Fix session test for olm and show proper alert for ee

server/db/pg/driver.ts

@@ -73,7 +73,7 @@ function createDb() {
 
     return withReplicas(
         DrizzlePostgres(primaryPool, {
-            logger: process.env.QUERY_LOGGING === "true"
+            logger: process.env.QUERY_LOGGING == "true"
         }),
         replicas as any
     );

server/routers/olm/handleOlmPingMessage.ts

@@ -136,7 +136,7 @@ export const handleOlmPingMessage: MessageHandler = async (context) => {
         const policyCheck = await checkOrgAccessPolicy({
             orgId: client.orgId,
             userId: olm.userId,
-            session: userToken // this is the user token passed in the message
+            sessionId: userToken // this is the user token passed in the message
         });
 
         if (!policyCheck.allowed) {

server/routers/olm/handleOlmRegisterMessage.ts

@@ -97,7 +97,7 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
         const policyCheck = await checkOrgAccessPolicy({
             orgId: orgId,
             userId: olm.userId,
-            session: userToken // this is the user token passed in the message
+            sessionId: userToken // this is the user token passed in the message
         });
 
         if (!policyCheck.allowed) {

server/routers/siteResource/updateSiteResource.ts

@@ -2,6 +2,7 @@ import { Request, Response, NextFunction } from "express";
 import { z } from "zod";
 import {
     clientSiteResources,
+    clientSiteResourcesAssociationsCache,
     db,
     newts,
     roles,
@@ -321,7 +322,6 @@ export async function updateSiteResource(
                     );
                 }
 
-                let oldDestinationStillInUseByASite = false;
                 // Only update targets on newt if destination changed
                 if (destinationChanged) {
                     const oldTargets = generateSubnetProxyTargets(
@@ -337,12 +337,28 @@ export async function updateSiteResource(
                         oldTargets: oldTargets,
                         newTargets: newTargets
                     });
+                }
 
+                const olmJobs: Promise<void>[] = [];
+                for (const client of mergedAllClients) {
+                    // does this client have access to another resource on this site that has the same destination still? if so we dont want to remove it from their olm yet
+                    // todo: optimize this query if needed
                     const oldDestinationStillInUseSites = await trx
                         .select()
                         .from(siteResources)
+                        .innerJoin(
+                            clientSiteResourcesAssociationsCache,
+                            eq(
+                                clientSiteResourcesAssociationsCache.siteResourceId,
+                                siteResources.siteResourceId
+                            )
+                        )
                         .where(
                             and(
+                                eq(
+                                    clientSiteResourcesAssociationsCache.clientId,
+                                    client.clientId
+                                ),
                                 eq(siteResources.siteId, site.siteId),
                                 eq(
                                     siteResources.destination,
@@ -355,12 +371,9 @@ export async function updateSiteResource(
                             )
                         );
 
-                    oldDestinationStillInUseByASite =
+                    const oldDestinationStillInUseByASite =
                         oldDestinationStillInUseSites.length > 0;
-                }
 
-                const olmJobs: Promise<void>[] = [];
-                for (const client of mergedAllClients) {
                     // we also need to update the remote subnets on the olms for each client that has access to this site
                     olmJobs.push(
                         updatePeerData(