mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-07 22:17:42 +00:00
feat: all project grant search query (#2581)
* feat: all project grant search query * feat: all project grant search query
This commit is contained in:
parent
802fbf175b
commit
cd65fd8c17
@ -1433,7 +1433,7 @@ This is an empty response
|
|||||||
| Field | Type | Description | Validation |
|
| Field | Type | Description | Validation |
|
||||||
| ----- | ---- | ----------- | ----------- |
|
| ----- | ---- | ----------- | ----------- |
|
||||||
| policy | zitadel.policy.v1.OrgIAMPolicy | - | |
|
| policy | zitadel.policy.v1.OrgIAMPolicy | - | |
|
||||||
| is_default | bool | - | |
|
| is_default | bool | deprecated: is_default is also defined in zitadel.policy.v1.OrgIAMPolicy | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -1379,6 +1379,19 @@ Limit should always be set, there is a default limit set by the service
|
|||||||
POST: /projects/{project_id}/grants/_search
|
POST: /projects/{project_id}/grants/_search
|
||||||
|
|
||||||
|
|
||||||
|
### ListAllProjectGrants
|
||||||
|
|
||||||
|
> **rpc** ListAllProjectGrants([ListAllProjectGrantsRequest](#listallprojectgrantsrequest))
|
||||||
|
[ListAllProjectGrantsResponse](#listallprojectgrantsresponse)
|
||||||
|
|
||||||
|
Returns all project grants matching the query, (ProjectGrant = Grant another organisation for my project)
|
||||||
|
Limit should always be set, there is a default limit set by the service
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
POST: /projectgrants/_search
|
||||||
|
|
||||||
|
|
||||||
### AddProjectGrant
|
### AddProjectGrant
|
||||||
|
|
||||||
> **rpc** AddProjectGrant([AddProjectGrantRequest](#addprojectgrantrequest))
|
> **rpc** AddProjectGrant([AddProjectGrantRequest](#addprojectgrantrequest))
|
||||||
@ -4545,7 +4558,7 @@ This is an empty request
|
|||||||
| Field | Type | Description | Validation |
|
| Field | Type | Description | Validation |
|
||||||
| ----- | ---- | ----------- | ----------- |
|
| ----- | ---- | ----------- | ----------- |
|
||||||
| policy | zitadel.policy.v1.LabelPolicy | - | |
|
| policy | zitadel.policy.v1.LabelPolicy | - | |
|
||||||
| is_default | bool | - | |
|
| is_default | bool | deprecated: is_default is also defined in zitadel.policy.v1.LabelPolicy | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -4563,7 +4576,7 @@ This is an empty request
|
|||||||
| Field | Type | Description | Validation |
|
| Field | Type | Description | Validation |
|
||||||
| ----- | ---- | ----------- | ----------- |
|
| ----- | ---- | ----------- | ----------- |
|
||||||
| policy | zitadel.policy.v1.LockoutPolicy | - | |
|
| policy | zitadel.policy.v1.LockoutPolicy | - | |
|
||||||
| is_default | bool | - | |
|
| is_default | bool | deprecated: is_default is also defined in zitadel.policy.v1.LockoutPolicy | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -4581,7 +4594,7 @@ This is an empty request
|
|||||||
| Field | Type | Description | Validation |
|
| Field | Type | Description | Validation |
|
||||||
| ----- | ---- | ----------- | ----------- |
|
| ----- | ---- | ----------- | ----------- |
|
||||||
| policy | zitadel.policy.v1.LoginPolicy | - | |
|
| policy | zitadel.policy.v1.LoginPolicy | - | |
|
||||||
| is_default | bool | - | |
|
| is_default | bool | deprecated: is_default is also defined in zitadel.policy.v1.LoginPolicy | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -4718,7 +4731,7 @@ This is an empty request
|
|||||||
| Field | Type | Description | Validation |
|
| Field | Type | Description | Validation |
|
||||||
| ----- | ---- | ----------- | ----------- |
|
| ----- | ---- | ----------- | ----------- |
|
||||||
| policy | zitadel.policy.v1.PasswordAgePolicy | - | |
|
| policy | zitadel.policy.v1.PasswordAgePolicy | - | |
|
||||||
| is_default | bool | - | |
|
| is_default | bool | deprecated: is_default is also defined in zitadel.policy.v1.PasswordAgePolicy | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -4736,7 +4749,7 @@ This is an empty request
