feat: project view (#90)

* init for views (spooler, handler)

* init for views (spooler, handler)

* start view in management

* granted project

* implement granted project view

* search granted projects

* fix search column

* update all projects on project change

* search roles

* filter org

* project members

* project grant members

* fix tests

* application view

* project grant search

* mock

* test appendevents

* test appendevents

* Update internal/view/query.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/eventstore/spooler/spooler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/view/query.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* merge request changes

* Update internal/project/repository/view/model/application.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* merge request changes

* Project view sql (#92)

* sql and configs

* error handling

* sql start in eventstore

* on error handling, config

* read user on members

* Update internal/project/repository/view/application_view.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/application_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_grant_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_grant_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_grant_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_member_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/granted_project.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* return caos errors

* Update internal/project/repository/view/model/granted_project_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_grant_member.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_grant_member_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_member.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_member_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_role.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/project/repository/view/model/project_role_query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/application_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/application_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update pkg/management/api/grpc/project_converter.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* converter fix

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>

internal/project/repository/view/application_view.go

@@ -0,0 +1,32 @@
+package view
+
+import (
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ApplicationByID(db *gorm.DB, table, appID string) (*model.ApplicationView, error) {
+	app := new(model.ApplicationView)
+	query := view.PrepareGetByKey(table, model.ApplicationSearchKey(proj_model.APPLICATIONSEARCHKEY_APP_ID), appID)
+	err := query(db, app)
+	return app, err
+}
+
+func SearchApplications(db *gorm.DB, table string, req *proj_model.ApplicationSearchRequest) ([]*model.ApplicationView, int, error) {
+	apps := make([]*model.ApplicationView, 0)
+	query := view.PrepareSearchQuery(table, model.ApplicationSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &apps)
+	return apps, count, err
+}
+
+func PutApplication(db *gorm.DB, table string, app *model.ApplicationView) error {
+	save := view.PrepareSave(table)
+	return save(db, app)
+}
+
+func DeleteApplication(db *gorm.DB, table, appID string) error {
+	delete := view.PrepareDeleteByKey(table, model.ApplicationSearchKey(proj_model.APPLICATIONSEARCHKEY_APP_ID), appID)
+	return delete(db)
+}

internal/project/repository/view/granted_project_view.go

@@ -0,0 +1,56 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func GrantedProjectByIDs(db *gorm.DB, table, projectID, orgID string) (*model.GrantedProjectView, error) {
+	project := new(model.GrantedProjectView)
+
+	projectIDQuery := model.GrantedProjectSearchQuery{Key: proj_model.GRANTEDPROJECTSEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS}
+	grantIDQuery := model.GrantedProjectSearchQuery{Key: proj_model.GRANTEDPROJECTSEARCHKEY_ORGID, Value: orgID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, projectIDQuery, grantIDQuery)
+	err := query(db, project)
+	return project, err
+}
+
+func GrantedProjectsByID(db *gorm.DB, table, projectID string) ([]*model.GrantedProjectView, error) {
+	projects := make([]*model.GrantedProjectView, 0)
+	queries := []*proj_model.GrantedProjectSearchQuery{
+		&proj_model.GrantedProjectSearchQuery{Key: proj_model.GRANTEDPROJECTSEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.GrantedProjectSearchRequest{Queries: queries})
+	_, err := query(db, &projects)
+	if err != nil {
+		return nil, err
+	}
+	return projects, nil
+}
+
+func SearchGrantedProjects(db *gorm.DB, table string, req *proj_model.GrantedProjectSearchRequest) ([]*model.GrantedProjectView, int, error) {
+	projects := make([]*model.GrantedProjectView, 0)
+	query := view.PrepareSearchQuery(table, model.GrantedProjectSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &projects)
+	if err != nil {
+		return nil, 0, err
+	}
+	return projects, count, nil
+}
+
+func PutGrantedProject(db *gorm.DB, table string, project *model.GrantedProjectView) error {
+	save := view.PrepareSave(table)
+	return save(db, project)
+}
+
+func DeleteGrantedProject(db *gorm.DB, table, projectID, orgID string) error {
+	project, err := GrantedProjectByIDs(db, table, projectID, orgID)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, project)
+	return delete(db)
+}

