ProjectGrantMemberChange) (*management.ProjectGrantMember, error) {
member, err := s.project.ChangeProjectGrantMember(ctx, projectGrantMemberChangeToModel(in))
if err != nil {
return nil, err
@@ -34,7 +36,7 @@ func (s *Server) ChangeProjectGrantMember(ctx context.Context, in *ProjectGrantM
return projectGrantMemberFromModel(member), nil
}
func (s *Server) RemoveProjectGrantMember(ctx context.Context, in *ProjectGrantMemberRemove) (*empty.Empty, error) {
func (s *Server) RemoveProjectGrantMember(ctx context.Context, in *management.ProjectGrantMemberRemove) (*empty.Empty, error) {
err := s.project.RemoveProjectGrantMember(ctx, in.ProjectId, in.GrantId, in.UserId)
return &empty.Empty{}, err
}

42
pkg/management/api/grpc/project_grant_member_converter.go → internal/api/grpc/management/project_grant_member_converter.go
View File

@@ -1,20 +1,22 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/eventstore/models"
proj_model "github.com/caos/zitadel/internal/project/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func projectGrantMemberFromModel(member *proj_model.ProjectGrantMember) *ProjectGrantMember {
func projectGrantMemberFromModel(member *proj_model.ProjectGrantMember) *management.ProjectGrantMember {
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-7du3s").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-8duew").OnError(err).Debug("unable to parse timestamp")
return &ProjectGrantMember{
return &management.ProjectGrantMember{
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: member.Sequence,
@@ -23,7 +25,7 @@ func projectGrantMemberFromModel(member *proj_model.ProjectGrantMember) *Project
}
}
func projectGrantMemberAddToModel(member *ProjectGrantMemberAdd) *proj_model.ProjectGrantMember {
func projectGrantMemberAddToModel(member *management.ProjectGrantMemberAdd) *proj_model.ProjectGrantMember {
return &proj_model.ProjectGrantMember{
ObjectRoot: models.ObjectRoot{
AggregateID: member.ProjectId,
@@ -34,7 +36,7 @@ func projectGrantMemberAddToModel(member *ProjectGrantMemberAdd) *proj_model.Pro
}
}
func projectGrantMemberChangeToModel(member *ProjectGrantMemberChange) *proj_model.ProjectGrantMember {
func projectGrantMemberChangeToModel(member *management.ProjectGrantMemberChange) *proj_model.ProjectGrantMember {
return &proj_model.ProjectGrantMember{
ObjectRoot: models.ObjectRoot{
AggregateID: member.ProjectId,
@@ -45,7 +47,7 @@ func projectGrantMemberChangeToModel(member *ProjectGrantMemberChange) *proj_mod
}
}
func projectGrantMemberSearchRequestsToModel(role *ProjectGrantMemberSearchRequest) *proj_model.ProjectGrantMemberSearchRequest {
func projectGrantMemberSearchRequestsToModel(role *management.ProjectGrantMemberSearchRequest) *proj_model.ProjectGrantMemberSearchRequest {
return &proj_model.ProjectGrantMemberSearchRequest{
Offset: role.Offset,
Limit: role.Limit,
@@ -53,7 +55,7 @@ func projectGrantMemberSearchRequestsToModel(role *ProjectGrantMemberSearchReque
}
}
func projectGrantMemberSearchQueriesToModel(queries []*ProjectGrantMemberSearchQuery) []*proj_model.ProjectGrantMemberSearchQuery {
func projectGrantMemberSearchQueriesToModel(queries []*management.ProjectGrantMemberSearchQuery) []*proj_model.ProjectGrantMemberSearchQuery {
converted := make([]*proj_model.ProjectGrantMemberSearchQuery, len(queries))
for i, q := range queries {
converted[i] = projectGrantMemberSearchQueryToModel(q)
@@ -61,7 +63,7 @@ func projectGrantMemberSearchQueriesToModel(queries []*ProjectGrantMemberSearchQ
return converted
}
func projectGrantMemberSearchQueryToModel(query *ProjectGrantMemberSearchQuery) *proj_model.ProjectGrantMemberSearchQuery {
func projectGrantMemberSearchQueryToModel(query *management.ProjectGrantMemberSearchQuery) *proj_model.ProjectGrantMemberSearchQuery {
return &proj_model.ProjectGrantMemberSearchQuery{
Key: projectGrantMemberSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -69,23 +71,23 @@ func projectGrantMemberSearchQueryToModel(query *ProjectGrantMemberSearchQuery)
}
}
func projectGrantMemberSearchKeyToModel(key ProjectGrantMemberSearchKey) proj_model.ProjectGrantMemberSearchKey {
func projectGrantMemberSearchKeyToModel(key management.ProjectGrantMemberSearchKey) proj_model.ProjectGrantMemberSearchKey {
switch key {
case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_EMAIL:
case management.ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_EMAIL:
return proj_model.ProjectGrantMemberSearchKeyEmail
case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME:
case management.ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME:
return proj_model.ProjectGrantMemberSearchKeyFirstName
case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME:
case management.ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME:
return proj_model.ProjectGrantMemberSearchKeyLastName
case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_USER_NAME:
case management.ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_USER_NAME:
return proj_model.ProjectGrantMemberSearchKeyUserName
default:
return proj_model.ProjectGrantMemberSearchKeyUnspecified
}
}
func projectGrantMemberSearchResponseFromModel(response *proj_model.ProjectGrantMemberSearchResponse) *ProjectGrantMemberSearchResponse {
return &ProjectGrantMemberSearchResponse{
func projectGrantMemberSearchResponseFromModel(response *proj_model.ProjectGrantMemberSearchResponse) *management.ProjectGrantMemberSearchResponse {
return &management.ProjectGrantMemberSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -93,22 +95,22 @@ func projectGrantMemberSearchResponseFromModel(response *proj_model.ProjectGrant
}
}
func projectGrantMemberViewsFromModel(roles []*proj_model.ProjectGrantMemberView) []*ProjectGrantMemberView {
converted := make([]*ProjectGrantMemberView, len(roles))
func projectGrantMemberViewsFromModel(roles []*proj_model.ProjectGrantMemberView) []*management.ProjectGrantMemberView {
converted := make([]*management.ProjectGrantMemberView, len(roles))
for i, role := range roles {
converted[i] = projectGrantMemberViewFromModel(role)
}
return converted
}
func projectGrantMemberViewFromModel(member *proj_model.ProjectGrantMemberView) *ProjectGrantMemberView {
func projectGrantMemberViewFromModel(member *proj_model.ProjectGrantMemberView) *management.ProjectGrantMemberView {
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-los93").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-ski4e").OnError(err).Debug("unable to parse timestamp")
return &ProjectGrantMemberView{
return &management.ProjectGrantMemberView{
UserId: member.UserID,
UserName: member.UserName,
Email: member.Email,

17
pkg/management/api/grpc/project_member.go → internal/api/grpc/management/project_member.go
View File

@@ -1,15 +1,18 @@
package grpc
package management
import (
"context"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) GetProjectMemberRoles(ctx context.Context, _ *empty.Empty) (*ProjectMemberRoles, error) {
return &ProjectMemberRoles{Roles: s.project.GetProjectMemberRoles()}, nil
func (s *Server) GetProjectMemberRoles(ctx context.Context, _ *empty.Empty) (*management.ProjectMemberRoles, error) {
return &management.ProjectMemberRoles{Roles: s.project.GetProjectMemberRoles()}, nil
}
func (s *Server) SearchProjectMembers(ctx context.Context, in *ProjectMemberSearchRequest) (*ProjectMemberSearchResponse, error) {
func (s *Server) SearchProjectMembers(ctx context.Context, in *management.ProjectMemberSearchRequest) (*management.ProjectMemberSearchResponse, error) {
request := projectMemberSearchRequestsToModel(in)
request.AppendProjectQuery(in.ProjectId)
response, err := s.project.SearchProjectMembers(ctx, request)
@@ -19,7 +22,7 @@ func (s *Server) SearchProjectMembers(ctx context.Context, in *ProjectMemberSear
return projectMemberSearchResponseFromModel(response), nil
}
func (s *Server) AddProjectMember(ctx context.Context, in *ProjectMemberAdd) (*ProjectMember, error) {
func (s *Server) AddProjectMember(ctx context.Context, in *management.ProjectMemberAdd) (*management.ProjectMember, error) {
member, err := s.project.AddProjectMember(ctx, projectMemberAddToModel(in))
if err != nil {
return nil, err
@@ -27,7 +30,7 @@ func (s *Server) AddProjectMember(ctx context.Context, in *ProjectMemberAdd) (*P
return projectMemberFromModel(member), nil
}
func (s *Server) ChangeProjectMember(ctx context.Context, in *ProjectMemberChange) (*ProjectMember, error) {
func (s *Server) ChangeProjectMember(ctx context.Context, in *management.ProjectMemberChange) (*management.ProjectMember, error) {
member, err := s.project.ChangeProjectMember(ctx, projectMemberChangeToModel(in))
if err != nil {
return nil, err
@@ -35,7 +38,7 @@ func (s *Server) ChangeProjectMember(ctx context.Context, in *ProjectMemberChang
return projectMemberFromModel(member), nil
}
func (s *Server) RemoveProjectMember(ctx context.Context, in *ProjectMemberRemove) (*empty.Empty, error) {
func (s *Server) RemoveProjectMember(ctx context.Context, in *management.ProjectMemberRemove) (*empty.Empty, error) {
err := s.project.RemoveProjectMember(ctx, in.Id, in.UserId)
return &empty.Empty{}, err
}

42
pkg/management/api/grpc/project_member_converter.go → internal/api/grpc/management/project_member_converter.go
View File

@@ -1,20 +1,22 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/eventstore/models"
proj_model "github.com/caos/zitadel/internal/project/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func projectMemberFromModel(member *proj_model.ProjectMember) *ProjectMember {
func projectMemberFromModel(member *proj_model.ProjectMember) *management.ProjectMember {
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-kd8re").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-dlei3").OnError(err).Debug("unable to parse timestamp")
return &ProjectMember{
return &management.ProjectMember{
CreationDate: creationDate,
ChangeDate: changeDate,
Sequence: member.Sequence,
@@ -23,7 +25,7 @@ func projectMemberFromModel(member *proj_model.ProjectMember) *ProjectMember {
}
}
func projectMemberAddToModel(member *ProjectMemberAdd) *proj_model.ProjectMember {
func projectMemberAddToModel(member *management.ProjectMemberAdd) *proj_model.ProjectMember {
return &proj_model.ProjectMember{
ObjectRoot: models.ObjectRoot{
AggregateID: member.Id,
@@ -33,7 +35,7 @@ func projectMemberAddToModel(member *ProjectMemberAdd) *proj_model.ProjectMember
}
}
func projectMemberChangeToModel(member *ProjectMemberChange) *proj_model.ProjectMember {
func projectMemberChangeToModel(member *management.ProjectMemberChange) *proj_model.ProjectMember {
return &proj_model.ProjectMember{
ObjectRoot: models.ObjectRoot{
AggregateID: member.Id,
@@ -43,7 +45,7 @@ func projectMemberChangeToModel(member *ProjectMemberChange) *proj_model.Project
}
}
func projectMemberSearchRequestsToModel(role *ProjectMemberSearchRequest) *proj_model.ProjectMemberSearchRequest {
func projectMemberSearchRequestsToModel(role *management.ProjectMemberSearchRequest) *proj_model.ProjectMemberSearchRequest {
return &proj_model.ProjectMemberSearchRequest{
Offset: role.Offset,
Limit: role.Limit,
@@ -51,7 +53,7 @@ func projectMemberSearchRequestsToModel(role *ProjectMemberSearchRequest) *proj_
}
}
func projectMemberSearchQueriesToModel(queries []*ProjectMemberSearchQuery) []*proj_model.ProjectMemberSearchQuery {
func projectMemberSearchQueriesToModel(queries []*management.ProjectMemberSearchQuery) []*proj_model.ProjectMemberSearchQuery {
converted := make([]*proj_model.ProjectMemberSearchQuery, len(queries))
for i, q := range queries {
converted[i] = projectMemberSearchQueryToModel(q)
@@ -59,7 +61,7 @@ func projectMemberSearchQueriesToModel(queries []*ProjectMemberSearchQuery) []*p
return converted
}
func projectMemberSearchQueryToModel(query *ProjectMemberSearchQuery) *proj_model.ProjectMemberSearchQuery {
func projectMemberSearchQueryToModel(query *management.ProjectMemberSearchQuery) *proj_model.ProjectMemberSearchQuery {
return &proj_model.ProjectMemberSearchQuery{
Key: projectMemberSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -67,23 +69,23 @@ func projectMemberSearchQueryToModel(query *ProjectMemberSearchQuery) *proj_mode
}
}
func projectMemberSearchKeyToModel(key ProjectMemberSearchKey) proj_model.ProjectMemberSearchKey {
func projectMemberSearchKeyToModel(key management.ProjectMemberSearchKey) proj_model.ProjectMemberSearchKey {
switch key {
case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_EMAIL:
case management.ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_EMAIL:
return proj_model.ProjectMemberSearchKeyEmail
case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_FIRST_NAME:
case management.ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_FIRST_NAME:
return proj_model.ProjectMemberSearchKeyFirstName
case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_LAST_NAME:
case management.ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_LAST_NAME:
return proj_model.ProjectMemberSearchKeyLastName
case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_USER_NAME:
case management.ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_USER_NAME:
return proj_model.ProjectMemberSearchKeyUserName
default:
return proj_model.ProjectMemberSearchKeyUnspecified
}
}
func projectMemberSearchResponseFromModel(response *proj_model.ProjectMemberSearchResponse) *ProjectMemberSearchResponse {
return &ProjectMemberSearchResponse{
func projectMemberSearchResponseFromModel(response *proj_model.ProjectMemberSearchResponse) *management.ProjectMemberSearchResponse {
return &management.ProjectMemberSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -91,22 +93,22 @@ func projectMemberSearchResponseFromModel(response *proj_model.ProjectMemberSear
}
}
func projectMemberViewsFromModel(members []*proj_model.ProjectMemberView) []*ProjectMemberView {
converted := make([]*ProjectMemberView, len(members))
func projectMemberViewsFromModel(members []*proj_model.ProjectMemberView) []*management.ProjectMemberView {
converted := make([]*management.ProjectMemberView, len(members))
for i, member := range members {
converted[i] = projectMemberViewFromModel(member)
}
return converted
}
func projectMemberViewFromModel(member *proj_model.ProjectMemberView) *ProjectMemberView {
func projectMemberViewFromModel(member *proj_model.ProjectMemberView) *management.ProjectMemberView {
creationDate, err := ptypes.TimestampProto(member.CreationDate)
logging.Log("GRPC-sl9cs").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(member.ChangeDate)
logging.Log("GRPC-8iw2d").OnError(err).Debug("unable to parse timestamp")
return &ProjectMemberView{
return &management.ProjectMemberView{
UserId: member.UserID,
UserName: member.UserName,
Email: member.Email,

