mirror of
https://github.com/zitadel/zitadel.git
synced 2025-03-04 04:15:13 +00:00
f3e6f3b23b
* feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
190 lines
7.0 KiB
Go
190 lines
7.0 KiB
Go
package admin
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/grpc/object"
|
|
policy_grpc "github.com/zitadel/zitadel/internal/api/grpc/policy"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/eventstore/v1/models"
|
|
admin_pb "github.com/zitadel/zitadel/pkg/grpc/admin"
|
|
)
|
|
|
|
func (s *Server) GetDomainPolicy(ctx context.Context, _ *admin_pb.GetDomainPolicyRequest) (*admin_pb.GetDomainPolicyResponse, error) {
|
|
policy, err := s.query.DefaultDomainPolicy(ctx)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.GetDomainPolicyResponse{Policy: policy_grpc.DomainPolicyToPb(policy)}, nil
|
|
}
|
|
|
|
func (s *Server) GetCustomDomainPolicy(ctx context.Context, req *admin_pb.GetCustomDomainPolicyRequest) (*admin_pb.GetCustomDomainPolicyResponse, error) {
|
|
policy, err := s.query.DomainPolicyByOrg(ctx, true, req.OrgId, false)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.GetCustomDomainPolicyResponse{Policy: policy_grpc.DomainPolicyToPb(policy)}, nil
|
|
}
|
|
|
|
func (s *Server) AddCustomDomainPolicy(ctx context.Context, req *admin_pb.AddCustomDomainPolicyRequest) (*admin_pb.AddCustomDomainPolicyResponse, error) {
|
|
policy, err := s.command.AddOrgDomainPolicy(ctx, req.OrgId, DomainPolicyToDomain(req.UserLoginMustBeDomain, req.ValidateOrgDomains, req.SmtpSenderAddressMatchesInstanceDomain))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.AddCustomDomainPolicyResponse{
|
|
Details: object.AddToDetailsPb(
|
|
policy.Sequence,
|
|
policy.ChangeDate,
|
|
policy.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) UpdateDomainPolicy(ctx context.Context, req *admin_pb.UpdateDomainPolicyRequest) (*admin_pb.UpdateDomainPolicyResponse, error) {
|
|
config, err := s.command.ChangeDefaultDomainPolicy(ctx, updateDomainPolicyToDomain(req))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.UpdateDomainPolicyResponse{
|
|
Details: object.ChangeToDetailsPb(
|
|
config.Sequence,
|
|
config.ChangeDate,
|
|
config.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) UpdateCustomDomainPolicy(ctx context.Context, req *admin_pb.UpdateCustomDomainPolicyRequest) (*admin_pb.UpdateCustomDomainPolicyResponse, error) {
|
|
config, err := s.command.ChangeOrgDomainPolicy(ctx, req.OrgId, updateCustomDomainPolicyToDomain(req))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.UpdateCustomDomainPolicyResponse{
|
|
Details: object.ChangeToDetailsPb(
|
|
config.Sequence,
|
|
config.ChangeDate,
|
|
config.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) ResetCustomDomainPolicyToDefault(ctx context.Context, req *admin_pb.ResetCustomDomainPolicyToDefaultRequest) (*admin_pb.ResetCustomDomainPolicyToDefaultResponse, error) {
|
|
details, err := s.command.RemoveOrgDomainPolicy(ctx, req.OrgId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.ResetCustomDomainPolicyToDefaultResponse{Details: object.DomainToChangeDetailsPb(details)}, nil
|
|
}
|
|
|
|
func DomainPolicyToDomain(userLoginMustBeDomain, validateOrgDomains, smtpSenderAddressMatchesInstanceDomain bool) *domain.DomainPolicy {
|
|
return &domain.DomainPolicy{
|
|
UserLoginMustBeDomain: userLoginMustBeDomain,
|
|
ValidateOrgDomains: validateOrgDomains,
|
|
SMTPSenderAddressMatchesInstanceDomain: smtpSenderAddressMatchesInstanceDomain,
|
|
}
|
|
}
|
|
|
|
func updateDomainPolicyToDomain(req *admin_pb.UpdateDomainPolicyRequest) *domain.DomainPolicy {
|
|
return &domain.DomainPolicy{
|
|
UserLoginMustBeDomain: req.UserLoginMustBeDomain,
|
|
ValidateOrgDomains: req.ValidateOrgDomains,
|
|
