mirror of
https://github.com/zitadel/zitadel.git
synced 2025-07-13 08:18:32 +00:00
7eb45c6cfd
# Which Problems Are Solved Resource management of projects and sub-resources was before limited by the context provided by the management API, which would mean you could only manage resources belonging to a specific organization. # How the Problems Are Solved With the addition of a resource-based API, it is now possible to manage projects and sub-resources on the basis of the resources themselves, which means that as long as you have the permission for the resource, you can create, read, update and delete it. - CreateProject to create a project under an organization - UpdateProject to update an existing project - DeleteProject to delete an existing project - DeactivateProject and ActivateProject to change the status of a project - GetProject to query for a specific project with an identifier - ListProject to query for projects and granted projects - CreateProjectGrant to create a project grant with project and granted organization - UpdateProjectGrant to update the roles of a project grant - DeactivateProjectGrant and ActivateProjectGrant to change the status of a project grant - DeleteProjectGrant to delete an existing project grant - ListProjectGrants to query for project grants - AddProjectRole to add a role to an existing project - UpdateProjectRole to change texts of an existing role - RemoveProjectRole to remove an existing role - ListProjectRoles to query for project roles # Additional Changes - Changes to ListProjects, which now contains granted projects as well - Changes to messages as defined in the [API_DESIGN](https://github.com/zitadel/zitadel/blob/main/API_DESIGN.md) - Permission checks for project functionality on query and command side - Added testing to unit tests on command side - Change update endpoints to no error returns if nothing changes in the resource - Changed all integration test utility to the new service - ListProjects now also correctly lists `granted projects` - Permission checks for project grant and project role functionality on query and command side - Change existing pre checks so that they also work resource specific without resourceowner - Added the resourceowner to the grant and role if no resourceowner is provided - Corrected import tests with project grants and roles - Added testing to unit tests on command side - Change update endpoints to no error returns if nothing changes in the resource - Changed all integration test utility to the new service - Corrected some naming in the proto files to adhere to the API_DESIGN # Additional Context Closes #9177 --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
428 lines
16 KiB
Go
428 lines
16 KiB
Go
package project
|
|
|
|
import (
|
|
"context"
|
|
|
|
"google.golang.org/protobuf/types/known/timestamppb"
|
|
|
|
filter "github.com/zitadel/zitadel/internal/api/grpc/filter/v2beta"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/query"
|
|
"github.com/zitadel/zitadel/internal/zerrors"
|
|
project_pb "github.com/zitadel/zitadel/pkg/grpc/project/v2beta"
|
|
)
|
|
|
|
func (s *Server) GetProject(ctx context.Context, req *project_pb.GetProjectRequest) (*project_pb.GetProjectResponse, error) {
|
|
project, err := s.query.GetProjectByIDWithPermission(ctx, true, req.Id, s.checkPermission)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &project_pb.GetProjectResponse{
|
|
Project: projectToPb(project),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) ListProjects(ctx context.Context, req *project_pb.ListProjectsRequest) (*project_pb.ListProjectsResponse, error) {
|
|
queries, err := s.listProjectRequestToModel(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
resp, err := s.query.SearchGrantedProjects(ctx, queries, s.checkPermission)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &project_pb.ListProjectsResponse{
|
|
Projects: grantedProjectsToPb(resp.GrantedProjects),
|
|
