fix(console): display granted org name in authorizations and show user information (#7116)

* fix: add granted org info to user grants query response * fix: show user info, tests and add columns to user grant * fix: add check for org membership * fix: typo in find logic --------- Co-authored-by: Max Peintner <max@caos.ch>
2025-08-11 21:17:32 +00:00 · 2024-01-24 11:36:04 +01:00
parent 94b3799690
commit d590da7c7d
20 changed files with 208 additions and 19 deletions
--- a/internal/query/user_grant_test.go
+++ b/internal/query/user_grant_test.go
@@ -37,11 +37,15 @@ var (
 			", projections.orgs1.primary_domain" +
 			", projections.user_grants4.project_id" +
 			", projections.projects4.name" +
+			", granted_orgs.id" +
+			", granted_orgs.name" +
+			", granted_orgs.primary_domain" +
 			" FROM projections.user_grants4" +
 			" LEFT JOIN projections.users10 ON projections.user_grants4.user_id = projections.users10.id AND projections.user_grants4.instance_id = projections.users10.instance_id" +
 			" LEFT JOIN projections.users10_humans ON projections.user_grants4.user_id = projections.users10_humans.user_id AND projections.user_grants4.instance_id = projections.users10_humans.instance_id" +
 			" LEFT JOIN projections.orgs1 ON projections.user_grants4.resource_owner = projections.orgs1.id AND projections.user_grants4.instance_id = projections.orgs1.instance_id" +
 			" LEFT JOIN projections.projects4 ON projections.user_grants4.project_id = projections.projects4.id AND projections.user_grants4.instance_id = projections.projects4.instance_id" +
+			" LEFT JOIN projections.orgs1 AS granted_orgs ON projections.users10.resource_owner = granted_orgs.id AND projections.users10.instance_id = granted_orgs.instance_id" +
 			" LEFT JOIN projections.login_names3 ON projections.user_grants4.user_id = projections.login_names3.user_id AND projections.user_grants4.instance_id = projections.login_names3.instance_id" +
 			` AS OF SYSTEM TIME '-1 ms' ` +
 			" WHERE projections.login_names3.is_primary = $1")
@@ -67,7 +71,10 @@ var (
 		"name",           //org name
 		"primary_domain",
 		"project_id",
-		"name", //project name
+		"name",           // project name
+		"id",             // granted org id
+		"name",           // granted org name
+		"primary_domain", // granted org domain
 	}
 	userGrantsStmt = regexp.QuoteMeta(
 		"SELECT projections.user_grants4.id" +
@@ -92,12 +99,16 @@ var (
 			", projections.orgs1.primary_domain" +
 			", projections.user_grants4.project_id" +
 			", projections.projects4.name" +
+			", granted_orgs.id" +
+			", granted_orgs.name" +
+			", granted_orgs.primary_domain" +
 			", COUNT(*) OVER ()" +
 			" FROM projections.user_grants4" +
 			" LEFT JOIN projections.users10 ON projections.user_grants4.user_id = projections.users10.id AND projections.user_grants4.instance_id = projections.users10.instance_id" +
 			" LEFT JOIN projections.users10_humans ON projections.user_grants4.user_id = projections.users10_humans.user_id AND projections.user_grants4.instance_id = projections.users10_humans.instance_id" +
 			" LEFT JOIN projections.orgs1 ON projections.user_grants4.resource_owner = projections.orgs1.id AND projections.user_grants4.instance_id = projections.orgs1.instance_id" +
 			" LEFT JOIN projections.projects4 ON projections.user_grants4.project_id = projections.projects4.id AND projections.user_grants4.instance_id = projections.projects4.instance_id" +
+			" LEFT JOIN projections.orgs1 AS granted_orgs ON projections.users10.resource_owner = granted_orgs.id AND projections.users10.instance_id = granted_orgs.instance_id" +
 			" LEFT JOIN projections.login_names3 ON projections.user_grants4.user_id = projections.login_names3.user_id AND projections.user_grants4.instance_id = projections.login_names3.instance_id" +
 			` AS OF SYSTEM TIME '-1 ms' ` +
 			" WHERE projections.login_names3.is_primary = $1")
@@ -166,6 +177,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						"primary-domain",
 						"project-id",
 						"project-name",
+						"granted-org-id",
+						"granted-org-name",
+						"granted-org-domain",
 					},
 				),
 			},
@@ -192,6 +206,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 				OrgPrimaryDomain:   "primary-domain",
 				ProjectID:          "project-id",
 				ProjectName:        "project-name",
+				GrantedOrgID:       "granted-org-id",
+				GrantedOrgName:     "granted-org-name",
+				GrantedOrgDomain:   "granted-org-domain",
 			},
 		},
 		{
@@ -224,6 +241,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						"primary-domain",
 						"project-id",
 						"project-name",
+						"granted-org-id",
+						"granted-org-name",
+						"granted-org-domain",
 					},
 				),
 			},
@@ -250,6 +270,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 				OrgPrimaryDomain:   "primary-domain",
 				ProjectID:          "project-id",
 				ProjectName:        "project-name",
+				GrantedOrgID:       "granted-org-id",
+				GrantedOrgName:     "granted-org-name",
+				GrantedOrgDomain:   "granted-org-domain",
 			},
 		},
 		{
@@ -282,6 +305,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						nil,
 						"project-id",
 						"project-name",
+						"granted-org-id",
+						"granted-org-name",
+						"granted-org-domain",
 					},
 				),
 			},
@@ -308,6 +334,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 				OrgPrimaryDomain:   "",
 				ProjectID:          "project-id",
 				ProjectName:        "project-name",
+				GrantedOrgID:       "granted-org-id",
