TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 02:54:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: only remove idp links from users of own organisation (#5156)

Browse Source 
ensure linked users of the (instance) idp are only affected if they are part of the organisation where the idp is removed from the login policy
This commit is contained in:
Livio Spring 2023-02-03 08:56:19 +01:00 committed by GitHub
parent 1fa50c8074
commit 44a995c660
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
internal/api/grpc/management/policy_login.go
View File

@ -93,17 +93,22 @@ func (s *Server) AddIDPToLoginPolicy(ctx context.Context, req *mgmt_pb.AddIDPToL
}
func (s *Server) RemoveIDPFromLoginPolicy(ctx context.Context, req *mgmt_pb.RemoveIDPFromLoginPolicyRequest) (*mgmt_pb.RemoveIDPFromLoginPolicyResponse, error) {
orgID := authz.GetCtxData(ctx).OrgID
idpQuery, err := query.NewIDPUserLinkIDPIDSearchQuery(req.IdpId)
if err != nil {
return nil, err
}
resourceOwnerQuery, err := query.NewIDPUserLinksResourceOwnerSearchQuery(orgID)
if err != nil {
return nil, err
}
userLinks, err := s.query.IDPUserLinks(ctx, &query.IDPUserLinksSearchQuery{
Queries: []query.SearchQuery{idpQuery},
Queries: []query.SearchQuery{idpQuery, resourceOwnerQuery},
}, false)
if err != nil {
return nil, err
}
objectDetails, err := s.command.RemoveIDPFromLoginPolicy(ctx, authz.GetCtxData(ctx).OrgID, &domain.IDPProvider{IDPConfigID: req.IdpId}, user.ExternalIDPViewsToExternalIDPs(userLinks.Links)...)
objectDetails, err := s.command.RemoveIDPFromLoginPolicy(ctx, orgID, &domain.IDPProvider{IDPConfigID: req.IdpId}, user.ExternalIDPViewsToExternalIDPs(userLinks.Links)...)
if err != nil {
return nil, err
}