261 Commits

Author SHA1 Message Date
Silvan
463294669e
fix: Key details as string (#719)
* fix: correct env var for tracing type

* fix: local env tracing

* fix: key in detail as string
2020-09-09 16:19:17 +02:00
Livio Amstutz
619d194044
fix: get iam permissions (#713) 2020-09-08 19:05:12 +02:00
Fabi
afaf798940
fix: tos link (#712) 2020-09-08 17:13:01 +02:00
Fabi
4bc1eff373
feat: add terms on register and register org (#699)
* feat: add terms on register and register org

* feat: add terms on register and register org

* update form_submit.js to handle checkboxes correctly

* feat: free tier on org reg

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-09-07 14:52:49 +02:00
Livio Amstutz
cca92874ab
fix: permissions (#698)
* get my zitadel permissions from memberships (not grants)

* change SearchMyProjectOrgs to user user_membership
2020-09-04 15:20:39 +02:00
Livio Amstutz
c553c70887
fix: user state (#693) 2020-09-04 09:55:26 +02:00
Fabi
c92042ba47
fix: checkperms (#689)
* fix: read user grants as grant owner

* fix: read user grants as grant owner
2020-09-02 16:25:32 +02:00
Fabi
4b183633ab
fix: check permissions for user grant (#687) 2020-09-02 11:06:08 +02:00
Livio Amstutz
370cd19a83
fix: improve permission checks (#682)
* separate roles for global org

* remove old user grant permissions

* allow context permissions

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2020-09-01 16:38:34 +02:00
Livio Amstutz
c55b9ff40c
fix: login prefix for handler (#674) 2020-08-31 19:35:34 +02:00
Silvan
5abd5b0505
feat: split users into human and machine (#470)
* feat(management): service accounts

* chore: current go version

* init

* refactor: apis

* feat(internal): start impl of service account

* chore: start impl of machine/human users

* code compiles

* fix: tests

* fix: tests

* fix: add new event types to switches

* chore: add cases to event types

* fix(management): definitive proto messages

* fix: machine/human

* fix: add missing tables as todos

* fix: remove unused permissions

* fix: refactoring

* fix: refactor

* fix: human registered

* fix: user id

* fix: logid

* fix: proto remove //equal

* chore(management): remove no comment

* fix: human mfas

* fix: user subobjects

* chore: rename existing to better name

* fix: username in user (#634)

* fix: username in user

* fix: username

* fix remove unused code

* fix add validations

* fix: use new user in all apis

* fix: regexp for username in api

* fix: fill user data for human and machine (#638)

* fix: fill Display name grant/member handlers
fix: add description to grant/member objects in api
fix: check if user is human in login

* fix: remove description from member and grant

* chore: remove todos

* feat: machine keys

* fix: implement missing parts

* feat: machine key management view

* fix: remove keys from machine view

* fix: set default expiration date

* fix: get key by ids

* feat: add machine keys in proto

* feat: machine keys

* fix: add migration

* fix: mig

* fix: correct method name

* feat: user search

* feat: user search

* fix: log ids

* fix partial authconfig prompt, domain c perm

* membership read check

* contributor refresh trigger, observe org write

* fix: migrations

* fix(console): machine build (#660)

* frontend 1

* fix html bindings

* trailing comma

* user permissions, project deactivate

* fix(console): human view (#661)

* fix search user view, user detail form

* rm log

* feat(console): user services list and create (#663)

* fix search user view, user detail form

* rm log

* machine list

* generic table component

* create user service

* proove table for undefined values

* tmp disable user link if machine

* lint

* lint styles

* user table lint

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)

* service users for sidenav, routing

* i18n

* back routes

* machine detail form

* update machine detail, fix svc user grants

* keys table

* add key dialog, timestamp creation

* check permission on create, delete, fix selection

* lint ts, scss

* Update console/src/assets/i18n/de.json

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

* allow user grants for project.write

* management service

* fix mgmt service

* feat: Machine keys (#655)

* fix: memberships (#633)

* feat: add iam members to memberships

* fix: search project grants

* fix: rename

* feat: idp and login policy configurations (#619)