internal/project/repository/view/model/application.go

@@ -0,0 +1,156 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	ApplicationKeyID            = "id"
+	ApplicationKeyProjectID     = "project_id"
+	ApplicationKeyResourceOwner = "resource_owner"
+	ApplicationKeyOIDCClientID  = "oidc_client_id"
+	ApplicationKeyName          = "name"
+)
+
+type ApplicationView struct {
+	ID           string    `json:"appId" gorm:"column:id;primary_key"`
+	ProjectID    string    `json:"-" gorm:"column:project_id"`
+	Name         string    `json:"name" gorm:"column:app_name"`
+	CreationDate time.Time `json:"-" gorm:"column:creation_date"`
+	ChangeDate   time.Time `json:"-" gorm:"column:change_date"`
+	State        int32     `json:"-" gorm:"column:app_state"`
+
+	IsOIDC                     bool           `json:"-" gorm:"column:is_oidc"`
+	OIDCClientID               string         `json:"clientId" gorm:"column:oidc_client_id"`
+	OIDCRedirectUris           pq.StringArray `json:"redirectUris" gorm:"column:oidc_redirect_uris"`
+	OIDCResponseTypes          pq.Int64Array  `json:"responseTypes" gorm:"column:oidc_response_types"`
+	OIDCGrantTypes             pq.Int64Array  `json:"grantTypes" gorm:"column:oidc_grant_types"`
+	OIDCApplicationType        int32          `json:"applicationType" gorm:"column:oidc_application_type"`
+	OIDCAuthMethodType         int32          `json:"authMethodType" gorm:"column:oidc_auth_method_type"`
+	OIDCPostLogoutRedirectUris pq.StringArray `json:"postLogoutRedirectUris" gorm:"column:oidc_post_logout_redirect_uris"`
+
+	Sequence uint64 `json:"-" gorm:"sequence"`
+}
+
+func ApplicationViewFromModel(app *model.ApplicationView) *ApplicationView {
+	return &ApplicationView{
+		ID:           app.ID,
+		ProjectID:    app.ProjectID,
+		Name:         app.Name,
+		State:        int32(app.State),
+		Sequence:     app.Sequence,
+		CreationDate: app.CreationDate,
+		ChangeDate:   app.ChangeDate,
+
+		IsOIDC:                     app.IsOIDC,
+		OIDCClientID:               app.OIDCClientID,
+		OIDCRedirectUris:           app.OIDCRedirectUris,
+		OIDCResponseTypes:          OIDCResponseTypesFromModel(app.OIDCResponseTypes),
+		OIDCGrantTypes:             OIDCGrantTypesFromModel(app.OIDCGrantTypes),
+		OIDCApplicationType:        int32(app.OIDCApplicationType),
+		OIDCAuthMethodType:         int32(app.OIDCAuthMethodType),
+		OIDCPostLogoutRedirectUris: app.OIDCPostLogoutRedirectUris,
+	}
+}
+
+func OIDCResponseTypesFromModel(oidctypes []model.OIDCResponseType) []int64 {
+	result := make([]int64, len(oidctypes))
+	for i, t := range oidctypes {
+		result[i] = int64(t)
+	}
+	return result
+}
+
+func OIDCGrantTypesFromModel(granttypes []model.OIDCGrantType) []int64 {
+	result := make([]int64, len(granttypes))
+	for i, t := range granttypes {
+		result[i] = int64(t)
+	}
+	return result
+}
+
+func ApplicationViewToModel(app *ApplicationView) *model.ApplicationView {
+	return &model.ApplicationView{
+		ID:           app.ID,
+		ProjectID:    app.ProjectID,
+		Name:         app.Name,
+		State:        model.AppState(app.State),
+		Sequence:     app.Sequence,
+		CreationDate: app.CreationDate,
+		ChangeDate:   app.ChangeDate,
+
+		IsOIDC:                     app.IsOIDC,
+		OIDCClientID:               app.OIDCClientID,
+		OIDCRedirectUris:           app.OIDCRedirectUris,
+		OIDCResponseTypes:          OIDCResponseTypesToModel(app.OIDCResponseTypes),
+		OIDCGrantTypes:             OIDCGrantTypesToModel(app.OIDCGrantTypes),
+		OIDCApplicationType:        model.OIDCApplicationType(app.OIDCApplicationType),
+		OIDCAuthMethodType:         model.OIDCAuthMethodType(app.OIDCAuthMethodType),
+		OIDCPostLogoutRedirectUris: app.OIDCPostLogoutRedirectUris,
+	}
+}
+
+func OIDCResponseTypesToModel(oidctypes []int64) []model.OIDCResponseType {
+	result := make([]model.OIDCResponseType, len(oidctypes))
+	for i, t := range oidctypes {
+		result[i] = model.OIDCResponseType(t)
+	}
+	return result
+}
+
+func OIDCGrantTypesToModel(granttypes []int64) []model.OIDCGrantType {
+	result := make([]model.OIDCGrantType, len(granttypes))
+	for i, t := range granttypes {
+		result[i] = model.OIDCGrantType(t)
+	}
+	return result
+}
+
+func ApplicationViewsToModel(roles []*ApplicationView) []*model.ApplicationView {
+	result := make([]*model.ApplicationView, len(roles))
+	for i, r := range roles {
+		result[i] = ApplicationViewToModel(r)
+	}
+	return result
+}
+
+func (a *ApplicationView) AppendEvent(event *models.Event) (err error) {
+	a.Sequence = event.Sequence
+	a.ChangeDate = event.CreationDate
+	switch event.Type {
+	case es_model.ApplicationAdded:
+		a.setRootData(event)
+		a.CreationDate = event.CreationDate
+		err = a.SetData(event)
+	case es_model.OIDCConfigAdded:
+		a.IsOIDC = true
+		err = a.SetData(event)
+	case es_model.OIDCConfigChanged,
+		es_model.ApplicationChanged:
+		err = a.SetData(event)
+	case es_model.ApplicationDeactivated:
+		a.State = int32(model.APPSTATE_INACTIVE)
+	case es_model.ApplicationReactivated:
+		a.State = int32(model.APPSTATE_ACTIVE)
+	}
+	return err
+}
+
+func (a *ApplicationView) setRootData(event *models.Event) {
+	a.ProjectID = event.AggregateID
+}
+
+func (a *ApplicationView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, a); err != nil {
+		logging.Log("EVEN-lo9ds").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-8suie", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/application_query.go

@@ -0,0 +1,65 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ApplicationSearchRequest proj_model.ApplicationSearchRequest
+type ApplicationSearchQuery proj_model.ApplicationSearchQuery
+type ApplicationSearchKey proj_model.ApplicationSearchKey
+
+func (req ApplicationSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ApplicationSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ApplicationSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.APPLICATIONSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ApplicationSearchKey(req.SortingColumn)
+}
+
+func (req ApplicationSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ApplicationSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ApplicationSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ApplicationSearchQuery) GetKey() view.ColumnKey {
+	return ApplicationSearchKey(req.Key)
+}
+
+func (req ApplicationSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ApplicationSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ApplicationSearchKey) ToColumnName() string {
+	switch proj_model.ApplicationSearchKey(key) {
+	case proj_model.APPLICATIONSEARCHKEY_APP_ID:
+		return ApplicationKeyID
+	case proj_model.APPLICATIONSEARCHKEY_NAME:
+		return ApplicationKeyName
+	case proj_model.APPLICATIONSEARCHKEY_PROJECT_ID:
+		return ApplicationKeyProjectID
+	case proj_model.APPLICATIONSEARCHKEY_OIDC_CLIENT_ID:
+		return ApplicationKeyOIDCClientID
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/application_test.go

@@ -0,0 +1,100 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"testing"
+)
+
+func mockAppData(app *es_model.Application) []byte {
+	data, _ := json.Marshal(app)
+	return data
+}
+
+func mockOIDCConfigData(config *es_model.OIDCConfig) []byte {
+	data, _ := json.Marshal(config)
+	return data
+}
+
+func TestApplicationAppendEvent(t *testing.T) {
+	type args struct {
+		event *es_models.Event
+		app   *ApplicationView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ApplicationView
+	}{
+		{
+			name: "append added app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationAdded, Data: mockAppData(&es_model.Application{Name: "AppName"})},
+				app:   &ApplicationView{},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append changed app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationChanged, Data: mockAppData(&es_model.Application{Name: "AppNameChanged"})},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppNameChanged", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append deactivate app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationDeactivated},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_INACTIVE)},
+		},
+		{
+			name: "append reactivate app event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ApplicationReactivated},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_INACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append added oidc config event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.OIDCConfigAdded, Data: mockOIDCConfigData(&es_model.OIDCConfig{ClientID: "clientID"})},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", IsOIDC: true, OIDCClientID: "clientID", State: int32(model.APPSTATE_ACTIVE)},
+		},
+		{
+			name: "append changed oidc config event",
+			args: args{
+				event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.OIDCConfigAdded, Data: mockOIDCConfigData(&es_model.OIDCConfig{ClientID: "clientIDChanged"})},
+				app:   &ApplicationView{ProjectID: "AggregateID", Name: "AppName", OIDCClientID: "clientID", State: int32(model.APPSTATE_ACTIVE)},
+			},
+			result: &ApplicationView{ProjectID: "AggregateID", Name: "AppName", IsOIDC: true, OIDCClientID: "clientIDChanged", State: int32(model.APPSTATE_ACTIVE)},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.app.AppendEvent(tt.args.event)
+			if tt.args.app.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.app.ProjectID)
+			}
+			if tt.args.app.Name != tt.result.Name {
+				t.Errorf("got wrong result name: expected: %v, actual: %v ", tt.result.Name, tt.args.app.Name)
+			}
+			if tt.args.app.State != tt.result.State {
+				t.Errorf("got wrong result state: expected: %v, actual: %v ", tt.result.State, tt.args.app.State)
+			}
+			if tt.args.app.IsOIDC != tt.result.IsOIDC {
+				t.Errorf("got wrong result IsOIDC: expected: %v, actual: %v ", tt.result.IsOIDC, tt.args.app.IsOIDC)
+			}
+			if tt.args.app.OIDCClientID != tt.result.OIDCClientID {
+				t.Errorf("got wrong result OIDCClientID: expected: %v, actual: %v ", tt.result.OIDCClientID, tt.args.app.OIDCClientID)
+			}
+		})
+	}
+}

