mirror of
https://github.com/zitadel/zitadel.git
synced 2025-02-25 18:55:27 -06:00
feat: app handling compliance (#527)
* feat: check oidc compliance * fix: add tests * fix: add oidc config tests * fix: add oidc config tests user agent * fix: test oidc config compliance * fix: test oidc config compliance * fix: useragent implicit authmethod none * fix: merge master * feat: translate compliance problems * feat: check native app for custom url * fix: better compliance handling * fix: better compliance handling * feat: add odidc dev mode * fix: remove deprecated request fro management api * fix: oidc package version * fix: migration * fix: tests * fix: remove unused functions * fix: generate proto files * fix: native implicit and code none compliant * fix: create project * Update internal/project/model/oidc_config_test.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: tests * Update internal/project/model/oidc_config.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/project/model/oidc_config.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: tests Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
24
pkg/grpc/management/application.go
Normal file
24
pkg/grpc/management/application.go
Normal file
@@ -0,0 +1,24 @@
|
||||
package management
|
||||
|
||||
import (
|
||||
"github.com/caos/zitadel/internal/api/grpc/server/middleware"
|
||||
)
|
||||
|
||||
func (a *ApplicationView) Localizers() []middleware.Localizer {
|
||||
if a == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
switch configType := a.AppConfig.(type) {
|
||||
case *ApplicationView_OidcConfig:
|
||||
if !configType.OidcConfig.NoneCompliant {
|
||||
return nil
|
||||
}
|
||||
localizers := make([]middleware.Localizer, len(configType.OidcConfig.ComplianceProblems))
|
||||
for i, problem := range configType.OidcConfig.ComplianceProblems {
|
||||
localizers[i] = problem
|
||||
}
|
||||
return localizers
|
||||
}
|
||||
return nil
|
||||
}
|
||||
@@ -553,64 +553,4 @@ var ManagementService_AuthMethods = authz.MethodMapping{
|
||||
Permission: "user.grant.delete",
|
||||
CheckParam: "",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/SearchProjectUserGrants": authz.Option{
|
||||
Permission: "project.user.grant.read",
|
||||
CheckParam: "ProjectId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/ProjectUserGrantByID": authz.Option{
|
||||
Permission: "project.user.grant.read",
|
||||
CheckParam: "ProjectId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/CreateProjectUserGrant": authz.Option{
|
||||
Permission: "project.user.grant.write",
|
||||
CheckParam: "ProjectId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/UpdateProjectUserGrant": authz.Option{
|
||||
Permission: "project.user.grant.write",
|
||||
CheckParam: "ProjectId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/DeactivateProjectUserGrant": authz.Option{
|
||||
Permission: "project.user.grant.write",
|
||||
CheckParam: "ProjectId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/ReactivateProjectUserGrant": authz.Option{
|
||||
Permission: "project.user.grant.write",
|
||||
CheckParam: "ProjectId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/SearchProjectGrantUserGrants": authz.Option{
|
||||
Permission: "project.grant.user.grant.read",
|
||||
CheckParam: "ProjectGrantId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/ProjectGrantUserGrantByID": authz.Option{
|
||||
Permission: "project.grant.user.grant.read",
|
||||
CheckParam: "ProjectGrantId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/CreateProjectGrantUserGrant": authz.Option{
|
||||
Permission: "project.grant.user.grant.write",
|
||||
CheckParam: "ProjectGrantId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/UpdateProjectGrantUserGrant": authz.Option{
|
||||
Permission: "project.grant.user.grant.write",
|
||||
CheckParam: "ProjectGrantId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/DeactivateProjectGrantUserGrant": authz.Option{
|
||||
Permission: "project.grant.user.grant.write",
|
||||
CheckParam: "ProjectGrantId",
|
||||
},
|
||||
|
||||
"/caos.zitadel.management.api.v1.ManagementService/ReactivateProjectGrantUserGrant": authz.Option{
|
||||
Permission: "project.grant.user.grant.write",
|
||||
CheckParam: "ProjectGrantId",
|
||||
},
|
||||
}
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -477,46 +477,6 @@ func (mr *MockManagementServiceClientMockRecorder) CreateProjectGrant(arg0, arg1
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateProjectGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).CreateProjectGrant), varargs...)
