diff --git a/server/lib/blueprints/resourcePolicies.ts b/server/lib/blueprints/resourcePolicies.ts index 2d784167c..b9abd945c 100644 --- a/server/lib/blueprints/resourcePolicies.ts +++ b/server/lib/blueprints/resourcePolicies.ts @@ -23,6 +23,7 @@ import { hashPassword } from "@server/auth/password"; import { isValidCIDR, isValidIP, isValidUrlGlobPattern } from "../validators"; import { isLicensedOrSubscribed } from "#dynamic/lib/isLicencedOrSubscribed"; import { tierMatrix } from "../billing/tierMatrix"; +import privateConfig from "@server/private/lib/config"; export type ResourcePoliciesResults = { resourcePolicyId: number; @@ -83,7 +84,10 @@ export async function updateResourcePolicies( ); } - if (process.env.IDENTITY_PROVIDER_MODE === "org") { + if ( + privateConfig.getRawPrivateConfig().app + .identity_provider_mode === "org" + ) { const [providerOrg] = await trx .select() .from(idpOrg) diff --git a/server/private/routers/policy/createResourcePolicy.ts b/server/private/routers/policy/createResourcePolicy.ts index 79ecdea7d..1fd7466ee 100644 --- a/server/private/routers/policy/createResourcePolicy.ts +++ b/server/private/routers/policy/createResourcePolicy.ts @@ -38,6 +38,7 @@ import { } from "@server/lib/validators"; import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; +import privateConfig from "@server/private/lib/config"; import HttpCode from "@server/types/HttpCode"; import { and, eq, inArray, type InferInsertModel } from "drizzle-orm"; import { NextFunction, Request, Response } from "express"; @@ -219,7 +220,10 @@ export async function createResourcePolicy( ); } - if (process.env.IDENTITY_PROVIDER_MODE === "org") { + if ( + privateConfig.getRawPrivateConfig().app + .identity_provider_mode === "org" + ) { const [providerOrg] = await db .select() .from(idpOrg) diff --git a/server/routers/idp/createIdpOrgPolicy.ts b/server/routers/idp/createIdpOrgPolicy.ts index 7a69740d1..cfbb9c1a7 100644 --- a/server/routers/idp/createIdpOrgPolicy.ts +++ b/server/routers/idp/createIdpOrgPolicy.ts @@ -11,6 +11,7 @@ import { OpenAPITags, registry } from "@server/openApi"; import config from "@server/lib/config"; import { eq, and } from "drizzle-orm"; import { idp, idpOrg } from "@server/db"; +import privateConfig from "@server/private/lib/config"; const paramsSchema = z.strictObject({ idpId: z.coerce.number(), @@ -25,7 +26,6 @@ const bodySchema = z.strictObject({ export type CreateIdpOrgPolicyResponse = {}; const CreateIdpOrgPolicyResponseDataSchema = z.object({}); - registry.registerPath({ method: "put", path: "/idp/{idpId}/org/{orgId}", @@ -46,7 +46,9 @@ registry.registerPath({ description: "Successful response", content: { "application/json": { - schema: createApiResponseSchema(CreateIdpOrgPolicyResponseDataSchema) + schema: createApiResponseSchema( + CreateIdpOrgPolicyResponseDataSchema + ) } } } @@ -82,7 +84,10 @@ export async function createIdpOrgPolicy( const { idpId, orgId } = parsedParams.data; const { roleMapping, orgMapping } = parsedBody.data; - if (process.env.IDENTITY_PROVIDER_MODE === "org") { + if ( + privateConfig.getRawPrivateConfig().app.identity_provider_mode === + "org" + ) { return next( createHttpError( HttpCode.BAD_REQUEST, diff --git a/server/routers/idp/createOidcIdp.ts b/server/routers/idp/createOidcIdp.ts index 813ab0ea5..ed11c485d 100644 --- a/server/routers/idp/createOidcIdp.ts +++ b/server/routers/idp/createOidcIdp.ts @@ -12,6 +12,7 @@ import { idp, idpOidcConfig, idpOrg, orgs } from "@server/db"; import { generateOidcRedirectUrl } from "@server/lib/idp/generateRedirectUrl"; import { encrypt } from "@server/lib/crypto"; import config from "@server/lib/config"; +import privateConfig from "@server/private/lib/config"; const