feat: enable iframe use (#4766)

* feat: enable iframe use * cleanup * fix mocks * fix linting * docs: add iframe usage to solution scenarios configurations * improve api * feat(console): security policy * description * remove unnecessary line * disable input button and urls when not enabled * add image to docs Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2025-08-12 04:57:33 +00:00 · 2022-12-14 07:17:36 +01:00
parent 33e973f015
commit 632639ae7f
40 changed files with 1151 additions and 45 deletions
--- a/internal/api/grpc/admin/iam_settings.go
+++ b/internal/api/grpc/admin/iam_settings.go
@@ -106,3 +106,23 @@ func (s *Server) UpdateSMTPConfigPassword(ctx context.Context, req *admin_pb.Upd
 			details.ResourceOwner),
 	}, nil
 }
+
+func (s *Server) GetSecurityPolicy(ctx context.Context, req *admin_pb.GetSecurityPolicyRequest) (*admin_pb.GetSecurityPolicyResponse, error) {
+	policy, err := s.query.SecurityPolicy(ctx)
+	if err != nil {
+		return nil, err
+	}
+	return &admin_pb.GetSecurityPolicyResponse{
+		Policy: SecurityPolicyToPb(policy),
+	}, nil
+}
+
+func (s *Server) SetSecurityPolicy(ctx context.Context, req *admin_pb.SetSecurityPolicyRequest) (*admin_pb.SetSecurityPolicyResponse, error) {
+	details, err := s.command.SetSecurityPolicy(ctx, req.EnableIframeEmbedding, req.AllowedOrigins)
+	if err != nil {
+		return nil, err
+	}
+	return &admin_pb.SetSecurityPolicyResponse{
+		Details: object.DomainToChangeDetailsPb(details),
+	}, nil
+}
--- a/internal/api/grpc/admin/iam_settings_converter.go
+++ b/internal/api/grpc/admin/iam_settings_converter.go
@@ -149,3 +149,11 @@ func SMTPConfigToPb(smtp *query.SMTPConfig) *settings_pb.SMTPConfig {
 	}
 	return mapped
 }
+
+func SecurityPolicyToPb(policy *query.SecurityPolicy) *settings_pb.SecurityPolicy {
+	return &settings_pb.SecurityPolicy{
+		Details:               obj_grpc.ToViewDetailsPb(policy.Sequence, policy.CreationDate, policy.ChangeDate, policy.AggregateID),
+		EnableIframeEmbedding: policy.Enabled,
+		AllowedOrigins:        policy.AllowedOrigins,
+	}
+}
--- a/internal/api/grpc/server/middleware/instance_interceptor_test.go
+++ b/internal/api/grpc/server/middleware/instance_interceptor_test.go
@@ -193,3 +193,7 @@ func (m *mockInstance) RequestedDomain() string {
 func (m *mockInstance) RequestedHost() string {
 	return "localhost:8080"
 }
+
+func (m *mockInstance) SecurityPolicyAllowedOrigins() []string {
+	return nil
+}