|
|||||||
| Field | Type | Description | Validation |
|
| Field | Type | Description | Validation |
|
||||||
| ----- | ---- | ----------- | ----------- |
|
| ----- | ---- | ----------- | ----------- |
|
||||||
| policy | zitadel.policy.v1.PasswordComplexityPolicy | - | |
|
| policy | zitadel.policy.v1.PasswordComplexityPolicy | - | |
|
||||||
| is_default | bool | - | |
|
| is_default | bool | deprecated: is_default is also defined in zitadel.policy.v1.PasswordComplexityPolicy | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -4754,7 +4767,7 @@ This is an empty request
|
|||||||
| Field | Type | Description | Validation |
|
| Field | Type | Description | Validation |
|
||||||
| ----- | ---- | ----------- | ----------- |
|
| ----- | ---- | ----------- | ----------- |
|
||||||
| policy | zitadel.policy.v1.LabelPolicy | - | |
|
| policy | zitadel.policy.v1.LabelPolicy | - | |
|
||||||
| is_default | bool | - | |
|
| is_default | bool | deprecated: is_default is also defined in zitadel.policy.v1.LabelPolicy | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -5084,6 +5097,30 @@ This is an empty response
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### ListAllProjectGrantsRequest
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Description | Validation |
|
||||||
|
| ----- | ---- | ----------- | ----------- |
|
||||||
|
| query | zitadel.v1.ListQuery | list limitations and ordering | |
|
||||||
|
| queries | repeated zitadel.project.v1.AllProjectGrantQuery | criterias the client is looking for | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### ListAllProjectGrantsResponse
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Description | Validation |
|
||||||
|
| ----- | ---- | ----------- | ----------- |
|
||||||
|
| details | zitadel.v1.ListDetails | - | |
|
||||||
|
| result | repeated zitadel.project.v1.GrantedProject | - | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### ListAppChangesRequest
|
### ListAppChangesRequest
|
||||||
|
|
||||||
|
|
||||||
|
@ -9,6 +9,20 @@ title: zitadel/project.proto
|
|||||||
## Messages
|
## Messages
|
||||||
|
|
||||||
|
|
||||||
|
### AllProjectGrantQuery
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Description | Validation |
|
||||||
|
| ----- | ---- | ----------- | ----------- |
|
||||||
|
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_name_query | GrantProjectNameQuery | - | |
|
||||||
|
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.role_key_query | GrantRoleKeyQuery | - | |
|
||||||
|
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.project_id_query | ProjectIDQuery | - | |
|
||||||
|
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) query.granted_org_id_query | GrantedOrgIDQuery | - | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### GrantProjectNameQuery
|
### GrantProjectNameQuery
|
||||||
|
|
||||||
|
|
||||||
@ -33,6 +47,17 @@ title: zitadel/project.proto
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### GrantedOrgIDQuery
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Description | Validation |
|
||||||
|
| ----- | ---- | ----------- | ----------- |
|
||||||
|
| granted_org_id | string | - | string.max_len: 200<br /> |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### GrantedProject
|
### GrantedProject
|
||||||
|
|
||||||
|
|
||||||
@ -83,6 +108,17 @@ title: zitadel/project.proto
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
### ProjectIDQuery
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
| Field | Type | Description | Validation |
|
||||||
|
| ----- | ---- | ----------- | ----------- |
|
||||||
|
| project_id | string | - | string.max_len: 200<br /> |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
### ProjectNameQuery
|
### ProjectNameQuery
|
||||||
|
|
||||||
|
|
||||||
|
@ -41,6 +41,27 @@ func (s *Server) ListProjectGrants(ctx context.Context, req *mgmt_pb.ListProject
