mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-13 19:44:21 +00:00
d2ea9a1b8c
* refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * fix(query): member queries and user avatar column * member cols * fix(queries): membership stmt * fix user test * fix user test * fix(membership): correct display name * fix(projection): additional member manipulation events * additional member tests * fix(projections): additional events of idp links * fix: use query for memberships (#2797) * fix(api): use query for memberships * remove comment * handle err * refactor(projections): idp user link user aggregate type * fix(projections): handle old user events * fix(api): add asset prefix * no image for iam members
192 lines
5.8 KiB
Go
192 lines
5.8 KiB
Go
package management
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/caos/zitadel/internal/api/authz"
|
|
member_grpc "github.com/caos/zitadel/internal/api/grpc/member"
|
|
"github.com/caos/zitadel/internal/api/grpc/object"
|
|
proj_grpc "github.com/caos/zitadel/internal/api/grpc/project"
|
|
"github.com/caos/zitadel/internal/domain"
|
|
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
|
"github.com/caos/zitadel/internal/query"
|
|
mgmt_pb "github.com/caos/zitadel/pkg/grpc/management"
|
|
proj_pb "github.com/caos/zitadel/pkg/grpc/project"
|
|
)
|
|
|
|
func ProjectCreateToDomain(req *mgmt_pb.AddProjectRequest) *domain.Project {
|
|
return &domain.Project{
|
|
Name: req.Name,
|
|
ProjectRoleAssertion: req.ProjectRoleAssertion,
|
|
ProjectRoleCheck: req.ProjectRoleCheck,
|
|
HasProjectCheck: req.HasProjectCheck,
|
|
PrivateLabelingSetting: privateLabelingSettingToDomain(req.PrivateLabelingSetting),
|
|
}
|
|
}
|
|
|
|
func ProjectUpdateToDomain(req *mgmt_pb.UpdateProjectRequest) *domain.Project {
|
|
return &domain.Project{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.Id,
|
|
},
|
|
Name: req.Name,
|
|
ProjectRoleAssertion: req.ProjectRoleAssertion,
|
|
ProjectRoleCheck: req.ProjectRoleCheck,
|
|
HasProjectCheck: req.HasProjectCheck,
|
|
PrivateLabelingSetting: privateLabelingSettingToDomain(req.PrivateLabelingSetting),
|
|
}
|
|
}
|
|
|
|
func privateLabelingSettingToDomain(setting proj_pb.PrivateLabelingSetting) domain.PrivateLabelingSetting {
|
|
switch setting {
|
|
case proj_pb.PrivateLabelingSetting_PRIVATE_LABELING_SETTING_ALLOW_LOGIN_USER_RESOURCE_OWNER_POLICY:
|
|
return domain.PrivateLabelingSettingAllowLoginUserResourceOwnerPolicy
|
|
case proj_pb.PrivateLabelingSetting_PRIVATE_LABELING_SETTING_ENFORCE_PROJECT_RESOURCE_OWNER_POLICY:
|
|
return domain.PrivateLabelingSettingEnforceProjectResourceOwnerPolicy
|
|
default:
|
|
return domain.PrivateLabelingSettingUnspecified
|
|
}
|
|
}
|
|
|
|
func AddProjectRoleRequestToDomain(req *mgmt_pb.AddProjectRoleRequest) *domain.ProjectRole {
|
|
return &domain.ProjectRole{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.ProjectId,
|
|
},
|
|
Key: req.RoleKey,
|
|
DisplayName: req.DisplayName,
|
|
Group: req.Group,
|
|
}
|
|
}
|
|
|
|
func BulkAddProjectRolesRequestToDomain(req *mgmt_pb.BulkAddProjectRolesRequest) []*domain.ProjectRole {
|
|
roles := make([]*domain.ProjectRole, len(req.Roles))
|
|
for i, role := range req.Roles {
|
|
roles[i] = &domain.ProjectRole{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.ProjectId,
|
|
},
|
|
Key: role.Key,
|
|
DisplayName: role.DisplayName,
|
|
Group: role.Group,
|
|
}
|
|
}
|
|
return roles
|
|
}
|
|
|
|
func UpdateProjectRoleRequestToDomain(req *mgmt_pb.UpdateProjectRoleRequest) *domain.ProjectRole {
|
|
return &domain.ProjectRole{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.ProjectId,
|
|
},
|
|
Key: req.RoleKey,
|
|
DisplayName: req.DisplayName,
|
|
Group: req.Group,
|
|
}
|
|
}
|
|
|
|
func ProjectGrantsToIDs(projectGrants *query.ProjectGrants) []string {
|
|
converted := make([]string, len(projectGrants.ProjectGrants))
|
|
for i, grant := range projectGrants.ProjectGrants {
|
|
converted[i] = grant.GrantID
|
|
}
|
|
return converted
|
|
}
|
|
|
|
func AddProjectMemberRequestToDomain(req *mgmt_pb.AddProjectMemberRequest) *domain.Member {
|
|
return domain.NewMember(req.ProjectId, req.UserId, req.Roles...)
|
|
}
|
|
|
|
func UpdateProjectMemberRequestToDomain(req *mgmt_pb.UpdateProjectMemberRequest) *domain.Member {
|
|
return domain.NewMember(req.ProjectId, req.UserId, req.Roles...)
|
|
}
|
|
|
|
func listProjectRequestToModel(req *mgmt_pb.ListProjectsRequest) (*query.ProjectSearchQueries, error) {
|
|
offset, limit, asc := object.ListQueryToModel(req.Query)
|
|
queries, err := proj_grpc.ProjectQueriesToModel(req.Queries)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &query.ProjectSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func listGrantedProjectsRequestToModel(req *mgmt_pb.ListGrantedProjectsRequest) (*query.ProjectGrantSearchQueries, error) {
|
|
offset, limit, asc := object.ListQueryToModel(req.Query)
|
|
queries, err := proj_grpc.ProjectQueriesToModel(req.Queries)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &query.ProjectGrantSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func listProjectRolesRequestToModel(req *mgmt_pb.ListProjectRolesRequest) (*query.ProjectRoleSearchQueries, error) {
|
|
offset, limit, asc := object.ListQueryToModel(req.Query)
|
|
queries, err := proj_grpc.RoleQueriesToModel(req.Queries)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &query.ProjectRoleSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func listGrantedProjectRolesRequestToModel(req *mgmt_pb.ListGrantedProjectRolesRequest) (*query.ProjectRoleSearchQueries, error) {
|
|
offset, limit, asc := object.ListQueryToModel(req.Query)
|
|
queries, err := proj_grpc.RoleQueriesToModel(req.Queries)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return &query.ProjectRoleSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func ListProjectMembersRequestToModel(ctx context.Context, req *mgmt_pb.ListProjectMembersRequest) (*query.ProjectMembersQuery, error) {
|
|
offset, limit, asc := object.ListQueryToModel(req.Query)
|
|
queries, err := member_grpc.MemberQueriesToQuery(req.Queries)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
ownerQuery, err := query.NewMemberResourceOwnerSearchQuery(authz.GetCtxData(ctx).OrgID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
queries = append(queries, ownerQuery)
|
|
return &query.ProjectMembersQuery{
|
|
MembersQuery: query.MembersQuery{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
//SortingColumn: //TODO: sorting
|
|
},
|
|
Queries: queries,
|
|
},
|
|
ProjectID: req.ProjectId,
|
|
}, nil
|
|
}
|