TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-06 08:32:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: proto (#260)

Browse Source 
* fix: global search calls

* fix: management proto

* fix: management proto mock

* fix: remove unused request

* fix: add mock file

* fix: remove unused objects

* fix: unique username
This commit is contained in:
Fabi
2020-06-23 10:09:30 +02:00
committed by GitHub
parent 83ff4c8ee6
commit c376b92315
10 changed files with 4279 additions and 5031 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
pkg/management/api/proto/management.proto
View File

@@ -31,7 +31,10 @@ option (grpc.gateway.protoc_gen_swagger.options.openapiv2_swagger) = {
produces: "application/grpc";
};
// All requests are based on your context if nothing other is specified
// Requests which have /me in the url get the parameter from the context
service ManagementService {
//READINESS
rpc Healthz(google.protobuf.Empty) returns (google.protobuf.Empty) {
option (google.api.http) = {
@@ -51,7 +54,7 @@ service ManagementService {
};
}
//IAM
// GetIam returns some needed settings of the iam (Global Organisation ID, Zitadel Project ID)
rpc GetIam(google.protobuf.Empty) returns (Iam) {
option (google.api.http) = {
get: "/iam"
@@ -62,7 +65,6 @@ service ManagementService {
};
}
//USER
rpc GetUserByID(UserID) returns (UserView) {
option (google.api.http) = {
get: "/users/{id}"
@@ -73,9 +75,10 @@ service ManagementService {
};
}
rpc GetUserByEmailGlobal(UserEmailID) returns (UserView) {
// GetUserByEmailGlobal returns User, global search is overall organisations
rpc GetUserByEmailGlobal(Email) returns (UserView) {
option (google.api.http) = {
get: "/global/users/email/{email}"
get: "/global/users/_byemail"
};
option (caos.zitadel.utils.v1.auth_option) = {
@@ -83,6 +86,7 @@ service ManagementService {
};
}
// Limit should always be set, there is a default limit set by the service
rpc SearchUsers(UserSearchRequest) returns (UserSearchResponse) {
option (google.api.http) = {
post: "/users/_search"
@@ -169,6 +173,7 @@ service ManagementService {
};
}
// UserChanges returns the event stream of the user object
rpc UserChanges(ChangeRequest) returns (Changes) {
option (google.api.http) = {
get: "/users/{id}/changes"
@@ -179,6 +184,7 @@ service ManagementService {
};
}
// ApplicationChanges returns the event stream of the application object
rpc ApplicationChanges(ChangeRequest) returns (Changes) {
option (google.api.http) = {
get: "/projects/{id}/applications/{sec_id}/changes"
@@ -189,6 +195,7 @@ service ManagementService {
};
}
// OrgChanges returns the event stream of the org object
rpc OrgChanges(ChangeRequest) returns (Changes) {
option (google.api.http) = {
get: "/orgs/{id}/changes"
@@ -199,6 +206,7 @@ service ManagementService {
};
}
// ProjectChanges returns the event stream of the project object
rpc ProjectChanges(ChangeRequest) returns (Changes) {
option (google.api.http) = {
get: "/projects/{id}/changes"
@@ -209,7 +217,6 @@ service ManagementService {
};
}
//USER_PROFILE
rpc GetUserProfile(UserID) returns (UserProfileView) {
option (google.api.http) = {
get: "/users/{id}/profile"
@@ -231,7 +238,6 @@ service ManagementService {
};
}
//USER_EMAIL
rpc GetUserEmail(UserID) returns (UserEmailView) {
option (google.api.http) = {
get: "/users/{id}/email"
@@ -264,7 +270,6 @@ service ManagementService {
};
}
//USER_PHONE
rpc GetUserPhone(UserID) returns (UserPhoneView) {
option (google.api.http) = {
get: "/users/{id}/phone"
@@ -297,7 +302,6 @@ service ManagementService {
};
}
//USER_ADDRESS
rpc GetUserAddress(UserID) returns (UserAddressView) {
option (google.api.http) = {
get: "/users/{id}/address"
@@ -318,7 +322,7 @@ service ManagementService {
permission: "user.write"
};
}
//MFA
rpc GetUserMfas(UserID) returns (MultiFactors) {
option (google.api.http) = {
get: "/users/{id}/mfas"
@@ -329,11 +333,10 @@ service ManagementService {
};
}
//PASSWORD
// Sends an Notification (Email/SMS) with a password reset Link
rpc SendSetPasswordNotification(SetPasswordNotificationRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/users/{id}/_sendsetpwnotify"
post: "/users/{id}/password/_sendsetnotification"
body: "*"