Pagination: filter.QueryToPaginationPb(queries.SearchRequest, resp.SearchResponse),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) listProjectRequestToModel(req *project_pb.ListProjectsRequest) (*query.ProjectAndGrantedProjectSearchQueries, error) {
|
|
offset, limit, asc, err := filter.PaginationPbToQuery(s.systemDefaults, req.Pagination)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
queries, err := projectFiltersToQuery(req.Filters)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &query.ProjectAndGrantedProjectSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
SortingColumn: grantedProjectFieldNameToSortingColumn(req.SortingColumn),
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func grantedProjectFieldNameToSortingColumn(field *project_pb.ProjectFieldName) query.Column {
|
|
if field == nil {
|
|
return query.GrantedProjectColumnCreationDate
|
|
}
|
|
switch *field {
|
|
case project_pb.ProjectFieldName_PROJECT_FIELD_NAME_CREATION_DATE:
|
|
return query.GrantedProjectColumnCreationDate
|
|
case project_pb.ProjectFieldName_PROJECT_FIELD_NAME_ID:
|
|
return query.GrantedProjectColumnID
|
|
case project_pb.ProjectFieldName_PROJECT_FIELD_NAME_NAME:
|
|
return query.GrantedProjectColumnName
|
|
case project_pb.ProjectFieldName_PROJECT_FIELD_NAME_CHANGE_DATE:
|
|
return query.GrantedProjectColumnChangeDate
|
|
case project_pb.ProjectFieldName_PROJECT_FIELD_NAME_UNSPECIFIED:
|
|
return query.GrantedProjectColumnCreationDate
|
|
default:
|
|
return query.GrantedProjectColumnCreationDate
|
|
}
|
|
}
|
|
|
|
func projectFiltersToQuery(queries []*project_pb.ProjectSearchFilter) (_ []query.SearchQuery, err error) {
|
|
q := make([]query.SearchQuery, len(queries))
|
|
for i, qry := range queries {
|
|
q[i], err = projectFilterToModel(qry)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
return q, nil
|
|
}
|
|
|
|
func projectFilterToModel(filter *project_pb.ProjectSearchFilter) (query.SearchQuery, error) {
|
|
switch q := filter.Filter.(type) {
|
|
case *project_pb.ProjectSearchFilter_ProjectNameFilter:
|
|
return projectNameFilterToQuery(q.ProjectNameFilter)
|
|
case *project_pb.ProjectSearchFilter_InProjectIdsFilter:
|
|
return projectInIDsFilterToQuery(q.InProjectIdsFilter)
|
|
case *project_pb.ProjectSearchFilter_ProjectResourceOwnerFilter:
|
|
return projectResourceOwnerFilterToQuery(q.ProjectResourceOwnerFilter)
|
|
case *project_pb.ProjectSearchFilter_ProjectOrganizationIdFilter:
|
|
return projectOrganizationIDFilterToQuery(q.ProjectOrganizationIdFilter)
|
|
case *project_pb.ProjectSearchFilter_ProjectGrantResourceOwnerFilter:
|
|
return projectGrantResourceOwnerFilterToQuery(q.ProjectGrantResourceOwnerFilter)
|
|
default:
|
|
return nil, zerrors.ThrowInvalidArgument(nil, "ORG-vR9nC", "List.Query.Invalid")
|
|
}
|
|
}
|
|
|
|
func projectNameFilterToQuery(q *project_pb.ProjectNameFilter) (query.SearchQuery, error) {
|
|
return query.NewGrantedProjectNameSearchQuery(filter.TextMethodPbToQuery(q.Method), q.GetProjectName())
|
|
}
|
|
|
|
func projectInIDsFilterToQuery(q *project_pb.InProjectIDsFilter) (query.SearchQuery, error) {
|
|
return query.NewGrantedProjectIDSearchQuery(q.ProjectIds)
|
|
}
|
|
|
|
func projectResourceOwnerFilterToQuery(q *project_pb.ProjectResourceOwnerFilter) (query.SearchQuery, error) {
|
|
return query.NewGrantedProjectResourceOwnerSearchQuery(q.ProjectResourceOwner)
|
|
}
|
|
|
|
func projectOrganizationIDFilterToQuery(q *project_pb.ProjectOrganizationIDFilter) (query.SearchQuery, error) {
|
|
return query.NewGrantedProjectOrganizationIDSearchQuery(q.ProjectOrganizationId)
|
|
}
|
|
|
|
func projectGrantResourceOwnerFilterToQuery(q *project_pb.ProjectGrantResourceOwnerFilter) (query.SearchQuery, error) {
|
|
return query.NewGrantedProjectGrantResourceOwnerSearchQuery(q.ProjectGrantResourceOwner)
|
|
}
|
|
|
|
func grantedProjectsToPb(projects []*query.GrantedProject) []*project_pb.Project {
|
|
o := make([]*project_pb.Project, len(projects))
|
|
for i, org := range projects {
|