internal/project/repository/view/model/granted_project.go

@@ -0,0 +1,149 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	GrantedProjectKeyProjectID     = "project_id"
+	GrantedProjectKeyGrantID       = "grant_id"
+	GrantedProjectKeyOrgID         = "org_id"
+	GrantedProjectKeyResourceOwner = "resource_owner"
+	GrantedProjectKeyName          = "name"
+)
+
+type GrantedProjectView struct {
+	ProjectID       string         `json:"-" gorm:"column:project_id;primary_key"`
+	OrgID           string         `json:"-" gorm:"column:org_id;primary_key"`
+	Name            string         `json:"name" gorm:"column:project_name"`
+	CreationDate    time.Time      `json:"-" gorm:"column:creation_date"`
+	ChangeDate      time.Time      `json:"-" gorm:"column:change_date"`
+	State           int32          `json:"-" gorm:"column:project_state"`
+	Type            int32          `json:"-" gorm:"column:project_type"`
+	ResourceOwner   string         `json:"-" gorm:"column:resource_owner"`
+	OrgName         string         `json:"-" gorm:"column:org_name"`
+	OrgDomain       string         `json:"-" gorm:"column:org_domain"`
+	Sequence        uint64         `json:"-" gorm:"column:sequence"`
+	GrantID         string         `json:"-" gorm:"column:grant_id"`
+	GrantedRoleKeys pq.StringArray `json:"-" gorm:"column:granted_role_keys"`
+}
+
+type ProjectGrant struct {
+	GrantID      string   `json:"grantId"`
+	GrantedOrgID string   `json:"grantedOrgId"`
+	RoleKeys     []string `json:"roleKeys"`
+}
+
+func GrantedProjectFromModel(project *model.GrantedProjectView) *GrantedProjectView {
+	return &GrantedProjectView{
+		ProjectID:       project.ProjectID,
+		OrgID:           project.OrgID,
+		Name:            project.Name,
+		ChangeDate:      project.ChangeDate,
+		CreationDate:    project.CreationDate,
+		State:           int32(project.State),
+		Type:            int32(project.Type),
+		ResourceOwner:   project.ResourceOwner,
+		OrgName:         project.OrgName,
+		GrantID:         project.GrantID,
+		GrantedRoleKeys: project.GrantedRoleKeys,
+		Sequence:        project.Sequence,
+	}
+}
+
+func GrantedProjectToModel(project *GrantedProjectView) *model.GrantedProjectView {
+	return &model.GrantedProjectView{
+		ProjectID:     project.ProjectID,
+		OrgID:         project.OrgID,
+		Name:          project.Name,
+		ChangeDate:    project.ChangeDate,
+		CreationDate:  project.CreationDate,
+		State:         model.ProjectState(project.State),
+		Type:          model.ProjectType(project.Type),
+		ResourceOwner: project.ResourceOwner,
+		OrgName:       project.OrgName,
+		GrantID:       project.GrantID,
+		Sequence:      project.Sequence,
+	}
+}
+
+func GrantedProjectsToModel(projects []*GrantedProjectView) []*model.GrantedProjectView {
+	result := make([]*model.GrantedProjectView, len(projects))
+	for i, p := range projects {
+		result[i] = GrantedProjectToModel(p)
+	}
+	return result
+}
+
+func (p *GrantedProjectView) AppendEvent(event *models.Event) (err error) {
+	p.ChangeDate = event.CreationDate
+	p.Sequence = event.Sequence
+	switch event.Type {
+	case es_model.ProjectAdded:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+		p.CreationDate = event.CreationDate
+		p.setRootData(event)
+		err = p.setData(event)
+	case es_model.ProjectChanged:
+		err = p.setData(event)
+	case es_model.ProjectDeactivated:
+		p.State = int32(model.PROJECTSTATE_INACTIVE)
+	case es_model.ProjectReactivated:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+	case es_model.ProjectGrantAdded:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+		p.CreationDate = event.CreationDate
+		p.setRootData(event)
+		err = p.setProjectGrantData(event)
+	case es_model.ProjectGrantChanged:
+		err = p.setProjectGrantData(event)
+	case es_model.ProjectGrantDeactivated:
+		p.State = int32(model.PROJECTSTATE_INACTIVE)
+	case es_model.ProjectGrantReactivated:
+		p.State = int32(model.PROJECTSTATE_ACTIVE)
+	}
+	return err
+}
+
+func (p *GrantedProjectView) setRootData(event *models.Event) {
+	p.ProjectID = event.AggregateID
+	p.OrgID = event.ResourceOwner
+	p.ResourceOwner = event.ResourceOwner
+}
+
+func (p *GrantedProjectView) setData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, p); err != nil {
+		logging.Log("EVEN-dlo92").WithError(err).Error("could not unmarshal event data")
+		return err
+	}
+	return nil
+}
+
+func (p *GrantedProjectView) setProjectGrantData(event *models.Event) error {
+	grant := new(ProjectGrant)
+	err := grant.SetData(event)
+	if err != nil {
+		return err
+	}
+	if grant.GrantedOrgID != "" {
+		p.OrgID = grant.GrantedOrgID
+	}
+	p.GrantID = grant.GrantID
+	p.GrantedRoleKeys = grant.RoleKeys
+	return nil
+}
+
+func (p *ProjectGrant) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, p); err != nil {
+		logging.Log("EVEN-dlo92").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-s9ols", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/granted_project_query.go