31
internal/api/grpc/management/search_converter.go Normal file
View File

@@ -0,0 +1,31 @@
package management
import (
"github.com/caos/zitadel/internal/model"
"github.com/caos/zitadel/pkg/grpc/management"
)
func searchMethodToModel(method management.SearchMethod) model.SearchMethod {
switch method {
case management.SearchMethod_SEARCHMETHOD_EQUALS:
return model.SearchMethodEquals
case management.SearchMethod_SEARCHMETHOD_CONTAINS:
return model.SearchMethodContains
case management.SearchMethod_SEARCHMETHOD_STARTS_WITH:
return model.SearchMethodStartsWith
case management.SearchMethod_SEARCHMETHOD_EQUALS_IGNORE_CASE:
return model.SearchMethodEqualsIgnoreCase
case management.SearchMethod_SEARCHMETHOD_CONTAINS_IGNORE_CASE:
return model.SearchMethodContainsIgnoreCase
case management.SearchMethod_SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
return model.SearchMethodStartsWithIgnoreCase
case management.SearchMethod_SEARCHMETHOD_NOT_EQUALS:
return model.SearchMethodNotEquals
case management.SearchMethod_SEARCHMETHOD_IS_ONE_OF:
return model.SearchMethodIsOneOf
case management.SearchMethod_SEARCHMETHOD_LIST_CONTAINS:
return model.SearchMethodListContains
default:
return model.SearchMethodEquals
}
}

69
internal/api/grpc/management/server.go Normal file
View File

@@ -0,0 +1,69 @@
package management
import (
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/api/grpc/server"
"github.com/caos/zitadel/internal/config/systemdefaults"
"github.com/caos/zitadel/internal/management/repository"
"github.com/caos/zitadel/internal/management/repository/eventsourcing"
"github.com/caos/zitadel/pkg/grpc/management"
)
const (
mgmtName = "Management-API"
)
var _ management.ManagementServiceServer = (*Server)(nil)
type Server struct {
project repository.ProjectRepository
policy repository.PolicyRepository
org repository.OrgRepository
user repository.UserRepository
usergrant repository.UserGrantRepository
iam repository.IamRepository
authZ authz.Config
systemDefaults systemdefaults.SystemDefaults
}
type Config struct {
Repository eventsourcing.Config
}
func CreateServer(repo repository.Repository, sd systemdefaults.SystemDefaults) *Server {
return &Server{
project: repo,
policy: repo,
org: repo,
user: repo,
usergrant: repo,
iam: repo,
systemDefaults: sd,
}
}
func (s *Server) RegisterServer(grpcServer *grpc.Server) {
management.RegisterManagementServiceServer(grpcServer, s)
}
func (s *Server) AppName() string {
return mgmtName
}
func (s *Server) MethodPrefix() string {
return management.ManagementService_MethodPrefix
}
func (s *Server) AuthMethods() authz.MethodMapping {
return management.ManagementService_AuthMethods
}
func (s *Server) RegisterGateway() server.GatewayFunc {
return management.RegisterManagementServiceHandlerFromEndpoint
}
func (s *Server) GatewayPathPrefix() string {
return "/mgmt/v1"
}

67
pkg/management/api/grpc/user.go → internal/api/grpc/management/user.go
View File

@@ -1,15 +1,17 @@
package grpc
package management
import (
"context"
"github.com/caos/zitadel/internal/api"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/errors"
"github.com/golang/protobuf/ptypes/empty"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/api/http"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) GetUserByID(ctx context.Context, id *UserID) (*UserView, error) {
func (s *Server) GetUserByID(ctx context.Context, id *management.UserID) (*management.UserView, error) {
user, err := s.user.UserByID(ctx, id.Id)
if err != nil {
return nil, err
@@ -17,7 +19,7 @@ func (s *Server) GetUserByID(ctx context.Context, id *UserID) (*UserView, error)
return userViewFromModel(user), nil
}
func (s *Server) GetUserByEmailGlobal(ctx context.Context, email *Email) (*UserView, error) {
func (s *Server) GetUserByEmailGlobal(ctx context.Context, email *management.Email) (*management.UserView, error) {
user, err := s.user.GetGlobalUserByEmail(ctx, email.Email)
if err != nil {
return nil, err
@@ -25,9 +27,9 @@ func (s *Server) GetUserByEmailGlobal(ctx context.Context, email *Email) (*UserV
return userViewFromModel(user), nil
}
func (s *Server) SearchUsers(ctx context.Context, in *UserSearchRequest) (*UserSearchResponse, error) {
func (s *Server) SearchUsers(ctx context.Context, in *management.UserSearchRequest) (*management.UserSearchResponse, error) {
request := userSearchRequestsToModel(in)
orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)
orgID := grpc_util.GetHeader(ctx, http.ZitadelOrgID)
request.AppendMyOrgQuery(orgID)
response, err := s.user.SearchUsers(ctx, request)
if err != nil {
@@ -36,7 +38,7 @@ func (s *Server) SearchUsers(ctx context.Context, in *UserSearchRequest) (*UserS
return userSearchResponseFromModel(response), nil
}
func (s *Server) UserChanges(ctx context.Context, changesRequest *ChangeRequest) (*Changes, error) {
func (s *Server) UserChanges(ctx context.Context, changesRequest *management.ChangeRequest) (*management.Changes, error) {
response, err := s.user.UserChanges(ctx, changesRequest.Id, changesRequest.SequenceOffset, changesRequest.Limit, changesRequest.Asc)
if err != nil {
return nil, err
@@ -44,15 +46,15 @@ func (s *Server) UserChanges(ctx context.Context, changesRequest *ChangeRequest)
return userChangesToResponse(response, changesRequest.GetSequenceOffset(), changesRequest.GetLimit()), nil
}
func (s *Server) IsUserUnique(ctx context.Context, request *UniqueUserRequest) (*UniqueUserResponse, error) {
func (s *Server) IsUserUnique(ctx context.Context, request *management.UniqueUserRequest) (*management.UniqueUserResponse, error) {
unique, err := s.user.IsUserUnique(ctx, request.UserName, request.Email)
if err != nil {
return nil, err
}
return &UniqueUserResponse{IsUnique: unique}, nil
return &management.UniqueUserResponse{IsUnique: unique}, nil
}
func (s *Server) CreateUser(ctx context.Context, in *CreateUserRequest) (*User, error) {
func (s *Server) CreateUser(ctx context.Context, in *management.CreateUserRequest) (*management.User, error) {
user, err := s.user.CreateUser(ctx, userCreateToModel(in))
if err != nil {
return nil, err
@@ -60,7 +62,7 @@ func (s *Server) CreateUser(ctx context.Context, in *CreateUserRequest) (*User,
return userFromModel(user), nil
}
func (s *Server) DeactivateUser(ctx context.Context, in *UserID) (*User, error) {
func (s *Server) DeactivateUser(ctx context.Context, in *management.UserID) (*management.User, error) {
user, err := s.user.DeactivateUser(ctx, in.Id)
if err != nil {
return nil, err
@@ -68,7 +70,7 @@ func (s *Server) DeactivateUser(ctx context.Context, in *UserID) (*User, error)
return userFromModel(user), nil
}
func (s *Server) ReactivateUser(ctx context.Context, in *UserID) (*User, error) {
func (s *Server) ReactivateUser(ctx context.Context, in *management.UserID) (*management.User, error) {
user, err := s.user.ReactivateUser(ctx, in.Id)
if err != nil {
return nil, err
@@ -76,7 +78,7 @@ func (s *Server) ReactivateUser(ctx context.Context, in *UserID) (*User, error)
return userFromModel(user), nil
}
func (s *Server) LockUser(ctx context.Context, in *UserID) (*User, error) {
func (s *Server) LockUser(ctx context.Context, in *management.UserID) (*management.User, error) {
user, err := s.user.LockUser(ctx, in.Id)
if err != nil {
return nil, err
@@ -84,7 +86,7 @@ func (s *Server) LockUser(ctx context.Context, in *UserID) (*User, error) {
return userFromModel(user), nil
}
func (s *Server) UnlockUser(ctx context.Context, in *UserID) (*User, error) {
func (s *Server) UnlockUser(ctx context.Context, in *management.UserID) (*management.User, error) {
user, err := s.user.UnlockUser(ctx, in.Id)
if err != nil {
return nil, err
@@ -92,11 +94,11 @@ func (s *Server) UnlockUser(ctx context.Context, in *UserID) (*User, error) {
return userFromModel(user), nil
}
func (s *Server) DeleteUser(ctx context.Context, in *UserID) (*empty.Empty, error) {
func (s *Server) DeleteUser(ctx context.Context, in *management.UserID) (*empty.Empty, error) {
return nil, errors.ThrowUnimplemented(nil, "GRPC-as4fg", "Not implemented")
}
func (s *Server) GetUserProfile(ctx context.Context, in *UserID) (*UserProfileView, error) {
func (s *Server) GetUserProfile(ctx context.Context, in *management.UserID) (*management.UserProfileView, error) {
profile, err := s.user.ProfileByID(ctx, in.Id)
if err != nil {
return nil, err
@@ -104,7 +106,7 @@ func (s *Server) GetUserProfile(ctx context.Context, in *UserID) (*UserProfileVi
return profileViewFromModel(profile), nil
}
func (s *Server) UpdateUserProfile(ctx context.Context, request *UpdateUserProfileRequest) (*UserProfile, error) {
func (s *Server) UpdateUserProfile(ctx context.Context, request *management.UpdateUserProfileRequest) (*management.UserProfile, error) {
profile, err := s.user.ChangeProfile(ctx, updateProfileToModel(request))
if err != nil {
return nil, err
@@ -112,7 +114,7 @@ func (s *Server) UpdateUserProfile(ctx context.Context, request *UpdateUserProfi
return profileFromModel(profile), nil
}
func (s *Server) GetUserEmail(ctx context.Context, in *UserID) (*UserEmailView, error) {
func (s *Server) GetUserEmail(ctx context.Context, in *management.UserID) (*management.UserEmailView, error) {
email, err := s.user.EmailByID(ctx, in.Id)
if err != nil {
return nil, err
@@ -120,7 +122,7 @@ func (s *Server) GetUserEmail(ctx context.Context, in *UserID) (*UserEmailView,
return emailViewFromModel(email), nil
}
func (s *Server) ChangeUserEmail(ctx context.Context, request *UpdateUserEmailRequest) (*UserEmail, error) {
func (s *Server) ChangeUserEmail(ctx context.Context, request *management.UpdateUserEmailRequest) (*management.UserEmail, error) {
email, err := s.user.ChangeEmail(ctx, updateEmailToModel(request))
if err != nil {
return nil, err
@@ -128,12 +130,12 @@ func (s *Server) ChangeUserEmail(ctx context.Context, request *UpdateUserEmailRe
return emailFromModel(email), nil
}
func (s *Server) ResendEmailVerificationMail(ctx context.Context, in *UserID) (*empty.Empty, error) {
func (s *Server) ResendEmailVerificationMail(ctx context.Context, in *management.UserID) (*empty.Empty, error) {
err := s.user.CreateEmailVerificationCode(ctx, in.Id)
return &empty.Empty{}, err
}
func (s *Server) GetUserPhone(ctx context.Context, in *UserID) (*UserPhoneView, error) {
func (s *Server) GetUserPhone(ctx context.Context, in *management.UserID) (*management.UserPhoneView, error) {
phone, err := s.user.PhoneByID(ctx, in.Id)
if err != nil {
return nil, err
@@ -141,7 +143,7 @@ func (s *Server) GetUserPhone(ctx context.Context, in *UserID) (*UserPhoneView,
return phoneViewFromModel(phone), nil
}
func (s *Server) ChangeUserPhone(ctx context.Context, request *UpdateUserPhoneRequest) (*UserPhone, error) {
func (s *Server) ChangeUserPhone(ctx context.Context, request *management.UpdateUserPhoneRequest) (*management.UserPhone, error) {
phone, err := s.user.ChangePhone(ctx, updatePhoneToModel(request))
if err != nil {
return nil, err
@@ -149,16 +151,17 @@ func (s *Server) ChangeUserPhone(ctx context.Context, request *UpdateUserPhoneRe
return phoneFromModel(phone), nil
}
func (s *Server) RemoveUserPhone(ctx context.Context, userID *UserID) (*empty.Empty, error) {
func (s *Server) RemoveUserPhone(ctx context.Context, userID *management.UserID) (*empty.Empty, error) {
err := s.user.RemovePhone(ctx, userID.Id)
return &empty.Empty{}, err
}
func (s *Server) ResendPhoneVerificationCode(ctx context.Context, in *UserID) (*empty.Empty, error) {
func (s *Server) ResendPhoneVerificationCode(ctx context.Context, in *management.UserID) (*empty.Empty, error) {
err := s.user.CreatePhoneVerificationCode(ctx, in.Id)
return &empty.Empty{}, err
}
func (s *Server) GetUserAddress(ctx context.Context, in *UserID) (*UserAddressView, error) {
func (s *Server) GetUserAddress(ctx context.Context, in *management.UserID) (*management.UserAddressView, error) {
address, err := s.user.AddressByID(ctx, in.Id)
if err != nil {
return nil, err
@@ -166,7 +169,7 @@ func (s *Server) GetUserAddress(ctx context.Context, in *UserID) (*UserAddressVi
return addressViewFromModel(address), nil
}
func (s *Server) UpdateUserAddress(ctx context.Context, request *UpdateUserAddressRequest) (*UserAddress, error) {
func (s *Server) UpdateUserAddress(ctx context.Context, request *management.UpdateUserAddressRequest) (*management.UserAddress, error) {
address, err := s.user.ChangeAddress(ctx, updateAddressToModel(request))
if err != nil {
return nil, err
@@ -174,20 +177,20 @@ func (s *Server) UpdateUserAddress(ctx context.Context, request *UpdateUserAddre
return addressFromModel(address), nil
}
func (s *Server) SendSetPasswordNotification(ctx context.Context, request *SetPasswordNotificationRequest) (*empty.Empty, error) {
func (s *Server) SendSetPasswordNotification(ctx context.Context, request *management.SetPasswordNotificationRequest) (*empty.Empty, error) {
err := s.user.RequestSetPassword(ctx, request.Id, notifyTypeToModel(request.Type))
return &empty.Empty{}, err
}
func (s *Server) SetInitialPassword(ctx context.Context, request *PasswordRequest) (*empty.Empty, error) {
func (s *Server) SetInitialPassword(ctx context.Context, request *management.PasswordRequest) (*empty.Empty, error) {
_, err := s.user.SetOneTimePassword(ctx, passwordRequestToModel(request))
return &empty.Empty{}, err
}
func (s *Server) GetUserMfas(ctx context.Context, userID *UserID) (*MultiFactors, error) {
func (s *Server) GetUserMfas(ctx context.Context, userID *management.UserID) (*management.MultiFactors, error) {
mfas, err := s.user.UserMfas(ctx, userID.Id)
if err != nil {
return nil, err
}
return &MultiFactors{Mfas: mfasFromModel(mfas)}, nil
return &management.MultiFactors{Mfas: mfasFromModel(mfas)}, nil
}

