From c8e1733b398a108d430c9653c1df636b37f8e3be Mon Sep 17 00:00:00 2001 From: Stefan Benz <46600784+stebenz@users.noreply.github.com> Date: Wed, 19 Oct 2022 12:58:03 +0100 Subject: [PATCH] fix: import of trigger actions and export of idp links (#4576) Co-authored-by: Livio Spring --- docs/docs/apis/proto/v1.md | 42 ++++++++++++++++++++++++++++++- internal/api/grpc/admin/export.go | 26 ++++++++++++++++--- internal/api/grpc/admin/import.go | 11 +++++++- proto/zitadel/v1.proto | 22 ++++++++++++++-- 4 files changed, 94 insertions(+), 7 deletions(-) diff --git a/docs/docs/apis/proto/v1.md b/docs/docs/apis/proto/v1.md index e9172cca00..b50f994b79 100644 --- a/docs/docs/apis/proto/v1.md +++ b/docs/docs/apis/proto/v1.md @@ -157,7 +157,7 @@ title: zitadel/v1.proto | oidc_apps | repeated DataOIDCApplication | - | | | human_users | repeated DataHumanUser | - | | | machine_users | repeated DataMachineUser | - | | -| trigger_actions | repeated zitadel.management.v1.SetTriggerActionsRequest | - | | +| trigger_actions | repeated SetTriggerActionsRequest | - | | | actions | repeated DataAction | - | | | project_grants | repeated DataProjectGrant | - | | | user_grants | repeated zitadel.management.v1.AddUserGrantRequest | - | | @@ -291,5 +291,45 @@ title: zitadel/v1.proto +### SetTriggerActionsRequest + + + +| Field | Type | Description | Validation | +| ----- | ---- | ----------- | ----------- | +| flow_type | FlowType | - | | +| trigger_type | TriggerType | - | | +| action_ids | repeated string | - | | + + + + + + +## Enums + + +### FlowType {#flowtype} + + +| Name | Number | Description | +| ---- | ------ | ----------- | +| FLOW_TYPE_UNSPECIFIED | 0 | - | +| FLOW_TYPE_EXTERNAL_AUTHENTICATION | 1 | - | + + + + +### TriggerType {#triggertype} + + +| Name | Number | Description | +| ---- | ------ | ----------- | +| TRIGGER_TYPE_UNSPECIFIED | 0 | - | +| TRIGGER_TYPE_POST_AUTHENTICATION | 1 | - | +| TRIGGER_TYPE_PRE_CREATION | 2 | - | +| TRIGGER_TYPE_POST_CREATION | 3 | - | + + diff --git a/internal/api/grpc/admin/export.go b/internal/api/grpc/admin/export.go index 63be01a611..9d38c6c99b 100644 --- a/internal/api/grpc/admin/export.go +++ b/internal/api/grpc/admin/export.go @@ -84,13 +84,20 @@ func (s *Server) ExportData(ctx context.Context, req *admin_pb.ExportDataRequest if err != nil { return nil, err } + orgIDPs := make([]string, 0) + for _, idp := range org.OidcIdps { + orgIDPs = append(orgIDPs, idp.GetIdpId()) + } + for _, idp := range org.JwtIdps { + orgIDPs = append(orgIDPs, idp.GetIdpId()) + } org.LabelPolicy, err = s.getLabelPolicy(ctx, org.GetOrgId()) if err != nil { return nil, err } - org.LoginPolicy, err = s.getLoginPolicy(ctx, org.GetOrgId()) + org.LoginPolicy, err = s.getLoginPolicy(ctx, org.GetOrgId(), orgIDPs) if err != nil { return nil, err } @@ -368,7 +375,7 @@ func (s *Server) getLabelPolicy(ctx context.Context, orgID string) (_ *managemen return nil, nil } -func (s *Server) getLoginPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomLoginPolicyRequest, err error) { +func (s *Server) getLoginPolicy(ctx context.Context, orgID string, orgIDPs []string) (_ *management_pb.AddCustomLoginPolicyRequest, err