309 Commits

Author SHA1 Message Date
Silvan
eb4f7c5d7c
fix(auth): update user grants before check (#5406) 2023-03-13 08:03:49 +01:00
Silvan
20e4f1ce57
feat(actions): add fields to complement token flow (#5336)
* deprecated `ctx.v1.userinfo`-field in "pre userinfo creation" trigger in favour of `ctx.v1.claims`. The trigger now behaves the same as "pre access token creation"
* added `ctx.v1.claims` to "complement tokens" flow
* added `ctx.v1.grants` to "complement tokens" flow
* document `ctx.v1.getUser()` in "complement tokens" flow

* feat(actions): add getUser() and grant

* map user grants

* map claims

* feat(actions): claims in complement token ctx

* docs(actions): add new fields of complement token

* docs(actions): additions to complement token

* docs(actions): correct field names
2023-03-08 15:26:28 +01:00
Livio Spring
3042d7ef5c
feat: add github provider template (#5334)
Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
Livio Spring
b2786d8c68
fix: handling of (old) IDPConfigChangedEvent projection (#5384) 2023-03-07 11:35:47 +01:00
Livio Spring
2efa305e10
fix: use of generic oauth provider (#5345)
Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
Livio Spring
48f9815b7c
feat(login): use new IDP templates (#5315)
The login uses the new template based IDPs with backwards compatibility for old IDPs
2023-02-28 21:20:58 +01:00
Silvan
e38abdcdf3
perf: query data AS OF SYSTEM TIME (#5231)
Queries the data in the storage layser at the timestamp when the call hit the API layer
2023-02-27 22:36:43 +01:00
Livio Spring
80003939ad
feat(api): add oidc and jwt provider template (#5290)
Adds possibility to manage OIDC and JWT template based providers
2023-02-27 16:32:18 +01:00
Livio Spring
737d14e81b
feat(api): add generic oauth provider template (#5260)
adds functionality to manage templates based OIDC IDPs
2023-02-24 15:16:06 +01:00
Livio Spring
40e7356f3e
feat(api): add google provider template (#5247)
add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
Stefan Benz
586495a0be
feat: add management for ldap idp template (#5220)
Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future.

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
Elio Bischof
681541f41b
feat: add quotas (#4779)
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
Stefan Benz
3616b6b028
feat(api): allow specifying access_token type (opaque/JWT) for service users (#5150)
Add functionality to configure the access token type on the service accounts to provide the oidc library with the necessary information to create the right type of access token.
2023-02-08 08:06:34 +00:00
Stefan Benz
e2fdd3f077
feat: support client_credentials for service users (#5134)
Request an access_token for service users with OAuth 2.0 Client Credentials Grant. Added functionality to generate and remove a secret on service users.
2023-01-31 19:52:47 +00:00
Stefan Benz
19621acfd3
feat: add notification policy and password change message (#5065)
Implementation of new notification policy with functionality to send email when a password is changed
2023-01-25 09:49:41 +01:00
Silvan
7b5135e637
fix(adminAPI): localize event type (#5059)
* fix(adminAPI): localisation of event types, aggregate types
* fix(adminAPI): validations of ListEvent request
* implement caching of editor user information
2023-01-19 15:50:05 +00:00
Silvan
71bd19d690
fix: login name case insensitive (#5032)
checks for login names case insensitive during login
2023-01-16 13:07:31 +00:00
Silvan
1bf1f335dc
feat(admin-api): list events (#4989)
* docs: update cockroachdb version to 22.2
* feat(adminAPI): ListEventTypes returns the list of event types ZITADEL implements
* feat(adminAPI): ListAggregateTypes returns the list of aggregate types ZITADEL implements
* feat(adminAPI): ListEvents allows `IAM_OWNERS` to search for events
2023-01-16 11:30:03 +00:00
Silvan
74c1c39207
fix: org unique check (#5033)
- all verified of domains are checked
- domains are checked case insensitive
- name is checked case insensitive
2023-01-16 09:55:19 +00:00
Stefan Benz
7d9fc2c6e7
feat: org remove on admin api and org query with state (#4917)
* feat: org remove on admin api and org query with state

* docs: change description for admin api remove org

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-22 10:46:06 +00:00
Livio Spring
a99da4f8e4
fix: user queries (#4920) 2022-12-22 09:22:08 +00:00
Stefan Benz
f5eddcc490
fix: separate tos and privacy checkbox into two (#4848) 2022-12-21 09:27:31 +01:00
Livio Spring
d21bb902f1
fix: push timeout (#4882) (#4885)
* push with timeout

* test: config for eventstore

(cherry picked from commit b9156da76d0f03075589b50eafbf9f48160a0301)

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-12-15 09:40:13 +00:00
Livio Spring
632639ae7f
feat: enable iframe use (#4766)
* feat: enable iframe use

* cleanup

* fix mocks

* fix linting

* docs: add iframe usage to solution scenarios configurations

* improve api

* feat(console): security policy

* description

* remove unnecessary line

* disable input button and urls when not enabled

* add image to docs

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-12-14 07:17:36 +01:00
Stefan Benz
add232d1dd
fix: correct where statement for AppByOIDCClientID (#4815)
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-12-02 13:15:09 +00:00
Silvan
e7137dba60
fix(projection): new version of oidc_settings (#4811)
There was a field delete some commits back but the projection version was not updated, that's why we update now
2022-12-02 12:54:28 +00:00
Stefan Benz
9626897834
fix(logintexts): fix several custom text attributes for get and set (#4733)
* fix(logintexts): fix several custom text attributes for get and set

* fix(logintexts): fix externalUserNotFound attribute for json unmarshalling and reduce for customTexts

* fix: correct imports for linting
2022-12-01 13:31:46 +01:00
Silvan
28760ab4b3
fix(query): add tracing for each method (#4777)
* fix(query): add tracing for each method
2022-12-01 09:18:53 +01:00
Silvan
f3e6f3b23b
feat: remove org (#4148)
* feat(command): remove org