165
pkg/management/api/grpc/user_converter.go → internal/api/grpc/management/user_converter.go
View File

@@ -1,27 +1,28 @@
package grpc
package management
import (
"encoding/json"
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/message"
"github.com/golang/protobuf/ptypes"
"golang.org/x/text/language"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/types/known/structpb"
"github.com/caos/zitadel/internal/eventstore/models"
usr_model "github.com/caos/zitadel/internal/user/model"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/caos/zitadel/pkg/grpc/message"
)
func userFromModel(user *usr_model.User) *User {
func userFromModel(user *usr_model.User) *management.User {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-8duwe").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(user.ChangeDate)
logging.Log("GRPC-ckoe3d").OnError(err).Debug("unable to parse timestamp")
converted := &User{
converted := &management.User{
Id: user.AggregateID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
@@ -53,7 +54,7 @@ func userFromModel(user *usr_model.User) *User {
return converted
}
func userCreateToModel(u *CreateUserRequest) *usr_model.User {
func userCreateToModel(u *management.CreateUserRequest) *usr_model.User {
preferredLanguage, err := language.Parse(u.PreferredLanguage)
logging.Log("GRPC-cK5k2").OnError(err).Debug("language malformed")
@@ -87,14 +88,14 @@ func userCreateToModel(u *CreateUserRequest) *usr_model.User {
return user
}
func passwordRequestToModel(r *PasswordRequest) *usr_model.Password {
func passwordRequestToModel(r *management.PasswordRequest) *usr_model.Password {
return &usr_model.Password{
ObjectRoot: models.ObjectRoot{AggregateID: r.Id},
SecretString: r.Password,
}
}
func userSearchRequestsToModel(project *UserSearchRequest) *usr_model.UserSearchRequest {
func userSearchRequestsToModel(project *management.UserSearchRequest) *usr_model.UserSearchRequest {
return &usr_model.UserSearchRequest{
Offset: project.Offset,
Limit: project.Limit,
@@ -102,7 +103,7 @@ func userSearchRequestsToModel(project *UserSearchRequest) *usr_model.UserSearch
}
}
func userSearchQueriesToModel(queries []*UserSearchQuery) []*usr_model.UserSearchQuery {
func userSearchQueriesToModel(queries []*management.UserSearchQuery) []*usr_model.UserSearchQuery {
converted := make([]*usr_model.UserSearchQuery, len(queries))
for i, q := range queries {
converted[i] = userSearchQueryToModel(q)
@@ -110,7 +111,7 @@ func userSearchQueriesToModel(queries []*UserSearchQuery) []*usr_model.UserSearc
return converted
}
func userSearchQueryToModel(query *UserSearchQuery) *usr_model.UserSearchQuery {
func userSearchQueryToModel(query *management.UserSearchQuery) *usr_model.UserSearchQuery {
return &usr_model.UserSearchQuery{
Key: userSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -118,35 +119,35 @@ func userSearchQueryToModel(query *UserSearchQuery) *usr_model.UserSearchQuery {
}
}
func userSearchKeyToModel(key UserSearchKey) usr_model.UserSearchKey {
func userSearchKeyToModel(key management.UserSearchKey) usr_model.UserSearchKey {
switch key {
case UserSearchKey_USERSEARCHKEY_USER_NAME:
case management.UserSearchKey_USERSEARCHKEY_USER_NAME:
return usr_model.UserSearchKeyUserName
case UserSearchKey_USERSEARCHKEY_FIRST_NAME:
case management.UserSearchKey_USERSEARCHKEY_FIRST_NAME:
return usr_model.UserSearchKeyFirstName
case UserSearchKey_USERSEARCHKEY_LAST_NAME:
case management.UserSearchKey_USERSEARCHKEY_LAST_NAME:
return usr_model.UserSearchKeyLastName
case UserSearchKey_USERSEARCHKEY_NICK_NAME:
case management.UserSearchKey_USERSEARCHKEY_NICK_NAME:
return usr_model.UserSearchKeyNickName
case UserSearchKey_USERSEARCHKEY_DISPLAY_NAME:
case management.UserSearchKey_USERSEARCHKEY_DISPLAY_NAME:
return usr_model.UserSearchKeyDisplayName
case UserSearchKey_USERSEARCHKEY_EMAIL:
case management.UserSearchKey_USERSEARCHKEY_EMAIL:
return usr_model.UserSearchKeyEmail
case UserSearchKey_USERSEARCHKEY_STATE:
case management.UserSearchKey_USERSEARCHKEY_STATE:
return usr_model.UserSearchKeyState
default:
return usr_model.UserSearchKeyUnspecified
}
}
func profileFromModel(profile *usr_model.Profile) *UserProfile {
func profileFromModel(profile *usr_model.Profile) *management.UserProfile {
creationDate, err := ptypes.TimestampProto(profile.CreationDate)
logging.Log("GRPC-dkso3").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(profile.ChangeDate)
logging.Log("GRPC-ski8d").OnError(err).Debug("unable to parse timestamp")
return &UserProfile{
return &management.UserProfile{
Id: profile.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -161,14 +162,14 @@ func profileFromModel(profile *usr_model.Profile) *UserProfile {
}
}
func profileViewFromModel(profile *usr_model.Profile) *UserProfileView {
func profileViewFromModel(profile *usr_model.Profile) *management.UserProfileView {
creationDate, err := ptypes.TimestampProto(profile.CreationDate)
logging.Log("GRPC-sk8sk").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(profile.ChangeDate)
logging.Log("GRPC-s30Ks'").OnError(err).Debug("unable to parse timestamp")
return &UserProfileView{
return &management.UserProfileView{
Id: profile.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -185,7 +186,7 @@ func profileViewFromModel(profile *usr_model.Profile) *UserProfileView {
}
}
func updateProfileToModel(u *UpdateUserProfileRequest) *usr_model.Profile {
func updateProfileToModel(u *management.UpdateUserProfileRequest) *usr_model.Profile {
preferredLanguage, err := language.Parse(u.PreferredLanguage)
logging.Log("GRPC-d8k2s").OnError(err).Debug("language malformed")
@@ -199,14 +200,14 @@ func updateProfileToModel(u *UpdateUserProfileRequest) *usr_model.Profile {
}
}
func emailFromModel(email *usr_model.Email) *UserEmail {
func emailFromModel(email *usr_model.Email) *management.UserEmail {
creationDate, err := ptypes.TimestampProto(email.CreationDate)
logging.Log("GRPC-d9ow2").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(email.ChangeDate)
logging.Log("GRPC-s0dkw").OnError(err).Debug("unable to parse timestamp")
return &UserEmail{
return &management.UserEmail{
Id: email.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -216,14 +217,14 @@ func emailFromModel(email *usr_model.Email) *UserEmail {
}
}
func emailViewFromModel(email *usr_model.Email) *UserEmailView {
func emailViewFromModel(email *usr_model.Email) *management.UserEmailView {
creationDate, err := ptypes.TimestampProto(email.CreationDate)
logging.Log("GRPC-sKefs").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(email.ChangeDate)
logging.Log("GRPC-0isjD").OnError(err).Debug("unable to parse timestamp")
return &UserEmailView{
return &management.UserEmailView{
Id: email.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -233,7 +234,7 @@ func emailViewFromModel(email *usr_model.Email) *UserEmailView {
}
}
func updateEmailToModel(e *UpdateUserEmailRequest) *usr_model.Email {
func updateEmailToModel(e *management.UpdateUserEmailRequest) *usr_model.Email {
return &usr_model.Email{
ObjectRoot: models.ObjectRoot{AggregateID: e.Id},
EmailAddress: e.Email,
@@ -241,14 +242,14 @@ func updateEmailToModel(e *UpdateUserEmailRequest) *usr_model.Email {
}
}
func phoneFromModel(phone *usr_model.Phone) *UserPhone {
func phoneFromModel(phone *usr_model.Phone) *management.UserPhone {
creationDate, err := ptypes.TimestampProto(phone.CreationDate)
logging.Log("GRPC-ps9ws").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(phone.ChangeDate)
logging.Log("GRPC-09ewq").OnError(err).Debug("unable to parse timestamp")
return &UserPhone{
return &management.UserPhone{
Id: phone.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -258,14 +259,14 @@ func phoneFromModel(phone *usr_model.Phone) *UserPhone {
}
}
func phoneViewFromModel(phone *usr_model.Phone) *UserPhoneView {
func phoneViewFromModel(phone *usr_model.Phone) *management.UserPhoneView {
creationDate, err := ptypes.TimestampProto(phone.CreationDate)
logging.Log("GRPC-6gSj").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(phone.ChangeDate)
logging.Log("GRPC-lKs8f").OnError(err).Debug("unable to parse timestamp")
return &UserPhoneView{
return &management.UserPhoneView{
Id: phone.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -274,7 +275,7 @@ func phoneViewFromModel(phone *usr_model.Phone) *UserPhoneView {
IsPhoneVerified: phone.IsPhoneVerified,
}
}
func updatePhoneToModel(e *UpdateUserPhoneRequest) *usr_model.Phone {
func updatePhoneToModel(e *management.UpdateUserPhoneRequest) *usr_model.Phone {
return &usr_model.Phone{
ObjectRoot: models.ObjectRoot{AggregateID: e.Id},
PhoneNumber: e.Phone,
@@ -282,14 +283,14 @@ func updatePhoneToModel(e *UpdateUserPhoneRequest) *usr_model.Phone {
}
}
func addressFromModel(address *usr_model.Address) *UserAddress {
func addressFromModel(address *usr_model.Address) *management.UserAddress {
creationDate, err := ptypes.TimestampProto(address.CreationDate)
logging.Log("GRPC-ud8w7").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(address.ChangeDate)
logging.Log("GRPC-si9ws").OnError(err).Debug("unable to parse timestamp")
return &UserAddress{
return &management.UserAddress{
Id: address.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -302,14 +303,14 @@ func addressFromModel(address *usr_model.Address) *UserAddress {
}
}
func addressViewFromModel(address *usr_model.Address) *UserAddressView {
func addressViewFromModel(address *usr_model.Address) *management.UserAddressView {
creationDate, err := ptypes.TimestampProto(address.CreationDate)
logging.Log("GRPC-67stC").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(address.ChangeDate)
logging.Log("GRPC-0jSfs").OnError(err).Debug("unable to parse timestamp")
return &UserAddressView{
return &management.UserAddressView{
Id: address.AggregateID,
CreationDate: creationDate,
ChangeDate: changeDate,
@@ -322,7 +323,7 @@ func addressViewFromModel(address *usr_model.Address) *UserAddressView {
}
}
func updateAddressToModel(address *UpdateUserAddressRequest) *usr_model.Address {
func updateAddressToModel(address *management.UpdateUserAddressRequest) *usr_model.Address {
return &usr_model.Address{
ObjectRoot: models.ObjectRoot{AggregateID: address.Id},
Country: address.Country,
@@ -333,8 +334,8 @@ func updateAddressToModel(address *UpdateUserAddressRequest) *usr_model.Address
}
}
func userSearchResponseFromModel(response *usr_model.UserSearchResponse) *UserSearchResponse {
return &UserSearchResponse{
func userSearchResponseFromModel(response *usr_model.UserSearchResponse) *management.UserSearchResponse {
return &management.UserSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -342,15 +343,15 @@ func userSearchResponseFromModel(response *usr_model.UserSearchResponse) *UserSe
}
}
func userViewsFromModel(users []*usr_model.UserView) []*UserView {
converted := make([]*UserView, len(users))
func userViewsFromModel(users []*usr_model.UserView) []*management.UserView {
converted := make([]*management.UserView, len(users))
for i, user := range users {
converted[i] = userViewFromModel(user)
}
return converted
}
func userViewFromModel(user *usr_model.UserView) *UserView {
func userViewFromModel(user *usr_model.UserView) *management.UserView {
creationDate, err := ptypes.TimestampProto(user.CreationDate)
logging.Log("GRPC-dl9we").OnError(err).Debug("unable to parse timestamp")
@@ -363,7 +364,7 @@ func userViewFromModel(user *usr_model.UserView) *UserView {
passwordChanged, err := ptypes.TimestampProto(user.PasswordChanged)
logging.Log("GRPC-dl9ws").OnError(err).Debug("unable to parse timestamp")
return &UserView{
return &management.UserView{
Id: user.ID,
State: userStateFromModel(user.State),
CreationDate: creationDate,
@@ -393,107 +394,107 @@ func userViewFromModel(user *usr_model.UserView) *UserView {
}
}
func mfasFromModel(mfas []*usr_model.MultiFactor) []*MultiFactor {
converted := make([]*MultiFactor, len(mfas))
func mfasFromModel(mfas []*usr_model.MultiFactor) []*management.MultiFactor {
converted := make([]*management.MultiFactor, len(mfas))
for i, mfa := range mfas {
converted[i] = mfaFromModel(mfa)
}
return converted
}
func mfaFromModel(mfa *usr_model.MultiFactor) *MultiFactor {
return &MultiFactor{
func mfaFromModel(mfa *usr_model.MultiFactor) *management.MultiFactor {
return &management.MultiFactor{
State: mfaStateFromModel(mfa.State),
Type: mfaTypeFromModel(mfa.Type),
}
}
func notifyTypeToModel(state NotificationType) usr_model.NotificationType {
func notifyTypeToModel(state management.NotificationType) usr_model.NotificationType {
switch state {
case NotificationType_NOTIFICATIONTYPE_EMAIL:
case management.NotificationType_NOTIFICATIONTYPE_EMAIL:
return usr_model.NotificationTypeEmail
case NotificationType_NOTIFICATIONTYPE_SMS:
case management.NotificationType_NOTIFICATIONTYPE_SMS:
return usr_model.NotificationTypeSms
default:
return usr_model.NotificationTypeEmail
}
}
func userStateFromModel(state usr_model.UserState) UserState {
func userStateFromModel(state usr_model.UserState) management.UserState {
switch state {
case usr_model.UserStateActive:
return UserState_USERSTATE_ACTIVE
return management.UserState_USERSTATE_ACTIVE
case usr_model.UserStateInactive:
return UserState_USERSTATE_INACTIVE
return management.UserState_USERSTATE_INACTIVE
case usr_model.UserStateLocked:
return UserState_USERSTATE_LOCKED
return management.UserState_USERSTATE_LOCKED
case usr_model.UserStateInitial:
return UserState_USERSTATE_INITIAL
return management.UserState_USERSTATE_INITIAL
case usr_model.UserStateSuspend:
return UserState_USERSTATE_SUSPEND
return management.UserState_USERSTATE_SUSPEND
default:
return UserState_USERSTATE_UNSPECIFIED
return management.UserState_USERSTATE_UNSPECIFIED
}
}
func genderFromModel(gender usr_model.Gender) Gender {
func genderFromModel(gender usr_model.Gender) management.Gender {
switch gender {
case usr_model.GenderFemale:
return Gender_GENDER_FEMALE
return management.Gender_GENDER_FEMALE
case usr_model.GenderMale:
return Gender_GENDER_MALE
return management.Gender_GENDER_MALE
case usr_model.GenderDiverse:
return Gender_GENDER_DIVERSE
return management.Gender_GENDER_DIVERSE
default:
return Gender_GENDER_UNSPECIFIED
return management.Gender_GENDER_UNSPECIFIED
}
}
func genderToModel(gender Gender) usr_model.Gender {
func genderToModel(gender management.Gender) usr_model.Gender {
switch gender {
case Gender_GENDER_FEMALE:
case management.Gender_GENDER_FEMALE:
return usr_model.GenderFemale
case Gender_GENDER_MALE:
case management.Gender_GENDER_MALE:
return usr_model.GenderMale
case Gender_GENDER_DIVERSE:
case management.Gender_GENDER_DIVERSE:
return usr_model.GenderDiverse
default:
return usr_model.GenderUnspecified
}
}
func mfaTypeFromModel(mfatype usr_model.MfaType) MfaType {
func mfaTypeFromModel(mfatype usr_model.MfaType) management.MfaType {
switch mfatype {
case usr_model.MfaTypeOTP:
return MfaType_MFATYPE_OTP
return management.MfaType_MFATYPE_OTP
case usr_model.MfaTypeSMS:
return MfaType_MFATYPE_SMS
return management.MfaType_MFATYPE_SMS
default:
return MfaType_MFATYPE_UNSPECIFIED
return management.MfaType_MFATYPE_UNSPECIFIED
}
}
func mfaStateFromModel(state usr_model.MfaState) MFAState {
func mfaStateFromModel(state usr_model.MfaState) management.MFAState {
switch state {
case usr_model.MfaStateReady:
return MFAState_MFASTATE_READY
return management.MFAState_MFASTATE_READY
case usr_model.MfaStateNotReady:
return MFAState_MFASTATE_NOT_READY
return management.MFAState_MFASTATE_NOT_READY
default:
return MFAState_MFASTATE_UNSPECIFIED
return management.MFAState_MFASTATE_UNSPECIFIED
}
}
func userChangesToResponse(response *usr_model.UserChanges, offset uint64, limit uint64) (_ *Changes) {
return &Changes{
func userChangesToResponse(response *usr_model.UserChanges, offset uint64, limit uint64) (_ *management.Changes) {
return &management.Changes{
Limit: limit,
Offset: offset,
Changes: userChangesToMgtAPI(response),
}
}
func userChangesToMgtAPI(changes *usr_model.UserChanges) (_ []*Change) {
result := make([]*Change, len(changes.Changes))
func userChangesToMgtAPI(changes *usr_model.UserChanges) (_ []*management.Change) {
result := make([]*management.Change, len(changes.Changes))
for i, change := range changes.Changes {
var data *structpb.Struct
@@ -504,7 +505,7 @@ func userChangesToMgtAPI(changes *usr_model.UserChanges) (_ []*Change) {
logging.Log("GRPC-a7F54").OnError(err).Debug("unable to marshal changed data to struct")
}
result[i] = &Change{
result[i] = &management.Change{
ChangeDate: change.ChangeDate,
EventType: message.NewLocalizedEventType(change.EventType),
Sequence: change.Sequence,