|
||||
}
|
||||
|
||||
// CreateProjectGrantUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) CreateProjectGrantUserGrant(arg0 context.Context, arg1 *management.ProjectGrantUserGrantCreate, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "CreateProjectGrantUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// CreateProjectGrantUserGrant indicates an expected call of CreateProjectGrantUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) CreateProjectGrantUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateProjectGrantUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).CreateProjectGrantUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// CreateProjectUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) CreateProjectUserGrant(arg0 context.Context, arg1 *management.UserGrantCreate, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "CreateProjectUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// CreateProjectUserGrant indicates an expected call of CreateProjectUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) CreateProjectUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateProjectUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).CreateProjectUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// CreateUser mocks base method
|
||||
func (m *MockManagementServiceClient) CreateUser(arg0 context.Context, arg1 *management.CreateUserRequest, arg2 ...grpc.CallOption) (*management.User, error) {
|
||||
m.ctrl.T.Helper()
|
||||
@@ -637,46 +597,6 @@ func (mr *MockManagementServiceClientMockRecorder) DeactivateProjectGrant(arg0,
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeactivateProjectGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).DeactivateProjectGrant), varargs...)
|
||||
}
|
||||
|
||||
// DeactivateProjectGrantUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) DeactivateProjectGrantUserGrant(arg0 context.Context, arg1 *management.ProjectGrantUserGrantID, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "DeactivateProjectGrantUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// DeactivateProjectGrantUserGrant indicates an expected call of DeactivateProjectGrantUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) DeactivateProjectGrantUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeactivateProjectGrantUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).DeactivateProjectGrantUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// DeactivateProjectUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) DeactivateProjectUserGrant(arg0 context.Context, arg1 *management.ProjectUserGrantID, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "DeactivateProjectUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// DeactivateProjectUserGrant indicates an expected call of DeactivateProjectUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) DeactivateProjectUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeactivateProjectUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).DeactivateProjectUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// DeactivateUser mocks base method
|
||||
func (m *MockManagementServiceClient) DeactivateUser(arg0 context.Context, arg1 *management.UserID, arg2 ...grpc.CallOption) (*management.User, error) {
|
||||
m.ctrl.T.Helper()
|
||||
@@ -1357,46 +1277,6 @@ func (mr *MockManagementServiceClientMockRecorder) ProjectGrantByID(arg0, arg1 i
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ProjectGrantByID", reflect.TypeOf((*MockManagementServiceClient)(nil).ProjectGrantByID), varargs...)
|
||||
}
|
||||
|
||||
// ProjectGrantUserGrantByID mocks base method
|
||||
func (m *MockManagementServiceClient) ProjectGrantUserGrantByID(arg0 context.Context, arg1 *management.ProjectGrantUserGrantID, arg2 ...grpc.CallOption) (*management.UserGrantView, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "ProjectGrantUserGrantByID", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrantView)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// ProjectGrantUserGrantByID indicates an expected call of ProjectGrantUserGrantByID
|
||||
func (mr *MockManagementServiceClientMockRecorder) ProjectGrantUserGrantByID(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ProjectGrantUserGrantByID", reflect.TypeOf((*MockManagementServiceClient)(nil).ProjectGrantUserGrantByID), varargs...)
|
||||
}
|
||||
|
||||
// ProjectUserGrantByID mocks base method
|
||||
func (m *MockManagementServiceClient) ProjectUserGrantByID(arg0 context.Context, arg1 *management.ProjectUserGrantID, arg2 ...grpc.CallOption) (*management.UserGrantView, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "ProjectUserGrantByID", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrantView)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// ProjectUserGrantByID indicates an expected call of ProjectUserGrantByID
|
||||
func (mr *MockManagementServiceClientMockRecorder) ProjectUserGrantByID(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ProjectUserGrantByID", reflect.TypeOf((*MockManagementServiceClient)(nil).ProjectUserGrantByID), varargs...)
|
||||
}
|
||||
|
||||
// ReactivateApplication mocks base method
|
||||
func (m *MockManagementServiceClient) ReactivateApplication(arg0 context.Context, arg1 *management.ApplicationID, arg2 ...grpc.CallOption) (*management.Application, error) {
|
||||
m.ctrl.T.Helper()
|
||||
@@ -1477,46 +1357,6 @@ func (mr *MockManagementServiceClientMockRecorder) ReactivateProjectGrant(arg0,
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ReactivateProjectGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).ReactivateProjectGrant), varargs...)