|
|||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Server) ListAllProjectGrants(ctx context.Context, req *mgmt_pb.ListAllProjectGrantsRequest) (*mgmt_pb.ListAllProjectGrantsResponse, error) {
|
||||||
|
queries, err := listAllProjectGrantsRequestToModel(req)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
queries.AppendMyResourceOwnerQuery(authz.GetCtxData(ctx).OrgID)
|
||||||
|
queries.AppendPermissionQueries(authz.GetRequestPermissionsFromCtx(ctx))
|
||||||
|
grants, err := s.query.SearchProjectGrants(ctx, queries)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return &mgmt_pb.ListAllProjectGrantsResponse{
|
||||||
|
Result: proj_grpc.GrantedProjectViewsToPb(grants.ProjectGrants),
|
||||||
|
Details: object_grpc.ToListDetails(
|
||||||
|
grants.Count,
|
||||||
|
grants.Sequence,
|
||||||
|
grants.Timestamp,
|
||||||
|
),
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
func (s *Server) AddProjectGrant(ctx context.Context, req *mgmt_pb.AddProjectGrantRequest) (*mgmt_pb.AddProjectGrantResponse, error) {
|
func (s *Server) AddProjectGrant(ctx context.Context, req *mgmt_pb.AddProjectGrantRequest) (*mgmt_pb.AddProjectGrantResponse, error) {
|
||||||
grant, err := s.command.AddProjectGrant(ctx, AddProjectGrantRequestToDomain(req), authz.GetCtxData(ctx).OrgID)
|
grant, err := s.command.AddProjectGrant(ctx, AddProjectGrantRequestToDomain(req), authz.GetCtxData(ctx).OrgID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -56,7 +56,48 @@ func ProjectGrantQueryToModel(apiQuery *proj_pb.ProjectGrantQuery) (query.Search
|
|||||||
return nil, errors.ThrowInvalidArgument(nil, "PROJECT-M099f", "List.Query.Invalid")
|
return nil, errors.ThrowInvalidArgument(nil, "PROJECT-M099f", "List.Query.Invalid")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
func listAllProjectGrantsRequestToModel(req *mgmt_pb.ListAllProjectGrantsRequest) (*query.ProjectGrantSearchQueries, error) {
|
||||||
|
offset, limit, asc := object.ListQueryToModel(req.Query)
|
||||||
|
queries, err := AllProjectGrantQueriesToModel(req)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return &query.ProjectGrantSearchQueries{
|
||||||
|
SearchRequest: query.SearchRequest{
|
||||||
|
Offset: offset,
|
||||||
|
Limit: limit,
|
||||||
|
Asc: asc,
|
||||||
|
},
|
||||||
|
Queries: queries,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func AllProjectGrantQueriesToModel(req *mgmt_pb.ListAllProjectGrantsRequest) (_ []query.SearchQuery, err error) {
|
||||||
|
queries := make([]query.SearchQuery, 0, len(req.Queries))
|
||||||
|
for _, query := range req.Queries {
|
||||||
|
q, err := AllProjectGrantQueryToModel(query)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
queries = append(queries, q)
|
||||||
|
}
|
||||||
|
return queries, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func AllProjectGrantQueryToModel(apiQuery *proj_pb.AllProjectGrantQuery) (query.SearchQuery, error) {
|
||||||
|
switch q := apiQuery.Query.(type) {
|
||||||
|
case *proj_pb.AllProjectGrantQuery_ProjectNameQuery:
|
||||||
|
return query.NewProjectGrantProjectNameSearchQuery(object.TextMethodToQuery(q.ProjectNameQuery.Method), q.ProjectNameQuery.Name)
|
||||||
|
case *proj_pb.AllProjectGrantQuery_RoleKeyQuery:
|
||||||
|
return query.NewProjectGrantRoleKeySearchQuery(q.RoleKeyQuery.RoleKey)
|
||||||
|
case *proj_pb.AllProjectGrantQuery_ProjectIdQuery:
|
||||||
|
return query.NewProjectGrantProjectIDSearchQuery(q.ProjectIdQuery.ProjectId)
|
||||||
|
case *proj_pb.AllProjectGrantQuery_GrantedOrgIdQuery:
|
||||||
|
return query.NewProjectGrantGrantedOrgIDSearchQuery(q.GrantedOrgIdQuery.GrantedOrgId)
|
||||||
|
default:
|
||||||
|
return nil, errors.ThrowInvalidArgument(nil, "PROJECT-M099f", "List.Query.Invalid")
|
||||||
|
}
|
||||||
|
}
|
||||||
func AddProjectGrantRequestToDomain(req *mgmt_pb.AddProjectGrantRequest) *domain.ProjectGrant {
|
func AddProjectGrantRequestToDomain(req *mgmt_pb.AddProjectGrantRequest) *domain.ProjectGrant {