* refactor: imports, unused code, error handling

* reduce org removed in action

* add org deletion to projections

* add org removal to projections

* add org removal to projections

* org removed projection

* lint import

* projections

* fix: table names in tests

* fix: table names in tests

* logging

* add org state

* fix(domain): add Owner removed to object details

* feat(ListQuery): add with owner removed

* fix(org-delete): add bool to functions to select with owner removed

* fix(org-delete): add bools to user grants with events to determine if dependencies lost owner

* fix(org-delete): add unit tests for owner removed and org removed events

* fix(org-delete): add handling of org remove for grants and members

* fix(org-delete): correction of unit tests for owner removed

* fix(org-delete): update projections, unit tests and get functions

* fix(org-delete): add change date to authnkeys and owner removed to org metadata

* fix(org-delete): include owner removed for login names

* fix(org-delete): some column fixes in projections and build for queries with owner removed

* indexes

* fix(org-delete): include review changes

* fix(org-delete): change user projection name after merge

* fix(org-delete): include review changes for project grant where no project owner is necessary

* fix(org-delete): include auth and adminapi tables with owner removed information

* fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed

* fix(org-delete): add permissions for org.remove

* remove unnecessary unique constraints

* fix column order in primary keys

* fix(org-delete): include review changes

* fix(org-delete): add owner removed indexes and chang setup step to create tables

* fix(org-delete): move PK order of instance_id and change added user_grant from review

* fix(org-delete): no params for prepareUserQuery

* change to step 6

* merge main

* fix(org-delete): OldUserName rename to private

* fix linting

* cleanup

* fix: remove org test

* create prerelease

* chore: delete org-delete as prerelease

Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2022-11-30 17:01:17 +01:00
Livio Spring
29441ce4b6
feat: save last occurrence of failed events and fix instance filtering (#4710)
* fix: filter failed events and current sequence correctly

* fix failed events sorting column

* feat: save last occurrence of failed event

* fix failedEvents query and update sql statements

* change sql statement to only create index

* fix linting

* fix linting

* Update internal/query/failed_events.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* update job name on test-docs to match the one from test-code

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-11-18 13:49:38 +01:00
Stefan Benz
e183fe668a
fix: delete limit of login policy query for idp links list (#4654)
* fix: delete limit of login policy query for idp links list

* set isDefault to false

* fix: change orderby to desc if custom login policy is queried

* fix: split select for idp links from select for login policy

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-14 15:15:29 +00:00
Livio Spring
78ae64471a
fix: improve performance by reducing full table scans (#4684)
* use instance id on update in projections

* create index on domain in instance_domain projection

* add missing instanceID filter to app queries
2022-11-10 11:59:33 +01:00
Livio Spring
41c043bcd9
fix: remove userid unique constraint and fix user list query (#4632)
* fix: remove userid unique constraint and fix user list query

* fix: improve instances query

* improve user queries

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-11-07 10:33:22 +01:00
Livio Spring
c791f6de58
fix: improve startup times by initializing projection tables during setup (#4642)
* fix: improve startup times by initializing projections table during setup

* add missing file
2022-11-04 09:21:58 +00:00
Stefan Benz
5d17da542d
fix(user): add search query for login name (#4173)
* fix(user): add search query for login name

* fix(user): change login name query to IN from EXISTS

* fix(loginname): include InQuery into ListQuery with SubSelect as possible datasource

* fix(user): apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix: correct unit test for search query

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-31 13:03:23 +00:00
Livio Spring
441f215513
fix: join on instanceIDs in queries (#4612) 2022-10-27 06:08:36 +00:00
Livio Spring
d721f725fd
fix: instance remove (#4602) 2022-10-26 13:06:48 +00:00
Stefan Benz
c2a5b785fb
feat: instance remove (#4345)
* feat(instance): add remove instance event with projections cleanup

* fix(instance): corrected used id to clean up projections

* fix merge

* fix: correct unit test projection names

* fix: current sequence of lists and query for ensuring keypair based projections

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-20 14:36:52 +02:00
Stefan Benz
556f381a5a
fix(import): add import for app and machine keys (#4536)
* fix(import): add import for app and machine keys

* fix(export): add review changes

* fix(import): Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(import): add review changes

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-18 15:07:30 +00:00
Livio Spring
b0b1e94090
feat(login): additionally use email/phone for authentication (#4563)
* feat: add ability to disable login by email and phone

* feat: check login by email and phone

* fix: set verified email / phone correctly on notify users

* update projection version

* fix merge

* fix email/phone verified reduce tests

* fix user tests

* loginname check

* cleanup

* fix: update user projection version to handle fixed statement
2022-10-17 19:19:15 +00:00
Silvan
43fb3fd1a6
feat(actions): add token customization flow and extend functionally with modules (#4337)
* fix: potential memory leak

* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls

* add query call

* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects

* fix(translations): add action translations

* use `domain.FlowType`

* localizers

* localization

* trigger types

* options on `query.Action`

* add functions for actions

* feat: management api: add list flow and trigger  (#4352)

* console changes

* cleanup

* fix: wrong localization

Co-authored-by: Max Peintner <max@caos.ch>

* id token works

* check if claims not nil

* feat(actions): metadata api

* refactor(actions): modules

* fix: allow prerelease

* fix: test

* feat(actions): deny list for http hosts

* feat(actions): deny list for http hosts

* refactor: actions

* fix: different error ids

* fix: rename statusCode to status

* Actions objects as options (#4418)

* fix: rename statusCode to status

* fix(actions): objects as options

* fix(actions): objects as options

* fix(actions): set fields

* add http client to old actions

* fix(actions): add log module

* fix(actions): add user to context where possible

* fix(actions): add user to ctx in external authorization/pre creation

* fix(actions): query correct flow in claims

* test: actions

* fix(id-generator): panic if no machine id

* tests

* maybe this?