* feat: oidc config

* fix: oidc configurations

* feat: oidc idp config

* feat: add oidc config test

* fix: tests

* fix: tests

* feat: translate new events

* feat: idp eventstore

* feat: idp eventstore

* fix: tests

* feat: command side idp

* feat: query side idp

* feat: idp config on org

* fix: tests

* feat: authz idp on org

* feat: org idps

* feat: login policy

* feat: login policy

* feat: login policy

* feat: add idp func on login policy

* feat: add validation to loginpolicy and idp provider

* feat: add default login policy

* feat: login policy on org

* feat: login policy on org

* fix: id config handlers

* fix: id config handlers

* fix: create idp on org

* fix: create idp on org

* fix: not existing idp config

* fix: default login policy

* fix: add login policy on org

* fix: idp provider search on org

* fix: test

* fix: remove idp on org

* fix: test

* fix: test

* fix: remove admin idp

* fix: logo src as byte

* fix: migration

* fix: tests

* Update internal/iam/repository/eventsourcing/iam.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/org/repository/eventsourcing/org_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: pr comments

* fix: tests

* Update types.go

* fix: merge request changes

* fix: reduce optimization

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: reread user mfas, preferred loginname as otp account name (#636)

* fix: reread user mfas

* fix: use preferred login name as otp account name

* fix: tests

* fix: reduce (#635)

* fix: management reduce optimization

* fix: reduce optimization

* fix: reduce optimization

* fix: merge master

* chore(deps): bump github.com/gorilla/schema from 1.1.0 to 1.2.0 (#627)

Bumps [github.com/gorilla/schema](https://github.com/gorilla/schema) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/gorilla/schema/releases)
- [Commits](https://github.com/gorilla/schema/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/gorilla/mux from 1.7.4 to 1.8.0 (#624)

Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.4 to 1.8.0.
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0 (#591)

Bumps [github.com/DATA-DOG/go-sqlmock](https://github.com/DATA-DOG/go-sqlmock) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/DATA-DOG/go-sqlmock/releases)
- [Commits](https://github.com/DATA-DOG/go-sqlmock/compare/v1.4.1...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: auto assign issues and PR to ZTIADEL project board (#643)

* Create main.yml

* Update main.yml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix(console): project grant members, update deps (#645)

* fix: searchprojectgrantmembers

* chore(deps-dev): bump @angular/cli from 10.0.6 to 10.0.7 in /console (#622)

Bumps [@angular/cli](https://github.com/angular/angular-cli) from 10.0.6 to 10.0.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v10.0.6...v10.0.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @angular-devkit/build-angular in /console (#626)

Bumps [@angular-devkit/build-angular](https://github.com/angular/angular-cli) from 0.1000.6 to 0.1000.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>

* chore(deps-dev): bump @types/jasmine from 3.5.12 to 3.5.13 in /console (#623)

Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.5.12 to 3.5.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump ts-node from 8.10.2 to 9.0.0 in /console (#629)

Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 8.10.2 to 9.0.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v8.10.2...v9.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* update packlock

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: delete main.yml (#648)

* fix: usergrant (#650)

* fix(console): mfa refresh after verification, member eventemitter (#651)

* refresh mfa

* fix: detail link from contributors

* lint

* feat: add domain verification notification (#649)

* fix: dont (re)generate client secret with auth type none

* fix(cors): allow Origin from request

* feat: add origin allow list and fix some core issues

* rename migration

* fix UserIDsByDomain

* feat: send email to users after domain claim

* username

* check origin on userinfo

* update oidc pkg

* fix: add migration 1.6

* change username

* change username

* remove unique email aggregate

* change username in mgmt

* search global user by login name

* fix test

* change user search in angular

* fix tests

* merge

* userview in angular

* fix merge

* Update pkg/grpc/management/proto/management.proto

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/notification/static/i18n/de.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix: translation (#647)

* fix: translation

* fix: translation

* fix: translation

* fix: remove unused code

* fix: log err

* fix: migration numbers (#652)

* chore: issue / feature templates (#642)

* feat: machine keys

* fix: implement missing parts

* feat: machine key management view

* fix: remove keys from machine view

* feat: global org read (#657)

* fix: set default expiration date

* fix: get key by ids

* feat: add machine keys in proto

* feat: machine keys

* fix: add migration

* fix: mig

* fix: correct method name

* feat: user search

* feat: user search

* fix: log ids

* fix: migrations

* fix(console): machine build (#660)

