faet: add usermemberships request to auth api (#2139)

2025-02-28 23:57:23 +00:00 · 2021-08-06 15:04:49 +02:00 · 2021-08-06 15:04:49 +02:00 · ae50f57c2c
commit ae50f57c2c
parent c9290dc1a5
6 changed files with 109 additions and 2 deletions
--- a/docs/docs/apis/proto/auth.md
+++ b/docs/docs/apis/proto/auth.md
@ -533,6 +533,19 @@ Returns a list of roles for the authorized user and project
    POST: /permissions/me/_search


+### ListMyMemberships
+
+> **rpc** ListMyMemberships([ListMyMembershipsRequest](#listmymembershipsrequest))
+[ListMyMembershipsResponse](#listmymembershipsresponse)
+
+Show all the permissions my user has in ZITADEL (ZITADEL Manager)
+Limit should always be set, there is a default limit set by the service
+
+
+
+    POST: /memberships/me/_search
+
+



@ -774,6 +787,30 @@ This is an empty request



+### ListMyMembershipsRequest
+
+
+
+| Field | Type | Description | Validation |
+| ----- | ---- | ----------- | ----------- |
+| query |  zitadel.v1.ListQuery | the field the result is sorted |  |
+| queries | repeated zitadel.user.v1.MembershipQuery | criterias the client is looking for |  |
+
+
+
+
+### ListMyMembershipsResponse
+
+
+
+| Field | Type | Description | Validation |
+| ----- | ---- | ----------- | ----------- |
+| details |  zitadel.v1.ListDetails | - |  |
+| result | repeated zitadel.user.v1.Membership | - |  |
+
+
+
+
 ### ListMyPasswordlessRequest
 This is an empty request

--- a/docs/docs/apis/proto/management.md
+++ b/docs/docs/apis/proto/management.md
@ -6246,7 +6246,7 @@ This is an empty request


 ### ResetCustomPasswordlessRegistrationMessageTextToDefaultRequest
-This is an empty request
+


 | Field | Type | Description | Validation |
--- a/internal/api/grpc/auth/permission.go
+++ b/internal/api/grpc/auth/permission.go
@ -3,6 +3,8 @@ package auth
 import (
 	"context"

+	obj_grpc "github.com/caos/zitadel/internal/api/grpc/object"
+	user_grpc "github.com/caos/zitadel/internal/api/grpc/user"
 	auth_pb "github.com/caos/zitadel/pkg/grpc/auth"
 )

@ -25,3 +27,22 @@ func (s *Server) ListMyProjectPermissions(ctx context.Context, _ *auth_pb.ListMy
 		Result: perms,
 	}, nil
 }
+
+func (s *Server) ListMyMemberships(ctx context.Context, req *auth_pb.ListMyMembershipsRequest) (*auth_pb.ListMyMembershipsResponse, error) {
+	request, err := ListMyMembershipsRequestToModel(req)
+	if err != nil {
+		return nil, err
+	}
+	response, err := s.repo.SearchMyUserMemberships(ctx, request)
+	if err != nil {
+		return nil, err
+	}
+	return &auth_pb.ListMyMembershipsResponse{
+		Result: user_grpc.MembershipsToMembershipsPb(response.Result),
+		Details: obj_grpc.ToListDetails(
+			response.TotalResult,
+			response.Sequence,
+			response.Timestamp,
+		),
+	}, nil
+}
--- a/internal/api/grpc/auth/permission_converter.go
+++ b/internal/api/grpc/auth/permission_converter.go
@ -0,0 +1,23 @@
+package auth
+
+import (
+	"github.com/caos/zitadel/internal/api/grpc/object"
+	user_grpc "github.com/caos/zitadel/internal/api/grpc/user"
+	user_model "github.com/caos/zitadel/internal/user/model"
+	auth_pb "github.com/caos/zitadel/pkg/grpc/auth"
+)
+
+func ListMyMembershipsRequestToModel(req *auth_pb.ListMyMembershipsRequest) (*user_model.UserMembershipSearchRequest, error) {
+	offset, limit, asc := object.ListQueryToModel(req.Query)
+	queries, err := user_grpc.MembershipQueriesToModel(req.Queries)
+	if err != nil {
+		return nil, err
+	}
+	return &user_model.UserMembershipSearchRequest{
+		Offset: offset,
+		Limit:  limit,
+		Asc:    asc,
+		//SortingColumn: //TODO: sorting
+		Queries: queries,
+	}, nil
+}
--- a/internal/auth/repository/eventsourcing/eventstore/user_grant.go
+++ b/internal/auth/repository/eventsourcing/eventstore/user_grant.go
@ -107,6 +107,7 @@ func (repo *UserGrantRepo) SearchMyUserMemberships(ctx context.Context, request
 	if err != nil {
 		return nil, err
 	}
+	request.AppendUserIDQuery(authz.GetCtxData(ctx).UserID)
 	sequence, sequenceErr := repo.View.GetLatestUserMembershipSequence()
 	logging.Log("EVENT-Dn7sf").OnError(sequenceErr).Warn("could not read latest user sequence")

--- a/proto/zitadel/auth.proto
+++ b/proto/zitadel/auth.proto
@ -534,6 +534,19 @@ service AuthService {
            permission: "authenticated"
        };
    }
+
+    // Show all the permissions my user has in ZITADEL (ZITADEL Manager)
+    // Limit should always be set, there is a default limit set by the service
+    rpc ListMyMemberships(ListMyMembershipsRequest) returns (ListMyMembershipsResponse) {
+        option (google.api.http) = {
+            post: "/memberships/me/_search"
+            body: "*"
+        };
+
+        option (zitadel.v1.auth_option) = {
+            permission: "authenticated"
+        };
+    }
 }

 //This is an empty request
@ -895,4 +908,16 @@ message ListMyProjectPermissionsRequest {}

 message ListMyProjectPermissionsResponse {
    repeated string result = 1;
-}
+}
+
+message ListMyMembershipsRequest {
+    //the field the result is sorted
+    zitadel.v1.ListQuery query = 1;
+    //criterias the client is looking for
+    repeated zitadel.user.v1.MembershipQuery queries = 2;
+}
+
+message ListMyMembershipsResponse {
+    zitadel.v1.ListDetails details = 1;
+    repeated zitadel.user.v1.Membership result = 2;
+}