* fix linting

* refactor: improve code

* fix: metadata and usergrant usage in actions

* fix: appendUserGrant

* fix: allowedToFail and timeout in action execution

* fix: allowed to fail in token complement flow

* docs: add action log claim

* Update defaults.yaml

* fix log claim

* remove prerelease build

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-06 14:23:59 +02:00
Livio Spring
bffb10a4b4
feat: allow domain discovery for unknown usernames (#4484)
* fix: wait for projection initialization to be done

* feat: allow domain discovery for unknown usernames

* fix linting

* Update console/src/assets/i18n/de.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix zh i18n text

* fix projection table name

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-06 13:30:14 +02:00
Stefan Benz
2957407b5b
fix: correct oidcsettings management (#4413)
* fix(oidcsettings): corrected projection, unittests and added the add endpoint

* fix(oidcsettings): corrected default handling and instance setup

* fix: set oidc settings correctly in console

* cleanup

* e2e test

* improve e2e test

* lint e2e

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 12:53:49 +02:00
Stefan Benz
b32c02a39b
feat(instance): add functionality to update instance (#4440)
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 06:58:50 +00:00
Silvan
2bc19f55b5
fix(projections): unique index names (#4439) 2022-09-22 15:18:52 +02:00
Stefan Benz
2c1f9ac4a8
feat(org): add org metadata functionality (#4234)
* feat(org): add org metadata functionality

* fix(metadata): add unit tests and review for org metadata

* fix(org-metadata): move endpoints to /

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-20 14:32:09 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
Livio Spring
04ce8b2479
fix: remove idps from org login policy after reset (#4327) 2022-09-07 14:17:52 +02:00
Livio Spring
4723e911f4
fix: provider type column in idp_login_policy_links projection (#4325) 2022-09-06 06:39:03 +00:00
Silvan
2f647ce9a2
fix: initial failures (#4291)
* fix(cmd): read configuration correctly

* fix(database): read weakly typed config

* fix(database): correct handling of update columns

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-09-01 07:24:26 +00:00
Livio Spring
32b751a3a0
fix: WebAuthN (registration / login) and list on users (#4290)
* fix: WebAuthN when running under non default port

* fix: remove notification schema from list of views / failed events

* fix: auth method column type in user auth methods
2022-09-01 09:10:07 +02:00
Silvan
77b4fc5487
feat(database): support for postgres (#3998)
* beginning with postgres statements

* try pgx

* use pgx

* database

* init works for postgres

* arrays working

* init for cockroach

* init

* start tests

* tests

* TESTS

* ch

* ch

* chore: use go 1.18

* read stmts

* fix typo

* tests

* connection string

* add missing error handler

* cleanup

* start all apis

* go mod tidy

* old update

* switch back to minute

* on conflict

* replace string slice with `database.StringArray` in db models

* fix tests and start

* update go version in dockerfile

* setup go

* clean up

* remove notification migration

* update

* docs: add deploy guide for postgres

* fix: revert sonyflake

* use `database.StringArray` for daos

* use `database.StringArray` every where

* new tables

* index naming,
metadata primary key,
project grant role key type

* docs(postgres): change to beta

* chore: correct compose

* fix(defaults): add empty postgres config

* refactor: remove unused code

* docs: add postgres to self hosted

* fix broken link

* so?

* change title

* add mdx to link

* fix stmt

* update goreleaser in test-code

* docs: improve postgres example

* update more projections

* fix: add beta log for postgres

* revert index name change

* prerelease

* fix: add sequence to v1 "reduce paniced"

* log if nil

* add logging

* fix: log output

* fix(import): check if org exists and user

* refactor: imports

* fix(user): ignore malformed events

* refactor: method naming

* fix: test

* refactor: correct errors.Is call

* ci: don't build dev binaries on main

* fix(go releaser): update version to 1.11.0

* fix(user): projection should not break

* fix(user): handle error properly

* docs: correct config example

* Update .releaserc.js

* Update .releaserc.js

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2022-08-31 07:52:43 +00:00
Livio Spring
e1a981928c
fix: action query (#4257) 2022-08-26 08:38:41 +00:00
Livio Spring
d656b3f3c9
fix: instance interceptors return NotFound (404) error for unknown hosts (#4184)
* fix: instance interceptors return "NotFound" (404) error for unknown hosts

* fix tests
2022-08-17 06:07:41 +00:00
Livio Spring
dba0fdcf7b
fix: handle user metadata projection correctly (#4098) 2022-08-03 09:50:23 +02:00
Stefan Benz
bc9a85daf3
feat: V2 alpha import and export of organizations (#3798)
* feat(import): add functionality to import data into an instance

* feat(import): move import to admin api and additional checks for nil pointer

* fix(export): export implementation with filtered members and grants

* fix: export and import implementation

* fix: add possibility to export hashed passwords with the user

* fix(import): import with structure of v1 and v2

* docs: add v1 proto

* fix(import): check im imported user is already existing

* fix(import): add otp import function

* fix(import): add external idps, domains, custom text and messages

* fix(import): correct usage of default values from login policy

* fix(export): fix renaming of add project function

* fix(import): move checks for unit tests

* expect filter

* fix(import): move checks for unit tests

* fix(import): move checks for unit tests

* fix(import): produce prerelease from branch

* fix(import): correctly use provided user id for machine user imports

* fix(import): corrected otp import and added guide for export and import

* fix: import verified and primary domains

* fix(import): add reading from gcs, s3 and localfile with tracing

* fix(import): gcs and s3, file size correction and error logging

* Delete docker-compose.yml

* fix(import): progress logging and count of resources

* fix(import): progress logging and count of resources

* log subscription

* fix(import): incorporate review

* fix(import): incorporate review

* docs: add suggestion for import

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix(import): add verification otp event and handling of deleted but existing users

