mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-04 23:45:07 +00:00
fix(api): use organization instead of organisation (#6720)
* fix(api): use organization instead of organisation * fix test * docs: add deprecation notice * remove validation
This commit is contained in:
parent
27e03120dc
commit
95889cf576
@ -33,12 +33,7 @@ func authorize(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo,
|
||||
return nil, status.Error(codes.Unauthenticated, "auth header missing")
|
||||
}
|
||||
|
||||
var orgDomain string
|
||||
orgID := grpc_util.GetHeader(authCtx, http.ZitadelOrgID)
|
||||
if o, ok := req.(OrganisationFromRequest); ok {
|
||||
orgID = o.OrganisationFromRequest().ID
|
||||
orgDomain = o.OrganisationFromRequest().Domain
|
||||
}
|
||||
orgID, orgDomain := orgIDAndDomainFromRequest(authCtx, req)
|
||||
ctxSetter, err := authz.CheckUserAuthorization(authCtx, req, authToken, orgID, orgDomain, verifier, authConfig, authOpt, info.FullMethod)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -47,11 +42,38 @@ func authorize(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo,
|
||||
return handler(ctxSetter(ctx), req)
|
||||
}
|
||||
|
||||
type OrganisationFromRequest interface {
|
||||
OrganisationFromRequest() *Organisation
|
||||
func orgIDAndDomainFromRequest(ctx context.Context, req interface{}) (id, domain string) {
|
||||
orgID := grpc_util.GetHeader(ctx, http.ZitadelOrgID)
|
||||
o, ok := req.(OrganizationFromRequest)
|
||||
if !ok {
|
||||
return orgID, ""
|
||||
}
|
||||
id = o.OrganizationFromRequest().ID
|
||||
domain = o.OrganizationFromRequest().Domain
|
||||
if id != "" || domain != "" {
|
||||
return id, domain
|
||||
}
|
||||
// check if the deprecated organisation is used.
|
||||
// to be removed before going GA (https://github.com/zitadel/zitadel/issues/6718)
|
||||
id = o.OrganisationFromRequest().ID
|
||||
domain = o.OrganisationFromRequest().Domain
|
||||
if id != "" || domain != "" {
|
||||
return id, domain
|
||||
}
|
||||
return orgID, domain
|
||||
}
|
||||
|
||||
type Organisation struct {
|
||||
// Deprecated: will be removed in favor of OrganizationFromRequest (https://github.com/zitadel/zitadel/issues/6718)
|
||||
type OrganisationFromRequest interface {
|
||||
OrganisationFromRequest() *Organization
|
||||
}
|
||||
|
||||
type Organization struct {
|
||||
ID string
|
||||
Domain string
|
||||
}
|
||||
|
||||
type OrganizationFromRequest interface {
|
||||
OrganizationFromRequest() *Organization
|
||||
OrganisationFromRequest
|
||||
}
|
||||
|
@ -216,6 +216,7 @@ func userFactorToPb(factor query.SessionUserFactor) *session.UserFactor {
|
||||
LoginName: factor.LoginName,
|
||||
DisplayName: factor.DisplayName,
|
||||
OrganisationId: factor.ResourceOwner,
|
||||
OrganizationId: factor.ResourceOwner,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -10,10 +10,11 @@ import (
|
||||
"github.com/muhlemmer/gu"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/zitadel/zitadel/internal/api/authz"
|
||||
"google.golang.org/protobuf/proto"
|
||||
"google.golang.org/protobuf/types/known/timestamppb"
|
||||
|
||||
"github.com/zitadel/zitadel/internal/api/authz"
|
||||
|
||||
"github.com/zitadel/zitadel/internal/domain"
|
||||
caos_errs "github.com/zitadel/zitadel/internal/errors"
|
||||
"github.com/zitadel/zitadel/internal/query"
|
||||
@ -151,6 +152,7 @@ func Test_sessionsToPb(t *testing.T) {
|
||||
LoginName: "donald",
|
||||
DisplayName: "donald duck",
|
||||
OrganisationId: "org1",
|
||||
OrganizationId: "org1",
|
||||
},
|
||||
},
|
||||
Metadata: map[string][]byte{"hello": []byte("world")},
|
||||
@ -167,6 +169,7 @@ func Test_sessionsToPb(t *testing.T) {
|
||||
LoginName: "donald",
|
||||
DisplayName: "donald duck",
|
||||
OrganisationId: "org1",
|
||||
OrganizationId: "org1",
|
||||
},
|
||||
Password: &session.PasswordFactor{
|
||||
VerifiedAt: timestamppb.New(past),
|
||||
@ -186,6 +189,7 @@ func Test_sessionsToPb(t *testing.T) {
|
||||
LoginName: "donald",
|
||||
DisplayName: "donald duck",
|
||||
OrganisationId: "org1",
|
||||
OrganizationId: "org1",
|
||||
},
|
||||
WebAuthN: &session.WebAuthNFactor{
|
||||
VerifiedAt: timestamppb.New(past),
|
||||
@ -206,6 +210,7 @@ func Test_sessionsToPb(t *testing.T) {
|
||||
LoginName: "donald",
|
||||
DisplayName: "donald duck",
|
||||
OrganisationId: "org1",
|
||||
OrganizationId: "org1",
|
||||
},
|
||||
Totp: &session.TOTPFactor{
|
||||
VerifiedAt: timestamppb.New(past),
|
||||
|
@ -17,8 +17,8 @@ var {{.ServiceName}}_AuthMethods = authz.MethodMapping {
|
||||
}
|
||||
|
||||
{{ range $m := .AuthContext}}
|
||||
func (r *{{ $m.Name }}) OrganisationFromRequest() *middleware.Organisation {
|
||||
return &middleware.Organisation{
|
||||
func (r *{{ $m.Name }}) OrganizationFromRequest() *middleware.Organization {
|
||||
return &middleware.Organization{
|
||||
ID: r{{$m.OrgMethod}}.GetOrgId(),
|
||||
Domain: r{{$m.OrgMethod}}.GetOrgDomain(),
|
||||
}
|
||||
|
12
pkg/grpc/user/v2beta/user_service_org.pb.zitadel.go
Normal file
12
pkg/grpc/user/v2beta/user_service_org.pb.zitadel.go
Normal file
@ -0,0 +1,12 @@
|
||||
package user
|
||||
|
||||
import "github.com/zitadel/zitadel/internal/api/grpc/server/middleware"
|
||||
|
||||
// OrganisationFromRequest implements deprecated [middleware.OrganisationFromRequest] interface.