* frontend 1

* fix html bindings

* trailing comma

* fix(console): human view (#661)

* fix search user view, user detail form

* rm log

* feat(console): user services list and create (#663)

* fix search user view, user detail form

* rm log

* machine list

* generic table component

* create user service

* proove table for undefined values

* tmp disable user link if machine

* lint

* lint styles

* user table lint

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)

* service users for sidenav, routing

* i18n

* back routes

* machine detail form

* update machine detail, fix svc user grants

* keys table

* add key dialog, timestamp creation

* check permission on create, delete, fix selection

* lint ts, scss

* Update console/src/assets/i18n/de.json

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

* refactor: protos

* fix(management): key expiration date

* fix: check if user is human

* fix: marshal key details

* fix: correct generate login names

* fix: logid

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>

* fix: naming

* refactor: findings

* fix: username

* fix: mfa upper case

* fix: tests

* fix: add translations

* reactivatemyorg req typeö

* fix: projectType for console

* fix: user changes

* fix: translate events

* fix: event type translation

* fix: remove unused types

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-31 17:48:01 +02:00
Livio Amstutz
c1c85e632b
fix: cookie handling (#654)
* feat: set cookie prefix and max age

* cookie prefix on csrf cookie

* fix: check user agent cookie in login

* update oidc pkg

* cleanup
2020-08-31 08:49:35 +02:00
Fabi
7295383621
fix: translation (#647)
* fix: translation

* fix: translation

* fix: translation

* fix: remove unused code

* fix: log err
2020-08-28 09:44:43 +02:00
Livio Amstutz
34ec2508d3
feat: add domain verification notification (#649)
* fix: dont (re)generate client secret with auth type none

* fix(cors): allow Origin from request

* feat: add origin allow list and fix some core issues

* rename migration

* fix UserIDsByDomain

* feat: send email to users after domain claim

* username

* check origin on userinfo

* update oidc pkg

* fix: add migration 1.6

* change username

* change username

* remove unique email aggregate

* change username in mgmt

* search global user by login name

* fix test

* change user search in angular

* fix tests

* merge

* userview in angular

* fix merge

* Update pkg/grpc/management/proto/management.proto

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/notification/static/i18n/de.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2020-08-27 17:18:23 +02:00
Fabi
d233fb6610
fix: usergrant (#650) 2020-08-27 14:44:52 +02:00
Fabi
4af38b37a6
fix: reduce (#635)
* fix: management reduce optimization

* fix: reduce optimization

* fix: reduce optimization

* fix: merge master
2020-08-26 13:01:37 +02:00
Fabi
87aa97b9c7
fix: reread user mfas, preferred loginname as otp account name (#636)
* fix: reread user mfas

* fix: use preferred login name as otp account name

* fix: tests
2020-08-26 10:17:43 +02:00
Fabi
db1d8f4efe
feat: idp and login policy configurations (#619)
* feat: oidc config

* fix: oidc configurations

* feat: oidc idp config

* feat: add oidc config test

* fix: tests

* fix: tests

* feat: translate new events

* feat: idp eventstore

* feat: idp eventstore

* fix: tests

* feat: command side idp

* feat: query side idp

* feat: idp config on org

* fix: tests

* feat: authz idp on org

* feat: org idps

* feat: login policy

* feat: login policy

* feat: login policy

* feat: add idp func on login policy

* feat: add validation to loginpolicy and idp provider

* feat: add default login policy

* feat: login policy on org

* feat: login policy on org

* fix: id config handlers

* fix: id config handlers

* fix: create idp on org

* fix: create idp on org

* fix: not existing idp config

* fix: default login policy

* fix: add login policy on org

* fix: idp provider search on org

* fix: test

* fix: remove idp on org

* fix: test

* fix: test

* fix: remove admin idp

* fix: logo src as byte

* fix: migration

* fix: tests

* Update internal/iam/repository/eventsourcing/iam.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/org/repository/eventsourcing/org_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: pr comments

* fix: tests

* Update types.go

* fix: merge request changes

* fix: reduce optimization

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-08-26 09:56:23 +02:00
Fabi
f05c5bae24
fix: memberships (#633)
* feat: add iam members to memberships