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-28 13:42:35 +00:00
Livio Spring
096e12d3d0
fix: set domain verified if domain policy does not require validation (#4061)
* fix: set domain verified if domain policy does not require validation

* handle domain claimed
2022-07-28 13:18:31 +02:00
Livio Spring
5bd9badbcf
fix: project grants (#4031)
* fix: filter granted memberships correctly

* fix: only show changes of granted project

* Apply suggestions from code review

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update internal/query/user_membership.go

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-27 07:55:44 +00:00
Livio Spring
aed7010508
fix: scheduling (#3978)
* fix: improve scheduling

* build pre-release

* fix: locker

* fix: user handler and print stack in case of panic in reducer

* chore: remove sentry

* fix: improve handler projection and implement tests

* more tests

* fix: race condition in tests

* Update internal/eventstore/repository/sql/query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: implemented suggested changes

* fix: lock statement

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-07-22 10:08:39 +00:00
Silvan
d7988563e5
fix: update login names on user trigger bulk (#3934) 2022-07-08 11:04:29 +00:00
Silvan
9271623ec9
fix: load auth users (#3907)
* fix: load auth users

* fix: add triggerbulk

* fix: build pre-release

* fix even more french translations

* fix: build version

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-07 14:58:00 +02:00
Livio Spring
a1d404291d
fix(notify): notify user in projection (#3889)
* start implement notify user in projection

* fix(stmt): add copy to multi stmt

* use projections for notify users

* feat: notifications from projections

* feat: notifications from projections

* cleanup

* pre-release

* fix tests

* fix types

* fix command

* fix queryNotifyUser

* fix: build version

* fix: HumanPasswordlessInitCodeSent

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-07-06 14:09:49 +02:00
Silvan
72b696ccb2
fix(system): search for existing domain globally (#3822) 2022-06-14 15:45:19 +02:00
Silvan
dd2f31683c
fix(query): realtime data on defined requests (#3726)
* feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses

* fix proto

* update login policy

* feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses

* fix: tests

* fix(projection): trigger bulk

* refactor: clean projection pkg

* instance should bulk

* fix(query): should trigger bulk on id calls

* tests

* build prerelease

* fix: add shouldTriggerBulk

* fix: test

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-06-14 07:51:00 +02:00
Livio Spring
f57e3df39d
fix: sms providers (#3801) 2022-06-13 08:34:11 +02:00
Livio Spring
7f34ce1891
fix: allow project grants without roles in database (#3786) 2022-06-09 11:48:54 +02:00
Livio Spring
a377f2816c
feat: return instance domains on list instances, fix: login policy and avatar url in oidc responses (#3785)
* feat: return instance domains on list instances

* fix: filter login policy idps correctly

* remove debug

* fix: absolute avatar url in oidc responses
2022-06-08 13:46:24 +02:00
Livio Amstutz
0baaaf8a05
fix: handle default org id (#3769) 2022-06-03 14:30:39 +02:00
Livio Amstutz
b0436c995b
fix: return correct empty flow if not found (#3749) 2022-06-01 08:11:48 +02:00
Silvan
fb93085430
fix(projection): add missing col to idp login policy links (#3745)
* fix(projection): add missing col to projection

* refactor: method naming
2022-05-31 20:39:37 +02:00
Silvan
16c86149be
fix(current_sequence): no error if not found (#3740) 2022-05-31 11:50:51 +00:00
Livio Amstutz
b3f50702f8
feat: directly specify factors/idps on addCustomLoginPolicy and return on LoginPolicy responses (#3711)
* feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses

* fix proto

* update login policy

* feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses

* fix: tests

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-05-30 11:51:07 +00:00
Livio Amstutz
2fc39c0da0
feat: system api requires authenticated requests (#3570)
* begin auth

* feat: system api requires authenticated requests

* fix tests
2022-05-30 13:38:30 +02:00
Livio Amstutz
737e01bfd2
fix: fix and improve primary keys on projections (#3708)
* fix: org_domain projection

* fix: projection reset

* fix test

* improve foreign keys on suffixed tables
2022-05-25 14:15:13 +02:00
Florian Forster
0ba165363e
chore: rename docs links (#3668) 2022-05-20 14:32:06 +00:00
Livio Amstutz
c71ccc8a80
fix: improve context handling in projections (#3638)
* fix: improve context handling in projections

* fix tests

* use as of system time for current sequence

* use as of system time for current sequence

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-05-19 08:25:19 +00:00
Livio Amstutz
3a63fb765a
fix: cleanup some todos (#3642)
* cleanup todo

* fix: some todos
2022-05-16 16:35:49 +02:00
Fabi
5c0f527a49
feat: restrict smtp sender address (#3637)
* fix: check if sender address is custom domain

* fix: check if sender address is custom domain

* fix: check if sender address is custom domain

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-16 14:08:47 +00:00
Livio Amstutz
411d7c6c5c
feat: add default redirect uri and handling of unknown usernames (#3616)
* feat: add possibility to ignore username errors on first login screen

* console changes

* fix: handling of unknown usernames (#3445)

* fix: handling of unknown usernames

* fix: handle HideLoginNameSuffix on unknown users

* feat: add default redirect uri on login policy (#3607)

* feat: add default redirect uri on login policy

* fix tests

* feat: Console login policy default redirect (#3613)

* console default redirect

* placeholder

* validate default redirect uri

* allow empty default redirect uri

Co-authored-by: Max Peintner <max@caos.ch>

* remove wonrgly cherry picked migration

Co-authored-by: Max Peintner <max@caos.ch>
2022-05-16 13:39:09 +00:00
Livio Amstutz
024eedc1b5
feat: enable default smtp config on setup (#3622)
* feat: enable default smtp config on setup

