mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 00:57:33 +00:00
feat: user grants command side (#1191)
* fix: user grant command side * fix: user grant command side * fix: user grant command side check permissions * fix: unique constraint on user grants * fix: add usergrant * fix: add usergrant * fix: add usergrant * fix: user grant remove * Update internal/v2/command/auth_checks.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/auth_checks.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/project.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/user_grant.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: project events Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi
@@ -2,7 +2,6 @@ package management
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/golang/protobuf/ptypes/empty"
|
||||
|
||||
"github.com/caos/zitadel/internal/api/authz"
|
||||
@@ -28,42 +27,36 @@ func (s *Server) UserGrantByID(ctx context.Context, request *management.UserGran
|
||||
}
|
||||
|
||||
func (s *Server) CreateUserGrant(ctx context.Context, in *management.UserGrantCreate) (*management.UserGrant, error) {
|
||||
user, err := s.usergrant.AddUserGrant(ctx, userGrantCreateToModel(in))
|
||||
user, err := s.command.AddUserGrant(ctx, userGrantCreateToDomain(in), authz.GetCtxData(ctx).OrgID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return usergrantFromModel(user), nil
|
||||
return userGrantFromDomain(user), nil
|
||||
}
|
||||
|
||||
func (s *Server) UpdateUserGrant(ctx context.Context, in *management.UserGrantUpdate) (*management.UserGrant, error) {
|
||||
user, err := s.usergrant.ChangeUserGrant(ctx, userGrantUpdateToModel(in))
|
||||
user, err := s.command.ChangeUserGrant(ctx, userGrantUpdateToDomain(in), authz.GetCtxData(ctx).OrgID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return usergrantFromModel(user), nil
|
||||
return userGrantFromDomain(user), nil
|
||||
}
|
||||
|
||||
func (s *Server) DeactivateUserGrant(ctx context.Context, in *management.UserGrantID) (*management.UserGrant, error) {
|
||||
user, err := s.usergrant.DeactivateUserGrant(ctx, in.Id)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return usergrantFromModel(user), nil
|
||||
func (s *Server) DeactivateUserGrant(ctx context.Context, in *management.UserGrantID) (*empty.Empty, error) {
|
||||
err := s.command.DeactivateUserGrant(ctx, in.Id, authz.GetCtxData(ctx).OrgID)
|
||||
return &empty.Empty{}, err
|
||||
}
|
||||
func (s *Server) ReactivateUserGrant(ctx context.Context, in *management.UserGrantID) (*management.UserGrant, error) {
|
||||
user, err := s.usergrant.ReactivateUserGrant(ctx, in.Id)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return usergrantFromModel(user), nil
|
||||
func (s *Server) ReactivateUserGrant(ctx context.Context, in *management.UserGrantID) (*empty.Empty, error) {
|
||||
err := s.command.ReactivateUserGrant(ctx, in.Id, authz.GetCtxData(ctx).OrgID)
|
||||
return &empty.Empty{}, err
|
||||
}
|
||||
|
||||
func (s *Server) RemoveUserGrant(ctx context.Context, in *management.UserGrantID) (*empty.Empty, error) {
|
||||
err := s.usergrant.RemoveUserGrant(ctx, in.Id)
|
||||
err := s.command.RemoveUserGrant(ctx, in.Id, authz.GetCtxData(ctx).OrgID)
|
||||
return &empty.Empty{}, err
|
||||
}
|
||||
|
||||
func (s *Server) BulkRemoveUserGrant(ctx context.Context, in *management.UserGrantRemoveBulk) (*empty.Empty, error) {
|
||||
err := s.usergrant.BulkRemoveUserGrant(ctx, userGrantRemoveBulkToModel(in)...)
|
||||
err := s.command.BulkRemoveUserGrant(ctx, userGrantRemoveBulkToModel(in), authz.GetCtxData(ctx).OrgID)
|
||||
return &empty.Empty{}, err
|
||||
}
|
||||
|
||||
@@ -2,44 +2,39 @@ package management
|
||||
|
||||
import (
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/v2/domain"
|
||||
"github.com/golang/protobuf/ptypes"
|
||||
"google.golang.org/protobuf/types/known/timestamppb"
|
||||
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
grant_model "github.com/caos/zitadel/internal/usergrant/model"
|
||||
"github.com/caos/zitadel/pkg/grpc/management"
|
||||
)
|
||||
|
||||
func usergrantFromModel(grant *grant_model.UserGrant) *management.UserGrant {
|
||||
creationDate, err := ptypes.TimestampProto(grant.CreationDate)
|
||||
logging.Log("GRPC-ki9ds").OnError(err).Debug("unable to parse timestamp")
|
||||
|
||||
changeDate, err := ptypes.TimestampProto(grant.ChangeDate)
|
||||
logging.Log("GRPC-sl9ew").OnError(err).Debug("unable to parse timestamp")
|
||||
|
||||
func userGrantFromDomain(grant *domain.UserGrant) *management.UserGrant {
|
||||
return &management.UserGrant{
|
||||
Id: grant.AggregateID,
|
||||
UserId: grant.UserID,
|
||||
State: usergrantStateFromModel(grant.State),
|
||||
CreationDate: creationDate,
|
||||
ChangeDate: changeDate,
|
||||
Sequence: grant.Sequence,
|
||||
ProjectId: grant.ProjectID,
|
||||
RoleKeys: grant.RoleKeys,
|
||||
Id: grant.AggregateID,
|
||||
UserId: grant.UserID,
|
||||
State: usergrantStateFromDomain(grant.State),
|
||||
ChangeDate: timestamppb.New(grant.ChangeDate),
|
||||
Sequence: grant.Sequence,
|
||||
ProjectId: grant.ProjectID,
|
||||
RoleKeys: grant.RoleKeys,
|
||||
}
|
||||
}
|
||||
|
||||
func userGrantCreateToModel(u *management.UserGrantCreate) *grant_model.UserGrant {
|
||||
return &grant_model.UserGrant{
|
||||
ObjectRoot: models.ObjectRoot{AggregateID: u.UserId},
|
||||
UserID: u.UserId,
|
||||
ProjectID: u.ProjectId,
|
||||
RoleKeys: u.RoleKeys,
|
||||
GrantID: u.GrantId,
|
||||
func userGrantCreateToDomain(u *management.UserGrantCreate) *domain.UserGrant {
|
||||
return &domain.UserGrant{
|
||||
ObjectRoot: models.ObjectRoot{AggregateID: u.UserId},
|
||||
UserID: u.UserId,
|
||||
ProjectID: u.ProjectId,
|
||||
RoleKeys: u.RoleKeys,
|
||||
ProjectGrantID: u.GrantId,
|
||||
}
|
||||
}
|
||||
|
||||
func userGrantUpdateToModel(u *management.UserGrantUpdate) *grant_model.UserGrant {
|
||||
return &grant_model.UserGrant{
|
||||
func userGrantUpdateToDomain(u *management.UserGrantUpdate) *domain.UserGrant {
|
||||
return &domain.UserGrant{
|
||||
ObjectRoot: models.ObjectRoot{AggregateID: u.Id},
|
||||
RoleKeys: u.RoleKeys,
|
||||
}
|
||||
@@ -171,3 +166,14 @@ func usergrantStateFromModel(state grant_model.UserGrantState) management.UserGr
|
||||
return management.UserGrantState_USERGRANTSTATE_UNSPECIFIED
|
||||
}
|
||||
}
|
||||
|
||||
func usergrantStateFromDomain(state domain.UserGrantState) management.UserGrantState {
|
||||
switch state {
|
||||
case domain.UserGrantStateActive:
|
||||
return management.UserGrantState_USERGRANTSTATE_ACTIVE
|
||||
case domain.UserGrantStateInactive:
|
||||
return management.UserGrantState_USERGRANTSTATE_INACTIVE
|
||||
default:
|
||||
return management.UserGrantState_USERGRANTSTATE_UNSPECIFIED
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user