* fix: search project grants

* fix: rename
2020-08-25 16:08:51 +02:00
Livio Amstutz
4e1e8a714a
fix: cors (#621)
* fix: dont (re)generate client secret with auth type none

* fix(cors): allow Origin from request

* feat: add origin allow list and fix some core issues

* rename migration

* fix UserIDsByDomain

* check origin on userinfo

* update oidc pkg
2020-08-24 10:06:55 +02:00
Livio Amstutz
578453b024
fix(tests): go version of tests (#618) 2020-08-20 22:09:37 +02:00
Livio Amstutz
edfd9d2038
fix: UserIDsByDomain (#608) 2020-08-20 07:28:49 +02:00
Fabi
be923343b0
fix: compliance problems (#607)
* fix: compliance problems

* fix: at least one redirect uri

* fix: at least one redirect uri

* Update de.yaml

* Update en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-08-19 09:56:05 +02:00
Livio Amstutz
4e74050039
fix: add arg and probes to deployment (#605)
* feat: separate setup from startup

* health

* move setup config

* add env vars to caos_local.sh

* fix domain and set devMode explicit

* fix: add arg and probes to deployment

* fix setup.yaml

* domain validation
2020-08-18 14:22:53 +02:00
Livio Amstutz
8830896199
feat: setup as separate command (#604)
* feat: separate setup from startup

* health

* move setup config

* add env vars to caos_local.sh

* fix domain and set devMode explicit
2020-08-18 10:04:56 +02:00
Livio Amstutz
1a00faf132
fix: claim verified domain from usernames (#603)
* fix: return orgDomain validationType

* added missing translations for orgDomain activity

* claim org domain

* show message if domain token was requested

* fix tests

* fix tests

Co-authored-by: Max Peintner <max@caos.ch>
2020-08-18 08:57:16 +02:00
Livio Amstutz
f61b30420a
fix: session handlers (#586)
* fix: session handler when no sessions exists

* fix: error handling

* error handling

* fix: error handling

* fix: error handling

* fix: error handling

* some errors

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
2020-08-13 09:43:47 +02:00
Fabi
5c4fef296f
fix: app by id, views with computed objects (#583)
* feat: read app by id if my events

* fix: handlers if no sublist

* fix: removed app

* fix: removed project

* fix: removed app

* fix: removed app

* fix: app by id with projectid
2020-08-13 08:28:18 +02:00
Fabi
5699fe80d5
feat: app handling compliance (#527)
* feat: check oidc compliance

* fix: add tests

* fix: add oidc config tests

* fix: add oidc config tests user agent

* fix: test oidc config compliance

* fix: test oidc config compliance

* fix: useragent implicit authmethod none

* fix: merge master

* feat: translate compliance problems

* feat: check native app for custom url

* fix: better compliance handling

* fix: better compliance handling

* feat: add odidc dev mode

* fix: remove deprecated request fro management api

* fix: oidc package version

* fix: migration

* fix: tests

* fix: remove unused functions

* fix: generate proto files

* fix: native implicit and code none compliant

* fix: create project

* Update internal/project/model/oidc_config_test.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: tests

* Update internal/project/model/oidc_config.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/project/model/oidc_config.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: tests

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-08-10 09:34:56 +02:00
Livio Amstutz
64f0b191b5
fix: dont (re)generate client secret with auth type none (#564) 2020-08-07 13:49:57 +02:00
Livio Amstutz
7015b226ef
feat: add domain verification (#560)
* feat: add domain verification

* add checks

* add and fix tests

* fix go.mod

* regenerate proto
2020-08-06 15:03:03 +02:00
Fabi
f80367b49a
feat: register org process (#558)
* feat: register new organisation

* feat: create org request in management

* fix: tests

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/static/i18n/de.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/static/templates/register_org.html

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/register_org_handler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/register_org_handler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: remove autocomplete

* fix: regenerate proto

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-08-06 14:38:19 +02:00
Michael Waeger
41fa434439
fix: Remove project (#538)
* Remove project added

* Gemeriert

* corrections

* corrections

* Delete*sByProjectID added

* Correct typos
2020-08-05 18:32:25 +02:00
Fabi
8d1725a81d
fix: search user memberships pointer (#542) 2020-07-30 16:17:42 +02:00
Fabi
75f1c4c576
feat: user memberships (#537)
* feat: add search user memberships

