TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 04:57:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: filter of domain claimed users (#2752)

Browse Source
This commit is contained in:
Livio Amstutz
2021-11-29 17:36:24 +01:00
committed by GitHub
parent 209ea09e30
commit 7d45ae3c6c
3 changed files with 22 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
internal/api/grpc/management/org.go
View File

@@ -50,7 +50,7 @@ func (s *Server) ListOrgChanges(ctx context.Context, req *mgmt_pb.ListOrgChanges
}
func (s *Server) AddOrg(ctx context.Context, req *mgmt_pb.AddOrgRequest) (*mgmt_pb.AddOrgResponse, error) {
userIDs, err := s.getClaimedUserIDsOfOrgDomain(ctx, domain.NewIAMDomainName(req.Name, s.systemDefaults.Domain))
userIDs, err := s.getClaimedUserIDsOfOrgDomain(ctx, domain.NewIAMDomainName(req.Name, s.systemDefaults.Domain), "")
if err != nil {
return nil, err
}
@@ -185,7 +185,7 @@ func GenerateOrgDomainValidationRequestToDomain(ctx context.Context, req *mgmt_p
}
func (s *Server) ValidateOrgDomain(ctx context.Context, req *mgmt_pb.ValidateOrgDomainRequest) (*mgmt_pb.ValidateOrgDomainResponse, error) {
userIDs, err := s.getClaimedUserIDsOfOrgDomain(ctx, req.Domain)
userIDs, err := s.getClaimedUserIDsOfOrgDomain(ctx, req.Domain, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
@@ -284,20 +284,24 @@ func (s *Server) RemoveOrgMember(ctx context.Context, req *mgmt_pb.RemoveOrgMemb
}, nil
}
func (s *Server) getClaimedUserIDsOfOrgDomain(ctx context.Context, orgDomain string) ([]string, error) {
users, err := s.user.SearchUsers(ctx, &usr_model.UserSearchRequest{
Queries: []*usr_model.UserSearchQuery{
{
Key: usr_model.UserSearchKeyPreferredLoginName,
Method: domain.SearchMethodEndsWithIgnoreCase,
Value: orgDomain,
},
{
func (s *Server) getClaimedUserIDsOfOrgDomain(ctx context.Context, orgDomain, orgID string) ([]string, error) {
queries := []*usr_model.UserSearchQuery{
{
Key: usr_model.UserSearchKeyPreferredLoginName,
Method: domain.SearchMethodEndsWithIgnoreCase,
Value: "@" + orgDomain,
},
}
if orgID != "" {
queries = append(queries,
&usr_model.UserSearchQuery{
Key: usr_model.UserSearchKeyResourceOwner,
Method: domain.SearchMethodNotEquals,
Value: authz.GetCtxData(ctx).OrgID,
},
},
Value: orgID,
})
}
users, err := s.user.SearchUsers(ctx, &usr_model.UserSearchRequest{
Queries: queries,
}, false)
if err != nil {
return nil, err