@@ -0,0 +1,67 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type GrantedProjectSearchRequest proj_model.GrantedProjectSearchRequest
+type GrantedProjectSearchQuery proj_model.GrantedProjectSearchQuery
+type GrantedProjectSearchKey proj_model.GrantedProjectSearchKey
+
+func (req GrantedProjectSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req GrantedProjectSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req GrantedProjectSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.GRANTEDPROJECTSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return GrantedProjectSearchKey(req.SortingColumn)
+}
+
+func (req GrantedProjectSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req GrantedProjectSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = GrantedProjectSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req GrantedProjectSearchQuery) GetKey() view.ColumnKey {
+	return GrantedProjectSearchKey(req.Key)
+}
+
+func (req GrantedProjectSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req GrantedProjectSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key GrantedProjectSearchKey) ToColumnName() string {
+	switch proj_model.GrantedProjectSearchKey(key) {
+	case proj_model.GRANTEDPROJECTSEARCHKEY_NAME:
+		return GrantedProjectKeyName
+	case proj_model.GRANTEDPROJECTSEARCHKEY_GRANTID:
+		return GrantedProjectKeyGrantID
+	case proj_model.GRANTEDPROJECTSEARCHKEY_ORGID:
+		return GrantedProjectKeyOrgID
+	case proj_model.GRANTEDPROJECTSEARCHKEY_PROJECTID:
+		return GrantedProjectKeyProjectID
+	case proj_model.GRANTEDPROJECTSEARCHKEY_RESOURCE_OWNER:
+		return GrantedProjectKeyResourceOwner
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/granted_project_test.go

@@ -0,0 +1,121 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"reflect"
+	"testing"
+)
+
+func mockProjectData(project *es_model.Project) []byte {
+	data, _ := json.Marshal(project)
+	return data
+}
+
+func mockProjectGrantData(grant *es_model.ProjectGrant) []byte {
+	data, _ := json.Marshal(grant)
+	return data
+}
+
+func TestGrantedProjectAppendEvent(t *testing.T) {
+	type args struct {
+		event   *es_models.Event
+		project *GrantedProjectView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *GrantedProjectView
+	}{
+		{
+			name: "append added project event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectAdded, ResourceOwner: "OrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectName"})},
+				project: &GrantedProjectView{},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+		},
+		{
+			name: "append change project event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectChanged, ResourceOwner: "OrgID", Data: mockProjectData(&es_model.Project{Name: "ProjectNameChanged"})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", OrgID: "OrgID", ResourceOwner: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectNameChanged", State: int32(model.PROJECTSTATE_ACTIVE)},
+		},
+		{
+			name: "append project deactivate event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectDeactivated, ResourceOwner: "OrgID"},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_INACTIVE)},
+		},
+		{
+			name: "append project reactivate event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectReactivated, ResourceOwner: "OrgID"},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_INACTIVE)},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "OrgID", Name: "ProjectName", State: int32(model.PROJECTSTATE_ACTIVE)},
+		},
+		{
+			name: "append added project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantAdded, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID", GrantedOrgID: "GrantedOrgID", RoleKeys: pq.StringArray{"Role"}})},
+				project: &GrantedProjectView{},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append change project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantChanged, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID", RoleKeys: pq.StringArray{"RoleChanged"}})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"RoleChanged"}},
+		},
+		{
+			name: "append deactivate project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantDeactivated, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID"})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_INACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append reactivate project grant event",
+			args: args{
+				event:   &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantReactivated, ResourceOwner: "OrgID", Data: mockProjectGrantData(&es_model.ProjectGrant{GrantID: "GrantID"})},
+				project: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_INACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+			},
+			result: &GrantedProjectView{ProjectID: "AggregateID", ResourceOwner: "OrgID", OrgID: "GrantedOrgID", State: int32(model.PROJECTSTATE_ACTIVE), GrantedRoleKeys: pq.StringArray{"Role"}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.project.AppendEvent(tt.args.event)
+			if tt.args.project.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.project.ProjectID)
+			}
+			if tt.args.project.OrgID != tt.result.OrgID {
+				t.Errorf("got wrong result orgID: expected: %v, actual: %v ", tt.result.OrgID, tt.args.project.OrgID)
+			}
+			if tt.args.project.ResourceOwner != tt.result.ResourceOwner {
+				t.Errorf("got wrong result ResourceOwner: expected: %v, actual: %v ", tt.result.ResourceOwner, tt.args.project.ResourceOwner)
+			}
+			if tt.args.project.Name != tt.result.Name {
+				t.Errorf("got wrong result name: expected: %v, actual: %v ", tt.result.Name, tt.args.project.Name)
+			}
+			if tt.args.project.State != tt.result.State {
+				t.Errorf("got wrong result state: expected: %v, actual: %v ", tt.result.State, tt.args.project.State)
+			}
+			if !reflect.DeepEqual(tt.args.project.GrantedRoleKeys, tt.result.GrantedRoleKeys) {
+				t.Errorf("got wrong result state: expected: %v, actual: %v ", tt.result.GrantedRoleKeys, tt.args.project.GrantedRoleKeys)
+			}
+		})
+	}
+}

internal/project/repository/view/model/project_grant_member.go

@@ -0,0 +1,102 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	ProjectGrantMemberKeyUserID    = "user_id"
+	ProjectGrantMemberKeyGrantID   = "grant_id"
+	ProjectGrantMemberKeyUserName  = "user_name"
+	ProjectGrantMemberKeyEmail     = "email"
+	ProjectGrantMemberKeyFirstName = "first_name"
+	ProjectGrantMemberKeyLastName  = "last_name"
+)
+
+type ProjectGrantMemberView struct {
+	UserID    string         `json:"userId" gorm:"column:user_id;primary_key"`
+	GrantID   string         `json:"grantId" gorm:"column:grant_id;primary_key"`
+	ProjectID string         `json:"-" gorm:"column:project_id"`
+	UserName  string         `json:"-" gorm:"column:user_name"`
+	Email     string         `json:"-" gorm:"column:email_address"`
+	FirstName string         `json:"-" gorm:"column:first_name"`
+	LastName  string         `json:"-" gorm:"column:last_name"`
+	Roles     pq.StringArray `json:"roles" gorm:"column:roles"`
+	Sequence  uint64         `json:"-" gorm:"column:sequence"`
+
+	CreationDate time.Time `json:"-" gorm:"column:creation_date"`
+	ChangeDate   time.Time `json:"-" gorm:"column:change_date"`
+}
+
+func ProjectGrantMemberViewFromModel(member *model.ProjectGrantMemberView) *ProjectGrantMemberView {
+	return &ProjectGrantMemberView{
+		UserID:       member.UserID,
+		GrantID:      member.GrantID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectGrantMemberToModel(member *ProjectGrantMemberView) *model.ProjectGrantMemberView {
+	return &model.ProjectGrantMemberView{
+		UserID:       member.UserID,
+		GrantID:      member.GrantID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectGrantMembersToModel(roles []*ProjectGrantMemberView) []*model.ProjectGrantMemberView {
+	result := make([]*model.ProjectGrantMemberView, len(roles))
+	for i, r := range roles {
+		result[i] = ProjectGrantMemberToModel(r)
+	}
+	return result
+}
+
+func (r *ProjectGrantMemberView) AppendEvent(event *models.Event) (err error) {
+	r.Sequence = event.Sequence
+	r.ChangeDate = event.CreationDate
+	switch event.Type {
+	case es_model.ProjectGrantMemberAdded:
+		r.setRootData(event)
+		r.CreationDate = event.CreationDate
+		err = r.SetData(event)
+	case es_model.ProjectGrantMemberChanged:
+		err = r.SetData(event)
+	}
+	return err
+}
+
+func (r *ProjectGrantMemberView) setRootData(event *models.Event) {
+	r.ProjectID = event.AggregateID
+}
+
+func (r *ProjectGrantMemberView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, r); err != nil {
+		logging.Log("EVEN-slo9s").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-0plew", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/project_grant_member_query.go

