feat: project view (#90)

* init for views (spooler, handler)

* init for views (spooler, handler)

* start view in management

* granted project

* implement granted project view

* search granted projects

* fix search column

* update all projects on project change

* search roles

* filter org

* project members

* project grant members

* fix tests

* application view

* project grant search

* mock

* test appendevents

* test appendevents

* Update internal/view/query.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/eventstore/spooler/spooler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/view/query.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* merge request changes

* Update internal/project/repository/view/model/application.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* merge request changes

* Project view sql (#92)

* sql and configs

* error handling

* sql start in eventstore

* on error handling, config

* read user on members

* Update internal/project/repository/view/application_view.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_grant_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_grant_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_grant_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/granted_project.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* return caos errors

* Update internal/project/repository/view/model/granted_project_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_grant_member.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_grant_member_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_member.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_member_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_role.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_role_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/application_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/application_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* converter fix

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>

cmd/zitadel/startup.yaml

@@ -18,6 +18,7 @@ Mgmt:
       CustomHeaders:
         - x-zitadel-
   Repository:
+    SearchLimit: 100
     Eventstore:
       ServiceName: 'ManagementAPI'
       Repository:
@@ -31,6 +32,16 @@ Mgmt:
         Type: 'fastcache'
         Config:
           MaxCacheSizeInByte: 10485760 #10mb
+    View:
+      Host: $ZITADEL_EVENTSTORE_HOST
+      Port: $ZITADEL_EVENTSTORE_PORT
+      User: 'management'
+      Database: 'management'
+      SSLmode: disable
+    Spooler:
+      ConcurrentTasks: 4
+      BulkLimit: 100
+      FailureCountUntilSkip: 5
 
 Auth:
   API:

internal/config/types/sql.go

@@ -1,6 +1,11 @@
 package types
 
-import "strings"
+import (
+	"database/sql"
+	"strings"
+
+	"github.com/caos/zitadel/internal/errors"
+)
 
 type SQL struct {
 	Host     string
@@ -11,15 +16,23 @@ type SQL struct {
 	SSLmode  string
 }
 
-func (sql *SQL) ConnectionString() string {
+func (s *SQL) ConnectionString() string {
 	fields := []string{
-		"host=" + sql.Host,
-		"port=" + sql.Port,
-		"user=" + sql.User,
-		"password=" + sql.Password,
-		"dbname=" + sql.Database,
-		"sslmode=" + sql.SSLmode,
+		"host=" + s.Host,
+		"port=" + s.Port,
+		"user=" + s.User,
+		"password=" + s.Password,
+		"dbname=" + s.Database,
+		"sslmode=" + s.SSLmode,
 	}
 
 	return strings.Join(fields, " ")
 }
+
+func (s *SQL) Start() (*sql.DB, error) {
+	client, err := sql.Open("postgres", s.ConnectionString())
+	if err != nil {
+		return nil, errors.ThrowPreconditionFailed(err, "TYPES-9qBtr", "unable to open database connection")
+	}
+	return client, nil
+}

internal/eventstore/internal/repository/sql/config.go

@@ -1,12 +1,10 @@
 package sql
 
 import (
-	// postgres dialect
-	"database/sql"
+	_ "github.com/lib/pq"
 
 	"github.com/caos/zitadel/internal/config/types"
 	"github.com/caos/zitadel/internal/errors"
-	_ "github.com/lib/pq"
 )
 
 type Config struct {
@@ -14,7 +12,7 @@ type Config struct {
 }
 
 func Start(conf Config) (*SQL, error) {
-	client, err := sql.Open("postgres", conf.SQL.ConnectionString())
+	client, err := conf.SQL.Start()
 	if err != nil {
 		return nil, errors.ThrowPreconditionFailed(err, "SQL-9qBtr", "unable to open database connection")
 	}

internal/eventstore/models/object.go

@@ -5,10 +5,11 @@ import (
 )
 
 type ObjectRoot struct {
-	AggregateID  string    `json:"-"`
-	Sequence     uint64    `json:"-"`
-	CreationDate time.Time `json:"-"`
-	ChangeDate   time.Time `json:"-"`
+	AggregateID   string    `json:"-"`
+	Sequence      uint64    `json:"-"`
+	ResourceOwner string    `json:"-"`
+	CreationDate  time.Time `json:"-"`
+	ChangeDate    time.Time `json:"-"`
 }
 
 func (o *ObjectRoot) AppendEvent(event *Event) {
@@ -22,6 +23,7 @@ func (o *ObjectRoot) AppendEvent(event *Event) {
 	}
 
 	o.Sequence = event.Sequence
+	o.ResourceOwner = event.ResourceOwner
 }
 func (o *ObjectRoot) IsZero() bool {
 	return o.AggregateID == ""

internal/eventstore/query/handler.go

@@ -8,4 +8,5 @@ type Handler interface {
 	ViewModel() string
 	EventQuery() (*models.SearchQuery, error)
 	Process(*models.Event) error
+	OnError(event *models.Event, err error) error
 }

internal/eventstore/spooler/spooler.go

@@ -6,6 +6,8 @@ import (
 	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/eventstore/models"
 	"github.com/caos/zitadel/internal/eventstore/query"
+	global_view "github.com/caos/zitadel/internal/view"
+
 	"time"
 )
 
@@ -94,13 +96,33 @@ func (s *spooledHandler) process(ctx context.Context, events []*models.Event) er
 			return nil
 		default:
 			if err := s.Process(event); err != nil {
-				return err
+				return s.OnError(event, err)
 			}
 		}
 	}
 	return nil
 }
 
+func HandleError(event *models.Event,
+	latestFailedEvent func(sequence uint64) (*global_view.FailedEvent, error),
+	processFailedEvent func(*global_view.FailedEvent) error,
+	processSequence func(uint64) error, errorCountUntilSkip uint64) error {
+	failedEvent, err := latestFailedEvent(event.Sequence)
+	if err != nil {
+		return err
+	}
+	failedEvent.FailureCount++
+	failedEvent.ErrMsg = err.Error()
+	err = processFailedEvent(failedEvent)
+	if err != nil {
+		return err
+	}
+	if errorCountUntilSkip == failedEvent.FailureCount {
+		return processSequence(event.Sequence)
+	}
+	return nil
+}
+
 func (s *spooledHandler) query(ctx context.Context) ([]*models.Event, error) {
 	query, err := s.EventQuery()
 	if err != nil {

internal/eventstore/spooler/spooler_test.go

@@ -30,6 +30,9 @@ func (h *testHandler) Process(*models.Event) error {
 	<-time.After(h.processSleep)
 	return h.processError
 }
+func (h *testHandler) OnError(event *models.Event, err error) error {
+	return err
+}
 func (h *testHandler) MinimumCycleDuration() time.Duration { return h.cycleDuration }
 
 type eventstoreStub struct {

internal/management/repository/eventsourcing/eventstore/project.go

@@ -1,15 +1,18 @@
-package eventsourcing
+package eventstore
 
 import (
 	"context"
+	"github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
 
 	proj_model "github.com/caos/zitadel/internal/project/model"
 	proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
 )
 
 type ProjectRepo struct {
+	SearchLimit   uint64
 	ProjectEvents *proj_event.ProjectEventstore
-	//view      *view.View
+	View          *view.View
 }
 
 func (repo *ProjectRepo) ProjectByID(ctx context.Context, id string) (project *proj_model.Project, err error) {
@@ -33,6 +36,20 @@ func (repo *ProjectRepo) ReactivateProject(ctx context.Context, id string) (*pro
 	return repo.ProjectEvents.ReactivateProject(ctx, id)
 }
 
+func (repo *ProjectRepo) SearchGrantedProjects(ctx context.Context, request *proj_model.GrantedProjectSearchRequest) (*proj_model.GrantedProjectSearchResponse, error) {
+	request.EnsureLimit(repo.SearchLimit)
+	projects, count, err := repo.View.SearchGrantedProjects(request)
+	if err != nil {
+		return nil, err
+	}
+	return &proj_model.GrantedProjectSearchResponse{
+		Offset:      request.Offset,
+		Limit:       request.Limit,
+		TotalResult: uint64(count),
+		Result:      model.GrantedProjectsToModel(projects),
+	}, nil
+}
+
 func (repo *ProjectRepo) ProjectMemberByID(ctx context.Context, projectID, userID string) (member *proj_model.ProjectMember, err error) {
 	member = proj_model.NewProjectMember(projectID, userID)
 	return repo.ProjectEvents.ProjectMemberByIDs(ctx, member)
@@ -51,6 +68,20 @@ func (repo *ProjectRepo) RemoveProjectMember(ctx context.Context, projectID, use
 	return repo.ProjectEvents.RemoveProjectMember(ctx, member)
 }
 
+func (repo *ProjectRepo) SearchProjectMembers(ctx context.Context, request *proj_model.ProjectMemberSearchRequest) (*proj_model.ProjectMemberSearchResponse, error) {
+	request.EnsureLimit(repo.SearchLimit)
+	members, count, err := repo.View.SearchProjectMembers(request)
+	if err != nil {
+		return nil, err
+	}
+	return &proj_model.ProjectMemberSearchResponse{
+		Offset:      request.Offset,
+		Limit:       request.Limit,
+		TotalResult: uint64(count),
+		Result:      model.ProjectMembersToModel(members),
+	}, nil
+}
+
 func (repo *ProjectRepo) AddProjectRole(ctx context.Context, member *proj_model.ProjectRole) (*proj_model.ProjectRole, error) {
 	return repo.ProjectEvents.AddProjectRole(ctx, member)
 }
@@ -64,6 +95,20 @@ func (repo *ProjectRepo) RemoveProjectRole(ctx context.Context, projectID, key s
 	return repo.ProjectEvents.RemoveProjectRole(ctx, member)
 }
 
+func (repo *ProjectRepo) SearchProjectRoles(ctx context.Context, request *proj_model.ProjectRoleSearchRequest) (*proj_model.ProjectRoleSearchResponse, error) {
+	request.EnsureLimit(repo.SearchLimit)
+	roles, count, err := repo.View.SearchProjectRoles(request)
+	if err != nil {
+		return nil, err
+	}
+	return &proj_model.ProjectRoleSearchResponse{
+		Offset:      request.Offset,
+		Limit:       request.Limit,
+		TotalResult: uint64(count),
+		Result:      model.ProjectRolesToModel(roles),
+	}, nil
+}
+
 func (repo *ProjectRepo) ApplicationByID(ctx context.Context, projectID, appID string) (app *proj_model.Application, err error) {
 	return repo.ProjectEvents.ApplicationByIDs(ctx, projectID, appID)
 }
@@ -89,6 +134,20 @@ func (repo *ProjectRepo) RemoveApplication(ctx context.Context, projectID, appID
 	return repo.ProjectEvents.RemoveApplication(ctx, app)
 }
 
+func (repo *ProjectRepo) SearchApplications(ctx context.Context, request *proj_model.ApplicationSearchRequest) (*proj_model.ApplicationSearchResponse, error) {
+	request.EnsureLimit(repo.SearchLimit)
+	apps, count, err := repo.View.SearchApplications(request)
+	if err != nil {
+		return nil, err
+	}
+	return &proj_model.ApplicationSearchResponse{
+		Offset:      request.Offset,
+		Limit:       request.Limit,
+		TotalResult: uint64(count),
+		Result:      model.ApplicationViewsToModel(apps),
+	}, nil
+}
+
 func (repo *ProjectRepo) ChangeOIDCConfig(ctx context.Context, config *proj_model.OIDCConfig) (*proj_model.OIDCConfig, error) {
 	return repo.ProjectEvents.ChangeOIDCConfig(ctx, config)
 }
@@ -139,3 +198,17 @@ func (repo *ProjectRepo) RemoveProjectGrantMember(ctx context.Context, projectID
 	member := proj_model.NewProjectGrantMember(projectID, grantID, userID)
 	return repo.ProjectEvents.RemoveProjectGrantMember(ctx, member)
 }
+
+func (repo *ProjectRepo) SearchProjectGrantMembers(ctx context.Context, request *proj_model.ProjectGrantMemberSearchRequest) (*proj_model.ProjectGrantMemberSearchResponse, error) {
+	request.EnsureLimit(repo.SearchLimit)
+	members, count, err := repo.View.SearchProjectGrantMembers(request)
+	if err != nil {
+		return nil, err
+	}
+	return &proj_model.ProjectGrantMemberSearchResponse{
+		Offset:      request.Offset,
+		Limit:       request.Limit,
+		TotalResult: uint64(count),
+		Result:      model.ProjectGrantMembersToModel(members),
+	}, nil
+}

internal/management/repository/eventsourcing/eventstore/user.go

@@ -1,4 +1,4 @@
-package eventsourcing
+package eventstore
 
 import (
 	"context"

internal/management/repository/eventsourcing/eventstore/user_grant.go

@@ -1,4 +1,4 @@
-package eventsourcing
+package eventstore
 
 import (
 	"context"

internal/management/repository/eventsourcing/handler/application.go

@@ -0,0 +1,74 @@
+package handler
+
+import (
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/eventstore/spooler"
+	"github.com/caos/zitadel/internal/project/repository/eventsourcing"
+	proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	view_model "github.com/caos/zitadel/internal/project/repository/view/model"
+	"time"
+)
+
+type Application struct {
+	handler
+	projectEvents *proj_event.ProjectEventstore
+}
+
+const (
+	applicationTable = "management.applications"
+)
+
+func (p *Application) MinimumCycleDuration() time.Duration { return p.cycleDuration }
+
+func (p *Application) ViewModel() string {
+	return applicationTable
+}
+
+func (p *Application) EventQuery() (*models.SearchQuery, error) {
+	sequence, err := p.view.GetLatestApplicationSequence()
+	if err != nil {
+		return nil, err
+	}
+	return eventsourcing.ProjectQuery(sequence), nil
+}
+
+func (p *Application) Process(event *models.Event) (err error) {
+	app := new(view_model.ApplicationView)
+	switch event.Type {
+	case es_model.ApplicationAdded:
+		app.AppendEvent(event)
+	case es_model.ApplicationChanged,
+		es_model.OIDCConfigAdded,
+		es_model.OIDCConfigChanged,
+		es_model.ApplicationDeactivated,
+		es_model.ApplicationReactivated:
+		err := app.SetData(event)
+		if err != nil {
+			return err
+		}
+		app, err = p.view.ApplicationByID(app.ID)
+		if err != nil {
+			return err
+		}
+		app.AppendEvent(event)
+	case es_model.ApplicationRemoved:
+		err := app.SetData(event)
+		if err != nil {
+			return err
+		}
+		return p.view.DeleteApplication(app.ID, event.Sequence)
+	default:
+		return p.view.ProcessedApplicationSequence(event.Sequence)
+	}
+	if err != nil {
+		return err
+	}
+	return p.view.PutApplication(app)
+}
+
+func (p *Application) OnError(event *models.Event, soolerError error) error {
+	logging.LogWithFields("SPOOL-ls9ew", "id", event.AggregateID).WithError(soolerError).Warn("something went wrong in project app handler")
+	return spooler.HandleError(event, p.view.GetLatestApplicationFailedEvent, p.view.ProcessedApplicationFailedEvent, p.view.ProcessedApplicationSequence, p.errorCountUntilSkip)
+}

internal/management/repository/eventsourcing/handler/granted_project.go

@@ -0,0 +1,125 @@
+package handler
+
+import (
+	"context"
+	"time"
+
+	"github.com/caos/logging"
+
+	"github.com/caos/zitadel/internal/eventstore"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/eventstore/spooler"
+	"github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/eventsourcing"
+	proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	view_model "github.com/caos/zitadel/internal/project/repository/view/model"
+)
+
+type GrantedProject struct {
+	handler
+	eventstore    eventstore.Eventstore
+	projectEvents *proj_event.ProjectEventstore
+}
+
+const (
+	grantedProjectTable = "management.granted_projects"
+)
+
+func (p *GrantedProject) MinimumCycleDuration() time.Duration { return p.cycleDuration }
+
+func (p *GrantedProject) ViewModel() string {
+	return grantedProjectTable
+}
+
+func (p *GrantedProject) EventQuery() (*models.SearchQuery, error) {
+	sequence, err := p.view.GetLatestGrantedProjectSequence()
+	if err != nil {
+		return nil, err
+	}
+	return eventsourcing.ProjectQuery(sequence), nil
+}
+
+func (p *GrantedProject) Process(event *models.Event) (err error) {
+	grantedProject := new(view_model.GrantedProjectView)
+	switch event.Type {
+	case es_model.ProjectAdded:
+		grantedProject.AppendEvent(event)
+	case es_model.ProjectChanged:
+		grantedProject, err = p.view.GrantedProjectByIDs(event.AggregateID, event.ResourceOwner)
+		if err != nil {
+			return err
+		}
+		err = grantedProject.AppendEvent(event)
+		if err != nil {
+			return err
+		}
+		p.updateExistingProjects(grantedProject)
+	case es_model.ProjectDeactivated, es_model.ProjectReactivated:
+		grantedProject, err = p.view.GrantedProjectByIDs(event.AggregateID, event.ResourceOwner)
+		if err != nil {
+			return err
+		}
+		err = grantedProject.AppendEvent(event)
+	case es_model.ProjectGrantAdded:
+		err = grantedProject.AppendEvent(event)
+		if err != nil {
+			return err
+		}
+		project, err := p.getProject(grantedProject.ProjectID)
+		if err != nil {
+			return err
+		}
+		grantedProject.Name = project.Name
+		//TODO: read org
+	case es_model.ProjectGrantChanged:
+		grant := new(view_model.ProjectGrant)
+		err := grant.SetData(event)
+		if err != nil {
+			return err
+		}
+		grantedProject, err = p.view.GrantedProjectByIDs(event.AggregateID, grant.GrantedOrgID)
+		if err != nil {
+			return err
+		}
+		err = grantedProject.AppendEvent(event)
+	case es_model.ProjectGrantRemoved:
+		grant := new(view_model.ProjectGrant)
+		err := grant.SetData(event)
+		if err != nil {
+			return err
+		}
+		return p.view.DeleteGrantedProject(event.AggregateID, grant.GrantedOrgID, event.Sequence)
+	default:
+		return p.view.ProcessedGrantedProjectSequence(event.Sequence)
+	}
+	if err != nil {
+		return err
+	}
+	return p.view.PutGrantedProject(grantedProject)
+}
+
+func (p *GrantedProject) getOrg(orgID string) {
+	//TODO: Get Org
+}
+
+func (p *GrantedProject) getProject(projectID string) (*model.Project, error) {
+	return p.projectEvents.ProjectByID(context.Background(), projectID)
+}
+
+func (p *GrantedProject) updateExistingProjects(project *view_model.GrantedProjectView) {
+	projects, err := p.view.GrantedProjectsByID(project.ProjectID)
+	if err != nil {
+		logging.LogWithFields("SPOOL-los03", "id", project.ProjectID).WithError(err).Warn("could not update existing projects")
+	}
+	for _, existing := range projects {
+		existing.Name = project.Name
+		err := p.view.PutGrantedProject(existing)
+		logging.LogWithFields("SPOOL-sjwi3", "id", existing.ProjectID).WithError(err).Warn("could not update existing project")
+	}
+}
+
+func (p *GrantedProject) OnError(event *models.Event, err error) error {
+	logging.LogWithFields("SPOOL-is8wa", "id", event.AggregateID).WithError(err).Warn("something went wrong in granted projecthandler")
+	return spooler.HandleError(event, p.view.GetLatestGrantedProjectFailedEvent, p.view.ProcessedGrantedProjectFailedEvent, p.view.ProcessedGrantedProjectSequence, p.errorCountUntilSkip)
+}

internal/management/repository/eventsourcing/handler/handler.go

@@ -0,0 +1,44 @@
+package handler
+
+import (
+	"github.com/caos/zitadel/internal/eventstore"
+	"github.com/caos/zitadel/internal/eventstore/spooler"
+	"github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
+	proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
+	"time"
+)
+
+type Configs map[string]*Config
+
+type Config struct {
+	MinimumCycleDurationMillisecond int
+}
+
+type handler struct {
+	view                *view.View
+	bulkLimit           uint64
+	cycleDuration       time.Duration
+	errorCountUntilSkip uint64
+}
+
+type EventstoreRepos struct {
+	ProjectEvents *proj_event.ProjectEventstore
+}
+
+func Register(configs Configs, bulkLimit, errorCount uint64, view *view.View, eventstore eventstore.Eventstore, repos EventstoreRepos) []spooler.Handler {
+	return []spooler.Handler{
+		&GrantedProject{handler: handler{view, bulkLimit, configs.cycleDuration("GrantedProject"), errorCount}, eventstore: eventstore, projectEvents: repos.ProjectEvents},
+		&ProjectRole{handler: handler{view, bulkLimit, configs.cycleDuration("ProjectRole"), errorCount}, projectEvents: repos.ProjectEvents},
+		&ProjectMember{handler: handler{view, bulkLimit, configs.cycleDuration("ProjectMember"), errorCount}},
+		&ProjectGrantMember{handler: handler{view, bulkLimit, configs.cycleDuration("ProjectGrantMember"), errorCount}},
+		&Application{handler: handler{view, bulkLimit, configs.cycleDuration("Application"), errorCount}},
+	}
+}
+
+func (configs Configs) cycleDuration(viewModel string) time.Duration {
+	c, ok := configs[viewModel]
+	if !ok {
+		return 1 * time.Second
+	}
+	return time.Duration(c.MinimumCycleDurationMillisecond) * time.Millisecond
+}

internal/management/repository/eventsourcing/handler/project_grant_member.go

@@ -0,0 +1,127 @@
+package handler
+
+import (
+	"context"
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/eventstore/spooler"
+	proj_es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	view_model "github.com/caos/zitadel/internal/project/repository/view/model"
+	usr_model "github.com/caos/zitadel/internal/user/model"
+	usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
+	usr_es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
+	"time"
+)
+
+type ProjectGrantMember struct {
+	handler
+	userEvents *usr_event.UserEventstore
+}
+
+const (
+	projectGrantMemberTable = "management.project_grant_members"
+)
+
+func (p *ProjectGrantMember) MinimumCycleDuration() time.Duration { return p.cycleDuration }
+
+func (p *ProjectGrantMember) ViewModel() string {
+	return projectGrantMemberTable
+}
+
+func (p *ProjectGrantMember) EventQuery() (*models.SearchQuery, error) {
+	sequence, err := p.view.GetLatestProjectMemberSequence()
+	if err != nil {
+		return nil, err
+	}
+	return es_models.NewSearchQuery().
+		AggregateTypeFilter(proj_es_model.ProjectAggregate, usr_es_model.UserAggregate).
+		LatestSequenceFilter(sequence), nil
+}
+
+func (p *ProjectGrantMember) Process(event *models.Event) (err error) {
+	switch event.AggregateType {
+	case proj_es_model.ProjectAggregate:
+		err = p.processProjectGrantMember(event)
+	case usr_es_model.UserAggregate:
+		err = p.processUser(event)
+	}
+	return err
+}
+
+func (p *ProjectGrantMember) processProjectGrantMember(event *models.Event) (err error) {
+	member := new(view_model.ProjectGrantMemberView)
+	switch event.Type {
+	case proj_es_model.ProjectGrantMemberAdded:
+		member.AppendEvent(event)
+		p.fillData(member)
+	case proj_es_model.ProjectGrantMemberChanged:
+		err := member.SetData(event)
+		if err != nil {
+			return err
+		}
+		member, err = p.view.ProjectGrantMemberByIDs(member.GrantID, member.UserID)
+		if err != nil {
+			return err
+		}
+		member.AppendEvent(event)
+	case proj_es_model.ProjectGrantMemberRemoved:
+		err := member.SetData(event)
+		if err != nil {
+			return err
+		}
+		return p.view.DeleteProjectGrantMember(event.AggregateID, member.UserID, event.Sequence)
+	default:
+		return p.view.ProcessedProjectGrantMemberSequence(event.Sequence)
+	}
+	if err != nil {
+		return err
+	}
+	return p.view.PutProjectGrantMember(member, member.Sequence)
+}
+
+func (p *ProjectGrantMember) processUser(event *models.Event) (err error) {
+	switch event.Type {
+	case usr_es_model.UserProfileChanged,
+		usr_es_model.UserEmailChanged:
+		members, err := p.view.ProjectGrantMembersByUserID(event.AggregateID)
+		if err != nil {
+			return err
+		}
+		user, err := p.userEvents.UserByID(context.Background(), event.AggregateID)
+		if err != nil {
+			return err
+		}
+		for _, member := range members {
+			p.fillUserData(member, user)
+			err = p.view.PutProjectGrantMember(member, event.Sequence)
+			if err != nil {
+				return err
+			}
+		}
+	default:
+		return p.view.ProcessedProjectGrantMemberSequence(event.Sequence)
+	}
+	return nil
+}
+
+func (p *ProjectGrantMember) fillData(member *view_model.ProjectGrantMemberView) (err error) {
+	user, err := p.userEvents.UserByID(context.Background(), member.UserID)
+	if err != nil {
+		return err
+	}
+	p.fillUserData(member, user)
+	return nil
+}
+
+func (p *ProjectGrantMember) fillUserData(member *view_model.ProjectGrantMemberView, user *usr_model.User) {
+	member.UserName = user.UserName
+	member.FirstName = user.FirstName
+	member.LastName = user.LastName
+	member.Email = user.EmailAddress
+}
+
+func (p *ProjectGrantMember) OnError(event *models.Event, err error) error {
+	logging.LogWithFields("SPOOL-kls93", "id", event.AggregateID).WithError(err).Warn("something went wrong in projectmember handler")
+	return spooler.HandleError(event, p.view.GetLatestProjectGrantMemberFailedEvent, p.view.ProcessedProjectGrantMemberFailedEvent, p.view.ProcessedProjectGrantMemberSequence, p.errorCountUntilSkip)
+}

internal/management/repository/eventsourcing/handler/project_member.go

@@ -0,0 +1,126 @@
+package handler
+
+import (
+	"context"
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/eventstore/spooler"
+	proj_es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	view_model "github.com/caos/zitadel/internal/project/repository/view/model"
+	usr_model "github.com/caos/zitadel/internal/user/model"
+	usr_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
+	usr_es_model "github.com/caos/zitadel/internal/user/repository/eventsourcing/model"
+	"time"
+)
+
+type ProjectMember struct {
+	handler
+	userEvents *usr_event.UserEventstore
+}
+
+const (
+	projectMemberTable = "management.project_members"
+)
+
+func (p *ProjectMember) MinimumCycleDuration() time.Duration { return p.cycleDuration }
+
+func (p *ProjectMember) ViewModel() string {
+	return projectMemberTable
+}
+
+func (p *ProjectMember) EventQuery() (*models.SearchQuery, error) {
+	sequence, err := p.view.GetLatestProjectMemberSequence()
+	if err != nil {
+		return nil, err
+	}
+	return es_models.NewSearchQuery().
+		AggregateTypeFilter(proj_es_model.ProjectAggregate, usr_es_model.UserAggregate).
+		LatestSequenceFilter(sequence), nil
+}
+
+func (p *ProjectMember) Process(event *models.Event) (err error) {
+	switch event.AggregateType {
+	case proj_es_model.ProjectAggregate:
+		err = p.processProjectMember(event)
+	case usr_es_model.UserAggregate:
+		err = p.processUser(event)
+	}
+	return err
+}
+
+func (p *ProjectMember) processProjectMember(event *models.Event) (err error) {
+	member := new(view_model.ProjectMemberView)
+	switch event.Type {
+	case proj_es_model.ProjectMemberAdded:
+		member.AppendEvent(event)
+		p.fillData(member)
+	case proj_es_model.ProjectMemberChanged:
+		err := member.SetData(event)
+		if err != nil {
+			return err
+		}
+		member, err = p.view.ProjectMemberByIDs(event.AggregateID, member.UserID)
+		if err != nil {
+			return err
+		}
+		member.AppendEvent(event)
+	case proj_es_model.ProjectMemberRemoved:
+		err := member.SetData(event)
+		if err != nil {
+			return err
+		}
+		return p.view.DeleteProjectMember(event.AggregateID, member.UserID, event.Sequence)
+	default:
+		return p.view.ProcessedProjectMemberSequence(event.Sequence)
+	}
+	if err != nil {
+		return err
+	}
+	return p.view.PutProjectMember(member, member.Sequence)
+}
+
+func (p *ProjectMember) processUser(event *models.Event) (err error) {
+	switch event.Type {
+	case usr_es_model.UserProfileChanged,
+		usr_es_model.UserEmailChanged:
+		members, err := p.view.ProjectMembersByUserID(event.AggregateID)
+		if err != nil {
+			return err
+		}
+		user, err := p.userEvents.UserByID(context.Background(), event.AggregateID)
+		if err != nil {
+			return err
+		}
+		for _, member := range members {
+			p.fillUserData(member, user)
+			err = p.view.PutProjectMember(member, event.Sequence)
+			if err != nil {
+				return err
+			}
+		}
+	default:
+		return p.view.ProcessedProjectMemberSequence(event.Sequence)
+	}
+	return nil
+}
+
+func (p *ProjectMember) fillData(member *view_model.ProjectMemberView) (err error) {
+	user, err := p.userEvents.UserByID(context.Background(), member.UserID)
+	if err != nil {
+		return err
+	}
+	p.fillUserData(member, user)
+	return nil
+}
+
+func (p *ProjectMember) fillUserData(member *view_model.ProjectMemberView, user *usr_model.User) {
+	member.UserName = user.UserName
+	member.FirstName = user.FirstName
+	member.LastName = user.LastName
+	member.Email = user.EmailAddress
+}
+func (p *ProjectMember) OnError(event *models.Event, err error) error {
+	logging.LogWithFields("SPOOL-u73es", "id", event.AggregateID).WithError(err).Warn("something went wrong in projectmember handler")
+	return spooler.HandleError(event, p.view.GetLatestProjectMemberFailedEvent, p.view.ProcessedProjectMemberFailedEvent, p.view.ProcessedProjectMemberSequence, p.errorCountUntilSkip)
+}

