TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 05:17:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: handle instance from context (#3382)

Browse Source 
* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* fix tokens view

* fix steps.yaml and defaults.yaml

* fix projections

* change instance context to interface

* instance interceptors and additional events in setup

* cleanup

* tests for interceptors

* fix label policy

* add todo

* single api endpoint in environment.json

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
This commit is contained in:
Livio Amstutz
2022-03-29 11:53:19 +02:00
committed by GitHub
parent c5b99274d7
commit 958362e6c9
101 changed files with 1520 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

398
cmd/defaults.yaml
View File

@@ -7,6 +7,8 @@ Port: 8080
ExternalPort: 8080
ExternalDomain: localhost
ExternalSecure: true
HTTP2HostHeader: ":authority"
HTTP1HostHeader: "host"
Database:
Host: localhost
@@ -181,3 +183,399 @@ SystemDefaults:
PublicKeyLifetime: 30h
SigningKeyRotationCheck: 10s
SigningKeyGracefulPeriod: 10m
InternalAuthZ:
RolePermissionMappings:
- Role: 'IAM_OWNER'
Permissions:
- "iam.read"
- "iam.write"
- "iam.features.read"
- "iam.features.write"
- "iam.policy.read"
- "iam.policy.write"
- "iam.policy.delete"
- "iam.member.read"
- "iam.member.write"
- "iam.member.delete"
- "iam.idp.read"
- "iam.idp.write"
- "iam.idp.delete"
- "iam.action.read"
- "iam.action.write"
- "iam.action.delete"
- "iam.flow.read"
- "iam.flow.write"
- "iam.flow.delete"
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "features.read"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'IAM_OWNER_VIEWER'
Permissions:
- "iam.read"
- "iam.features.read"
- "iam.policy.read"
- "iam.member.read"
- "iam.idp.read"
- "iam.action.read"
- "iam.flow.read"
- "org.read"
- "org.member.read"
- "org.idp.read"
- "org.action.read"
- "org.flow.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- "features.read"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- Role: 'IAM_ORG_MANAGER'
Permissions:
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "features.read"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'IAM_USER_MANAGER'
Permissions:
- "org.read"
- "org.global.read"
- "org.member.read"
- "org.member.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "features.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- Role: 'ORG_OWNER'
Permissions:
- "org.read"
- "org.global.read"
- "org.create"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "org.action.read"
- "org.action.write"
- "org.action.delete"
- "org.flow.read"
- "org.flow.write"
- "org.flow.delete"
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "user.credential.write"
- "features.read"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.create"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'ORG_USER_MANAGER'
Permissions:
- "user.read"
- "user.global.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- "project.read"
- "project.role.read"
- Role: 'ORG_OWNER_VIEWER'
Permissions:
- "org.read"
- "org.member.read"
- "org.idp.read"
- "org.action.read"
- "org.flow.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- "features.read"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.user.grant.read"
- Role: 'ORG_USER_PERMISSION_EDITOR'
Permissions:
- "org.read"
- "org.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- Role: 'ORG_PROJECT_PERMISSION_EDITOR'
Permissions:
- "org.read"
- "org.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- Role: 'ORG_PROJECT_CREATOR'
Permissions:
- "user.global.read"
- "policy.read"
- "project.read:self"
- "project.create"
- Role: 'PROJECT_OWNER'
Permissions:
- "org.global.read"
- "policy.read"
- "project.read"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "project.grant.read"
- "project.grant.write"
- "project.grant.delete"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- Role: 'PROJECT_OWNER_VIEWER'
Permissions:
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- Role: 'SELF_MANAGEMENT_GLOBAL'
Permissions:
- "org.create"
- "policy.read"
- "user.self.delete"
- Role: 'PROJECT_OWNER_GLOBAL'
Permissions:
- "org.global.read"
- "policy.read"
- "project.read"
- "project.write"
- "project.delete"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.app.delete"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- Role: 'PROJECT_OWNER_VIEWER_GLOBAL'
Permissions:
- "policy.read"
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"
- Role: 'PROJECT_GRANT_OWNER'
Permissions:
- "policy.read"
- "org.global.read"
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.grant.write"
- "user.grant.delete"
- "user.membership.read"
- Role: 'PROJECT_GRANT_OWNER_VIEWER'
Permissions:
- "policy.read"
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "user.read"
- "user.global.read"
- "user.grant.read"
- "user.membership.read"