Switch to the new tier system and clean up checks

2026-02-20 11:56:38 +00:00 · 2026-02-06 16:27:31 -08:00
parent 7a50abb38b
commit c865bc7866
31 changed files with 163 additions and 215 deletions
--- a/server/routers/badger/verifySession.ts
+++ b/server/routers/badger/verifySession.ts
@@ -18,7 +18,6 @@ import {
    ResourcePassword,
    ResourcePincode,
    ResourceRule,
-    resourceSessions
 } from "@server/db";
 import config from "@server/lib/config";
 import { isIpInCidr, stripPortFromHost } from "@server/lib/ip";
@@ -32,7 +31,6 @@ import { fromError } from "zod-validation-error";
 import { getCountryCodeForIp } from "@server/lib/geoip";
 import { getAsnForIp } from "@server/lib/asn";
 import { getOrgTierData } from "#dynamic/lib/billing";
-import { TierId } from "@server/lib/billing/tiers";
 import { verifyPassword } from "@server/auth/password";
 import {
    checkOrgAccessPolicy,
@@ -40,8 +38,8 @@ import {
 } from "#dynamic/lib/checkOrgAccessPolicy";
 import { logRequestAudit } from "./logRequestAudit";
 import cache from "@server/lib/cache";
-import semver from "semver";
 import { APP_VERSION } from "@server/lib/consts";
+import { isSubscribed } from "#private/lib/isSubscribed";

 const verifyResourceSessionSchema = z.object({
    sessions: z.record(z.string(), z.string()).optional(),
@@ -798,8 +796,8 @@ async function notAllowed(
 ) {
    let loginPage: LoginPage | null = null;
    if (orgId) {
-        const { tier } = await getOrgTierData(orgId); // returns null in oss
-        if (tier === TierId.STANDARD) {
+        const subscribed = await isSubscribed(orgId);
+        if (subscribed) {
            loginPage = await getOrgLoginPage(orgId);
        }
    }
@@ -852,8 +850,8 @@ async function headerAuthChallenged(
 ) {
    let loginPage: LoginPage | null = null;
    if (orgId) {
-        const { tier } = await getOrgTierData(orgId); // returns null in oss
-        if (tier === TierId.STANDARD) {
+        const subscribed = await isSubscribed(orgId);
+        if (subscribed) {
            loginPage = await getOrgLoginPage(orgId);
        }
    }
--- a/server/routers/idp/generateOidcUrl.ts
+++ b/server/routers/idp/generateOidcUrl.ts
@@ -14,8 +14,7 @@ import jsonwebtoken from "jsonwebtoken";
 import config from "@server/lib/config";
 import { decrypt } from "@server/lib/crypto";
 import { build } from "@server/build";
-import { getOrgTierData } from "#dynamic/lib/billing";
-import { TierId } from "@server/lib/billing/tiers";
+import { isSubscribed } from "@server/private/lib/isSubscribed";

 const paramsSchema = z
    .object({
@@ -113,8 +112,7 @@ export async function generateOidcUrl(
            }

            if (build === "saas") {
-                const { tier } = await getOrgTierData(orgId);
-                const subscribed = tier === TierId.STANDARD;
+                const subscribed = await isSubscribed(orgId);
                if (!subscribed) {
                    return next(
                        createHttpError(
--- a/server/routers/org/updateOrg.ts
+++ b/server/routers/org/updateOrg.ts
@@ -10,10 +10,10 @@ import logger from "@server/logger";
 import { fromError } from "zod-validation-error";
 import { OpenAPITags, registry } from "@server/openApi";
 import { build } from "@server/build";
-import { getOrgTierData } from "#dynamic/lib/billing";
-import { TierId } from "@server/lib/billing/tiers";
 import { cache } from "@server/lib/cache";
 import { isLicensedOrSubscribed } from "#dynamic/lib/isLicencedOrSubscribed";
+import { subscribe } from "node:diagnostics_channel";
+import { isSubscribed } from "@server/private/lib/isSubscribed";

 const updateOrgParamsSchema = z.strictObject({
    orgId: z.string()
@@ -95,10 +95,10 @@ export async function updateOrg(
            parsedBody.data.passwordExpiryDays = undefined;
        }

-        const { tier } = await getOrgTierData(orgId);
+        const subscribed = await isSubscribed(orgId);
        if (
            build == "saas" &&
-            tier != TierId.STANDARD &&
+            subscribed &&
            parsedBody.data.settingsLogRetentionDaysRequest &&
            parsedBody.data.settingsLogRetentionDaysRequest > 30
        ) {
--- a/server/routers/user/createOrgUser.ts
+++ b/server/routers/user/createOrgUser.ts
@@ -13,9 +13,8 @@ import { generateId } from "@server/auth/sessions/app";
 import { usageService } from "@server/lib/billing/usageService";
 import { FeatureId } from "@server/lib/billing";
 import { build } from "@server/build";
-import { getOrgTierData } from "#dynamic/lib/billing";
-import { TierId } from "@server/lib/billing/tiers";
 import { calculateUserClientsForOrgs } from "@server/lib/calculateUserClientsForOrgs";
+import { isSubscribed } from "@server/private/lib/isSubscribed";

 const paramsSchema = z.strictObject({
    orgId: z.string().nonempty()
@@ -132,9 +131,8 @@ export async function createOrgUser(
            );
        } else if (type === "oidc") {
            if (build === "saas") {
-                const { tier } = await getOrgTierData(orgId);
-                const subscribed = tier === TierId.STANDARD;
-                if (!subscribed) {
+                const subscribed = await isSubscribed(orgId);
+                if (subscribed) {
                    return next(
                        createHttpError(
                            HttpCode.FORBIDDEN,