TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-10-25 20:38:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: add tech advisory for project grant query

Browse Source
This commit is contained in:
adlerhurst
2025-01-10 10:22:58 +01:00
parent ac5a107d3a
commit b473d5db95
2 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
docs/docs/support/advisory/a10014.md Normal file
View File

@@ -0,0 +1,26 @@
---
title: Technical Advisory 10014
---
## Date
Version: v2.66.5
Date: 2025-01-10
## Description
Prior to version [v2.66.0](https://github.com/zitadel/zitadel/releases/tag/v2.66.0), some project grants were incorrectly created under the granted organization instead of the project owner's organization. To find these grants, users had to set the `x-zitadel-orgid` header to the granted organization ID when using the [`ListAllProjectGrants`](/apis/resources/mgmt/management-service-add-project-grant) gRPC method.
Zitadel [v2.66.0](https://github.com/zitadel/zitadel/releases/tag/v2.66.0) corrected this behavior for new grants. However, existing grants were not automatically updated. Version v2.66.5 corrects the owner of these existing grants.
## Impact
After the release of [TODO: version], if your application uses the [`ListAllProjectGrants`](/apis/resources/mgmt/management-service-add-project-grant) method with the `x-zitadel-orgid` header set to the granted organization ID, you will not retrieve any results.
## Mitigation
To ensure your application continues to function correctly after the release of [TODO: version], implement the following changes:
1. **Conditional Header:** Only set the `x-zitadel-orgid` header to the project owner's organization ID if the user executing the [`ListAllProjectGrants`](/apis/resources/mgmt/management-service-add-project-grant) method belongs to a different organization than the project.
2. **Use `grantedOrgIdQuery`:** Utilize the `grantedOrgIdQuery` parameter to filter grants for the specific granted organization.

12
docs/docs/support/technical_advisory.mdx
View File

@@ -214,6 +214,18 @@ We understand that these advisories may include breaking changes, and we aim to
<td>-</td>
<td>2024-12-09</td>
</tr>
<tr>
<td>
<a href="./advisory/a10014">A-10014</a>
</td>
<td>Correction of project grant owner</td>
<td>Breaking Behavior Change</td>
<td>
Correct project grant owners, ensuring they are correctly associated with the projects organization.
</td>
<td>-</td>
<td>2025-01-10</td>
</tr>
</table>
## Subscribe to our Mailing List