* fix tests

* fix channel order

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2022-05-13 12:13:07 +00:00
Livio Amstutz
f70990709b
fix: allow single parameter in org unique request (#3620) 2022-05-13 11:25:45 +02:00
Livio Amstutz
94e420bb24
fix: env.json caching, readiness and unique lockerIDs (#3596)
* fix: readiness check

* disable cache for env.json

* always generate unique lockerID

* fix tests
2022-05-04 17:09:49 +02:00
Livio Amstutz
79db247801
feat: set default language on instance (#3594) 2022-05-03 15:58:38 +02:00
Livio Amstutz
861cf07700
feat: permit all features to every instance and organisation (#3566) 2022-05-02 11:18:17 +02:00
Fabi
70e98460ab
fix: refactor system api (#3500)
* fix: refactor system api

* fix: search domains on get instance

* fix: search domains on get instance

* fix: return instance detail

* fix: implement user sorting column (#3469)

* fix: implement user sorting column

* fix: implement user sorting column

* fix: string column

* isOrderByLower

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: user converter import

* Update instance.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-27 15:18:34 +00:00
Florian Forster
fa9f581d56
chore(v2): move to new org (#3499)
* chore: move to new org

* logging

* fix: org rename caos -> zitadel

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
Livio Amstutz
2c4799c223
feat: complete dynamic domain handling (#3482)
* feat: dynamic issuer

* feat: default language from context

* remove zitadel docs from defaults

* remove ConsoleOverwriteDir

* remove notification endpoints from defaults

* custom domains in emails

* remove (external) domain

* external domain completely removed, console handling fixed

* fix test

* fix defaults.yaml
2022-04-25 11:16:36 +02:00
Livio Amstutz
75ec73ca4a
feat: dynamic issuer (#3481)
* feat: dynamic issuer

* dynamic domain handling

* key rotation durations

* feat: dynamic issuer

* make webauthn displayname dynamic
2022-04-25 10:01:17 +02:00
Fabi
3d5891eb11
feat: System api (#3461)
* feat: start system api

* feat: remove auth

* feat: change gitignore

* feat: run system api

* feat: remove clear view form admin api

* feat: search instances

* feat: add instance

* fix: set primary domain

* Update .gitignore

* fix: add instance

* fix: add instance

* fix: handle errors

* fix: handle instance name

* fix: test

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-21 12:37:39 +02:00
Livio Amstutz
1305c14e49
feat: handle instanceID in projections (#3442)
* feat: handle instanceID in projections

* rename functions

* fix key lock

* fix import
2022-04-19 08:26:12 +02:00
Fabi
c25d853820
feat: Instance domains (#3444)
* feat: add domain list

* feat: domain tests

* feat: add redirect url on adding instance domain

* Update internal/command/instance_domain.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* feat: remove unused code

* fix

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-14 12:19:18 +00:00
Fabi
820a21dce3
feat: validate org domains (#3387)
* feat: validate org domain command side

* feat: validate org domain query side

* fix: create domain policy

* feat: add reading domain policy on addorg domain
2022-04-13 11:24:03 +02:00
Silvan
cea2567e22
fix: v2 human command (#3435)
* add/register human command done

* validations

* crypto

* move clientid

* keys

* fix: clientID

* remove v2 package

* tests

* tests running

* revert old code

* instance domain from ctx

* chore: rename zitadel app ids

* comments

* fix: test
2022-04-12 16:20:17 +02:00
Livio Amstutz
4a0d61d75a
feat: store assets in database (#3290)
* feat: use database as asset storage

* being only uploading assets if allowed

* tests

* fixes

* cleanup after merge

* renaming

* various fixes

* fix: change to repository event types and removed unused code

* feat: set default features

* error handling

* error handling and naming

* fix tests

* fix tests

* fix merge

* rename
2022-04-06 06:13:40 +00:00
Fabi
c740ee5d81
feat: Instance commands (#3385)
* fix: add events for domain

* fix: add/remove domain command side

* fix: add/remove domain command side

* fix: add/remove domain query side

* fix: create instance

* fix: merge v2

* fix: instance domain

* fix: instance domain

* fix: instance domain

* fix: instance domain

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from writemodels

* fix: remove domain.IAMID from api

* fix: remove domain.IAMID

* fix: remove domain.IAMID

* fix: add instance domain queries

* fix: fix after merge

* Update auth_request.go

* fix keypair

* remove unused code

* feat: read instance id from context

* feat: remove unused code

* feat: use instance id from context

* some fixes

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-05 05:58:09 +00:00
Livio Amstutz
87560157c1
fix: change to repository event types and removed unused code (#3386)
* fix: change to repository event types and removed unused code

* some fixes

* remove unused code
2022-03-31 11:36:26 +02:00
Livio Amstutz
958362e6c9
feat: handle instance from context (#3382)
* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* fix tokens view

* fix steps.yaml and defaults.yaml

* fix projections

* change instance context to interface

* instance interceptors and additional events in setup

* cleanup

* tests for interceptors

* fix label policy

* add todo

* single api endpoint in environment.json

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-29 11:53:19 +02:00
Silvan
c5b99274d7
feat(cli): setup (#3267)
* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* imports

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-28 10:05:09 +02:00
Fabi
9d4f296c62
fix: rename iam to instance (#3345)
* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename orgiampolicy to domain policy

* fix: merge conflicts

* fix: protos

* fix: md files

* implement deprecated org iam policy again

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-24 16:21:34 +00:00
Livio Amstutz
504fe5b761
cherry pick changes from main (#3371)
* feat: remove exif data from uploaded images (#3221)

* feat: remove exif tags from images

* feat: remove exif data

* feat: remove exif

* fix: add preferredLoginName to user grant response (#3271)