+				GrantedOrgName:     "granted-org-name",
+				GrantedOrgDomain:   "granted-org-domain",
 			},
 		},
 		{
@@ -340,6 +369,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						"primary-domain",
 						"project-id",
 						nil,
+						"granted-org-id",
+						"granted-org-name",
+						"granted-org-domain",
 					},
 				),
 			},
@@ -366,6 +398,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 				OrgPrimaryDomain:   "primary-domain",
 				ProjectID:          "project-id",
 				ProjectName:        "",
+				GrantedOrgID:       "granted-org-id",
+				GrantedOrgName:     "granted-org-name",
+				GrantedOrgDomain:   "granted-org-domain",
 			},
 		},
 		{
@@ -398,6 +433,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						"primary-domain",
 						"project-id",
 						"project-name",
+						"granted-org-id",
+						"granted-org-name",
+						"granted-org-domain",
 					},
 				),
 			},
@@ -424,6 +462,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 				OrgPrimaryDomain:   "primary-domain",
 				ProjectID:          "project-id",
 				ProjectName:        "project-name",
+				GrantedOrgID:       "granted-org-id",
+				GrantedOrgName:     "granted-org-name",
+				GrantedOrgDomain:   "granted-org-domain",
 			},
 		},
 		{
@@ -486,6 +527,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 							"primary-domain",
 							"project-id",
 							"project-name",
+							"granted-org-id",
+							"granted-org-name",
+							"granted-org-domain",
 						},
 					},
 				),
@@ -518,6 +562,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						OrgPrimaryDomain:   "primary-domain",
 						ProjectID:          "project-id",
 						ProjectName:        "project-name",
+						GrantedOrgID:       "granted-org-id",
+						GrantedOrgName:     "granted-org-name",
+						GrantedOrgDomain:   "granted-org-domain",
 					},
 				},
 			},
@@ -553,6 +600,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 							"primary-domain",
 							"project-id",
 							"project-name",
+							"granted-org-id",
+							"granted-org-name",
+							"granted-org-domain",
 						},
 					},
 				),
@@ -585,6 +635,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						OrgPrimaryDomain:   "primary-domain",
 						ProjectID:          "project-id",
 						ProjectName:        "project-name",
+						GrantedOrgID:       "granted-org-id",
+						GrantedOrgName:     "granted-org-name",
+						GrantedOrgDomain:   "granted-org-domain",
 					},
 				},
 			},
@@ -620,6 +673,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 							nil,
 							"project-id",
 							"project-name",
+							"granted-org-id",
+							"granted-org-name",
+							"granted-org-domain",
 						},
 					},
 				),
@@ -652,6 +708,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						OrgPrimaryDomain:   "",
 						ProjectID:          "project-id",
 						ProjectName:        "project-name",
+						GrantedOrgID:       "granted-org-id",
+						GrantedOrgName:     "granted-org-name",
+						GrantedOrgDomain:   "granted-org-domain",
 					},
 				},
 			},
@@ -687,6 +746,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 							"primary-domain",
 							"project-id",
 							nil,
+							"granted-org-id",
+							"granted-org-name",
+							"granted-org-domain",
 						},
 					},
 				),
@@ -719,6 +781,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						OrgPrimaryDomain:   "primary-domain",
 						ProjectID:          "project-id",
 						ProjectName:        "",
+						GrantedOrgID:       "granted-org-id",
+						GrantedOrgName:     "granted-org-name",
+						GrantedOrgDomain:   "granted-org-domain",
 					},
 				},
 			},
@@ -754,6 +819,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 							"primary-domain",
 							"project-id",
 							"project-name",
+							"granted-org-id",
+							"granted-org-name",
+							"granted-org-domain",
 						},
 					},
 				),
@@ -786,6 +854,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						OrgPrimaryDomain:   "primary-domain",
 						ProjectID:          "project-id",
 						ProjectName:        "project-name",
+						GrantedOrgID:       "granted-org-id",
+						GrantedOrgName:     "granted-org-name",
+						GrantedOrgDomain:   "granted-org-domain",
 					},
 				},
 			},
@@ -821,6 +892,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 							"primary-domain",
 							"project-id",
 							"project-name",
+							"granted-org-id",
+							"granted-org-name",
+							"granted-org-domain",
 						},
 						{
 							"id",
@@ -845,6 +919,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 							"primary-domain",
 							"project-id",
 							"project-name",
+							"granted-org-id",
+							"granted-org-name",
+							"granted-org-domain",
 						},
 					},
 				),
@@ -877,6 +954,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						OrgPrimaryDomain:   "primary-domain",
 						ProjectID:          "project-id",
 						ProjectName:        "project-name",
+						GrantedOrgID:       "granted-org-id",
+						GrantedOrgName:     "granted-org-name",
+						GrantedOrgDomain:   "granted-org-domain",
 					},
 					{
 						ID:                 "id",
@@ -901,6 +981,9 @@ func Test_UserGrantPrepares(t *testing.T) {
 						OrgPrimaryDomain:   "primary-domain",
 						ProjectID:          "project-id",
 						ProjectName:        "project-name",
+						GrantedOrgID:       "granted-org-id",
+						GrantedOrgName:     "granted-org-name",
+						GrantedOrgDomain:   "granted-org-domain",
 					},
 				},
 			},