fix: backend bugs (#1449)

* i18n of compliance problems

* fix: return iam member roles

* remove u2f/passwordless

* u2f/passwordless

* fix rest path GetMachineKeyByIDs

* fix rest path GetMachineKeyByIDs

* fix email mime-type

* fix: member preferred login name

* machine users in notify

* fix api key query

* fix: todos grpc api

* fix: handle user init state

* fix: tests

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

internal/api/grpc/admin/iam_member.go

@@ -12,6 +12,7 @@ import (
 func (s *Server) ListIAMMemberRoles(ctx context.Context, req *admin_pb.ListIAMMemberRolesRequest) (*admin_pb.ListIAMMemberRolesResponse, error) {
 	roles := s.iam.GetIAMMemberRoles()
 	return &admin_pb.ListIAMMemberRolesResponse{
+		Roles:   roles,
 		Details: object.ToListDetails(uint64(len(roles)), 0, time.Now()),
 	}, nil
 }

internal/api/grpc/auth/multi_factor.go

@@ -67,7 +67,6 @@ func (s *Server) AddMyAuthFactorU2F(ctx context.Context, _ *auth_pb.AddMyAuthFac
 	}
 	return &auth_pb.AddMyAuthFactorU2FResponse{
 		Key: &user_pb.WebAuthNKey{
-			Id:        u2f.WebAuthNTokenID,
 			PublicKey: u2f.CredentialCreationData,
 		},
 		Details: object.AddToDetailsPb(
@@ -91,7 +90,7 @@ func (s *Server) VerifyMyAuthFactorU2F(ctx context.Context, req *auth_pb.VerifyM
 
 func (s *Server) RemoveMyAuthFactorU2F(ctx context.Context, req *auth_pb.RemoveMyAuthFactorU2FRequest) (*auth_pb.RemoveMyAuthFactorU2FResponse, error) {
 	ctxData := authz.GetCtxData(ctx)
-	objectDetails, err := s.command.HumanRemovePasswordless(ctx, ctxData.UserID, req.TokenId, ctxData.ResourceOwner)
+	objectDetails, err := s.command.HumanRemoveU2F(ctx, ctxData.UserID, req.TokenId, ctxData.ResourceOwner)
 	if err != nil {
 		return nil, err
 	}

internal/api/grpc/auth/phone.go

@@ -41,14 +41,13 @@ func (s *Server) SetMyPhone(ctx context.Context, req *auth_pb.SetMyPhoneRequest)
 
 func (s *Server) VerifyMyPhone(ctx context.Context, req *auth_pb.VerifyMyPhoneRequest) (*auth_pb.VerifyMyPhoneResponse, error) {
 	ctxData := authz.GetCtxData(ctx)
-	_, err := s.command.VerifyHumanPhone(ctx, ctxData.UserID, req.Code, ctxData.ResourceOwner)
+	objectDetails, err := s.command.VerifyHumanPhone(ctx, ctxData.UserID, req.Code, ctxData.ResourceOwner)
 	if err != nil {
 		return nil, err
 	}
 
-	//TODO: response from business
 	return &auth_pb.VerifyMyPhoneResponse{
-		//Details: object.DomainToChangeDetailsPb(objectDetails),
+		Details: object.DomainToChangeDetailsPb(objectDetails),
 	}, nil
 }
 

internal/api/grpc/idp/converter.go

@@ -245,7 +245,7 @@ func IDPProviderTypeModelFromPb(typ idp_pb.IDPOwnerType) iam_model.IDPProviderTy
 
 func IDPIDQueryToModel(query *idp_pb.IDPIDQuery) *iam_model.IDPConfigSearchQuery {
 	return &iam_model.IDPConfigSearchQuery{
-		Key:    iam_model.IDPConfigSearchKeyIdpConfigID, //TODO: whats the difference between idpconfigid and aggregateid search key?
+		Key:    iam_model.IDPConfigSearchKeyIdpConfigID,
 		Method: domain.SearchMethodEquals,
 		Value:  query.Id,
 	}

