feat: api v2beta to api v2 (#8283)

# Which Problems Are Solved The v2beta services are stable but not GA. # How the Problems Are Solved The v2beta services are copied to v2. The corresponding v1 and v2beta services are deprecated. # Additional Context Closes #7236 --------- Co-authored-by: Elio Bischof <elio@zitadel.com>
2025-08-11 20:37:30 +00:00 · 2024-07-26 22:39:55 +02:00
parent bc16962aac
commit 7d2d85f57c
142 changed files with 15170 additions and 386 deletions
--- a/internal/command/user_idp_link_test.go
+++ b/internal/command/user_idp_link_test.go
@@ -519,7 +519,8 @@ func TestCommandSide_BulkAddUserIDPLinks(t *testing.T) {

 func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 	type fields struct {
-		eventstore *eventstore.Eventstore
+		eventstore      *eventstore.Eventstore
+		checkPermission domain.PermissionCheck
 	}
 	type args struct {
 		ctx  context.Context
@@ -541,6 +542,7 @@ func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 				eventstore: eventstoreExpect(
 					t,
 				),
+				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx: context.Background(),
@@ -562,6 +564,7 @@ func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 				eventstore: eventstoreExpect(
 					t,
 				),
+				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx: context.Background(),
@@ -598,6 +601,7 @@ func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 						),
 					),
 				),
+				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx: context.Background(),
@@ -620,6 +624,7 @@ func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 					t,
 					expectFilter(),
 				),
+				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx: context.Background(),
@@ -635,6 +640,38 @@ func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 				err: zerrors.IsNotFound,
 			},
 		},
+		{
+			name: "remove external idp, permission error",
+			fields: fields{
+				eventstore: eventstoreExpect(
+					t,
+					expectFilter(
+						eventFromEventPusher(
+							user.NewUserIDPLinkAddedEvent(context.Background(),
+								&user.NewAggregate("user1", "org1").Aggregate,
+								"config1",
+								"name",
+								"externaluser1",
+							),
+						),
+					),
+				),
+				checkPermission: newMockPermissionCheckNotAllowed(),
+			},
+			args: args{
+				ctx: context.Background(),
+				link: &domain.UserIDPLink{
+					ObjectRoot: models.ObjectRoot{
+						AggregateID: "user1",
+					},
+					IDPConfigID:    "config1",
+					ExternalUserID: "externaluser1",
+				},
+			},
+			res: res{
+				err: zerrors.IsPermissionDenied,
+			},
+		},
 		{
 			name: "remove external idp, ok",
 			fields: fields{
@@ -658,6 +695,7 @@ func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 						),
 					),
 				),
+				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args: args{
 				ctx: context.Background(),
@@ -679,7 +717,8 @@ func TestCommandSide_RemoveUserIDPLink(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			r := &Commands{
-				eventstore: tt.fields.eventstore,
+				eventstore:      tt.fields.eventstore,
+				checkPermission: tt.fields.checkPermission,
 			}
 			got, err := r.RemoveUserIDPLink(tt.args.ctx, tt.args.link)
 			if tt.res.err == nil {