mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-13 02:43:41 +00:00
fix: (org) context handling (#1429)
* fix: add context queries * typo * handle org context corretly in mgmt api * isDefault in policy converter * handle org context correctly in auth api
This commit is contained in:
Livio Amstutz
GitHub
parent
2bd255106a
commit
3cdaa8193d
@ -41,7 +41,7 @@ func (s *Server) SetMyEmail(ctx context.Context, req *auth_pb.SetMyEmailRequest)
|
||||
|
||||
func (s *Server) VerifyMyEmail(ctx context.Context, req *auth_pb.VerifyMyEmailRequest) (*auth_pb.VerifyMyEmailResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
objectDetails, err := s.command.VerifyHumanEmail(ctx, ctxData.UserID, req.Code, ctxData.OrgID)
|
||||
objectDetails, err := s.command.VerifyHumanEmail(ctx, ctxData.UserID, req.Code, ctxData.ResourceOwner)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@ -22,7 +22,7 @@ func (s *Server) ListMyAuthFactors(ctx context.Context, _ *auth_pb.ListMyAuthFac
|
||||
|
||||
func (s *Server) AddMyAuthFactorOTP(ctx context.Context, _ *auth_pb.AddMyAuthFactorOTPRequest) (*auth_pb.AddMyAuthFactorOTPResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
otp, err := s.command.AddHumanOTP(ctx, ctxData.UserID, ctxData.OrgID)
|
||||
otp, err := s.command.AddHumanOTP(ctx, ctxData.UserID, ctxData.ResourceOwner)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -50,7 +50,7 @@ func (s *Server) VerifyMyAuthFactorOTP(ctx context.Context, req *auth_pb.VerifyM
|
||||
|
||||
func (s *Server) RemoveMyAuthFactorOTP(ctx context.Context, _ *auth_pb.RemoveMyAuthFactorOTPRequest) (*auth_pb.RemoveMyAuthFactorOTPResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
objectDetails, err := s.command.HumanRemoveOTP(ctx, ctxData.UserID, ctxData.OrgID)
|
||||
objectDetails, err := s.command.HumanRemoveOTP(ctx, ctxData.UserID, ctxData.ResourceOwner)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -80,7 +80,7 @@ func (s *Server) AddMyAuthFactorU2F(ctx context.Context, _ *auth_pb.AddMyAuthFac
|
||||
|
||||
func (s *Server) VerifyMyAuthFactorU2F(ctx context.Context, req *auth_pb.VerifyMyAuthFactorU2FRequest) (*auth_pb.VerifyMyAuthFactorU2FResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
objectDetails, err := s.command.HumanVerifyU2FSetup(ctx, ctxData.UserID, ctxData.OrgID, req.Verification.TokenName, "", req.Verification.PublicKeyCredential)
|
||||
objectDetails, err := s.command.HumanVerifyU2FSetup(ctx, ctxData.UserID, ctxData.ResourceOwner, req.Verification.TokenName, "", req.Verification.PublicKeyCredential)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@ -10,7 +10,7 @@ import (
|
||||
|
||||
func (s *Server) UpdateMyPassword(ctx context.Context, req *auth_pb.UpdateMyPasswordRequest) (*auth_pb.UpdateMyPasswordResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
objectDetails, err := s.command.ChangePassword(ctx, ctxData.OrgID, ctxData.UserID, req.OldPassword, req.NewPassword, "")
|
||||
objectDetails, err := s.command.ChangePassword(ctx, ctxData.ResourceOwner, ctxData.UserID, req.OldPassword, req.NewPassword, "")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@ -37,7 +37,7 @@ func (s *Server) AddMyPasswordless(ctx context.Context, _ *auth_pb.AddMyPassword
|
||||
|
||||
func (s *Server) VerifyMyPasswordless(ctx context.Context, req *auth_pb.VerifyMyPasswordlessRequest) (*auth_pb.VerifyMyPasswordlessResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
objectDetails, err := s.command.HumanHumanPasswordlessSetup(ctx, ctxData.UserID, ctxData.OrgID, req.Verification.TokenName, "", req.Verification.PublicKeyCredential)
|
||||
