TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
25ef3da9d5
zitadel/internal/api/authz/instance.go
Tim Möhlmann 062d153cfe
feat: impersonation roles (#7442) 
* partial work done

* test IAM membership roles

* org membership tests

* console :(, translations and docs

* fix integration test

* fix tests

* add EnableImpersonation to security policy API

* fix integration test timestamp checking

* add security policy tests and fix projections

* add impersonation setting in console

* add security settings to the settings v2 API

* fix typo

* move impersonation to instance

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-02-28 10:21:11 +00:00

149 lines
2.9 KiB
Go
Raw Blame History

package authz
import (
"context"
"time"
"golang.org/x/text/language"
"github.com/zitadel/zitadel/internal/feature"
)
var (
emptyInstance = &instance{}
)
type Instance interface {
InstanceID() string
ProjectID() string
ConsoleClientID() string
ConsoleApplicationID() string
RequestedDomain() string
RequestedHost() string
DefaultLanguage() language.Tag
DefaultOrganisationID() string
SecurityPolicyAllowedOrigins() []string
EnableImpersonation() bool
Block() *bool
AuditLogRetention() *time.Duration
Features() feature.Features
}
type InstanceVerifier interface {
InstanceByHost(ctx context.Context, host string) (Instance, error)
InstanceByID(ctx context.Context) (Instance, error)
}
type instance struct {
id string
domain string
projectID string
appID string
clientID string
orgID string
features feature.Features
}
func (i *instance) Block() *bool {
return nil
}
func (i *instance) AuditLogRetention() *time.Duration {
return nil
}
func (i *instance) InstanceID() string {
return i.id
}
func (i *instance) ProjectID() string {
return i.projectID
}
func (i *instance) ConsoleClientID() string {
return i.clientID
}
func (i *instance) ConsoleApplicationID() string {
return i.appID
}
func (i *instance) RequestedDomain() string {
return i.domain
}
func (i *instance) RequestedHost() string {
return i.domain
}
func (i *instance) DefaultLanguage() language.Tag {
return language.Und
}
func (i *instance) DefaultOrganisationID() string {
return i.orgID
}
func (i *instance) SecurityPolicyAllowedOrigins() []string {
return nil
}
func (i *instance) EnableImpersonation() bool {
return false
}
func (i *instance) Features() feature.Features {
return i.features
}
func GetInstance(ctx context.Context) Instance {
instance, ok := ctx.Value(instanceKey).(Instance)
if !ok {
return emptyInstance
}
return instance
}
func GetFeatures(ctx context.Context) feature.Features {
return GetInstance(ctx).Features()
}
func WithInstance(ctx context.Context, instance Instance) context.Context {
return context.WithValue(ctx, instanceKey, instance)
}
func WithInstanceID(ctx context.Context, id string) context.Context {
return context.WithValue(ctx, instanceKey, &instance{id: id})
}
func WithRequestedDomain(ctx context.Context, domain string) context.Context {
i, ok := ctx.Value(instanceKey).(*instance)
if !ok {
i = new(instance)
}
i.domain = domain
return context.WithValue(ctx, instanceKey, i)
}
func WithConsole(ctx context.Context, projectID, appID string) context.Context {
i, ok := ctx.Value(instanceKey).(*instance)
if !ok {
i = new(instance)
}
i.projectID = projectID
i.appID = appID
//i.clientID = clientID
return context.WithValue(ctx, instanceKey, i)
}
func WithFeatures(ctx context.Context, f feature.Features) context.Context {
i, ok := ctx.Value(instanceKey).(*instance)
if !ok {
i = new(instance)
}
i.features = f
return context.WithValue(ctx, instanceKey, i)
}
Reference in New Issue View Git Blame Copy Permalink