pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-09 12:16:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix issue with auto provisioning being overriden

Browse Source
This commit is contained in:
Owen
2026-02-13 14:53:32 -08:00
parent 333625f199
commit be89e5ca55
3 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/private/routers/orgIdp/createOrgOidcIdp.ts
View File

@@ -28,6 +28,7 @@ import { CreateOrgIdpResponse } from "@server/routers/orgIdp/types";
import { isSubscribed } from "#private/lib/isSubscribed"; import { isSubscribed } from "#private/lib/isSubscribed";
import { tierMatrix } from "@server/lib/billing/tierMatrix"; import { tierMatrix } from "@server/lib/billing/tierMatrix";
import privateConfig from "#private/lib/config"; import privateConfig from "#private/lib/config";
import { build } from "@server/build";
const paramsSchema = z.strictObject({ orgId: z.string().nonempty() }); const paramsSchema = z.strictObject({ orgId: z.string().nonempty() });
@@ -122,6 +123,7 @@ export async function createOrgOidcIdp(
let { autoProvision } = parsedBody.data; let { autoProvision } = parsedBody.data;
if (build == "saas") { // this is not paywalled with a ee license because this whole endpoint is restricted
const subscribed = await isSubscribed( const subscribed = await isSubscribed(
orgId, orgId,
tierMatrix.deviceApprovals tierMatrix.deviceApprovals
@@ -129,6 +131,7 @@ export async function createOrgOidcIdp(
if (!subscribed) { if (!subscribed) {
autoProvision = false; autoProvision = false;
} }
}
const key = config.getRawConfig().server.secret!; const key = config.getRawConfig().server.secret!;

4
server/private/routers/orgIdp/updateOrgOidcIdp.ts
View File

@@ -27,6 +27,7 @@ import config from "@server/lib/config";
import { isSubscribed } from "#private/lib/isSubscribed"; import { isSubscribed } from "#private/lib/isSubscribed";
import { tierMatrix } from "@server/lib/billing/tierMatrix"; import { tierMatrix } from "@server/lib/billing/tierMatrix";
import privateConfig from "#private/lib/config"; import privateConfig from "#private/lib/config";
import { build } from "@server/build";
const paramsSchema = z const paramsSchema = z
.object({ .object({
@@ -127,6 +128,8 @@ export async function updateOrgOidcIdp(
let { autoProvision } = parsedBody.data; let { autoProvision } = parsedBody.data;
if (build == "saas") {
// this is not paywalled with a ee license because this whole endpoint is restricted
const subscribed = await isSubscribed( const subscribed = await isSubscribed(
orgId, orgId,
tierMatrix.deviceApprovals tierMatrix.deviceApprovals
@@ -134,6 +137,7 @@ export async function updateOrgOidcIdp(
if (!subscribed) { if (!subscribed) {
autoProvision = false; autoProvision = false;
} }
}
// Check if IDP exists and is of type OIDC // Check if IDP exists and is of type OIDC
const [existingIdp] = await db const [existingIdp] = await db

4
server/routers/badger/verifySession.ts
View File

@@ -797,7 +797,7 @@ async function notAllowed(
) { ) {
let loginPage: LoginPage | null = null; let loginPage: LoginPage | null = null;
if (orgId) { if (orgId) {
const subscribed = await isSubscribed( const subscribed = await isSubscribed( // this is fine because the org login page is only a saas feature
orgId, orgId,
tierMatrix.loginPageDomain tierMatrix.loginPageDomain
); );
@@ -854,7 +854,7 @@ async function headerAuthChallenged(
) { ) {
let loginPage: LoginPage | null = null; let loginPage: LoginPage | null = null;
if (orgId) { if (orgId) {
const subscribed = await isSubscribed(orgId, tierMatrix.loginPageDomain); const subscribed = await isSubscribed(orgId, tierMatrix.loginPageDomain); // this is fine because the org login page is only a saas feature
if (subscribed) { if (subscribed) {
loginPage = await getOrgLoginPage(orgId); loginPage = await getOrgLoginPage(orgId);
} }