fix: import of trigger actions and export of idp links (#4576)

Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-02-28 17:47:22 +00:00 · 2022-10-19 12:58:03 +01:00 · 2022-10-19 12:58:03 +01:00 · c8e1733b39
commit c8e1733b39
parent 178b6db62e
4 changed files with 94 additions and 7 deletions
--- a/docs/docs/apis/proto/v1.md
+++ b/docs/docs/apis/proto/v1.md
@ -157,7 +157,7 @@ title: zitadel/v1.proto
 | oidc_apps | repeated DataOIDCApplication | - |  |
 | human_users | repeated DataHumanUser | - |  |
 | machine_users | repeated DataMachineUser | - |  |
-| trigger_actions | repeated zitadel.management.v1.SetTriggerActionsRequest | - |  |
+| trigger_actions | repeated SetTriggerActionsRequest | - |  |
 | actions | repeated DataAction | - |  |
 | project_grants | repeated DataProjectGrant | - |  |
 | user_grants | repeated zitadel.management.v1.AddUserGrantRequest | - |  |
@ -291,5 +291,45 @@ title: zitadel/v1.proto



+### SetTriggerActionsRequest
+
+
+
+| Field | Type | Description | Validation |
+| ----- | ---- | ----------- | ----------- |
+| flow_type |  FlowType | - |  |
+| trigger_type |  TriggerType | - |  |
+| action_ids | repeated string | - |  |
+
+
+
+
+
+
+## Enums
+
+
+### FlowType {#flowtype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| FLOW_TYPE_UNSPECIFIED | 0 | - |
+| FLOW_TYPE_EXTERNAL_AUTHENTICATION | 1 | - |
+
+
+
+
+### TriggerType {#triggertype}
+
+
+| Name | Number | Description |
+| ---- | ------ | ----------- |
+| TRIGGER_TYPE_UNSPECIFIED | 0 | - |
+| TRIGGER_TYPE_POST_AUTHENTICATION | 1 | - |
+| TRIGGER_TYPE_PRE_CREATION | 2 | - |
+| TRIGGER_TYPE_POST_CREATION | 3 | - |
+
+


--- a/internal/api/grpc/admin/export.go
+++ b/internal/api/grpc/admin/export.go
@ -84,13 +84,20 @@ func (s *Server) ExportData(ctx context.Context, req *admin_pb.ExportDataRequest
 		if err != nil {
 			return nil, err
 		}
+		orgIDPs := make([]string, 0)
+		for _, idp := range org.OidcIdps {
+			orgIDPs = append(orgIDPs, idp.GetIdpId())
+		}
+		for _, idp := range org.JwtIdps {
+			orgIDPs = append(orgIDPs, idp.GetIdpId())
+		}

 		org.LabelPolicy, err = s.getLabelPolicy(ctx, org.GetOrgId())
 		if err != nil {
 			return nil, err
 		}

-		org.LoginPolicy, err = s.getLoginPolicy(ctx, org.GetOrgId())
+		org.LoginPolicy, err = s.getLoginPolicy(ctx, org.GetOrgId(), orgIDPs)
 		if err != nil {
 			return nil, err
 		}
@ -368,7 +375,7 @@ func (s *Server) getLabelPolicy(ctx context.Context, orgID string) (_ *managemen
 	return nil, nil
 }

-func (s *Server) getLoginPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomLoginPolicyRequest, err error) {
+func (s *Server) getLoginPolicy(ctx context.Context, orgID string, orgIDPs []string) (_ *management_pb.AddCustomLoginPolicyRequest, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()

@ -399,9 +406,22 @@ func (s *Server) getLoginPolicy(ctx context.Context, orgID string) (_ *managemen
 		}
 		idpLinks := make([]*management_pb.AddCustomLoginPolicyRequest_IDP, 0)
 		for _, idpLink := range idpLinksQuery.Links {
+			found := false
+			for _, orgIDP := range orgIDPs {
+				if orgIDP == idpLink.IDPID {
+					found = true
+					break
+				}
+			}
+			ownerType := idp_pb.IDPOwnerType_IDP_OWNER_TYPE_UNSPECIFIED
+			if found {
+				ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_ORG
+			} else {
+				ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_SYSTEM
+			}
 			idpLinks = append(idpLinks, &management_pb.AddCustomLoginPolicyRequest_IDP{
 				IdpId:     idpLink.IDPID,
-				OwnerType: idp_pb.IDPOwnerType(idpLink.IDPType),
+				OwnerType: ownerType,
 			})
 		}

--- a/internal/api/grpc/admin/import.go
+++ b/internal/api/grpc/admin/import.go
@ -871,6 +871,15 @@ func (s *Server) dataOrgsV1ToDataOrgs(ctx context.Context, dataOrgs *v1_pb.Impor

 	orgs := make([]*admin_pb.DataOrg, 0)
 	for _, orgV1 := range dataOrgs.Orgs {
+		triggerActions := make([]*management_pb.SetTriggerActionsRequest, 0)
+		for _, action := range orgV1.GetTriggerActions() {
+			triggerActions = append(triggerActions, &management_pb.SetTriggerActionsRequest{
+				FlowType:    strconv.Itoa(int(action.GetFlowType().Number())),
+				TriggerType: strconv.Itoa(int(action.GetTriggerType().Number())),
+				ActionIds:   action.ActionIds,
+			})
+		}
+
 		org := &admin_pb.DataOrg{
 			OrgId:                            orgV1.GetOrgId(),
 			Org:                              orgV1.GetOrg(),
@ -886,7 +895,7 @@ func (s *Server) dataOrgsV1ToDataOrgs(ctx context.Context, dataOrgs *v1_pb.Impor
 			OidcApps:                         orgV1.GetOidcApps(),
 			HumanUsers:                       orgV1.GetHumanUsers(),
 			MachineUsers:                     orgV1.GetMachineUsers(),
-			TriggerActions:                   orgV1.GetTriggerActions(),
+			TriggerActions:                   triggerActions,
 			Actions:                          orgV1.GetActions(),
 			ProjectGrants:                    orgV1.GetProjectGrants(),
 			UserGrants:                       orgV1.GetUserGrants(),
--- a/proto/zitadel/v1.proto
+++ b/proto/zitadel/v1.proto
@ -57,7 +57,7 @@ message DataOrg {
  repeated DataOIDCApplication oidc_apps = 13;
  repeated DataHumanUser human_users = 14;
  repeated DataMachineUser machine_users = 15;
-  repeated zitadel.management.v1.SetTriggerActionsRequest  trigger_actions = 16;
+  repeated SetTriggerActionsRequest  trigger_actions = 16;
  repeated DataAction actions = 17;

  repeated DataProjectGrant project_grants = 18;
@ -183,3 +183,21 @@ message DataProjectGrant {
  string grant_id = 1;
  zitadel.management.v1.AddProjectGrantRequest project_grant = 2;
 }
+
+message SetTriggerActionsRequest {
+  FlowType flow_type = 1;
+  TriggerType trigger_type = 2;
+  repeated string action_ids = 3;
+}
+
+enum FlowType {
+  FLOW_TYPE_UNSPECIFIED = 0;
+  FLOW_TYPE_EXTERNAL_AUTHENTICATION = 1;
+}
+
+enum TriggerType {
+  TRIGGER_TYPE_UNSPECIFIED = 0;
+  TRIGGER_TYPE_POST_AUTHENTICATION = 1;
+  TRIGGER_TYPE_PRE_CREATION = 2;
+  TRIGGER_TYPE_POST_CREATION = 3;
+}