internal/management/repository/eventsourcing/handler/project_role.go

@@ -0,0 +1,152 @@
+package handler
+
+import (
+	"context"
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/eventstore/spooler"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/eventsourcing"
+	proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	view_model "github.com/caos/zitadel/internal/project/repository/view/model"
+	"time"
+)
+
+type ProjectRole struct {
+	handler
+	projectEvents *proj_event.ProjectEventstore
+}
+
+const (
+	projectRoleTable = "management.project_roles"
+)
+
+func (p *ProjectRole) MinimumCycleDuration() time.Duration { return p.cycleDuration }
+
+func (p *ProjectRole) ViewModel() string {
+	return projectRoleTable
+}
+
+func (p *ProjectRole) EventQuery() (*models.SearchQuery, error) {
+	sequence, err := p.view.GetLatestProjectRoleSequence()
+	if err != nil {
+		return nil, err
+	}
+	return eventsourcing.ProjectQuery(sequence), nil
+}
+
+func (p *ProjectRole) Process(event *models.Event) (err error) {
+	role := new(view_model.ProjectRoleView)
+	switch event.Type {
+	case es_model.ProjectRoleAdded:
+		role.AppendEvent(event)
+	case es_model.ProjectRoleChanged:
+		err := role.SetData(event)
+		if err != nil {
+			return err
+		}
+		role, err = p.view.ProjectRoleByIDs(event.AggregateID, event.ResourceOwner, role.Key)
+		if err != nil {
+			return err
+		}
+		role.AppendEvent(event)
+	case es_model.ProjectRoleRemoved:
+		err := role.SetData(event)
+		if err != nil {
+			return err
+		}
+		err = p.removeRoleFromAllResourceowners(event, role)
+	case es_model.ProjectGrantAdded:
+		return p.addGrantRoles(event)
+	case es_model.ProjectGrantChanged:
+		err = p.removeRolesFromResourceowner(event)
+		if err != nil {
+			return err
+		}
+		return p.addGrantRoles(event)
+	case es_model.ProjectGrantRemoved:
+		return p.removeRolesFromResourceowner(event)
+	default:
+		return p.view.ProcessedProjectRoleSequence(event.Sequence)
+	}
+	if err != nil {
+		return err
+	}
+	return p.view.PutProjectRole(role)
+}
+
+func (p *ProjectRole) removeRoleFromAllResourceowners(event *models.Event, role *view_model.ProjectRoleView) error {
+	roles, err := p.view.ResourceOwnerProjectRolesByKey(event.AggregateID, event.ResourceOwner, role.Key)
+	if err != nil {
+		logging.LogWithFields("HANDL-slo03", "aggregateID", event.AggregateID, "ResourceOwner", event.ResourceOwner, "Key", role.Key).WithError(err).Warn("could not read roles to remove")
+		return err
+	}
+	for _, r := range roles {
+		err = p.view.DeleteProjectRole(r.ProjectID, r.OrgID, r.Key, event.Sequence)
+		if err != nil {
+			logging.LogWithFields("HANDL-kloa2", "aggregateID", event.AggregateID, "ResourceOwner", event.ResourceOwner, "OrgID", r.OrgID, "Key", role.Key).WithError(err).Warn("could not remove role")
+			return err
+		}
+	}
+	return nil
+}
+
+func (p *ProjectRole) removeRolesFromResourceowner(event *models.Event) error {
+	roles, err := p.view.ResourceOwnerProjectRoles(event.AggregateID, event.ResourceOwner)
+	if err != nil {
+		logging.LogWithFields("HANDL-slo03", "aggregateID", event.AggregateID, "ResourceOwner", event.ResourceOwner, "Key").WithError(err).Warn("could not read roles to remove")
+		return err
+	}
+	for _, r := range roles {
+		err = p.view.DeleteProjectRole(r.ProjectID, r.OrgID, r.Key, event.Sequence)
+		if err != nil {
+			logging.LogWithFields("HANDL-kloa2", "aggregateID", event.AggregateID, "ResourceOwner", event.ResourceOwner, "OrgID", r.OrgID).WithError(err).Warn("could not remove role")
+			return err
+		}
+	}
+	return nil
+}
+
+func (p *ProjectRole) addGrantRoles(event *models.Event) error {
+	project, err := p.projectEvents.ProjectByID(context.Background(), event.AggregateID)
+	if err != nil {
+		return err
+	}
+
+	grant := new(view_model.ProjectGrant)
+	err = grant.SetData(event)
+	if err != nil {
+		return err
+	}
+	for _, roleKey := range grant.RoleKeys {
+		role := getRoleFromProject(roleKey, project)
+		projectRole := &view_model.ProjectRoleView{
+			OrgID:         grant.GrantedOrgID,
+			ProjectID:     event.AggregateID,
+			Key:           roleKey,
+			DisplayName:   role.DisplayName,
+			Group:         role.Group,
+			ResourceOwner: event.ResourceOwner,
+			CreationDate:  event.CreationDate,
+			Sequence:      event.Sequence,
+		}
+		err := p.view.PutProjectRole(projectRole)
+		logging.LogWithFields("HANDL-sj3TG", "eventID", event.ID).OnError(err).Warn("could not save project role")
+	}
+	return nil
+}
+
+func getRoleFromProject(roleKey string, project *proj_model.Project) *proj_model.ProjectRole {
+	for _, role := range project.Roles {
+		if roleKey == role.Key {
+			return role
+		}
+	}
+	return nil
+}
+
+func (p *ProjectRole) OnError(event *models.Event, err error) error {
+	logging.LogWithFields("SPOOL-lso9w", "id", event.AggregateID).WithError(err).Warn("something went wrong in project role handler")
+	return spooler.HandleError(event, p.view.GetLatestProjectRoleFailedEvent, p.view.ProcessedProjectRoleFailedEvent, p.view.ProcessedProjectRoleSequence, p.errorCountUntilSkip)
+}

internal/management/repository/eventsourcing/repository.go

@@ -3,24 +3,30 @@ package eventsourcing
 import (
 	"context"
 	sd "github.com/caos/zitadel/internal/config/systemdefaults"
-
+	"github.com/caos/zitadel/internal/config/types"
 	es_int "github.com/caos/zitadel/internal/eventstore"
+	es_spol "github.com/caos/zitadel/internal/eventstore/spooler"
+	"github.com/caos/zitadel/internal/management/repository/eventsourcing/eventstore"
+	"github.com/caos/zitadel/internal/management/repository/eventsourcing/handler"
+	"github.com/caos/zitadel/internal/management/repository/eventsourcing/spooler"
+	mgmt_view "github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
 	es_proj "github.com/caos/zitadel/internal/project/repository/eventsourcing"
 	es_usr "github.com/caos/zitadel/internal/user/repository/eventsourcing"
 	es_grant "github.com/caos/zitadel/internal/usergrant/repository/eventsourcing"
 )
 
 type Config struct {
-	Eventstore es_int.Config
-	//View       view.ViewConfig
-	//Spooler    spooler.SpoolerConfig
+	SearchLimit uint64
+	Eventstore  es_int.Config
+	View        types.SQL
+	Spooler     spooler.SpoolerConfig
 }
 
 type EsRepository struct {
-	//spooler *es_spooler.Spooler
-	ProjectRepo
-	UserRepo
-	UserGrantRepo
+	spooler *es_spol.Spooler
+	eventstore.ProjectRepo
+	eventstore.UserRepo
+	eventstore.UserGrantRepo
 }
 
 func Start(conf Config, systemDefaults sd.SystemDefaults) (*EsRepository, error) {
@@ -29,15 +35,14 @@ func Start(conf Config, systemDefaults sd.SystemDefaults) (*EsRepository, error)
 		return nil, err
 	}
 
-	//view, sql, err := mgmt_view.StartView(conf.View)
-	//if err != nil {
-	//	return nil, err
-	//}
-
-	//conf.Spooler.View = view
-	//conf.Spooler.EsClient = es.Client
-	//conf.Spooler.SQL = sql
-	//spool := spooler.StartSpooler(conf.Spooler)
+	sqlClient, err := conf.View.Start()
+	if err != nil {
+		return nil, err
+	}
+	view, err := mgmt_view.StartView(sqlClient)
+	if err != nil {
+		return nil, err
+	}
 
 	project, err := es_proj.StartProject(es_proj.ProjectConfig{
 		Eventstore: es,
@@ -60,10 +65,14 @@ func Start(conf Config, systemDefaults sd.SystemDefaults) (*EsRepository, error)
 	if err != nil {
 		return nil, err
 	}
+	eventstoreRepos := handler.EventstoreRepos{ProjectEvents: project}
+	spool := spooler.StartSpooler(conf.Spooler, es, view, sqlClient, eventstoreRepos)
+
 	return &EsRepository{
-		ProjectRepo{project},
-		UserRepo{user},
-		UserGrantRepo{usergrant},
+		spool,
+		eventstore.ProjectRepo{conf.SearchLimit, project, view},
+		eventstore.UserRepo{user},
+		eventstore.UserGrantRepo{usergrant},
 	}, nil
 }
 

internal/management/repository/eventsourcing/spooler/lock.go

@@ -0,0 +1,46 @@
+package spooler
+
+import (
+	"context"
+	"database/sql"
+	"fmt"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"time"
+
+	"github.com/cockroachdb/cockroach-go/crdb"
+)
+
+const (
+	lockTable      = "management.locks"
+	lockedUntilKey = "locked_until"
+	lockerIDKey    = "locker_id"
+	objectTypeKey  = "object_type"
+)
+
+type locker struct {
+	dbClient *sql.DB
+}
+
+type lock struct {
+	LockerID    string    `gorm:"column:locker_id;primary_key"`
+	LockedUntil time.Time `gorm:"column:locked_until"`
+	ViewName    string    `gorm:"column:object_type;primary_key"`
+}
+
+func (l *locker) Renew(lockerID, viewModel string, waitTime time.Duration) error {
+	return crdb.ExecuteTx(context.Background(), l.dbClient, nil, func(tx *sql.Tx) error {
+		query := fmt.Sprintf("INSERT INTO %s (%s, %s, %s) VALUES ($1, $2, now()+$3) ON CONFLICT (%s) DO UPDATE SET %s = now()+$4, %s = $5 WHERE (locks.%s < now() OR locks.%s = $6) AND locks.%s = $7",
+			lockTable, objectTypeKey, lockerIDKey, lockedUntilKey, objectTypeKey, lockedUntilKey, lockerIDKey, lockedUntilKey, lockerIDKey, objectTypeKey)
+
+		rs, err := tx.Exec(query, viewModel, lockerID, waitTime.Seconds(), waitTime.Seconds(), lockerID, lockerID, viewModel)
+		if err != nil {
+			tx.Rollback()
+			return err
+		}
+		if rows, _ := rs.RowsAffected(); rows == 0 {
+			tx.Rollback()
+			return caos_errs.ThrowAlreadyExists(nil, "SPOOL-lso0e", "view already locked")
+		}
+		return nil
+	})
+}

internal/management/repository/eventsourcing/spooler/lock_test.go

@@ -0,0 +1,127 @@
+package spooler
+
+import (
+	"database/sql"
+	"testing"
+	"time"
+
+	"github.com/DATA-DOG/go-sqlmock"
+)
+
+type dbMock struct {
+	db   *sql.DB
+	mock sqlmock.Sqlmock
+}
+
+func mockDB(t *testing.T) *dbMock {
+	mockDB := dbMock{}
+	var err error
+	mockDB.db, mockDB.mock, err = sqlmock.New()
+	if err != nil {
+		t.Fatalf("error occured while creating stub db %v", err)
+	}
+
+	mockDB.mock.MatchExpectationsInOrder(true)
+
+	return &mockDB
+}
+
+func (db *dbMock) expectCommit() *dbMock {
+	db.mock.ExpectCommit()
+
+	return db
+}
+
+func (db *dbMock) expectRollback() *dbMock {
+	db.mock.ExpectRollback()
+
+	return db
+}
+
+func (db *dbMock) expectBegin() *dbMock {
+	db.mock.ExpectBegin()
+
+	return db
+}
+
+func (db *dbMock) expectSavepoint() *dbMock {
+	db.mock.ExpectExec("SAVEPOINT").WillReturnResult(sqlmock.NewResult(1, 1))
+	return db
+}
+
+func (db *dbMock) expectReleaseSavepoint() *dbMock {
+	db.mock.ExpectExec("RELEASE SAVEPOINT").WillReturnResult(sqlmock.NewResult(1, 1))
+
+	return db
+}
+
+func (db *dbMock) expectRenew(lockerID, view string, affectedRows int64) *dbMock {
+	query := db.mock.
+		ExpectExec(`INSERT INTO management\.locks \(object_type, locker_id, locked_until\) VALUES \(\$1, \$2, now\(\)\+\$3\) ON CONFLICT \(object_type\) DO UPDATE SET locked_until = now\(\)\+\$4, locker_id = \$5 WHERE \(locks\.locked_until < now\(\) OR locks\.locker_id = \$6\) AND locks\.object_type = \$7`).
+		WithArgs(view, lockerID, sqlmock.AnyArg(), sqlmock.AnyArg(), lockerID, lockerID, view).
+		WillReturnResult(sqlmock.NewResult(1, 1))
+
+	if affectedRows == 0 {
+		query.WillReturnResult(sqlmock.NewResult(0, 0))
+	} else {
+		query.WillReturnResult(sqlmock.NewResult(1, affectedRows))
+	}
+
+	return db
+}
+
+func Test_locker_Renew(t *testing.T) {
+	type fields struct {
+		db *dbMock
+	}
+	type args struct {
+		lockerID  string
+		viewModel string
+		waitTime  time.Duration
+	}
+	tests := []struct {
+		name    string
+		fields  fields
+		args    args
+		wantErr bool
+	}{
+		{
+			name: "renew succeeded",
+			fields: fields{
+				db: mockDB(t).
+					expectBegin().
+					expectSavepoint().
+					expectRenew("locker", "view", 1).
+					expectReleaseSavepoint().
+					expectCommit(),
+			},
+			args:    args{lockerID: "locker", viewModel: "view", waitTime: 1 * time.Second},
+			wantErr: false,
+		},
+		{
+			name: "renew now rows updated",
+			fields: fields{
+				db: mockDB(t).
+					expectBegin().
+					expectSavepoint().
+					expectRenew("locker", "view", 0).
+					expectRollback(),
+			},
+			args:    args{lockerID: "locker", viewModel: "view", waitTime: 1 * time.Second},
+			wantErr: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			l := &locker{
+				dbClient: tt.fields.db.db,
+			}
+			if err := l.Renew(tt.args.lockerID, tt.args.viewModel, tt.args.waitTime); (err != nil) != tt.wantErr {
+				t.Errorf("locker.Renew() error = %v, wantErr %v", err, tt.wantErr)
+			}
+			if err := tt.fields.db.mock.ExpectationsWereMet(); err != nil {
+				t.Errorf("not all database expectations met: %v", err)
+			}
+		})
+	}
+}

internal/management/repository/eventsourcing/spooler/spooler.go

@@ -0,0 +1,28 @@
+package spooler
+
+import (
+	"database/sql"
+	"github.com/caos/zitadel/internal/eventstore"
+	"github.com/caos/zitadel/internal/eventstore/spooler"
+	"github.com/caos/zitadel/internal/management/repository/eventsourcing/handler"
+	"github.com/caos/zitadel/internal/management/repository/eventsourcing/view"
+)
+
+type SpoolerConfig struct {
+	BulkLimit             uint64
+	FailureCountUntilSkip uint64
+	ConcurrentTasks       int
+	Handlers              handler.Configs
+}
+
+func StartSpooler(c SpoolerConfig, es eventstore.Eventstore, view *view.View, sql *sql.DB, eventstoreRepos handler.EventstoreRepos) *spooler.Spooler {
+	spoolerConfig := spooler.Config{
+		Eventstore:      es,
+		Locker:          &locker{dbClient: sql},
+		ConcurrentTasks: c.ConcurrentTasks,
+		ViewHandlers:    handler.Register(c.Handlers, c.BulkLimit, c.FailureCountUntilSkip, view, es, eventstoreRepos),
+	}
+	spool := spoolerConfig.New()
+	spool.Start()
+	return spool
+}

internal/management/repository/eventsourcing/view/application.go

@@ -0,0 +1,52 @@
+package view
+
+import (
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	global_view "github.com/caos/zitadel/internal/view"
+)
+
+const (
+	applicationTable = "management.applications"
+)
+
+func (v *View) ApplicationByID(appID string) (*model.ApplicationView, error) {
+	return view.ApplicationByID(v.Db, applicationTable, appID)
+}
+
+func (v *View) SearchApplications(request *proj_model.ApplicationSearchRequest) ([]*model.ApplicationView, int, error) {
+	return view.SearchApplications(v.Db, applicationTable, request)
+}
+
+func (v *View) PutApplication(project *model.ApplicationView) error {
+	err := view.PutApplication(v.Db, applicationTable, project)
+	if err != nil {
+		return err
+	}
+	return v.ProcessedApplicationSequence(project.Sequence)
+}
+
+func (v *View) DeleteApplication(appID string, eventSequence uint64) error {
+	err := view.DeleteApplication(v.Db, applicationTable, appID)
+	if err != nil {
+		return nil
+	}
+	return v.ProcessedApplicationSequence(eventSequence)
+}
+
+func (v *View) GetLatestApplicationSequence() (uint64, error) {
+	return v.latestSequence(applicationTable)
+}
+
+func (v *View) ProcessedApplicationSequence(eventSequence uint64) error {
+	return v.saveCurrentSequence(applicationTable, eventSequence)
+}
+
+func (v *View) GetLatestApplicationFailedEvent(sequence uint64) (*global_view.FailedEvent, error) {
+	return v.latestFailedEvent(applicationTable, sequence)
+}
+
+func (v *View) ProcessedApplicationFailedEvent(failedEvent *global_view.FailedEvent) error {
+	return v.saveFailedEvent(failedEvent)
+}

internal/management/repository/eventsourcing/view/error_event.go

@@ -0,0 +1,17 @@
+package view
+
+import (
+	"github.com/caos/zitadel/internal/view"
+)
+
+const (
+	errTable = "management.failed_event"
+)
+
+func (v *View) saveFailedEvent(failedEvent *view.FailedEvent) error {
+	return view.SaveFailedEvent(v.Db, errTable, failedEvent)
+}
+
+func (v *View) latestFailedEvent(viewName string, sequence uint64) (*view.FailedEvent, error) {
+	return view.LatestFailedEvent(v.Db, errTable, viewName, sequence)
+}

internal/management/repository/eventsourcing/view/granted_project.go

@@ -0,0 +1,56 @@
+package view
+
+import (
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	global_view "github.com/caos/zitadel/internal/view"
+)
+
+const (
+	grantedProjectTable = "management.granted_projects"
+)
+
+func (v *View) GrantedProjectByIDs(projectID, orgID string) (*model.GrantedProjectView, error) {
+	return view.GrantedProjectByIDs(v.Db, grantedProjectTable, projectID, orgID)
+}
+
+func (v *View) GrantedProjectsByID(projectID string) ([]*model.GrantedProjectView, error) {
+	return view.GrantedProjectsByID(v.Db, grantedProjectTable, projectID)
+}
+
+func (v *View) SearchGrantedProjects(request *proj_model.GrantedProjectSearchRequest) ([]*model.GrantedProjectView, int, error) {
+	return view.SearchGrantedProjects(v.Db, grantedProjectTable, request)
+}
+
+func (v *View) PutGrantedProject(project *model.GrantedProjectView) error {
+	err := view.PutGrantedProject(v.Db, grantedProjectTable, project)
+	if err != nil {
+		return err
+	}
+	return v.ProcessedGrantedProjectSequence(project.Sequence)
+}
+
+func (v *View) DeleteGrantedProject(projectID, orgID string, eventSequence uint64) error {
+	err := view.DeleteGrantedProject(v.Db, grantedProjectTable, projectID, orgID)
+	if err != nil {
+		return nil
+	}
+	return v.ProcessedGrantedProjectSequence(eventSequence)
+}
+
+func (v *View) GetLatestGrantedProjectSequence() (uint64, error) {
+	return v.latestSequence(grantedProjectTable)
+}
+
+func (v *View) ProcessedGrantedProjectSequence(eventSequence uint64) error {
+	return v.saveCurrentSequence(grantedProjectTable, eventSequence)
+}
+
+func (v *View) GetLatestGrantedProjectFailedEvent(sequence uint64) (*global_view.FailedEvent, error) {
+	return v.latestFailedEvent(grantedProjectTable, sequence)
+}
+
+func (v *View) ProcessedGrantedProjectFailedEvent(failedEvent *global_view.FailedEvent) error {
+	return v.saveFailedEvent(failedEvent)
+}

internal/management/repository/eventsourcing/view/project_grant_member.go

@@ -0,0 +1,56 @@
+package view
+
+import (
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	global_view "github.com/caos/zitadel/internal/view"
+)
+
+const (
+	projectGrantMemberTable = "management.project_grant_members"
+)
+
+func (v *View) ProjectGrantMemberByIDs(projectID, userID string) (*model.ProjectGrantMemberView, error) {
+	return view.ProjectGrantMemberByIDs(v.Db, projectGrantMemberTable, projectID, userID)
+}
+
+func (v *View) SearchProjectGrantMembers(request *proj_model.ProjectGrantMemberSearchRequest) ([]*model.ProjectGrantMemberView, int, error) {
+	return view.SearchProjectGrantMembers(v.Db, projectGrantMemberTable, request)
+}
+
+func (v *View) ProjectGrantMembersByUserID(userID string) ([]*model.ProjectGrantMemberView, error) {
+	return view.ProjectGrantMembersByUserID(v.Db, projectGrantMemberTable, userID)
+}
+
+func (v *View) PutProjectGrantMember(project *model.ProjectGrantMemberView, sequence uint64) error {
+	err := view.PutProjectGrantMember(v.Db, projectGrantMemberTable, project)
+	if err != nil {
+		return err
+	}
+	return v.ProcessedProjectGrantMemberSequence(sequence)
+}
+
+func (v *View) DeleteProjectGrantMember(projectID, userID string, eventSequence uint64) error {
+	err := view.DeleteProjectGrantMember(v.Db, projectGrantMemberTable, projectID, userID)
+	if err != nil {
+		return nil
+	}
+	return v.ProcessedProjectGrantMemberSequence(eventSequence)
+}
+
+func (v *View) GetLatestProjectGrantMemberSequence() (uint64, error) {
+	return v.latestSequence(projectGrantMemberTable)
+}
+
+func (v *View) ProcessedProjectGrantMemberSequence(eventSequence uint64) error {
+	return v.saveCurrentSequence(projectGrantMemberTable, eventSequence)
+}
+
+func (v *View) GetLatestProjectGrantMemberFailedEvent(sequence uint64) (*global_view.FailedEvent, error) {
+	return v.latestFailedEvent(projectGrantMemberTable, sequence)
+}
+
+func (v *View) ProcessedProjectGrantMemberFailedEvent(failedEvent *global_view.FailedEvent) error {
+	return v.saveFailedEvent(failedEvent)
+}

internal/management/repository/eventsourcing/view/project_member.go

@@ -0,0 +1,56 @@
+package view
+
+import (
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	global_view "github.com/caos/zitadel/internal/view"
+)
+
+const (
+	projectMemberTable = "management.project_members"
+)
+
+func (v *View) ProjectMemberByIDs(projectID, userID string) (*model.ProjectMemberView, error) {
+	return view.ProjectMemberByIDs(v.Db, projectMemberTable, projectID, userID)
+}
+
+func (v *View) SearchProjectMembers(request *proj_model.ProjectMemberSearchRequest) ([]*model.ProjectMemberView, int, error) {
+	return view.SearchProjectMembers(v.Db, projectMemberTable, request)
+}
+
+func (v *View) ProjectMembersByUserID(userID string) ([]*model.ProjectMemberView, error) {
+	return view.ProjectMembersByUserID(v.Db, projectMemberTable, userID)
+}
+
+func (v *View) PutProjectMember(project *model.ProjectMemberView, sequence uint64) error {
+	err := view.PutProjectMember(v.Db, projectMemberTable, project)
+	if err != nil {
+		return err
+	}
+	return v.ProcessedProjectMemberSequence(sequence)
+}
+
+func (v *View) DeleteProjectMember(projectID, userID string, eventSequence uint64) error {
+	err := view.DeleteProjectMember(v.Db, projectMemberTable, projectID, userID)
+	if err != nil {
+		return nil
+	}
+	return v.ProcessedProjectMemberSequence(eventSequence)
+}
+
+func (v *View) GetLatestProjectMemberSequence() (uint64, error) {
+	return v.latestSequence(projectMemberTable)
+}
+
+func (v *View) ProcessedProjectMemberSequence(eventSequence uint64) error {
+	return v.saveCurrentSequence(projectMemberTable, eventSequence)
+}
+
+func (v *View) GetLatestProjectMemberFailedEvent(sequence uint64) (*global_view.FailedEvent, error) {
+	return v.latestFailedEvent(projectMemberTable, sequence)
+}
+
+func (v *View) ProcessedProjectMemberFailedEvent(failedEvent *global_view.FailedEvent) error {
+	return v.saveFailedEvent(failedEvent)
+}

internal/management/repository/eventsourcing/view/project_role.go

@@ -0,0 +1,60 @@
+package view
+
+import (
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	global_view "github.com/caos/zitadel/internal/view"
+)
+
+const (
+	projectRoleTable = "management.project_roles"
+)
+
+func (v *View) ProjectRoleByIDs(projectID, orgID, key string) (*model.ProjectRoleView, error) {
+	return view.ProjectRoleByIDs(v.Db, projectRoleTable, projectID, orgID, key)
+}
+
+func (v *View) ResourceOwnerProjectRolesByKey(projectID, resourceowner, key string) ([]*model.ProjectRoleView, error) {
+	return view.ResourceOwnerProjectRolesByKey(v.Db, projectRoleTable, projectID, resourceowner, key)
+}
+
+func (v *View) ResourceOwnerProjectRoles(projectID, resourceowner string) ([]*model.ProjectRoleView, error) {
+	return view.ResourceOwnerProjectRoles(v.Db, projectRoleTable, projectID, resourceowner)
+}
+
+func (v *View) SearchProjectRoles(request *proj_model.ProjectRoleSearchRequest) ([]*model.ProjectRoleView, int, error) {
+	return view.SearchProjectRoles(v.Db, projectRoleTable, request)
+}
+
+func (v *View) PutProjectRole(project *model.ProjectRoleView) error {
+	err := view.PutProjectRole(v.Db, projectRoleTable, project)
+	if err != nil {
+		return err
+	}
+	return v.ProcessedProjectRoleSequence(project.Sequence)
+}
+
+func (v *View) DeleteProjectRole(projectID, orgID, key string, eventSequence uint64) error {
+	err := view.DeleteProjectRole(v.Db, projectRoleTable, projectID, orgID, key)
+	if err != nil {
+		return nil
+	}
+	return v.ProcessedProjectRoleSequence(eventSequence)
+}
+
+func (v *View) GetLatestProjectRoleSequence() (uint64, error) {
+	return v.latestSequence(projectRoleTable)
+}
+
+func (v *View) ProcessedProjectRoleSequence(eventSequence uint64) error {
+	return v.saveCurrentSequence(projectRoleTable, eventSequence)
+}
+
+func (v *View) GetLatestProjectRoleFailedEvent(sequence uint64) (*global_view.FailedEvent, error) {
+	return v.latestFailedEvent(projectRoleTable, sequence)
+}
+
+func (v *View) ProcessedProjectRoleFailedEvent(failedEvent *global_view.FailedEvent) error {
+	return v.saveFailedEvent(failedEvent)
+}

internal/management/repository/eventsourcing/view/sequence.go

@@ -0,0 +1,17 @@
+package view
+
+import (
+	"github.com/caos/zitadel/internal/view"
+)
+
+const (
+	sequencesTable = "management.current_sequences"
+)
+
+func (v *View) saveCurrentSequence(viewName string, sequence uint64) error {
+	return view.SaveCurrentSequence(v.Db, sequencesTable, viewName, sequence)
+}
+
+func (v *View) latestSequence(viewName string) (uint64, error) {
+	return view.LatestSequence(v.Db, sequencesTable, viewName)
+}

internal/management/repository/eventsourcing/view/view.go

@@ -0,0 +1,25 @@
+package view
+
+import (
+	"database/sql"
+
+	"github.com/jinzhu/gorm"
+)
+
+type View struct {
+	Db *gorm.DB
+}
+
+func StartView(sqlClient *sql.DB) (*View, error) {
+	gorm, err := gorm.Open("postgres", sqlClient)
+	if err != nil {
+		return nil, err
+	}
+	return &View{
+		Db: gorm,
+	}, nil
+}
+
+func (v *View) Health() (err error) {
+	return v.Db.DB().Ping()
+}

internal/management/repository/project.go

@@ -11,15 +11,18 @@ type ProjectRepository interface {
 	UpdateProject(ctx context.Context, project *model.Project) (*model.Project, error)
 	DeactivateProject(ctx context.Context, id string) (*model.Project, error)
 	ReactivateProject(ctx context.Context, id string) (*model.Project, error)
+	SearchGrantedProjects(ctx context.Context, request *model.GrantedProjectSearchRequest) (*model.GrantedProjectSearchResponse, error)
 
 	ProjectMemberByID(ctx context.Context, projectID, userID string) (*model.ProjectMember, error)
 	AddProjectMember(ctx context.Context, member *model.ProjectMember) (*model.ProjectMember, error)
 	ChangeProjectMember(ctx context.Context, member *model.ProjectMember) (*model.ProjectMember, error)
 	RemoveProjectMember(ctx context.Context, projectID, userID string) error
+	SearchProjectMembers(ctx context.Context, request *model.ProjectMemberSearchRequest) (*model.ProjectMemberSearchResponse, error)
 
 	AddProjectRole(ctx context.Context, role *model.ProjectRole) (*model.ProjectRole, error)
 	ChangeProjectRole(ctx context.Context, role *model.ProjectRole) (*model.ProjectRole, error)
 	RemoveProjectRole(ctx context.Context, projectID, key string) error
+	SearchProjectRoles(ctx context.Context, request *model.ProjectRoleSearchRequest) (*model.ProjectRoleSearchResponse, error)
 