|
||||||
return &domain.ProjectGrant{
|
return &domain.ProjectGrant{
|
||||||
ObjectRoot: models.ObjectRoot{
|
ObjectRoot: models.ObjectRoot{
|
||||||
|
@ -1437,6 +1437,19 @@ service ManagementService {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Returns all project grants matching the query, (ProjectGrant = Grant another organisation for my project)
|
||||||
|
// Limit should always be set, there is a default limit set by the service
|
||||||
|
rpc ListAllProjectGrants(ListAllProjectGrantsRequest) returns (ListAllProjectGrantsResponse) {
|
||||||
|
option (google.api.http) = {
|
||||||
|
post: "/projectgrants/_search"
|
||||||
|
body: "*"
|
||||||
|
};
|
||||||
|
|
||||||
|
option (zitadel.v1.auth_option) = {
|
||||||
|
permission: "project.grant.read"
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
// Add a new project grant (ProjectGrant = Grant another organisation for my project)
|
// Add a new project grant (ProjectGrant = Grant another organisation for my project)
|
||||||
// Project Grant will be listed in granted project of the other organisation
|
// Project Grant will be listed in granted project of the other organisation
|
||||||
rpc AddProjectGrant(AddProjectGrantRequest) returns (AddProjectGrantResponse) {
|
rpc AddProjectGrant(AddProjectGrantRequest) returns (AddProjectGrantResponse) {
|
||||||
@ -4027,6 +4040,18 @@ message ListProjectGrantsResponse {
|
|||||||
repeated zitadel.project.v1.GrantedProject result = 2;
|
repeated zitadel.project.v1.GrantedProject result = 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
message ListAllProjectGrantsRequest {
|
||||||
|
//list limitations and ordering
|
||||||
|
zitadel.v1.ListQuery query = 1;
|
||||||
|
//criterias the client is looking for
|
||||||
|
repeated zitadel.project.v1.AllProjectGrantQuery queries = 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
message ListAllProjectGrantsResponse {
|
||||||
|
zitadel.v1.ListDetails details = 1;
|
||||||
|
repeated zitadel.project.v1.GrantedProject result = 2;
|
||||||
|
}
|
||||||
|
|
||||||
message AddProjectGrantRequest {
|
message AddProjectGrantRequest {
|
||||||
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
string project_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||||
string granted_org_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
string granted_org_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||||
|
@ -204,6 +204,17 @@ message ProjectGrantQuery {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
message AllProjectGrantQuery {
|
||||||
|
oneof query {
|
||||||
|
option (validate.required) = true;
|
||||||
|
|
||||||
|
GrantProjectNameQuery project_name_query = 1;
|
||||||
|
GrantRoleKeyQuery role_key_query = 2;
|
||||||
|
ProjectIDQuery project_id_query = 3;
|
||||||
|
GrantedOrgIDQuery granted_org_id_query = 4;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
message GrantProjectNameQuery {
|
message GrantProjectNameQuery {
|
||||||
string name = 1 [
|
string name = 1 [
|
||||||
(validate.rules).string = {max_len: 200},
|
(validate.rules).string = {max_len: 200},
|
||||||
@ -232,4 +243,22 @@ message GrantRoleKeyQuery {
|
|||||||
description: "defines which text equality method is used"
|
description: "defines which text equality method is used"
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
message ProjectIDQuery {
|
||||||
|
string project_id = 1 [
|
||||||
|
(validate.rules).string = {max_len: 200},
|
||||||
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||||
|
example: "\"69629023906488334\""
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
message GrantedOrgIDQuery {
|
||||||
|
string granted_org_id = 1 [
|
||||||
|
(validate.rules).string = {max_len: 200},
|
||||||
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
||||||
|
example: "\"69629023906488334\""
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
Loading…
x
Reference in New Issue
Block a user