feat: user memberships (#537)

* feat: add search user memberships * feat: add search user memberships * feat: read user member ship * feat: add usergrant search key * feat: uesrmemberships based on permissions * feat: merge master * fix: correct permissions * fix: update display name on change profile * fix: merge request converations * fix: err handling * Update internal/user/model/user_membership_view.go Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: Silvan <silvan.reusser@gmail.com>
2025-08-11 20:57:31 +00:00 · 2020-07-30 14:37:55 +02:00
parent 4dabecd8d4
commit 75f1c4c576
60 changed files with 3773 additions and 2174 deletions
--- a/internal/api/grpc/management/user.go
+++ b/internal/api/grpc/management/user.go
@@ -2,6 +2,7 @@ package management

 import (
 	"context"
+	"github.com/caos/zitadel/internal/api/authz"

 	"github.com/golang/protobuf/ptypes/empty"

@@ -194,3 +195,14 @@ func (s *Server) GetUserMfas(ctx context.Context, userID *management.UserID) (*m
 	}
 	return &management.MultiFactors{Mfas: mfasFromModel(mfas)}, nil
 }
+
+func (s *Server) SearchUserMemberships(ctx context.Context, in *management.UserMembershipSearchRequest) (*management.UserMembershipSearchResponse, error) {
+	request := userMembershipSearchRequestsToModel(in)
+	request.AppendResourceOwnerQuery(authz.GetCtxData(ctx).OrgID)
+	request.AppendUserIDQuery(in.UserId)
+	response, err := s.user.SearchUserMemberships(ctx, request)
+	if err != nil {
+		return nil, err
+	}
+	return userMembershipSearchResponseFromModel(response), nil
+}
--- a/internal/api/grpc/management/user_converter.go
+++ b/internal/api/grpc/management/user_converter.go
@@ -140,6 +140,41 @@ func userSearchKeyToModel(key management.UserSearchKey) usr_model.UserSearchKey
 	}
 }

+func userMembershipSearchRequestsToModel(request *management.UserMembershipSearchRequest) *usr_model.UserMembershipSearchRequest {
+	return &usr_model.UserMembershipSearchRequest{
+		Offset:  request.Offset,
+		Limit:   request.Limit,
+		Queries: userMembershipSearchQueriesToModel(request.Queries),
+	}
+}
+
+func userMembershipSearchQueriesToModel(queries []*management.UserMembershipSearchQuery) []*usr_model.UserMembershipSearchQuery {
+	converted := make([]*usr_model.UserMembershipSearchQuery, len(queries))
+	for i, q := range queries {
+		converted[i] = userMembershipSearchQueryToModel(q)
+	}
+	return converted
+}
+
+func userMembershipSearchQueryToModel(query *management.UserMembershipSearchQuery) *usr_model.UserMembershipSearchQuery {
+	return &usr_model.UserMembershipSearchQuery{
+		Key:    userMembershipSearchKeyToModel(query.Key),
+		Method: searchMethodToModel(query.Method),
+		Value:  query.Value,
+	}
+}
+
+func userMembershipSearchKeyToModel(key management.UserMembershipSearchKey) usr_model.UserMembershipSearchKey {
+	switch key {
+	case management.UserMembershipSearchKey_USERMEMBERSHIPSEARCHKEY_TYPE:
+		return usr_model.UserMembershipSearchKeyMemberType
+	case management.UserMembershipSearchKey_USERMEMBERSHIPSEARCHKEY_OBJECT_ID:
+		return usr_model.UserMembershipSearchKeyObjectID
+	default:
+		return usr_model.UserMembershipSearchKeyUnspecified
+	}
+}
+
 func profileFromModel(profile *usr_model.Profile) *management.UserProfile {
 	creationDate, err := ptypes.TimestampProto(profile.CreationDate)
 	logging.Log("GRPC-dkso3").OnError(err).Debug("unable to parse timestamp")
@@ -398,6 +433,48 @@ func userViewFromModel(user *usr_model.UserView) *management.UserView {
 	}
 }

