feat: multiple domains (#188)

* check uniqueness on create and register user * change user email, reserve release unique email * usergrant unique aggregate * usergrant uniqueness * validate UserGrant * fix tests * domain is set on username in all orgs * domain in admin * org domain sql * zitadel domain org name * org domains * org iam policy * default org iam policy * SETUP * load login names * login by login name * login name * fix: merge master * fix: merge master * Update internal/user/repository/eventsourcing/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: fix unique domains * fix: rename env variable Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-08-11 21:37:32 +00:00 · 2020-06-16 11:40:18 +02:00
parent 64b14b4e19
commit 7a6ca24625
109 changed files with 12578 additions and 6025 deletions
--- a/cmd/zitadel/authz.yaml
+++ b/cmd/zitadel/authz.yaml
@@ -32,6 +32,9 @@ InternalAuthZ:
        - "project.grant.member.read"
        - "project.grant.member.write"
        - "project.grant.member.delete"
+        - "iam.policy.read"
+        - "iam.policy.write"
+        - "iam.policy.delete"
    - Role: 'ORG_OWNER'
      Permissions:
        - "org.read"
--- a/cmd/zitadel/caos_local.sh
+++ b/cmd/zitadel/caos_local.sh
@@ -48,4 +48,7 @@ export CAOS_OIDC_DEV=true
 export ZITADEL_COOKIE_DOMAIN=localhost

 #Console
-export ZITADEL_CONSOLE_ENV_DIR=../../console/src/assets/
+export ZITADEL_CONSOLE_ENV_DIR=../../console/src/assets/
+
+#Org
+export ZITADEL_DEFAULT_DOMAIN=zitadel.ch
--- a/cmd/zitadel/startup.yaml
+++ b/cmd/zitadel/startup.yaml
@@ -19,6 +19,7 @@ Mgmt:
        - x-zitadel-
  Repository:
    SearchLimit: 100
+    Domain: $ZITADEL_DEFAULT_DOMAIN
    Eventstore:
      ServiceName: 'ManagementAPI'
      Repository:
@@ -165,6 +166,7 @@ Admin:
        - x-zitadel-
  Repository:
    SearchLimit: 100
+    Domain: $ZITADEL_DEFAULT_DOMAIN
    Eventstore:
      ServiceName: 'Admin'
      Repository:
--- a/cmd/zitadel/system-defaults.yaml
+++ b/cmd/zitadel/system-defaults.yaml
@@ -63,6 +63,9 @@ SystemDefaults:
      Description: Standard lockout policy
      MaxAttempts: 5
      ShowLockOutFailures: true
+    OrgIam:
+      Description: Standard org policy
+      UserLoginMustBeDomain: true
  IamID: 'IAM'
  SetUp:
    GlobalOrg: 'Global'
@@ -71,6 +74,7 @@ SystemDefaults:
      - Name: 'Global'
        Domain: 'global.caos.ch'
        Default: true
+        OrgIamPolicy: true
        Users:
          - FirstName: 'Global Org'
            LastName: 'Administrator'
@@ -84,7 +88,7 @@ SystemDefaults:
        Users:
          - FirstName: 'Zitadel'
            LastName: 'Administrator'
-            UserName: 'zitadel-admin@caos.ch'
+            UserName: 'zitadel-admin'
            Email: 'zitadel-admin@caos.ch'
            Password: 'Password1!'
        Owners: