feat: user v2 service query (#7095)

* feat: add query endpoints for user v2 api * fix: correct integration tests * fix: correct linting * fix: correct linting * fix: comment out permission check on user get and list * fix: permission check on user v2 query * fix: merge back origin/main * fix: add search query in user emails * fix: reset count for SearchUser if users are removed due to permissions * fix: reset count for SearchUser if users are removed due to permissions --------- Co-authored-by: Elio Bischof <elio@zitadel.com>
2025-08-11 20:47:32 +00:00 · 2024-01-17 10:00:10 +01:00
parent 853181155d
commit d9d376a275
18 changed files with 1667 additions and 45 deletions
--- a/internal/query/user.go
+++ b/internal/query/user.go
@@ -122,6 +122,29 @@ type NotifyUser struct {
 	PasswordSet        bool
 }

+func (u *Users) RemoveNoPermission(ctx context.Context, permissionCheck domain.PermissionCheck) {
+	removableIndexes := make([]int, 0)
+	for i := range u.Users {
+		ctxData := authz.GetCtxData(ctx)
+		if ctxData.UserID != u.Users[i].ID {
+			if err := permissionCheck(ctx, domain.PermissionUserRead, ctxData.OrgID, u.Users[i].ID); err != nil {
+				removableIndexes = append(removableIndexes, i)
+			}
+		}
+	}
+	removed := 0
+	for _, removeIndex := range removableIndexes {
+		u.Users = removeUser(u.Users, removeIndex-removed)
+		removed++
+	}
+	// reset count as some users could be removed
+	u.SearchResponse.Count = uint64(len(u.Users))
+}
+
+func removeUser(slice []*User, s int) []*User {
+	return append(slice[:s], slice[s+1:]...)
+}
+
 type UserSearchQueries struct {
 	SearchRequest
 	Queries []SearchQuery
@@ -579,7 +602,6 @@ func (q *Queries) SearchUsers(ctx context.Context, queries *UserSearchQueries) (
 	if err != nil {
 		return nil, zerrors.ThrowInternal(err, "QUERY-AG4gs", "Errors.Internal")
 	}
-
 	users.State, err = q.latestState(ctx, userTable)
 	return users, err
 }