SMTPSenderAddressMatchesInstanceDomain: req.SmtpSenderAddressMatchesInstanceDomain,
|
|
}
|
|
}
|
|
|
|
func updateCustomDomainPolicyToDomain(req *admin_pb.UpdateCustomDomainPolicyRequest) *domain.DomainPolicy {
|
|
return &domain.DomainPolicy{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.OrgId,
|
|
},
|
|
UserLoginMustBeDomain: req.UserLoginMustBeDomain,
|
|
ValidateOrgDomains: req.ValidateOrgDomains,
|
|
SMTPSenderAddressMatchesInstanceDomain: req.SmtpSenderAddressMatchesInstanceDomain,
|
|
}
|
|
}
|
|
|
|
func (s *Server) AddCustomOrgIAMPolicy(ctx context.Context, req *admin_pb.AddCustomOrgIAMPolicyRequest) (*admin_pb.AddCustomOrgIAMPolicyResponse, error) {
|
|
policy, err := s.command.AddOrgDomainPolicy(ctx, req.OrgId, DomainPolicyToDomain(req.UserLoginMustBeDomain, true, true))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.AddCustomOrgIAMPolicyResponse{
|
|
Details: object.AddToDetailsPb(
|
|
policy.Sequence,
|
|
policy.ChangeDate,
|
|
policy.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) UpdateOrgIAMPolicy(ctx context.Context, req *admin_pb.UpdateOrgIAMPolicyRequest) (*admin_pb.UpdateOrgIAMPolicyResponse, error) {
|
|
config, err := s.command.ChangeDefaultDomainPolicy(ctx, updateOrgIAMPolicyToDomain(req))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.UpdateOrgIAMPolicyResponse{
|
|
Details: object.ChangeToDetailsPb(
|
|
config.Sequence,
|
|
config.ChangeDate,
|
|
config.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) UpdateCustomOrgIAMPolicy(ctx context.Context, req *admin_pb.UpdateCustomOrgIAMPolicyRequest) (*admin_pb.UpdateCustomOrgIAMPolicyResponse, error) {
|
|
config, err := s.command.ChangeOrgDomainPolicy(ctx, req.OrgId, updateCustomOrgIAMPolicyToDomain(req))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.UpdateCustomOrgIAMPolicyResponse{
|
|
Details: object.ChangeToDetailsPb(
|
|
config.Sequence,
|
|
config.ChangeDate,
|
|
config.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) GetOrgIAMPolicy(ctx context.Context, _ *admin_pb.GetOrgIAMPolicyRequest) (*admin_pb.GetOrgIAMPolicyResponse, error) {
|
|
policy, err := s.query.DefaultDomainPolicy(ctx)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.GetOrgIAMPolicyResponse{Policy: policy_grpc.DomainPolicyToOrgIAMPb(policy)}, nil
|
|
}
|
|
|
|
func (s *Server) GetCustomOrgIAMPolicy(ctx context.Context, req *admin_pb.GetCustomOrgIAMPolicyRequest) (*admin_pb.GetCustomOrgIAMPolicyResponse, error) {
|
|
policy, err := s.query.DomainPolicyByOrg(ctx, true, req.OrgId, false)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.GetCustomOrgIAMPolicyResponse{Policy: policy_grpc.DomainPolicyToOrgIAMPb(policy)}, nil
|
|
}
|
|
|
|
func (s *Server) ResetCustomOrgIAMPolicyToDefault(ctx context.Context, req *admin_pb.ResetCustomOrgIAMPolicyToDefaultRequest) (*admin_pb.ResetCustomOrgIAMPolicyToDefaultResponse, error) {
|
|
details, err := s.command.RemoveOrgDomainPolicy(ctx, req.OrgId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.ResetCustomOrgIAMPolicyToDefaultResponse{Details: object.DomainToChangeDetailsPb(details)}, nil
|
|
}
|
|
|
|
func updateOrgIAMPolicyToDomain(req *admin_pb.UpdateOrgIAMPolicyRequest) *domain.DomainPolicy {
|
|
return &domain.DomainPolicy{
|
|
UserLoginMustBeDomain: req.UserLoginMustBeDomain,
|
|
ValidateOrgDomains: true,
|
|
SMTPSenderAddressMatchesInstanceDomain: true,
|
|
}
|
|
}
|
|
|
|
func updateCustomOrgIAMPolicyToDomain(req *admin_pb.UpdateCustomOrgIAMPolicyRequest) *domain.DomainPolicy {
|
|
return &domain.DomainPolicy{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.OrgId,
|
|
},
|
|
UserLoginMustBeDomain: req.UserLoginMustBeDomain,
|
|
ValidateOrgDomains: true,
|
|
SMTPSenderAddressMatchesInstanceDomain: true,
|
|
}
|
|
}
|