feat: option to disallow public org registration (#6917)

* feat: return 404 or 409 if org reg disallowed * fix: system limit permissions * feat: add iam limits api * feat: disallow public org registrations on default instance * add integration test * test: integration * fix test * docs: describe public org registrations * avoid updating docs deps * fix system limits integration test * silence integration tests * fix linting * ignore strange linter complaints * review * improve reset properties naming * redefine the api * use restrictions aggregate * test query * simplify and test projection * test commands * fix unit tests * move integration test * support restrictions on default instance * also test GetRestrictions * self review * lint * abstract away resource owner * fix tests * lint
2025-08-11 20:27:32 +00:00 · 2023-11-22 10:29:38 +01:00
parent 5fa596a871
commit 76fe032b5f
45 changed files with 1280 additions and 123 deletions
--- a/internal/command/limits.go
+++ b/internal/command/limits.go
@@ -13,7 +13,7 @@ import (
 )

 type SetLimits struct {
-	AuditLogRetention *time.Duration `json:"AuditLogRetention,omitempty"`
+	AuditLogRetention *time.Duration
 }

 // SetLimits creates new limits or updates existing limits.
@@ -34,14 +34,14 @@ func (c *Commands) SetLimits(
 			return nil, err
 		}
 	}
-	if err != nil {
-		return nil, err
-	}
 	createCmds, err := c.SetLimitsCommand(limits.NewAggregate(aggregateId, instanceId, resourceOwner), wm, setLimits)()
 	if err != nil {
 		return nil, err
 	}
 	cmds, err := createCmds(ctx, nil)
+	if err != nil {
+		return nil, err
+	}
 	if len(cmds) > 0 {
 		events, err := c.eventstore.Push(ctx, cmds...)
 		if err != nil {