|
||||
// it will be removed before going GA (https://github.com/zitadel/zitadel/issues/6718)
|
||||
func (r *AddHumanUserRequest) OrganisationFromRequest() *middleware.Organization {
|
||||
return &middleware.Organization{
|
||||
ID: r.GetOrganisation().GetOrgId(),
|
||||
Domain: r.GetOrganisation().GetOrgDomain(),
|
||||
}
|
||||
}
|
@ -3763,7 +3763,7 @@ service AdminService {
|
||||
|
||||
// Activates the "LoginDefaultOrg" feature by setting the flag to "true"
|
||||
// This is irreversible!
|
||||
// Once activated, the login UI will use the settings of the default org (and not from the instance) if not organisation context is set
|
||||
// Once activated, the login UI will use the settings of the default org (and not from the instance) if not organization context is set
|
||||
rpc ActivateFeatureLoginDefaultOrg(ActivateFeatureLoginDefaultOrgRequest) returns (ActivateFeatureLoginDefaultOrgResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/features/login_default_org"
|
||||
|
@ -6806,7 +6806,7 @@ service ManagementService {
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new Azure AD identity provider in the organisation
|
||||
// Add a new Azure AD identity provider in the organization
|
||||
rpc AddAzureADProvider(AddAzureADProviderRequest) returns (AddAzureADProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/azure"
|
||||
@ -6824,7 +6824,7 @@ service ManagementService {
|
||||
};
|
||||
}
|
||||
|
||||
// Change an existing Azure AD identity provider in the organisation
|
||||
// Change an existing Azure AD identity provider in the organization
|
||||
rpc UpdateAzureADProvider(UpdateAzureADProviderRequest) returns (UpdateAzureADProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/idps/azure/{id}"
|
||||
|
@ -8,6 +8,7 @@ import "google/protobuf/timestamp.proto";
|
||||
import "protoc-gen-openapiv2/options/annotations.proto";
|
||||
import "validate/validate.proto";
|
||||
|
||||
// Deprecated: use Organization
|
||||
message Organisation {
|
||||
oneof org {
|
||||
string org_id = 1;
|
||||
@ -15,6 +16,13 @@ message Organisation {
|
||||
}
|
||||
}
|
||||
|
||||
message Organization {
|
||||
oneof org {
|
||||
string org_id = 1;
|
||||
string org_domain = 2;
|
||||
}
|
||||
}
|
||||
|
||||
message RequestContext {
|
||||
oneof resource_owner {
|
||||
string org_id = 1;
|
||||
|
@ -48,7 +48,7 @@ message GrantedProject {
|
||||
];
|
||||
string granted_org_name = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
example: "\"Some Organisation\""
|
||||
example: "\"Some Organization\""
|
||||
}
|
||||
];
|
||||
repeated string granted_role_keys = 4 [
|
||||
|
@ -73,9 +73,15 @@ message UserFactor {
|
||||
description: "\"display name of the checked user\"";
|
||||
}
|
||||
];
|
||||
// deprecated: use organization_id, will be remove before GA (https://github.com/zitadel/zitadel/issues/6718)
|
||||
string organisation_id = 5 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "\"organisation id of the checked user\"";
|
||||
description: "\"organization id of the checked user; deprecated: use organization_id\"";
|
||||
}
|
||||
];
|
||||
string organization_id = 6 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "\"organization id of the checked user\"";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
@ -119,7 +119,7 @@ service UserService {
|
||||
option (zitadel.protoc_gen_zitadel.v2.options) = {
|
||||
auth_option: {
|
||||
permission: "user.write"
|
||||
org_field: "organisation"
|
||||
org_field: "organization"
|
||||
}
|
||||
http_response: {
|
||||
success_code: 201
|
||||
@ -655,7 +655,13 @@ message AddHumanUserRequest{
|
||||
example: "\"minnie-mouse\"";
|
||||
}
|
||||
];
|
||||
zitadel.object.v2beta.Organisation organisation = 3;
|
||||
// deprecated: use organization (if both are set, organization will take precedence)
|
||||
zitadel.object.v2beta.Organisation organisation = 3 [
|
||||
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||
description: "deprecated: use organization (if both are set, organization will take precedence)"
|
||||
}
|
||||
];
|
||||
zitadel.object.v2beta.Organization organization = 11;
|
||||
SetHumanProfile profile = 4 [
|
||||
(validate.rules).message.required = true,
|
||||
(google.api.field_behavior) = REQUIRED
|
||||
|
Loading…
Reference in New Issue
Block a user