|
o[i] = grantedProjectToPb(org)
|
|
}
|
|
return o
|
|
}
|
|
|
|
func projectToPb(project *query.Project) *project_pb.Project {
|
|
return &project_pb.Project{
|
|
Id: project.ID,
|
|
OrganizationId: project.ResourceOwner,
|
|
CreationDate: timestamppb.New(project.CreationDate),
|
|
ChangeDate: timestamppb.New(project.ChangeDate),
|
|
State: projectStateToPb(project.State),
|
|
Name: project.Name,
|
|
PrivateLabelingSetting: privateLabelingSettingToPb(project.PrivateLabelingSetting),
|
|
ProjectAccessRequired: project.HasProjectCheck,
|
|
ProjectRoleAssertion: project.ProjectRoleAssertion,
|
|
AuthorizationRequired: project.ProjectRoleCheck,
|
|
}
|
|
}
|
|
|
|
func grantedProjectToPb(project *query.GrantedProject) *project_pb.Project {
|
|
var grantedOrganizationID, grantedOrganizationName *string
|
|
if project.GrantedOrgID != "" {
|
|
grantedOrganizationID = &project.GrantedOrgID
|
|
}
|
|
if project.OrgName != "" {
|
|
grantedOrganizationName = &project.OrgName
|
|
}
|
|
|
|
return &project_pb.Project{
|
|
Id: project.ProjectID,
|
|
OrganizationId: project.ResourceOwner,
|
|
CreationDate: timestamppb.New(project.CreationDate),
|
|
ChangeDate: timestamppb.New(project.ChangeDate),
|
|
State: projectStateToPb(project.ProjectState),
|
|
Name: project.ProjectName,
|
|
PrivateLabelingSetting: privateLabelingSettingToPb(project.PrivateLabelingSetting),
|
|
ProjectAccessRequired: project.HasProjectCheck,
|
|
ProjectRoleAssertion: project.ProjectRoleAssertion,
|
|
AuthorizationRequired: project.ProjectRoleCheck,
|
|
GrantedOrganizationId: grantedOrganizationID,
|
|
GrantedOrganizationName: grantedOrganizationName,
|
|
GrantedState: grantedProjectStateToPb(project.ProjectGrantState),
|
|
}
|
|
}
|
|
|
|
func projectStateToPb(state domain.ProjectState) project_pb.ProjectState {
|
|
switch state {
|
|
case domain.ProjectStateActive:
|
|
return project_pb.ProjectState_PROJECT_STATE_ACTIVE
|
|
case domain.ProjectStateInactive:
|
|
return project_pb.ProjectState_PROJECT_STATE_INACTIVE
|
|
case domain.ProjectStateUnspecified, domain.ProjectStateRemoved:
|
|
return project_pb.ProjectState_PROJECT_STATE_UNSPECIFIED
|
|
default:
|
|
return project_pb.ProjectState_PROJECT_STATE_UNSPECIFIED
|
|
}
|
|
}
|
|
func grantedProjectStateToPb(state domain.ProjectGrantState) project_pb.GrantedProjectState {
|
|
switch state {
|
|
case domain.ProjectGrantStateActive:
|
|
return project_pb.GrantedProjectState_GRANTED_PROJECT_STATE_ACTIVE
|
|
case domain.ProjectGrantStateInactive:
|
|
return project_pb.GrantedProjectState_GRANTED_PROJECT_STATE_INACTIVE
|
|
case domain.ProjectGrantStateUnspecified, domain.ProjectGrantStateRemoved:
|
|
return project_pb.GrantedProjectState_GRANTED_PROJECT_STATE_UNSPECIFIED
|
|
default:
|
|
return project_pb.GrantedProjectState_GRANTED_PROJECT_STATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func privateLabelingSettingToPb(setting domain.PrivateLabelingSetting) project_pb.PrivateLabelingSetting {
|
|
switch setting {
|
|
case domain.PrivateLabelingSettingAllowLoginUserResourceOwnerPolicy:
|
|
return project_pb.PrivateLabelingSetting_PRIVATE_LABELING_SETTING_ALLOW_LOGIN_USER_RESOURCE_OWNER_POLICY
|
|
case domain.PrivateLabelingSettingEnforceProjectResourceOwnerPolicy:
|
|
return project_pb.PrivateLabelingSetting_PRIVATE_LABELING_SETTING_ENFORCE_PROJECT_RESOURCE_OWNER_POLICY
|
|
case domain.PrivateLabelingSettingUnspecified:
|
|
return project_pb.PrivateLabelingSetting_PRIVATE_LABELING_SETTING_UNSPECIFIED
|
|
default:
|
|
return project_pb.PrivateLabelingSetting_PRIVATE_LABELING_SETTING_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func (s *Server) ListProjectGrants(ctx context.Context, req *project_pb.ListProjectGrantsRequest) (*project_pb.ListProjectGrantsResponse, error) {
|
|
queries, err := s.listProjectGrantsRequestToModel(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
resp, err := s.query.SearchProjectGrants(ctx, queries, s.checkPermission)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &project_pb.ListProjectGrantsResponse{