57
pkg/management/api/grpc/user_grant.go → internal/api/grpc/management/user_grant.go
View File

@@ -1,14 +1,17 @@
package grpc
package management
import (
"context"
"github.com/caos/zitadel/internal/api/auth"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/pkg/grpc/management"
)
func (s *Server) SearchUserGrants(ctx context.Context, in *UserGrantSearchRequest) (*UserGrantSearchResponse, error) {
func (s *Server) SearchUserGrants(ctx context.Context, in *management.UserGrantSearchRequest) (*management.UserGrantSearchResponse, error) {
request := userGrantSearchRequestsToModel(in)
request.AppendMyOrgQuery(auth.GetCtxData(ctx).OrgID)
request.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID)
response, err := s.usergrant.SearchUserGrants(ctx, request)
if err != nil {
return nil, err
@@ -16,7 +19,7 @@ func (s *Server) SearchUserGrants(ctx context.Context, in *UserGrantSearchReques
return userGrantSearchResponseFromModel(response), nil
}
func (s *Server) UserGrantByID(ctx context.Context, request *UserGrantID) (*UserGrantView, error) {
func (s *Server) UserGrantByID(ctx context.Context, request *management.UserGrantID) (*management.UserGrantView, error) {
user, err := s.usergrant.UserGrantByID(ctx, request.Id)
if err != nil {
return nil, err
@@ -24,7 +27,7 @@ func (s *Server) UserGrantByID(ctx context.Context, request *UserGrantID) (*User
return userGrantViewFromModel(user), nil
}
func (s *Server) CreateUserGrant(ctx context.Context, in *UserGrantCreate) (*UserGrant, error) {
func (s *Server) CreateUserGrant(ctx context.Context, in *management.UserGrantCreate) (*management.UserGrant, error) {
user, err := s.usergrant.AddUserGrant(ctx, userGrantCreateToModel(in))
if err != nil {
return nil, err
@@ -32,21 +35,21 @@ func (s *Server) CreateUserGrant(ctx context.Context, in *UserGrantCreate) (*Use
return usergrantFromModel(user), nil
}
func (s *Server) UpdateUserGrant(ctx context.Context, in *UserGrantUpdate) (*UserGrant, error) {
func (s *Server) UpdateUserGrant(ctx context.Context, in *management.UserGrantUpdate) (*management.UserGrant, error) {
user, err := s.usergrant.ChangeUserGrant(ctx, userGrantUpdateToModel(in))
if err != nil {
return nil, err
}
return usergrantFromModel(user), nil
}
func (s *Server) DeactivateUserGrant(ctx context.Context, in *UserGrantID) (*UserGrant, error) {
func (s *Server) DeactivateUserGrant(ctx context.Context, in *management.UserGrantID) (*management.UserGrant, error) {
user, err := s.usergrant.DeactivateUserGrant(ctx, in.Id)
if err != nil {
return nil, err
}
return usergrantFromModel(user), nil
}
func (s *Server) ReactivateUserGrant(ctx context.Context, in *UserGrantID) (*UserGrant, error) {
func (s *Server) ReactivateUserGrant(ctx context.Context, in *management.UserGrantID) (*management.UserGrant, error) {
user, err := s.usergrant.ReactivateUserGrant(ctx, in.Id)
if err != nil {
return nil, err
@@ -54,29 +57,29 @@ func (s *Server) ReactivateUserGrant(ctx context.Context, in *UserGrantID) (*Use
return usergrantFromModel(user), nil
}
func (s *Server) RemoveUserGrant(ctx context.Context, in *UserGrantID) (*empty.Empty, error) {
func (s *Server) RemoveUserGrant(ctx context.Context, in *management.UserGrantID) (*empty.Empty, error) {
err := s.usergrant.RemoveUserGrant(ctx, in.Id)
return &empty.Empty{}, err
}
func (s *Server) BulkCreateUserGrant(ctx context.Context, in *UserGrantCreateBulk) (*empty.Empty, error) {
func (s *Server) BulkCreateUserGrant(ctx context.Context, in *management.UserGrantCreateBulk) (*empty.Empty, error) {
err := s.usergrant.BulkAddUserGrant(ctx, userGrantCreateBulkToModel(in)...)
return &empty.Empty{}, err
}
func (s *Server) BulkUpdateUserGrant(ctx context.Context, in *UserGrantUpdateBulk) (*empty.Empty, error) {
func (s *Server) BulkUpdateUserGrant(ctx context.Context, in *management.UserGrantUpdateBulk) (*empty.Empty, error) {
err := s.usergrant.BulkChangeUserGrant(ctx, userGrantUpdateBulkToModel(in)...)
return &empty.Empty{}, err
}
func (s *Server) BulkRemoveUserGrant(ctx context.Context, in *UserGrantRemoveBulk) (*empty.Empty, error) {
func (s *Server) BulkRemoveUserGrant(ctx context.Context, in *management.UserGrantRemoveBulk) (*empty.Empty, error) {
err := s.usergrant.BulkRemoveUserGrant(ctx, userGrantRemoveBulkToModel(in)...)
return &empty.Empty{}, err
}
func (s *Server) SearchProjectUserGrants(ctx context.Context, in *ProjectUserGrantSearchRequest) (*UserGrantSearchResponse, error) {
func (s *Server) SearchProjectUserGrants(ctx context.Context, in *management.ProjectUserGrantSearchRequest) (*management.UserGrantSearchResponse, error) {
request := projectUserGrantSearchRequestsToModel(in)
request.AppendMyOrgQuery(auth.GetCtxData(ctx).OrgID)
request.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID)
request.AppendProjectIDQuery(in.ProjectId)
response, err := s.usergrant.SearchUserGrants(ctx, request)
if err != nil {
@@ -85,7 +88,7 @@ func (s *Server) SearchProjectUserGrants(ctx context.Context, in *ProjectUserGra
return userGrantSearchResponseFromModel(response), nil
}
func (s *Server) ProjectUserGrantByID(ctx context.Context, request *ProjectUserGrantID) (*UserGrantView, error) {
func (s *Server) ProjectUserGrantByID(ctx context.Context, request *management.ProjectUserGrantID) (*management.UserGrantView, error) {
user, err := s.usergrant.UserGrantByID(ctx, request.Id)
if err != nil {
return nil, err
@@ -93,14 +96,14 @@ func (s *Server) ProjectUserGrantByID(ctx context.Context, request *ProjectUserG
return userGrantViewFromModel(user), nil
}
func (s *Server) CreateProjectUserGrant(ctx context.Context, in *UserGrantCreate) (*UserGrant, error) {
func (s *Server) CreateProjectUserGrant(ctx context.Context, in *management.UserGrantCreate) (*management.UserGrant, error) {
user, err := s.usergrant.AddUserGrant(ctx, userGrantCreateToModel(in))
if err != nil {
return nil, err
}
return usergrantFromModel(user), nil
}
func (s *Server) UpdateProjectUserGrant(ctx context.Context, in *ProjectUserGrantUpdate) (*UserGrant, error) {
func (s *Server) UpdateProjectUserGrant(ctx context.Context, in *management.ProjectUserGrantUpdate) (*management.UserGrant, error) {
user, err := s.usergrant.ChangeUserGrant(ctx, projectUserGrantUpdateToModel(in))
if err != nil {
return nil, err
@@ -108,7 +111,7 @@ func (s *Server) UpdateProjectUserGrant(ctx context.Context, in *ProjectUserGran
return usergrantFromModel(user), nil
}
func (s *Server) DeactivateProjectUserGrant(ctx context.Context, in *ProjectUserGrantID) (*UserGrant, error) {
func (s *Server) DeactivateProjectUserGrant(ctx context.Context, in *management.ProjectUserGrantID) (*management.UserGrant, error) {
user, err := s.usergrant.DeactivateUserGrant(ctx, in.Id)
if err != nil {
return nil, err
@@ -116,7 +119,7 @@ func (s *Server) DeactivateProjectUserGrant(ctx context.Context, in *ProjectUser
return usergrantFromModel(user), nil
}
func (s *Server) ReactivateProjectUserGrant(ctx context.Context, in *ProjectUserGrantID) (*UserGrant, error) {
func (s *Server) ReactivateProjectUserGrant(ctx context.Context, in *management.ProjectUserGrantID) (*management.UserGrant, error) {
user, err := s.usergrant.ReactivateUserGrant(ctx, in.Id)
if err != nil {
return nil, err
@@ -124,13 +127,13 @@ func (s *Server) ReactivateProjectUserGrant(ctx context.Context, in *ProjectUser
return usergrantFromModel(user), nil
}
func (s *Server) SearchProjectGrantUserGrants(ctx context.Context, in *ProjectGrantUserGrantSearchRequest) (*UserGrantSearchResponse, error) {
func (s *Server) SearchProjectGrantUserGrants(ctx context.Context, in *management.ProjectGrantUserGrantSearchRequest) (*management.UserGrantSearchResponse, error) {
grant, err := s.project.ProjectGrantByID(ctx, in.ProjectGrantId)
if err != nil {
return nil, err
}
request := projectGrantUserGrantSearchRequestsToModel(in)
request.AppendMyOrgQuery(auth.GetCtxData(ctx).OrgID)
request.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID)
request.AppendProjectIDQuery(grant.ProjectID)
response, err := s.usergrant.SearchUserGrants(ctx, request)
if err != nil {
@@ -139,7 +142,7 @@ func (s *Server) SearchProjectGrantUserGrants(ctx context.Context, in *ProjectGr
return userGrantSearchResponseFromModel(response), nil
}
func (s *Server) ProjectGrantUserGrantByID(ctx context.Context, request *ProjectGrantUserGrantID) (*UserGrantView, error) {
func (s *Server) ProjectGrantUserGrantByID(ctx context.Context, request *management.ProjectGrantUserGrantID) (*management.UserGrantView, error) {
user, err := s.usergrant.UserGrantByID(ctx, request.Id)
if err != nil {
return nil, err
@@ -147,14 +150,14 @@ func (s *Server) ProjectGrantUserGrantByID(ctx context.Context, request *Project
return userGrantViewFromModel(user), nil
}
func (s *Server) CreateProjectGrantUserGrant(ctx context.Context, in *ProjectGrantUserGrantCreate) (*UserGrant, error) {
func (s *Server) CreateProjectGrantUserGrant(ctx context.Context, in *management.ProjectGrantUserGrantCreate) (*management.UserGrant, error) {
user, err := s.usergrant.AddUserGrant(ctx, projectGrantUserGrantCreateToModel(in))
if err != nil {
return nil, err
}
return usergrantFromModel(user), nil
}
func (s *Server) UpdateProjectGrantUserGrant(ctx context.Context, in *ProjectGrantUserGrantUpdate) (*UserGrant, error) {
func (s *Server) UpdateProjectGrantUserGrant(ctx context.Context, in *management.ProjectGrantUserGrantUpdate) (*management.UserGrant, error) {
user, err := s.usergrant.ChangeUserGrant(ctx, projectGrantUserGrantUpdateToModel(in))
if err != nil {
return nil, err
@@ -162,7 +165,7 @@ func (s *Server) UpdateProjectGrantUserGrant(ctx context.Context, in *ProjectGra
return usergrantFromModel(user), nil
}
func (s *Server) DeactivateProjectGrantUserGrant(ctx context.Context, in *ProjectGrantUserGrantID) (*UserGrant, error) {
func (s *Server) DeactivateProjectGrantUserGrant(ctx context.Context, in *management.ProjectGrantUserGrantID) (*management.UserGrant, error) {
user, err := s.usergrant.DeactivateUserGrant(ctx, in.Id)
if err != nil {
return nil, err
@@ -170,7 +173,7 @@ func (s *Server) DeactivateProjectGrantUserGrant(ctx context.Context, in *Projec
return usergrantFromModel(user), nil
}
func (s *Server) ReactivateProjectGrantUserGrant(ctx context.Context, in *ProjectGrantUserGrantID) (*UserGrant, error) {
func (s *Server) ReactivateProjectGrantUserGrant(ctx context.Context, in *management.ProjectGrantUserGrantID) (*management.UserGrant, error) {
user, err := s.usergrant.ReactivateUserGrant(ctx, in.Id)
if err != nil {
return nil, err

66
pkg/management/api/grpc/user_grant_converter.go → internal/api/grpc/management/user_grant_converter.go
View File