 	ApplicationByID(ctx context.Context, projectID, appID string) (*model.Application, error)
 	AddApplication(ctx context.Context, app *model.Application) (*model.Application, error)
@@ -29,13 +32,15 @@ type ProjectRepository interface {
 	RemoveApplication(ctx context.Context, projectID, appID string) error
 	ChangeOIDCConfig(ctx context.Context, config *model.OIDCConfig) (*model.OIDCConfig, error)
 	ChangeOIDConfigSecret(ctx context.Context, projectID, appID string) (*model.OIDCConfig, error)
+	SearchApplications(ctx context.Context, request *model.ApplicationSearchRequest) (*model.ApplicationSearchResponse, error)
 
-	ProjectGrantByID(ctx context.Context, projectID, appID string) (*model.ProjectGrant, error)
+	ProjectGrantByID(ctx context.Context, projectID, grantID string) (*model.ProjectGrant, error)
 	AddProjectGrant(ctx context.Context, app *model.ProjectGrant) (*model.ProjectGrant, error)
 	ChangeProjectGrant(ctx context.Context, app *model.ProjectGrant) (*model.ProjectGrant, error)
-	DeactivateProjectGrant(ctx context.Context, projectID, appID string) (*model.ProjectGrant, error)
-	ReactivateProjectGrant(ctx context.Context, projectID, appID string) (*model.ProjectGrant, error)
-	RemoveProjectGrant(ctx context.Context, projectID, appID string) error
+	DeactivateProjectGrant(ctx context.Context, projectID, grantID string) (*model.ProjectGrant, error)
+	ReactivateProjectGrant(ctx context.Context, projectID, grantID string) (*model.ProjectGrant, error)
+	RemoveProjectGrant(ctx context.Context, projectID, grantID string) error
+	SearchProjectGrantMembers(ctx context.Context, request *model.ProjectGrantMemberSearchRequest) (*model.ProjectGrantMemberSearchResponse, error)
 
 	ProjectGrantMemberByID(ctx context.Context, projectID, grantID, userID string) (*model.ProjectGrantMember, error)
 	AddProjectGrantMember(ctx context.Context, member *model.ProjectGrantMember) (*model.ProjectGrantMember, error)

internal/model/search_method.go

@@ -9,12 +9,5 @@ const (
 	SEARCHMETHOD_EQUALS_IGNORE_CASE
 	SEARCHMETHOD_STARTS_WITH_IGNORE_CASE
 	SEARCHMETHOD_CONTAINS_IGNORE_CASE
+	SEARCHMETHOD_NOT_EQUALS
 )
-
-func SearchMethodToInt(s SearchMethod) int32 {
-	return int32(s)
-}
-
-func SearchMethodFromInt(index int32) SearchMethod {
-	return SearchMethod(index)
-}

internal/project/model/application_view.go

@@ -0,0 +1,63 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/model"
+	"time"
+)
+
+type ApplicationView struct {
+	ID           string
+	ProjectID    string
+	Name         string
+	CreationDate time.Time
+	ChangeDate   time.Time
+	State        AppState
+
+	IsOIDC                     bool
+	OIDCClientID               string
+	OIDCRedirectUris           []string
+	OIDCResponseTypes          []OIDCResponseType
+	OIDCGrantTypes             []OIDCGrantType
+	OIDCApplicationType        OIDCApplicationType
+	OIDCAuthMethodType         OIDCAuthMethodType
+	OIDCPostLogoutRedirectUris []string
+
+	Sequence uint64
+}
+
+type ApplicationSearchRequest struct {
+	Offset        uint64
+	Limit         uint64
+	SortingColumn ApplicationSearchKey
+	Asc           bool
+	Queries       []*ApplicationSearchQuery
+}
+
+type ApplicationSearchKey int32
+
+const (
+	APPLICATIONSEARCHKEY_UNSPECIFIED ApplicationSearchKey = iota
+	APPLICATIONSEARCHKEY_NAME
+	APPLICATIONSEARCHKEY_OIDC_CLIENT_ID
+	APPLICATIONSEARCHKEY_PROJECT_ID
+	APPLICATIONSEARCHKEY_APP_ID
+)
+
+type ApplicationSearchQuery struct {
+	Key    ApplicationSearchKey
+	Method model.SearchMethod
+	Value  string
+}
+
+type ApplicationSearchResponse struct {
+	Offset      uint64
+	Limit       uint64
+	TotalResult uint64
+	Result      []*ApplicationView
+}
+
+func (r *ApplicationSearchRequest) EnsureLimit(limit uint64) {
+	if r.Limit == 0 || r.Limit > limit {
+		r.Limit = limit
+	}
+}

internal/project/model/granted_project.go

@@ -0,0 +1,85 @@
+package model
+
+import (
+	"context"
+	"github.com/caos/zitadel/internal/api"
+	grpc_util "github.com/caos/zitadel/internal/api/grpc"
+	"github.com/caos/zitadel/internal/model"
+	"time"
+)
+
+type GrantedProjectView struct {
+	ProjectID       string
+	Name            string
+	CreationDate    time.Time
+	ChangeDate      time.Time
+	State           ProjectState
+	Type            ProjectType
+	ResourceOwner   string
+	OrgID           string
+	OrgName         string
+	OrgDomain       string
+	Sequence        uint64
+	GrantID         string
+	GrantedRoleKeys []string
+}
+
+type ProjectType int32
+
+const (
+	PROJECTTYPE_OWNED ProjectType = iota
+	PROJECTTYPE_GRANTED
+)
+
+type GrantedProjectSearchRequest struct {
+	Offset        uint64
+	Limit         uint64
+	SortingColumn GrantedProjectSearchKey
+	Asc           bool
+	Queries       []*GrantedProjectSearchQuery
+}
+
+type GrantedProjectSearchKey int32
+
+const (
+	GRANTEDPROJECTSEARCHKEY_UNSPECIFIED GrantedProjectSearchKey = iota
+	GRANTEDPROJECTSEARCHKEY_NAME
+	GRANTEDPROJECTSEARCHKEY_PROJECTID
+	GRANTEDPROJECTSEARCHKEY_GRANTID
+	GRANTEDPROJECTSEARCHKEY_ORGID
+	GRANTEDPROJECTSEARCHKEY_RESOURCE_OWNER
+)
+
+type GrantedProjectSearchQuery struct {
+	Key    GrantedProjectSearchKey
+	Method model.SearchMethod
+	Value  string
+}
+
+type GrantedProjectSearchResponse struct {
+	Offset      uint64
+	Limit       uint64
+	TotalResult uint64
+	Result      []*GrantedProjectView
+}
+
+func (r *GrantedProjectSearchRequest) AppendMyOrgQuery(ctx context.Context) {
+	orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)
+	r.Queries = append(r.Queries, &GrantedProjectSearchQuery{Key: GRANTEDPROJECTSEARCHKEY_ORGID, Method: model.SEARCHMETHOD_EQUALS, Value: orgID})
+}
+
+func (r *GrantedProjectSearchRequest) AppendNotMyOrgQuery(ctx context.Context) {
+	orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)
+	r.Queries = append(r.Queries, &GrantedProjectSearchQuery{Key: GRANTEDPROJECTSEARCHKEY_ORGID, Method: model.SEARCHMETHOD_NOT_EQUALS, Value: orgID})
+}
+
+func (r *GrantedProjectSearchRequest) AppendMyResourceOwnerQuery(ctx context.Context) {
+	orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)
+	r.Queries = append(r.Queries, &GrantedProjectSearchQuery{Key: GRANTEDPROJECTSEARCHKEY_RESOURCE_OWNER, Method: model.SEARCHMETHOD_EQUALS, Value: orgID})
+}
+
+func (r *GrantedProjectSearchRequest) EnsureLimit(limit uint64) {
+	if r.Limit == 0 || r.Limit > limit {
+		r.Limit = limit
+	}
+}

internal/project/model/project_grant_member_view.go

@@ -0,0 +1,59 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/model"
+	"time"
+)
+
+type ProjectGrantMemberView struct {
+	UserID       string
+	GrantID      string
+	ProjectID    string
+	UserName     string
+	Email        string
+	FirstName    string
+	LastName     string
+	Roles        []string
+	CreationDate time.Time
+	ChangeDate   time.Time
+	Sequence     uint64
+}
+
+type ProjectGrantMemberSearchRequest struct {
+	Offset        uint64
+	Limit         uint64
+	SortingColumn ProjectGrantMemberSearchKey
+	Asc           bool
+	Queries       []*ProjectGrantMemberSearchQuery
+}
+
+type ProjectGrantMemberSearchKey int32
+
+const (
+	PROJECTGRANTMEMBERSEARCHKEY_UNSPECIFIED ProjectGrantMemberSearchKey = iota
+	PROJECTGRANTMEMBERSEARCHKEY_USER_NAME
+	PROJECTGRANTMEMBERSEARCHKEY_EMAIL
+	PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME
+	PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME
+	PROJECTGRANTMEMBERSEARCHKEY_GRANT_ID
+	PROJECTGRANTMEMBERSEARCHKEY_USER_ID
+)
+
+type ProjectGrantMemberSearchQuery struct {
+	Key    ProjectGrantMemberSearchKey
+	Method model.SearchMethod
+	Value  string
+}
+
+type ProjectGrantMemberSearchResponse struct {
+	Offset      uint64
+	Limit       uint64
+	TotalResult uint64
+	Result      []*ProjectGrantMemberView
+}
+
+func (r *ProjectGrantMemberSearchRequest) EnsureLimit(limit uint64) {
+	if r.Limit == 0 || r.Limit > limit {
+		r.Limit = limit
+	}
+}

internal/project/model/project_member_view.go

@@ -0,0 +1,58 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/model"
+	"time"
+)
+
+type ProjectMemberView struct {
+	UserID       string
+	ProjectID    string
+	UserName     string
+	Email        string
+	FirstName    string
+	LastName     string
+	Roles        []string
+	CreationDate time.Time
+	ChangeDate   time.Time
+	Sequence     uint64
+}
+
+type ProjectMemberSearchRequest struct {
+	Offset        uint64
+	Limit         uint64
+	SortingColumn ProjectMemberSearchKey
+	Asc           bool
+	Queries       []*ProjectMemberSearchQuery
+}
+
+type ProjectMemberSearchKey int32
+
+const (
+	PROJECTMEMBERSEARCHKEY_UNSPECIFIED ProjectMemberSearchKey = iota
+	PROJECTMEMBERSEARCHKEY_USER_NAME
+	PROJECTMEMBERSEARCHKEY_EMAIL
+	PROJECTMEMBERSEARCHKEY_FIRST_NAME
+	PROJECTMEMBERSEARCHKEY_LAST_NAME
+	PROJECTMEMBERSEARCHKEY_PROJECT_ID
+	PROJECTMEMBERSEARCHKEY_USER_ID
+)
+
+type ProjectMemberSearchQuery struct {
+	Key    ProjectMemberSearchKey
+	Method model.SearchMethod
+	Value  string
+}
+
+type ProjectMemberSearchResponse struct {
+	Offset      uint64
+	Limit       uint64
+	TotalResult uint64
+	Result      []*ProjectMemberView
+}
+
+func (r *ProjectMemberSearchRequest) EnsureLimit(limit uint64) {
+	if r.Limit == 0 || r.Limit > limit {
+		r.Limit = limit
+	}
+}

internal/project/model/project_role_view.go

@@ -0,0 +1,63 @@
+package model
+
+import (
+	"context"
+	"github.com/caos/zitadel/internal/api"
+	grpc_util "github.com/caos/zitadel/internal/api/grpc"
+	"github.com/caos/zitadel/internal/model"
+	"time"
+)
+
+type ProjectRoleView struct {
+	ResourceOwner string
+	OrgID         string
+	ProjectID     string
+	Key           string
+	DisplayName   string
+	Group         string
+	CreationDate  time.Time
+	Sequence      uint64
+}
+
+type ProjectRoleSearchRequest struct {
+	Offset        uint64
+	Limit         uint64
+	SortingColumn ProjectRoleSearchKey
+	Asc           bool
+	Queries       []*ProjectRoleSearchQuery
+}
+
+type ProjectRoleSearchKey int32
+
+const (
+	PROJECTROLESEARCHKEY_UNSPECIFIED ProjectRoleSearchKey = iota
+	PROJECTROLESEARCHKEY_KEY
+	PROJECTROLESEARCHKEY_PROJECTID
+	PROJECTROLESEARCHKEY_ORGID
+	PROJECTROLESEARCHKEY_RESOURCEOWNER
+	PROJECTROLESEARCHKEY_DISPLAY_NAME
+)
+
+type ProjectRoleSearchQuery struct {
+	Key    ProjectRoleSearchKey
+	Method model.SearchMethod
+	Value  string
+}
+
+type ProjectRoleSearchResponse struct {
+	Offset      uint64
+	Limit       uint64
+	TotalResult uint64
+	Result      []*ProjectRoleView
+}
+
+func (r *ProjectRoleSearchRequest) AppendMyOrgQuery(ctx context.Context) {
+	orgID := grpc_util.GetHeader(ctx, api.ZitadelOrgID)
+	r.Queries = append(r.Queries, &ProjectRoleSearchQuery{Key: PROJECTROLESEARCHKEY_ORGID, Method: model.SEARCHMETHOD_EQUALS, Value: orgID})
+}
+
+func (r *ProjectRoleSearchRequest) EnsureLimit(limit uint64) {
+	if r.Limit == 0 || r.Limit > limit {
+		r.Limit = limit
+	}
+}

internal/project/repository/eventsourcing/eventstore_mock_test.go

@@ -50,7 +50,7 @@ func GetMockPwGenerator(ctrl *gomock.Controller) crypto.Generator {
 func GetMockProjectByIDOK(ctrl *gomock.Controller) *ProjectEventstore {
 	data, _ := json.Marshal(model.Project{Name: "Name"})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -67,7 +67,7 @@ func GetMockProjectByIDNoEvents(ctrl *gomock.Controller) *ProjectEventstore {
 func GetMockManipulateProject(ctrl *gomock.Controller) *ProjectEventstore {
 	data, _ := json.Marshal(model.Project{Name: "Name"})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -79,7 +79,7 @@ func GetMockManipulateProject(ctrl *gomock.Controller) *ProjectEventstore {
 func GetMockManipulateProjectWithPw(ctrl *gomock.Controller) *ProjectEventstore {
 	data, _ := json.Marshal(model.Project{Name: "Name"})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -91,8 +91,8 @@ func GetMockManipulateProjectWithPw(ctrl *gomock.Controller) *ProjectEventstore
 func GetMockManipulateInactiveProject(ctrl *gomock.Controller) *ProjectEventstore {
 	data, _ := json.Marshal(model.Project{Name: "Name"})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 2, Type: proj_model.ProjectDeactivated, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 2, Type: model.ProjectDeactivated, Data: data},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -105,8 +105,8 @@ func GetMockManipulateProjectWithMember(ctrl *gomock.Controller) *ProjectEventst
 	data, _ := json.Marshal(model.Project{Name: "Name"})
 	memberData, _ := json.Marshal(model.ProjectMember{UserID: "UserID", Roles: []string{"Role"}})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectMemberAdded, Data: memberData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectMemberAdded, Data: memberData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -119,8 +119,8 @@ func GetMockManipulateProjectWithRole(ctrl *gomock.Controller) *ProjectEventstor
 	data, _ := json.Marshal(model.Project{Name: "Name"})
 	roleData, _ := json.Marshal(model.ProjectRole{Key: "Key", DisplayName: "DisplayName", Group: "Group"})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectRoleAdded, Data: roleData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectRoleAdded, Data: roleData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -138,9 +138,9 @@ func GetMockManipulateProjectWithOIDCApp(ctrl *gomock.Controller) *ProjectEvents
 		GrantTypes:    []int32{int32(proj_model.OIDCGRANTTYPE_AUTHORIZATION_CODE)},
 	})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ApplicationAdded, Data: appData},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.OIDCConfigAdded, Data: oidcData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ApplicationAdded, Data: appData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.OIDCConfigAdded, Data: oidcData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -154,8 +154,8 @@ func GetMockManipulateProjectWithSAMLApp(ctrl *gomock.Controller) *ProjectEvents
 	appData, _ := json.Marshal(model.Application{AppID: "AppID", Name: "Name"})
 
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ApplicationAdded, Data: appData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ApplicationAdded, Data: appData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -168,8 +168,8 @@ func GetMockManipulateProjectWithGrant(ctrl *gomock.Controller) *ProjectEventsto
 	data, _ := json.Marshal(model.Project{Name: "Name"})
 	grantData, _ := json.Marshal(model.ProjectGrant{GrantID: "GrantID", GrantedOrgID: "GrantedOrgID", RoleKeys: []string{"Key"}})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectGrantAdded, Data: grantData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectGrantAdded, Data: grantData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -184,10 +184,10 @@ func GetMockManipulateProjectWithGrantExistingRole(ctrl *gomock.Controller) *Pro
 	roleData2, _ := json.Marshal(model.ProjectRole{Key: "KeyChanged", DisplayName: "DisplayName", Group: "Group"})
 	grantData, _ := json.Marshal(model.ProjectGrant{GrantID: "GrantID", GrantedOrgID: "GrantedOrgID", RoleKeys: []string{"Key"}})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectRoleAdded, Data: roleData},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectRoleAdded, Data: roleData2},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectGrantAdded, Data: grantData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectRoleAdded, Data: roleData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectRoleAdded, Data: roleData2},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectGrantAdded, Data: grantData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -201,9 +201,9 @@ func GetMockManipulateProjectWithGrantMember(ctrl *gomock.Controller) *ProjectEv
 	grantData, _ := json.Marshal(model.ProjectGrant{GrantID: "GrantID", GrantedOrgID: "GrantedOrgID", RoleKeys: []string{"Key"}})
 	memberData, _ := json.Marshal(model.ProjectGrantMember{GrantID: "GrantID", UserID: "UserID", Roles: []string{"Role"}})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectAdded, Data: data},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectGrantAdded, Data: grantData},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectGrantMemberAdded, Data: memberData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectAdded, Data: data},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectGrantAdded, Data: grantData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectGrantMemberAdded, Data: memberData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -225,8 +225,8 @@ func GetMockProjectMemberByIDsOK(ctrl *gomock.Controller) *ProjectEventstore {
 	projectData, _ := json.Marshal(model.Project{Name: "Name"})
 	memberData, _ := json.Marshal(model.ProjectMember{UserID: "UserID", Roles: []string{"Role"}})
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: projectData},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectMemberAdded, Data: memberData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: projectData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectMemberAdded, Data: memberData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -239,9 +239,9 @@ func GetMockProjectAppsByIDsOK(ctrl *gomock.Controller) *ProjectEventstore {
 	oidcData, _ := json.Marshal(model.OIDCConfig{ClientID: "ClientID"})
 
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ProjectAdded, Data: projectData},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.ApplicationAdded, Data: appData},
-		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: proj_model.OIDCConfigAdded, Data: oidcData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded, Data: projectData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ApplicationAdded, Data: appData},
+		&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.OIDCConfigAdded, Data: oidcData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -253,8 +253,8 @@ func GetMockProjectGrantByIDsOK(ctrl *gomock.Controller) *ProjectEventstore {
 	grantData, _ := json.Marshal(model.ProjectGrant{GrantID: "GrantID", GrantedOrgID: "GrantID", RoleKeys: []string{"Key"}})
 
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectAdded, Data: projectData},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectGrantAdded, Data: grantData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectAdded, Data: projectData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectGrantAdded, Data: grantData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)
@@ -267,9 +267,9 @@ func GetMockProjectGrantMemberByIDsOK(ctrl *gomock.Controller) *ProjectEventstor
 	memberData, _ := json.Marshal(model.ProjectGrantMember{GrantID: "GrantID", UserID: "UserID", Roles: []string{"Role"}})
 
 	events := []*es_models.Event{
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectAdded, Data: projectData},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectGrantAdded, Data: grantData},
-		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: proj_model.ProjectGrantMemberAdded, Data: memberData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectAdded, Data: projectData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectGrantAdded, Data: grantData},
+		&es_models.Event{AggregateID: "ID", Sequence: 1, Type: model.ProjectGrantMemberAdded, Data: memberData},
 	}
 	mockEs := mock.NewMockEventstore(ctrl)
 	mockEs.EXPECT().FilterEvents(gomock.Any(), gomock.Any()).Return(events, nil)

internal/project/repository/eventsourcing/model/application.go

@@ -57,16 +57,11 @@ func AppsFromModel(apps []*model.Application) []*Application {
 
 func AppFromModel(app *model.Application) *Application {
 	converted := &Application{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  app.ObjectRoot.AggregateID,
-			Sequence:     app.Sequence,
-			ChangeDate:   app.ChangeDate,
-			CreationDate: app.CreationDate,
-		},
-		AppID: app.AppID,
-		Name:  app.Name,
-		State: int32(app.State),
-		Type:  int32(app.Type),
+		ObjectRoot: app.ObjectRoot,
+		AppID:      app.AppID,
+		Name:       app.Name,
+		State:      int32(app.State),
+		Type:       int32(app.Type),
 	}
 	if app.OIDCConfig != nil {
 		converted.OIDCConfig = OIDCConfigFromModel(app.OIDCConfig)
@@ -76,16 +71,11 @@ func AppFromModel(app *model.Application) *Application {
 
 func AppToModel(app *Application) *model.Application {
 	converted := &model.Application{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  app.AggregateID,
-			ChangeDate:   app.ChangeDate,
-			CreationDate: app.CreationDate,
-			Sequence:     app.Sequence,
-		},
-		AppID: app.AppID,
-		Name:  app.Name,
-		State: model.AppState(app.State),
-		Type:  model.AppType(app.Type),
+		ObjectRoot: app.ObjectRoot,
+		AppID:      app.AppID,
+		Name:       app.Name,
+		State:      model.AppState(app.State),
+		Type:       model.AppType(app.Type),
 	}
 	if app.OIDCConfig != nil {
 		converted.OIDCConfig = OIDCConfigToModel(app.OIDCConfig)

internal/project/repository/eventsourcing/model/oidc_config.go

@@ -56,12 +56,7 @@ func OIDCConfigFromModel(config *model.OIDCConfig) *OIDCConfig {
 		grantTypes[i] = int32(rt)
 	}
 	return &OIDCConfig{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  config.ObjectRoot.AggregateID,
-			Sequence:     config.Sequence,
-			ChangeDate:   config.ChangeDate,
-			CreationDate: config.CreationDate,
-		},
+		ObjectRoot:             config.ObjectRoot,
 		AppID:                  config.AppID,
 		ClientID:               config.ClientID,
 		ClientSecret:           config.ClientSecret,
@@ -84,12 +79,7 @@ func OIDCConfigToModel(config *OIDCConfig) *model.OIDCConfig {
 		grantTypes[i] = model.OIDCGrantType(rt)
 	}
 	return &model.OIDCConfig{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  config.ObjectRoot.AggregateID,
-			Sequence:     config.Sequence,
-			ChangeDate:   config.ChangeDate,
-			CreationDate: config.CreationDate,
-		},
+		ObjectRoot:             config.ObjectRoot,
 		AppID:                  config.AppID,
 		ClientID:               config.ClientID,
 		ClientSecret:           config.ClientSecret,

internal/project/repository/eventsourcing/model/project.go

@@ -35,12 +35,7 @@ func ProjectFromModel(project *model.Project) *Project {
 	apps := AppsFromModel(project.Applications)
 	grants := GrantsFromModel(project.Grants)
 	return &Project{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  project.ObjectRoot.AggregateID,
-			Sequence:     project.Sequence,
-			ChangeDate:   project.ChangeDate,
-			CreationDate: project.CreationDate,
-		},
+		ObjectRoot:   project.ObjectRoot,
 		Name:         project.Name,
 		State:        int32(project.State),
 		Members:      members,
@@ -56,12 +51,7 @@ func ProjectToModel(project *Project) *model.Project {
 	apps := AppsToModel(project.Applications)
 	grants := GrantsToModel(project.Grants)
 	return &model.Project{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  project.AggregateID,
-			ChangeDate:   project.ChangeDate,
-			CreationDate: project.CreationDate,
-			Sequence:     project.Sequence,
-		},
+		ObjectRoot:   project.ObjectRoot,
 		Name:         project.Name,
 		State:        model.ProjectState(project.State),
 		Members:      members,
@@ -92,63 +82,64 @@ func (p *Project) AppendEvent(event *es_models.Event) error {
 	p.ObjectRoot.AppendEvent(event)
 
 	switch event.Type {
-	case model.ProjectAdded, model.ProjectChanged:
-		if err := json.Unmarshal(event.Data, p); err != nil {
-			logging.Log("EVEN-idl93").WithError(err).Error("could not unmarshal event data")
-			return err
-		}
-		p.State = int32(model.PROJECTSTATE_ACTIVE)
-		return nil
-	case model.ProjectDeactivated:
+	case ProjectAdded, ProjectChanged:
+		return p.AppendAddProjectEvent(event)
+	case ProjectDeactivated:
 		return p.appendDeactivatedEvent()
-	case model.ProjectReactivated:
+	case ProjectReactivated:
 		return p.appendReactivatedEvent()
-	case model.ProjectMemberAdded:
+	case ProjectMemberAdded:
 		return p.appendAddMemberEvent(event)
-	case model.ProjectMemberChanged:
+	case ProjectMemberChanged:
 		return p.appendChangeMemberEvent(event)
-	case model.ProjectMemberRemoved:
+	case ProjectMemberRemoved:
 		return p.appendRemoveMemberEvent(event)
-	case model.ProjectRoleAdded:
+	case ProjectRoleAdded:
 		return p.appendAddRoleEvent(event)
-	case model.ProjectRoleChanged:
+	case ProjectRoleChanged:
 		return p.appendChangeRoleEvent(event)
-	case model.ProjectRoleRemoved:
+	case ProjectRoleRemoved:
 		return p.appendRemoveRoleEvent(event)
-	case model.ApplicationAdded:
+	case ApplicationAdded:
 		return p.appendAddAppEvent(event)
-	case model.ApplicationChanged:
+	case ApplicationChanged:
 		return p.appendChangeAppEvent(event)
-	case model.ApplicationRemoved:
+	case ApplicationRemoved:
 		return p.appendRemoveAppEvent(event)
-	case model.ApplicationDeactivated:
+	case ApplicationDeactivated:
 		return p.appendAppStateEvent(event, model.APPSTATE_INACTIVE)
-	case model.ApplicationReactivated:
+	case ApplicationReactivated:
 		return p.appendAppStateEvent(event, model.APPSTATE_ACTIVE)
-	case model.OIDCConfigAdded:
+	case OIDCConfigAdded:
 		return p.appendAddOIDCConfigEvent(event)
-	case model.OIDCConfigChanged, model.OIDCConfigSecretChanged:
+	case OIDCConfigChanged, OIDCConfigSecretChanged:
 		return p.appendChangeOIDCConfigEvent(event)
-	case model.ProjectGrantAdded:
+	case ProjectGrantAdded:
 		return p.appendAddGrantEvent(event)
-	case model.ProjectGrantChanged:
+	case ProjectGrantChanged:
 		return p.appendChangeGrantEvent(event)
-	case model.ProjectGrantDeactivated:
+	case ProjectGrantDeactivated:
 		return p.appendGrantStateEvent(event, model.PROJECTGRANTSTATE_INACTIVE)
-	case model.ProjectGrantReactivated:
+	case ProjectGrantReactivated:
 		return p.appendGrantStateEvent(event, model.PROJECTGRANTSTATE_ACTIVE)
-	case model.ProjectGrantRemoved:
+	case ProjectGrantRemoved:
 		return p.appendRemoveGrantEvent(event)
-	case model.ProjectGrantMemberAdded:
+	case ProjectGrantMemberAdded:
 		return p.appendAddGrantMemberEvent(event)
-	case model.ProjectGrantMemberChanged:
+	case ProjectGrantMemberChanged:
 		return p.appendChangeGrantMemberEvent(event)
-	case model.ProjectGrantMemberRemoved:
+	case ProjectGrantMemberRemoved:
 		return p.appendRemoveGrantMemberEvent(event)
 	}
 	return nil
 }
 