|
|
ProjectGrants: projectGrantsToPb(resp.ProjectGrants),
|
|
Pagination: filter.QueryToPaginationPb(queries.SearchRequest, resp.SearchResponse),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) listProjectGrantsRequestToModel(req *project_pb.ListProjectGrantsRequest) (*query.ProjectGrantSearchQueries, error) {
|
|
offset, limit, asc, err := filter.PaginationPbToQuery(s.systemDefaults, req.Pagination)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
queries, err := projectGrantFiltersToModel(req.Filters)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &query.ProjectGrantSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
SortingColumn: projectGrantFieldNameToSortingColumn(req.SortingColumn),
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func projectGrantFieldNameToSortingColumn(field *project_pb.ProjectGrantFieldName) query.Column {
|
|
if field == nil {
|
|
return query.ProjectGrantColumnCreationDate
|
|
}
|
|
switch *field {
|
|
case project_pb.ProjectGrantFieldName_PROJECT_GRANT_FIELD_NAME_PROJECT_ID:
|
|
return query.ProjectGrantColumnProjectID
|
|
case project_pb.ProjectGrantFieldName_PROJECT_GRANT_FIELD_NAME_CREATION_DATE:
|
|
return query.ProjectGrantColumnCreationDate
|
|
case project_pb.ProjectGrantFieldName_PROJECT_GRANT_FIELD_NAME_CHANGE_DATE:
|
|
return query.ProjectGrantColumnChangeDate
|
|
case project_pb.ProjectGrantFieldName_PROJECT_GRANT_FIELD_NAME_UNSPECIFIED:
|
|
return query.ProjectGrantColumnCreationDate
|
|
default:
|
|
return query.ProjectGrantColumnCreationDate
|
|
}
|
|
}
|
|
|
|
func projectGrantFiltersToModel(queries []*project_pb.ProjectGrantSearchFilter) (_ []query.SearchQuery, err error) {
|
|
q := make([]query.SearchQuery, len(queries))
|
|
for i, qry := range queries {
|
|
q[i], err = projectGrantFilterToModel(qry)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
return q, nil
|
|
}
|
|
|
|
func projectGrantFilterToModel(filter *project_pb.ProjectGrantSearchFilter) (query.SearchQuery, error) {
|
|
switch q := filter.Filter.(type) {
|
|
case *project_pb.ProjectGrantSearchFilter_ProjectNameFilter:
|
|
return projectNameFilterToQuery(q.ProjectNameFilter)
|
|
case *project_pb.ProjectGrantSearchFilter_RoleKeyFilter:
|
|
return query.NewProjectGrantRoleKeySearchQuery(q.RoleKeyFilter.Key)
|
|
case *project_pb.ProjectGrantSearchFilter_InProjectIdsFilter:
|
|
return query.NewProjectGrantProjectIDsSearchQuery(q.InProjectIdsFilter.ProjectIds)
|
|
case *project_pb.ProjectGrantSearchFilter_ProjectResourceOwnerFilter:
|
|
return query.NewProjectGrantResourceOwnerSearchQuery(q.ProjectResourceOwnerFilter.ProjectResourceOwner)
|
|
case *project_pb.ProjectGrantSearchFilter_ProjectGrantResourceOwnerFilter:
|
|
return query.NewProjectGrantGrantedOrgIDSearchQuery(q.ProjectGrantResourceOwnerFilter.ProjectGrantResourceOwner)
|
|
default:
|
|
return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-M099f", "List.Query.Invalid")
|
|
}
|
|
}
|
|
|
|
func projectGrantsToPb(projects []*query.ProjectGrant) []*project_pb.ProjectGrant {
|
|
p := make([]*project_pb.ProjectGrant, len(projects))
|
|
for i, project := range projects {
|
|
p[i] = projectGrantToPb(project)
|
|
}
|
|
return p
|
|
}
|
|
|
|
func projectGrantToPb(project *query.ProjectGrant) *project_pb.ProjectGrant {
|
|
return &project_pb.ProjectGrant{
|
|
OrganizationId: project.ResourceOwner,
|
|
CreationDate: timestamppb.New(project.CreationDate),
|
|
ChangeDate: timestamppb.New(project.ChangeDate),
|
|
GrantedOrganizationId: project.GrantedOrgID,
|
|
GrantedOrganizationName: project.OrgName,
|
|
GrantedRoleKeys: project.GrantedRoleKeys,
|
|
ProjectId: project.ProjectID,
|
|
ProjectName: project.ProjectName,
|
|
State: projectGrantStateToPb(project.State),
|
|
}
|
|
}
|
|
|
|
func projectGrantStateToPb(state domain.ProjectGrantState) project_pb.ProjectGrantState {
|
|
switch state {
|
|
case domain.ProjectGrantStateActive:
|
|