@@ -0,0 +1,69 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ProjectGrantMemberSearchRequest proj_model.ProjectGrantMemberSearchRequest
+type ProjectGrantMemberSearchQuery proj_model.ProjectGrantMemberSearchQuery
+type ProjectGrantMemberSearchKey proj_model.ProjectGrantMemberSearchKey
+
+func (req ProjectGrantMemberSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ProjectGrantMemberSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ProjectGrantMemberSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.PROJECTGRANTMEMBERSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ProjectGrantMemberSearchKey(req.SortingColumn)
+}
+
+func (req ProjectGrantMemberSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ProjectGrantMemberSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ProjectGrantMemberSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ProjectGrantMemberSearchQuery) GetKey() view.ColumnKey {
+	return ProjectGrantMemberSearchKey(req.Key)
+}
+
+func (req ProjectGrantMemberSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ProjectGrantMemberSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ProjectGrantMemberSearchKey) ToColumnName() string {
+	switch proj_model.ProjectGrantMemberSearchKey(key) {
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_EMAIL:
+		return ProjectGrantMemberKeyEmail
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_FIRST_NAME:
+		return ProjectGrantMemberKeyFirstName
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_LAST_NAME:
+		return ProjectGrantMemberKeyLastName
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_NAME:
+		return ProjectGrantMemberKeyUserName
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_ID:
+		return ProjectGrantMemberKeyUserID
+	case proj_model.PROJECTGRANTMEMBERSEARCHKEY_GRANT_ID:
+		return ProjectGrantMemberKeyGrantID
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/project_grant_member_test.go

@@ -0,0 +1,61 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"reflect"
+	"testing"
+)
+
+func mockProjectGrantMemberData(member *es_model.ProjectGrantMember) []byte {
+	data, _ := json.Marshal(member)
+	return data
+}
+
+func TestGrantedProjectMemberAppendEvent(t *testing.T) {
+	type args struct {
+		event  *es_models.Event
+		member *ProjectGrantMemberView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ProjectGrantMemberView
+	}{
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantMemberAdded, ResourceOwner: "OrgID", Data: mockProjectGrantMemberData(&es_model.ProjectGrantMember{GrantID: "GrantID", UserID: "UserID", Roles: pq.StringArray{"Role"}})},
+				member: &ProjectGrantMemberView{},
+			},
+			result: &ProjectGrantMemberView{ProjectID: "AggregateID", UserID: "UserID", GrantID: "GrantID", Roles: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append changed member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectGrantMemberAdded, ResourceOwner: "OrgID", Data: mockProjectGrantMemberData(&es_model.ProjectGrantMember{GrantID: "GrantID", Roles: pq.StringArray{"RoleChanged"}})},
+				member: &ProjectGrantMemberView{ProjectID: "AggregateID", UserID: "UserID", GrantID: "GrantID", Roles: pq.StringArray{"Role"}},
+			},
+			result: &ProjectGrantMemberView{ProjectID: "AggregateID", UserID: "UserID", GrantID: "GrantID", Roles: pq.StringArray{"RoleChanged"}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.member.AppendEvent(tt.args.event)
+			if tt.args.member.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.member.ProjectID)
+			}
+			if tt.args.member.UserID != tt.result.UserID {
+				t.Errorf("got wrong result userID: expected: %v, actual: %v ", tt.result.UserID, tt.args.member.UserID)
+			}
+			if tt.args.member.GrantID != tt.result.GrantID {
+				t.Errorf("got wrong result GrantID: expected: %v, actual: %v ", tt.result.GrantID, tt.args.member.GrantID)
+			}
+			if !reflect.DeepEqual(tt.args.member.Roles, tt.result.Roles) {
+				t.Errorf("got wrong result Roles: expected: %v, actual: %v ", tt.result.Roles, tt.args.member.Roles)
+			}
+		})
+	}
+}

internal/project/repository/view/model/project_member.go

@@ -0,0 +1,99 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"time"
+)
+
+const (
+	ProjectMemberKeyUserID    = "user_id"
+	ProjectMemberKeyProjectID = "project_id"
+	ProjectMemberKeyUserName  = "user_name"
+	ProjectMemberKeyEmail     = "email"
+	ProjectMemberKeyFirstName = "first_name"
+	ProjectMemberKeyLastName  = "last_name"
+)
+
+type ProjectMemberView struct {
+	UserID    string         `json:"userId" gorm:"column:user_id;primary_key"`
+	ProjectID string         `json:"-" gorm:"column:project_id;primary_key"`
+	UserName  string         `json:"-" gorm:"column:user_name"`
+	Email     string         `json:"-" gorm:"column:email_address"`
+	FirstName string         `json:"-" gorm:"column:first_name"`
+	LastName  string         `json:"-" gorm:"column:last_name"`
+	Roles     pq.StringArray `json:"roles" gorm:"column:roles"`
+	Sequence  uint64         `json:"-" gorm:"column:sequence"`
+
+	CreationDate time.Time `json:"-" gorm:"column:creation_date"`
+	ChangeDate   time.Time `json:"-" gorm:"column:change_date"`
+}
+
+func ProjectMemberViewFromModel(member *model.ProjectMemberView) *ProjectMemberView {
+	return &ProjectMemberView{
+		UserID:       member.UserID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectMemberToModel(member *ProjectMemberView) *model.ProjectMemberView {
+	return &model.ProjectMemberView{
+		UserID:       member.UserID,
+		ProjectID:    member.ProjectID,
+		UserName:     member.UserName,
+		Email:        member.Email,
+		FirstName:    member.FirstName,
+		LastName:     member.LastName,
+		Roles:        member.Roles,
+		Sequence:     member.Sequence,
+		CreationDate: member.CreationDate,
+		ChangeDate:   member.ChangeDate,
+	}
+}
+
+func ProjectMembersToModel(roles []*ProjectMemberView) []*model.ProjectMemberView {
+	result := make([]*model.ProjectMemberView, len(roles))
+	for i, r := range roles {
+		result[i] = ProjectMemberToModel(r)
+	}
+	return result
+}
+
+func (r *ProjectMemberView) AppendEvent(event *models.Event) (err error) {
+	r.Sequence = event.Sequence
+	r.ChangeDate = event.CreationDate
+	switch event.Type {
+	case es_model.ProjectMemberAdded:
+		r.setRootData(event)
+		r.CreationDate = event.CreationDate
+		err = r.SetData(event)
+	case es_model.ProjectMemberChanged:
+		err = r.SetData(event)
+	}
+	return err
+}
+
+func (r *ProjectMemberView) setRootData(event *models.Event) {
+	r.ProjectID = event.AggregateID
+}
+
+func (r *ProjectMemberView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, r); err != nil {
+		logging.Log("EVEN-slo9s").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-lub6s", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/project_member_query.go