+func (p *Project) AppendAddProjectEvent(event *es_models.Event) error {
+	p.setData(event)
+	p.State = int32(model.PROJECTSTATE_ACTIVE)
+	return nil
+}
+
 func (p *Project) appendDeactivatedEvent() error {
 	p.State = int32(model.PROJECTSTATE_INACTIVE)
 	return nil
@@ -158,3 +149,11 @@ func (p *Project) appendReactivatedEvent() error {
 	p.State = int32(model.PROJECTSTATE_ACTIVE)
 	return nil
 }
+
+func (p *Project) setData(event *es_models.Event) error {
+	if err := json.Unmarshal(event.Data, p); err != nil {
+		logging.Log("EVEN-lo9sr").WithError(err).Error("could not unmarshal event data")
+		return err
+	}
+	return nil
+}

internal/project/repository/eventsourcing/model/project_grant.go

@@ -59,12 +59,7 @@ func GrantsFromModel(grants []*model.ProjectGrant) []*ProjectGrant {
 func GrantFromModel(grant *model.ProjectGrant) *ProjectGrant {
 	members := GrantMembersFromModel(grant.Members)
 	return &ProjectGrant{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  grant.ObjectRoot.AggregateID,
-			Sequence:     grant.Sequence,
-			ChangeDate:   grant.ChangeDate,
-			CreationDate: grant.CreationDate,
-		},
+		ObjectRoot:   grant.ObjectRoot,
 		GrantID:      grant.GrantID,
 		GrantedOrgID: grant.GrantedOrgID,
 		State:        int32(grant.State),
@@ -76,12 +71,7 @@ func GrantFromModel(grant *model.ProjectGrant) *ProjectGrant {
 func GrantToModel(grant *ProjectGrant) *model.ProjectGrant {
 	members := GrantMembersToModel(grant.Members)
 	return &model.ProjectGrant{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  grant.AggregateID,
-			ChangeDate:   grant.ChangeDate,
-			CreationDate: grant.CreationDate,
-			Sequence:     grant.Sequence,
-		},
+		ObjectRoot:   grant.ObjectRoot,
 		GrantID:      grant.GrantID,
 		GrantedOrgID: grant.GrantedOrgID,
 		State:        model.ProjectGrantState(grant.State),

internal/project/repository/eventsourcing/model/project_grant_member.go

@@ -41,29 +41,19 @@ func GrantMembersFromModel(members []*model.ProjectGrantMember) []*ProjectGrantM
 
 func GrantMemberFromModel(member *model.ProjectGrantMember) *ProjectGrantMember {
 	return &ProjectGrantMember{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  member.ObjectRoot.AggregateID,
-			Sequence:     member.Sequence,
-			ChangeDate:   member.ChangeDate,
-			CreationDate: member.CreationDate,
-		},
-		GrantID: member.GrantID,
-		UserID:  member.UserID,
-		Roles:   member.Roles,
+		ObjectRoot: member.ObjectRoot,
+		GrantID:    member.GrantID,
+		UserID:     member.UserID,
+		Roles:      member.Roles,
 	}
 }
 
 func GrantMemberToModel(member *ProjectGrantMember) *model.ProjectGrantMember {
 	return &model.ProjectGrantMember{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  member.AggregateID,
-			ChangeDate:   member.ChangeDate,
-			CreationDate: member.CreationDate,
-			Sequence:     member.Sequence,
-		},
-		GrantID: member.GrantID,
-		UserID:  member.UserID,
-		Roles:   member.Roles,
+		ObjectRoot: member.ObjectRoot,
+		GrantID:    member.GrantID,
+		UserID:     member.UserID,
+		Roles:      member.Roles,
 	}
 }
 

internal/project/repository/eventsourcing/model/project_member.go

@@ -40,27 +40,17 @@ func ProjectMembersFromModel(members []*model.ProjectMember) []*ProjectMember {
 
 func ProjectMemberFromModel(member *model.ProjectMember) *ProjectMember {
 	return &ProjectMember{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  member.ObjectRoot.AggregateID,
-			Sequence:     member.Sequence,
-			ChangeDate:   member.ChangeDate,
-			CreationDate: member.CreationDate,
-		},
-		UserID: member.UserID,
-		Roles:  member.Roles,
+		ObjectRoot: member.ObjectRoot,
+		UserID:     member.UserID,
+		Roles:      member.Roles,
 	}
 }
 
 func ProjectMemberToModel(member *ProjectMember) *model.ProjectMember {
 	return &model.ProjectMember{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  member.AggregateID,
-			ChangeDate:   member.ChangeDate,
-			CreationDate: member.CreationDate,
-			Sequence:     member.Sequence,
-		},
-		UserID: member.UserID,
-		Roles:  member.Roles,
+		ObjectRoot: member.ObjectRoot,
+		UserID:     member.UserID,
+		Roles:      member.Roles,
 	}
 }
 

internal/project/repository/eventsourcing/model/project_role.go

@@ -41,12 +41,7 @@ func ProjectRolesFromModel(roles []*model.ProjectRole) []*ProjectRole {
 
 func ProjectRoleFromModel(role *model.ProjectRole) *ProjectRole {
 	return &ProjectRole{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  role.ObjectRoot.AggregateID,
-			Sequence:     role.Sequence,
-			ChangeDate:   role.ChangeDate,
-			CreationDate: role.CreationDate,
-		},
+		ObjectRoot:  role.ObjectRoot,
 		Key:         role.Key,
 		DisplayName: role.DisplayName,
 		Group:       role.Group,
@@ -55,12 +50,7 @@ func ProjectRoleFromModel(role *model.ProjectRole) *ProjectRole {
 
 func ProjectRoleToModel(role *ProjectRole) *model.ProjectRole {
 	return &model.ProjectRole{
-		ObjectRoot: es_models.ObjectRoot{
-			AggregateID:  role.AggregateID,
-			ChangeDate:   role.ChangeDate,
-			CreationDate: role.CreationDate,
-			Sequence:     role.Sequence,
-		},
+		ObjectRoot:  role.ObjectRoot,
 		Key:         role.Key,
 		DisplayName: role.DisplayName,
 		Group:       role.Group,

internal/project/repository/eventsourcing/model/project_test.go

@@ -65,7 +65,7 @@ func TestProjectFromEvents(t *testing.T) {
 			name: "project from events, ok",
 			args: args{
 				event: []*es_models.Event{
-					&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded},
+					&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: ProjectAdded},
 				},
 				project: &Project{Name: "ProjectName"},
 			},
@@ -75,7 +75,7 @@ func TestProjectFromEvents(t *testing.T) {
 			name: "project from events, nil project",
 			args: args{
 				event: []*es_models.Event{
-					&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded},
+					&es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: ProjectAdded},
 				},
 				project: nil,
 			},
@@ -109,7 +109,7 @@ func TestAppendEvent(t *testing.T) {
 		{
 			name: "append added event",
 			args: args{
-				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectAdded},
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: ProjectAdded},
 				project: &Project{Name: "ProjectName"},
 			},
 			result: &Project{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, State: int32(model.PROJECTSTATE_ACTIVE), Name: "ProjectName"},
@@ -117,7 +117,7 @@ func TestAppendEvent(t *testing.T) {
 		{
 			name: "append change event",
 			args: args{
-				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectChanged},
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: ProjectChanged},
 				project: &Project{Name: "ProjectName"},
 			},
 			result: &Project{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, State: int32(model.PROJECTSTATE_ACTIVE), Name: "ProjectName"},
@@ -125,14 +125,14 @@ func TestAppendEvent(t *testing.T) {
 		{
 			name: "append deactivate event",
 			args: args{
-				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectDeactivated},
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: ProjectDeactivated},
 			},
 			result: &Project{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, State: int32(model.PROJECTSTATE_INACTIVE)},
 		},
 		{
 			name: "append reactivate event",
 			args: args{
-				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: model.ProjectReactivated},
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: ProjectReactivated},
 			},
 			result: &Project{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, State: int32(model.PROJECTSTATE_ACTIVE)},
 		},

internal/project/repository/eventsourcing/project.go

@@ -6,7 +6,6 @@ import (
 	"github.com/caos/zitadel/internal/errors"
 	"github.com/caos/zitadel/internal/eventstore/models"
 	es_models "github.com/caos/zitadel/internal/eventstore/models"
-	proj_model "github.com/caos/zitadel/internal/project/model"
 	"github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
 )
 
@@ -20,7 +19,7 @@ func ProjectByIDQuery(id string, latestSequence uint64) (*es_models.SearchQuery,
 
 func ProjectQuery(latestSequence uint64) *es_models.SearchQuery {
 	return es_models.NewSearchQuery().
-		AggregateTypeFilter(proj_model.ProjectAggregate).
+		AggregateTypeFilter(model.ProjectAggregate).
 		LatestSequenceFilter(latestSequence)
 }
 
@@ -28,7 +27,7 @@ func ProjectAggregate(ctx context.Context, aggCreator *es_models.AggregateCreato
 	if project == nil {
 		return nil, errors.ThrowPreconditionFailed(nil, "EVENT-doe93", "existing project should not be nil")
 	}
-	return aggCreator.NewAggregate(ctx, project.AggregateID, proj_model.ProjectAggregate, model.ProjectVersion, project.Sequence)
+	return aggCreator.NewAggregate(ctx, project.AggregateID, model.ProjectAggregate, model.ProjectVersion, project.Sequence)
 }
 
 func ProjectCreateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project) func(ctx context.Context) (*es_models.Aggregate, error) {
@@ -42,7 +41,7 @@ func ProjectCreateAggregate(aggCreator *es_models.AggregateCreator, project *mod
 			return nil, err
 		}
 
-		return agg.AppendEvent(proj_model.ProjectAdded, project)
+		return agg.AppendEvent(model.ProjectAdded, project)
 	}
 }
 
@@ -56,16 +55,16 @@ func ProjectUpdateAggregate(aggCreator *es_models.AggregateCreator, existing *mo
 			return nil, err
 		}
 		changes := existing.Changes(new)
-		return agg.AppendEvent(proj_model.ProjectChanged, changes)
+		return agg.AppendEvent(model.ProjectChanged, changes)
 	}
 }
 
 func ProjectDeactivateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project) func(ctx context.Context) (*es_models.Aggregate, error) {
-	return projectStateAggregate(aggCreator, project, proj_model.ProjectDeactivated)
+	return projectStateAggregate(aggCreator, project, model.ProjectDeactivated)
 }
 
 func ProjectReactivateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project) func(ctx context.Context) (*es_models.Aggregate, error) {
-	return projectStateAggregate(aggCreator, project, proj_model.ProjectReactivated)
+	return projectStateAggregate(aggCreator, project, model.ProjectReactivated)
 }
 
 func projectStateAggregate(aggCreator *es_models.AggregateCreator, project *model.Project, state models.EventType) func(ctx context.Context) (*es_models.Aggregate, error) {
@@ -87,7 +86,7 @@ func ProjectMemberAddedAggregate(aggCreator *es_models.AggregateCreator, existin
 		if err != nil {
 			return nil, err
 		}
-		return agg.AppendEvent(proj_model.ProjectMemberAdded, member)
+		return agg.AppendEvent(model.ProjectMemberAdded, member)
 	}
 }
 
@@ -101,7 +100,7 @@ func ProjectMemberChangedAggregate(aggCreator *es_models.AggregateCreator, exist
 		if err != nil {
 			return nil, err
 		}
-		return agg.AppendEvent(proj_model.ProjectMemberChanged, member)
+		return agg.AppendEvent(model.ProjectMemberChanged, member)
 	}
 }
 
@@ -114,7 +113,7 @@ func ProjectMemberRemovedAggregate(aggCreator *es_models.AggregateCreator, exist
 		if err != nil {
 			return nil, err
 		}
-		return agg.AppendEvent(proj_model.ProjectMemberRemoved, member)
+		return agg.AppendEvent(model.ProjectMemberRemoved, member)
 	}
 }
 
@@ -127,7 +126,7 @@ func ProjectRoleAddedAggregate(aggCreator *es_models.AggregateCreator, existing
 		if err != nil {
 			return nil, err
 		}
-		return agg.AppendEvent(proj_model.ProjectRoleAdded, role)
+		return agg.AppendEvent(model.ProjectRoleAdded, role)
 	}
 }
 
@@ -140,7 +139,7 @@ func ProjectRoleChangedAggregate(aggCreator *es_models.AggregateCreator, existin
 		if err != nil {
 			return nil, err
 		}
-		return agg.AppendEvent(proj_model.ProjectRoleChanged, role)
+		return agg.AppendEvent(model.ProjectRoleChanged, role)
 	}
 }
 
@@ -153,7 +152,7 @@ func ProjectRoleRemovedAggregate(aggCreator *es_models.AggregateCreator, existin
 		if err != nil {
 			return nil, err
 		}
-		return agg.AppendEvent(proj_model.ProjectRoleRemoved, role)
+		return agg.AppendEvent(model.ProjectRoleRemoved, role)
 	}
 }
 
@@ -166,9 +165,9 @@ func ApplicationAddedAggregate(aggCreator *es_models.AggregateCreator, existing
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ApplicationAdded, app)
+		agg.AppendEvent(model.ApplicationAdded, app)
 		if app.OIDCConfig != nil {
-			agg.AppendEvent(proj_model.OIDCConfigAdded, app.OIDCConfig)
+			agg.AppendEvent(model.OIDCConfigAdded, app.OIDCConfig)
 		}
 		return agg, nil
 	}
@@ -189,7 +188,7 @@ func ApplicationChangedAggregate(aggCreator *es_models.AggregateCreator, existin
 				changes = a.Changes(app)
 			}
 		}
-		agg.AppendEvent(proj_model.ApplicationChanged, changes)
+		agg.AppendEvent(model.ApplicationChanged, changes)
 
 		return agg, nil
 	}
@@ -204,7 +203,7 @@ func ApplicationRemovedAggregate(aggCreator *es_models.AggregateCreator, existin
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ApplicationRemoved, &model.ApplicationID{AppID: app.AppID})
+		agg.AppendEvent(model.ApplicationRemoved, &model.ApplicationID{AppID: app.AppID})
 
 		return agg, nil
 	}
@@ -219,7 +218,7 @@ func ApplicationDeactivatedAggregate(aggCreator *es_models.AggregateCreator, exi
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ApplicationDeactivated, &model.ApplicationID{AppID: app.AppID})
+		agg.AppendEvent(model.ApplicationDeactivated, &model.ApplicationID{AppID: app.AppID})
 
 		return agg, nil
 	}
@@ -234,7 +233,7 @@ func ApplicationReactivatedAggregate(aggCreator *es_models.AggregateCreator, exi
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ApplicationReactivated, &model.ApplicationID{AppID: app.AppID})
+		agg.AppendEvent(model.ApplicationReactivated, &model.ApplicationID{AppID: app.AppID})
 
 		return agg, nil
 	}
@@ -257,7 +256,7 @@ func OIDCConfigChangedAggregate(aggCreator *es_models.AggregateCreator, existing
 				}
 			}
 		}
-		agg.AppendEvent(proj_model.OIDCConfigChanged, changes)
+		agg.AppendEvent(model.OIDCConfigChanged, changes)
 
 		return agg, nil
 	}
@@ -273,7 +272,7 @@ func OIDCConfigSecretChangedAggregate(aggCreator *es_models.AggregateCreator, ex
 		changes["appId"] = appID
 		changes["clientSecret"] = secret
 
-		agg.AppendEvent(proj_model.OIDCConfigSecretChanged, changes)
+		agg.AppendEvent(model.OIDCConfigSecretChanged, changes)
 
 		return agg, nil
 	}
@@ -288,7 +287,7 @@ func ProjectGrantAddedAggregate(aggCreator *es_models.AggregateCreator, existing
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ProjectGrantAdded, grant)
+		agg.AppendEvent(model.ProjectGrantAdded, grant)
 		return agg, nil
 	}
 }
@@ -308,7 +307,7 @@ func ProjectGrantChangedAggregate(aggCreator *es_models.AggregateCreator, existi
 				changes = g.Changes(grant)
 			}
 		}
-		agg.AppendEvent(proj_model.ProjectGrantChanged, changes)
+		agg.AppendEvent(model.ProjectGrantChanged, changes)
 
 		return agg, nil
 	}
@@ -323,7 +322,7 @@ func ProjectGrantRemovedAggregate(aggCreator *es_models.AggregateCreator, existi
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ProjectGrantRemoved, &model.ProjectGrantID{GrantID: grant.GrantID})
+		agg.AppendEvent(model.ProjectGrantRemoved, &model.ProjectGrantID{GrantID: grant.GrantID})
 
 		return agg, nil
 	}
@@ -338,7 +337,7 @@ func ProjectGrantDeactivatedAggregate(aggCreator *es_models.AggregateCreator, ex
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ProjectGrantDeactivated, &model.ProjectGrantID{GrantID: grant.GrantID})
+		agg.AppendEvent(model.ProjectGrantDeactivated, &model.ProjectGrantID{GrantID: grant.GrantID})
 
 		return agg, nil
 	}
@@ -353,7 +352,7 @@ func ProjectGrantReactivatedAggregate(aggCreator *es_models.AggregateCreator, ex
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ProjectGrantReactivated, &model.ProjectGrantID{GrantID: grant.GrantID})
+		agg.AppendEvent(model.ProjectGrantReactivated, &model.ProjectGrantID{GrantID: grant.GrantID})
 
 		return agg, nil
 	}
@@ -368,7 +367,7 @@ func ProjectGrantMemberAddedAggregate(aggCreator *es_models.AggregateCreator, ex
 		if err != nil {
 			return nil, err
 		}
-		agg.AppendEvent(proj_model.ProjectGrantMemberAdded, member)
+		agg.AppendEvent(model.ProjectGrantMemberAdded, member)
 		return agg, nil
 	}
 }
@@ -388,7 +387,7 @@ func ProjectGrantMemberChangedAggregate(aggCreator *es_models.AggregateCreator,
 		changes["userId"] = member.UserID
 		changes["roles"] = member.Roles
 
-		return agg.AppendEvent(proj_model.ProjectGrantMemberChanged, changes)
+		return agg.AppendEvent(model.ProjectGrantMemberChanged, changes)
 	}
 }
 
@@ -401,6 +400,6 @@ func ProjectGrantMemberRemovedAggregate(aggCreator *es_models.AggregateCreator,
 		if err != nil {
 			return nil, err
 		}
-		return agg.AppendEvent(proj_model.ProjectGrantMemberRemoved, member)
+		return agg.AppendEvent(model.ProjectGrantMemberRemoved, member)
 	}
 }

internal/project/repository/eventsourcing/project_test.go

@@ -126,7 +126,7 @@ func TestProjectAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen: 0,
-				aggType:  proj_model.ProjectAggregate,
+				aggType:  model.ProjectAggregate,
 			},
 		},
 		{
@@ -137,7 +137,7 @@ func TestProjectAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen: 0,
-				aggType:  proj_model.ProjectAggregate,
+				aggType:  model.ProjectAggregate,
 				wantErr:  true,
 				errFunc:  caos_errs.IsPreconditionFailed,
 			},
@@ -186,7 +186,7 @@ func TestProjectCreateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectAdded,
+				eventType: model.ProjectAdded,
 			},
 		},
 		{
@@ -198,7 +198,7 @@ func TestProjectCreateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectAdded,
+				eventType: model.ProjectAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -252,7 +252,7 @@ func TestProjectUpdateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectChanged,
+				eventType: model.ProjectChanged,
 			},
 		},
 		{
@@ -264,7 +264,7 @@ func TestProjectUpdateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectChanged,
+				eventType: model.ProjectChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -279,7 +279,7 @@ func TestProjectUpdateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectChanged,
+				eventType: model.ProjectChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -331,7 +331,7 @@ func TestProjectDeactivateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectDeactivated,
+				eventType: model.ProjectDeactivated,
 			},
 		},
 		{
@@ -343,7 +343,7 @@ func TestProjectDeactivateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectDeactivated,
+				eventType: model.ProjectDeactivated,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -392,7 +392,7 @@ func TestProjectReactivateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectReactivated,
+				eventType: model.ProjectReactivated,
 			},
 		},
 		{
@@ -404,7 +404,7 @@ func TestProjectReactivateAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectReactivated,
+				eventType: model.ProjectReactivated,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -455,7 +455,7 @@ func TestProjectMemberAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberAdded,
+				eventType: model.ProjectMemberAdded,
 			},
 		},
 		{
@@ -467,7 +467,7 @@ func TestProjectMemberAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberAdded,
+				eventType: model.ProjectMemberAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -482,7 +482,7 @@ func TestProjectMemberAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberAdded,
+				eventType: model.ProjectMemberAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -536,7 +536,7 @@ func TestProjectMemberChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberChanged,
+				eventType: model.ProjectMemberChanged,
 			},
 		},
 		{
@@ -548,7 +548,7 @@ func TestProjectMemberChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberChanged,
+				eventType: model.ProjectMemberChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -563,7 +563,7 @@ func TestProjectMemberChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberChanged,
+				eventType: model.ProjectMemberChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -617,7 +617,7 @@ func TestProjectMemberRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberRemoved,
+				eventType: model.ProjectMemberRemoved,
 			},
 		},
 		{
@@ -629,7 +629,7 @@ func TestProjectMemberRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberRemoved,
+				eventType: model.ProjectMemberRemoved,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -644,7 +644,7 @@ func TestProjectMemberRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectMemberRemoved,
+				eventType: model.ProjectMemberRemoved,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -698,7 +698,7 @@ func TestProjectRoleAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleAdded,
+				eventType: model.ProjectRoleAdded,
 			},
 		},
 		{
@@ -710,7 +710,7 @@ func TestProjectRoleAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleAdded,
+				eventType: model.ProjectRoleAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -725,7 +725,7 @@ func TestProjectRoleAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleAdded,
+				eventType: model.ProjectRoleAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -779,7 +779,7 @@ func TestProjectRoleChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleChanged,
+				eventType: model.ProjectRoleChanged,
 			},
 		},
 		{
@@ -791,7 +791,7 @@ func TestProjectRoleChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleChanged,
+				eventType: model.ProjectRoleChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -806,7 +806,7 @@ func TestProjectRoleChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleChanged,
+				eventType: model.ProjectRoleChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -860,7 +860,7 @@ func TestProjectRoleRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleRemoved,
+				eventType: model.ProjectRoleRemoved,
 			},
 		},
 		{
@@ -872,7 +872,7 @@ func TestProjectRoleRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleRemoved,
+				eventType: model.ProjectRoleRemoved,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -887,7 +887,7 @@ func TestProjectRoleRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectRoleRemoved,
+				eventType: model.ProjectRoleRemoved,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -946,7 +946,7 @@ func TestProjectAppAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   2,
-				eventTypes: []models.EventType{proj_model.ApplicationAdded, proj_model.OIDCConfigAdded},
+				eventTypes: []models.EventType{model.ApplicationAdded, model.OIDCConfigAdded},
 			},
 		},
 		{
@@ -1038,7 +1038,7 @@ func TestProjectAppChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ApplicationChanged},
+				eventTypes: []models.EventType{model.ApplicationChanged},
 			},
 		},
 		{
@@ -1128,7 +1128,7 @@ func TestProjectAppRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ApplicationRemoved},
+				eventTypes: []models.EventType{model.ApplicationRemoved},
 			},
 		},
 		{
@@ -1218,7 +1218,7 @@ func TestProjectAppDeactivatedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ApplicationDeactivated},
+				eventTypes: []models.EventType{model.ApplicationDeactivated},
 			},
 		},
 		{
@@ -1308,7 +1308,7 @@ func TestProjectAppReactivatedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ApplicationReactivated},
+				eventTypes: []models.EventType{model.ApplicationReactivated},
 			},
 		},
 		{
@@ -1398,7 +1398,7 @@ func TestOIDCConfigchangAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.OIDCConfigChanged},
+				eventTypes: []models.EventType{model.OIDCConfigChanged},
 			},
 		},
 		{
@@ -1488,7 +1488,7 @@ func TestOIDCConfigSecretChangeAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.OIDCConfigSecretChanged},
+				eventTypes: []models.EventType{model.OIDCConfigSecretChanged},
 			},
 		},
 		{
@@ -1559,7 +1559,7 @@ func TestProjectGrantAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantAdded,
+				eventType: model.ProjectGrantAdded,
 			},
 		},
 		{
@@ -1571,7 +1571,7 @@ func TestProjectGrantAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantAdded,
+				eventType: model.ProjectGrantAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -1586,7 +1586,7 @@ func TestProjectGrantAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantAdded,
+				eventType: model.ProjectGrantAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -1651,7 +1651,7 @@ func TestProjectGrantChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ProjectGrantChanged},
+				eventTypes: []models.EventType{model.ProjectGrantChanged},
 			},
 		},
 		{
@@ -1742,7 +1742,7 @@ func TestProjectGrantRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ProjectGrantRemoved},
+				eventTypes: []models.EventType{model.ProjectGrantRemoved},
 			},
 		},
 		{
@@ -1833,7 +1833,7 @@ func TestProjectGrantDeactivatedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ProjectGrantDeactivated},
+				eventTypes: []models.EventType{model.ProjectGrantDeactivated},
 			},
 		},
 		{
@@ -1924,7 +1924,7 @@ func TestProjectGrantReactivatedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:   1,
-				eventTypes: []models.EventType{proj_model.ProjectGrantReactivated},
+				eventTypes: []models.EventType{model.ProjectGrantReactivated},
 			},
 		},
 		{
@@ -2004,7 +2004,7 @@ func TestProjectGrantMemberAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberAdded,
+				eventType: model.ProjectGrantMemberAdded,
 			},
 		},
 		{
@@ -2016,7 +2016,7 @@ func TestProjectGrantMemberAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberAdded,
+				eventType: model.ProjectGrantMemberAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -2031,7 +2031,7 @@ func TestProjectGrantMemberAddedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberAdded,
+				eventType: model.ProjectGrantMemberAdded,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -2085,7 +2085,7 @@ func TestProjectGrantMemberChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberChanged,
+				eventType: model.ProjectGrantMemberChanged,
 			},
 		},
 		{
@@ -2097,7 +2097,7 @@ func TestProjectGrantMemberChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberChanged,
+				eventType: model.ProjectGrantMemberChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -2112,7 +2112,7 @@ func TestProjectGrantMemberChangedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberChanged,
+				eventType: model.ProjectGrantMemberChanged,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -2166,7 +2166,7 @@ func TestProjectGrantMemberRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberRemoved,
+				eventType: model.ProjectGrantMemberRemoved,
 			},
 		},
 		{
@@ -2178,7 +2178,7 @@ func TestProjectGrantMemberRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberRemoved,
+				eventType: model.ProjectGrantMemberRemoved,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},
@@ -2193,7 +2193,7 @@ func TestProjectGrantMemberRemovedAggregate(t *testing.T) {
 			},
 			res: res{
 				eventLen:  1,
-				eventType: proj_model.ProjectGrantMemberRemoved,
+				eventType: model.ProjectGrantMemberRemoved,
 				wantErr:   true,
 				errFunc:   caos_errs.IsPreconditionFailed,
 			},

internal/project/repository/view/application_view.go

@@ -0,0 +1,32 @@
+package view
+
+import (
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ApplicationByID(db *gorm.DB, table, appID string) (*model.ApplicationView, error) {
+	app := new(model.ApplicationView)
+	query := view.PrepareGetByKey(table, model.ApplicationSearchKey(proj_model.APPLICATIONSEARCHKEY_APP_ID), appID)
+	err := query(db, app)
+	return app, err
+}
+
+func SearchApplications(db *gorm.DB, table string, req *proj_model.ApplicationSearchRequest) ([]*model.ApplicationView, int, error) {
+	apps := make([]*model.ApplicationView, 0)
+	query := view.PrepareSearchQuery(table, model.ApplicationSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &apps)
+	return apps, count, err
+}
+
+func PutApplication(db *gorm.DB, table string, app *model.ApplicationView) error {
+	save := view.PrepareSave(table)
+	return save(db, app)
+}
+
+func DeleteApplication(db *gorm.DB, table, appID string) error {
+	delete := view.PrepareDeleteByKey(table, model.ApplicationSearchKey(proj_model.APPLICATIONSEARCHKEY_APP_ID), appID)
+	return delete(db)
+}

internal/project/repository/view/granted_project_view.go

@@ -0,0 +1,56 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func GrantedProjectByIDs(db *gorm.DB, table, projectID, orgID string) (*model.GrantedProjectView, error) {
+	project := new(model.GrantedProjectView)
+
+	projectIDQuery := model.GrantedProjectSearchQuery{Key: proj_model.GRANTEDPROJECTSEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS}
+	grantIDQuery := model.GrantedProjectSearchQuery{Key: proj_model.GRANTEDPROJECTSEARCHKEY_ORGID, Value: orgID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, projectIDQuery, grantIDQuery)
+	err := query(db, project)
+	return project, err
+}
+
+func GrantedProjectsByID(db *gorm.DB, table, projectID string) ([]*model.GrantedProjectView, error) {
+	projects := make([]*model.GrantedProjectView, 0)
+	queries := []*proj_model.GrantedProjectSearchQuery{
+		&proj_model.GrantedProjectSearchQuery{Key: proj_model.GRANTEDPROJECTSEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.GrantedProjectSearchRequest{Queries: queries})
+	_, err := query(db, &projects)
+	if err != nil {
+		return nil, err
+	}
+	return projects, nil
+}
+
+func SearchGrantedProjects(db *gorm.DB, table string, req *proj_model.GrantedProjectSearchRequest) ([]*model.GrantedProjectView, int, error) {
+	projects := make([]*model.GrantedProjectView, 0)
+	query := view.PrepareSearchQuery(table, model.GrantedProjectSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &projects)
+	if err != nil {
+		return nil, 0, err
+	}
+	return projects, count, nil
+}
+
+func PutGrantedProject(db *gorm.DB, table string, project *model.GrantedProjectView) error {
+	save := view.PrepareSave(table)
+	return save(db, project)
+}
+
+func DeleteGrantedProject(db *gorm.DB, table, projectID, orgID string) error {
+	project, err := GrantedProjectByIDs(db, table, projectID, orgID)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, project)
+	return delete(db)
+}

internal/project/repository/view/model/application.go

@@ -0,0 +1,156 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	ApplicationKeyID            = "id"
+	ApplicationKeyProjectID     = "project_id"
+	ApplicationKeyResourceOwner = "resource_owner"
+	ApplicationKeyOIDCClientID  = "oidc_client_id"
+	ApplicationKeyName          = "name"
+)
+
+type ApplicationView struct {
+	ID           string    `json:"appId" gorm:"column:id;primary_key"`
+	ProjectID    string    `json:"-" gorm:"column:project_id"`
+	Name         string    `json:"name" gorm:"column:app_name"`
+	CreationDate time.Time `json:"-" gorm:"column:creation_date"`
+	ChangeDate   time.Time `json:"-" gorm:"column:change_date"`
+	State        int32     `json:"-" gorm:"column:app_state"`
+
+	IsOIDC                     bool           `json:"-" gorm:"column:is_oidc"`
+	OIDCClientID               string         `json:"clientId" gorm:"column:oidc_client_id"`
+	OIDCRedirectUris           pq.StringArray `json:"redirectUris" gorm:"column:oidc_redirect_uris"`
+	OIDCResponseTypes          pq.Int64Array  `json:"responseTypes" gorm:"column:oidc_response_types"`
+	OIDCGrantTypes             pq.Int64Array  `json:"grantTypes" gorm:"column:oidc_grant_types"`
+	OIDCApplicationType        int32          `json:"applicationType" gorm:"column:oidc_application_type"`
+	OIDCAuthMethodType         int32          `json:"authMethodType" gorm:"column:oidc_auth_method_type"`
+	OIDCPostLogoutRedirectUris pq.StringArray `json:"postLogoutRedirectUris" gorm:"column:oidc_post_logout_redirect_uris"`
+
+	Sequence uint64 `json:"-" gorm:"sequence"`
+}
+
+func ApplicationViewFromModel(app *model.ApplicationView) *ApplicationView {
+	return &ApplicationView{
+		ID:           app.ID,
+		ProjectID:    app.ProjectID,
+		Name:         app.Name,
+		State:        int32(app.State),
+		Sequence:     app.Sequence,
+		CreationDate: app.CreationDate,
+		ChangeDate:   app.ChangeDate,
+
+		IsOIDC:                     app.IsOIDC,
+		OIDCClientID:               app.OIDCClientID,
+		OIDCRedirectUris:           app.OIDCRedirectUris,
+		OIDCResponseTypes:          OIDCResponseTypesFromModel(app.OIDCResponseTypes),
+		OIDCGrantTypes:             OIDCGrantTypesFromModel(app.OIDCGrantTypes),
+		OIDCApplicationType:        int32(app.OIDCApplicationType),
+		OIDCAuthMethodType:         int32(app.OIDCAuthMethodType),
+		OIDCPostLogoutRedirectUris: app.OIDCPostLogoutRedirectUris,
+	}
+}
+
+func OIDCResponseTypesFromModel(oidctypes []model.OIDCResponseType) []int64 {
+	result := make([]int64, len(oidctypes))
+	for i, t := range oidctypes {
+		result[i] = int64(t)
+	}
+	return result
+}
+
+func OIDCGrantTypesFromModel(granttypes []model.OIDCGrantType) []int64 {
+	result := make([]int64, len(granttypes))
+	for i, t := range granttypes {
+		result[i] = int64(t)
+	}
+	return result
+}
+
+func ApplicationViewToModel(app *ApplicationView) *model.ApplicationView {
+	return &model.ApplicationView{
+		ID:           app.ID,
+		ProjectID:    app.ProjectID,
+		Name:         app.Name,
+		State:        model.AppState(app.State),
+		Sequence:     app.Sequence,
+		CreationDate: app.CreationDate,
+		ChangeDate:   app.ChangeDate,
+
+		IsOIDC:                     app.IsOIDC,
+		OIDCClientID:               app.OIDCClientID,
+		OIDCRedirectUris:           app.OIDCRedirectUris,
+		OIDCResponseTypes:          OIDCResponseTypesToModel(app.OIDCResponseTypes),
+		OIDCGrantTypes:             OIDCGrantTypesToModel(app.OIDCGrantTypes),
+		OIDCApplicationType:        model.OIDCApplicationType(app.OIDCApplicationType),
+		OIDCAuthMethodType:         model.OIDCAuthMethodType(app.OIDCAuthMethodType),
+		OIDCPostLogoutRedirectUris: app.OIDCPostLogoutRedirectUris,
+	}
+}
+
+func OIDCResponseTypesToModel(oidctypes []int64) []model.OIDCResponseType {
+	result := make([]model.OIDCResponseType, len(oidctypes))
+	for i, t := range oidctypes {
+		result[i] = model.OIDCResponseType(t)
+	}
+	return result
+}
+
+func OIDCGrantTypesToModel(granttypes []int64) []model.OIDCGrantType {
+	result := make([]model.OIDCGrantType, len(granttypes))
+	for i, t := range granttypes {
+		result[i] = model.OIDCGrantType(t)
+	}
+	return result
+}
+
+func ApplicationViewsToModel(roles []*ApplicationView) []*model.ApplicationView {
+	result := make([]*model.ApplicationView, len(roles))
+	for i, r := range roles {
+		result[i] = ApplicationViewToModel(r)
+	}
+	return result
+}
+
+func (a *ApplicationView) AppendEvent(event *models.Event) (err error) {
+	a.Sequence = event.Sequence
+	a.ChangeDate = event.CreationDate
+	switch event.Type {
+	case es_model.ApplicationAdded:
+		a.setRootData(event)
+		a.CreationDate = event.CreationDate
+		err = a.SetData(event)
+	case es_model.OIDCConfigAdded:
+		a.IsOIDC = true
+		err = a.SetData(event)
+	case es_model.OIDCConfigChanged,
+		es_model.ApplicationChanged:
+		err = a.SetData(event)
+	case es_model.ApplicationDeactivated:
+		a.State = int32(model.APPSTATE_INACTIVE)
+	case es_model.ApplicationReactivated:
+		a.State = int32(model.APPSTATE_ACTIVE)
+	}
+	return err
+}
+
+func (a *ApplicationView) setRootData(event *models.Event) {
+	a.ProjectID = event.AggregateID
+}
+
+func (a *ApplicationView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, a); err != nil {
+		logging.Log("EVEN-lo9ds").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-8suie", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/application_query.go