paramsSchema = z.strictObject({}); @@ -39,7 +40,6 @@ const CreateIdpResponseDataSchema = z.object({ redirectUrl: z.string() }); - registry.registerPath({ method: "put", path: "/idp/oidc", @@ -98,7 +98,8 @@ export async function createOidcIdp( } = parsedBody.data; if ( - process.env.IDENTITY_PROVIDER_MODE === "org" + privateConfig.getRawPrivateConfig().app.identity_provider_mode === + "org" ) { return next( createHttpError( diff --git a/server/routers/idp/updateIdpOrgPolicy.ts b/server/routers/idp/updateIdpOrgPolicy.ts index 73ca68059..6cdcea71c 100644 --- a/server/routers/idp/updateIdpOrgPolicy.ts +++ b/server/routers/idp/updateIdpOrgPolicy.ts @@ -10,6 +10,7 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { eq, and } from "drizzle-orm"; import { idp, idpOrg } from "@server/db"; +import privateConfig from "@server/private/lib/config"; const paramsSchema = z.strictObject({ idpId: z.coerce.number(), @@ -24,7 +25,6 @@ const bodySchema = z.strictObject({ export type UpdateIdpOrgPolicyResponse = {}; const UpdateIdpOrgPolicyResponseDataSchema = z.object({}); - registry.registerPath({ method: "post", path: "/idp/{idpId}/org/{orgId}", @@ -45,7 +45,9 @@ registry.registerPath({ description: "Successful response", content: { "application/json": { - schema: createApiResponseSchema(UpdateIdpOrgPolicyResponseDataSchema) + schema: createApiResponseSchema( + UpdateIdpOrgPolicyResponseDataSchema + ) } } } @@ -81,7 +83,10 @@ export async function updateIdpOrgPolicy( const { idpId, orgId } = parsedParams.data; const { roleMapping, orgMapping } = parsedBody.data; - if (process.env.IDENTITY_PROVIDER_MODE === "org") { + if ( + privateConfig.getRawPrivateConfig().app.identity_provider_mode === + "org" + ) { return next( createHttpError( HttpCode.BAD_REQUEST, diff --git a/server/routers/idp/updateOidcIdp.ts b/server/routers/idp/updateOidcIdp.ts index 69b77770f..a74f89daa 100644 --- a/server/routers/idp/updateOidcIdp.ts +++ b/server/routers/idp/updateOidcIdp.ts @@ -12,6 +12,7 @@ import { idp, idpOidcConfig } from "@server/db"; import { eq } from "drizzle-orm"; import { encrypt } from "@server/lib/crypto"; import config from "@server/lib/config"; +import privateConfig from "@server/private/lib/config"; const paramsSchema = z .object({ @@ -43,7 +44,6 @@ const UpdateIdpResponseDataSchema = z.object({ idpId: z.number() }); - registry.registerPath({ method: "post", path: "/idp/{idpId}/oidc", @@ -115,7 +115,10 @@ export async function updateOidcIdp( variant } = parsedBody.data; - if (process.env.IDENTITY_PROVIDER_MODE === "org") { + if ( + privateConfig.getRawPrivateConfig().app.identity_provider_mode === + "org" + ) { return next( createHttpError( HttpCode.BAD_REQUEST, diff --git a/server/routers/policy/setResourcePolicyAccessControl.ts b/server/routers/policy/setResourcePolicyAccessControl.ts index 15da9f657..66a66f380 100644 --- a/server/routers/policy/setResourcePolicyAccessControl.ts +++ b/server/routers/policy/setResourcePolicyAccessControl.ts @@ -18,6 +18,7 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { and, eq, inArray, ne } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; +import privateConfig from "@server/private/lib/config"; const setResourcePolicyAcccessControlBodySchema = z.strictObject({ sso: z.boolean(), @@ -119,12 +120,18 @@ export async function setResourcePolicyAccessControl( ); } - if (process.env.IDENTITY_PROVIDER_MODE === "org") { + if ( + privateConfig.getRawPrivateConfig().app + .identity_provider_mode === "org" + ) { const [providerOrg] = await db .select() .from(idpOrg) .where( - and(eq(idpOrg.idpId, idpId), eq(idpOrg.orgId, policy.orgId)) + and( + eq(idpOrg.idpId, idpId), + eq(idpOrg.orgId, policy.orgId) + ) ) .limit(1);