@@ -1,20 +1,22 @@
package grpc
package management
import (
"github.com/caos/logging"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/internal/eventstore/models"
grant_model "github.com/caos/zitadel/internal/usergrant/model"
"github.com/golang/protobuf/ptypes"
"github.com/caos/zitadel/pkg/grpc/management"
)
func usergrantFromModel(grant *grant_model.UserGrant) *UserGrant {
func usergrantFromModel(grant *grant_model.UserGrant) *management.UserGrant {
creationDate, err := ptypes.TimestampProto(grant.CreationDate)
logging.Log("GRPC-ki9ds").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(grant.ChangeDate)
logging.Log("GRPC-sl9ew").OnError(err).Debug("unable to parse timestamp")
return &UserGrant{
return &management.UserGrant{
Id: grant.AggregateID,
UserId: grant.UserID,
State: usergrantStateFromModel(grant.State),
@@ -26,7 +28,7 @@ func usergrantFromModel(grant *grant_model.UserGrant) *UserGrant {
}
}
func userGrantCreateBulkToModel(u *UserGrantCreateBulk) []*grant_model.UserGrant {
func userGrantCreateBulkToModel(u *management.UserGrantCreateBulk) []*grant_model.UserGrant {
grants := make([]*grant_model.UserGrant, len(u.UserGrants))
for i, grant := range u.UserGrants {
grants[i] = userGrantCreateToModel(grant)
@@ -34,7 +36,7 @@ func userGrantCreateBulkToModel(u *UserGrantCreateBulk) []*grant_model.UserGrant
return grants
}
func userGrantCreateToModel(u *UserGrantCreate) *grant_model.UserGrant {
func userGrantCreateToModel(u *management.UserGrantCreate) *grant_model.UserGrant {
return &grant_model.UserGrant{
ObjectRoot: models.ObjectRoot{AggregateID: u.UserId},
UserID: u.UserId,
@@ -43,7 +45,7 @@ func userGrantCreateToModel(u *UserGrantCreate) *grant_model.UserGrant {
}
}
func userGrantUpdateBulkToModel(u *UserGrantUpdateBulk) []*grant_model.UserGrant {
func userGrantUpdateBulkToModel(u *management.UserGrantUpdateBulk) []*grant_model.UserGrant {
grants := make([]*grant_model.UserGrant, len(u.UserGrants))
for i, grant := range u.UserGrants {
grants[i] = userGrantUpdateToModel(grant)
@@ -51,14 +53,14 @@ func userGrantUpdateBulkToModel(u *UserGrantUpdateBulk) []*grant_model.UserGrant
return grants
}
func userGrantUpdateToModel(u *UserGrantUpdate) *grant_model.UserGrant {
func userGrantUpdateToModel(u *management.UserGrantUpdate) *grant_model.UserGrant {
return &grant_model.UserGrant{
ObjectRoot: models.ObjectRoot{AggregateID: u.Id},
RoleKeys: u.RoleKeys,
}
}
func userGrantRemoveBulkToModel(u *UserGrantRemoveBulk) []string {
func userGrantRemoveBulkToModel(u *management.UserGrantRemoveBulk) []string {
ids := make([]string, len(u.Ids))
for i, id := range u.Ids {
ids[i] = id
@@ -66,14 +68,14 @@ func userGrantRemoveBulkToModel(u *UserGrantRemoveBulk) []string {
return ids
}
func projectUserGrantUpdateToModel(u *ProjectUserGrantUpdate) *grant_model.UserGrant {
func projectUserGrantUpdateToModel(u *management.ProjectUserGrantUpdate) *grant_model.UserGrant {
return &grant_model.UserGrant{
ObjectRoot: models.ObjectRoot{AggregateID: u.Id},
RoleKeys: u.RoleKeys,
}
}
func projectGrantUserGrantCreateToModel(u *ProjectGrantUserGrantCreate) *grant_model.UserGrant {
func projectGrantUserGrantCreateToModel(u *management.ProjectGrantUserGrantCreate) *grant_model.UserGrant {
return &grant_model.UserGrant{
UserID: u.UserId,
ProjectID: u.ProjectId,
@@ -81,14 +83,14 @@ func projectGrantUserGrantCreateToModel(u *ProjectGrantUserGrantCreate) *grant_m
}
}
func projectGrantUserGrantUpdateToModel(u *ProjectGrantUserGrantUpdate) *grant_model.UserGrant {
func projectGrantUserGrantUpdateToModel(u *management.ProjectGrantUserGrantUpdate) *grant_model.UserGrant {
return &grant_model.UserGrant{
ObjectRoot: models.ObjectRoot{AggregateID: u.Id},
RoleKeys: u.RoleKeys,
}
}
func userGrantSearchRequestsToModel(project *UserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
func userGrantSearchRequestsToModel(project *management.UserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
return &grant_model.UserGrantSearchRequest{
Offset: project.Offset,
Limit: project.Limit,
@@ -96,7 +98,7 @@ func userGrantSearchRequestsToModel(project *UserGrantSearchRequest) *grant_mode
}
}
func userGrantSearchQueriesToModel(queries []*UserGrantSearchQuery) []*grant_model.UserGrantSearchQuery {
func userGrantSearchQueriesToModel(queries []*management.UserGrantSearchQuery) []*grant_model.UserGrantSearchQuery {
converted := make([]*grant_model.UserGrantSearchQuery, len(queries))
for i, q := range queries {
converted[i] = userGrantSearchQueryToModel(q)
@@ -104,7 +106,7 @@ func userGrantSearchQueriesToModel(queries []*UserGrantSearchQuery) []*grant_mod
return converted
}
func userGrantSearchQueryToModel(query *UserGrantSearchQuery) *grant_model.UserGrantSearchQuery {
func userGrantSearchQueryToModel(query *management.UserGrantSearchQuery) *grant_model.UserGrantSearchQuery {
return &grant_model.UserGrantSearchQuery{
Key: userGrantSearchKeyToModel(query.Key),
Method: searchMethodToModel(query.Method),
@@ -112,23 +114,23 @@ func userGrantSearchQueryToModel(query *UserGrantSearchQuery) *grant_model.UserG
}
}
func userGrantSearchKeyToModel(key UserGrantSearchKey) grant_model.UserGrantSearchKey {
func userGrantSearchKeyToModel(key management.UserGrantSearchKey) grant_model.UserGrantSearchKey {
switch key {
case UserGrantSearchKey_USERGRANTSEARCHKEY_ORG_ID:
case management.UserGrantSearchKey_USERGRANTSEARCHKEY_ORG_ID:
return grant_model.UserGrantSearchKeyResourceOwner
case UserGrantSearchKey_USERGRANTSEARCHKEY_PROJECT_ID:
case management.UserGrantSearchKey_USERGRANTSEARCHKEY_PROJECT_ID:
return grant_model.UserGrantSearchKeyProjectID
case UserGrantSearchKey_USERGRANTSEARCHKEY_USER_ID:
case management.UserGrantSearchKey_USERGRANTSEARCHKEY_USER_ID:
return grant_model.UserGrantSearchKeyUserID
case UserGrantSearchKey_USERGRANTSEARCHKEY_ROLE_KEY:
case management.UserGrantSearchKey_USERGRANTSEARCHKEY_ROLE_KEY:
return grant_model.UserGrantSearchKeyRoleKey
default:
return grant_model.UserGrantSearchKeyUnspecified
}
}
func userGrantSearchResponseFromModel(response *grant_model.UserGrantSearchResponse) *UserGrantSearchResponse {
return &UserGrantSearchResponse{
func userGrantSearchResponseFromModel(response *grant_model.UserGrantSearchResponse) *management.UserGrantSearchResponse {
return &management.UserGrantSearchResponse{
Offset: response.Offset,
Limit: response.Limit,
TotalResult: response.TotalResult,
@@ -136,22 +138,22 @@ func userGrantSearchResponseFromModel(response *grant_model.UserGrantSearchRespo
}
}
func userGrantViewsFromModel(users []*grant_model.UserGrantView) []*UserGrantView {
converted := make([]*UserGrantView, len(users))
func userGrantViewsFromModel(users []*grant_model.UserGrantView) []*management.UserGrantView {
converted := make([]*management.UserGrantView, len(users))
for i, user := range users {
converted[i] = userGrantViewFromModel(user)
}
return converted
}
func userGrantViewFromModel(grant *grant_model.UserGrantView) *UserGrantView {
func userGrantViewFromModel(grant *grant_model.UserGrantView) *management.UserGrantView {
creationDate, err := ptypes.TimestampProto(grant.CreationDate)
logging.Log("GRPC-dl9we").OnError(err).Debug("unable to parse timestamp")
changeDate, err := ptypes.TimestampProto(grant.ChangeDate)
logging.Log("GRPC-lpsg5").OnError(err).Debug("unable to parse timestamp")
return &UserGrantView{
return &management.UserGrantView{
Id: grant.ID,
State: usergrantStateFromModel(grant.State),
CreationDate: creationDate,
@@ -173,18 +175,18 @@ func userGrantViewFromModel(grant *grant_model.UserGrantView) *UserGrantView {
}
}
func usergrantStateFromModel(state grant_model.UserGrantState) UserGrantState {
func usergrantStateFromModel(state grant_model.UserGrantState) management.UserGrantState {
switch state {
case grant_model.UserGrantStateActive:
return UserGrantState_USERGRANTSTATE_ACTIVE
return management.UserGrantState_USERGRANTSTATE_ACTIVE
case grant_model.UserGrantStateInactive:
return UserGrantState_USERGRANTSTATE_INACTIVE
return management.UserGrantState_USERGRANTSTATE_INACTIVE
default:
return UserGrantState_USERGRANTSTATE_UNSPECIFIED
return management.UserGrantState_USERGRANTSTATE_UNSPECIFIED
}
}
func projectUserGrantSearchRequestsToModel(project *ProjectUserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