* feat: add search user memberships

* feat: read user member ship

* feat: add usergrant search key

* feat: uesrmemberships based on permissions

* feat: merge master

* fix: correct permissions

* fix: update display name on change profile

* fix: merge request converations

* fix: err handling

* Update internal/user/model/user_membership_view.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2020-07-30 14:37:55 +02:00
Fabi
461b7b23b1
fix: usergrant update (#533)
* fix: add grantid on update usergrant

* fix: add grantid on update usergrant
2020-07-28 12:29:01 +02:00
Silvan
41e1a7cc7b
fix(spooler): correct workers (#508)
* one concurrent task

* disable spooler

* fix: improve concurrency in spooler

* fix: dont block lock

* fix: break if lock failed

* fix: check if handler is working

* fix: worker id

* fix: test

* fix: use limit for spoolers configured in startup.yaml

* fix test

* fix: factory

* fix(key): only reduce if not expired

* fix(searchQueryFactory): check for string-slice in aggregateID

* fix(migrations): combine migrations

* fix: allow saving multiple objects in one request

* fix(eventstore): logging

* fix(eventstore): rethink insert i locks table

* fix: ignore failed tests for the moment

* fix: tuubel

* fix: for tests in io

* fix: ignore tests for io

* fix: rename concurrent tasks to workers

* fix: incomment tests and remove some tests

* fix: refert changes for io

* refactor(eventstore): combine types of sql in one file

* refactor(eventstore): logs, TODO's, tests

* fix(eventstore): sql package

* test(eventstore): add tests for search query factory

* chore: logs

* fix(spooler): optimize lock query
chore(migrations): rename locks.object_type to view_name
chore(migrations): refactor migrations

* test: incomment tests

* fix: rename PrepareSaves to PrepareBulkSave

* chore: go dependencies

* fix(migrations): add id in events table

* refactor(lock): less magic numbers

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-07-28 09:42:21 +02:00
Fabi
2d8f934a07
fix: add grant id to createusergrant (#525) 2020-07-28 08:43:55 +02:00
Fabi
c105bf483b
feat: apiurls, passwordpolicy, userbyid (#507)
* feat: api doc request

* feat: return zitadel docs

* feat: return zitadel docs

* feat: pw policy min length

* feat: pw policy min length

* fix: semantic

* fix: read missing events on user by id
2020-07-22 16:15:11 +02:00
Fabi
c66d9d3490
feat: show display name on members (#492)
* feat: show display name on members

* fix: generate proto
2020-07-22 14:21:41 +02:00
Fabi
351aac22f8
feat: usergrant (#489)
* fix: search usergrants only for allowed projects

* fix: check permissions

* fix: check permissions

* fix: check permissions

* Update internal/management/repository/eventsourcing/eventstore/project.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: merge request changes

* fix: variable name

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2020-07-22 14:00:29 +02:00
Fabi
f39d3a3cc7
fix: login flow handling (#491)
* fix: login flow handling

* fix: cancel button

* fix: hover in light design

* fix: profile image width

* fix: profile image width

* fix: profile image width
2020-07-22 11:43:32 +02:00
Fabi
520cc161d7
fix: message key in error detail (#503) 2020-07-22 11:29:43 +02:00
Livio Amstutz
933193855a
feat(login): show profile (#485)
* profile data

* fix scripts

* fix image paths

* feat: show profile (with image) when possible

* fix profile image width
2020-07-20 10:00:29 +02:00
Fabi
2a3ecc0c6a
feat: check passwordpolicy on login (#477)
* fix: password complexity policy

* feat: check password policy

* feat: check password policy

* fix: password policy on password change

* fix: remove double policy check

* feat: check pw policy on register

* feat: check pw policy on init

* fix: hover on secondary buttons

* fix: use data set instead of hidden inputs

* fix: disabled button

* fix: en login

* fix: read policy

* feat: check if org exists

* multiple checks

* feat: validate all forms

* fix: check all forms

* fix: remove unused err

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-07-16 14:26:08 +02:00
Fabi
c34f6b1074
fix: check if org id not empty before checking if it exists (#482) 2020-07-16 13:51:37 +02:00
Fabi
5e00f1c9db
feat: check if org exists (#480)
* feat: check if org exists