objectDetails, err := s.command.HumanHumanPasswordlessSetup(ctx, ctxData.UserID, ctxData.ResourceOwner, req.Verification.TokenName, "", req.Verification.PublicKeyCredential)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@ -41,7 +41,7 @@ func (s *Server) SetMyPhone(ctx context.Context, req *auth_pb.SetMyPhoneRequest)
|
||||
|
||||
func (s *Server) VerifyMyPhone(ctx context.Context, req *auth_pb.VerifyMyPhoneRequest) (*auth_pb.VerifyMyPhoneResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
_, err := s.command.VerifyHumanPhone(ctx, ctxData.UserID, req.Code, ctxData.OrgID)
|
||||
_, err := s.command.VerifyHumanPhone(ctx, ctxData.UserID, req.Code, ctxData.ResourceOwner)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@ -36,16 +36,17 @@ func (s *Server) ListProjects(ctx context.Context, req *mgmt_pb.ListProjectsRequ
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
domains, err := s.project.SearchProjects(ctx, queries)
|
||||
queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID)
|
||||
projects, err := s.project.SearchProjects(ctx, queries)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &mgmt_pb.ListProjectsResponse{
|
||||
Result: project_grpc.ProjectsToPb(domains.Result),
|
||||
Result: project_grpc.ProjectsToPb(projects.Result),
|
||||
Details: object_grpc.ToListDetails(
|
||||
domains.TotalResult,
|
||||
domains.Sequence,
|
||||
domains.Timestamp,
|
||||
projects.TotalResult,
|
||||
projects.Sequence,
|
||||
projects.Timestamp,
|
||||
),
|
||||
}, nil
|
||||
}
|
||||
@ -55,16 +56,17 @@ func (s *Server) ListGrantedProjects(ctx context.Context, req *mgmt_pb.ListGrant
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
domains, err := s.project.SearchGrantedProjects(ctx, queries)
|
||||
queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID)
|
||||
projects, err := s.project.SearchGrantedProjects(ctx, queries)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &mgmt_pb.ListGrantedProjectsResponse{
|
||||
Result: project_grpc.GrantedProjectsToPb(domains.Result),
|
||||
Result: project_grpc.GrantedProjectsToPb(projects.Result),
|
||||
Details: object_grpc.ToListDetails(
|
||||
domains.TotalResult,
|
||||
domains.Sequence,
|
||||
domains.Timestamp,
|
||||
projects.TotalResult,
|
||||
projects.Sequence,
|
||||
projects.Timestamp,
|
||||
),
|
||||
}, nil
|
||||
}
|
||||
@ -82,7 +84,7 @@ func (s *Server) ListProjectChanges(ctx context.Context, req *mgmt_pb.ListProjec
|
||||
|
||||
func (s *Server) AddProject(ctx context.Context, req *mgmt_pb.AddProjectRequest) (*mgmt_pb.AddProjectResponse, error) {
|
||||
ctxData := authz.GetCtxData(ctx)
|
||||
project, err := s.command.AddProject(ctx, ProjectCreateToDomain(req), ctxData.ResourceOwner, ctxData.UserID)
|
||||
project, err := s.command.AddProject(ctx, ProjectCreateToDomain(req), ctxData.OrgID, ctxData.UserID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -97,7 +99,7 @@ func (s *Server) AddProject(ctx context.Context, req *mgmt_pb.AddProjectRequest)
|
||||
}
|
||||
|
||||
func (s *Server) UpdateProject(ctx context.Context, req *mgmt_pb.UpdateProjectRequest) (*mgmt_pb.UpdateProjectResponse, error) {
|
||||
project, err := s.command.ChangeProject(ctx, ProjectUpdateToDomain(req), authz.GetCtxData(ctx).ResourceOwner)
|
||||
project, err := s.command.ChangeProject(ctx, ProjectUpdateToDomain(req), authz.GetCtxData(ctx).OrgID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -111,7 +113,7 @@ func (s *Server) UpdateProject(ctx context.Context, req *mgmt_pb.UpdateProjectRe
|
||||
}
|
||||
|
||||
func (s *Server) DeactivateProject(ctx context.Context, req *mgmt_pb.DeactivateProjectRequest) (*mgmt_pb.DeactivateProjectResponse, error) {
|
||||
details, err := s.command.DeactivateProject(ctx, req.Id, authz.GetCtxData(ctx).ResourceOwner)
|
||||