@@ -0,0 +1,69 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ProjectMemberSearchRequest proj_model.ProjectMemberSearchRequest
+type ProjectMemberSearchQuery proj_model.ProjectMemberSearchQuery
+type ProjectMemberSearchKey proj_model.ProjectMemberSearchKey
+
+func (req ProjectMemberSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ProjectMemberSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ProjectMemberSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.PROJECTMEMBERSEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ProjectMemberSearchKey(req.SortingColumn)
+}
+
+func (req ProjectMemberSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ProjectMemberSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ProjectMemberSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ProjectMemberSearchQuery) GetKey() view.ColumnKey {
+	return ProjectMemberSearchKey(req.Key)
+}
+
+func (req ProjectMemberSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ProjectMemberSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ProjectMemberSearchKey) ToColumnName() string {
+	switch proj_model.ProjectMemberSearchKey(key) {
+	case proj_model.PROJECTMEMBERSEARCHKEY_EMAIL:
+		return ProjectMemberKeyEmail
+	case proj_model.PROJECTMEMBERSEARCHKEY_FIRST_NAME:
+		return ProjectMemberKeyFirstName
+	case proj_model.PROJECTMEMBERSEARCHKEY_LAST_NAME:
+		return ProjectMemberKeyLastName
+	case proj_model.PROJECTMEMBERSEARCHKEY_USER_NAME:
+		return ProjectMemberKeyUserName
+	case proj_model.PROJECTMEMBERSEARCHKEY_USER_ID:
+		return ProjectMemberKeyUserID
+	case proj_model.PROJECTMEMBERSEARCHKEY_PROJECT_ID:
+		return ProjectMemberKeyProjectID
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/project_member_test.go

@@ -0,0 +1,58 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"github.com/lib/pq"
+	"reflect"
+	"testing"
+)
+
+func mockProjectMemberData(member *es_model.ProjectMember) []byte {
+	data, _ := json.Marshal(member)
+	return data
+}
+
+func TestProjectMemberAppendEvent(t *testing.T) {
+	type args struct {
+		event  *es_models.Event
+		member *ProjectMemberView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ProjectMemberView
+	}{
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectMemberAdded, ResourceOwner: "OrgID", Data: mockProjectMemberData(&es_model.ProjectMember{UserID: "UserID", Roles: pq.StringArray{"Role"}})},
+				member: &ProjectMemberView{},
+			},
+			result: &ProjectMemberView{ProjectID: "AggregateID", UserID: "UserID", Roles: pq.StringArray{"Role"}},
+		},
+		{
+			name: "append changed member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectMemberAdded, ResourceOwner: "OrgID", Data: mockProjectMemberData(&es_model.ProjectMember{UserID: "UserID", Roles: pq.StringArray{"RoleChanged"}})},
+				member: &ProjectMemberView{ProjectID: "AggregateID", UserID: "UserID", Roles: pq.StringArray{"Role"}},
+			},
+			result: &ProjectMemberView{ProjectID: "AggregateID", UserID: "UserID", Roles: pq.StringArray{"RoleChanged"}},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.member.AppendEvent(tt.args.event)
+			if tt.args.member.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.member.ProjectID)
+			}
+			if tt.args.member.UserID != tt.result.UserID {
+				t.Errorf("got wrong result userID: expected: %v, actual: %v ", tt.result.UserID, tt.args.member.UserID)
+			}
+			if !reflect.DeepEqual(tt.args.member.Roles, tt.result.Roles) {
+				t.Errorf("got wrong result Roles: expected: %v, actual: %v ", tt.result.Roles, tt.args.member.Roles)
+			}
+		})
+	}
+}

internal/project/repository/view/model/project_role.go

@@ -0,0 +1,91 @@
+package model
+
+import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/project/model"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"time"
+)
+
+const (
+	ProjectRoleKeyKey           = "role_key"
+	ProjectRoleKeyOrgID         = "org_id"
+	ProjectRoleKeyProjectID     = "project_id"
+	ProjectRoleKeyResourceOwner = "resource_owner"
+)
+
+type ProjectRoleView struct {
+	OrgID       string `json:"-" gorm:"column:org_id;primary_key"`
+	ProjectID   string `json:"projectId,omitempty" gorm:"column:project_id;primary_key"`
+	Key         string `json:"key" gorm:"column:role_key;primary_key"`
+	DisplayName string `json:"displayName" gorm:"column:display_name"`
+	Group       string `json:"group" gorm:"column:group_name"`
+	Sequence    uint64 `json:"-" gorm:"column:sequence"`
+
+	ResourceOwner string    `json:"-" gorm:"resource_owner"`
+	CreationDate  time.Time `json:"-" gorm:"column:creation_date"`
+}
+
+func ProjectRoleViewFromModel(role *model.ProjectRoleView) *ProjectRoleView {
+	return &ProjectRoleView{
+		ResourceOwner: role.ResourceOwner,
+		OrgID:         role.OrgID,
+		ProjectID:     role.ProjectID,
+		Key:           role.Key,
+		DisplayName:   role.DisplayName,
+		Group:         role.Group,
+		Sequence:      role.Sequence,
+		CreationDate:  role.CreationDate,
+	}
+}
+
+func ProjectRoleToModel(role *ProjectRoleView) *model.ProjectRoleView {
+	return &model.ProjectRoleView{
+		ResourceOwner: role.ResourceOwner,
+		OrgID:         role.OrgID,
+		ProjectID:     role.ProjectID,
+		Key:           role.Key,
+		DisplayName:   role.DisplayName,
+		Group:         role.Group,
+		Sequence:      role.Sequence,
+		CreationDate:  role.CreationDate,
+	}
+}
+
+func ProjectRolesToModel(roles []*ProjectRoleView) []*model.ProjectRoleView {
+	result := make([]*model.ProjectRoleView, len(roles))
+	for i, r := range roles {
+		result[i] = ProjectRoleToModel(r)
+	}
+	return result
+}
+
+func (r *ProjectRoleView) AppendEvent(event *models.Event) (err error) {
+	r.Sequence = event.Sequence
+	switch event.Type {
+	case es_model.ProjectRoleAdded:
+		r.setRootData(event)
+		r.CreationDate = event.CreationDate
+		err = r.SetData(event)
+	case es_model.ProjectRoleChanged:
+		err = r.SetData(event)
+	}
+	return err
+}
+
+func (r *ProjectRoleView) setRootData(event *models.Event) {
+	r.ProjectID = event.AggregateID
+	r.OrgID = event.ResourceOwner
+	r.ResourceOwner = event.ResourceOwner
+}
+
+func (r *ProjectRoleView) SetData(event *models.Event) error {
+	if err := json.Unmarshal(event.Data, r); err != nil {
+		logging.Log("EVEN-slo9s").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-6z52s", "Could not unmarshal data")
+	}
+	return nil
+}