* feat: check if org exists

* Update internal/authz/repository/eventsourcing/eventstore/token_verifier.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: err handling

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2020-07-16 13:27:36 +02:00
Fabi
423b86a03b
feat: sequence and timestamp on searchrequests (#468)
* feat: reread events

* feat: sequence and timestamo on search requests

* feat: sequence and timestamo on search requests

* fix: better naming

* fix: log errors

* fix: read sequence before search request
2020-07-15 13:24:36 +02:00
Livio Amstutz
87155f8c9e
chore(login): html cleanup (#473) 2020-07-15 13:22:45 +02:00
Livio Amstutz
c051fa8ae1
fix: ignore empty displayname in changes (#472) 2020-07-15 09:01:06 +02:00
Silvan
56ed2940e9
fix: oidc translations (#439)
* fix: oidc translations

* fix: only one domain in org

* fix: translation in english

* Update en.yaml
2020-07-14 16:14:06 +02:00
Fabi
7b652651fc
feat: get default complexity policy (#399)
* feat: get default complexity policy

* fix: regenerate proto files
2020-07-14 07:11:11 +02:00
Silvan
cc7556aaa0
fix(sql): remove ssl=true (#461) 2020-07-13 17:34:45 +02:00
Livio Amstutz
d8eef34a37
fix: send csrf on root path (#444) 2020-07-10 13:09:30 +02:00
Livio Amstutz
0c442cbb3a
fix: eventQuery for project grant members (#445) 2020-07-10 13:08:01 +02:00
Fabi
1b59a52f26
fix: return my org on zitadel permission (#441) 2020-07-09 18:39:10 +02:00
Livio Amstutz
da113ffb95
fix: redirect to register (#437) 2020-07-09 18:01:58 +02:00
Fabi
8f1c31f37d
fix: remove project grant member from view (#436) 2020-07-09 17:56:37 +02:00
Livio Amstutz
bc5f16d5b4
fix: render login (#432) 2020-07-09 17:44:35 +02:00
Fabi
5add7eae6d
fix: rolecascade (#434)
* fix: project role delete

* fix: project role delete
2020-07-09 17:28:14 +02:00
Fabi
cde6231164
fix: project role delete (#431) 2020-07-09 16:47:48 +02:00
Silvan
a1e8385714
fix: refactor object-changes (#430) 2020-07-09 16:32:49 +02:00
Fabi
49a3339425
fix: project role (#428) 2020-07-09 16:02:00 +02:00
Livio Amstutz
6128c0c672
fix: response type mapping (#426)
* fix: return authorizations on userinfo

* fix: response type mapping

* fix tests

* fix angular

* regenerate mgmt proto

* enable login link again
2020-07-09 15:52:20 +02:00
Max Peintner
0b012f2fa2
fix(console): general fixes, project grants for owned and granted context (#425)
* update and delete project grants

* fix: user grant id (#421)

* fix: verboser logging on sql err (#412)

* fix(eventstore): improve insert statement

* fix: verbose logging on error

* fix: simplify insertEvents

* fix: project grant delete (#417)

* fix: add grant id to user grant if needed

* fix: add grant id to user grant if needed

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix user grant context

* lint

* role validators

* fix: usergrantid (#424)

* fix: verboser logging on sql err (#412)

* fix(eventstore): improve insert statement

* fix: verbose logging on error

* fix: simplify insertEvents

* fix: project grant delete (#417)

* fix: add grant id to user grant if needed

* fix: add grant id to user grant if needed

* fix: add bulk remove

* fix: merge

Co-authored-by: Silvan <silvan.reusser@gmail.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2020-07-09 15:14:01 +02:00
Silvan
cf51bbc36d
fix(translation_interceptor): check if response is nil (#423) 2020-07-09 15:02:03 +02:00
Silvan
5658f33918
feat: new tracing type none (#422) 2020-07-09 14:34:20 +02:00
Livio Amstutz
8efa697af2
fix: return authorizations on userinfo (#420) 2020-07-09 14:05:12 +02:00
Fabi
7cf13a646d
fix: project role view, remove project grants (#419) 2020-07-09 13:24:35 +02:00
Fabi
aeae04c90b
fix: project grant delete (#417) 2020-07-09 13:05:02 +02:00
Silvan
e8f3868100
fix: verboser logging on sql err (#412)
* fix(eventstore): improve insert statement

