feat: add listIamMembers to system api (#5013)

Added ListIAMMembers endpoint to system-API to provide the functionality to the customer portal

internal/api/grpc/system/instance.go

@@ -5,6 +5,7 @@ import (
 
 	"github.com/zitadel/zitadel/internal/api/authz"
 	instance_grpc "github.com/zitadel/zitadel/internal/api/grpc/instance"
+	"github.com/zitadel/zitadel/internal/api/grpc/member"
 	"github.com/zitadel/zitadel/internal/api/grpc/object"
 	"github.com/zitadel/zitadel/internal/query"
 	object_pb "github.com/zitadel/zitadel/pkg/grpc/object"
@@ -95,6 +96,23 @@ func (s *Server) RemoveInstance(ctx context.Context, req *system_pb.RemoveInstan
 	}, nil
 }
 
+func (s *Server) ListIAMMembers(ctx context.Context, req *system_pb.ListIAMMembersRequest) (*system_pb.ListIAMMembersResponse, error) {
+	ctx = authz.WithInstanceID(ctx, req.InstanceId)
+	queries, err := ListIAMMembersRequestToQuery(req)
+	if err != nil {
+		return nil, err
+	}
+	res, err := s.query.IAMMembers(ctx, queries, false)
+	if err != nil {
+		return nil, err
+	}
+	return &system_pb.ListIAMMembersResponse{
+		Details: object.ToListDetails(res.Count, res.Sequence, res.Timestamp),
+		//TODO: resource owner of user of the member instead of the membership resource owner
+		Result: member.MembersToPb("", res.Members),
+	}, nil
+}
+
 func (s *Server) ExistsDomain(ctx context.Context, req *system_pb.ExistsDomainRequest) (*system_pb.ExistsDomainResponse, error) {
 	domainQuery, err := query.NewInstanceDomainDomainSearchQuery(query.TextEqualsIgnoreCase, req.Domain)
 	if err != nil {