From 5a209f81d1eca519f1b7c90373a841ca1e5af9f0 Mon Sep 17 00:00:00 2001
From: Faruk AYDIN <omerfaruk26@gmail.com>
Date: Sat, 24 Feb 2024 01:05:04 +0100
Subject: [PATCH] feat: Add missing middleware checks to admin app auth clients

---
 packages/backend/src/helpers/authorization.js                | 4 ----
 packages/backend/src/routes/api/v1/admin/app-auth-clients.js | 4 ++--
 packages/backend/src/routes/index.js                         | 1 -
 3 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/packages/backend/src/helpers/authorization.js b/packages/backend/src/helpers/authorization.js
index 133ea880..8c20c4f4 100644
--- a/packages/backend/src/helpers/authorization.js
+++ b/packages/backend/src/helpers/authorization.js
@@ -7,10 +7,6 @@ const authorizationList = {
     action: 'read',
     subject: 'User',
   },
-  '/api/v1/admin/app-auth-clients/:appAuthClientId': {
-    action: 'read',
-    subject: 'App',
-  },
 };
 
 export const authorizeUser = async (request, response, next) => {
diff --git a/packages/backend/src/routes/api/v1/admin/app-auth-clients.js b/packages/backend/src/routes/api/v1/admin/app-auth-clients.js
index 92b4885c..bb337e02 100644
--- a/packages/backend/src/routes/api/v1/admin/app-auth-clients.js
+++ b/packages/backend/src/routes/api/v1/admin/app-auth-clients.js
@@ -1,6 +1,5 @@
 import { Router } from 'express';
 import { authenticateUser } from '../../../../helpers/authentication.js';
-import { authorizeUser } from '../../../../helpers/authorization.js';
 import getAdminAppAuthClientsAction from '../../../../controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js';
 
 const router = Router();
@@ -8,7 +7,8 @@ const router = Router();
 router.get(
   '/:appAuthClientId',
   authenticateUser,
-  authorizeUser,
+  authorizeAdmin,
+  checkIsEnterprise,
   getAdminAppAuthClientsAction
 );
 
diff --git a/packages/backend/src/routes/index.js b/packages/backend/src/routes/index.js
index f31e6311..61dd7bd9 100644
--- a/packages/backend/src/routes/index.js
+++ b/packages/backend/src/routes/index.js
@@ -23,7 +23,6 @@ router.use('/api/v1/automatisch', automatischRouter);
 router.use('/api/v1/users', usersRouter);
 router.use('/api/v1/payment', paymentRouter);
 router.use('/api/v1/app-auth-clients', appAuthClientsRouter);
-
 router.use('/api/v1/admin/saml-auth-providers', samlAuthProvidersRouter);
 router.use('/api/v1/admin/roles', rolesRouter);
 router.use('/api/v1/admin/permissions', permissionsRouter);