@@ -0,0 +1,65 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ApplicationSearchRequest proj_model.ApplicationSearchRequest
+type ApplicationSearchQuery proj_model.ApplicationSearchQuery
+type ApplicationSearchKey proj_model.ApplicationSearchKey
+
+func (req ApplicationSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ApplicationSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ApplicationSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.APPLICATIONSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ApplicationSearchKey(req.SortingColumn)
+}
+
+func (req ApplicationSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ApplicationSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ApplicationSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ApplicationSearchQuery) GetKey() view.ColumnKey {
+	return ApplicationSearchKey(req.Key)
+}
+
+func (req ApplicationSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ApplicationSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ApplicationSearchKey) ToColumnName() string {
+	switch proj_model.ApplicationSearchKey(key) {
+	case proj_model.APPLICATIONSEARCHKEY_APP_ID:
+		return ApplicationKeyID
+	case proj_model.APPLICATIONSEARCHKEY_NAME:
+		return ApplicationKeyName
+	case proj_model.APPLICATIONSEARCHKEY_PROJECT_ID:
+		return ApplicationKeyProjectID
+	case proj_model.APPLICATIONSEARCHKEY_OIDC_CLIENT_ID:
+		return ApplicationKeyOIDCClientID
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/application_test.go

@@ -0,0 +1,100 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"testing"
+)
+
+func mockAppData(app *es_model.Application) []byte {
+	data, _ := json.Marshal(app)
+	return data
+}
+
+func mockOIDCConfigData(config *es_model.OIDCConfig) []byte {
+	data, _ := json.Marshal(config)
+	return data
+}
+
+func TestApplicationAppendEvent(t *testing.T) {
+	type args struct {
+		event *es_models.Event
+		app   *ApplicationView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ApplicationView
+	}{
+		{
+			name: "append added app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationAdded, Data: mockAppData(&es_model.Application{Name: "AppName"})},
+				app:   &ApplicationView{},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append changed app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationChanged, Data: mockAppData(&es_model.Application{Name: "AppNameChanged"})},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppNameChanged", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append deactivate app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationDeactivated},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_INACTIVE)},
+		},
+		{
+			name: "append reactivate app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationReactivated},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_INACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append added oidc config event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.OIDCConfigAdded, Data: mockOIDCConfigData(&es_model.OIDCConfig{ClientID: "clientID"})},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", IsOIDC: true, OIDCClientID: "clientID", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append changed oidc config event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.OIDCConfigAdded, Data: mockOIDCConfigData(&es_model.OIDCConfig{ClientID: "clientIDChanged"})},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", OIDCClientID: "clientID", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", IsOIDC: true, OIDCClientID: "clientIDChanged", State: int32(model.APPSTATE_ACTIVE)},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.app.AppendEvent(tt.args.event)
+			if tt.args.app.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.app.ProjectID)
+			}
+			if tt.args.app.Name != tt.result.Name {
+				t.Errorf("got wrong result name: expected: %v, actual: %v ", tt.result.Name, tt.args.app.Name)
+			}
+			if tt.args.app.State != tt.result.State {
+				t.Errorf("got wrong result state: expected: %v, actual: %v ", tt.result.State, tt.args.app.State)
+			}
+			if tt.args.app.IsOIDC != tt.result.IsOIDC {
+				t.Errorf("got wrong result IsOIDC: expected: %v, actual: %v ", tt.result.IsOIDC, tt.args.app.IsOIDC)
+			}
+			if tt.args.app.OIDCClientID != tt.result.OIDCClientID {
+				t.Errorf("got wrong result OIDCClientID: expected: %v, actual: %v ", tt.result.OIDCClientID, tt.args.app.OIDCClientID)
+			}
+		})
+	}
+}

internal/project/repository/view/model/granted_project.go

@@ -0,0 +1,149 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	GrantedProjectKeyProjectID     = "project_id"
+	GrantedProjectKeyGrantID       = "grant_id"
+	GrantedProjectKeyOrgID         = "org_id"
+	GrantedProjectKeyResourceOwner = "resource_owner"
+	GrantedProjectKeyName          = "name"
+)
+
+type GrantedProjectView struct {
+	ProjectID       string         `json:"-" gorm:"column:project_id;primary_key"`
+	OrgID           string         `json:"-" gorm:"column:org_id;primary_key"`
+	Name            string         `json:"name" gorm:"column:project_name"`
+	CreationDate    time.Time      `json:"-" gorm:"column:creation_date"`
+	ChangeDate      time.Time      `json:"-" gorm:"column:change_date"`
+	State           int32          `json:"-" gorm:"column:project_state"`
+	Type            int32          `json:"-" gorm:"column:project_type"`
+	ResourceOwner   string         `json:"-" gorm:"column:resource_owner"`
+	OrgName         string         `json:"-" gorm:"column:org_name"`
+	OrgDomain       string         `json:"-" gorm:"column:org_domain"`
+	Sequence        uint64         `json:"-" gorm:"column:sequence"`
+	GrantID         string         `json:"-" gorm:"column:grant_id"`
+	GrantedRoleKeys pq.StringArray `json:"-" gorm:"column:granted_role_keys"`
+}
+
+type ProjectGrant struct {
+	GrantID      string   `json:"grantId"`
+	GrantedOrgID string   `json:"grantedOrgId"`
+	RoleKeys     []string `json:"roleKeys"`
+}
+
+func GrantedProjectFromModel(project *model.GrantedProjectView) *GrantedProjectView {
+	return &GrantedProjectView{
+		ProjectID:       project.ProjectID,
+		OrgID:           project.OrgID,
+		Name:            project.Name,
+		ChangeDate:      project.ChangeDate,
+		CreationDate:    project.CreationDate,
+		State:           int32(project.State),
+		Type:            int32(project.Type),
+		ResourceOwner:   project.ResourceOwner,
+		OrgName:         project.OrgName,
+		GrantID:         project.GrantID,
+		GrantedRoleKeys: project.GrantedRoleKeys,
+		Sequence:        project.Sequence,
+	}
+}
+
+func GrantedProjectToModel(project *GrantedProjectView) *model.GrantedProjectView {
+	return &model.GrantedProjectView{
+		ProjectID:     project.ProjectID,
+		OrgID:         project.OrgID,
+		Name:          project.Name,
+		ChangeDate:    project.ChangeDate,
+		CreationDate:  project.CreationDate,
+		State:         model.ProjectState(project.State),
+		Type:          model.ProjectType(project.Type),
+		ResourceOwner: project.ResourceOwner,
+		OrgName:       project.OrgName,
+		GrantID:       project.GrantID,
+		Sequence:      project.Sequence,
+	}
+}
+
+func GrantedProjectsToModel(projects []*GrantedProjectView) []*model.GrantedProjectView {
+	result := make([]*model.GrantedProjectView, len(projects))
+	for i, p := range projects {
+		result[i] = GrantedProjectToModel(p)
+	}
+	return result
+}
+
+func (p *GrantedProjectView) AppendEvent(event *models.Event) (err error) {
+	p.ChangeDate = event.CreationDate
+	p.Sequence = event.Sequence
+	switch event.Type {
+	case es_model.ProjectAdded:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+		p.CreationDate = event.CreationDate
+		p.setRootData(event)
+		err = p.setData(event)
+	case es_model.ProjectChanged:
+		err = p.setData(event)
+	case es_model.ProjectDeactivated:
+		p.State = int32(model.PROJECTSTATE_INACTIVE)
+	case es_model.ProjectReactivated:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+	case es_model.ProjectGrantAdded:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+		p.CreationDate = event.CreationDate
+		p.setRootData(event)
+		err = p.setProjectGrantData(event)
+	case es_model.ProjectGrantChanged:
+		err = p.setProjectGrantData(event)
+	case es_model.ProjectGrantDeactivated:
+		p.State = int32(model.PROJECTSTATE_INACTIVE)
+	case es_model.ProjectGrantReactivated:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+	}
+	return err
+}
+
+func (p *GrantedProjectView) setRootData(event *models.Event) {
+	p.ProjectID = event.AggregateID
+	p.OrgID = event.ResourceOwner
+	p.ResourceOwner = event.ResourceOwner
+}
+
+func (p *GrantedProjectView) setData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, p); err != nil {
+		logging.Log("EVEN-dlo92").WithError(err).Error("could not unmarshal event data")
+		return err
+	}
+	return nil
+}
+
+func (p *GrantedProjectView) setProjectGrantData(event *models.Event) error {
+	grant := new(ProjectGrant)
+	err := grant.SetData(event)
+	if err != nil {
+		return err
+	}
+	if grant.GrantedOrgID != "" {
+		p.OrgID = grant.GrantedOrgID
+	}
+	p.GrantID = grant.GrantID
+	p.GrantedRoleKeys = grant.RoleKeys
+	return nil
+}
+
+func (p *ProjectGrant) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, p); err != nil {
+		logging.Log("EVEN-dlo92").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-s9ols", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/granted_project_query.go

@@ -0,0 +1,67 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type GrantedProjectSearchRequest proj_model.GrantedProjectSearchRequest
+type GrantedProjectSearchQuery proj_model.GrantedProjectSearchQuery
+type GrantedProjectSearchKey proj_model.GrantedProjectSearchKey
+
+func (req GrantedProjectSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req GrantedProjectSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req GrantedProjectSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.GRANTEDPROJECTSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return GrantedProjectSearchKey(req.SortingColumn)
+}
+
+func (req GrantedProjectSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req GrantedProjectSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = GrantedProjectSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req GrantedProjectSearchQuery) GetKey() view.ColumnKey {
+	return GrantedProjectSearchKey(req.Key)
+}
+
+func (req GrantedProjectSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req GrantedProjectSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key GrantedProjectSearchKey) ToColumnName() string {
+	switch proj_model.GrantedProjectSearchKey(key) {
+	case proj_model.GRANTEDPROJECTSEARCHKEY_NAME:
+		return GrantedProjectKeyName
+	case proj_model.GRANTEDPROJECTSEARCHKEY_GRANTID:
+		return GrantedProjectKeyGrantID
+	case proj_model.GRANTEDPROJECTSEARCHKEY_ORGID:
+		return GrantedProjectKeyOrgID
+	case proj_model.GRANTEDPROJECTSEARCHKEY_PROJECTID:
+		return GrantedProjectKeyProjectID
+	case proj_model.GRANTEDPROJECTSEARCHKEY_RESOURCE_OWNER:
+		return GrantedProjectKeyResourceOwner
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/granted_project_test.go

@@ -0,0 +1,121 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"reflect"
+	"testing"
+)
+
+func mockProjectData(project *es_model.Project) []byte {
+	data, _ := json.Marshal(project)
+	return data
+}
+
+func mockProjectGrantData(grant *es_model.ProjectGrant) []byte {
+	data, _ := json.Marshal(grant)
+	return data
+}
+
+func TestGrantedProjectAppendEvent(t *testing.T) {
+	type args struct {
+		event   *es_models.Event
+		project *GrantedProjectView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *GrantedProjectView
+	}{
+		{
+			name: "append added project event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectAdded, ResourceOwner: "OrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectName"})},
+				project: &GrantedProjectView{},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+		},
+		{
+			name: "append change project event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectChanged, ResourceOwner: "OrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectNameChanged"})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", OrgID: "OrgID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectNameChanged", State: int32(model.PROJECTSTATE_ACTIVE)},
+		},
+		{
+			name: "append project deactivate event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectDeactivated, ResourceOwner: "OrgID"},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_INACTIVE)},
+		},
+		{
+			name: "append project reactivate event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectReactivated, ResourceOwner: "OrgID"},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_INACTIVE)},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+		},
+		{
+			name: "append added project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantAdded, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID", GrantedOrgID: "GrantedOrgID", RoleKeys: pq.StringArray{"Role"}})},
+				project: &GrantedProjectView{},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append change project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantChanged, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID", RoleKeys: pq.StringArray{"RoleChanged"}})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"RoleChanged"}},
+		},
+		{
+			name: "append deactivate project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantDeactivated, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID"})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_INACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append reactivate project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantReactivated, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID"})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_INACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.project.AppendEvent(tt.args.event)
+			if tt.args.project.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.project.ProjectID)
+			}
+			if tt.args.project.OrgID != tt.result.OrgID {
+				t.Errorf("got wrong result orgID: expected: %v, actual: %v ", tt.result.OrgID, tt.args.project.OrgID)
+			}
+			if tt.args.project.ResourceOwner != tt.result.ResourceOwner {
+				t.Errorf("got wrong result ResourceOwner: expected: %v, actual: %v ", tt.result.ResourceOwner, tt.args.project.ResourceOwner)
+			}
+			if tt.args.project.Name != tt.result.Name {
+				t.Errorf("got wrong result name: expected: %v, actual: %v ", tt.result.Name, tt.args.project.Name)
+			}
+			if tt.args.project.State != tt.result.State {
+				t.Errorf("got wrong result state: expected: %v, actual: %v ", tt.result.State, tt.args.project.State)
+			}
+			if !reflect.DeepEqual(tt.args.project.GrantedRoleKeys, tt.result.GrantedRoleKeys) {
+				t.Errorf("got wrong result state: expected: %v, actual: %v ", tt.result.GrantedRoleKeys, tt.args.project.GrantedRoleKeys)
+			}
+		})
+	}
+}

internal/project/repository/view/model/project_grant_member.go

@@ -0,0 +1,102 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	ProjectGrantMemberKeyUserID    = "user_id"
+	ProjectGrantMemberKeyGrantID   = "grant_id"
+	ProjectGrantMemberKeyUserName  = "user_name"
+	ProjectGrantMemberKeyEmail     = "email"
+	ProjectGrantMemberKeyFirstName = "first_name"
+	ProjectGrantMemberKeyLastName  = "last_name"
+)
+
+type ProjectGrantMemberView struct {
+	UserID    string         `json:"userId" gorm:"column:user_id;primary_key"`
+	GrantID   string         `json:"grantId" gorm:"column:grant_id;primary_key"`
+	ProjectID string         `json:"-" gorm:"column:project_id"`
+	UserName  string         `json:"-" gorm:"column:user_name"`
+	Email     string         `json:"-" gorm:"column:email_address"`
+	FirstName string         `json:"-" gorm:"column:first_name"`
+	LastName  string         `json:"-" gorm:"column:last_name"`
+	Roles     pq.StringArray `json:"roles" gorm:"column:roles"`
+	Sequence  uint64         `json:"-" gorm:"column:sequence"`
+
+	CreationDate time.Time `json:"-" gorm:"column:creation_date"`
+	ChangeDate   time.Time `json:"-" gorm:"column:change_date"`
+}
+
+func ProjectGrantMemberViewFromModel(member *model.ProjectGrantMemberView) *ProjectGrantMemberView {
+	return &ProjectGrantMemberView{
+		UserID:       member.UserID,
+		GrantID:      member.GrantID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectGrantMemberToModel(member *ProjectGrantMemberView) *model.ProjectGrantMemberView {
+	return &model.ProjectGrantMemberView{
+		UserID:       member.UserID,
+		GrantID:      member.GrantID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectGrantMembersToModel(roles []*ProjectGrantMemberView) []*model.ProjectGrantMemberView {
+	result := make([]*model.ProjectGrantMemberView, len(roles))
+	for i, r := range roles {
+		result[i] = ProjectGrantMemberToModel(r)
+	}
+	return result
+}
+
+func (r *ProjectGrantMemberView) AppendEvent(event *models.Event) (err error) {
+	r.Sequence = event.Sequence
+	r.ChangeDate = event.CreationDate
+	switch event.Type {
+	case es_model.ProjectGrantMemberAdded:
+		r.setRootData(event)
+		r.CreationDate = event.CreationDate
+		err = r.SetData(event)
+	case es_model.ProjectGrantMemberChanged:
+		err = r.SetData(event)
+	}
+	return err
+}
+
+func (r *ProjectGrantMemberView) setRootData(event *models.Event) {
+	r.ProjectID = event.AggregateID
+}
+
+func (r *ProjectGrantMemberView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, r); err != nil {
+		logging.Log("EVEN-slo9s").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-0plew", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/project_grant_member_query.go

@@ -0,0 +1,69 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ProjectGrantMemberSearchRequest proj_model.ProjectGrantMemberSearchRequest
+type ProjectGrantMemberSearchQuery proj_model.ProjectGrantMemberSearchQuery
+type ProjectGrantMemberSearchKey proj_model.ProjectGrantMemberSearchKey
+
+func (req ProjectGrantMemberSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ProjectGrantMemberSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ProjectGrantMemberSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.PROJECTGRANTMEMBERSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ProjectGrantMemberSearchKey(req.SortingColumn)
+}
+
+func (req ProjectGrantMemberSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ProjectGrantMemberSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ProjectGrantMemberSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ProjectGrantMemberSearchQuery) GetKey() view.ColumnKey {
+	return ProjectGrantMemberSearchKey(req.Key)
+}
+
+func (req ProjectGrantMemberSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ProjectGrantMemberSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ProjectGrantMemberSearchKey) ToColumnName() string {
+	switch proj_model.ProjectGrantMemberSearchKey(key) {
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_EMAIL:
+		return ProjectGrantMemberKeyEmail
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME:
+		return ProjectGrantMemberKeyFirstName
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME:
+		return ProjectGrantMemberKeyLastName
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_NAME:
+		return ProjectGrantMemberKeyUserName
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_ID:
+		return ProjectGrantMemberKeyUserID
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_GRANT_ID:
+		return ProjectGrantMemberKeyGrantID
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/project_grant_member_test.go

@@ -0,0 +1,61 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"reflect"
+	"testing"
+)
+
+func mockProjectGrantMemberData(member *es_model.ProjectGrantMember) []byte {
+	data, _ := json.Marshal(member)
+	return data
+}
+
+func TestGrantedProjectMemberAppendEvent(t *testing.T) {
+	type args struct {
+		event  *es_models.Event
+		member *ProjectGrantMemberView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ProjectGrantMemberView
+	}{
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantMemberAdded, ResourceOwner: "OrgID", Data: mockProjectGrantMemberData(&es_model.ProjectGrantMember{GrantID: "GrantID", UserID: "UserID", Roles: pq.StringArray{"Role"}})},
+				member: &ProjectGrantMemberView{},
+			},
+			result: &ProjectGrantMemberView{ProjectID: "AggregateID", UserID: "UserID", GrantID: "GrantID", Roles: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append changed member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantMemberAdded, ResourceOwner: "OrgID", Data: mockProjectGrantMemberData(&es_model.ProjectGrantMember{GrantID: "GrantID", Roles: pq.StringArray{"RoleChanged"}})},
+				member: &ProjectGrantMemberView{ProjectID: "AggregateID", UserID: "UserID", GrantID: "GrantID", Roles: pq.StringArray{"Role"}},
+			},
+			result: &ProjectGrantMemberView{ProjectID: "AggregateID", UserID: "UserID", GrantID: "GrantID", Roles: pq.StringArray{"RoleChanged"}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.member.AppendEvent(tt.args.event)
+			if tt.args.member.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.member.ProjectID)
+			}
+			if tt.args.member.UserID != tt.result.UserID {
+				t.Errorf("got wrong result userID: expected: %v, actual: %v ", tt.result.UserID, tt.args.member.UserID)
+			}
+			if tt.args.member.GrantID != tt.result.GrantID {
+				t.Errorf("got wrong result GrantID: expected: %v, actual: %v ", tt.result.GrantID, tt.args.member.GrantID)
+			}
+			if !reflect.DeepEqual(tt.args.member.Roles, tt.result.Roles) {
+				t.Errorf("got wrong result Roles: expected: %v, actual: %v ", tt.result.Roles, tt.args.member.Roles)
+			}
+		})
+	}
+}

internal/project/repository/view/model/project_member.go

@@ -0,0 +1,99 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	ProjectMemberKeyUserID    = "user_id"
+	ProjectMemberKeyProjectID = "project_id"
+	ProjectMemberKeyUserName  = "user_name"
+	ProjectMemberKeyEmail     = "email"
+	ProjectMemberKeyFirstName = "first_name"
+	ProjectMemberKeyLastName  = "last_name"
+)
+
+type ProjectMemberView struct {
+	UserID    string         `json:"userId" gorm:"column:user_id;primary_key"`
+	ProjectID string         `json:"-" gorm:"column:project_id;primary_key"`
+	UserName  string         `json:"-" gorm:"column:user_name"`
+	Email     string         `json:"-" gorm:"column:email_address"`
+	FirstName string         `json:"-" gorm:"column:first_name"`
+	LastName  string         `json:"-" gorm:"column:last_name"`
+	Roles     pq.StringArray `json:"roles" gorm:"column:roles"`
+	Sequence  uint64         `json:"-" gorm:"column:sequence"`
+
+	CreationDate time.Time `json:"-" gorm:"column:creation_date"`
+	ChangeDate   time.Time `json:"-" gorm:"column:change_date"`
+}
+
+func ProjectMemberViewFromModel(member *model.ProjectMemberView) *ProjectMemberView {
+	return &ProjectMemberView{
+		UserID:       member.UserID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectMemberToModel(member *ProjectMemberView) *model.ProjectMemberView {
+	return &model.ProjectMemberView{
+		UserID:       member.UserID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectMembersToModel(roles []*ProjectMemberView) []*model.ProjectMemberView {
+	result := make([]*model.ProjectMemberView, len(roles))
+	for i, r := range roles {
+		result[i] = ProjectMemberToModel(r)
+	}
+	return result
+}
+
+func (r *ProjectMemberView) AppendEvent(event *models.Event) (err error) {
+	r.Sequence = event.Sequence
+	r.ChangeDate = event.CreationDate
+	switch event.Type {
+	case es_model.ProjectMemberAdded:
+		r.setRootData(event)
+		r.CreationDate = event.CreationDate
+		err = r.SetData(event)
+	case es_model.ProjectMemberChanged:
+		err = r.SetData(event)
+	}
+	return err
+}
+
+func (r *ProjectMemberView) setRootData(event *models.Event) {
+	r.ProjectID = event.AggregateID
+}
+
+func (r *ProjectMemberView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, r); err != nil {
+		logging.Log("EVEN-slo9s").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-lub6s", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/project_member_query.go

@@ -0,0 +1,69 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ProjectMemberSearchRequest proj_model.ProjectMemberSearchRequest
+type ProjectMemberSearchQuery proj_model.ProjectMemberSearchQuery
+type ProjectMemberSearchKey proj_model.ProjectMemberSearchKey
+
+func (req ProjectMemberSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ProjectMemberSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ProjectMemberSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.PROJECTMEMBERSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ProjectMemberSearchKey(req.SortingColumn)
+}
+
+func (req ProjectMemberSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ProjectMemberSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ProjectMemberSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ProjectMemberSearchQuery) GetKey() view.ColumnKey {
+	return ProjectMemberSearchKey(req.Key)
+}
+
+func (req ProjectMemberSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ProjectMemberSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ProjectMemberSearchKey) ToColumnName() string {
+	switch proj_model.ProjectMemberSearchKey(key) {
+	case proj_model.PROJECTMEMBERSEARCHKEY_EMAIL:
+		return ProjectMemberKeyEmail
+	case proj_model.PROJECTMEMBERSEARCHKEY_FIRST_NAME:
+		return ProjectMemberKeyFirstName
+	case proj_model.PROJECTMEMBERSEARCHKEY_LAST_NAME:
+		return ProjectMemberKeyLastName
+	case proj_model.PROJECTMEMBERSEARCHKEY_USER_NAME:
+		return ProjectMemberKeyUserName
+	case proj_model.PROJECTMEMBERSEARCHKEY_USER_ID:
+		return ProjectMemberKeyUserID
+	case proj_model.PROJECTMEMBERSEARCHKEY_PROJECT_ID:
+		return ProjectMemberKeyProjectID
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/project_member_test.go

@@ -0,0 +1,58 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"reflect"
+	"testing"
+)
+
+func mockProjectMemberData(member *es_model.ProjectMember) []byte {
+	data, _ := json.Marshal(member)
+	return data
+}
+
+func TestProjectMemberAppendEvent(t *testing.T) {
+	type args struct {
+		event  *es_models.Event
+		member *ProjectMemberView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ProjectMemberView
+	}{
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectMemberAdded, ResourceOwner: "OrgID", Data: mockProjectMemberData(&es_model.ProjectMember{UserID: "UserID", Roles: pq.StringArray{"Role"}})},
+				member: &ProjectMemberView{},
+			},
+			result: &ProjectMemberView{ProjectID: "AggregateID", UserID: "UserID", Roles: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append changed member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectMemberAdded, ResourceOwner: "OrgID", Data: mockProjectMemberData(&es_model.ProjectMember{UserID: "UserID", Roles: pq.StringArray{"RoleChanged"}})},
+				member: &ProjectMemberView{ProjectID: "AggregateID", UserID: "UserID", Roles: pq.StringArray{"Role"}},
+			},
+			result: &ProjectMemberView{ProjectID: "AggregateID", UserID: "UserID", Roles: pq.StringArray{"RoleChanged"}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.member.AppendEvent(tt.args.event)
+			if tt.args.member.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.member.ProjectID)
+			}
+			if tt.args.member.UserID != tt.result.UserID {
+				t.Errorf("got wrong result userID: expected: %v, actual: %v ", tt.result.UserID, tt.args.member.UserID)
+			}
+			if !reflect.DeepEqual(tt.args.member.Roles, tt.result.Roles) {
+				t.Errorf("got wrong result Roles: expected: %v, actual: %v ", tt.result.Roles, tt.args.member.Roles)
+			}
+		})
+	}
+}

internal/project/repository/view/model/project_role.go

@@ -0,0 +1,91 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"time"
+)
+
+const (
+	ProjectRoleKeyKey           = "role_key"
+	ProjectRoleKeyOrgID         = "org_id"
+	ProjectRoleKeyProjectID     = "project_id"
+	ProjectRoleKeyResourceOwner = "resource_owner"
+)
+
+type ProjectRoleView struct {
+	OrgID       string `json:"-" gorm:"column:org_id;primary_key"`
+	ProjectID   string `json:"projectId,omitempty" gorm:"column:project_id;primary_key"`
+	Key         string `json:"key" gorm:"column:role_key;primary_key"`
+	DisplayName string `json:"displayName" gorm:"column:display_name"`
+	Group       string `json:"group" gorm:"column:group_name"`
+	Sequence    uint64 `json:"-" gorm:"column:sequence"`
+
+	ResourceOwner string    `json:"-" gorm:"resource_owner"`
+	CreationDate  time.Time `json:"-" gorm:"column:creation_date"`
+}
+
+func ProjectRoleViewFromModel(role *model.ProjectRoleView) *ProjectRoleView {
+	return &ProjectRoleView{
+		ResourceOwner: role.ResourceOwner,
+		OrgID:         role.OrgID,
+		ProjectID:     role.ProjectID,
+		Key:           role.Key,
+		DisplayName:   role.DisplayName,
+		Group:         role.Group,
+		Sequence:      role.Sequence,
+		CreationDate:  role.CreationDate,
+	}
+}
+
+func ProjectRoleToModel(role *ProjectRoleView) *model.ProjectRoleView {
+	return &model.ProjectRoleView{
+		ResourceOwner: role.ResourceOwner,
+		OrgID:         role.OrgID,
+		ProjectID:     role.ProjectID,
+		Key:           role.Key,
+		DisplayName:   role.DisplayName,
+		Group:         role.Group,
+		Sequence:      role.Sequence,
+		CreationDate:  role.CreationDate,
+	}
+}
+
+func ProjectRolesToModel(roles []*ProjectRoleView) []*model.ProjectRoleView {
+	result := make([]*model.ProjectRoleView, len(roles))
+	for i, r := range roles {
+		result[i] = ProjectRoleToModel(r)
+	}
+	return result
+}
+
+func (r *ProjectRoleView) AppendEvent(event *models.Event) (err error) {
+	r.Sequence = event.Sequence
+	switch event.Type {
+	case es_model.ProjectRoleAdded:
+		r.setRootData(event)
+		r.CreationDate = event.CreationDate
+		err = r.SetData(event)
+	case es_model.ProjectRoleChanged:
+		err = r.SetData(event)
+	}
+	return err
+}
+
+func (r *ProjectRoleView) setRootData(event *models.Event) {
+	r.ProjectID = event.AggregateID
+	r.OrgID = event.ResourceOwner
+	r.ResourceOwner = event.ResourceOwner
+}
+
+func (r *ProjectRoleView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, r); err != nil {
+		logging.Log("EVEN-slo9s").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-6z52s", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/project_role_query.go