details, err := s.command.DeactivateProject(ctx, req.Id, authz.GetCtxData(ctx).OrgID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -121,7 +123,7 @@ func (s *Server) DeactivateProject(ctx context.Context, req *mgmt_pb.DeactivateP
|
||||
}
|
||||
|
||||
func (s *Server) ReactivateProject(ctx context.Context, req *mgmt_pb.ReactivateProjectRequest) (*mgmt_pb.ReactivateProjectResponse, error) {
|
||||
details, err := s.command.ReactivateProject(ctx, req.Id, authz.GetCtxData(ctx).ResourceOwner)
|
||||
details, err := s.command.ReactivateProject(ctx, req.Id, authz.GetCtxData(ctx).OrgID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -149,6 +151,7 @@ func (s *Server) ListProjectRoles(ctx context.Context, req *mgmt_pb.ListProjectR
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
queries.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID)
|
||||
roles, err := s.project.SearchProjectRoles(ctx, req.ProjectId, queries)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -219,7 +222,7 @@ func (s *Server) RemoveProjectRole(ctx context.Context, req *mgmt_pb.RemoveProje
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *Server) ListProjectMemberRoles(ctx context.Context, req *mgmt_pb.ListProjectMemberRolesRequest) (*mgmt_pb.ListProjectMemberRolesResponse, error) {
|
||||
func (s *Server) ListProjectMemberRoles(ctx context.Context, _ *mgmt_pb.ListProjectMemberRolesRequest) (*mgmt_pb.ListProjectMemberRolesResponse, error) {
|
||||
roles, err := s.project.GetProjectMemberRoles(ctx)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -232,16 +235,17 @@ func (s *Server) ListProjectMembers(ctx context.Context, req *mgmt_pb.ListProjec
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
domains, err := s.project.SearchProjectMembers(ctx, queries)
|
||||
queries.AppendProjectQuery(req.ProjectId)
|
||||
members, err := s.project.SearchProjectMembers(ctx, queries)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &mgmt_pb.ListProjectMembersResponse{
|
||||
Result: member_grpc.ProjectMembersToPb(domains.Result),
|
||||
Result: member_grpc.ProjectMembersToPb(members.Result),
|
||||
Details: object_grpc.ToListDetails(
|
||||
domains.TotalResult,
|
||||
domains.Sequence,
|
||||
domains.Timestamp,
|
||||
members.TotalResult,
|
||||
members.Sequence,
|
||||
members.Timestamp,
|
||||
),
|
||||
}, nil
|
||||
}
|
||||
|
||||
@ -117,11 +117,6 @@ func ListProjectRolesRequestToModel(req *mgmt_pb.ListProjectRolesRequest) (*proj
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
queries = append(queries, &proj_model.ProjectRoleSearchQuery{
|
||||
Key: proj_model.ProjectRoleSearchKeyProjectID,
|
||||
Method: domain.SearchMethodEquals,
|
||||
Value: req.ProjectId,
|
||||
})
|
||||
return &proj_model.ProjectRoleSearchRequest{
|
||||
Offset: offset,
|
||||
Limit: limit,
|
||||
@ -134,11 +129,6 @@ func ListProjectRolesRequestToModel(req *mgmt_pb.ListProjectRolesRequest) (*proj
|
||||
func ListProjectMembersRequestToModel(req *mgmt_pb.ListProjectMembersRequest) (*proj_model.ProjectMemberSearchRequest, error) {
|
||||
offset, limit, asc := object.ListQueryToModel(req.Query)
|
||||
queries := member_grpc.MemberQueriesToProjectMember(req.Queries)
|
||||
queries = append(queries, &proj_model.ProjectMemberSearchQuery{
|
||||
Key: proj_model.ProjectMemberSearchKeyProjectID,
|
||||
Method: domain.SearchMethodEquals,
|
||||
Value: req.ProjectId,
|
||||
})
|
||||
return &proj_model.ProjectMemberSearchRequest{
|
||||
Offset: offset,
|
||||
Limit: limit,
|
||||
|
||||
@ -25,6 +25,7 @@ func (s *Server) ListProjectGrants(ctx context.Context, req *mgmt_pb.ListProject
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID)
|
||||
domains, err := s.project.SearchProjectGrants(ctx, queries)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
||||