|
||||
}
|
||||
|
||||
// ReactivateProjectGrantUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) ReactivateProjectGrantUserGrant(arg0 context.Context, arg1 *management.ProjectGrantUserGrantID, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "ReactivateProjectGrantUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// ReactivateProjectGrantUserGrant indicates an expected call of ReactivateProjectGrantUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) ReactivateProjectGrantUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ReactivateProjectGrantUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).ReactivateProjectGrantUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// ReactivateProjectUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) ReactivateProjectUserGrant(arg0 context.Context, arg1 *management.ProjectUserGrantID, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "ReactivateProjectUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// ReactivateProjectUserGrant indicates an expected call of ReactivateProjectUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) ReactivateProjectUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ReactivateProjectUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).ReactivateProjectUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// ReactivateUser mocks base method
|
||||
func (m *MockManagementServiceClient) ReactivateUser(arg0 context.Context, arg1 *management.UserID, arg2 ...grpc.CallOption) (*management.User, error) {
|
||||
m.ctrl.T.Helper()
|
||||
@@ -1937,26 +1777,6 @@ func (mr *MockManagementServiceClientMockRecorder) SearchProjectGrantMembers(arg
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchProjectGrantMembers", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchProjectGrantMembers), varargs...)
|
||||
}
|
||||
|
||||
// SearchProjectGrantUserGrants mocks base method
|
||||
func (m *MockManagementServiceClient) SearchProjectGrantUserGrants(arg0 context.Context, arg1 *management.ProjectGrantUserGrantSearchRequest, arg2 ...grpc.CallOption) (*management.UserGrantSearchResponse, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "SearchProjectGrantUserGrants", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrantSearchResponse)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// SearchProjectGrantUserGrants indicates an expected call of SearchProjectGrantUserGrants
|
||||
func (mr *MockManagementServiceClientMockRecorder) SearchProjectGrantUserGrants(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchProjectGrantUserGrants", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchProjectGrantUserGrants), varargs...)
|
||||
}
|
||||
|
||||
// SearchProjectGrants mocks base method
|
||||
func (m *MockManagementServiceClient) SearchProjectGrants(arg0 context.Context, arg1 *management.ProjectGrantSearchRequest, arg2 ...grpc.CallOption) (*management.ProjectGrantSearchResponse, error) {
|
||||
m.ctrl.T.Helper()
|
||||
@@ -2017,26 +1837,6 @@ func (mr *MockManagementServiceClientMockRecorder) SearchProjectRoles(arg0, arg1
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchProjectRoles", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchProjectRoles), varargs...)
|
||||
}
|
||||
|
||||
// SearchProjectUserGrants mocks base method
|
||||
func (m *MockManagementServiceClient) SearchProjectUserGrants(arg0 context.Context, arg1 *management.ProjectUserGrantSearchRequest, arg2 ...grpc.CallOption) (*management.UserGrantSearchResponse, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "SearchProjectUserGrants", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrantSearchResponse)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// SearchProjectUserGrants indicates an expected call of SearchProjectUserGrants
|
||||
func (mr *MockManagementServiceClientMockRecorder) SearchProjectUserGrants(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SearchProjectUserGrants", reflect.TypeOf((*MockManagementServiceClient)(nil).SearchProjectUserGrants), varargs...)
|
||||
}
|
||||
|
||||
// SearchProjects mocks base method
|
||||
func (m *MockManagementServiceClient) SearchProjects(arg0 context.Context, arg1 *management.ProjectSearchRequest, arg2 ...grpc.CallOption) (*management.ProjectSearchResponse, error) {
|
||||
m.ctrl.T.Helper()
|
||||
@@ -2337,46 +2137,6 @@ func (mr *MockManagementServiceClientMockRecorder) UpdateProjectGrant(arg0, arg1
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateProjectGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).UpdateProjectGrant), varargs...)
|
||||
}
|
||||
|
||||
// UpdateProjectGrantUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) UpdateProjectGrantUserGrant(arg0 context.Context, arg1 *management.ProjectGrantUserGrantUpdate, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "UpdateProjectGrantUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// UpdateProjectGrantUserGrant indicates an expected call of UpdateProjectGrantUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) UpdateProjectGrantUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateProjectGrantUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).UpdateProjectGrantUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// UpdateProjectUserGrant mocks base method
|
||||
func (m *MockManagementServiceClient) UpdateProjectUserGrant(arg0 context.Context, arg1 *management.ProjectUserGrantUpdate, arg2 ...grpc.CallOption) (*management.UserGrant, error) {
|
||||
m.ctrl.T.Helper()
|
||||
varargs := []interface{}{arg0, arg1}
|
||||
for _, a := range arg2 {
|
||||
varargs = append(varargs, a)
|
||||
}
|
||||
ret := m.ctrl.Call(m, "UpdateProjectUserGrant", varargs...)
|
||||
ret0, _ := ret[0].(*management.UserGrant)
|
||||
ret1, _ := ret[1].(error)
|
||||
return ret0, ret1
|
||||
}
|
||||
|
||||
// UpdateProjectUserGrant indicates an expected call of UpdateProjectUserGrant
|
||||
func (mr *MockManagementServiceClientMockRecorder) UpdateProjectUserGrant(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
varargs := append([]interface{}{arg0, arg1}, arg2...)
