pangolin_mirror/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-03-05 18:26:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix issue with auto provisioning being overriden

Browse Source
This commit is contained in:
Owen
2026-02-13 14:53:32 -08:00
parent 333625f199
commit be89e5ca55
3 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
server/private/routers/orgIdp/createOrgOidcIdp.ts
View File

@@ -28,6 +28,7 @@ import { CreateOrgIdpResponse } from "@server/routers/orgIdp/types";
import { isSubscribed } from "#private/lib/isSubscribed"; import { isSubscribed } from "#private/lib/isSubscribed";
import { tierMatrix } from "@server/lib/billing/tierMatrix"; import { tierMatrix } from "@server/lib/billing/tierMatrix";
import privateConfig from "#private/lib/config"; import privateConfig from "#private/lib/config";
import { build } from "@server/build";
const paramsSchema = z.strictObject({ orgId: z.string().nonempty() }); const paramsSchema = z.strictObject({ orgId: z.string().nonempty() });
@@ -122,12 +123,14 @@ export async function createOrgOidcIdp(
let { autoProvision } = parsedBody.data; let { autoProvision } = parsedBody.data;
const subscribed = await isSubscribed( if (build == "saas") { // this is not paywalled with a ee license because this whole endpoint is restricted
orgId, const subscribed = await isSubscribed(
tierMatrix.deviceApprovals orgId,
); tierMatrix.deviceApprovals
if (!subscribed) { );
autoProvision = false; if (!subscribed) {
autoProvision = false;
}
} }
const key = config.getRawConfig().server.secret!; const key = config.getRawConfig().server.secret!;

16
server/private/routers/orgIdp/updateOrgOidcIdp.ts
View File

@@ -27,6 +27,7 @@ import config from "@server/lib/config";
import { isSubscribed } from "#private/lib/isSubscribed"; import { isSubscribed } from "#private/lib/isSubscribed";
import { tierMatrix } from "@server/lib/billing/tierMatrix"; import { tierMatrix } from "@server/lib/billing/tierMatrix";
import privateConfig from "#private/lib/config"; import privateConfig from "#private/lib/config";
import { build } from "@server/build";
const paramsSchema = z const paramsSchema = z
.object({ .object({
@@ -127,12 +128,15 @@ export async function updateOrgOidcIdp(
let { autoProvision } = parsedBody.data; let { autoProvision } = parsedBody.data;
const subscribed = await isSubscribed( if (build == "saas") {
orgId, // this is not paywalled with a ee license because this whole endpoint is restricted
tierMatrix.deviceApprovals const subscribed = await isSubscribed(
); orgId,
if (!subscribed) { tierMatrix.deviceApprovals
autoProvision = false; );
if (!subscribed) {
autoProvision = false;
}
} }
// Check if IDP exists and is of type OIDC // Check if IDP exists and is of type OIDC

4
server/routers/badger/verifySession.ts
View File

@@ -797,7 +797,7 @@ async function notAllowed(
) { ) {
let loginPage: LoginPage | null = null; let loginPage: LoginPage | null = null;
if (orgId) { if (orgId) {
const subscribed = await isSubscribed( const subscribed = await isSubscribed( // this is fine because the org login page is only a saas feature
orgId, orgId,
tierMatrix.loginPageDomain tierMatrix.loginPageDomain
); );
@@ -854,7 +854,7 @@ async function headerAuthChallenged(
) { ) {
let loginPage: LoginPage | null = null; let loginPage: LoginPage | null = null;
if (orgId) { if (orgId) {
const subscribed = await isSubscribed(orgId, tierMatrix.loginPageDomain); const subscribed = await isSubscribed(orgId, tierMatrix.loginPageDomain); // this is fine because the org login page is only a saas feature
if (subscribed) { if (subscribed) {
loginPage = await getOrgLoginPage(orgId); loginPage = await getOrgLoginPage(orgId);
} }