@@ -0,0 +1,65 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ProjectRoleSearchRequest proj_model.ProjectRoleSearchRequest
+type ProjectRoleSearchQuery proj_model.ProjectRoleSearchQuery
+type ProjectRoleSearchKey proj_model.ProjectRoleSearchKey
+
+func (req ProjectRoleSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ProjectRoleSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ProjectRoleSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.PROJECTROLESEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ProjectRoleSearchKey(req.SortingColumn)
+}
+
+func (req ProjectRoleSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ProjectRoleSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ProjectRoleSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ProjectRoleSearchQuery) GetKey() view.ColumnKey {
+	return ProjectRoleSearchKey(req.Key)
+}
+
+func (req ProjectRoleSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ProjectRoleSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ProjectRoleSearchKey) ToColumnName() string {
+	switch proj_model.ProjectRoleSearchKey(key) {
+	case proj_model.PROJECTROLESEARCHKEY_KEY:
+		return ProjectRoleKeyKey
+	case proj_model.PROJECTROLESEARCHKEY_ORGID:
+		return ProjectRoleKeyOrgID
+	case proj_model.PROJECTROLESEARCHKEY_PROJECTID:
+		return ProjectRoleKeyProjectID
+	case proj_model.PROJECTROLESEARCHKEY_RESOURCEOWNER:
+		return ProjectRoleKeyResourceOwner
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/project_role_test.go

@@ -0,0 +1,65 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"testing"
+)
+
+func mockProjectRoleData(member *es_model.ProjectRole) []byte {
+	data, _ := json.Marshal(member)
+	return data
+}
+
+func TestProjectRoleAppendEvent(t *testing.T) {
+	type args struct {
+		event  *es_models.Event
+		member *ProjectRoleView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ProjectRoleView
+	}{
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectRoleAdded, ResourceOwner: "OrgID", Data: mockProjectRoleData(&es_model.ProjectRole{Key: "Key", DisplayName: "DisplayName", Group: "Group"})},
+				member: &ProjectRoleView{},
+			},
+			result: &ProjectRoleView{OrgID: "OrgID", ResourceOwner: "OrgID", ProjectID: "AggregateID", Key: "Key", DisplayName: "DisplayName", Group: "Group"},
+		},
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectRoleAdded, ResourceOwner: "OrgID", Data: mockProjectRoleData(&es_model.ProjectRole{Key: "Key", DisplayName: "DisplayNameChanged", Group: "GroupChanged"})},
+				member: &ProjectRoleView{OrgID: "OrgID", ResourceOwner: "OrgID", ProjectID: "AggregateID", Key: "Key", DisplayName: "DisplayName", Group: "Group"},
+			},
+			result: &ProjectRoleView{OrgID: "OrgID", ResourceOwner: "OrgID", ProjectID: "AggregateID", Key: "Key", DisplayName: "DisplayNameChanged", Group: "GroupChanged"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.member.AppendEvent(tt.args.event)
+			if tt.args.member.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.member.ProjectID)
+			}
+			if tt.args.member.OrgID != tt.result.OrgID {
+				t.Errorf("got wrong result orgID: expected: %v, actual: %v ", tt.result.OrgID, tt.args.member.OrgID)
+			}
+			if tt.args.member.ResourceOwner != tt.result.ResourceOwner {
+				t.Errorf("got wrong result ResourceOwner: expected: %v, actual: %v ", tt.result.ResourceOwner, tt.args.member.ResourceOwner)
+			}
+			if tt.args.member.Key != tt.result.Key {
+				t.Errorf("got wrong result Key: expected: %v, actual: %v ", tt.result.Key, tt.args.member.Key)
+			}
+			if tt.args.member.DisplayName != tt.result.DisplayName {
+				t.Errorf("got wrong result DisplayName: expected: %v, actual: %v ", tt.result.DisplayName, tt.args.member.DisplayName)
+			}
+			if tt.args.member.Group != tt.result.Group {
+				t.Errorf("got wrong result Group: expected: %v, actual: %v ", tt.result.Group, tt.args.member.Group)
+			}
+		})
+	}
+}

internal/project/repository/view/project_grant_member_view.go

@@ -0,0 +1,56 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ProjectGrantMemberByIDs(db *gorm.DB, table, grantID, userID string) (*model.ProjectGrantMemberView, error) {
+	role := new(model.ProjectGrantMemberView)
+
+	grantIDQuery := model.ProjectGrantMemberSearchQuery{Key: proj_model.PROJECTGRANTMEMBERSEARCHKEY_GRANT_ID, Value: grantID, Method: global_model.SEARCHMETHOD_EQUALS}
+	userIDQuery := model.ProjectGrantMemberSearchQuery{Key: proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, grantIDQuery, userIDQuery)
+	err := query(db, role)
+	return role, err
+}
+
+func SearchProjectGrantMembers(db *gorm.DB, table string, req *proj_model.ProjectGrantMemberSearchRequest) ([]*model.ProjectGrantMemberView, int, error) {
+	roles := make([]*model.ProjectGrantMemberView, 0)
+	query := view.PrepareSearchQuery(table, model.ProjectGrantMemberSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &roles)
+	if err != nil {
+		return nil, 0, err
+	}
+	return roles, count, nil
+}
+
+func ProjectGrantMembersByUserID(db *gorm.DB, table, userID string) ([]*model.ProjectGrantMemberView, error) {
+	members := make([]*model.ProjectGrantMemberView, 0)
+	queries := []*proj_model.ProjectGrantMemberSearchQuery{
+		&proj_model.ProjectGrantMemberSearchQuery{Key: proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectGrantMemberSearchRequest{Queries: queries})
+	_, err := query(db, &members)
+	if err != nil {
+		return nil, err
+	}
+	return members, nil
+}
+
+func PutProjectGrantMember(db *gorm.DB, table string, role *model.ProjectGrantMemberView) error {
+	save := view.PrepareSave(table)
+	return save(db, role)
+}
+
+func DeleteProjectGrantMember(db *gorm.DB, table, grantID, userID string) error {
+	role, err := ProjectGrantMemberByIDs(db, table, grantID, userID)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, role)
+	return delete(db)
+}

internal/project/repository/view/project_member_view.go

@@ -0,0 +1,55 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ProjectMemberByIDs(db *gorm.DB, table, projectID, userID string) (*model.ProjectMemberView, error) {
+	role := new(model.ProjectMemberView)
+
+	projectIDQuery := model.ProjectMemberSearchQuery{Key: proj_model.PROJECTMEMBERSEARCHKEY_PROJECT_ID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS}
+	userIDQuery := model.ProjectMemberSearchQuery{Key: proj_model.PROJECTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, projectIDQuery, userIDQuery)
+	err := query(db, role)
+	return role, err
+}
+
+func SearchProjectMembers(db *gorm.DB, table string, req *proj_model.ProjectMemberSearchRequest) ([]*model.ProjectMemberView, int, error) {
+	roles := make([]*model.ProjectMemberView, 0)
+	query := view.PrepareSearchQuery(table, model.ProjectMemberSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &roles)
+	if err != nil {
+		return nil, 0, err
+	}
+	return roles, count, nil
+}
+func ProjectMembersByUserID(db *gorm.DB, table string, userID string) ([]*model.ProjectMemberView, error) {
+	members := make([]*model.ProjectMemberView, 0)
+	queries := []*proj_model.ProjectMemberSearchQuery{
+		&proj_model.ProjectMemberSearchQuery{Key: proj_model.PROJECTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectMemberSearchRequest{Queries: queries})
+	_, err := query(db, &members)
+	if err != nil {
+		return nil, err
+	}
+	return members, nil
+}
+
+func PutProjectMember(db *gorm.DB, table string, role *model.ProjectMemberView) error {
+	save := view.PrepareSave(table)
+	return save(db, role)
+}
+
+func DeleteProjectMember(db *gorm.DB, table, projectID, userID string) error {
+	role, err := ProjectMemberByIDs(db, table, projectID, userID)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, role)
+	return delete(db)
+}

internal/project/repository/view/project_role_view.go

@@ -0,0 +1,73 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ProjectRoleByIDs(db *gorm.DB, table, projectID, orgID, key string) (*model.ProjectRoleView, error) {
+	role := new(model.ProjectRoleView)
+
+	projectIDQuery := model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS}
+	grantIDQuery := model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_ORGID, Value: orgID, Method: global_model.SEARCHMETHOD_EQUALS}
+	keyQuery := model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_KEY, Value: orgID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, projectIDQuery, grantIDQuery, keyQuery)
+	err := query(db, role)
+	return role, err
+}
+
+func ResourceOwnerProjectRolesByKey(db *gorm.DB, table, projectID, resourceOwner, key string) ([]*model.ProjectRoleView, error) {
+	roles := make([]*model.ProjectRoleView, 0)
+	queries := []*proj_model.ProjectRoleSearchQuery{
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS},
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_RESOURCEOWNER, Value: resourceOwner, Method: global_model.SEARCHMETHOD_EQUALS},
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_KEY, Value: key, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectRoleSearchRequest{Queries: queries})
+	_, err := query(db, &roles)
+	if err != nil {
+		return nil, err
+	}
+	return roles, nil
+}
+
+func ResourceOwnerProjectRoles(db *gorm.DB, table, projectID, resourceOwner string) ([]*model.ProjectRoleView, error) {
+	roles := make([]*model.ProjectRoleView, 0)
+	queries := []*proj_model.ProjectRoleSearchQuery{
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS},
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_RESOURCEOWNER, Value: resourceOwner, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectRoleSearchRequest{Queries: queries})
+	_, err := query(db, &roles)
+	if err != nil {
+		return nil, err
+	}
+	return roles, nil
+}
+
+func SearchProjectRoles(db *gorm.DB, table string, req *proj_model.ProjectRoleSearchRequest) ([]*model.ProjectRoleView, int, error) {
+	roles := make([]*model.ProjectRoleView, 0)
+	query := view.PrepareSearchQuery(table, model.ProjectRoleSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &roles)
+	if err != nil {
+		return nil, 0, err
+	}
+	return roles, count, nil
+}
+
+func PutProjectRole(db *gorm.DB, table string, role *model.ProjectRoleView) error {
+	save := view.PrepareSave(table)
+	return save(db, role)
+}
+
+func DeleteProjectRole(db *gorm.DB, table, projectID, orgID, key string) error {
+	role, err := ProjectRoleByIDs(db, table, projectID, orgID, key)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, role)
+	return delete(db)
+}

internal/view/config.go

@@ -1,9 +1,25 @@
 package view
 
 import (
+	"database/sql"
 	"github.com/caos/zitadel/internal/config/types"
+	"github.com/caos/zitadel/internal/errors"
+	"github.com/jinzhu/gorm"
 )
 
 type ViewConfig struct {
 	SQL *types.SQL
 }
+
+func Start(conf ViewConfig) (*sql.DB, *gorm.DB, error) {
+	sqlClient, err := sql.Open("postgres", conf.SQL.ConnectionString())
+	if err != nil {
+		return nil, nil, errors.ThrowPreconditionFailed(err, "SQL-9qBtr", "unable to open database connection")
+	}
+
+	client, err := gorm.Open("postgres", sqlClient)
+	if err != nil {
+		return nil, nil, err
+	}
+	return sqlClient, client, nil
+}

internal/view/db_mock_test.go

@@ -14,6 +14,8 @@ var (
 	expectedGetByQueryCaseSensitive  = `SELECT \* FROM "%s" WHERE \(%s %s \$1\) LIMIT 1`
 	expectedSave                     = `UPDATE "%s" SET "test" = \$1 WHERE "%s"."%s" = \$2`
 	expectedRemove                   = `DELETE FROM "%s" WHERE \(%s = \$1\)`
+	expectedRemoveByObject           = `DELETE FROM "%s" WHERE "%s"."%s" = \$1`
+	expectedRemoveByObjectMultiplePK = `DELETE FROM "%s" WHERE "%s"."%s" = \$1 AND "%s"."%s" = \$2`
 	expectedSearch                   = `SELECT \* FROM "%s" OFFSET 0`
 	expectedSearchCount              = `SELECT count\(\*\) FROM "%s"`
 	expectedSearchLimit              = `SELECT \* FROM "%s" LIMIT %v OFFSET 0`
@@ -94,10 +96,16 @@ func (key TestSearchKey) ToColumnName() string {
 }
 
 type Test struct {
-	ID   string `json:"-" gorm:"column:id;primary_key"`
+	ID   string `json:"-" gorm:"column:primary_id;primary_key"`
 	Test string `json:"test" gorm:"column:test"`
 }
 
+type TestMultiplePK struct {
+	TestID  string `gorm:"column:testId;primary_key"`
+	HodorID string `gorm:"column:hodorId;primary_key"`
+	Test    string `gorm:"column:test"`
+}
+
 type dbMock struct {
 	db   *gorm.DB
 	mock sqlmock.Sqlmock
@@ -201,7 +209,7 @@ func (db *dbMock) expectGetByQueryErr(table, key, method, value string, err erro
 }
 
 func (db *dbMock) expectSave(table string, object Test) *dbMock {
-	query := fmt.Sprintf(expectedSave, table, table, "id")
+	query := fmt.Sprintf(expectedSave, table, table, "primary_id")
 	db.mock.ExpectExec(query).
 		WithArgs(object.Test, object.ID).
 		WillReturnResult(sqlmock.NewResult(1, 1))
@@ -227,6 +235,24 @@ func (db *dbMock) expectRemove(table, key, value string) *dbMock {
 	return db
 }
 
+func (db *dbMock) expectRemoveByObject(table string, object Test) *dbMock {
+	query := fmt.Sprintf(expectedRemoveByObject, table, table, "primary_id")
+	db.mock.ExpectExec(query).
+		WithArgs(object.ID).
+		WillReturnResult(sqlmock.NewResult(1, 1))
+
+	return db
+}
+
+func (db *dbMock) expectRemoveByObjectMultiplePKs(table string, object TestMultiplePK) *dbMock {
+	query := fmt.Sprintf(expectedRemoveByObjectMultiplePK, table, table, "testId", table, "hodorId")
+	db.mock.ExpectExec(query).
+		WithArgs(object.TestID, object.HodorID).
+		WillReturnResult(sqlmock.NewResult(1, 1))
+
+	return db
+}
+
 func (db *dbMock) expectRemoveErr(table, key, value string, err error) *dbMock {
 	query := fmt.Sprintf(expectedRemove, table, key)
 	db.mock.ExpectExec(query).

internal/view/failed_events.go

@@ -12,10 +12,10 @@ const (
 )
 
 type FailedEvent struct {
-	ViewName      string `gorm:"column:view_name;primary_key"`
-	FailedSequnce uint64 `gorm:"column:failed_sequence;primary_key`
-	FailureCount  uint64 `gorm:"column:failure_count`
-	ErrMsg        uint64 `gorm:"column:err_msg`
+	ViewName       string `gorm:"column:view_name;primary_key"`
+	FailedSequence uint64 `gorm:"column:failed_sequence;primary_key`
+	FailureCount   uint64 `gorm:"column:failure_count`
+	ErrMsg         string `gorm:"column:err_msg`
 }
 
 type FailedEventSearchQuery struct {
@@ -71,18 +71,18 @@ func LatestFailedEvent(db *gorm.DB, table, viewName string, sequence uint64) (*F
 	failedEvent := new(FailedEvent)
 	queries := []SearchQuery{
 		FailedEventSearchQuery{Key: FAILEDEVENTKEY_VIEW_NAME, Method: model.SEARCHMETHOD_EQUALS_IGNORE_CASE, Value: viewName},
-		FailedEventSearchQuery{Key: FAILEDEVENTKEY_FAILED_SEQUENCE, Method: model.SEARCHMETHOD_EQUALS_IGNORE_CASE, Value: sequence},
+		FailedEventSearchQuery{Key: FAILEDEVENTKEY_FAILED_SEQUENCE, Method: model.SEARCHMETHOD_EQUALS, Value: sequence},
 	}
 	query := PrepareGetByQuery(table, queries...)
-	err := query(db, sequence)
+	err := query(db, failedEvent)
 
 	if err == nil {
 		return failedEvent, nil
 	}
 
-	if gorm.IsRecordNotFoundError(err) {
+	if errors.IsNotFound(err) {
 		failedEvent.ViewName = viewName
-		failedEvent.FailedSequnce = sequence
+		failedEvent.FailedSequence = sequence
 		failedEvent.FailureCount = 0
 		return failedEvent, nil
 	}

internal/view/query.go

@@ -69,7 +69,7 @@ func SetQuery(query *gorm.DB, key ColumnKey, value interface{}, method model.Sea
 	case model.SEARCHMETHOD_EQUALS_IGNORE_CASE:
 		valueText, ok := value.(string)
 		if !ok {
-			return nil, caos_errs.ThrowInvalidArgument(nil, "VIEW-idu8e", "Starts with only possible for strings")
+			return nil, caos_errs.ThrowInvalidArgument(nil, "VIEW-idu8e", "Equal ignore case only possible for strings")
 		}
 		query = query.Where("LOWER("+column+") = LOWER(?)", valueText)
 	case model.SEARCHMETHOD_STARTS_WITH:
@@ -81,7 +81,7 @@ func SetQuery(query *gorm.DB, key ColumnKey, value interface{}, method model.Sea
 	case model.SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
 		valueText, ok := value.(string)
 		if !ok {
-			return nil, caos_errs.ThrowInvalidArgument(nil, "VIEW-eidus", "Starts with only possible for strings")
+			return nil, caos_errs.ThrowInvalidArgument(nil, "VIEW-eidus", "Starts with ignore case only possible for strings")
 		}
 		query = query.Where("LOWER("+column+") LIKE LOWER(?)", valueText+"%")
 	case model.SEARCHMETHOD_CONTAINS:
@@ -93,10 +93,11 @@ func SetQuery(query *gorm.DB, key ColumnKey, value interface{}, method model.Sea
 	case model.SEARCHMETHOD_CONTAINS_IGNORE_CASE:
 		valueText, ok := value.(string)
 		if !ok {
-			return nil, caos_errs.ThrowInvalidArgument(nil, "VIEW-eid73", "Contains with only possible for strings")
+			return nil, caos_errs.ThrowInvalidArgument(nil, "VIEW-eid73", "Contains with ignore case only possible for strings")
 		}
 		query = query.Where("LOWER("+column+") LIKE LOWER(?)", "%"+valueText+"%")
-
+	case model.SEARCHMETHOD_NOT_EQUALS:
+		query = query.Where(""+column+" <> ?", value)
 	default:
 		return nil, nil
 	}

internal/view/requests.go

@@ -58,7 +58,7 @@ func PrepareSave(table string) func(db *gorm.DB, object interface{}) error {
 	}
 }
 
-func PrepareDelete(table string, key ColumnKey, id string) func(db *gorm.DB) error {
+func PrepareDeleteByKey(table string, key ColumnKey, id string) func(db *gorm.DB) error {
 	return func(db *gorm.DB) error {
 		err := db.Table(table).
 			Where(fmt.Sprintf("%s = ?", key.ToColumnName()), id).
@@ -70,3 +70,15 @@ func PrepareDelete(table string, key ColumnKey, id string) func(db *gorm.DB) err
 		return nil
 	}
 }
+
+func PrepareDeleteByObject(table string, object interface{}) func(db *gorm.DB) error {
+	return func(db *gorm.DB) error {
+		err := db.Table(table).
+			Delete(object).
+			Error
+		if err != nil {
+			return caos_errs.ThrowInternal(err, "VIEW-lso9w", "could not delete object")
+		}
+		return nil
+	}
+}

internal/view/requests_test.go

@@ -372,7 +372,90 @@ func TestPrepareDelete(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			getDelete := PrepareDelete(tt.args.table, tt.args.key, tt.args.value)
+			getDelete := PrepareDeleteByKey(tt.args.table, tt.args.key, tt.args.value)
+			err := getDelete(tt.db.db)
+
+			if !tt.res.wantErr && err != nil {
+				t.Errorf("got wrong err should be nil: %v ", err)
+			}
+
+			if tt.res.wantErr && !tt.res.errFunc(err) {
+				t.Errorf("got wrong err: %v ", err)
+			}
+			if err := tt.db.mock.ExpectationsWereMet(); !tt.res.wantErr && err != nil {
+				t.Errorf("there were unfulfilled expectations: %s", err)
+			}
+
+			tt.db.close()
+		})
+	}
+}
+
+func TestPrepareDeleteByObject(t *testing.T) {
+	type args struct {
+		table  string
+		object interface{}
+	}
+	type res struct {
+		result  Test
+		wantErr bool
+		errFunc func(err error) bool
+	}
+	tests := []struct {
+		name string
+		db   *dbMock
+		args args
+		res  res
+	}{
+		{
+			"delete",
+			mockDB(t).
+				expectBegin(nil).
+				expectRemoveByObject("TESTTABLE", Test{ID: "VALUE", Test: "TEST"}).
+				expectCommit(nil),
+			args{
+				table:  "TESTTABLE",
+				object: &Test{ID: "VALUE", Test: "TEST"},
+			},
+			res{
+				result:  Test{ID: "VALUE"},
+				wantErr: false,
+			},
+		},
+		{
+			"delete multiple PK",
+			mockDB(t).
+				expectBegin(nil).
+				expectRemoveByObjectMultiplePKs("TESTTABLE", TestMultiplePK{TestID: "TESTID", HodorID: "HODORID", Test: "TEST"}).
+				expectCommit(nil),
+			args{
+				table:  "TESTTABLE",
+				object: &TestMultiplePK{TestID: "TESTID", HodorID: "HODORID", Test: "TEST"},
+			},
+			res{
+				wantErr: false,
+			},
+		},
+		{
+			"db error",
+			mockDB(t).
+				expectBegin(nil).
+				expectRemoveErr("TESTTABLE", "id", "VALUE", gorm.ErrUnaddressable).
+				expectCommit(nil),
+			args{
+				table:  "TESTTABLE",
+				object: &Test{ID: "VALUE", Test: "TEST"},
+			},
+			res{
+				result:  Test{ID: "VALUE"},
+				wantErr: true,
+				errFunc: caos_errs.IsInternal,
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			getDelete := PrepareDeleteByObject(tt.args.table, tt.args.object)
 			err := getDelete(tt.db.db)
 
 			if !tt.res.wantErr && err != nil {

internal/view/sequence.go

@@ -51,7 +51,7 @@ func LatestSequence(db *gorm.DB, table, viewName string) (uint64, error) {
 		return sequence.ActualSequence, nil
 	}
 
-	if gorm.IsRecordNotFoundError(err) {
+	if caos_errs.IsNotFound(err) {
 		return 0, nil
 	}
 	return 0, caos_errs.ThrowInternalf(err, "VIEW-9LyCB", "unable to get latest sequence of %s", viewName)

migrations/cockroach/V1.2__management_project_view.sql

@@ -0,0 +1,123 @@
+BEGIN;
+
+
+CREATE TABLE management.locks (
+    locker_id TEXT,
+    locked_until TIMESTAMPTZ,
+    object_type TEXT,
+
+    PRIMARY KEY (object_type)
+);
+
+CREATE TABLE management.current_sequences (
+    view_name TEXT,
+
+    current_sequence BIGINT,
+
+    PRIMARY KEY (view_name)
+);
+
+CREATE TABLE management.failed_event (
+    view_name TEXT,
+    failed_sequence BIGINT,
+    failure_count SMALLINT,
+    err_msg TEXT,
+
+    PRIMARY KEY (view_name, failed_sequence)
+);
+
+CREATE TABLE management.granted_projects (
+    project_id TEXT,
+    org_id TEXT,
+
+    creation_date TIMESTAMPTZ,
+    change_date TIMESTAMPTZ,
+
+    project_name TEXT,
+    org_name TEXT,
+    org_domain TEXT,
+    project_type SMALLINT,
+    project_state SMALLINT,
+    resource_owner TEXT,
+    grant_id TEXT,
+    granted_role_keys TEXT Array,
+    sequence BIGINT,
+
+
+    PRIMARY KEY (project_id, org_id)
+);
+
+CREATE TABLE management.project_roles (
+    project_id TEXT,
+    role_key TEXT,
+    display_name TEXT,
+    resource_owner TEXT,
+    org_id TEXT,
+    group_name TEXT,
+
+    creation_date TIMESTAMPTZ,
+    sequence BIGINT,
+
+    PRIMARY KEY (org_id, project_id, role_key)
+);
+
+CREATE TABLE management.project_members (
+    user_id TEXT,
+    project_id TEXT,
+
+    creation_date TIMESTAMPTZ,
+    change_date TIMESTAMPTZ,
+
+    user_name TEXT,
+    email_address TEXT,
+    first_name TEXT,
+    last_name TEXT,
+    roles TEXT ARRAY,
+    sequence BIGINT,
+
+    PRIMARY KEY (project_id, user_id)
+);
+
+CREATE TABLE management.project_grant_members (
+    user_id TEXT,
+    grant_id TEXT,
+    project_id TEXT,
+
+    creation_date TIMESTAMPTZ,
+    change_date TIMESTAMPTZ,
+
+    user_name TEXT,
+    email_address TEXT,
+    first_name TEXT,
+    last_name TEXT,
+    roles TEXT ARRAY,
+    sequence BIGINT,
+
+    PRIMARY KEY (grant_id, user_id)
+);
+
+CREATE TABLE management.applications (
+    id TEXT,
+
+    creation_date TIMESTAMPTZ,
+    change_date TIMESTAMPTZ,
+    sequence BIGINT,
+
+    app_state SMALLINT,
+    resource_owner TEXT,
+    app_name TEXT,
+    project_id TEXT,
+    app_type SMALLINT,
+    is_oidc BOOLEAN,
+    oidc_client_id TEXT,
+    oidc_redirect_uris TEXT ARRAY,
+    oidc_response_types SMALLINT ARRAY,
+    oidc_grant_types SMALLINT ARRAY,
+    oidc_application_type SMALLINT,
+    oidc_auth_method_type SMALLINT,
+    oidc_post_logout_redirect_uris TEXT ARRAY,
+
+    PRIMARY KEY (id)
+);
+
+COMMIT;

pkg/management/api/grpc/application.go

@@ -7,7 +7,11 @@ import (
 )
 
 func (s *Server) SearchApplications(ctx context.Context, in *ApplicationSearchRequest) (*ApplicationSearchResponse, error) {
-	return nil, errors.ThrowUnimplemented(nil, "GRPC-yW23f", "Not implemented")
+	response, err := s.project.SearchApplications(ctx, applicationSearchRequestsToModel(in))
+	if err != nil {
+		return nil, err
+	}
+	return applicationSearchResponseFromModel(response), nil
 }
 
 func (s *Server) ApplicationByID(ctx context.Context, in *ApplicationID) (*Application, error) {

pkg/management/api/grpc/application_converter.go

@@ -47,6 +47,18 @@ func oidcConfigFromModel(config *proj_model.OIDCConfig) *OIDCConfig {
 	}
 }
 
+func oidcConfigFromApplicationViewModel(app *proj_model.ApplicationView) *OIDCConfig {
+	return &OIDCConfig{
+		RedirectUris:           app.OIDCRedirectUris,
+		ResponseTypes:          oidcResponseTypesFromModel(app.OIDCResponseTypes),
+		GrantTypes:             oidcGrantTypesFromModel(app.OIDCGrantTypes),
+		ApplicationType:        oidcApplicationTypeFromModel(app.OIDCApplicationType),
+		ClientId:               app.OIDCClientID,
+		AuthMethodType:         oidcAuthMethodTypeFromModel(app.OIDCAuthMethodType),
+		PostLogoutRedirectUris: app.OIDCPostLogoutRedirectUris,
+	}
+}
+
 func oidcAppCreateToModel(app *OIDCApplicationCreate) *proj_model.Application {
 	return &proj_model.Application{
 		ObjectRoot: models.ObjectRoot{
@@ -90,6 +102,79 @@ func oidcConfigUpdateToModel(app *OIDCConfigUpdate) *proj_model.OIDCConfig {
 	}
 }
 