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpdateProjectUserGrant", reflect.TypeOf((*MockManagementServiceClient)(nil).UpdateProjectUserGrant), varargs...)
|
||||
}
|
||||
|
||||
// UpdateUserAddress mocks base method
|
||||
func (m *MockManagementServiceClient) UpdateUserAddress(arg0 context.Context, arg1 *management.UpdateUserAddressRequest, arg2 ...grpc.CallOption) (*management.UserAddress, error) {
|
||||
m.ctrl.T.Helper()
|
||||
|
||||
@@ -1247,184 +1247,6 @@ service ManagementService {
|
||||
permission: "user.grant.delete"
|
||||
};
|
||||
}
|
||||
|
||||
// search user grants based on a project
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc SearchProjectUserGrants(ProjectUserGrantSearchRequest) returns (UserGrantSearchResponse) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
post: "/projects/{project_id}/users/grants/_search"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.user.grant.read"
|
||||
check_field_name: "ProjectId"
|
||||
};
|
||||
}
|
||||
|
||||
// get user grant based on a project
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc ProjectUserGrantByID(ProjectUserGrantID) returns (UserGrantView) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
get: "/projects/{project_id}/users/{user_id}/grants/{id}"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.user.grant.read"
|
||||
check_field_name: "ProjectId"
|
||||
};
|
||||
}
|
||||
|
||||
// create user grant based on a project
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc CreateProjectUserGrant(UserGrantCreate) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
post: "/projects/{project_id}/users/{user_id}/grants"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.user.grant.write"
|
||||
check_field_name: "ProjectId"
|
||||
};
|
||||
}
|
||||
|
||||
// update user grant based on a project
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc UpdateProjectUserGrant(ProjectUserGrantUpdate) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
put: "/projects/{project_id}/users/{user_id}/grants/{id}"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.user.grant.write"
|
||||
check_field_name: "ProjectId"
|
||||
};
|
||||
}
|
||||
|
||||
// deactivate user grant based on a project
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc DeactivateProjectUserGrant(ProjectUserGrantID) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
put: "/projects/{project_id}/users/{user_id}/grants/{id}/_deactivate"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.user.grant.write"
|
||||
check_field_name: "ProjectId"
|
||||
};
|
||||
}
|
||||
|
||||
// reactivate user grant based on a project
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc ReactivateProjectUserGrant(ProjectUserGrantID) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
put: "/projects/{project_id}/users/{user_id}/grants/{id}/_reactivate"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.user.grant.write"
|
||||
check_field_name: "ProjectId"
|
||||
};
|
||||
}
|
||||
|
||||
// search user grants based on a projectgrant
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc SearchProjectGrantUserGrants(ProjectGrantUserGrantSearchRequest) returns (UserGrantSearchResponse) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
post: "/projectgrants/{project_grant_id}/users/grants/_search"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.grant.user.grant.read"
|
||||
check_field_name: "ProjectGrantId"
|
||||
};
|
||||
}
|
||||
|
||||
// get user grant based on a projectgrant
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc ProjectGrantUserGrantByID(ProjectGrantUserGrantID) returns (UserGrantView) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
get: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.grant.user.grant.read"
|
||||
check_field_name: "ProjectGrantId"
|
||||
};
|
||||
}
|
||||
|
||||
// create user grant based on a projectgrant
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc CreateProjectGrantUserGrant(ProjectGrantUserGrantCreate) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