internal/project/repository/view/model/project_role_query.go

@@ -0,0 +1,65 @@
+package model
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/view"
+)
+
+type ProjectRoleSearchRequest proj_model.ProjectRoleSearchRequest
+type ProjectRoleSearchQuery proj_model.ProjectRoleSearchQuery
+type ProjectRoleSearchKey proj_model.ProjectRoleSearchKey
+
+func (req ProjectRoleSearchRequest) GetLimit() uint64 {
+	return req.Limit
+}
+
+func (req ProjectRoleSearchRequest) GetOffset() uint64 {
+	return req.Offset
+}
+
+func (req ProjectRoleSearchRequest) GetSortingColumn() view.ColumnKey {
+	if req.SortingColumn == proj_model.PROJECTROLESEARCHKEY_UNSPECIFIED {
+		return nil
+	}
+	return ProjectRoleSearchKey(req.SortingColumn)
+}
+
+func (req ProjectRoleSearchRequest) GetAsc() bool {
+	return req.Asc
+}
+
+func (req ProjectRoleSearchRequest) GetQueries() []view.SearchQuery {
+	result := make([]view.SearchQuery, len(req.Queries))
+	for i, q := range req.Queries {
+		result[i] = ProjectRoleSearchQuery{Key: q.Key, Value: q.Value, Method: q.Method}
+	}
+	return result
+}
+
+func (req ProjectRoleSearchQuery) GetKey() view.ColumnKey {
+	return ProjectRoleSearchKey(req.Key)
+}
+
+func (req ProjectRoleSearchQuery) GetMethod() global_model.SearchMethod {
+	return req.Method
+}
+
+func (req ProjectRoleSearchQuery) GetValue() interface{} {
+	return req.Value
+}
+
+func (key ProjectRoleSearchKey) ToColumnName() string {
+	switch proj_model.ProjectRoleSearchKey(key) {
+	case proj_model.PROJECTROLESEARCHKEY_KEY:
+		return ProjectRoleKeyKey
+	case proj_model.PROJECTROLESEARCHKEY_ORGID:
+		return ProjectRoleKeyOrgID
+	case proj_model.PROJECTROLESEARCHKEY_PROJECTID:
+		return ProjectRoleKeyProjectID
+	case proj_model.PROJECTROLESEARCHKEY_RESOURCEOWNER:
+		return ProjectRoleKeyResourceOwner
+	default:
+		return ""
+	}
+}

internal/project/repository/view/model/project_role_test.go

@@ -0,0 +1,65 @@
+package model
+
+import (
+	"encoding/json"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+	es_model "github.com/caos/zitadel/internal/project/repository/eventsourcing/model"
+	"testing"
+)
+
+func mockProjectRoleData(member *es_model.ProjectRole) []byte {
+	data, _ := json.Marshal(member)
+	return data
+}
+
+func TestProjectRoleAppendEvent(t *testing.T) {
+	type args struct {
+		event  *es_models.Event
+		member *ProjectRoleView
+	}
+	tests := []struct {
+		name   string
+		args   args
+		result *ProjectRoleView
+	}{
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectRoleAdded, ResourceOwner: "OrgID", Data: mockProjectRoleData(&es_model.ProjectRole{Key: "Key", DisplayName: "DisplayName", Group: "Group"})},
+				member: &ProjectRoleView{},
+			},
+			result: &ProjectRoleView{OrgID: "OrgID", ResourceOwner: "OrgID", ProjectID: "AggregateID", Key: "Key", DisplayName: "DisplayName", Group: "Group"},
+		},
+		{
+			name: "append added member event",
+			args: args{
+				event:  &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: es_model.ProjectRoleAdded, ResourceOwner: "OrgID", Data: mockProjectRoleData(&es_model.ProjectRole{Key: "Key", DisplayName: "DisplayNameChanged", Group: "GroupChanged"})},
+				member: &ProjectRoleView{OrgID: "OrgID", ResourceOwner: "OrgID", ProjectID: "AggregateID", Key: "Key", DisplayName: "DisplayName", Group: "Group"},
+			},
+			result: &ProjectRoleView{OrgID: "OrgID", ResourceOwner: "OrgID", ProjectID: "AggregateID", Key: "Key", DisplayName: "DisplayNameChanged", Group: "GroupChanged"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tt.args.member.AppendEvent(tt.args.event)
+			if tt.args.member.ProjectID != tt.result.ProjectID {
+				t.Errorf("got wrong result projectID: expected: %v, actual: %v ", tt.result.ProjectID, tt.args.member.ProjectID)
+			}
+			if tt.args.member.OrgID != tt.result.OrgID {
+				t.Errorf("got wrong result orgID: expected: %v, actual: %v ", tt.result.OrgID, tt.args.member.OrgID)
+			}
+			if tt.args.member.ResourceOwner != tt.result.ResourceOwner {
+				t.Errorf("got wrong result ResourceOwner: expected: %v, actual: %v ", tt.result.ResourceOwner, tt.args.member.ResourceOwner)
+			}
+			if tt.args.member.Key != tt.result.Key {
+				t.Errorf("got wrong result Key: expected: %v, actual: %v ", tt.result.Key, tt.args.member.Key)
+			}
+			if tt.args.member.DisplayName != tt.result.DisplayName {
+				t.Errorf("got wrong result DisplayName: expected: %v, actual: %v ", tt.result.DisplayName, tt.args.member.DisplayName)
+			}
+			if tt.args.member.Group != tt.result.Group {
+				t.Errorf("got wrong result Group: expected: %v, actual: %v ", tt.result.Group, tt.args.member.Group)
+			}
+		})
+	}
+}