@ -50,11 +50,17 @@ func UpdateProjectGrantRequestToDomain(req *mgmt_pb.UpdateProjectGrantRequest) *
|
||||
func ListProjectGrantMembersRequestToModel(req *mgmt_pb.ListProjectGrantMembersRequest) *proj_model.ProjectGrantMemberSearchRequest {
|
||||
offset, limit, asc := object.ListQueryToModel(req.Query)
|
||||
queries := member_grpc.MemberQueriesToProjectGrantMember(req.Queries)
|
||||
queries = append(queries, &proj_model.ProjectGrantMemberSearchQuery{
|
||||
Key: proj_model.ProjectGrantMemberSearchKeyProjectID,
|
||||
Method: domain.SearchMethodEquals,
|
||||
Value: req.ProjectId,
|
||||
})
|
||||
queries = append(queries,
|
||||
&proj_model.ProjectGrantMemberSearchQuery{
|
||||
Key: proj_model.ProjectGrantMemberSearchKeyProjectID,
|
||||
Method: domain.SearchMethodEquals,
|
||||
Value: req.ProjectId,
|
||||
},
|
||||
&proj_model.ProjectGrantMemberSearchQuery{
|
||||
Key: proj_model.ProjectGrantMemberSearchKeyGrantID,
|
||||
Method: domain.SearchMethodEquals,
|
||||
Value: req.GrantId,
|
||||
})
|
||||
return &proj_model.ProjectGrantMemberSearchRequest{
|
||||
Offset: offset,
|
||||
Limit: limit,
|
||||
|
||||
@ -21,6 +21,7 @@ func (s *Server) GetUserGrantByID(ctx context.Context, req *mgmt_pb.GetUserGrant
|
||||
|
||||
func (s *Server) ListUserGrants(ctx context.Context, req *mgmt_pb.ListUserGrantRequest) (*mgmt_pb.ListUserGrantResponse, error) {
|
||||
r := ListUserGrantsRequestToModel(ctx, req)
|
||||
r.AppendMyOrgQuery(authz.GetCtxData(ctx).OrgID)
|
||||
res, err := s.usergrant.SearchUserGrants(ctx, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
||||
@ -8,6 +8,7 @@ import (
|
||||
|
||||
func ModelLabelPolicyToPb(policy *model.LabelPolicyView) *policy_pb.LabelPolicy {
|
||||
return &policy_pb.LabelPolicy{
|
||||
IsDefault: policy.Default,
|
||||
PrimaryColor: policy.PrimaryColor,
|
||||
SecondaryColor: policy.SecondaryColor,
|
||||
Details: object.ToViewDetailsPb(
|
||||
|
||||
@ -8,6 +8,7 @@ import (
|
||||
|
||||
func ModelLoginPolicyToPb(policy *model.LoginPolicyView) *policy_pb.LoginPolicy {
|
||||
return &policy_pb.LoginPolicy{
|
||||
IsDefault: policy.Default,
|
||||
AllowUsernamePassword: policy.AllowUsernamePassword,
|
||||
AllowRegister: policy.AllowRegister,
|
||||
AllowExternalIdp: policy.AllowRegister,
|
||||
|
||||
@ -8,6 +8,7 @@ import (
|
||||
|
||||
func ModelPasswordAgePolicyToPb(policy *model.PasswordAgePolicyView) *policy_pb.PasswordAgePolicy {
|
||||
return &policy_pb.PasswordAgePolicy{
|
||||
IsDefault: policy.Default,
|
||||
MaxAgeDays: policy.MaxAgeDays,
|
||||
ExpireWarnDays: policy.ExpireWarnDays,
|
||||
Details: object.ToViewDetailsPb(
|
||||
|
||||
@ -8,6 +8,7 @@ import (
|
||||
|
||||
func ModelPasswordComplexityPolicyToPb(policy *model.PasswordComplexityPolicyView) *policy_pb.PasswordComplexityPolicy {
|
||||
return &policy_pb.PasswordComplexityPolicy{
|
||||
IsDefault: policy.Default,
|
||||
MinLength: policy.MinLength,
|
||||
HasUppercase: policy.HasUppercase,
|
||||
HasLowercase: policy.HasLowercase,
|
||||
|
||||
@ -8,6 +8,7 @@ import (
|
||||
|
||||
func ModelPasswordLockoutPolicyToPb(policy *model.PasswordLockoutPolicyView) *policy_pb.PasswordLockoutPolicy {
|
||||
return &policy_pb.PasswordLockoutPolicy{
|
||||
IsDefault: policy.Default,
|
||||
MaxAttempts: policy.MaxAttempts,
|
||||
ShowLockoutFailure: policy.ShowLockOutFailures,
|
||||
Details: object.ToViewDetailsPb(
|
||||
|
||||
@ -170,7 +170,7 @@ Errors:
|
||||
Invalid: Project is invalid
|
||||
NotActive: Project is not active
|
||||
NotInactive: Project is not deactivated
|
||||
NotFound: Porject not found
|
||||
NotFound: Project not found
|
||||
UserIDMissing: User ID missing
|
||||
Member:
|
||||
NotFound: Project member not found
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user