error) { ctx, span := tracing.NewSpan(ctx) defer func() { span.EndWithError(err) }() @@ -399,9 +406,22 @@ func (s *Server) getLoginPolicy(ctx context.Context, orgID string) (_ *managemen } idpLinks := make([]*management_pb.AddCustomLoginPolicyRequest_IDP, 0) for _, idpLink := range idpLinksQuery.Links { + found := false + for _, orgIDP := range orgIDPs { + if orgIDP == idpLink.IDPID { + found = true + break + } + } + ownerType := idp_pb.IDPOwnerType_IDP_OWNER_TYPE_UNSPECIFIED + if found { + ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_ORG + } else { + ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_SYSTEM + } idpLinks = append(idpLinks, &management_pb.AddCustomLoginPolicyRequest_IDP{ IdpId: idpLink.IDPID, - OwnerType: idp_pb.IDPOwnerType(idpLink.IDPType), + OwnerType: ownerType, }) } diff --git a/internal/api/grpc/admin/import.go b/internal/api/grpc/admin/import.go index 6c89181bd8..6e2e7c9746 100644 --- a/internal/api/grpc/admin/import.go +++ b/internal/api/grpc/admin/import.go @@ -871,6 +871,15 @@ func (s *Server) dataOrgsV1ToDataOrgs(ctx context.Context, dataOrgs *v1_pb.Impor orgs := make([]*admin_pb.DataOrg, 0) for _, orgV1 := range dataOrgs.Orgs { + triggerActions := make([]*management_pb.SetTriggerActionsRequest, 0) + for _, action := range orgV1.GetTriggerActions() { + triggerActions = append(triggerActions, &management_pb.SetTriggerActionsRequest{ + FlowType: strconv.Itoa(int(action.GetFlowType().Number())), + TriggerType: strconv.Itoa(int(action.GetTriggerType().Number())), + ActionIds: action.ActionIds, + }) + } + org := &admin_pb.DataOrg{ OrgId: orgV1.GetOrgId(), Org: orgV1.GetOrg(), @@ -886,7 +895,7 @@ func (s *Server) dataOrgsV1ToDataOrgs(ctx context.Context, dataOrgs *v1_pb.Impor OidcApps: orgV1.GetOidcApps(), HumanUsers: orgV1.GetHumanUsers(), MachineUsers: orgV1.GetMachineUsers(), - TriggerActions: orgV1.GetTriggerActions(), + TriggerActions: triggerActions, Actions: orgV1.GetActions(), ProjectGrants: orgV1.GetProjectGrants(), UserGrants: orgV1.GetUserGrants(), diff --git a/proto/zitadel/v1.proto b/proto/zitadel/v1.proto index bd91d6624f..5c91b6c272 100644 --- a/proto/zitadel/v1.proto +++ b/proto/zitadel/v1.proto @@ -57,7 +57,7 @@ message DataOrg { repeated DataOIDCApplication oidc_apps = 13; repeated DataHumanUser human_users = 14; repeated DataMachineUser machine_users = 15; - repeated zitadel.management.v1.SetTriggerActionsRequest trigger_actions = 16; + repeated SetTriggerActionsRequest trigger_actions = 16; repeated DataAction actions = 17; repeated DataProjectGrant project_grants = 18; @@ -182,4 +182,22 @@ message DataAction { message DataProjectGrant { string grant_id = 1; zitadel.management.v1.AddProjectGrantRequest project_grant = 2; -} \ No newline at end of file +} + +message SetTriggerActionsRequest { + FlowType flow_type = 1; + TriggerType trigger_type = 2; + repeated string action_ids = 3; +} + +enum FlowType { + FLOW_TYPE_UNSPECIFIED = 0; + FLOW_TYPE_EXTERNAL_AUTHENTICATION = 1; +} + +enum TriggerType { + TRIGGER_TYPE_UNSPECIFIED = 0; + TRIGGER_TYPE_POST_AUTHENTICATION = 1; + TRIGGER_TYPE_PRE_CREATION = 2; + TRIGGER_TYPE_POST_CREATION = 3; +}