internal/project/repository/view/project_grant_member_view.go

@@ -0,0 +1,56 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ProjectGrantMemberByIDs(db *gorm.DB, table, grantID, userID string) (*model.ProjectGrantMemberView, error) {
+	role := new(model.ProjectGrantMemberView)
+
+	grantIDQuery := model.ProjectGrantMemberSearchQuery{Key: proj_model.PROJECTGRANTMEMBERSEARCHKEY_GRANT_ID, Value: grantID, Method: global_model.SEARCHMETHOD_EQUALS}
+	userIDQuery := model.ProjectGrantMemberSearchQuery{Key: proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, grantIDQuery, userIDQuery)
+	err := query(db, role)
+	return role, err
+}
+
+func SearchProjectGrantMembers(db *gorm.DB, table string, req *proj_model.ProjectGrantMemberSearchRequest) ([]*model.ProjectGrantMemberView, int, error) {
+	roles := make([]*model.ProjectGrantMemberView, 0)
+	query := view.PrepareSearchQuery(table, model.ProjectGrantMemberSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &roles)
+	if err != nil {
+		return nil, 0, err
+	}
+	return roles, count, nil
+}
+
+func ProjectGrantMembersByUserID(db *gorm.DB, table, userID string) ([]*model.ProjectGrantMemberView, error) {
+	members := make([]*model.ProjectGrantMemberView, 0)
+	queries := []*proj_model.ProjectGrantMemberSearchQuery{
+		&proj_model.ProjectGrantMemberSearchQuery{Key: proj_model.PROJECTGRANTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectGrantMemberSearchRequest{Queries: queries})
+	_, err := query(db, &members)
+	if err != nil {
+		return nil, err
+	}
+	return members, nil
+}
+
+func PutProjectGrantMember(db *gorm.DB, table string, role *model.ProjectGrantMemberView) error {
+	save := view.PrepareSave(table)
+	return save(db, role)
+}
+
+func DeleteProjectGrantMember(db *gorm.DB, table, grantID, userID string) error {
+	role, err := ProjectGrantMemberByIDs(db, table, grantID, userID)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, role)
+	return delete(db)
+}

internal/project/repository/view/project_member_view.go

@@ -0,0 +1,55 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ProjectMemberByIDs(db *gorm.DB, table, projectID, userID string) (*model.ProjectMemberView, error) {
+	role := new(model.ProjectMemberView)
+
+	projectIDQuery := model.ProjectMemberSearchQuery{Key: proj_model.PROJECTMEMBERSEARCHKEY_PROJECT_ID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS}
+	userIDQuery := model.ProjectMemberSearchQuery{Key: proj_model.PROJECTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, projectIDQuery, userIDQuery)
+	err := query(db, role)
+	return role, err
+}
+
+func SearchProjectMembers(db *gorm.DB, table string, req *proj_model.ProjectMemberSearchRequest) ([]*model.ProjectMemberView, int, error) {
+	roles := make([]*model.ProjectMemberView, 0)
+	query := view.PrepareSearchQuery(table, model.ProjectMemberSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &roles)
+	if err != nil {
+		return nil, 0, err
+	}
+	return roles, count, nil
+}
+func ProjectMembersByUserID(db *gorm.DB, table string, userID string) ([]*model.ProjectMemberView, error) {
+	members := make([]*model.ProjectMemberView, 0)
+	queries := []*proj_model.ProjectMemberSearchQuery{
+		&proj_model.ProjectMemberSearchQuery{Key: proj_model.PROJECTMEMBERSEARCHKEY_USER_ID, Value: userID, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectMemberSearchRequest{Queries: queries})
+	_, err := query(db, &members)
+	if err != nil {
+		return nil, err
+	}
+	return members, nil
+}
+
+func PutProjectMember(db *gorm.DB, table string, role *model.ProjectMemberView) error {
+	save := view.PrepareSave(table)
+	return save(db, role)
+}
+
+func DeleteProjectMember(db *gorm.DB, table, projectID, userID string) error {
+	role, err := ProjectMemberByIDs(db, table, projectID, userID)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, role)
+	return delete(db)
+}

internal/project/repository/view/project_role_view.go

@@ -0,0 +1,73 @@
+package view
+
+import (
+	global_model "github.com/caos/zitadel/internal/model"
+	proj_model "github.com/caos/zitadel/internal/project/model"
+	"github.com/caos/zitadel/internal/project/repository/view/model"
+	"github.com/caos/zitadel/internal/view"
+	"github.com/jinzhu/gorm"
+)
+
+func ProjectRoleByIDs(db *gorm.DB, table, projectID, orgID, key string) (*model.ProjectRoleView, error) {
+	role := new(model.ProjectRoleView)
+
+	projectIDQuery := model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS}
+	grantIDQuery := model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_ORGID, Value: orgID, Method: global_model.SEARCHMETHOD_EQUALS}
+	keyQuery := model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_KEY, Value: orgID, Method: global_model.SEARCHMETHOD_EQUALS}
+	query := view.PrepareGetByQuery(table, projectIDQuery, grantIDQuery, keyQuery)
+	err := query(db, role)
+	return role, err
+}
+
+func ResourceOwnerProjectRolesByKey(db *gorm.DB, table, projectID, resourceOwner, key string) ([]*model.ProjectRoleView, error) {
+	roles := make([]*model.ProjectRoleView, 0)
+	queries := []*proj_model.ProjectRoleSearchQuery{
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS},
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_RESOURCEOWNER, Value: resourceOwner, Method: global_model.SEARCHMETHOD_EQUALS},
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_KEY, Value: key, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectRoleSearchRequest{Queries: queries})
+	_, err := query(db, &roles)
+	if err != nil {
+		return nil, err
+	}
+	return roles, nil
+}
+
+func ResourceOwnerProjectRoles(db *gorm.DB, table, projectID, resourceOwner string) ([]*model.ProjectRoleView, error) {
+	roles := make([]*model.ProjectRoleView, 0)
+	queries := []*proj_model.ProjectRoleSearchQuery{
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_PROJECTID, Value: projectID, Method: global_model.SEARCHMETHOD_EQUALS},
+		&proj_model.ProjectRoleSearchQuery{Key: proj_model.PROJECTROLESEARCHKEY_RESOURCEOWNER, Value: resourceOwner, Method: global_model.SEARCHMETHOD_EQUALS},
+	}
+	query := view.PrepareSearchQuery(table, model.ProjectRoleSearchRequest{Queries: queries})
+	_, err := query(db, &roles)
+	if err != nil {
+		return nil, err
+	}
+	return roles, nil
+}
+
+func SearchProjectRoles(db *gorm.DB, table string, req *proj_model.ProjectRoleSearchRequest) ([]*model.ProjectRoleView, int, error) {
+	roles := make([]*model.ProjectRoleView, 0)
+	query := view.PrepareSearchQuery(table, model.ProjectRoleSearchRequest{Limit: req.Limit, Offset: req.Offset, Queries: req.Queries})
+	count, err := query(db, &roles)
+	if err != nil {
+		return nil, 0, err
+	}
+	return roles, count, nil
+}
+
+func PutProjectRole(db *gorm.DB, table string, role *model.ProjectRoleView) error {
+	save := view.PrepareSave(table)
+	return save(db, role)
+}
+
+func DeleteProjectRole(db *gorm.DB, table, projectID, orgID, key string) error {
+	role, err := ProjectRoleByIDs(db, table, projectID, orgID, key)
+	if err != nil {
+		return err
+	}
+	delete := view.PrepareDeleteByObject(table, role)
+	return delete(db)
+}