};
@@ -345,7 +348,7 @@ service ManagementService {
// A Manager is only allowed to set an initial password, on the next login the user has to change his password
rpc SetInitialPassword(PasswordRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/users/{id}/_setinitialpw"
post: "/users/{id}/password/_initialize"
body: "*"
};
@@ -354,8 +357,7 @@ service ManagementService {
};
}
//PASSWORD_COMPLEXITY_POLICY
// returns default policy if nothing other set on organisation
rpc GetPasswordComplexityPolicy(google.protobuf.Empty) returns (PasswordComplexityPolicy) {
option (google.api.http) = {
get: "/policies/passwords/complexity"
@@ -398,7 +400,7 @@ service ManagementService {
};
}
//PASSWORD_AGE_POLICY
// returns default if nothing other set on organisation
rpc GetPasswordAgePolicy(google.protobuf.Empty) returns (PasswordAgePolicy) {
option (google.api.http) = {
get: "/policies/passwords/age"
@@ -441,7 +443,7 @@ service ManagementService {
};
}
//PASSWORD_LOCKOUT_POLICY
// returns default if nothing other set on organisation
rpc GetPasswordLockoutPolicy(google.protobuf.Empty) returns (PasswordLockoutPolicy) {
option (google.api.http) = {
get: "/policies/passwords/lockout"
@@ -484,10 +486,9 @@ service ManagementService {
};
}
//ORG
rpc GetOrgByID(OrgID) returns (OrgView) {
rpc GetMyOrg(google.protobuf.Empty) returns (OrgView) {
option (google.api.http) = {
get: "/orgs/{id}"
get: "/orgs/me"
};
option (caos.zitadel.utils.v1.auth_option) = {
@@ -495,9 +496,10 @@ service ManagementService {
};
}
rpc GetOrgByDomainGlobal(OrgDomain) returns (OrgView) {
// search a organisation by its domain overall organisations
rpc GetOrgByDomainGlobal(Domain) returns (OrgView) {
option (google.api.http) = {
get: "/global/orgs/domain/{domain}"
get: "/global/orgs/_bydomain"
};
option (caos.zitadel.utils.v1.auth_option) = {
@@ -505,9 +507,9 @@ service ManagementService {
};
}
rpc DeactivateOrg(OrgID) returns (Org) {
rpc DeactivateMyOrg(google.protobuf.Empty) returns (Org) {
option (google.api.http) = {
put: "/orgs/{id}/_deactivate"
put: "/orgs/me/_deactivate"
body: "*"
};
@@ -516,9 +518,9 @@ service ManagementService {
};
}
rpc ReactivateOrg(OrgID) returns (Org) {
rpc ReactivateMyOrg(google.protobuf.Empty) returns (Org) {
option (google.api.http) = {
put: "/orgs/{id}/_reactivate"
put: "/orgs/me/_reactivate"
body: "*"
};
@@ -559,7 +561,6 @@ service ManagementService {
};
}
//ORG_IAM_POLICY
rpc GetMyOrgIamPolicy(google.protobuf.Empty) returns (OrgIamPolicy) {
option (google.api.http) = {
get: "/orgs/me/iampolicy"
@@ -570,7 +571,6 @@ service ManagementService {
};
}
//ORG_MEMBERS
rpc GetOrgMemberRoles(google.protobuf.Empty) returns (OrgMemberRoles) {
option (google.api.http) = {
get: "/orgs/members/roles"
@@ -624,7 +624,6 @@ service ManagementService {
};
}
//PROJECTS
rpc SearchProjects(ProjectSearchRequest) returns (ProjectSearchResponse) {
option (google.api.http) = {
post: "/projects/_search"
@@ -694,7 +693,7 @@ service ManagementService {
};
}
//GRANTED_PROJECT_GRANTS
// returns all projects my organisation got granted from another organisation
rpc SearchGrantedProjects(GrantedProjectSearchRequest) returns (ProjectGrantSearchResponse) {
option (google.api.http) = {
post: "/grantedprojects/_search"
@@ -707,6 +706,7 @@ service ManagementService {
};
}
// returns a project my organisation got granted from another organisation
rpc GetGrantedProjectByID(ProjectGrantID) returns (ProjectGrantView) {
option (google.api.http) = {
get: "/grantedprojects/{project_id}/grants/{id}"
@@ -717,7 +717,6 @@ service ManagementService {
};
}
//PROJECT_MEMBERS
rpc GetProjectMemberRoles(google.protobuf.Empty) returns (ProjectMemberRoles) {
option (google.api.http) = {
get: "/projects/members/roles"
@@ -775,7 +774,6 @@ service ManagementService {
};
}
//PROJECT_ROLES
rpc SearchProjectRoles(ProjectRoleSearchRequest) returns (ProjectRoleSearchResponse) {
option (google.api.http) = {
post: "/projects/{project_id}/roles/_search"
@@ -800,6 +798,7 @@ service ManagementService {
};
}
// add a list of project roles in one request
rpc BulkAddProjectRole(ProjectRoleAddBulk) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/projects/{id}/roles/_bulk"