internal/api/grpc/management/org.go

@@ -139,7 +139,6 @@ func (s *Server) GenerateOrgDomainValidation(ctx context.Context, req *mgmt_pb.G
 	return &mgmt_pb.GenerateOrgDomainValidationResponse{
 		Token: token,
 		Url:   url,
-		//TODO: remove details from proto
 	}, nil
 }
 

internal/api/grpc/management/project_application_converter.go

@@ -121,7 +121,7 @@ func AddAPIClientKeyRequestToDomain(key *mgmt_pb.AddAppKeyRequest) *domain.Appli
 
 func ListAPIClientKeysRequestToModel(req *mgmt_pb.ListAppKeysRequest) (*key_model.AuthNKeySearchRequest, error) {
 	offset, limit, asc := object.ListQueryToModel(req.Query)
-	queries := make([]*key_model.AuthNKeySearchQuery, 2)
+	queries := make([]*key_model.AuthNKeySearchQuery, 0)
 	queries = append(queries, &key_model.AuthNKeySearchQuery{
 		Key:    key_model.AuthNKeyObjectID,
 		Method: domain.SearchMethodEquals,

internal/api/grpc/management/project_grant.go

@@ -2,6 +2,7 @@ package management
 
 import (
 	"context"
+	"time"
 
 	"github.com/caos/zitadel/internal/api/authz"
 	member_grpc "github.com/caos/zitadel/internal/api/grpc/member"
@@ -106,8 +107,8 @@ func (s *Server) RemoveProjectGrant(ctx context.Context, req *mgmt_pb.RemoveProj
 func (s *Server) ListProjectGrantMemberRoles(ctx context.Context, req *mgmt_pb.ListProjectGrantMemberRolesRequest) (*mgmt_pb.ListProjectGrantMemberRolesResponse, error) {
 	roles := s.project.GetProjectGrantMemberRoles()
 	return &mgmt_pb.ListProjectGrantMemberRolesResponse{
-		Result: roles,
-		//TODO: metadata
+		Result:  roles,
+		Details: object_grpc.ToListDetails(uint64(len(roles)), 0, time.Now()),
 	}, nil
 }
 

internal/api/grpc/management/user_grant.go

@@ -100,7 +100,5 @@ func (s *Server) BulkRemoveUserGrant(ctx context.Context, req *mgmt_pb.BulkRemov
 	if err != nil {
 		return nil, err
 	}
-	return &mgmt_pb.BulkRemoveUserGrantResponse{
-		//TODO: Do we need details here?
-	}, nil
+	return &mgmt_pb.BulkRemoveUserGrantResponse{}, nil
 }

internal/api/grpc/member/iam_member.go

@@ -17,13 +17,13 @@ func IAMMembersToPb(members []*iam_model.IAMMemberView) []*member_pb.Member {
 
 func IAMMemberToPb(m *iam_model.IAMMemberView) *member_pb.Member {
 	return &member_pb.Member{
-		UserId: m.UserID,
-		Roles:  m.Roles,
-		// PreferredLoginName: //TODO: not implemented in be
-		Email:       m.Email,
-		FirstName:   m.FirstName,
-		LastName:    m.LastName,
-		DisplayName: m.DisplayName,
+		UserId:             m.UserID,
+		Roles:              m.Roles,
+		PreferredLoginName: m.PreferredLoginName,
+		Email:              m.Email,
+		FirstName:          m.FirstName,
+		LastName:           m.LastName,
+		DisplayName:        m.DisplayName,
 		Details: object.ToViewDetailsPb(
 			m.Sequence,
 			m.CreationDate,

internal/api/grpc/member/org_member.go

@@ -17,13 +17,13 @@ func OrgMembersToPb(members []*org_model.OrgMemberView) []*member_pb.Member {
 
 func OrgMemberToPb(m *org_model.OrgMemberView) *member_pb.Member {
 	return &member_pb.Member{
-		UserId: m.UserID,
-		Roles:  m.Roles,
-		// PreferredLoginName: //TODO: not implemented in be
-		Email:       m.Email,
-		FirstName:   m.FirstName,
-		LastName:    m.LastName,
-		DisplayName: m.DisplayName,
+		UserId:             m.UserID,
+		Roles:              m.Roles,
+		PreferredLoginName: m.PreferredLoginName,
+		Email:              m.Email,
+		FirstName:          m.FirstName,
+		LastName:           m.LastName,
+		DisplayName:        m.DisplayName,
 		Details: object.ToViewDetailsPb(
 			m.Sequence,
 			m.CreationDate,

