feat: user memberships (#537)

* feat: add search user memberships * feat: add search user memberships * feat: read user member ship * feat: add usergrant search key * feat: uesrmemberships based on permissions * feat: merge master * fix: correct permissions * fix: update display name on change profile * fix: merge request converations * fix: err handling * Update internal/user/model/user_membership_view.go Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: Silvan <silvan.reusser@gmail.com>
2025-11-15 04:13:45 +00:00 · 2020-07-30 14:37:55 +02:00
parent 4dabecd8d4
commit 75f1c4c576
60 changed files with 3773 additions and 2174 deletions
--- a/pkg/grpc/management/proto/management.proto
+++ b/pkg/grpc/management/proto/management.proto
@@ -373,6 +373,17 @@ service ManagementService {
        };
    }

+    rpc SearchUserMemberships(UserMembershipSearchRequest) returns (UserMembershipSearchResponse) {
+        option (google.api.http) = {
+            post: "/users/{user_id}/memberships/_search"
+            body: "*"
+        };
+
+        option (caos.zitadel.utils.v1.auth_option) = {
+            permission: "user.membership.read"
+        };
+    }
+
    // returns default policy if nothing other set on organisation
    rpc GetPasswordComplexityPolicy(google.protobuf.Empty) returns (PasswordComplexityPolicy) {
        option (google.api.http) = {
@@ -2526,7 +2537,6 @@ message UserGrantUpdate {
    string user_id = 1;
    string id = 2;
    repeated string role_keys = 3;
-    string grant_id = 4;
 }

 message UserGrantRemoveBulk {
@@ -2626,6 +2636,7 @@ enum UserGrantSearchKey {
    USERGRANTSEARCHKEY_USER_ID = 2;
    USERGRANTSEARCHKEY_ORG_ID = 3;
    USERGRANTSEARCHKEY_ROLE_KEY = 4;
+    USERGRANTSEARCHKEY_GRANT_ID = 5;
 }

 message ProjectUserGrantSearchRequest {
@@ -2641,3 +2652,51 @@ message ProjectGrantUserGrantSearchRequest {
    uint64 limit = 3;
    repeated UserGrantSearchQuery queries = 4;
 }
+
+message UserMembershipSearchResponse {
+    uint64 offset = 1;
+    uint64 limit = 2;
+    uint64 total_result = 3;
+    repeated UserMembershipView result = 4;
+    uint64 processed_sequence = 5;
+    google.protobuf.Timestamp view_timestamp = 6;
+}
+
+message UserMembershipSearchRequest {
+    string user_id = 1;
+    uint64 offset = 2;
+    uint64 limit = 3;
+    repeated UserMembershipSearchQuery queries = 4;
+}
+
+message UserMembershipSearchQuery {
+    UserMembershipSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];
+    SearchMethod method = 2 [(validate.rules).enum = {in: [0]}];
+    string value = 3;
+}
+
+enum UserMembershipSearchKey {
+    USERMEMBERSHIPSEARCHKEY_UNSPECIFIED = 0;
+    USERMEMBERSHIPSEARCHKEY_TYPE = 1;
+    USERMEMBERSHIPSEARCHKEY_OBJECT_ID = 2;
+}
+
+message UserMembershipView {
+    string user_id = 1;
+    MemberType member_type = 2;
+    string aggregate_id = 3;
+    string object_id = 4;
+    repeated string roles = 5;
+    string display_name = 6;
+    google.protobuf.Timestamp creation_date = 7;
+    google.protobuf.Timestamp change_date = 8;
+    uint64 sequence = 9;
+    string resource_owner = 10;
+}
+
+enum MemberType {
+    MEMBERTYPE_UNSPECIFIED = 0;
+    MEMBERTYPE_ORGANISATION = 1;
+    MEMBERTYPE_PROJECT = 2;
+    MEMBERTYPE_PROJECT_GRANT = 3;
+}