+func userMembershipSearchResponseFromModel(response *usr_model.UserMembershipSearchResponse) *management.UserMembershipSearchResponse {
+	timestamp, err := ptypes.TimestampProto(response.Timestamp)
+	logging.Log("GRPC-Hs8jd").OnError(err).Debug("unable to parse timestamp")
+	return &management.UserMembershipSearchResponse{
+		Offset:            response.Offset,
+		Limit:             response.Limit,
+		TotalResult:       response.TotalResult,
+		Result:            userMembershipViewsFromModel(response.Result),
+		ProcessedSequence: response.Sequence,
+		ViewTimestamp:     timestamp,
+	}
+}
+
+func userMembershipViewsFromModel(memberships []*usr_model.UserMembershipView) []*management.UserMembershipView {
+	converted := make([]*management.UserMembershipView, len(memberships))
+	for i, membership := range memberships {
+		converted[i] = userMembershipViewFromModel(membership)
+	}
+	return converted
+}
+
+func userMembershipViewFromModel(membership *usr_model.UserMembershipView) *management.UserMembershipView {
+	creationDate, err := ptypes.TimestampProto(membership.CreationDate)
+	logging.Log("GRPC-Msnu8").OnError(err).Debug("unable to parse timestamp")
+
+	changeDate, err := ptypes.TimestampProto(membership.ChangeDate)
+	logging.Log("GRPC-Slco9").OnError(err).Debug("unable to parse timestamp")
+
+	return &management.UserMembershipView{
+		UserId:        membership.UserID,
+		AggregateId:   membership.AggregateID,
+		ObjectId:      membership.ObjectID,
+		MemberType:    memberTypeFromModel(membership.MemberType),
+		DisplayName:   membership.DisplayName,
+		Roles:         membership.Roles,
+		CreationDate:  creationDate,
+		ChangeDate:    changeDate,
+		Sequence:      membership.Sequence,
+		ResourceOwner: membership.ResourceOwner,
+	}
+}
+
 func mfasFromModel(mfas []*usr_model.MultiFactor) []*management.MultiFactor {
 	converted := make([]*management.MultiFactor, len(mfas))
 	for i, mfa := range mfas {
@@ -454,6 +531,18 @@ func genderFromModel(gender usr_model.Gender) management.Gender {
 	}
 }

+func memberTypeFromModel(memberType usr_model.MemberType) management.MemberType {
+	switch memberType {
+	case usr_model.MemberTypeOrganisation:
+		return management.MemberType_MEMBERTYPE_ORGANISATION
+	case usr_model.MemberTypeProject:
+		return management.MemberType_MEMBERTYPE_PROJECT
+	case usr_model.MemberTypeProjectGrant:
+		return management.MemberType_MEMBERTYPE_PROJECT_GRANT
+	default:
+		return management.MemberType_MEMBERTYPE_UNSPECIFIED
+	}
+}
 func genderToModel(gender management.Gender) usr_model.Gender {
 	switch gender {
 	case management.Gender_GENDER_FEMALE:
--- a/internal/api/grpc/management/user_grant_converter.go
+++ b/internal/api/grpc/management/user_grant_converter.go
@@ -58,7 +58,6 @@ func userGrantUpdateToModel(u *management.UserGrantUpdate) *grant_model.UserGran
 	return &grant_model.UserGrant{
 		ObjectRoot: models.ObjectRoot{AggregateID: u.Id},
 		RoleKeys:   u.RoleKeys,
-		GrantID:    u.GrantId,
 	}
 }

@@ -127,6 +126,8 @@ func userGrantSearchKeyToModel(key management.UserGrantSearchKey) grant_model.Us
 		return grant_model.UserGrantSearchKeyUserID
 	case management.UserGrantSearchKey_USERGRANTSEARCHKEY_ROLE_KEY:
 		return grant_model.UserGrantSearchKeyRoleKey
+	case management.UserGrantSearchKey_USERGRANTSEARCHKEY_GRANT_ID:
+		return grant_model.UserGrantSearchKeyGrantID
 	default:
 		return grant_model.UserGrantSearchKeyUnspecified
 	}