@@ -824,7 +823,7 @@ service ManagementService {
};
}
/* RemoveProjectRole removes role from UserGrants, ProjectGrants and from Project */
// RemoveProjectRole removes role from UserGrants, ProjectGrants and from Project
rpc RemoveProjectRole(ProjectRoleRemove) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/projects/{id}/roles/{key}"
@@ -836,7 +835,6 @@ service ManagementService {
};
}
//APPLICATIONS
rpc SearchApplications(ApplicationSearchRequest) returns (ApplicationSearchResponse) {
option (google.api.http) = {
post: "/projects/{project_id}/applications/_search"
@@ -943,7 +941,6 @@ service ManagementService {
};
}
//PROJECT_GRANT
rpc SearchProjectGrants(ProjectGrantSearchRequest) returns (ProjectGrantSearchResponse) {
option (google.api.http) = {
post: "/projects/{project_id}/grants/_search"
@@ -1010,6 +1007,7 @@ service ManagementService {
};
}
// RemoveProjectGrant removes project grant and all user grants for this project grant
rpc RemoveProjectGrant(ProjectGrantID) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/projects/{project_id}/grants/{id}"
@@ -1020,7 +1018,6 @@ service ManagementService {
};
}
//PROJECT_GRANT_MEMBER
rpc GetProjectGrantMemberRoles(google.protobuf.Empty) returns (ProjectGrantMemberRoles) {
option (google.api.http) = {
get: "/projects/grants/members/roles"
@@ -1030,6 +1027,7 @@ service ManagementService {
permission: "project.grant.member.read"
};
}
rpc SearchProjectGrantMembers(ProjectGrantMemberSearchRequest) returns (ProjectGrantMemberSearchResponse) {
option (google.api.http) = {
post: "/projects/{project_id}/grants/{grant_id}/members/_search"
@@ -1073,7 +1071,6 @@ service ManagementService {
};
}
//USER_GRANT
rpc SearchUserGrants(UserGrantSearchRequest) returns (UserGrantSearchResponse) {
option (google.api.http) = {
post: "/users/grants/_search"
@@ -1149,6 +1146,7 @@ service ManagementService {
};
}
// add a list of user grants in one request
rpc BulkCreateUserGrant(UserGrantCreateBulk) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/usergrants/_bulk"
@@ -1160,6 +1158,7 @@ service ManagementService {
};
}
// update a list of user grants in one request
rpc BulkUpdateUserGrant(UserGrantUpdateBulk) returns (google.protobuf.Empty) {
option (google.api.http) = {
put: "/usergrants/_bulk"
@@ -1171,6 +1170,7 @@ service ManagementService {
};
}
// remove a list of user grants in one request
rpc BulkRemoveUserGrant(UserGrantRemoveBulk) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/usersgrants/_bulk"
@@ -1182,7 +1182,8 @@ service ManagementService {
};
}
//PROJECT_USER_GRANT
// search user grants based on a project
// This request is required that the user authorizations of zitadel can be differentiated
rpc SearchProjectUserGrants(ProjectUserGrantSearchRequest) returns (UserGrantSearchResponse) {
option (google.api.http) = {
post: "/projects/{project_id}/users/grants/_search"
@@ -1195,6 +1196,8 @@ service ManagementService {
};
}
// get user grant based on a project
// This request is required that the user authorizations of zitadel can be differentiated
rpc ProjectUserGrantByID(ProjectUserGrantID) returns (UserGrantView) {
option (google.api.http) = {
get: "/projects/{project_id}/users/{user_id}/grants/{id}"
@@ -1206,6 +1209,8 @@ service ManagementService {
};
}
// create user grant based on a project
// This request is required that the user authorizations of zitadel can be differentiated
rpc CreateProjectUserGrant(UserGrantCreate) returns (UserGrant) {
option (google.api.http) = {
post: "/projects/{project_id}/users/{user_id}/grants"
@@ -1218,6 +1223,8 @@ service ManagementService {
};
}
// update user grant based on a project
// This request is required that the user authorizations of zitadel can be differentiated
rpc UpdateProjectUserGrant(ProjectUserGrantUpdate) returns (UserGrant) {
option (google.api.http) = {
put: "/projects/{project_id}/users/{user_id}/grants/{id}"
@@ -1230,6 +1237,8 @@ service ManagementService {
};
}
// deactivate user grant based on a project
// This request is required that the user authorizations of zitadel can be differentiated
rpc DeactivateProjectUserGrant(ProjectUserGrantID) returns (UserGrant) {
option (google.api.http) = {