internal/api/grpc/member/project_grant_member.go

@@ -17,13 +17,13 @@ func ProjectGrantMembersToPb(members []*proj_model.ProjectGrantMemberView) []*me
 
 func ProjectGrantMemberToPb(m *proj_model.ProjectGrantMemberView) *member_pb.Member {
 	return &member_pb.Member{
-		UserId: m.UserID,
-		Roles:  m.Roles,
-		// PreferredLoginName: //TODO: not implemented in be
-		Email:       m.Email,
-		FirstName:   m.FirstName,
-		LastName:    m.LastName,
-		DisplayName: m.DisplayName,
+		UserId:             m.UserID,
+		Roles:              m.Roles,
+		PreferredLoginName: m.PreferredLoginName,
+		Email:              m.Email,
+		FirstName:          m.FirstName,
+		LastName:           m.LastName,
+		DisplayName:        m.DisplayName,
 		Details: object.ToViewDetailsPb(
 			m.Sequence,
 			m.CreationDate,

internal/api/grpc/member/project_member.go

@@ -17,13 +17,13 @@ func ProjectMembersToPb(members []*proj_model.ProjectMemberView) []*member_pb.Me
 
 func ProjectMemberToPb(m *proj_model.ProjectMemberView) *member_pb.Member {
 	return &member_pb.Member{
-		UserId: m.UserID,
-		Roles:  m.Roles,
-		// PreferredLoginName: //TODO: not implemented in be
-		Email:       m.Email,
-		FirstName:   m.FirstName,
-		LastName:    m.LastName,
-		DisplayName: m.DisplayName,
+		UserId:             m.UserID,
+		Roles:              m.Roles,
+		PreferredLoginName: m.PreferredLoginName,
+		Email:              m.Email,
+		FirstName:          m.FirstName,
+		LastName:           m.LastName,
+		DisplayName:        m.DisplayName,
 		Details: object.ToViewDetailsPb(
 			m.Sequence,
 			m.CreationDate,

internal/api/grpc/org/converter.go

@@ -29,8 +29,11 @@ func OrgQueryToModel(query *org_pb.OrgQuery) (*org_model.OrgSearchQuery, error)
 			Value:  q.DomainQuery.Domain,
 		}, nil
 	case *org_pb.OrgQuery_NameQuery:
-		//TODO: implement name in backend
-		return nil, errors.ThrowUnimplemented(nil, "ADMIN-KGXnX", "name query not implemented")
+		return &org_model.OrgSearchQuery{
+			Key:    org_model.OrgSearchKeyOrgName,
+			Method: object.TextMethodToModel(q.NameQuery.Method),
+			Value:  q.NameQuery.Name,
+		}, nil
 	default:
 		return nil, errors.ThrowInvalidArgument(nil, "ADMIN-vR9nC", "List.Query.Invalid")
 	}

internal/api/grpc/policy/multi_factor.go

@@ -7,7 +7,8 @@ import (
 
 func MultiFactorTypeToDomain(multiFactorType policy_pb.MultiFactorType) domain.MultiFactorType {
 	switch multiFactorType {
-	//TODO: gap between proto and backend
+	case policy_pb.MultiFactorType_MULTI_FACTOR_TYPE_U2F_WITH_VERIFICATION:
+		return domain.MultiFactorTypeU2FWithPIN
 	default:
 		return domain.MultiFactorTypeUnspecified
 	}

internal/api/grpc/user/converter.go

@@ -244,7 +244,6 @@ func WebAuthNTokenViewToPb(token *model.WebAuthNView) *user_pb.WebAuthNToken {
 
 func WebAuthNTokenToWebAuthNKeyPb(token *domain.WebAuthNToken) *user_pb.WebAuthNKey {
 	return &user_pb.WebAuthNKey{
-		Id:        string(token.KeyID), //TODO: ask if it's the correct id?
 		PublicKey: token.PublicKey,
 	}
 }