* fix: verbose logging on error

* fix: simplify insertEvents
2020-07-09 11:08:59 +02:00
Max Peintner
0721acf605
fix(console): toast login handler, show user session loginname, policy value incrementation, accessibility (#413)
* get auth policy, fix increment from 0

* seo, accessibility

* ngsw rem check for update

* organize interceptors

* toast i18n part1

* show loginname

* use primary color

* toast login handler, fix user session type

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* Update console/src/assets/i18n/en.json

Co-authored-by: Florian Forster <florian@caos.ch>

* Update console/src/index.html

Co-authored-by: Florian Forster <florian@caos.ch>

* Update console/src/assets/i18n/en.json

Co-authored-by: Florian Forster <florian@caos.ch>

* Update console/src/assets/i18n/en.json

Co-authored-by: Florian Forster <florian@caos.ch>

Co-authored-by: Florian Forster <florian@caos.ch>
2020-07-09 10:54:55 +02:00
Silvan
fa57cc48c1
fix(eventstore): improve insert statement (#408) 2020-07-09 09:35:14 +02:00
Fabi
740bab7f59
feat: permissin denied (#411) 2020-07-09 09:31:29 +02:00
Livio Amstutz
2136efe083
fix: url prefixes (#395) 2020-07-08 14:55:33 +02:00
Silvan
59ac7f051f
fix: empty project by id (#393)
* fix: check if project found in by id

* fix: check length of events
2020-07-08 14:26:35 +02:00
Fabi
4b58097cca
feat: logindesign (#394)
* feat: add design

* fix: nicer light mode

* fix: register secondary button

* fix: register secondary button

* fix: merge
2020-07-08 14:14:24 +02:00
Livio Amstutz
3549a8b64e
feat: port reduction (#323)
* move mgmt pkg

* begin package restructure

* rename auth package to authz

* begin start api

* move auth

* move admin

* fix merge

* configs and interceptors

* interceptor

* revert generate-grpc.sh

* some cleanups

* console

* move console

* fix tests and merging

* js linting

* merge

* merging and configs

* change k8s base to current ports

* fixes

* cleanup

* regenerate proto

* remove unnecessary whitespace

* missing param

* go mod tidy

* fix merging

* move login pkg

* cleanup

* move api pkgs again

* fix pkg naming

* fix generate-static.sh for login

* update workflow

* fixes

* logging

* remove duplicate

* comment for optional gateway interfaces

* regenerate protos

* fix proto imports for grpc web

* protos

* grpc web generate

* grpc web generate

* fix changes

* add translation interceptor

* fix merging

* regenerate mgmt proto
2020-07-08 13:56:37 +02:00
Fabi
a5bfd085a1
fix: Inituser (#386)
* fix: init user only create change pw event if pw set

* fix: init user only create change pw event if pw set

* fix: tests
2020-07-08 09:53:09 +02:00
Silvan
c0f85c2733
feat: localized messages (#328)
* fix: project by id loads project from view and from eventstore

* fix: correct search key for role

* feat(auth): my user changes

* fix: improve error handling in change converters

* fix: log-id

* feat(translations): event type translations

* feat: localized translations

* fix(translations): correct yaml format

* chore: example

* fix: remove unused code

* correct checkSSL in sql

* chore(modules): update

* chore: refactor interceptors

* fix: improvments

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* chore(translations): start with upper case on Code

* chore(middleware): move funcs

* add message to grpc web generation

* translation in mgmt and fixes

* fix authoptions

* fix console statik

Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-07-08 09:48:11 +02:00
Fabi
230e6c9101
feat: loginstyles (#366)
* feat: nice login site

* fit: select other user img

* fix: if in scss
2020-07-08 07:32:48 +02:00
Fabi
1c40d5645e
feat: notification loginname (#381)
* feat: add login names to notify user

* feat: add login names to initial mail

* feat: add login names to initial mail
2020-07-07 19:31:51 +02:00
Silvan
5081ff21b0
fix: return emtpy project if no project in view (#379)
* fix: return emtpy project if no project in view

* fix: new project if nil

* fix: easier to read
2020-07-07 19:28:19 +02:00
Fabi
5988ec4844
fix: merge migrations (#363)
* fix: merge migrations