put: "/projects/{project_id}/users/{user_id}/grants/{id}/_deactivate"
@@ -1242,6 +1251,8 @@ service ManagementService {
};
}
// reactivate user grant based on a project
// This request is required that the user authorizations of zitadel can be differentiated
rpc ReactivateProjectUserGrant(ProjectUserGrantID) returns (UserGrant) {
option (google.api.http) = {
put: "/projects/{project_id}/users/{user_id}/grants/{id}/_reactivate"
@@ -1253,7 +1264,9 @@ service ManagementService {
check_field_name: "ProjectId"
};
}
//PROJECT_GRANT_USER_GRANT
// search user grants based on a projectgrant
// This request is required that the user authorizations of zitadel can be differentiated
rpc SearchProjectGrantUserGrants(ProjectGrantUserGrantSearchRequest) returns (UserGrantSearchResponse) {
option (google.api.http) = {
post: "/projectgrants/{project_grant_id}/users/grants/_search"
@@ -1266,6 +1279,8 @@ service ManagementService {
};
}
// get user grant based on a projectgrant
// This request is required that the user authorizations of zitadel can be differentiated
rpc ProjectGrantUserGrantByID(ProjectGrantUserGrantID) returns (UserGrantView) {
option (google.api.http) = {
get: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}"
@@ -1277,6 +1292,8 @@ service ManagementService {
};
}
// create user grant based on a projectgrant
// This request is required that the user authorizations of zitadel can be differentiated
rpc CreateProjectGrantUserGrant(ProjectGrantUserGrantCreate) returns (UserGrant) {
option (google.api.http) = {
post: "/projectgrants/{project_grant_id}/users/{user_id}/grants"
@@ -1289,6 +1306,8 @@ service ManagementService {
};
}
// update user grant based on a projectgrant
// This request is required that the user authorizations of zitadel can be differentiated
rpc UpdateProjectGrantUserGrant(ProjectGrantUserGrantUpdate) returns (UserGrant) {
option (google.api.http) = {
put: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}"
@@ -1301,6 +1320,8 @@ service ManagementService {
};
}
// deactivate user grant based on a projectgrant
// This request is required that the user authorizations of zitadel can be differentiated
rpc DeactivateProjectGrantUserGrant(ProjectGrantUserGrantID) returns (UserGrant) {
option (google.api.http) = {
put: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}/_deactivate"
@@ -1313,6 +1334,8 @@ service ManagementService {
};
}
// reactivate user grant based on a projectgrant
// This request is required that the user authorizations of zitadel can be differentiated
rpc ReactivateProjectGrantUserGrant(ProjectGrantUserGrantID) returns (UserGrant) {
option (google.api.http) = {
put: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}/_reactivate"
@@ -1324,13 +1347,6 @@ service ManagementService {
check_field_name: "ProjectGrantId"
};
}
//Grant
rpc SearchAuthGrant(AuthGrantSearchRequest) returns (AuthGrantSearchResponse) {
option (google.api.http) = {
post: "/authgrants/_search"
body: "*"
};
}
}
message Iam {
@@ -1374,7 +1390,7 @@ message UserID {
string id = 1;
}
message UserEmailID {
message Email {
string email = 1;
}
@@ -1826,6 +1842,10 @@ enum OrgState {
ORGSTATE_INACTIVE = 2;
}
message Domain {
string domain = 1;
}
message OrgDomains {
repeated OrgDomain domains = 1;
}
@@ -2574,38 +2594,3 @@ message ProjectGrantUserGrantSearchRequest {
uint64 limit = 3;
repeated UserGrantSearchQuery queries = 4;
}
message AuthGrantSearchRequest {
uint64 offset = 1;
uint64 limit = 2;
AuthGrantSearchKey sorting_column = 3 [(validate.rules).enum = {not_in: [0]}];
bool asc = 4;
repeated AuthGrantSearchQuery queries = 5;
}
message AuthGrantSearchQuery {
AuthGrantSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];
SearchMethod method = 2 [(validate.rules).enum = {in: [0]}];
string value = 3;
}
enum AuthGrantSearchKey {
AUTHGRANTSEARCHKEY_UNSPECIFIED = 0;
AUTHGRANTSEARCHKEY_ORG_ID = 1;
AUTHGRANTSEARCHKEY_PROJECT_ID = 2;
AUTHGRANTSEARCHKEY_USER_ID = 3;
}
message AuthGrantSearchResponse {
uint64 offset = 1;
uint64 limit = 2;
uint64 total_result = 3;
repeated AuthGrant result = 4;
}
message AuthGrant {
string orgId = 1;
string projectId = 2;
string userId = 3;
repeated string roles = 4;
}