* chore: log webauthn parse error (#3272)

* log error

* log error

* feat: Help link in privacy policy

* fix: convert correct detail data on organization (#3279)

* fix: handle empty editor users

* fix: add some missing translations (#3291)

* fix: org policy translations

* fix: metadata event types translation

* fix: translations

* fix: filter resource owner correctly on project grant members (#3281)

* fix: filter resource owner correctly on project grant members

* fix: filter resource owner correctly on project grant members

* fix: add orgIDs to zitadel permissions request

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

* fix: get IAM memberships correctly in MyZitadelPermissions (#3309)

* fix: correct login names on auth and notification users (#3349)

* fix: correct login names on auth and notification users

* fix: migration

* fix: handle resource owner in action flows (#3361)

* fix merge

* fix: exchange exif library (#3366)

* fix: exchange exif library

* ignore tiffs

* requested fixes

* feat: Help link in privacy policy

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-24 14:00:24 +01:00
Livio Amstutz
56b916a2b0
feat: projections auto create their tables (#3324)
* begin init checks for projections

* first projection checks

* debug notification providers with query fixes

* more projections and first index

* more projections

* more projections

* finish projections

* fix tests (remove db name)

* create tables in setup

* fix logging / error handling

* add tenant to views

* rename tenant to instance_id

* add instance_id to all projections

* add instance_id to all queries

* correct instance_id on projections

* add instance_id to failed_events

* use separate context for instance

* implement features projection

* implement features projection

* remove unique constraint from setup when migration failed

* add error to failed setup event

* add instance_id to primary keys

* fix IAM projection

* remove old migrations folder

* fix keysFromYAML test
2022-03-23 09:02:39 +01:00
Livio Amstutz
5463244376
feat: encryption keys in database (#3265)
* enable overwrite of adminUser fields in defaults.yaml

* create schema and table

* cli: create keys

* cli: create keys

* read encryptionkey from db

* merge v2

* file names

* cleanup defaults.yaml

* remove custom errors

* load encryptionKeys on start

* cleanup

* fix merge

* update system defaults

* fix error message
2022-03-14 07:55:09 +01:00
Fabi
7899a0b851
feat: Notification providers config (#3212)
* feat: add login check lifetimes to login policy

* feat: org features test

* feat: debug notificatiaon events

* feat: debug notification file/log commands

* feat: add requests to proto

* feat: add api for debug notification providers file/log

* feat: add projection for debug notifiication providers

* feat: requests

* feat: merge v2

* feat: add settings proto to generate

* feat: notifiaction providers

* fix: remove unused code

* Update iam_converter.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-07 14:22:37 +01:00
Fabi
7d6c933485
feat: OIDC setting (#3245)
* feat: add oidc config struct

* feat: oidc config command side

* feat: oidc configuration query side

* feat: add translations

* feat: add tests

* feat: add translations

* feat: rename oidc config to oidc settings

* feat: rename oidc config to oidc settings
2022-02-25 16:05:06 +01:00
Fabi
f05d4063bf
feat: Login verification lifetimes (#3190)
* feat: add login check lifetimes to login policy

* feat: org features test

* feat: read lifetimes from loginpolicy
2022-02-21 16:05:02 +01:00
Fabi
7d235e3eed
feat: Default configs sms provider (#3187)
* feat: sms config

* feat: twilio as sms provider

* feat:sms projection

* feat: sms queries

* feat: sms queries test

* feat: sms configs

* feat: sms configs sql file

* fix merge

* fix: rename from to sendername

* fix: proto comments

* fix: token as crypto

* fix: tests

* fix: sms config sender name to sender number

* fix: sms config sender name to sender number

* Update email.go

* Update channel.go

* Update V1.111__settings.sql

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-21 12:22:20 +00:00
Fabi
e3528ff0b2
feat: Config to eventstore (#3158)
* feat: add default language to eventstore

* feat: add secret generator configs events

* feat: tests

* feat: secret generators in eventstore

* feat: secret generators in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* fix: migrations

* fix migration version

* fix test

* feat: change secret generator type to enum

* feat: change smtp attribute names

* feat: change smtp attribute names

* feat: remove engryption algorithms from command side

* feat: remove engryption algorithms from command side

* feat: smtp config

* feat: smtp config

* format smtp from header

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-16 15:49:17 +00:00
Livio Amstutz
389eb4a27a
feat: run on a single port (#3163)
* start v2

* start

* run

* some cleanup

* remove v2 pkg again

* simplify

* webauthn

* remove unused config

* fix login path in Dockerfile

* fix asset_generator.go

* health handler

* fix grpc web

* refactor

* merge

* build new main.go

* run new main.go

* update logging pkg

* fix error msg

* update logging

* cleanup

* cleanup

* go mod tidy

* change localDevMode

* fix customEndpoints

* update logging

* comments

* change local flag to external configs

* fix location generated go code

* fix

Co-authored-by: fforootd <florian@caos.ch>
2022-02-14 17:22:30 +01:00
Livio Amstutz
699fdaf68e
feat: add personal access tokens for service users (#2974)
* feat: add machine tokens

* fix test

* rename to pat

* fix merge and tests

* fix scopes

* fix migration version

* fix test

* Update internal/repository/user/personal_access_token.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2022-02-08 09:37:28 +01:00
Livio Amstutz
1367a2e139
feat: limit amount of active actions (#3143)
* max actions

* fix: max allowed actions

* fix: max allowed actions

* fix tests
2022-02-02 09:04:05 +01:00
Livio Amstutz
585ebf9a81
fix: user search with login_name (e.g. password reset) (#3149) 2022-02-02 08:21:54 +01:00
Livio Amstutz
bf6cb59b87
fix: list IDPs on Org (#3141)
* fix: idp query