* fix: rename env variable
2020-07-07 16:53:54 +02:00
Fabi
fb2091edc9
fix: add migration (#361)
* fix: add migration

* fix: add migration

* fix: delete primary domain

* Update en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-07-07 14:23:09 +02:00
Silvan
18669b39c1
fix(iam_member): naming, error handling, column name (#355) 2020-07-07 11:42:39 +02:00
Stefan Benz
9c277e2efb
fix(postgres): no password in connection string when empty (#356) 2020-07-07 11:31:12 +02:00
Livio Amstutz
65b17a83fb
feat(login): default to user selection, take login_hint into account (#350)
* feat(login): default to user selection instead of login, take login_hint into account

* fix: proper error message when user (and other objects) not found (#337)

* fix: proper error message when user not found by loginname

* add more not found and fix some typos

* feat: usergrant (#348)

* fix: add needed permissions

* feat: search project/projectgrant user grants

* fix: no zitadel permissions

* fix: queries length

* feat: add get my password policy (#346)

* feat: add get my password policy

* fix: failed merges

* chore(deps): bump contrib.go.opencensus.io/exporter/stackdriver (#343)

Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver) from 0.13.1 to 0.13.2.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases)
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.1...v0.13.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: remove phone (#349)

* feat: remove phone number

* feat: remove phone number tests

* feat: remove phone number tests

* fix: regenerate protos

* fix(console): distinct user grant searches and creates, project grant member edit, import cleanup (#342)

* project grant member edit

* project grant member dialog, import cleanup

* readd project roles

* user login-methods cleanup

* fix sw config, user grant context

* delete user grants, context for creation, search

* contributor box shadow

* password to detail view

* user detail notification

* lint

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
2020-07-07 08:14:44 +02:00
Fabi
c8cdbe136c
feat: remove phone (#349)
* feat: remove phone number

* feat: remove phone number tests

* feat: remove phone number tests

* fix: regenerate protos
2020-07-06 15:48:24 +02:00
Fabi
645c4597e8
feat: add get my password policy (#346)
* feat: add get my password policy

* fix: failed merges
2020-07-06 15:35:20 +02:00
Fabi
5251fc712c
feat: usergrant (#348)
* fix: add needed permissions

* feat: search project/projectgrant user grants

* fix: no zitadel permissions

* fix: queries length
2020-07-06 15:27:29 +02:00
Livio Amstutz
26634505ba
fix: proper error message when user (and other objects) not found (#337)
* fix: proper error message when user not found by loginname

* add more not found and fix some typos
2020-07-06 13:18:10 +02:00
Silvan
b7298bed1e
fix(sql): ssl check for empty mode (#345) 2020-07-06 10:00:26 +02:00
Livio Amstutz
10d8d68b21
fix: Potentially unsafe external link (#335) 2020-07-03 12:48:09 +02:00
Silvan
6736b2867e
fix: Secure sql connection (#332)
* feat: sql ssl connection

* fix: simpler implementation of ssl-config in sql

* fix(config): set db ssl connection by env vars
2020-07-03 12:44:08 +02:00
Silvan
682d623343
fix(spooler): improve check for failure count (#326)
* fix(spooler): improve check for failure count

* fix(spooler): add tests for HandleError

* fix(spooler): correct test
2020-07-02 08:08:55 +02:00
Silvan
fcdf27c683
fix(usergrant): verify project id is equal (#319)
* fix(usergrant): verify project id is equal

* fix: delete wrong code
2020-07-02 08:04:43 +02:00
Silvan
c5a4eb3555
fix: typo in display name and gorm annotation (#325)
* fix(management): map all fields in user grant view converter

* feat(management): add display name to user grant view

* fix(usergrant): typo in display name
2020-07-01 13:18:30 +02:00
Silvan
f57913fdcc
fix(management): map all fields in user grant view converter (#324)
* fix(management): map all fields in user grant view converter

* feat(management): add display name to user grant view
2020-07-01 12:46:46 +02:00
Silvan
cf7a906023
feat(auth): My user changes (#318)
* fix: project by id loads project from view and from eventstore

* fix: correct search key for role

* feat(auth): my user changes

* fix: improve error handling in change converters

* fix: log-id
2020-07-01 07:18:05 +02:00