func projectUserGrantSearchRequestsToModel(project *management.ProjectUserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
return &grant_model.UserGrantSearchRequest{
Offset: project.Offset,
Limit: project.Limit,
@@ -192,7 +194,7 @@ func projectUserGrantSearchRequestsToModel(project *ProjectUserGrantSearchReques
}
}
func projectGrantUserGrantSearchRequestsToModel(project *ProjectGrantUserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
func projectGrantUserGrantSearchRequestsToModel(project *management.ProjectGrantUserGrantSearchRequest) *grant_model.UserGrantSearchRequest {
return &grant_model.UserGrantSearchRequest{
Offset: project.Offset,
Limit: project.Limit,

109
internal/api/grpc/server/gateway.go
View File

@@ -3,12 +3,14 @@ package server
import (
"context"
"net/http"
"strings"
"github.com/grpc-ecosystem/grpc-gateway/runtime"
"google.golang.org/grpc"
"github.com/caos/logging"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
client_middleware "github.com/caos/zitadel/internal/api/grpc/client/middleware"
http_util "github.com/caos/zitadel/internal/api/http"
http_mw "github.com/caos/zitadel/internal/api/http/middleware"
@@ -22,26 +24,41 @@ const (
var (
DefaultJSONMarshaler = &runtime.JSONPb{OrigName: false, EmitDefaults: false}
DefaultServeMuxOptions = []runtime.ServeMuxOption{
runtime.WithMarshalerOption(DefaultJSONMarshaler.ContentType(), DefaultJSONMarshaler),
runtime.WithMarshalerOption(mimeWildcard, DefaultJSONMarshaler),
runtime.WithMarshalerOption(runtime.MIMEWildcard, DefaultJSONMarshaler),
runtime.WithIncomingHeaderMatcher(runtime.DefaultHeaderMatcher),
runtime.WithOutgoingHeaderMatcher(runtime.DefaultHeaderMatcher),
DefaultServeMuxOptions = func(customHeaders ...string) []runtime.ServeMuxOption {
return []runtime.ServeMuxOption{
runtime.WithMarshalerOption(DefaultJSONMarshaler.ContentType(), DefaultJSONMarshaler),
runtime.WithMarshalerOption(mimeWildcard, DefaultJSONMarshaler),
runtime.WithMarshalerOption(runtime.MIMEWildcard, DefaultJSONMarshaler),
runtime.WithIncomingHeaderMatcher(DefaultHeaderMatcher(customHeaders...)),
runtime.WithOutgoingHeaderMatcher(runtime.DefaultHeaderMatcher),
}
}
DefaultHeaderMatcher = func(customHeaders ...string) runtime.HeaderMatcherFunc {
return func(header string) (string, bool) {
for _, customHeader := range customHeaders {
if strings.HasPrefix(strings.ToLower(header), customHeader) {
return header, true
}
}
return runtime.DefaultHeaderMatcher(header)
}
}
)
type Gateway interface {
GRPCEndpoint() string
GatewayPort() string
Gateway() GatewayFunc
RegisterGateway() GatewayFunc
GatewayPathPrefix() string
}
type GatewayFunc func(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) error
//optional extending interfaces of Gateway below
type gatewayCustomServeMuxOptions interface {
GatewayServeMuxOptions() []runtime.ServeMuxOption
}
type grpcGatewayCustomInterceptor interface {
GatewayHTTPInterceptor(http.Handler) http.Handler
}
@@ -50,28 +67,62 @@ type gatewayCustomCallOptions interface {
GatewayCallOptions() []grpc.DialOption
}
func StartGateway(ctx context.Context, g Gateway) {
mux := createMux(ctx, g)
serveGateway(ctx, mux, gatewayPort(g.GatewayPort()), g)
type GatewayHandler struct {
mux *http.ServeMux
serverPort string
gatewayPort string
customHeaders []string
}
func createMux(ctx context.Context, g Gateway) *runtime.ServeMux {
muxOptions := DefaultServeMuxOptions
func CreateGatewayHandler(config grpc_util.Config) *GatewayHandler {
return &GatewayHandler{
mux: http.NewServeMux(),
serverPort: config.ServerPort,
gatewayPort: config.GatewayPort,
customHeaders: config.CustomHeaders,
}
}
//RegisterGateway registers a handler (Gateway interface) on defined port
//Gateway interface may be extended with optional implementation of interfaces (gatewayCustomServeMuxOptions, ...)
func (g *GatewayHandler) RegisterGateway(ctx context.Context, gateway Gateway) {
handler := createGateway(ctx, gateway, g.serverPort, g.customHeaders...)
prefix := gateway.GatewayPathPrefix()
g.RegisterHandler(prefix, handler)
}
func (g *GatewayHandler) RegisterHandler(prefix string, handler http.Handler) {
http_util.RegisterHandler(g.mux, prefix, handler)
}
func (g *GatewayHandler) Serve(ctx context.Context) {
http_util.Serve(ctx, g.mux, g.gatewayPort, "api")
}
func createGateway(ctx context.Context, g Gateway, port string, customHeaders ...string) http.Handler {
mux := createMux(g, customHeaders...)
opts := createDialOptions(g)
err := g.RegisterGateway()(ctx, mux, http_util.Endpoint(port), opts)
logging.Log("SERVE-7B7G0E").OnError(err).Panic("failed to register grpc gateway")
return addInterceptors(mux, g)
}
func createMux(g Gateway, customHeaders ...string) *runtime.ServeMux {
muxOptions := DefaultServeMuxOptions(customHeaders...)
if customOpts, ok := g.(gatewayCustomServeMuxOptions); ok {
muxOptions = customOpts.GatewayServeMuxOptions()
}
mux := runtime.NewServeMux(muxOptions...)
return runtime.NewServeMux(muxOptions...)
}
func createDialOptions(g Gateway) []grpc.DialOption {
opts := []grpc.DialOption{grpc.WithInsecure()}
opts = append(opts, client_middleware.DefaultTracingStatsClient())
if customOpts, ok := g.(gatewayCustomCallOptions); ok {
opts = append(opts, customOpts.GatewayCallOptions()...)
}
err := g.Gateway()(ctx, mux, g.GRPCEndpoint(), opts)
logging.Log("SERVE-7B7G0E").OnError(err).Panic("failed to create mux for grpc gateway")
return mux
return opts
}
func addInterceptors(handler http.Handler, g Gateway) http.Handler {
@@ -83,26 +134,6 @@ func addInterceptors(handler http.Handler, g Gateway) http.Handler {
return http_mw.CORSInterceptorOpts(http_mw.DefaultCORSOptions, handler)
}
func serveGateway(ctx context.Context, handler http.Handler, port string, g Gateway) {
server := &http.Server{
Handler: addInterceptors(handler, g),
}
listener := http_util.CreateListener(port)
go func() {
<-ctx.Done()
err := server.Shutdown(ctx)
logging.Log("SERVE-m7kBlq").OnError(err).Warn("error during graceful shutdown of grpc gateway")
}()
go func() {
err := server.Serve(listener)
logging.Log("SERVE-tBHR60").OnError(err).Panic("grpc gateway serve failed")
}()
logging.LogWithFields("SERVE-KHh0Cb", "port", port).Info("grpc gateway is listening")
}
func gatewayPort(port string) string {
if port == "" {
return defaultGatewayPort

50
internal/api/grpc/server/middleware/auth_interceptor.go
View File

@@ -2,37 +2,39 @@ package middleware
import (
"context"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"github.com/caos/zitadel/internal/api"
"github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/api/authz"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/api/http"
)
func AuthorizationInterceptor(verifier auth.TokenVerifier, authConfig *auth.Config, authMethods auth.MethodMapping) func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
func AuthorizationInterceptor(verifier *authz.TokenVerifier, authConfig authz.Config) grpc.UnaryServerInterceptor {
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
authOpt, needsToken := authMethods[info.FullMethod]
if !needsToken {
return handler(ctx, req)
}
authToken := ""
//TODO: Remove check internal as soon as authentification is implemented
if !auth.CheckInternal(ctx) {
authToken = grpc_util.GetAuthorizationHeader(ctx)
if authToken == "" {
return nil, status.Error(codes.Unauthenticated, "auth header missing")
}
}
orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)
ctx, err := auth.CheckUserAuthorization(ctx, req, authToken, orgID, verifier, authConfig, authOpt)
if err != nil {
return nil, err
}
return handler(ctx, req)
return authorize(ctx, req, info, handler, verifier, authConfig)
}
}
func authorize(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler, verifier *authz.TokenVerifier, authConfig authz.Config) (interface{}, error) {
authOpt, needsToken := verifier.CheckAuthMethod(info.FullMethod)
if !needsToken {
return handler(ctx, req)
}
authToken := grpc_util.GetAuthorizationHeader(ctx)
if authToken == "" {
return nil, status.Error(codes.Unauthenticated, "auth header missing")
}
orgID := grpc_util.GetHeader(ctx, http.ZitadelOrgID)
ctx, err := authz.CheckUserAuthorization(ctx, req, authToken, orgID, verifier, authConfig, authOpt, info.FullMethod)
if err != nil {
return nil, err
}
return handler(ctx, req)
}