+func applicationSearchRequestsToModel(request *ApplicationSearchRequest) *proj_model.ApplicationSearchRequest {
+	return &proj_model.ApplicationSearchRequest{
+		Offset:  request.Offset,
+		Limit:   request.Limit,
+		Queries: applicationSearchQueriesToModel(request.Queries),
+	}
+}
+
+func applicationSearchQueriesToModel(queries []*ApplicationSearchQuery) []*proj_model.ApplicationSearchQuery {
+	converted := make([]*proj_model.ApplicationSearchQuery, len(queries))
+	for i, q := range queries {
+		converted[i] = applicationSearchQueryToModel(q)
+	}
+	return converted
+}
+
+func applicationSearchQueryToModel(query *ApplicationSearchQuery) *proj_model.ApplicationSearchQuery {
+	return &proj_model.ApplicationSearchQuery{
+		Key:    applicationSearchKeyToModel(query.Key),
+		Method: searchMethodToModel(query.Method),
+		Value:  query.Value,
+	}
+}
+
+func applicationSearchKeyToModel(key ApplicationSearchKey) proj_model.ApplicationSearchKey {
+	switch key {
+	case ApplicationSearchKey_APPLICATIONSEARCHKEY_APP_NAME:
+		return proj_model.APPLICATIONSEARCHKEY_NAME
+	default:
+		return proj_model.APPLICATIONSEARCHKEY_UNSPECIFIED
+	}
+}
+
+func applicationSearchResponseFromModel(response *proj_model.ApplicationSearchResponse) *ApplicationSearchResponse {
+	return &ApplicationSearchResponse{
+		Offset:      response.Offset,
+		Limit:       response.Limit,
+		TotalResult: response.TotalResult,
+		Result:      applicationViewsFromModel(response.Result),
+	}
+}
+
+func applicationViewsFromModel(apps []*proj_model.ApplicationView) []*ApplicationView {
+	converted := make([]*ApplicationView, len(apps))
+	for i, app := range apps {
+		converted[i] = applicationViewFromModel(app)
+	}
+	return converted
+}
+
+func applicationViewFromModel(application *proj_model.ApplicationView) *ApplicationView {
+	creationDate, err := ptypes.TimestampProto(application.CreationDate)
+	logging.Log("GRPC-lo9sw").OnError(err).Debug("unable to parse timestamp")
+
+	changeDate, err := ptypes.TimestampProto(application.ChangeDate)
+	logging.Log("GRPC-8uwsd").OnError(err).Debug("unable to parse timestamp")
+
+	converted := &ApplicationView{
+		Id:           application.ID,
+		State:        appStateFromModel(application.State),
+		CreationDate: creationDate,
+		ChangeDate:   changeDate,
+		Name:         application.Name,
+		Sequence:     application.Sequence,
+	}
+	if application.IsOIDC {
+		converted.AppConfig = &ApplicationView_OidcConfig{
+			OidcConfig: oidcConfigFromApplicationViewModel(application),
+		}
+	}
+	return converted
+}
+
 func appStateFromModel(state proj_model.AppState) AppState {
 	switch state {
 	case proj_model.APPSTATE_ACTIVE:

pkg/management/api/grpc/management.pb.authoptions.go

@@ -255,7 +255,7 @@ var ManagementService_AuthMethods = utils_auth.MethodMapping{
 		CheckParam: "",
 	},
 
-	"/caos.zitadel.management.api.v1.ManagementService/SearchProjects": utils_auth.Option{
+	"/caos.zitadel.management.api.v1.ManagementService/SearchGrantedProjects": utils_auth.Option{
 		Permission: "project.read",
 		CheckParam: "",
 	},

pkg/management/api/grpc/management.pb.gw.go

@@ -1434,8 +1434,8 @@ func request_ManagementService_SearchOrgMembers_0(ctx context.Context, marshaler
 
 }
 
-func request_ManagementService_SearchProjects_0(ctx context.Context, marshaler runtime.Marshaler, client ManagementServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq ProjectSearchRequest
+func request_ManagementService_SearchGrantedProjects_0(ctx context.Context, marshaler runtime.Marshaler, client ManagementServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
+	var protoReq GrantedProjectSearchRequest
 	var metadata runtime.ServerMetadata
 
 	newReader, berr := utilities.IOReaderFactory(req.Body)
@@ -1446,7 +1446,7 @@ func request_ManagementService_SearchProjects_0(ctx context.Context, marshaler r
 		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
 
-	msg, err := client.SearchProjects(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
+	msg, err := client.SearchGrantedProjects(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
 	return msg, metadata, err
 
 }
@@ -1601,7 +1601,7 @@ func request_ManagementService_ReactivateProject_0(ctx context.Context, marshale
 }
 
 func request_ManagementService_GetGrantedProjectGrantByID_0(ctx context.Context, marshaler runtime.Marshaler, client ManagementServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
-	var protoReq GrantedGrantID
+	var protoReq ProjectGrantID
 	var metadata runtime.ServerMetadata
 
 	var (
@@ -1611,6 +1611,17 @@ func request_ManagementService_GetGrantedProjectGrantByID_0(ctx context.Context,
 		_   = err
 	)
 
+	val, ok = pathParams["project_id"]
+	if !ok {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "project_id")
+	}
+
+	protoReq.ProjectId, err = runtime.String(val)
+
+	if err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "project_id", err)
+	}
+
 	val, ok = pathParams["id"]
 	if !ok {
 		return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "id")
@@ -4754,7 +4765,7 @@ func RegisterManagementServiceHandlerClient(ctx context.Context, mux *runtime.Se
 
 	})
 
-	mux.Handle("POST", pattern_ManagementService_SearchProjects_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
+	mux.Handle("POST", pattern_ManagementService_SearchGrantedProjects_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
 		ctx, cancel := context.WithCancel(req.Context())
 		defer cancel()
 		inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
@@ -4763,14 +4774,14 @@ func RegisterManagementServiceHandlerClient(ctx context.Context, mux *runtime.Se
 			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
-		resp, md, err := request_ManagementService_SearchProjects_0(rctx, inboundMarshaler, client, req, pathParams)
+		resp, md, err := request_ManagementService_SearchGrantedProjects_0(rctx, inboundMarshaler, client, req, pathParams)
 		ctx = runtime.NewServerMetadataContext(ctx, md)
 		if err != nil {
 			runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
 			return
 		}
 
-		forward_ManagementService_SearchProjects_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
+		forward_ManagementService_SearchGrantedProjects_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
 
 	})
 
@@ -6000,7 +6011,7 @@ var (
 
 	pattern_ManagementService_SearchOrgMembers_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 1, 0, 4, 1, 5, 1, 2, 2, 2, 3}, []string{"orgs", "org_id", "members", "_search"}, ""))
 
-	pattern_ManagementService_SearchProjects_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1}, []string{"projects", "_search"}, ""))
+	pattern_ManagementService_SearchGrantedProjects_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1}, []string{"grantedprojects", "_search"}, ""))
 
 	pattern_ManagementService_ProjectByID_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 1, 0, 4, 1, 5, 1}, []string{"projects", "id"}, ""))
 
@@ -6012,7 +6023,7 @@ var (
 
 	pattern_ManagementService_ReactivateProject_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 1, 0, 4, 1, 5, 1, 2, 2}, []string{"projects", "id", "_reactivate"}, ""))
 
-	pattern_ManagementService_GetGrantedProjectGrantByID_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 1, 0, 4, 1, 5, 1}, []string{"grants", "id"}, ""))
+	pattern_ManagementService_GetGrantedProjectGrantByID_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 1, 0, 4, 1, 5, 1, 2, 2, 1, 0, 4, 1, 5, 3}, []string{"grantedprojects", "project_id", "grants", "id"}, ""))
 
 	pattern_ManagementService_GetProjectMemberRoles_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"projects", "members", "roles"}, ""))
 
@@ -6218,7 +6229,7 @@ var (
 
 	forward_ManagementService_SearchOrgMembers_0 = runtime.ForwardResponseMessage
 
-	forward_ManagementService_SearchProjects_0 = runtime.ForwardResponseMessage
+	forward_ManagementService_SearchGrantedProjects_0 = runtime.ForwardResponseMessage
 
 	forward_ManagementService_ProjectByID_0 = runtime.ForwardResponseMessage
 

pkg/management/api/grpc/management.swagger.json

@@ -132,7 +132,34 @@
         ]
       }
     },
-    "/grants/{id}": {
+    "/grantedprojects/_search": {
+      "post": {
+        "summary": "PROJECTS",
+        "operationId": "SearchGrantedProjects",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/v1GrantedProjectSearchResponse"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/v1GrantedProjectSearchRequest"
+            }
+          }
+        ],
+        "tags": [
+          "ManagementService"
+        ]
+      }
+    },
+    "/grantedprojects/{project_id}/grants/{id}": {
       "get": {
         "summary": "GRANTED_PROJECT_GRANTS",
         "operationId": "GetGrantedProjectGrantByID",
@@ -145,6 +172,12 @@
           }
         },
         "parameters": [
+          {
+            "name": "project_id",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
           {
             "name": "id",
             "in": "path",
@@ -996,33 +1029,6 @@
         ]
       }
     },
-    "/projects/_search": {
-      "post": {
-        "summary": "PROJECTS",
-        "operationId": "SearchProjects",
-        "responses": {
-          "200": {
-            "description": "A successful response.",
-            "schema": {
-              "$ref": "#/definitions/v1ProjectSearchResponse"
-            }
-          }
-        },
-        "parameters": [
-          {
-            "name": "body",
-            "in": "body",
-            "required": true,
-            "schema": {
-              "$ref": "#/definitions/v1ProjectSearchRequest"
-            }
-          }
-        ],
-        "tags": [
-          "ManagementService"
-        ]
-      }
-    },
     "/projects/grants/members/roles": {
       "get": {
         "summary": "PROJECT_GRANT_MEMBER",
@@ -3538,7 +3544,7 @@
         "result": {
           "type": "array",
           "items": {
-            "$ref": "#/definitions/v1Application"
+            "$ref": "#/definitions/v1ApplicationView"
           }
         }
       }
@@ -3557,6 +3563,35 @@
         }
       }
     },
+    "v1ApplicationView": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string"
+        },
+        "state": {
+          "$ref": "#/definitions/v1AppState"
+        },
+        "creation_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "change_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "name": {
+          "type": "string"
+        },
+        "oidc_config": {
+          "$ref": "#/definitions/v1OIDCConfig"
+        },
+        "sequence": {
+          "type": "string",
+          "format": "uint64"
+        }
+      }
+    },
     "v1AuthGrant": {
       "type": "object",
       "properties": {
@@ -3784,6 +3819,114 @@
       ],
       "default": "GENDER_UNSPECIFIED"
     },
+    "v1GrantedProject": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string"
+        },
+        "name": {
+          "type": "string"
+        },
+        "state": {
+          "$ref": "#/definitions/v1ProjectState"
+        },
+        "change_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "creation_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "type": {
+          "$ref": "#/definitions/v1ProjectType"
+        },
+        "resource_owner": {
+          "type": "string"
+        },
+        "org_id": {
+          "type": "string"
+        },
+        "org_name": {
+          "type": "string"
+        },
+        "org_domain": {
+          "type": "string"
+        },
+        "grant_id": {
+          "type": "string"
+        },
+        "sequence": {
+          "type": "string",
+          "format": "uint64"
+        }
+      }
+    },
+    "v1GrantedProjectSearchKey": {
+      "type": "string",
+      "enum": [
+        "PROJECTSEARCHKEY_UNSPECIFIED",
+        "PROJECTSEARCHKEY_PROJECT_NAME"
+      ],
+      "default": "PROJECTSEARCHKEY_UNSPECIFIED"
+    },
+    "v1GrantedProjectSearchQuery": {
+      "type": "object",
+      "properties": {
+        "key": {
+          "$ref": "#/definitions/v1GrantedProjectSearchKey"
+        },
+        "method": {
+          "$ref": "#/definitions/v1SearchMethod"
+        },
+        "value": {
+          "type": "string"
+        }
+      }
+    },
+    "v1GrantedProjectSearchRequest": {
+      "type": "object",
+      "properties": {
+        "offset": {
+          "type": "string",
+          "format": "uint64"
+        },
+        "limit": {
+          "type": "string",
+          "format": "uint64"
+        },
+        "queries": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/v1GrantedProjectSearchQuery"
+          }
+        }
+      }
+    },
+    "v1GrantedProjectSearchResponse": {
+      "type": "object",
+      "properties": {
+        "offset": {
+          "type": "string",
+          "format": "uint64"
+        },
+        "limit": {
+          "type": "string",
+          "format": "uint64"
+        },
+        "total_result": {
+          "type": "string",
+          "format": "uint64"
+        },
+        "result": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/v1GrantedProject"
+          }
+        }
+      }
+    },
     "v1MFAState": {
       "type": "string",
       "enum": [
@@ -4441,24 +4584,6 @@
           "type": "string",
           "format": "date-time"
         },
-        "type": {
-          "$ref": "#/definitions/v1ProjectType"
-        },
-        "resource_owner": {
-          "type": "string"
-        },
-        "org_id": {
-          "type": "string"
-        },
-        "org_name": {
-          "type": "string"
-        },
-        "org_domain": {
-          "type": "string"
-        },
-        "grant_id": {
-          "type": "string"
-        },
         "sequence": {
           "type": "string",
           "format": "uint64"
@@ -4485,12 +4610,6 @@
         "granted_org_id": {
           "type": "string"
         },
-        "granted_org_name": {
-          "type": "string"
-        },
-        "granted_org_domain": {
-          "type": "string"
-        },
         "role_keys": {
           "type": "array",
           "items": {
@@ -4508,9 +4627,6 @@
           "type": "string",
           "format": "date-time"
         },
-        "project_name": {
-          "type": "string"
-        },
         "sequence": {
           "type": "string",
           "format": "uint64"
@@ -4551,18 +4667,6 @@
         "user_id": {
           "type": "string"
         },
-        "user_name": {
-          "type": "string"
-        },
-        "email": {
-          "type": "string"
-        },
-        "first_name": {
-          "type": "string"
-        },
-        "last_name": {
-          "type": "string"
-        },
         "roles": {
           "type": "array",
           "items": {
@@ -4641,7 +4745,8 @@
         "PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME",
         "PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME",
         "PROJECTGRANTMEMBERSEARCHKEY_EMAIL",
-        "PROJECTGRANTMEMBERSEARCHKEY_USER_ID"
+        "PROJECTGRANTMEMBERSEARCHKEY_USER_ID",
+        "PROJECTGRANTMEMBERSEARCHKEY_USER_NAME"
       ],
       "default": "PROJECTGRANTMEMBERSEARCHKEY_UNSPECIFIED"
     },
@@ -4702,11 +4807,49 @@
         "result": {
           "type": "array",
           "items": {
-            "$ref": "#/definitions/v1ProjectGrantMember"
+            "$ref": "#/definitions/v1ProjectGrantMemberView"
           }
         }
       }
     },
+    "v1ProjectGrantMemberView": {
+      "type": "object",
+      "properties": {
+        "user_id": {
+          "type": "string"
+        },
+        "user_name": {
+          "type": "string"
+        },
+        "email": {
+          "type": "string"
+        },
+        "first_name": {
+          "type": "string"
+        },
+        "last_name": {
+          "type": "string"
+        },
+        "roles": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "change_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "creation_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "sequence": {
+          "type": "string",
+          "format": "uint64"
+        }
+      }
+    },
     "v1ProjectGrantSearchRequest": {
       "type": "object",
       "properties": {
@@ -4741,7 +4884,7 @@
         "result": {
           "type": "array",
           "items": {
-            "$ref": "#/definitions/v1ProjectGrant"
+            "$ref": "#/definitions/v1ProjectGrantView"
           }
         }
       }
@@ -4851,6 +4994,50 @@
         }
       }
     },
+    "v1ProjectGrantView": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string"
+        },
+        "project_id": {
+          "type": "string"
+        },
+        "granted_org_id": {
+          "type": "string"
+        },
+        "granted_org_name": {
+          "type": "string"
+        },
+        "granted_org_domain": {
+          "type": "string"
+        },
+        "role_keys": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "state": {
+          "$ref": "#/definitions/v1ProjectGrantState"
+        },
+        "creation_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "change_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "project_name": {
+          "type": "string"
+        },
+        "sequence": {
+          "type": "string",
+          "format": "uint64"
+        }
+      }
+    },
     "v1ProjectID": {
       "type": "object",
       "properties": {
@@ -4865,18 +5052,6 @@
         "user_id": {
           "type": "string"
         },
-        "user_name": {
-          "type": "string"
-        },
-        "email": {
-          "type": "string"
-        },
-        "first_name": {
-          "type": "string"
-        },
-        "last_name": {
-          "type": "string"
-        },
         "roles": {
           "type": "array",
           "items": {
@@ -4949,7 +5124,8 @@
         "PROJECTMEMBERSEARCHKEY_FIRST_NAME",
         "PROJECTMEMBERSEARCHKEY_LAST_NAME",
         "PROJECTMEMBERSEARCHKEY_EMAIL",
-        "PROJECTMEMBERSEARCHKEY_USER_ID"
+        "PROJECTMEMBERSEARCHKEY_USER_ID",
+        "PROJECTMEMBERSEARCHKEY_USER_NAME"
       ],
       "default": "PROJECTMEMBERSEARCHKEY_UNSPECIFIED"
     },
@@ -5007,11 +5183,49 @@
         "result": {
           "type": "array",
           "items": {
-            "$ref": "#/definitions/v1ProjectMember"
+            "$ref": "#/definitions/v1ProjectMemberView"
           }
         }
       }
     },
+    "v1ProjectMemberView": {
+      "type": "object",
+      "properties": {
+        "user_id": {
+          "type": "string"
+        },
+        "user_name": {
+          "type": "string"
+        },
+        "email": {
+          "type": "string"
+        },
+        "first_name": {
+          "type": "string"
+        },
+        "last_name": {
+          "type": "string"
+        },
+        "roles": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "change_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "creation_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "sequence": {
+          "type": "string",
+          "format": "uint64"
+        }
+      }
+    },
     "v1ProjectRole": {
       "type": "object",
       "properties": {
@@ -5138,72 +5352,33 @@
         "result": {
           "type": "array",
           "items": {
-            "$ref": "#/definitions/v1ProjectRole"
+            "$ref": "#/definitions/v1ProjectRoleView"
           }
         }
       }
     },
-    "v1ProjectSearchKey": {
-      "type": "string",
-      "enum": [
-        "PROJECTSEARCHKEY_UNSPECIFIED",
-        "PROJECTSEARCHKEY_PROJECT_NAME"
-      ],
-      "default": "PROJECTSEARCHKEY_UNSPECIFIED"
-    },
-    "v1ProjectSearchQuery": {
+    "v1ProjectRoleView": {
       "type": "object",
       "properties": {
-        "key": {
-          "$ref": "#/definitions/v1ProjectSearchKey"
-        },
-        "method": {
-          "$ref": "#/definitions/v1SearchMethod"
-        },
-        "value": {
+        "project_id": {
           "type": "string"
-        }
-      }
-    },
-    "v1ProjectSearchRequest": {
-      "type": "object",
-      "properties": {
-        "offset": {
+        },
+        "key": {
+          "type": "string"
+        },
+        "display_name": {
+          "type": "string"
+        },
+        "creation_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "group": {
+          "type": "string"
+        },
+        "sequence": {
           "type": "string",
           "format": "uint64"
-        },
-        "limit": {
-          "type": "string",
-          "format": "uint64"
-        },
-        "queries": {
-          "type": "array",
-          "items": {
-            "$ref": "#/definitions/v1ProjectSearchQuery"
-          }
-        }
-      }
-    },
-    "v1ProjectSearchResponse": {
-      "type": "object",
-      "properties": {
-        "offset": {
-          "type": "string",
-          "format": "uint64"
-        },
-        "limit": {
-          "type": "string",
-          "format": "uint64"
-        },
-        "total_result": {
-          "type": "string",
-          "format": "uint64"
-        },
-        "result": {
-          "type": "array",
-          "items": {
-            "$ref": "#/definitions/v1Project"
-          }
         }
       }
     },
@@ -5219,11 +5394,11 @@
     "v1ProjectType": {
       "type": "string",
       "enum": [
-        "PROJECTTYPE_UNKNOWN",
-        "PROJECTTYPE_SELF",
+        "PROJECTTYPE_UNSPECIFIED",
+        "PROJECTTYPE_OWNED",
         "PROJECTTYPE_GRANTED"
       ],
-      "default": "PROJECTTYPE_UNKNOWN"
+      "default": "PROJECTTYPE_UNSPECIFIED"
     },
     "v1ProjectUpdateRequest": {
       "type": "object",
@@ -5297,7 +5472,10 @@
       "enum": [
         "SEARCHMETHOD_EQUALS",
         "SEARCHMETHOD_STARTS_WITH",
-        "SEARCHMETHOD_CONTAINS"
+        "SEARCHMETHOD_CONTAINS",
+        "SEARCHMETHOD_EQUALS_IGNORE_CASE",
+        "SEARCHMETHOD_STARTS_WITH_IGNORE_CASE",
+        "SEARCHMETHOD_CONTAINS_IGNORE_CASE"
       ],
       "default": "SEARCHMETHOD_EQUALS"
     },

pkg/management/api/grpc/mock/management.proto.mock.go

@@ -718,7 +718,7 @@ func (mr *MockManagementServiceClientMockRecorder) DeleteUser(arg0, arg1 interfa
 }
 
 // GetGrantedProjectGrantByID mocks base method
-func (m *MockManagementServiceClient) GetGrantedProjectGrantByID(arg0 context.Context, arg1 *grpc.GrantedGrantID, arg2 ...grpc0.CallOption) (*grpc.ProjectGrant, error) {
+func (m *MockManagementServiceClient) GetGrantedProjectGrantByID(arg0 context.Context, arg1 *grpc.ProjectGrantID, arg2 ...grpc0.CallOption) (*grpc.ProjectGrant, error) {
 	m.ctrl.T.Helper()
 	varargs := []interface{}{arg0, arg1}
 	for _, a := range arg2 {
@@ -1637,6 +1637,26 @@ func (mr *MockManagementServiceClientMockRecorder) SearchAuthGrant(arg0, arg1 in
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchAuthGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchAuthGrant), varargs...)
 }
 
+// SearchGrantedProjects mocks base method
+func (m *MockManagementServiceClient) SearchGrantedProjects(arg0 context.Context, arg1 *grpc.GrantedProjectSearchRequest, arg2 ...grpc0.CallOption) (*grpc.GrantedProjectSearchResponse, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{arg0, arg1}
+	for _, a := range arg2 {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "SearchGrantedProjects", varargs...)
+	ret0, _ := ret[0].(*grpc.GrantedProjectSearchResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// SearchGrantedProjects indicates an expected call of SearchGrantedProjects
+func (mr *MockManagementServiceClientMockRecorder) SearchGrantedProjects(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{arg0, arg1}, arg2...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchGrantedProjects", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchGrantedProjects), varargs...)
+}
+
 // SearchOrgMembers mocks base method
 func (m *MockManagementServiceClient) SearchOrgMembers(arg0 context.Context, arg1 *grpc.OrgMemberSearchRequest, arg2 ...grpc0.CallOption) (*grpc.OrgMemberSearchResponse, error) {
 	m.ctrl.T.Helper()
@@ -1777,26 +1797,6 @@ func (mr *MockManagementServiceClientMockRecorder) SearchProjectUserGrants(arg0,
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchProjectUserGrants", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchProjectUserGrants), varargs...)
 }
 
-// SearchProjects mocks base method
-func (m *MockManagementServiceClient) SearchProjects(arg0 context.Context, arg1 *grpc.ProjectSearchRequest, arg2 ...grpc0.CallOption) (*grpc.ProjectSearchResponse, error) {
-	m.ctrl.T.Helper()
-	varargs := []interface{}{arg0, arg1}
-	for _, a := range arg2 {
-		varargs = append(varargs, a)
-	}
-	ret := m.ctrl.Call(m, "SearchProjects", varargs...)
-	ret0, _ := ret[0].(*grpc.ProjectSearchResponse)
-	ret1, _ := ret[1].(error)
-	return ret0, ret1
-}
-
-// SearchProjects indicates an expected call of SearchProjects
-func (mr *MockManagementServiceClientMockRecorder) SearchProjects(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
-	mr.mock.ctrl.T.Helper()
-	varargs := append([]interface{}{arg0, arg1}, arg2...)
-	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchProjects", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchProjects), varargs...)
-}
-
 // SearchUserGrants mocks base method
 func (m *MockManagementServiceClient) SearchUserGrants(arg0 context.Context, arg1 *grpc.UserGrantSearchRequest, arg2 ...grpc0.CallOption) (*grpc.UserGrantSearchResponse, error) {
 	m.ctrl.T.Helper()

pkg/management/api/grpc/project.go

@@ -35,8 +35,14 @@ func (s *Server) ReactivateProject(ctx context.Context, in *ProjectID) (*Project
 	return projectFromModel(project), nil
 }
 
-func (s *Server) SearchProjects(ctx context.Context, in *ProjectSearchRequest) (*ProjectSearchResponse, error) {
-	return nil, errors.ThrowUnimplemented(nil, "GRPC-2sFvd", "Not implemented")
+func (s *Server) SearchGrantedProjects(ctx context.Context, in *GrantedProjectSearchRequest) (*GrantedProjectSearchResponse, error) {
+	request := grantedProjectSearchRequestsToModel(in)
+	request.AppendMyOrgQuery(ctx)
+	response, err := s.project.SearchGrantedProjects(ctx, request)
+	if err != nil {
+		return nil, err
+	}
+	return grantedProjectSearchResponseFromModel(response), nil
 }
 
 func (s *Server) ProjectByID(ctx context.Context, id *ProjectID) (*Project, error) {
@@ -47,8 +53,12 @@ func (s *Server) ProjectByID(ctx context.Context, id *ProjectID) (*Project, erro
 	return projectFromModel(project), nil
 }
 
-func (s *Server) GetGrantedProjectGrantByID(ctx context.Context, request *GrantedGrantID) (*ProjectGrant, error) {
-	return nil, errors.ThrowUnimplemented(nil, "GRPC-974vd", "Not implemented")
+func (s *Server) GetGrantedProjectGrantByID(ctx context.Context, in *ProjectGrantID) (*ProjectGrant, error) {
+	project, err := s.project.ProjectGrantByID(ctx, in.ProjectId, in.Id)
+	if err != nil {
+		return nil, err
+	}
+	return projectGrantFromModel(project), nil
 }
 
 func (s *Server) AddProjectRole(ctx context.Context, in *ProjectRoleAdd) (*ProjectRole, error) {
@@ -72,7 +82,13 @@ func (s *Server) RemoveProjectRole(ctx context.Context, in *ProjectRoleRemove) (
 }
 
 func (s *Server) SearchProjectRoles(ctx context.Context, in *ProjectRoleSearchRequest) (*ProjectRoleSearchResponse, error) {
-	return nil, errors.ThrowUnimplemented(nil, "GRPC-plV56", "Not implemented")
+	request := projectRoleSearchRequestsToModel(in)
+	request.AppendMyOrgQuery(ctx)
+	response, err := s.project.SearchProjectRoles(ctx, request)
+	if err != nil {
+		return nil, err
+	}
+	return projectRoleSearchResponseFromModel(response), nil
 }
 
 func (s *Server) ProjectChanges(ctx context.Context, changesRequest *ChangeRequest) (*Changes, error) {

pkg/management/api/grpc/project_converter.go

@@ -24,6 +24,76 @@ func projectFromModel(project *proj_model.Project) *Project {
 	}
 }
 
+func grantedProjectSearchResponseFromModel(response *proj_model.GrantedProjectSearchResponse) *GrantedProjectSearchResponse {
+	return &GrantedProjectSearchResponse{
+		Offset:      response.Offset,
+		Limit:       response.Limit,
+		TotalResult: response.TotalResult,
+		Result:      grantedProjectsFromModel(response.Result),
+	}
+}
+
+func grantedProjectsFromModel(projects []*proj_model.GrantedProjectView) []*GrantedProject {
+	converted := make([]*GrantedProject, len(projects))
+	for i, project := range projects {
+		converted[i] = grantedProjectFromModel(project)
+	}
+	return converted
+}
+
+func grantedProjectFromModel(project *proj_model.GrantedProjectView) *GrantedProject {
+	creationDate, err := ptypes.TimestampProto(project.CreationDate)
+	logging.Log("GRPC-dlso3").OnError(err).Debug("unable to parse timestamp")
+
+	changeDate, err := ptypes.TimestampProto(project.ChangeDate)
+	logging.Log("GRPC-sope3").OnError(err).Debug("unable to parse timestamp")
+
+	return &GrantedProject{
+		Id:            project.ProjectID,
+		State:         projectStateFromModel(project.State),
+		CreationDate:  creationDate,
+		ChangeDate:    changeDate,
+		Name:          project.Name,
+		Sequence:      project.Sequence,
+		ResourceOwner: project.ResourceOwner,
+		OrgId:         project.OrgID,
+		OrgName:       project.OrgName,
+		OrgDomain:     project.OrgDomain,
+		GrantId:       project.GrantID,
+	}
+}
+
+func projectRoleSearchResponseFromModel(response *proj_model.ProjectRoleSearchResponse) *ProjectRoleSearchResponse {
+	return &ProjectRoleSearchResponse{
+		Offset:      response.Offset,
+		Limit:       response.Limit,
+		TotalResult: response.TotalResult,
+		Result:      projectRoleViewsFromModel(response.Result),
+	}
+}
+
+func projectRoleViewsFromModel(roles []*proj_model.ProjectRoleView) []*ProjectRoleView {
+	converted := make([]*ProjectRoleView, len(roles))
+	for i, role := range roles {
+		converted[i] = projectRoleViewFromModel(role)
+	}
+	return converted
+}
+
+func projectRoleViewFromModel(role *proj_model.ProjectRoleView) *ProjectRoleView {
+	creationDate, err := ptypes.TimestampProto(role.CreationDate)
+	logging.Log("GRPC-dlso3").OnError(err).Debug("unable to parse timestamp")
+
+	return &ProjectRoleView{
+		ProjectId:    role.ProjectID,
+		CreationDate: creationDate,
+		Key:          role.Key,
+		Group:        role.Group,
+		DisplayName:  role.DisplayName,
+		Sequence:     role.Sequence,
+	}
+}
+
 func projectStateFromModel(state proj_model.ProjectState) ProjectState {
 	switch state {
 	case proj_model.PROJECTSTATE_ACTIVE:
@@ -35,6 +105,17 @@ func projectStateFromModel(state proj_model.ProjectState) ProjectState {
 	}
 }
 