* fix: remove failed events
2022-02-01 08:32:59 +01:00
Livio Amstutz
990be687c0
fix: handle first key rotation on newly created instance (#3118) 2022-01-28 08:24:34 +00:00
Livio Amstutz
e99b7f4972
fix: move activity log to queries and remove old code (#3096)
* move changes to queries and remove old code

* fix changes query

* remove unused code

* fix sorting

* fix sorting

* refactor and remove old code

* remove accidental go.mod replace

* add missing file

* remove listDetail from ChangesResponse
2022-01-26 10:16:33 +01:00
Livio Amstutz
542651707a
fix: state on user projection (#3109)
* fix: state on user projection

* fix: state on user projection

* don't change user state on HumanEmailVerifiedEvent
2022-01-25 11:35:38 +01:00
Fabi
01501c5087
feat: iam query (#3085)
* fix: only show factors with state ready

* fix: get iam by id and clean up code

* fix: get iam by id and clean up code

* fix: remove unused code
2022-01-21 14:01:25 +01:00
Livio Amstutz
5af7d8315d
fix: metadata query (#3084) 2022-01-21 10:30:43 +00:00
Fabi
2592383a7c
fix: only show factors with state ready (#3081) 2022-01-21 08:27:57 +00:00
Fabi
b363ddd707
feat: Iam projection (#3074)
* feat: implement projection for iam and clean up code

* feat: add migration

* fix: remove unused tests

* fix: handler
2022-01-21 08:52:12 +01:00
Livio Amstutz
44d78df4d4
feat: user query (#3075)
* user queries

* user query

* user query

* user tests

* remove old code

* user metadata

* cleanup

* fix merge

* cleanup

* cleanup

* fixes
2022-01-20 14:40:25 +00:00
Fabi
087ef8d31c
fix: return isDefault on login texts (#3076)
* fix: add is disabled to login texts

* fix: fix aggregate id
2022-01-20 13:18:49 +00:00
Fabi
5c6df06a7c
feat: auth method query side (#3068)
* feat: queries for searching mfas and passwordless

* feat: tests for user auth method queries

* Update internal/api/grpc/auth/multi_factor.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/grpc/auth/passwordless.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/grpc/management/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/grpc/management/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-01-20 13:21:59 +01:00
Livio Amstutz
24aef8d16e
fix: cascading changes for usergrants when managing projects / projectgrants (#3035) 2022-01-20 08:33:51 +01:00
Fabi
eaaf76a6eb
fix: default message text query (#3064) 2022-01-19 15:13:04 +01:00
Fabi
3902f9adb5
feat: auth method projection (#3020)
* feat: auth method projection

* feat: auth method projection

* feat: add tests
2022-01-19 14:49:50 +01:00
Livio Amstutz
c2e6fd8f40
fix(query): add user metadata projection (#3021)
* fix: add metadata projection

* cleanup
2022-01-18 14:15:00 +01:00
Silvan
c542cab4f8
feat(queries): user grants (#2838)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* feat: org member queries

* fix(api): use query for iam member calls

* fix(queries): org members

* fix(queries): project members

* fix(queries): project grant members

* fix(query): member queries and user avatar column

* member cols

* fix(queries): membership stmt

* fix user test

* fix user test

* fix(projections): add user grant projection

* fix(user_grant): handle state changes

* add state to migration

* fix(management): use query for user grant requests

* merge eventstore-naming into user-grant-projection

* feat(queries): user grants

* fix(migrations): version

* fix(api): user query for user grants

* fix(query): event mappers for usergrant aggregate

* fix(projection): correct aggregate for user grants

* fix(queries): user grant roles as list contains

* cleanup reducers

* fix avater_key to avatar_key

* tests

* cleanup

* cleanup

* add resourceowner query

* fix: user grant project name search query

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-01-14 09:45:50 +00:00
Silvan
a63a995269
fix(projections): add user grant projection (#2837)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* feat: org member queries

* fix(api): use query for iam member calls

* fix(queries): org members

* fix(queries): project members

* fix(queries): project grant members

* fix(query): member queries and user avatar column

* member cols

* fix(queries): membership stmt

* fix user test

* fix user test

* fix(projections): add user grant projection

* fix(user_grant): handle state changes

* add state to migration

* merge eventstore-naming into user-grant-projection

* fix(migrations): version

* fix(query): event mappers for usergrant aggregate

* fix(projection): correct aggregate for user grants

* cleanup reducers

* add tests for projection

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-01-13 11:02:39 +01:00
Silvan
b8bec25129
fix: use query side for requests (#2818)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* feat: org member queries

* fix(api): use query for iam member calls

* fix(queries): org members

* fix(queries): project members

* fix(queries): project grant members

* refactor: remove unsued methods in repo-interfaces

* start

* fix(query): membership

* fix(auth): list my project orgs

* fix(query): member queries and user avatar column

* refactor(auth): MyProjectOrgs

* fix(queries): member and membership stmts

* fix user test

* fix(management): use query for project (-grant) members

* fix(admin): use query for member calls

* fix(api): add domain to org mapping

* remove old idp

* membership

* refactor: remove old files

* idp

* refactor: use query for idps and idp user links

* refactor(eventstore): rename EventPusher to Command, EventReader to Event, PushEvents to Push and FilterEvents to Filter

* gloabl org check for org roles

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-01-13 08:58:14 +01:00
Livio Amstutz
9ab566fdeb
fix(query): keys (#2755)
* fix: add keys to projections

* change to multiple tables

* query keys

* query keys

* fix race condition

* fix timer reset

* begin tests

* tests

* remove migration

* only send to keyChannel if not nil
2022-01-12 13:22:04 +01:00
Fabi
41ec3321b0
fix: username mapping of idp (#2977)
* docs: add primary domain scope section to identity brokering guide

