fix(session v2): allow searching for own sessions or user agent (fing…

…erprintID) (zitadel#9110) # Which Problems Are Solved ListSessions only works to list the sessions that you are the creator of. # How the Problems Are Solved Add options to search for sessions created by other users, sessions belonging to the same useragent and sessions belonging to your user. Possible through additional search parameters which as default use the information contained in your session token but can also be filled with specific IDs. # Additional Changes Remodel integration tests, to separate the Create and Get of sessions correctly. # Additional Context Closes zitadel#8301 --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
codeprosorg · Jan 14, 2025 · 84997ff · 84997ff
1 parent e2a2e13
commit 84997ff
Show file tree

Hide file tree

Showing 25 changed files with 2,396 additions and 700 deletions.
diff --git a/cmd/start/start.go b/cmd/start/start.go
@@ -442,7 +442,7 @@ func startAPIs(
 	if err := apis.RegisterService(ctx, user_v2.CreateServer(commands, queries, keys.User, keys.IDPConfig, idp.CallbackURL(), idp.SAMLRootURL(), assets.AssetAPI(), permissionCheck)); err != nil {
 		return nil, err
 	}
-	if err := apis.RegisterService(ctx, session_v2beta.CreateServer(commands, queries)); err != nil {
+	if err := apis.RegisterService(ctx, session_v2beta.CreateServer(commands, queries, permissionCheck)); err != nil {
 		return nil, err
 	}
 	if err := apis.RegisterService(ctx, settings_v2beta.CreateServer(commands, queries)); err != nil {
@@ -454,7 +454,7 @@ func startAPIs(
 	if err := apis.RegisterService(ctx, feature_v2beta.CreateServer(commands, queries)); err != nil {
 		return nil, err
 	}
-	if err := apis.RegisterService(ctx, session_v2.CreateServer(commands, queries)); err != nil {
+	if err := apis.RegisterService(ctx, session_v2.CreateServer(commands, queries, permissionCheck)); err != nil {
 		return nil, err
 	}
 	if err := apis.RegisterService(ctx, settings_v2.CreateServer(commands, queries)); err != nil {

diff --git a/internal/api/authz/context_mock.go b/internal/api/authz/context_mock.go
@@ -7,6 +7,11 @@ func NewMockContext(instanceID, orgID, userID string) context.Context {
 	return context.WithValue(ctx, instanceKey, &instance{id: instanceID})
 }
 
+func NewMockContextWithAgent(instanceID, orgID, userID, agentID string) context.Context {
+	ctx := context.WithValue(context.Background(), dataKey, CtxData{UserID: userID, OrgID: orgID, AgentID: agentID})
+	return context.WithValue(ctx, instanceKey, &instance{id: instanceID})
+}
+
 func NewMockContextWithPermissions(instanceID, orgID, userID string, permissions []string) context.Context {
 	ctx := context.WithValue(context.Background(), dataKey, CtxData{UserID: userID, OrgID: orgID})
 	ctx = context.WithValue(ctx, instanceKey, &instance{id: instanceID})