mirror of
https://github.com/fosrl/pangolin.git
synced 2026-03-06 02:36:38 +00:00
Fix sso username issue
This commit is contained in:
Owen
@@ -11,7 +11,7 @@ import {
|
|||||||
userSiteResources
|
userSiteResources
|
||||||
} from "@server/db";
|
} from "@server/db";
|
||||||
import { sites } from "@server/db";
|
import { sites } from "@server/db";
|
||||||
import { eq, and, ne, inArray } from "drizzle-orm";
|
import { eq, and, ne, inArray, or } from "drizzle-orm";
|
||||||
import { Config } from "./types";
|
import { Config } from "./types";
|
||||||
import logger from "@server/logger";
|
import logger from "@server/logger";
|
||||||
import { getNextAvailableAliasAddress } from "../ip";
|
import { getNextAvailableAliasAddress } from "../ip";
|
||||||
@@ -142,7 +142,10 @@ export async function updateClientResources(
|
|||||||
.innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
|
.innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
|
||||||
.where(
|
.where(
|
||||||
and(
|
and(
|
||||||
inArray(users.username, resourceData.users),
|
or(
|
||||||
|
inArray(users.username, resourceData.users),
|
||||||
|
inArray(users.email, resourceData.users)
|
||||||
|
),
|
||||||
eq(userOrgs.orgId, orgId)
|
eq(userOrgs.orgId, orgId)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
@@ -276,7 +279,10 @@ export async function updateClientResources(
|
|||||||
.innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
|
.innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
|
||||||
.where(
|
.where(
|
||||||
and(
|
and(
|
||||||
inArray(users.username, resourceData.users),
|
or(
|
||||||
|
inArray(users.username, resourceData.users),
|
||||||
|
inArray(users.email, resourceData.users)
|
||||||
|
),
|
||||||
eq(userOrgs.orgId, orgId)
|
eq(userOrgs.orgId, orgId)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|||||||
@@ -212,7 +212,10 @@ export async function updateProxyResources(
|
|||||||
} else {
|
} else {
|
||||||
// Update existing resource
|
// Update existing resource
|
||||||
|
|
||||||
const isLicensed = await isLicensedOrSubscribed(orgId, tierMatrix.maintencePage);
|
const isLicensed = await isLicensedOrSubscribed(
|
||||||
|
orgId,
|
||||||
|
tierMatrix.maintencePage
|
||||||
|
);
|
||||||
if (!isLicensed) {
|
if (!isLicensed) {
|
||||||
resourceData.maintenance = undefined;
|
resourceData.maintenance = undefined;
|
||||||
}
|
}
|
||||||
@@ -590,7 +593,10 @@ export async function updateProxyResources(
|
|||||||
existingRule.action !== getRuleAction(rule.action) ||
|
existingRule.action !== getRuleAction(rule.action) ||
|
||||||
existingRule.match !== rule.match.toUpperCase() ||
|
existingRule.match !== rule.match.toUpperCase() ||
|
||||||
existingRule.value !==
|
existingRule.value !==
|
||||||
getRuleValue(rule.match.toUpperCase(), rule.value) ||
|
getRuleValue(
|
||||||
|
rule.match.toUpperCase(),
|
||||||
|
rule.value
|
||||||
|
) ||
|
||||||
existingRule.priority !== intendedPriority
|
existingRule.priority !== intendedPriority
|
||||||
) {
|
) {
|
||||||
validateRule(rule);
|
validateRule(rule);
|
||||||
@@ -648,7 +654,10 @@ export async function updateProxyResources(
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
const isLicensed = await isLicensedOrSubscribed(orgId, tierMatrix.maintencePage);
|
const isLicensed = await isLicensedOrSubscribed(
|
||||||
|
orgId,
|
||||||
|
tierMatrix.maintencePage
|
||||||
|
);
|
||||||
if (!isLicensed) {
|
if (!isLicensed) {
|
||||||
resourceData.maintenance = undefined;
|
resourceData.maintenance = undefined;
|
||||||
}
|
}
|
||||||
@@ -935,7 +944,12 @@ async function syncUserResources(
|
|||||||
.select()
|
.select()
|
||||||
.from(users)
|
.from(users)
|
||||||
.innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
|
.innerJoin(userOrgs, eq(users.userId, userOrgs.userId))
|
||||||
.where(and(eq(users.username, username), eq(userOrgs.orgId, orgId)))
|
.where(
|
||||||
|
and(
|
||||||
|
or(eq(users.username, username), eq(users.email, username)),
|
||||||
|
eq(userOrgs.orgId, orgId)
|
||||||
|
)
|
||||||
|
)
|
||||||
.limit(1);
|
.limit(1);
|
||||||
|
|
||||||
if (!user) {
|
if (!user) {
|
||||||
|
|||||||
@@ -69,7 +69,7 @@ export const AuthSchema = z.object({
|
|||||||
.refine((roles) => !roles.includes("Admin"), {
|
.refine((roles) => !roles.includes("Admin"), {
|
||||||
error: "Admin role cannot be included in sso-roles"
|
error: "Admin role cannot be included in sso-roles"
|
||||||
}),
|
}),
|
||||||
"sso-users": z.array(z.email()).optional().default([]),
|
"sso-users": z.array(z.string()).optional().default([]),
|
||||||
"whitelist-users": z.array(z.email()).optional().default([]),
|
"whitelist-users": z.array(z.email()).optional().default([]),
|
||||||
"auto-login-idp": z.int().positive().optional()
|
"auto-login-idp": z.int().positive().optional()
|
||||||
});
|
});
|
||||||
@@ -335,7 +335,7 @@ export const ClientResourceSchema = z
|
|||||||
.refine((roles) => !roles.includes("Admin"), {
|
.refine((roles) => !roles.includes("Admin"), {
|
||||||
error: "Admin role cannot be included in roles"
|
error: "Admin role cannot be included in roles"
|
||||||
}),
|
}),
|
||||||
users: z.array(z.email()).optional().default([]),
|
users: z.array(z.string()).optional().default([]),
|
||||||
machines: z.array(z.string()).optional().default([])
|
machines: z.array(z.string()).optional().default([])
|
||||||
})
|
})
|
||||||
.refine(
|
.refine(
|
||||||
|
|||||||
Reference in New Issue
Block a user