post: "/projectgrants/{project_grant_id}/users/{user_id}/grants"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.grant.user.grant.write"
|
||||
check_field_name: "ProjectGrantId"
|
||||
};
|
||||
}
|
||||
|
||||
// update user grant based on a projectgrant
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc UpdateProjectGrantUserGrant(ProjectGrantUserGrantUpdate) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
put: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.grant.user.grant.write"
|
||||
check_field_name: "ProjectGrantId"
|
||||
};
|
||||
}
|
||||
|
||||
// deactivate user grant based on a projectgrant
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc DeactivateProjectGrantUserGrant(ProjectGrantUserGrantID) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
put: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}/_deactivate"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.grant.user.grant.write"
|
||||
check_field_name: "ProjectGrantId"
|
||||
};
|
||||
}
|
||||
|
||||
// reactivate user grant based on a projectgrant
|
||||
// This request is required that the user authorizations of zitadel can be differentiated
|
||||
rpc ReactivateProjectGrantUserGrant(ProjectGrantUserGrantID) returns (UserGrant) {
|
||||
option deprecated = true;
|
||||
option (google.api.http) = {
|
||||
put: "/projectgrants/{project_grant_id}/users/{user_id}/grants/{id}/_reactivate"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (caos.zitadel.utils.v1.auth_option) = {
|
||||
permission: "project.grant.user.grant.write"
|
||||
check_field_name: "ProjectGrantId"
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
message ZitadelDocs {
|
||||
@@ -2335,6 +2157,10 @@ message OIDCConfig {
|
||||
string client_secret = 6;
|
||||
OIDCAuthMethodType auth_method_type = 7;
|
||||
repeated string post_logout_redirect_uris = 8;
|
||||
OIDCVersion version = 9;
|
||||
bool none_compliant = 10;
|
||||
repeated caos.zitadel.api.v1.LocalizedMessage compliance_problems = 11;
|
||||
bool dev_mode = 12;
|
||||
}
|
||||
|
||||
message OIDCApplicationCreate {
|
||||
@@ -2346,6 +2172,12 @@ message OIDCApplicationCreate {
|
||||
OIDCApplicationType application_type = 6;
|
||||
OIDCAuthMethodType auth_method_type = 7;
|
||||
repeated string post_logout_redirect_uris = 8;
|
||||
OIDCVersion version = 9;
|
||||
bool dev_mode = 10;
|
||||
}
|
||||
|
||||
enum OIDCVersion {
|
||||
OIDCV1_0 = 0;
|
||||
}
|
||||
|
||||
message OIDCConfigUpdate {
|
||||
@@ -2357,6 +2189,7 @@ message OIDCConfigUpdate {
|
||||
OIDCApplicationType application_type = 6;
|
||||
OIDCAuthMethodType auth_method_type = 7;
|
||||
repeated string post_logout_redirect_uris = 8;
|
||||
bool dev_mode = 9;
|
||||
}
|
||||
|
||||
enum OIDCResponseType {
|
||||
@@ -2630,39 +2463,6 @@ message UserGrantID {
|
||||
string id = 2;
|
||||
}
|
||||
|
||||
message ProjectUserGrantID {
|
||||
string project_id = 1;
|
||||
string user_id = 2;
|
||||
string id = 3;
|
||||
}
|
||||
|
||||
message ProjectUserGrantUpdate {
|
||||
string project_id = 1;
|
||||
string user_id = 2;
|
||||
string id = 3;
|
||||
repeated string role_keys = 4;
|
||||
}
|
||||
|
||||
message ProjectGrantUserGrantID {
|
||||
string project_grant_id = 1;
|
||||
string user_id = 2;
|
||||
string id = 3;
|
||||
}
|
||||
|
||||
message ProjectGrantUserGrantCreate {
|
||||
string user_id = 1;
|
||||
string project_grant_id = 2;
|
||||
string project_id = 3 [(validate.rules).string.min_len = 1];
|
||||
repeated string role_keys = 4;
|
||||
}
|
||||
|
||||
message ProjectGrantUserGrantUpdate {
|
||||
string project_grant_id = 1;
|
||||
string user_id = 2;
|
||||
string id = 3;
|
||||
repeated string role_keys = 4;
|
||||
}
|
||||
|
||||
enum UserGrantState {
|
||||
USERGRANTSTATE_UNSPECIFIED = 0;
|
||||
USERGRANTSTATE_ACTIVE = 1;
|
||||
|
||||
@@ -11,3 +11,7 @@ func (m *LocalizedMessage) SetLocalizedMessage(message string) {
|
||||
func NewLocalizedEventType(key string) *LocalizedMessage {
|
||||
return &LocalizedMessage{Key: "EventTypes." + key}
|
||||
}
|
||||
|
||||
func NewLocalizedMessage(key string) *LocalizedMessage {
|
||||
return &LocalizedMessage{Key: key}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user