feat: allow global org users to create org and self delete (#2759)

* fix: grant PROJECT_OWNER_VIEWER_GLOBAL org.create permission * Update authz.yaml * feat: delete my user * console things * lint * signout after deletion * stylelint rule * Update authz.yaml * Update authz.yaml * setup step * role SELF_MANAGEMENT_GLOBAL setup * fix: change default role on global org * Apply suggestions from code review Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * Update console/src/assets/i18n/it.json Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2025-08-11 19:17:32 +00:00 · 2021-12-09 09:41:21 +01:00
parent 7ea93bd5b6
commit 43f15953c3
23 changed files with 349 additions and 62 deletions
--- a/proto/zitadel/auth.proto
+++ b/proto/zitadel/auth.proto
@@ -83,6 +83,17 @@ service AuthService {
        };
    }

+    // Changes the user state to deleted
+    rpc RemoveMyUser(RemoveMyUserRequest) returns (RemoveMyUserResponse) {
+        option (google.api.http) = {
+            delete: "/users/me"
+        };
+
+        option (zitadel.v1.auth_option) = {
+            permission: "user.self.delete"
+        };
+    }
+
    // Returns the history of the authorized user (each event)
    rpc ListMyUserChanges(ListMyUserChangesRequest) returns (ListMyUserChangesResponse) {
        option (google.api.http) = {
@@ -614,6 +625,14 @@ message GetMyUserResponse {
    ];
 }

+//This is an empty request
+// the request parameters are read from the token-header
+message RemoveMyUserRequest {}
+
+message RemoveMyUserResponse{
+    zitadel.v1.ObjectDetails details = 1;
+}
+
 message ListMyUserChangesRequest {
    zitadel.change.v1.ChangeQuery query = 1;
 }