148
internal/api/grpc/server/middleware/auth_interceptor_test.go Normal file
View File

@@ -0,0 +1,148 @@
package middleware
import (
"context"
"reflect"
"testing"
"google.golang.org/grpc"
"google.golang.org/grpc/metadata"
"github.com/caos/zitadel/internal/api/authz"
)
var (
mockMethods = authz.MethodMapping{
"need.authentication": authz.Option{
Permission: "authenticated",
},
}
)
type verifierMock struct{}
func (v *verifierMock) VerifyAccessToken(ctx context.Context, token, clientID string) (string, string, error) {
return "", "", nil
}
func (v *verifierMock) ResolveGrants(ctx context.Context) (*authz.Grant, error) {
return nil, nil
}
func (v *verifierMock) ProjectIDByClientID(ctx context.Context, clientID string) (string, error) {
return "", nil
}
func (v *verifierMock) VerifierClientID(ctx context.Context, appName string) (string, error) {
return "", nil
}
func Test_authorize(t *testing.T) {
type args struct {
ctx context.Context
req interface{}
info *grpc.UnaryServerInfo
handler grpc.UnaryHandler
verifier *authz.TokenVerifier
authConfig authz.Config
authMethods authz.MethodMapping
}
type res struct {
want interface{}
wantErr bool
}
tests := []struct {
name string
args args
res res
}{
{
"no token needed ok",
args{
ctx: context.Background(),
req: &mockReq{},
info: mockInfo("/no/token/needed"),
handler: emptyMockHandler,
verifier: func() *authz.TokenVerifier {
verifier := authz.Start(&verifierMock{})
verifier.RegisterServer("need", "need", authz.MethodMapping{})
return verifier
}(),
authMethods: mockMethods,
},
res{
&mockReq{},
false,
},
},
{
"auth header missing error",
args{
ctx: context.Background(),
req: &mockReq{},
info: mockInfo("/need/authentication"),
handler: emptyMockHandler,
verifier: func() *authz.TokenVerifier {
verifier := authz.Start(&verifierMock{})
verifier.RegisterServer("need", "need", authz.MethodMapping{"/need/authentication": authz.Option{Permission: "authenticated"}})
return verifier
}(),
authConfig: authz.Config{},
authMethods: mockMethods,
},
res{
nil,
true,
},
},
{
"unauthorized error",
args{
ctx: metadata.NewIncomingContext(context.Background(), metadata.Pairs("authorization", "wrong")),
req: &mockReq{},
info: mockInfo("/need/authentication"),
handler: emptyMockHandler,
verifier: func() *authz.TokenVerifier {
verifier := authz.Start(&verifierMock{})
verifier.RegisterServer("need", "need", authz.MethodMapping{"/need/authentication": authz.Option{Permission: "authenticated"}})
return verifier
}(),
authConfig: authz.Config{},
authMethods: mockMethods,
},
res{
nil,
true,
},
},
{
"authorized ok",
args{
ctx: metadata.NewIncomingContext(context.Background(), metadata.Pairs("authorization", "Bearer token")),
req: &mockReq{},
info: mockInfo("/need/authentication"),
handler: emptyMockHandler,
verifier: func() *authz.TokenVerifier {
verifier := authz.Start(&verifierMock{})
verifier.RegisterServer("need", "need", authz.MethodMapping{"/need/authentication": authz.Option{Permission: "authenticated"}})
return verifier
}(),
authConfig: authz.Config{},
authMethods: mockMethods,
},
res{
&mockReq{},
false,
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := authorize(tt.args.ctx, tt.args.req, tt.args.info, tt.args.handler, tt.args.verifier, tt.args.authConfig)
if (err != nil) != tt.res.wantErr {
t.Errorf("authorize() error = %v, wantErr %v", err, tt.res.wantErr)
return
}
if !reflect.DeepEqual(got, tt.res.want) {
t.Errorf("authorize() got = %v, want %v", got, tt.res.want)
}
})
}
}

12
internal/api/grpc/server/middleware/error_interceptor.go
View File

@@ -4,18 +4,22 @@ import (
"context"
"golang.org/x/text/language"
"google.golang.org/grpc"
grpc_util "github.com/caos/zitadel/internal/api/grpc"
"github.com/caos/zitadel/internal/i18n"
_ "github.com/caos/zitadel/internal/statik"
)
func ErrorHandler(defaultLanguage language.Tag) func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
func ErrorHandler(defaultLanguage language.Tag) grpc.UnaryServerInterceptor {
translator := newZitadelTranslator(defaultLanguage)
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
resp, err := handler(ctx, req)
return resp, grpc_util.CaosToGRPCError(err, ctx, translator)
return toGRPCError(ctx, req, handler, translator)
}
}
func toGRPCError(ctx context.Context, req interface{}, handler grpc.UnaryHandler, translator *i18n.Translator) (interface{}, error) {
resp, err := handler(ctx, req)
return resp, grpc_util.CaosToGRPCError(ctx, err, translator)
}

63
internal/api/grpc/server/middleware/error_interceptor_test.go Normal file
View File

@@ -0,0 +1,63 @@
package middleware
import (
"context"
"reflect"
"testing"
"google.golang.org/grpc"
)
func Test_toGRPCError(t *testing.T) {
type args struct {
ctx context.Context
req interface{}
handler grpc.UnaryHandler
}
type res struct {
want interface{}
wantErr bool
}
tests := []struct {
name string
args args
res res
}{
{
"no error",
args{
ctx: context.Background(),
req: &mockReq{},
handler: emptyMockHandler,
},
res{
&mockReq{},
false,
},
},
{
"error",
args{
ctx: context.Background(),
req: &mockReq{},
handler: errorMockHandler,
},
res{
nil,
true,
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := toGRPCError(tt.args.ctx, tt.args.req, tt.args.handler, nil)
if (err != nil) != tt.res.wantErr {
t.Errorf("toGRPCError() error = %v, wantErr %v", err, tt.res.wantErr)
return
}
if !reflect.DeepEqual(got, tt.res.want) {
t.Errorf("toGRPCError() got = %v, want %v", got, tt.res.want)
}
})
}
}

26
internal/api/grpc/server/middleware/mock_test.go Normal file
View File

@@ -0,0 +1,26 @@
package middleware
import (
"context"
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/errors"
)
func emptyMockHandler(_ context.Context, req interface{}) (interface{}, error) {
return req, nil
}
func errorMockHandler(_ context.Context, req interface{}) (interface{}, error) {
return nil, errors.ThrowInternal(nil, "test", "error")
}
type mockReq struct{}
func mockInfo(path string) *grpc.UnaryServerInfo {
return &grpc.UnaryServerInfo{
Server: nil,
FullMethod: path,
}
}

17
internal/api/grpc/server/middleware/tracing.go
View File

@@ -9,13 +9,28 @@ import (
"google.golang.org/grpc"
"google.golang.org/grpc/stats"
"github.com/caos/zitadel/internal/api/http"
"github.com/caos/zitadel/internal/tracing"
)
type GRPCMethod string
func TracingStatsServer(ignoredMethods ...GRPCMethod) grpc.ServerOption {
return grpc.StatsHandler(&tracingServerHandler{ignoredMethods, ocgrpc.ServerHandler{StartOptions: trace.StartOptions{Sampler: tracing.Sampler(), SpanKind: trace.SpanKindServer}}})
return grpc.StatsHandler(
&tracingServerHandler{
ignoredMethods,
ocgrpc.ServerHandler{
StartOptions: trace.StartOptions{
Sampler: tracing.Sampler(),
SpanKind: trace.SpanKindServer,
},
},
},
)
}
func DefaultTracingStatsServer() grpc.ServerOption {
return TracingStatsServer(http.Healthz, http.Readiness, http.Validation)
}
type tracingServerHandler struct {

71
internal/api/grpc/server/middleware/tracing_test.go Normal file
View File

@@ -0,0 +1,71 @@
package middleware
import (
"context"
"testing"
"go.opencensus.io/plugin/ocgrpc"
"go.opencensus.io/trace"
"google.golang.org/grpc/stats"
)
func Test_tracingServerHandler_TagRPC(t *testing.T) {
type fields struct {
IgnoredMethods []GRPCMethod
ServerHandler ocgrpc.ServerHandler
}
type args struct {
ctx context.Context
tagInfo *stats.RPCTagInfo
}
type res struct {
wantSpan bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"ignored method",
fields{
IgnoredMethods: []GRPCMethod{"ignore"},
ServerHandler: ocgrpc.ServerHandler{},
},
args{
ctx: context.Background(),
tagInfo: &stats.RPCTagInfo{
FullMethodName: "ignore",
},
},
res{false},
},
{
"tag",
fields{
IgnoredMethods: []GRPCMethod{"ignore"},
ServerHandler: ocgrpc.ServerHandler{},
},
args{
ctx: context.Background(),
tagInfo: &stats.RPCTagInfo{
FullMethodName: "tag",
},
},
res{true},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := &tracingServerHandler{
IgnoredMethods: tt.fields.IgnoredMethods,
ServerHandler: tt.fields.ServerHandler,
}
got := s.TagRPC(tt.args.ctx, tt.args.tagInfo)
if (trace.FromContext(got) != nil) != tt.res.wantSpan {
t.Errorf("TagRPC() = %v, want %v", got, tt.res.wantSpan)
}
})
}
}

12
internal/api/grpc/server/probes.go
View File

@@ -26,7 +26,10 @@ func (v *Validator) Healthz(_ context.Context, e *empty.Empty) (*empty.Empty, er
}
func (v *Validator) Ready(ctx context.Context, e *empty.Empty) (*empty.Empty, error) {
return e, ready(ctx, v.validations)
if len(validate(ctx, v.validations)) == 0 {
return e, nil
}
return nil, errors.ThrowInternal(nil, "API-2jD9a", "not ready")
}
func (v *Validator) Validate(ctx context.Context, _ *empty.Empty) (*structpb.Struct, error) {
@@ -34,13 +37,6 @@ func (v *Validator) Validate(ctx context.Context, _ *empty.Empty) (*structpb.Str
return proto.ToPBStruct(validations)
}
func ready(ctx context.Context, validations map[string]ValidationFunction) error {
if len(validate(ctx, validations)) == 0 {
return nil
}
return errors.ThrowInternal(nil, "API-2jD9a", "not ready")
}
func validate(ctx context.Context, validations map[string]ValidationFunction) map[string]error {
errors := make(map[string]error)
for id, validation := range validations {

158
internal/api/grpc/server/probes_test.go Normal file
View File

@@ -0,0 +1,158 @@
package server
import (
"context"
"reflect"
"testing"
"github.com/golang/protobuf/ptypes/empty"
"github.com/caos/zitadel/internal/errors"
)
func TestValidator_Healthz(t *testing.T) {
type fields struct {
validations map[string]ValidationFunction
}
type res struct {
want *empty.Empty
hasErr bool
}
tests := []struct {
name string
fields fields
res res
}{
{
"ok",
fields{},
res{
&empty.Empty{},
false,
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
v := &Validator{
validations: tt.fields.validations,
}
got, err := v.Healthz(nil, &empty.Empty{})
if (err != nil) != tt.res.hasErr {
t.Errorf("Healthz() error = %v, wantErr %v", err, tt.res.hasErr)
return
}
if !reflect.DeepEqual(got, tt.res.want) {
t.Errorf("Healthz() got = %v, want %v", got, tt.res.want)
}
})
}
}
func TestValidator_Ready(t *testing.T) {
type fields struct {
validations map[string]ValidationFunction
}
type res struct {
want *empty.Empty
hasErr bool
}
tests := []struct {
name string
fields fields
res res
}{
{
"unready error",
fields{validations: map[string]ValidationFunction{
"error": func(_ context.Context) error {
return errors.ThrowInternal(nil, "id", "message")
},
}},
res{
nil,
true,
},
},
{
"ready ok",
fields{validations: map[string]ValidationFunction{
"ok": func(_ context.Context) error {
return nil
},
}},
res{
&empty.Empty{},
false,
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
v := &Validator{
validations: tt.fields.validations,
}
got, err := v.Ready(context.Background(), &empty.Empty{})
if (err != nil) != tt.res.hasErr {
t.Errorf("Ready() error = %v, wantErr %v", err, tt.res.hasErr)
return
}
if !reflect.DeepEqual(got, tt.res.want) {
t.Errorf("Ready() got = %v, want %v", got, tt.res.want)
}
})
}
}
func Test_validate(t *testing.T) {
type args struct {
validations map[string]ValidationFunction
}
type res struct {
want map[string]error
}
tests := []struct {
name string
args args
res res
}{
{
"no error empty",
args{
validations: map[string]ValidationFunction{
"ok": func(_ context.Context) error {
return nil
},
},
},
res{
map[string]error{},
},
},
{
"error in list",
args{
validations: map[string]ValidationFunction{
"ok": func(_ context.Context) error {
return nil
},
"error": func(_ context.Context) error {
return errors.ThrowInternal(nil, "id", "message")
},
},
},
res{
map[string]error{
"error": errors.ThrowInternal(nil, "id", "message"),
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := validate(context.Background(), tt.args.validations); !reflect.DeepEqual(got, tt.res.want) {
t.Errorf("validate() = %v, want %v", got, tt.res.want)
}
})
}
}

