feat: enable iframe use (#4766)

* feat: enable iframe use * cleanup * fix mocks * fix linting * docs: add iframe usage to solution scenarios configurations * improve api * feat(console): security policy * description * remove unnecessary line * disable input button and urls when not enabled * add image to docs Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2025-08-11 21:37:32 +00:00 · 2022-12-14 07:17:36 +01:00
parent 33e973f015
commit 632639ae7f
40 changed files with 1151 additions and 45 deletions
--- a/internal/repository/instance/eventstore.go
+++ b/internal/repository/instance/eventstore.go
@@ -30,6 +30,7 @@ func RegisterEventMappers(es *eventstore.Eventstore) {
 		RegisterFilterEventMapper(DebugNotificationProviderLogRemovedEventType, DebugNotificationProviderLogRemovedEventMapper).
 		RegisterFilterEventMapper(OIDCSettingsAddedEventType, OIDCSettingsAddedEventMapper).
 		RegisterFilterEventMapper(OIDCSettingsChangedEventType, OIDCSettingsChangedEventMapper).
+		RegisterFilterEventMapper(SecurityPolicySetEventType, SecurityPolicySetEventMapper).
 		RegisterFilterEventMapper(LabelPolicyAddedEventType, LabelPolicyAddedEventMapper).
 		RegisterFilterEventMapper(LabelPolicyChangedEventType, LabelPolicyChangedEventMapper).
 		RegisterFilterEventMapper(LabelPolicyActivatedEventType, LabelPolicyActivatedEventMapper).
--- a/internal/repository/instance/policy_security.go
+++ b/internal/repository/instance/policy_security.go
@@ -0,0 +1,80 @@
+package instance
+
+import (
+	"context"
+	"encoding/json"
+
+	"github.com/zitadel/zitadel/internal/errors"
+	"github.com/zitadel/zitadel/internal/eventstore"
+	"github.com/zitadel/zitadel/internal/eventstore/repository"
+)
+
+const (
+	securityPolicyPrefix       = "policy.security."
+	SecurityPolicySetEventType = instanceEventTypePrefix + securityPolicyPrefix + "set"
+)
+
+type SecurityPolicySetEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	Enabled        *bool     `json:"enabled,omitempty"`
+	AllowedOrigins *[]string `json:"allowedOrigins,omitempty"`
+}
+
+func NewSecurityPolicySetEvent(
+	ctx context.Context,
+	aggregate *eventstore.Aggregate,
+	changes []SecurityPolicyChanges,
+) (*SecurityPolicySetEvent, error) {
+	if len(changes) == 0 {
+		return nil, errors.ThrowPreconditionFailed(nil, "POLICY-EWsf3", "Errors.NoChangesFound")
+	}
+	event := &SecurityPolicySetEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			aggregate,
+			SecurityPolicySetEventType,
+		),
+	}
+	for _, change := range changes {
+		change(event)
+	}
+	return event, nil
+}
+
+type SecurityPolicyChanges func(event *SecurityPolicySetEvent)
+
+func ChangeSecurityPolicyEnabled(enabled bool) func(event *SecurityPolicySetEvent) {
+	return func(e *SecurityPolicySetEvent) {
+		e.Enabled = &enabled
+	}
+}
+
+func ChangeSecurityPolicyAllowedOrigins(allowedOrigins []string) func(event *SecurityPolicySetEvent) {
+	return func(e *SecurityPolicySetEvent) {
+		if len(allowedOrigins) == 0 {
+			allowedOrigins = []string{}
+		}
+		e.AllowedOrigins = &allowedOrigins
+	}
+}
+
+func (e *SecurityPolicySetEvent) Data() interface{} {
+	return e
+}
+
+func (e *SecurityPolicySetEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
+	return nil
+}
+
+func SecurityPolicySetEventMapper(event *repository.Event) (eventstore.Event, error) {
+	securityPolicyAdded := &SecurityPolicySetEvent{
+		BaseEvent: *eventstore.BaseEventFromRepo(event),
+	}
+	err := json.Unmarshal(event.Data, securityPolicyAdded)
+	if err != nil {
+		return nil, errors.ThrowInternal(err, "IAM-soiwj", "unable to unmarshal oidc config added")
+	}
+
+	return securityPolicyAdded, nil
+}