mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-18 13:57:32 +00:00
6b1f7ba333
* fix: fix setup * fix oidc app change * fix: fix migration and proto * fix: fix granted projects * setup1 apis instead of apps * fix: add object detail with creation date * fix user phone change * add localizer to AddOIDCAppResponse * fix test * fix domain test * fix: converter Co-authored-by: Livio Amstutz <livio.a@gmail.com>
102 lines
3.3 KiB
Go
102 lines
3.3 KiB
Go
package admin
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/caos/zitadel/internal/api/grpc/object"
|
|
policy_grpc "github.com/caos/zitadel/internal/api/grpc/policy"
|
|
"github.com/caos/zitadel/internal/domain"
|
|
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
|
admin_pb "github.com/caos/zitadel/pkg/grpc/admin"
|
|
)
|
|
|
|
func (s *Server) GetOrgIAMPolicy(ctx context.Context, _ *admin_pb.GetOrgIAMPolicyRequest) (*admin_pb.GetOrgIAMPolicyResponse, error) {
|
|
policy, err := s.iam.GetDefaultOrgIAMPolicy(ctx)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.GetOrgIAMPolicyResponse{Policy: policy_grpc.OrgIAMPolicyToPb(policy)}, nil
|
|
}
|
|
|
|
func (s *Server) GetCustomOrgIAMPolicy(ctx context.Context, req *admin_pb.GetCustomOrgIAMPolicyRequest) (*admin_pb.GetCustomOrgIAMPolicyResponse, error) {
|
|
policy, err := s.org.GetOrgIAMPolicyByID(ctx, req.OrgId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.GetCustomOrgIAMPolicyResponse{Policy: policy_grpc.OrgIAMPolicyToPb(policy)}, nil
|
|
}
|
|
|
|
func (s *Server) AddCustomOrgIAMPolicy(ctx context.Context, req *admin_pb.AddCustomOrgIAMPolicyRequest) (*admin_pb.AddCustomOrgIAMPolicyResponse, error) {
|
|
policy, err := s.command.AddOrgIAMPolicy(ctx, req.OrgId, toDomainOrgIAMPolicy(req.UserLoginMustBeDomain))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.AddCustomOrgIAMPolicyResponse{
|
|
Details: object.AddToDetailsPb(
|
|
policy.Sequence,
|
|
policy.ChangeDate,
|
|
policy.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) UpdateOrgIAMPolicy(ctx context.Context, req *admin_pb.UpdateOrgIAMPolicyRequest) (*admin_pb.UpdateOrgIAMPolicyResponse, error) {
|
|
config, err := s.command.ChangeDefaultOrgIAMPolicy(ctx, updateOrgIAMPolicyToDomain(req))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.UpdateOrgIAMPolicyResponse{
|
|
Details: object.ChangeToDetailsPb(
|
|
config.Sequence,
|
|
config.ChangeDate,
|
|
config.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) UpdateCustomOrgIAMPolicy(ctx context.Context, req *admin_pb.UpdateCustomOrgIAMPolicyRequest) (*admin_pb.UpdateCustomOrgIAMPolicyResponse, error) {
|
|
config, err := s.command.ChangeOrgIAMPolicy(ctx, req.OrgId, updateCustomOrgIAMPolicyToDomain(req))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.UpdateCustomOrgIAMPolicyResponse{
|
|
Details: object.ChangeToDetailsPb(
|
|
config.Sequence,
|
|
config.ChangeDate,
|
|
config.ResourceOwner,
|
|
),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) ResetCustomOrgIAMPolicyTo(ctx context.Context, req *admin_pb.ResetCustomOrgIAMPolicyToDefaultRequest) (*admin_pb.ResetCustomOrgIAMPolicyToDefaultResponse, error) {
|
|
err := s.command.RemoveOrgIAMPolicy(ctx, req.OrgId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return nil, nil //TOOD: return data
|
|
}
|
|
|
|
func toDomainOrgIAMPolicy(userLoginMustBeDomain bool) *domain.OrgIAMPolicy {
|
|
return &domain.OrgIAMPolicy{
|
|
UserLoginMustBeDomain: userLoginMustBeDomain,
|
|
}
|
|
}
|
|
|
|
func updateOrgIAMPolicyToDomain(req *admin_pb.UpdateOrgIAMPolicyRequest) *domain.OrgIAMPolicy {
|
|
return &domain.OrgIAMPolicy{
|
|
// ObjectRoot: models.ObjectRoot{
|
|
// // AggreagateID: //TODO: there should only be ONE default
|
|
// },
|
|
UserLoginMustBeDomain: req.UserLoginMustBeDomain,
|
|
}
|
|
}
|
|
|
|
func updateCustomOrgIAMPolicyToDomain(req *admin_pb.UpdateCustomOrgIAMPolicyRequest) *domain.OrgIAMPolicy {
|
|
return &domain.OrgIAMPolicy{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.OrgId,
|
|
},
|
|
UserLoginMustBeDomain: req.UserLoginMustBeDomain,
|
|
}
|
|
}
|