40
internal/api/grpc/server/server.go
View File

@@ -2,12 +2,14 @@ package server
import (
"context"
"github.com/caos/zitadel/internal/config/systemdefaults"
"net"
"github.com/caos/logging"
grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware"
"golang.org/x/text/language"
"google.golang.org/grpc"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/api/grpc/server/middleware"
"github.com/caos/zitadel/internal/api/http"
)
@@ -16,30 +18,36 @@ const (
)
type Server interface {
GRPCPort() string
GRPCServer(defaults systemdefaults.SystemDefaults) (*grpc.Server, error)
Gateway
RegisterServer(*grpc.Server)
AppName() string
MethodPrefix() string
AuthMethods() authz.MethodMapping
}
func StartServer(ctx context.Context, s Server, defaults systemdefaults.SystemDefaults) {
port := grpcPort(s.GRPCPort())
listener := http.CreateListener(port)
server := createGrpcServer(s, defaults)
serveServer(ctx, server, listener, port)
func CreateServer(verifier *authz.TokenVerifier, authConfig authz.Config, lang language.Tag) *grpc.Server {
return grpc.NewServer(
middleware.TracingStatsServer(http.Healthz, http.Readiness, http.Validation),
grpc.UnaryInterceptor(
grpc_middleware.ChainUnaryServer(
middleware.ErrorHandler(lang),
middleware.TranslationHandler(lang),
grpc_middleware.ChainUnaryServer(
middleware.AuthorizationInterceptor(verifier, authConfig),
),
),
),
)
}
func createGrpcServer(s Server, defaults systemdefaults.SystemDefaults) *grpc.Server {
grpcServer, err := s.GRPCServer(defaults)
logging.Log("SERVE-k280HZ").OnError(err).Panic("failed to create grpc server")
return grpcServer
}
func serveServer(ctx context.Context, server *grpc.Server, listener net.Listener, port string) {
func Serve(ctx context.Context, server *grpc.Server, port string) {
go func() {
<-ctx.Done()
server.GracefulStop()
}()
go func() {
listener := http.CreateListener(port)
err := server.Serve(listener)
logging.Log("SERVE-Ga3e94").OnError(err).Panic("grpc server serve failed")
}()

30
internal/api/header.go
View File

@@ -1,30 +0,0 @@
package api
const (
Authorization = "authorization"
Accept = "accept"
AcceptLanguage = "accept-language"
CacheControl = "cache-control"
ContentType = "content-type"
Expires = "expires"
Location = "location"
Origin = "origin"
Pragma = "pragma"
UserAgent = "user-agent"
ForwardedFor = "x-forwarded-for"
ContentSecurityPolicy = "content-security-policy"
XXSSProtection = "x-xss-protection"
StrictTransportSecurity = "strict-transport-security"
XFrameOptions = "x-frame-options"
XContentTypeOptions = "x-content-type-options"
ReferrerPolicy = "referrer-policy"
FeaturePolicy = "feature-policy"
ZitadelOrgID = "x-zitadel-orgid"
//TODO: Remove as soon an authentification is implemented
ZitadelUserID = "x-zitadel-userid"
ZitadelClientID = "x-zitadel-clientid"
ZitadelAgentID = "x-zitadel-agentid"
LoginKey = "x-zitadel-login"
)

109
internal/api/html/i18n.go
View File

@@ -1,109 +0,0 @@
package html
import (
"encoding/json"
"io/ioutil"
"net/http"
"path"
"github.com/BurntSushi/toml"
"github.com/caos/logging"
"github.com/ghodss/yaml"
"github.com/nicksnyder/go-i18n/v2/i18n"
"golang.org/x/text/language"
"github.com/caos/zitadel/internal/api"
http_util "github.com/caos/zitadel/internal/api/http"
"github.com/caos/zitadel/internal/errors"
)
type Translator struct {
bundle *i18n.Bundle
cookieName string
cookieHandler *http_util.CookieHandler
}
type TranslatorConfig struct {
Path string
DefaultLanguage language.Tag
CookieName string
}
func NewTranslator(config TranslatorConfig) (*Translator, error) {
t := new(Translator)
var err error
t.bundle, err = newBundle(config.Path, config.DefaultLanguage)
if err != nil {
return nil, err
}
t.cookieHandler = http_util.NewCookieHandler()
t.cookieName = config.CookieName
return t, nil
}
func newBundle(i18nDir string, defaultLanguage language.Tag) (*i18n.Bundle, error) {
bundle := i18n.NewBundle(defaultLanguage)
yamlUnmarshal := func(data []byte, v interface{}) error { return yaml.Unmarshal(data, v) }
bundle.RegisterUnmarshalFunc("yaml", yamlUnmarshal)
bundle.RegisterUnmarshalFunc("yml", yamlUnmarshal)
bundle.RegisterUnmarshalFunc("json", json.Unmarshal)
bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
files, err := ioutil.ReadDir(i18nDir)
if err != nil {
return nil, errors.ThrowNotFound(err, "HTML-MnXRie", "path not found")
}
for _, file := range files {
bundle.MustLoadMessageFile(path.Join(i18nDir, file.Name()))
}
return bundle, nil
}
func (t *Translator) LocalizeFromRequest(r *http.Request, id string, args map[string]interface{}) string {
s, err := t.localizerFromRequest(r).Localize(&i18n.LocalizeConfig{
MessageID: id,
TemplateData: args,
})
if err != nil {
logging.Log("HTML-MsF5sx").WithError(err).Warnf("missing translation")
return id
}
return s
}
func (t *Translator) Localize(id string, args map[string]interface{}) string {
s, _ := t.localizer().Localize(&i18n.LocalizeConfig{
MessageID: id,
TemplateData: args,
})
return s
}
func (t *Translator) Lang(r *http.Request) language.Tag {
matcher := language.NewMatcher(t.bundle.LanguageTags())
tag, _ := language.MatchStrings(matcher, t.langsFromRequest(r)...)
return tag
}
func (t *Translator) SetLangCookie(w http.ResponseWriter, lang language.Tag) {
t.cookieHandler.SetCookie(w, t.cookieName, lang.String())
}
func (t *Translator) localizerFromRequest(r *http.Request) *i18n.Localizer {
return t.localizer(t.langsFromRequest(r)...)
}
func (t *Translator) localizer(langs ...string) *i18n.Localizer {
return i18n.NewLocalizer(t.bundle, langs...)
}
func (t *Translator) langsFromRequest(r *http.Request) []string {
langs := make([]string, 0)
if r == nil {
return langs
}
lang, err := t.cookieHandler.GetCookieValue(r, t.cookieName)
if err == nil {
langs = append(langs, lang)
}
return append(langs, r.Header.Get(api.AcceptLanguage))
}

81
internal/api/html/renderer.go
View File

@@ -1,81 +0,0 @@
package html
import (
"net/http"
"path"
"text/template"
"github.com/caos/logging"
"golang.org/x/text/language"
)
const (
TranslateFn = "t"
)
type Renderer struct {
Templates map[string]*template.Template
translator *Translator
}
func NewRenderer(templatesDir string, tmplMapping map[string]string, funcs map[string]interface{}, translatorConfig TranslatorConfig) (*Renderer, error) {
var err error
r := new(Renderer)
r.translator, err = NewTranslator(translatorConfig)
if err != nil {
return nil, err
}
r.loadTemplates(templatesDir, tmplMapping, funcs)
return r, nil
}
func (r *Renderer) RenderTemplate(w http.ResponseWriter, req *http.Request, tmpl *template.Template, data interface{}, reqFuncs map[string]interface{}) {
reqFuncs = r.registerTranslateFn(req, reqFuncs)
err := tmpl.Funcs(reqFuncs).Execute(w, data)
logging.LogWithFields("HTML-lF8F6w", "template", tmpl.Name).OnError(err).Error("error rendering template")
}
func (r *Renderer) Localize(id string, args map[string]interface{}) string {
return r.translator.Localize(id, args)
}
func (r *Renderer) LocalizeFromRequest(req *http.Request, id string, args map[string]interface{}) string {
return r.translator.LocalizeFromRequest(req, id, args)
}
func (r *Renderer) Lang(req *http.Request) language.Tag {
return r.translator.Lang(req)
}
func (r *Renderer) loadTemplates(templatesDir string, tmplMapping map[string]string, funcs map[string]interface{}) {
funcs = r.registerTranslateFn(nil, funcs)
funcs[TranslateFn] = func(id string, args ...interface{}) string {
return id
}
tmpls := template.Must(template.New("").Funcs(funcs).ParseGlob(path.Join(templatesDir, "*.html")))
r.Templates = make(map[string]*template.Template, len(tmplMapping))
for name, file := range tmplMapping {
r.Templates[name] = tmpls.Lookup(file)
}
}
func (r *Renderer) registerTranslateFn(req *http.Request, funcs map[string]interface{}) map[string]interface{} {
if funcs == nil {
funcs = make(map[string]interface{})
}
funcs[TranslateFn] = func(id string, args ...interface{}) string {
m := map[string]interface{}{}
var key string
for i, arg := range args {
if i%2 == 0 {
key = arg.(string)
continue
}
m[key] = arg
}
if r == nil {
return r.Localize(id, m)
}
return r.LocalizeFromRequest(req, id, m)
}
return funcs
}

32
internal/api/http/header.go
View File

@@ -5,8 +5,30 @@ import (
"net"
"net/http"
"strings"
)
"github.com/caos/zitadel/internal/api"
const (
Authorization = "authorization"
Accept = "accept"
AcceptLanguage = "accept-language"
CacheControl = "cache-control"
ContentType = "content-type"
Expires = "expires"
Location = "location"
Origin = "origin"
Pragma = "pragma"
UserAgentHeader = "user-agent"
ForwardedFor = "x-forwarded-for"
ContentSecurityPolicy = "content-security-policy"
XXSSProtection = "x-xss-protection"
StrictTransportSecurity = "strict-transport-security"
XFrameOptions = "x-frame-options"
XContentTypeOptions = "x-content-type-options"
ReferrerPolicy = "referrer-policy"
FeaturePolicy = "feature-policy"
ZitadelOrgID = "x-zitadel-orgid"
)
type key int
@@ -35,7 +57,7 @@ func RemoteIPFromCtx(ctx context.Context) string {
if !ok {
return RemoteAddrFromCtx(ctx)
}
forwarded, ok := ForwardedFor(ctxHeaders)
forwarded, ok := GetForwardedFor(ctxHeaders)
if ok {
return forwarded
}
@@ -47,15 +69,15 @@ func RemoteIPFromRequest(r *http.Request) net.IP {
}
func RemoteIPStringFromRequest(r *http.Request) string {
ip, ok := ForwardedFor(r.Header)
ip, ok := GetForwardedFor(r.Header)
if ok {
return ip
}
return r.RemoteAddr
}
func ForwardedFor(headers http.Header) (string, bool) {
forwarded, ok := headers[api.ForwardedFor]
func GetForwardedFor(headers http.Header) (string, bool) {
forwarded, ok := headers[ForwardedFor]
if ok {
ip := strings.Split(forwarded[0], ", ")[0]
if ip != "" {

4
internal/api/http/listener.go
View File

@@ -8,12 +8,12 @@ import (
)
func CreateListener(endpoint string) net.Listener {
l, err := net.Listen("tcp", listenerEndpoint(endpoint))
l, err := net.Listen("tcp", Endpoint(endpoint))
logging.Log("SERVE-6vasef").OnError(err).Fatal("creating listener failed")
return l
}
func listenerEndpoint(endpoint string) string {
func Endpoint(endpoint string) string {
if strings.Contains(endpoint, ":") {
return endpoint
}

8
internal/api/http/middleware/cache_interceptor.go
View File

@@ -7,7 +7,7 @@ import (
"strings"
"time"
"github.com/caos/zitadel/internal/api"
http_utils "github.com/caos/zitadel/internal/api/http"
"github.com/caos/zitadel/internal/config/types"
)
@@ -120,9 +120,9 @@ func (c *Cache) serializeHeaders(w http.ResponseWriter) {
control = append(control, string(c.Revalidation))
}
w.Header().Set(api.CacheControl, strings.Join(control, ", "))
w.Header().Set(api.Expires, expires)
w.Header().Set(http_utils.CacheControl, strings.Join(control, ", "))
w.Header().Set(http_utils.Expires, expires)
if pragma {
w.Header().Set(api.Pragma, "no-cache")
w.Header().Set(http_utils.Pragma, "no-cache")
}
}

Some files were not shown because too many files have changed in this diff Show More