+func projectTypeFromModel(projecttype proj_model.ProjectType) ProjectType {
+	switch projecttype {
+	case proj_model.PROJECTTYPE_OWNED:
+		return ProjectType_PROJECTTYPE_OWNED
+	case proj_model.PROJECTTYPE_GRANTED:
+		return ProjectType_PROJECTTYPE_GRANTED
+	default:
+		return ProjectType_PROJECTTYPE_UNSPECIFIED
+	}
+}
+
 func projectUpdateToModel(project *ProjectUpdateRequest) *proj_model.Project {
 	return &proj_model.Project{
 		ObjectRoot: models.ObjectRoot{
@@ -82,3 +163,71 @@ func projectRoleChangeToModel(role *ProjectRoleChange) *proj_model.ProjectRole {
 		Group:       role.Group,
 	}
 }
+
+func grantedProjectSearchRequestsToModel(project *GrantedProjectSearchRequest) *proj_model.GrantedProjectSearchRequest {
+	return &proj_model.GrantedProjectSearchRequest{
+		Offset:  project.Offset,
+		Limit:   project.Limit,
+		Queries: grantedProjectSearchQueriesToModel(project.Queries),
+	}
+}
+
+func grantedProjectSearchQueriesToModel(queries []*GrantedProjectSearchQuery) []*proj_model.GrantedProjectSearchQuery {
+	converted := make([]*proj_model.GrantedProjectSearchQuery, len(queries))
+	for i, q := range queries {
+		converted[i] = grantedProjectSearchQueryToModel(q)
+	}
+	return converted
+}
+
+func grantedProjectSearchQueryToModel(query *GrantedProjectSearchQuery) *proj_model.GrantedProjectSearchQuery {
+	return &proj_model.GrantedProjectSearchQuery{
+		Key:    projectSearchKeyToModel(query.Key),
+		Method: searchMethodToModel(query.Method),
+		Value:  query.Value,
+	}
+}
+
+func projectSearchKeyToModel(key GrantedProjectSearchKey) proj_model.GrantedProjectSearchKey {
+	switch key {
+	case GrantedProjectSearchKey_PROJECTSEARCHKEY_PROJECT_NAME:
+		return proj_model.GRANTEDPROJECTSEARCHKEY_NAME
+	default:
+		return proj_model.GRANTEDPROJECTSEARCHKEY_UNSPECIFIED
+	}
+}
+
+func projectRoleSearchRequestsToModel(role *ProjectRoleSearchRequest) *proj_model.ProjectRoleSearchRequest {
+	return &proj_model.ProjectRoleSearchRequest{
+		Offset:  role.Offset,
+		Limit:   role.Limit,
+		Queries: projectRoleSearchQueriesToModel(role.Queries),
+	}
+}
+
+func projectRoleSearchQueriesToModel(queries []*ProjectRoleSearchQuery) []*proj_model.ProjectRoleSearchQuery {
+	converted := make([]*proj_model.ProjectRoleSearchQuery, len(queries))
+	for i, q := range queries {
+		converted[i] = projectRoleSearchQueryToModel(q)
+	}
+	return converted
+}
+
+func projectRoleSearchQueryToModel(query *ProjectRoleSearchQuery) *proj_model.ProjectRoleSearchQuery {
+	return &proj_model.ProjectRoleSearchQuery{
+		Key:    projectRoleSearchKeyToModel(query.Key),
+		Method: searchMethodToModel(query.Method),
+		Value:  query.Value,
+	}
+}
+
+func projectRoleSearchKeyToModel(key ProjectRoleSearchKey) proj_model.ProjectRoleSearchKey {
+	switch key {
+	case ProjectRoleSearchKey_PROJECTROLESEARCHKEY_KEY:
+		return proj_model.PROJECTROLESEARCHKEY_KEY
+	case ProjectRoleSearchKey_PROJECTROLESEARCHKEY_DISPLAY_NAME:
+		return proj_model.PROJECTROLESEARCHKEY_DISPLAY_NAME
+	default:
+		return proj_model.PROJECTROLESEARCHKEY_UNSPECIFIED
+	}
+}

pkg/management/api/grpc/project_grant.go

@@ -11,7 +11,14 @@ func (s *Server) GetProjectGrantMemberRoles(ctx context.Context, _ *empty.Empty)
 }
 
 func (s *Server) SearchProjectGrants(ctx context.Context, in *ProjectGrantSearchRequest) (*ProjectGrantSearchResponse, error) {
-	return nil, errors.ThrowUnimplemented(nil, "GRPC-po9fs", "Not implemented")
+	request := projectGrantSearchRequestsToModel(in)
+	request.AppendMyResourceOwnerQuery(ctx)
+	request.AppendNotMyOrgQuery(ctx)
+	response, err := s.project.SearchGrantedProjects(ctx, request)
+	if err != nil {
+		return nil, err
+	}
+	return projectGrantSearchResponseFromModel(response), nil
 }
 
 func (s *Server) ProjectGrantByID(ctx context.Context, in *ProjectGrantID) (*ProjectGrant, error) {

pkg/management/api/grpc/project_grant_converter.go

@@ -3,6 +3,7 @@ package grpc
 import (
 	"github.com/caos/logging"
 	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/model"
 	proj_model "github.com/caos/zitadel/internal/project/model"
 	"github.com/golang/protobuf/ptypes"
 )
@@ -45,6 +46,61 @@ func projectGrantUpdateToModel(grant *ProjectGrantUpdate) *proj_model.ProjectGra
 	}
 }
 
+func projectGrantSearchRequestsToModel(request *ProjectGrantSearchRequest) *proj_model.GrantedProjectSearchRequest {
+	return &proj_model.GrantedProjectSearchRequest{
+		Offset:  request.Offset,
+		Limit:   request.Limit,
+		Queries: projectGrantSearchQueriesToModel(request.ProjectId),
+	}
+}
+
+func projectGrantSearchQueriesToModel(projectId string) []*proj_model.GrantedProjectSearchQuery {
+	converted := make([]*proj_model.GrantedProjectSearchQuery, 0)
+	return append(converted, &proj_model.GrantedProjectSearchQuery{
+		Key:    proj_model.GRANTEDPROJECTSEARCHKEY_PROJECTID,
+		Method: model.SEARCHMETHOD_EQUALS,
+		Value:  projectId,
+	})
+}
+
+func projectGrantSearchResponseFromModel(response *proj_model.GrantedProjectSearchResponse) *ProjectGrantSearchResponse {
+	return &ProjectGrantSearchResponse{
+		Offset:      response.Offset,
+		Limit:       response.Limit,
+		TotalResult: response.TotalResult,
+		Result:      projectGrantsFromGrantedProjectModel(response.Result),
+	}
+}
+
+func projectGrantsFromGrantedProjectModel(projects []*proj_model.GrantedProjectView) []*ProjectGrantView {
+	converted := make([]*ProjectGrantView, len(projects))
+	for i, project := range projects {
+		converted[i] = projectGrantFromGrantedProjectModel(project)
+	}
+	return converted
+}
+
+func projectGrantFromGrantedProjectModel(project *proj_model.GrantedProjectView) *ProjectGrantView {
+	creationDate, err := ptypes.TimestampProto(project.CreationDate)
+	logging.Log("GRPC-dlso3").OnError(err).Debug("unable to parse timestamp")
+
+	changeDate, err := ptypes.TimestampProto(project.ChangeDate)
+	logging.Log("GRPC-sope3").OnError(err).Debug("unable to parse timestamp")
+
+	return &ProjectGrantView{
+		ProjectId:        project.ProjectID,
+		State:            projectGrantStateFromProjectStateModel(project.State),
+		CreationDate:     creationDate,
+		ChangeDate:       changeDate,
+		ProjectName:      project.Name,
+		Sequence:         project.Sequence,
+		GrantedOrgId:     project.OrgID,
+		GrantedOrgName:   project.OrgName,
+		GrantedOrgDomain: project.OrgDomain,
+		Id:               project.GrantID,
+	}
+}
+
 func projectGrantStateFromModel(state proj_model.ProjectGrantState) ProjectGrantState {
 	switch state {
 	case proj_model.PROJECTGRANTSTATE_ACTIVE:
@@ -55,3 +111,14 @@ func projectGrantStateFromModel(state proj_model.ProjectGrantState) ProjectGrant
 		return ProjectGrantState_PROJECTGRANTSTATE_UNSPECIFIED
 	}
 }
+
+func projectGrantStateFromProjectStateModel(state proj_model.ProjectState) ProjectGrantState {
+	switch state {
+	case proj_model.PROJECTSTATE_ACTIVE:
+		return ProjectGrantState_PROJECTGRANTSTATE_ACTIVE
+	case proj_model.PROJECTSTATE_INACTIVE:
+		return ProjectGrantState_PROJECTGRANTSTATE_INACTIVE
+	default:
+		return ProjectGrantState_PROJECTGRANTSTATE_UNSPECIFIED
+	}
+}

pkg/management/api/grpc/project_grant_member.go

@@ -2,12 +2,15 @@ package grpc
 
 import (
 	"context"
-	"github.com/caos/zitadel/internal/errors"
 	"github.com/golang/protobuf/ptypes/empty"
 )
 
-func (s *Server) SearchProjectGrantMembers(ctx context.Context, request *ProjectGrantMemberSearchRequest) (*ProjectGrantMemberSearchResponse, error) {
-	return nil, errors.ThrowUnimplemented(nil, "GRPC-pldE4", "Not implemented")
+func (s *Server) SearchProjectGrantMembers(ctx context.Context, in *ProjectGrantMemberSearchRequest) (*ProjectGrantMemberSearchResponse, error) {
+	response, err := s.project.SearchProjectGrantMembers(ctx, projectGrantMemberSearchRequestsToModel(in))
+	if err != nil {
+		return nil, err
+	}
+	return projectGrantMemberSearchResponseFromModel(response), nil
 }
 
 func (s *Server) AddProjectGrantMember(ctx context.Context, in *ProjectGrantMemberAdd) (*ProjectGrantMember, error) {

pkg/management/api/grpc/project_grant_member_converter.go

@@ -44,3 +44,79 @@ func projectGrantMemberChangeToModel(member *ProjectGrantMemberChange) *proj_mod
 		Roles:   member.Roles,
 	}
 }
+
+func projectGrantMemberSearchRequestsToModel(role *ProjectGrantMemberSearchRequest) *proj_model.ProjectGrantMemberSearchRequest {
+	return &proj_model.ProjectGrantMemberSearchRequest{
+		Offset:  role.Offset,
+		Limit:   role.Limit,
+		Queries: projectGrantMemberSearchQueriesToModel(role.Queries),
+	}
+}
+
+func projectGrantMemberSearchQueriesToModel(queries []*ProjectGrantMemberSearchQuery) []*proj_model.ProjectGrantMemberSearchQuery {
+	converted := make([]*proj_model.ProjectGrantMemberSearchQuery, len(queries))
+	for i, q := range queries {
+		converted[i] = projectGrantMemberSearchQueryToModel(q)
+	}
+	return converted
+}
+
+func projectGrantMemberSearchQueryToModel(query *ProjectGrantMemberSearchQuery) *proj_model.ProjectGrantMemberSearchQuery {
+	return &proj_model.ProjectGrantMemberSearchQuery{
+		Key:    projectGrantMemberSearchKeyToModel(query.Key),
+		Method: searchMethodToModel(query.Method),
+		Value:  query.Value,
+	}
+}
+
+func projectGrantMemberSearchKeyToModel(key ProjectGrantMemberSearchKey) proj_model.ProjectGrantMemberSearchKey {
+	switch key {
+	case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_EMAIL:
+		return proj_model.PROJECTGRANTMEMBERSEARCHKEY_EMAIL
+	case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME:
+		return proj_model.PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME
+	case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME:
+		return proj_model.PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME
+	case ProjectGrantMemberSearchKey_PROJECTGRANTMEMBERSEARCHKEY_USER_NAME:
+		return proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_NAME
+	default:
+		return proj_model.PROJECTGRANTMEMBERSEARCHKEY_UNSPECIFIED
+	}
+}
+
+func projectGrantMemberSearchResponseFromModel(response *proj_model.ProjectGrantMemberSearchResponse) *ProjectGrantMemberSearchResponse {
+	return &ProjectGrantMemberSearchResponse{
+		Offset:      response.Offset,
+		Limit:       response.Limit,
+		TotalResult: response.TotalResult,
+		Result:      projectGrantMemberViewsFromModel(response.Result),
+	}
+}
+
+func projectGrantMemberViewsFromModel(roles []*proj_model.ProjectGrantMemberView) []*ProjectGrantMemberView {
+	converted := make([]*ProjectGrantMemberView, len(roles))
+	for i, role := range roles {
+		converted[i] = projectGrantMemberViewFromModel(role)
+	}
+	return converted
+}
+
+func projectGrantMemberViewFromModel(member *proj_model.ProjectGrantMemberView) *ProjectGrantMemberView {
+	creationDate, err := ptypes.TimestampProto(member.CreationDate)
+	logging.Log("GRPC-los93").OnError(err).Debug("unable to parse timestamp")
+
+	changeDate, err := ptypes.TimestampProto(member.ChangeDate)
+	logging.Log("GRPC-ski4e").OnError(err).Debug("unable to parse timestamp")
+
+	return &ProjectGrantMemberView{
+		UserId:       member.UserID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		CreationDate: creationDate,
+		ChangeDate:   changeDate,
+		Sequence:     member.Sequence,
+	}
+}

pkg/management/api/grpc/project_member.go

@@ -10,8 +10,12 @@ func (s *Server) GetProjectMemberRoles(ctx context.Context, _ *empty.Empty) (*Pr
 	return nil, errors.ThrowUnimplemented(nil, "GRPC-qw34d", "Not implemented")
 }
 
-func (s *Server) SearchProjectMembers(ctx context.Context, request *ProjectMemberSearchRequest) (*ProjectMemberSearchResponse, error) {
-	return nil, errors.ThrowUnimplemented(nil, "GRPC-PLr84", "Not implemented")
+func (s *Server) SearchProjectMembers(ctx context.Context, in *ProjectMemberSearchRequest) (*ProjectMemberSearchResponse, error) {
+	response, err := s.project.SearchProjectMembers(ctx, projectMemberSearchRequestsToModel(in))
+	if err != nil {
+		return nil, err
+	}
+	return projectMemberSearchResponseFromModel(response), nil
 }
 
 func (s *Server) AddProjectMember(ctx context.Context, in *ProjectMemberAdd) (*ProjectMember, error) {

pkg/management/api/grpc/project_member_converter.go

@@ -42,3 +42,79 @@ func projectMemberChangeToModel(member *ProjectMemberChange) *proj_model.Project
 		Roles:  member.Roles,
 	}
 }
+
+func projectMemberSearchRequestsToModel(role *ProjectMemberSearchRequest) *proj_model.ProjectMemberSearchRequest {
+	return &proj_model.ProjectMemberSearchRequest{
+		Offset:  role.Offset,
+		Limit:   role.Limit,
+		Queries: projectMemberSearchQueriesToModel(role.Queries),
+	}
+}
+
+func projectMemberSearchQueriesToModel(queries []*ProjectMemberSearchQuery) []*proj_model.ProjectMemberSearchQuery {
+	converted := make([]*proj_model.ProjectMemberSearchQuery, len(queries))
+	for i, q := range queries {
+		converted[i] = projectMemberSearchQueryToModel(q)
+	}
+	return converted
+}
+
+func projectMemberSearchQueryToModel(query *ProjectMemberSearchQuery) *proj_model.ProjectMemberSearchQuery {
+	return &proj_model.ProjectMemberSearchQuery{
+		Key:    projectMemberSearchKeyToModel(query.Key),
+		Method: searchMethodToModel(query.Method),
+		Value:  query.Value,
+	}
+}
+
+func projectMemberSearchKeyToModel(key ProjectMemberSearchKey) proj_model.ProjectMemberSearchKey {
+	switch key {
+	case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_EMAIL:
+		return proj_model.PROJECTMEMBERSEARCHKEY_EMAIL
+	case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_FIRST_NAME:
+		return proj_model.PROJECTMEMBERSEARCHKEY_FIRST_NAME
+	case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_LAST_NAME:
+		return proj_model.PROJECTMEMBERSEARCHKEY_LAST_NAME
+	case ProjectMemberSearchKey_PROJECTMEMBERSEARCHKEY_USER_NAME:
+		return proj_model.PROJECTMEMBERSEARCHKEY_USER_NAME
+	default:
+		return proj_model.PROJECTMEMBERSEARCHKEY_UNSPECIFIED
+	}
+}
+
+func projectMemberSearchResponseFromModel(response *proj_model.ProjectMemberSearchResponse) *ProjectMemberSearchResponse {
+	return &ProjectMemberSearchResponse{
+		Offset:      response.Offset,
+		Limit:       response.Limit,
+		TotalResult: response.TotalResult,
+		Result:      projectMemberViewsFromModel(response.Result),
+	}
+}
+
+func projectMemberViewsFromModel(members []*proj_model.ProjectMemberView) []*ProjectMemberView {
+	converted := make([]*ProjectMemberView, len(members))
+	for i, member := range members {
+		converted[i] = projectMemberViewFromModel(member)
+	}
+	return converted
+}
+
+func projectMemberViewFromModel(member *proj_model.ProjectMemberView) *ProjectMemberView {
+	creationDate, err := ptypes.TimestampProto(member.CreationDate)
+	logging.Log("GRPC-sl9cs").OnError(err).Debug("unable to parse timestamp")
+
+	changeDate, err := ptypes.TimestampProto(member.ChangeDate)
+	logging.Log("GRPC-8iw2d").OnError(err).Debug("unable to parse timestamp")
+
+	return &ProjectMemberView{
+		UserId:       member.UserID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		CreationDate: creationDate,
+		ChangeDate:   changeDate,
+		Sequence:     member.Sequence,
+	}
+}

pkg/management/api/grpc/search_converter.go

@@ -0,0 +1,22 @@
+package grpc
+
+import "github.com/caos/zitadel/internal/model"
+
+func searchMethodToModel(method SearchMethod) model.SearchMethod {
+	switch method {
+	case SearchMethod_SEARCHMETHOD_EQUALS:
+		return model.SEARCHMETHOD_EQUALS
+	case SearchMethod_SEARCHMETHOD_CONTAINS:
+		return model.SEARCHMETHOD_CONTAINS
+	case SearchMethod_SEARCHMETHOD_STARTS_WITH:
+		return model.SEARCHMETHOD_STARTS_WITH
+	case SearchMethod_SEARCHMETHOD_EQUALS_IGNORE_CASE:
+		return model.SEARCHMETHOD_EQUALS_IGNORE_CASE
+	case SearchMethod_SEARCHMETHOD_CONTAINS_IGNORE_CASE:
+		return model.SEARCHMETHOD_CONTAINS_IGNORE_CASE
+	case SearchMethod_SEARCHMETHOD_STARTS_WITH_IGNORE_CASE:
+		return model.SEARCHMETHOD_STARTS_WITH_IGNORE_CASE
+	default:
+		return model.SEARCHMETHOD_EQUALS
+	}
+}

pkg/management/api/proto/management.proto

@@ -571,9 +571,9 @@ service ManagementService {
     }
 
     //PROJECTS
-    rpc SearchProjects(ProjectSearchRequest) returns (ProjectSearchResponse) {
+    rpc SearchGrantedProjects(GrantedProjectSearchRequest) returns (GrantedProjectSearchResponse) {
         option (google.api.http) = {
-            post: "/projects/_search"
+            post: "/grantedprojects/_search"
             body: "*"
         };
 
@@ -641,9 +641,9 @@ service ManagementService {
     }
 
     //GRANTED_PROJECT_GRANTS
-    rpc GetGrantedProjectGrantByID(GrantedGrantID) returns (ProjectGrant) {
+    rpc GetGrantedProjectGrantByID(ProjectGrantID) returns (ProjectGrant) {
         option (google.api.http) = {
-            get: "/grants/{id}"
+            get: "/grantedprojects/{project_id}/grants/{id}"
         };
 
         option (caos.zitadel.utils.v1.auth_option) = {
@@ -1366,9 +1366,11 @@ enum SearchMethod {
     SEARCHMETHOD_EQUALS = 0;
     SEARCHMETHOD_STARTS_WITH = 1;
     SEARCHMETHOD_CONTAINS = 2;
+    SEARCHMETHOD_EQUALS_IGNORE_CASE = 3;
+    SEARCHMETHOD_STARTS_WITH_IGNORE_CASE = 4;
+    SEARCHMETHOD_CONTAINS_IGNORE_CASE = 5;
 }
 
-
 message UserProfile {
     string id = 1;
     string first_name = 2;
@@ -1693,13 +1695,7 @@ message Project {
     ProjectState state = 3;
     google.protobuf.Timestamp change_date = 4;
     google.protobuf.Timestamp creation_date = 5;
-    ProjectType type = 6;
-    string resource_owner = 7;
-    string org_id = 8;
-    string org_name = 9;
-    string org_domain = 10;
-    string grant_id = 11;
-    uint64 sequence = 12;
+    uint64 sequence = 6;
 }
 
 enum ProjectState {
@@ -1709,31 +1705,46 @@ enum ProjectState {
 }
 
 enum ProjectType {
-    PROJECTTYPE_UNKNOWN = 0;
-    PROJECTTYPE_SELF = 1;
+    PROJECTTYPE_UNSPECIFIED = 0;
+    PROJECTTYPE_OWNED = 1;
     PROJECTTYPE_GRANTED = 2;
 }
 
-message ProjectSearchResponse {
+message GrantedProjectSearchResponse {
     uint64 offset = 1;
     uint64 limit = 2;
     uint64 total_result = 3;
-    repeated Project result = 4;
+    repeated GrantedProject result = 4;
 }
 
-message ProjectSearchRequest {
+message GrantedProject {
+    string id = 1;
+    string name = 2;
+    ProjectState state = 3;
+    google.protobuf.Timestamp change_date = 4;
+    google.protobuf.Timestamp creation_date = 5;
+    ProjectType type = 6;
+    string resource_owner = 7;
+    string org_id = 8;
+    string org_name = 9;
+    string org_domain = 10;
+    string grant_id = 11;
+    uint64 sequence = 12;
+}
+
+message GrantedProjectSearchRequest {
     uint64 offset = 1;
     uint64 limit = 2;
-    repeated ProjectSearchQuery queries = 3;
+    repeated GrantedProjectSearchQuery queries = 3;
 }
 
-message ProjectSearchQuery {
-    ProjectSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];
+message GrantedProjectSearchQuery {
+    GrantedProjectSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];
     SearchMethod method = 2;
     string value = 3;
 }
 
-enum ProjectSearchKey {
+enum GrantedProjectSearchKey {
     PROJECTSEARCHKEY_UNSPECIFIED = 0;
     PROJECTSEARCHKEY_PROJECT_NAME = 1;
 }
@@ -1744,14 +1755,10 @@ message ProjectMemberRoles {
 
 message ProjectMember {
     string user_id = 1;
-    string user_name = 2;
-    string email = 3;
-    string first_name = 4;
-    string last_name = 5;
-    repeated string roles = 6;
-    google.protobuf.Timestamp change_date = 7;
-    google.protobuf.Timestamp creation_date = 8;
-    uint64 sequence = 10;
+    repeated string roles = 2;
+    google.protobuf.Timestamp change_date = 3;
+    google.protobuf.Timestamp creation_date = 4;
+    uint64 sequence = 5;
 }
 
 message ProjectMemberAdd {
@@ -1795,6 +1802,15 @@ message ProjectRole {
     uint64 sequence = 7;
 }
 
+message ProjectRoleView {
+    string project_id = 1;
+    string key = 2;
+    string display_name = 3;
+    google.protobuf.Timestamp creation_date = 4;
+    string group = 6;
+    uint64 sequence = 7;
+}
+
 message ProjectRoleRemove {
     string id = 1;
     string key = 2;
@@ -1804,7 +1820,7 @@ message ProjectRoleSearchResponse {
     uint64 offset = 1;
     uint64 limit = 2;
     uint64 total_result = 3;
-    repeated ProjectRole result = 4;
+    repeated ProjectRoleView result = 4;
 }
 
 message ProjectRoleSearchRequest {
@@ -1826,11 +1842,23 @@ enum ProjectRoleSearchKey {
     PROJECTROLESEARCHKEY_DISPLAY_NAME = 2;
 }
 
+message ProjectMemberView {
+    string user_id = 1;
+    string user_name = 2;
+    string email = 3;
+    string first_name = 4;
+    string last_name = 5;
+    repeated string roles = 6;
+    google.protobuf.Timestamp change_date = 7;
+    google.protobuf.Timestamp creation_date = 8;
+    uint64 sequence = 10;
+}
+
 message ProjectMemberSearchResponse {
     uint64 offset = 1;
     uint64 limit = 2;
     uint64 total_result = 3;
-    repeated ProjectMember result = 4;
+    repeated ProjectMemberView result = 4;
 }
 
 message ProjectMemberSearchRequest {
@@ -1852,6 +1880,7 @@ enum ProjectMemberSearchKey {
     PROJECTMEMBERSEARCHKEY_LAST_NAME = 2;
     PROJECTMEMBERSEARCHKEY_EMAIL = 3;
     PROJECTMEMBERSEARCHKEY_USER_ID = 4;
+    PROJECTMEMBERSEARCHKEY_USER_NAME = 5;
 }
 
 enum AppState {
@@ -1878,7 +1907,6 @@ message ApplicationUpdate {
     string name = 5 [(validate.rules).string = {min_len: 1, max_len: 200}];
 }
 
-
 message OIDCConfig {
     repeated string redirect_uris = 1;
     repeated OIDCResponseType response_types = 2;
@@ -1940,11 +1968,23 @@ message ClientSecret {
     string client_secret = 1;
 }
 
+message ApplicationView {
+    string id = 1;
+    AppState state = 2;
+    google.protobuf.Timestamp creation_date = 3;
+    google.protobuf.Timestamp change_date = 4;
+    string name = 5;
+    oneof app_config {
+        OIDCConfig oidc_config = 8;
+    }
+    uint64 sequence = 9;
+}
+
 message ApplicationSearchResponse {
     uint64 offset = 1;
     uint64 limit = 2;
     uint64 total_result = 3;
-    repeated Application result = 4;
+    repeated ApplicationView result = 4;
 }
 
 message ApplicationSearchRequest {
@@ -1969,14 +2009,11 @@ message ProjectGrant {
     string id = 1;
     string project_id = 2;
     string granted_org_id = 3;
-    string granted_org_name = 4;
-    string granted_org_domain = 5;
-    repeated string role_keys = 6;
-    ProjectGrantState state = 7;
-    google.protobuf.Timestamp creation_date = 8;
-    google.protobuf.Timestamp change_date = 9;
-    string project_name = 10;
-    uint64 sequence = 11;
+    repeated string role_keys = 4;
+    ProjectGrantState state = 5;
+    google.protobuf.Timestamp creation_date = 6;
+    google.protobuf.Timestamp change_date = 7;
+    uint64 sequence = 9;
 }
 
 message ProjectGrantCreate {
@@ -1996,21 +2033,31 @@ message ProjectGrantID {
     string id = 2;
 }
 
-message GrantedGrantID {
-    string id = 1;
-}
-
 enum ProjectGrantState {
     PROJECTGRANTSTATE_UNSPECIFIED = 0;
     PROJECTGRANTSTATE_ACTIVE = 1;
     PROJECTGRANTSTATE_INACTIVE = 2;
 }
 
+message ProjectGrantView {
+    string id = 1;
+    string project_id = 2;
+    string granted_org_id = 3;
+    string granted_org_name = 4;
+    string granted_org_domain = 5;
+    repeated string role_keys = 6;
+    ProjectGrantState state = 7;
+    google.protobuf.Timestamp creation_date = 8;
+    google.protobuf.Timestamp change_date = 9;
+    string project_name = 10;
+    uint64 sequence = 11;
+}
+
 message ProjectGrantSearchResponse {
     uint64 offset = 1;
     uint64 limit = 2;
     uint64 total_result = 3;
-    repeated ProjectGrant result = 4;
+    repeated ProjectGrantView result = 4;
 }
 
 message ProjectGrantSearchRequest {
@@ -2025,14 +2072,10 @@ message ProjectGrantMemberRoles {
 
 message ProjectGrantMember {
     string user_id = 1;
-    string user_name = 2;
-    string email = 3;
-    string first_name = 4;
-    string last_name = 5;
-    repeated string roles = 6;
-    google.protobuf.Timestamp change_date = 7;
-    google.protobuf.Timestamp creation_date = 8;
-    uint64 sequence = 9;
+    repeated string roles = 2;
+    google.protobuf.Timestamp change_date = 3;
+    google.protobuf.Timestamp creation_date = 4;
+    uint64 sequence = 5;
 }
 
 message ProjectGrantMemberAdd {
@@ -2055,11 +2098,23 @@ message ProjectGrantMemberRemove {
     string user_id = 3;
 }
 
+message ProjectGrantMemberView {
+    string user_id = 1;
+    string user_name = 2;
+    string email = 3;
+    string first_name = 4;
+    string last_name = 5;
+    repeated string roles = 6;
+    google.protobuf.Timestamp change_date = 7;
+    google.protobuf.Timestamp creation_date = 8;
+    uint64 sequence = 9;
+}
+
 message ProjectGrantMemberSearchResponse {
     uint64 offset = 1;
     uint64 limit = 2;
     uint64 total_result = 3;
-    repeated ProjectGrantMember result = 4;
+    repeated ProjectGrantMemberView result = 4;
 }
 
 message ProjectGrantMemberSearchRequest {
@@ -2082,6 +2137,7 @@ enum ProjectGrantMemberSearchKey {
     PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME = 2;
     PROJECTGRANTMEMBERSEARCHKEY_EMAIL = 3;
     PROJECTGRANTMEMBERSEARCHKEY_USER_ID = 4;
+    PROJECTGRANTMEMBERSEARCHKEY_USER_NAME = 5;
 }
 
 message UserGrant {