return project_pb.ProjectGrantState_PROJECT_GRANT_STATE_ACTIVE
|
|
case domain.ProjectGrantStateInactive:
|
|
return project_pb.ProjectGrantState_PROJECT_GRANT_STATE_INACTIVE
|
|
case domain.ProjectGrantStateUnspecified, domain.ProjectGrantStateRemoved:
|
|
return project_pb.ProjectGrantState_PROJECT_GRANT_STATE_UNSPECIFIED
|
|
default:
|
|
return project_pb.ProjectGrantState_PROJECT_GRANT_STATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func (s *Server) ListProjectRoles(ctx context.Context, req *project_pb.ListProjectRolesRequest) (*project_pb.ListProjectRolesResponse, error) {
|
|
queries, err := s.listProjectRolesRequestToModel(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
err = queries.AppendProjectIDQuery(req.ProjectId)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
roles, err := s.query.SearchProjectRoles(ctx, true, queries, s.checkPermission)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &project_pb.ListProjectRolesResponse{
|
|
ProjectRoles: roleViewsToPb(roles.ProjectRoles),
|
|
Pagination: filter.QueryToPaginationPb(queries.SearchRequest, roles.SearchResponse),
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) listProjectRolesRequestToModel(req *project_pb.ListProjectRolesRequest) (*query.ProjectRoleSearchQueries, error) {
|
|
offset, limit, asc, err := filter.PaginationPbToQuery(s.systemDefaults, req.Pagination)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
queries, err := roleQueriesToModel(req.Filters)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &query.ProjectRoleSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
SortingColumn: projectRoleFieldNameToSortingColumn(req.SortingColumn),
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func projectRoleFieldNameToSortingColumn(field *project_pb.ProjectRoleFieldName) query.Column {
|
|
if field == nil {
|
|
return query.ProjectRoleColumnCreationDate
|
|
}
|
|
switch *field {
|
|
case project_pb.ProjectRoleFieldName_PROJECT_ROLE_FIELD_NAME_KEY:
|
|
return query.ProjectRoleColumnKey
|
|
case project_pb.ProjectRoleFieldName_PROJECT_ROLE_FIELD_NAME_CREATION_DATE:
|
|
return query.ProjectRoleColumnCreationDate
|
|
case project_pb.ProjectRoleFieldName_PROJECT_ROLE_FIELD_NAME_CHANGE_DATE:
|
|
return query.ProjectRoleColumnChangeDate
|
|
case project_pb.ProjectRoleFieldName_PROJECT_ROLE_FIELD_NAME_UNSPECIFIED:
|
|
return query.ProjectRoleColumnCreationDate
|
|
default:
|
|
return query.ProjectRoleColumnCreationDate
|
|
}
|
|
}
|
|
|
|
func roleQueriesToModel(queries []*project_pb.ProjectRoleSearchFilter) (_ []query.SearchQuery, err error) {
|
|
q := make([]query.SearchQuery, len(queries))
|
|
for i, query := range queries {
|
|
q[i], err = roleQueryToModel(query)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
return q, nil
|
|
}
|
|
|
|
func roleQueryToModel(apiQuery *project_pb.ProjectRoleSearchFilter) (query.SearchQuery, error) {
|
|
switch q := apiQuery.Filter.(type) {
|
|
case *project_pb.ProjectRoleSearchFilter_RoleKeyFilter:
|
|
return query.NewProjectRoleKeySearchQuery(filter.TextMethodPbToQuery(q.RoleKeyFilter.Method), q.RoleKeyFilter.Key)
|
|
case *project_pb.ProjectRoleSearchFilter_DisplayNameFilter:
|
|
return query.NewProjectRoleDisplayNameSearchQuery(filter.TextMethodPbToQuery(q.DisplayNameFilter.Method), q.DisplayNameFilter.DisplayName)
|
|
default:
|
|
return nil, zerrors.ThrowInvalidArgument(nil, "PROJECT-fms0e", "List.Query.Invalid")
|
|
}
|
|
}
|
|
|
|
func roleViewsToPb(roles []*query.ProjectRole) []*project_pb.ProjectRole {
|
|
o := make([]*project_pb.ProjectRole, len(roles))
|
|
for i, org := range roles {
|
|
o[i] = roleViewToPb(org)
|
|
}
|
|
return o
|
|
}
|
|
|
|
func roleViewToPb(role *query.ProjectRole) *project_pb.ProjectRole {
|
|
return &project_pb.ProjectRole{
|
|
ProjectId: role.ProjectID,
|
|
Key: role.Key,
|
|
CreationDate: timestamppb.New(role.CreationDate),
|
|
ChangeDate: timestamppb.New(role.ChangeDate),
|
|
DisplayName: role.DisplayName,
|
|
Group: role.Group,
|
|
}
|
|
}
|