mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-21 15:27:31 +00:00
ba9b807854
* get key by id and cache them * userinfo from events for v2 tokens * improve keyset caching * concurrent token and client checks * client and project in single query * logging and otel * drop owner_removed column on apps and authN tables * userinfo and project roles in go routines * get oidc user info from projections and add actions * add avatar URL * some cleanup * pull oidc work branch * remove storage from server * add config flag for experimental introspection * legacy introspection flag * drop owner_removed column on user projections * drop owner_removed column on useer_metadata * query userinfo unit test * query introspection client test * add user_grants to the userinfo query * handle PAT scopes * bring triggers back * test instance keys query * add userinfo unit tests * unit test keys * go mod tidy * solve some bugs * fix missing preferred login name * do not run triggers in go routines, they seem to deadlock * initialize the trigger handlers late with a sync.OnceValue * Revert "do not run triggers in go routines, they seem to deadlock" This reverts commit 2a03da2127b7dc74552ec25d4772282a82cc1cba. * add missing translations * chore: update go version for linting * pin oidc version * parse a global time location for query test * fix linter complains * upgrade go lint * fix more linting issues --------- Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
121 lines
3.8 KiB
Go
121 lines
3.8 KiB
Go
package admin
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/api/grpc/object"
|
|
org_grpc "github.com/zitadel/zitadel/internal/api/grpc/org"
|
|
"github.com/zitadel/zitadel/internal/command"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/query"
|
|
admin_pb "github.com/zitadel/zitadel/pkg/grpc/admin"
|
|
)
|
|
|
|
func (s *Server) IsOrgUnique(ctx context.Context, req *admin_pb.IsOrgUniqueRequest) (*admin_pb.IsOrgUniqueResponse, error) {
|
|
isUnique, err := s.query.IsOrgUnique(ctx, req.Name, req.Domain)
|
|
return &admin_pb.IsOrgUniqueResponse{IsUnique: isUnique}, err
|
|
}
|
|
|
|
func (s *Server) SetDefaultOrg(ctx context.Context, req *admin_pb.SetDefaultOrgRequest) (*admin_pb.SetDefaultOrgResponse, error) {
|
|
details, err := s.command.SetDefaultOrg(ctx, req.OrgId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.SetDefaultOrgResponse{
|
|
Details: object.DomainToChangeDetailsPb(details),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) RemoveOrg(ctx context.Context, req *admin_pb.RemoveOrgRequest) (*admin_pb.RemoveOrgResponse, error) {
|
|
details, err := s.command.RemoveOrg(ctx, req.OrgId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.RemoveOrgResponse{
|
|
Details: object.DomainToChangeDetailsPb(details),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) GetDefaultOrg(ctx context.Context, _ *admin_pb.GetDefaultOrgRequest) (*admin_pb.GetDefaultOrgResponse, error) {
|
|
org, err := s.query.OrgByID(ctx, true, authz.GetInstance(ctx).DefaultOrganisationID())
|
|
return &admin_pb.GetDefaultOrgResponse{Org: org_grpc.OrgToPb(org)}, err
|
|
}
|
|
|
|
func (s *Server) GetOrgByID(ctx context.Context, req *admin_pb.GetOrgByIDRequest) (*admin_pb.GetOrgByIDResponse, error) {
|
|
org, err := s.query.OrgByID(ctx, true, req.Id)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.GetOrgByIDResponse{Org: org_grpc.OrgViewToPb(org)}, nil
|
|
}
|
|
|
|
func (s *Server) ListOrgs(ctx context.Context, req *admin_pb.ListOrgsRequest) (*admin_pb.ListOrgsResponse, error) {
|
|
queries, err := listOrgRequestToModel(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
orgs, err := s.query.SearchOrgs(ctx, queries)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &admin_pb.ListOrgsResponse{
|
|
Result: org_grpc.OrgViewsToPb(orgs.Orgs),
|
|
Details: object.ToListDetails(orgs.Count, orgs.Sequence, orgs.LastRun),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) SetUpOrg(ctx context.Context, req *admin_pb.SetUpOrgRequest) (*admin_pb.SetUpOrgResponse, error) {
|
|
orgDomain, err := domain.NewIAMDomainName(req.Org.Name, authz.GetInstance(ctx).RequestedDomain())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
userIDs, err := s.getClaimedUserIDsOfOrgDomain(ctx, orgDomain)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
human := setUpOrgHumanToCommand(req.User.(*admin_pb.SetUpOrgRequest_Human_).Human) //TODO: handle machine
|
|
|
|
createdOrg, err := s.command.SetUpOrg(ctx, &command.OrgSetup{
|
|
Name: req.Org.Name,
|
|
CustomDomain: req.Org.Domain,
|
|
Admins: []*command.OrgSetupAdmin{
|
|
{
|
|
Human: human,
|
|
Roles: req.Roles,
|
|
},
|
|
},
|
|
}, true, userIDs...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var userID string
|
|
if len(createdOrg.CreatedAdmins) == 1 {
|
|
userID = createdOrg.CreatedAdmins[0].ID
|
|
}
|
|
return &admin_pb.SetUpOrgResponse{
|
|
Details: object.DomainToAddDetailsPb(createdOrg.ObjectDetails),
|
|
OrgId: createdOrg.ObjectDetails.ResourceOwner,
|
|
UserId: userID,
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) getClaimedUserIDsOfOrgDomain(ctx context.Context, orgDomain string) ([]string, error) {
|
|
loginName, err := query.NewUserPreferredLoginNameSearchQuery("@"+orgDomain, query.TextEndsWithIgnoreCase)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
users, err := s.query.SearchUsers(ctx, &query.UserSearchQueries{Queries: []query.SearchQuery{loginName}})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
userIDs := make([]string, len(users.Users))
|
|
for i, user := range users.Users {
|
|
userIDs[i] = user.ID
|
|
}
|
|
return userIDs, nil
|
|
}
|