Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added more v2beta endpoints #255

Closed
wants to merge 0 commits into from
Closed

Added more v2beta endpoints #255

wants to merge 0 commits into from

Conversation

kalebscholes
Copy link
Contributor

Definition of Ready

  • [x ] I am happy with the code
  • Short description of the feature/issue is added in the pr description
  • PR is linked to the corresponding user story
  • Acceptance criteria are met
  • All open todos and follow ups are defined in a new ticket and justified
  • Deviations from the acceptance criteria and design are agreed with the PO and documented.
  • No debug or dead code
  • My code has no repetitions
  • Critical parts are tested automatically
  • Where possible E2E tests are implemented
  • Documentation/examples are up-to-date
  • All non-functional requirements are met
  • Functionality of the acceptance criteria is checked manually on the dev system.

@kalebscholes
Copy link
Contributor Author

I'm having an issue testing the user endpoints because I keep getting the following error:
rpc error: code = PermissionDenied desc = No matching permissions found (AUTH-AWfge)

Any ideas on which permission I may be missing?

@hifabienne
Copy link
Member

@kalebscholes Can you give an example on which endpoints you have that problem?
I am not sure, but I think on some endpoints the requesting user has to be the manipulated user, as its things that only the users theirself can do. E.g verifying passkey
@stebenz @muhlemmer I that correct?

@muhlemmer
Copy link
Contributor

For most user/v2beta calls user.write permission would work or the user itself.

user.write permission is currently set in defaults.yaml to the following Roles:

  • IAM_OWNER
  • IAM_ORG_MANAGER
  • IAM_USER_MANAGER
  • ORG_OWNER
  • ORG_USER_MANAGER

In a typical use case, one would set up a service user in an organization and give him ORG_OWNER or ORG_USER_MANAGER permissions on that organization. You can do this in the console.

A user is also allowed to change its own details. For this you need a session token from the session/v2beta API. Some endpoints, like the u2f config are only allowed by the user itself, because it wouldn't make sense for an API user to have access to the relevant hardware key.

If you have any more questions, I would recommend joining our discord at https://zitadel.com/chat. A PR is not the correct place to have this kind of discussion.

muhlemmer
muhlemmer requested changes Oct 16, 2023
View reviewed changes
Copy link
Contributor

@muhlemmer muhlemmer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems you used the same branch as your last PR. Therefore, the commit history is showing more changes then it should. You used the main branch of your fork to make changes and send PRs, but this will not work well.

IMO, you should keep kalebscholes:main in sync with zitadel:main and create feature branches locally and send PRs from there.

Also, we use semantic titles for PRs. In this the the PR is a feature, so the title should read feat: add v2beta endpoints.

Can you please resend this PR from a "clean" branch with only the commits for this particular change and with a correct title.

Thanks for the effort.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@muhlemmer muhlemmer muhlemmer requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kalebscholes @hifabienne @muhlemmer