* fix: register overview

* Update external_register_overview.html

* fix mapping

* fix html

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-01-11 16:59:12 +00:00
Livio Amstutz
19b095e6c2
fix: check resourceowner not empty string (#2922)
* fix: check resourceowner not empty string

* fix test

* fix tests

* fix tests of command pkg

* enable RoleSelfManagementGlobal as org member role

* fix tests of query pkg

* Update eventstore_test.go

* update docusaurus
2022-01-06 08:29:58 +01:00
Silvan
5640a0ef33
refactor: remove unused code (#2798)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* feat: org member queries

* fix(api): use query for iam member calls

* fix(queries): org members

* fix(queries): project members

* fix(queries): project grant members

* refactor: remove unsued methods in repo-interfaces

* refactor(eventstore): rename EventPusher to Command, EventReader to Event, PushEvents to Push and FilterEvents to Filter
2022-01-03 11:50:38 +01:00
Silvan
09be70949f
refactor(eventstore): rename EventPusher to Command, EventReader to Event, PushEvents to Push and FilterEvents to Filter (#2907) 2022-01-03 09:19:07 +01:00
Fabi
cf727b7fff
fix: Custom texts (#2875)
* feat: delete org

* fix: return is default on custom message text

* fix(projeciton): print stack trace on recover panic

* chore: print panic line

* fix: custom message text retunr nil, nil

* fix: custom message text template

* fix: remove isDefault from selection (#2876)

* fix: custom message text query

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2021-12-21 15:18:05 +01:00
Livio Amstutz
28d7acdf99
fix: template removed events on projections (#2863) 2021-12-17 08:31:39 +00:00
Fabi
c5d6325897
feat: text query (#2735)
* feat: change mail template to new query side

* feat: adminapi message text

* feat: adminapi message text

* feat: adminapi message text

* feat: message texts

* feat: admin texts

* feat: tests

* feat: tests

* feat: custom login text on adminapi

* feat: custom login text

* feat: custom login text

* feat: message text prepare test

* feat: login text texts

* feat: custom login text

* merge main

* fix go.sum

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-12-16 15:21:37 +01:00
Fabi
a43e1fc34a
feat: reset projections and remove failed events (#2770)
* feat: change failed events to new projection

* feat: change failed events to new projection

* feat: change current sequences to new projection

* feat: add tests

* Update internal/api/grpc/admin/failed_event.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/grpc/admin/view.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: truncate

* fix reset

* fix reset

* Rename V1.102__queries.sql to V1.103__queries.sql

* improve current_sequence and truncate view tables

* check sub tables of view are tables

* Update internal/query/current_sequence_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fixes and use squirrel

* missing error handling

* lock before reset

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2021-12-16 14:44:26 +01:00
Silvan
d2ea9a1b8c
feat: member queries (#2796)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* feat: org member queries

* fix(api): use query for iam member calls

* fix(queries): org members

* fix(queries): project members

* fix(queries): project grant members

* fix(query): member queries and user avatar column

* member cols

* fix(queries): membership stmt

* fix user test

* fix user test

* fix(membership): correct display name

* fix(projection): additional member manipulation events

* additional member tests

* fix(projections): additional events of idp links

* fix: use query for memberships (#2797)

* fix(api): use query for memberships

* remove comment

* handle err

* refactor(projections): idp user link user aggregate type

* fix(projections): handle old user events

* fix(api): add asset prefix

* no image for iam members
2021-12-16 13:25:38 +00:00
Livio Amstutz
ae840f364c
fix(queries): authn keys (#2820)
* begin authn keys

* single table for state change

* add key type

* begin authn keys query

* query

* tests

* fix merge

* remove wrong migration version

* improve filter

* Update projection.go

* cleanup
2021-12-14 10:57:20 +01:00
Silvan
2265fffd8e
feat(queries): user membership (#2768)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* fix(query): member queries and user avatar column

* member cols

* fix(queries): membership stmt

* fix user test

* fix user test
2021-12-14 08:19:02 +01:00
Livio Amstutz
2f7d8ca557
fix: client secret verification (for introspection) (#2825)
* fix: client secret verification (for introspection)

* revert change for ProjectIDAndOriginsByClientID
2021-12-10 09:25:17 +00:00
Livio Amstutz
65a6fb638b
fix: add authnkeys projection (#2801)
* begin authn keys

* single table for state change

* add key type

* rename migration

* format imports

* fix test
2021-12-08 16:16:48 +01:00
Silvan
c9face4ea4
feat(queries): login policy idp links (#2767)
* fix(idp): set type in projection

* correct table

* user idp links

* refactor: user idp link query

* add not null constraint

* refactor: idp user links

* rename file

* fix(idp): correct resource owner

* refactor: rename test

* fix(query): implement idp login policy links

* unify naming of idp links

* test prepare

* fix(api): convert idp type

* rename migration
2021-12-08 14:49:19 +01:00
Silvan
303d4945a7
feat(queries): user IDP links (#2751) 2021-12-07 08:33:52 +01:00
Livio Amstutz
2ad03285f1
fix: user projection (#2795)
* fix: first- and lastname changes on user

* add reset migration
2021-12-06 17:22:59 +01:00
Livio Amstutz
f0a77e80bf
fix: add keys to projections (#2728)
* fix: add keys to projections

* change to multiple tables

* merge

* change migration version

* merge

* Update migrations/cockroach/V1.98__keys.sql

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update migrations/cockroach/V1.98__keys.sql

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* check keys

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2021-12-06 16:57:35 +01:00
Livio Amstutz
a8eed4a215
fix: audience and empty app name (#2775) 2021-12-03 14:24:29 +01:00
Silvan
45695d3198
fix(projection): handle old event in feature (#2773) 2021-12-02 19:16:20 +01:00
Silvan
983382fcec
fix: member projections (#2771)
* fix(projections): start member projections

* fix(projection): member roles as string array

* fix member tests
2021-12-02 15:08:33 +01:00