Merge pull request #3302 from RitwijParmar/codex/resource-update-inline-policy-response

Fix inline policy fields in resource update response

package.json

@@ -35,7 +35,7 @@
         "@asteasolutions/zod-to-openapi": "8.5.0",
         "@devolutions/iron-remote-desktop": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-0.0.0.tgz",
         "@devolutions/iron-remote-desktop-rdp": "https://static.pangolin.net/packages/devolutions-iron-remote-desktop-rdp-0.0.0.tgz",
-        "@aws-sdk/client-s3": "3.1075.0",
+        "@aws-sdk/client-s3": "3.1056.0",
         "@headlessui/react": "2.2.10",
         "@hookform/resolvers": "5.4.0",
         "@monaco-editor/react": "4.7.0",
@@ -43,38 +43,38 @@
         "@novnc/novnc": "^1.7.0",
         "@oslojs/crypto": "1.0.1",
         "@oslojs/encoding": "1.1.0",
-        "@radix-ui/react-avatar": "1.2.0",
-        "@radix-ui/react-checkbox": "1.3.5",
-        "@radix-ui/react-collapsible": "1.1.14",
-        "@radix-ui/react-dialog": "1.1.17",
-        "@radix-ui/react-dropdown-menu": "2.1.18",
+        "@radix-ui/react-avatar": "1.1.11",
+        "@radix-ui/react-checkbox": "1.3.3",
+        "@radix-ui/react-collapsible": "1.1.12",
+        "@radix-ui/react-dialog": "1.1.15",
+        "@radix-ui/react-dropdown-menu": "2.1.16",
         "@radix-ui/react-icons": "1.3.2",
-        "@radix-ui/react-label": "2.1.10",
-        "@radix-ui/react-popover": "1.1.17",
-        "@radix-ui/react-progress": "1.1.10",
-        "@radix-ui/react-radio-group": "1.4.1",
-        "@radix-ui/react-scroll-area": "1.2.12",
-        "@radix-ui/react-select": "2.3.1",
-        "@radix-ui/react-separator": "1.1.10",
-        "@radix-ui/react-slot": "1.3.0",
-        "@radix-ui/react-switch": "1.3.1",
-        "@radix-ui/react-tabs": "1.1.15",
-        "@radix-ui/react-toast": "1.2.17",
-        "@radix-ui/react-tooltip": "1.2.10",
+        "@radix-ui/react-label": "2.1.8",
+        "@radix-ui/react-popover": "1.1.15",
+        "@radix-ui/react-progress": "1.1.8",
+        "@radix-ui/react-radio-group": "1.3.8",
+        "@radix-ui/react-scroll-area": "1.2.10",
+        "@radix-ui/react-select": "2.2.6",
+        "@radix-ui/react-separator": "1.1.8",
+        "@radix-ui/react-slot": "1.2.4",
+        "@radix-ui/react-switch": "1.2.6",
+        "@radix-ui/react-tabs": "1.1.13",
+        "@radix-ui/react-toast": "1.2.15",
+        "@radix-ui/react-tooltip": "1.2.8",
         "@react-email/body": "0.3.0",
         "@react-email/components": "1.0.12",
-        "@react-email/render": "2.0.9",
+        "@react-email/render": "2.0.8",
         "@react-email/tailwind": "2.0.7",
         "@simplewebauthn/browser": "13.3.0",
         "@simplewebauthn/server": "13.3.1",
         "@tailwindcss/forms": "0.5.11",
-        "@tanstack/react-query": "5.101.1",
+        "@tanstack/react-query": "5.100.14",
         "@tanstack/react-table": "8.21.3",
         "@xterm/addon-fit": "^0.11.0",
         "@xterm/addon-web-links": "^0.12.0",
         "@xterm/xterm": "^6.0.0",
         "arctic": "3.7.0",
-        "axios": "1.18.1",
+        "axios": "1.16.1",
         "better-sqlite3": "11.9.1",
         "canvas-confetti": "1.9.4",
         "class-variance-authority": "0.7.1",
@@ -91,40 +91,40 @@
         "helmet": "8.2.0",
         "http-errors": "2.0.1",
         "input-otp": "1.4.2",
-        "ioredis": "5.11.1",
+        "ioredis": "5.11.0",
         "jmespath": "0.16.0",
-        "js-yaml": "5.1.0",
+        "js-yaml": "4.1.1",
         "jsonwebtoken": "9.0.3",
-        "lucide-react": "1.21.0",
+        "lucide-react": "1.17.0",
         "maxmind": "5.0.6",
         "moment": "2.30.1",
-        "next": "16.2.9",
+        "next": "16.2.6",
         "next-intl": "4.13.0",
         "next-themes": "0.4.6",
         "nextjs-toploader": "3.9.17",
         "node-cache": "5.1.2",
         "nodemailer": "9.0.1",
         "oslo": "1.2.1",
-        "pg": "8.22.0",
-        "posthog-node": "5.38.3",
+        "pg": "8.21.0",
+        "posthog-node": "5.35.6",
         "qrcode.react": "4.2.0",
-        "react": "19.2.7",
-        "react-day-picker": "10.0.1",
-        "react-dom": "19.2.7",
+        "react": "19.2.6",
+        "react-day-picker": "9.14.0",
+        "react-dom": "19.2.6",
         "react-easy-sort": "1.8.0",
-        "react-hook-form": "7.80.0",
+        "react-hook-form": "7.76.1",
         "react-icons": "5.6.0",
-        "recharts": "3.9.0",
+        "recharts": "3.8.1",
         "reodotdev": "1.1.0",
-        "semver": "7.8.5",
+        "semver": "7.8.1",
         "sshpk": "1.18.0",
-        "stripe": "22.2.3",
+        "stripe": "22.2.0",
         "swagger-ui-express": "5.0.1",
         "tailwind-merge": "3.6.0",
         "topojson-client": "3.1.0",
         "tw-animate-css": "1.4.0",
         "use-debounce": "10.1.1",
-        "uuid": "14.0.1",
+        "uuid": "14.0.0",
         "vaul": "1.1.2",
         "visionscarto-world-atlas": "1.0.0",
         "winston": "3.19.0",
@@ -136,11 +136,11 @@
         "zod-validation-error": "5.0.0"
     },
     "devDependencies": {
-        "@dotenvx/dotenvx": "1.75.1",
+        "@dotenvx/dotenvx": "1.69.1",
         "@esbuild-plugins/tsconfig-paths": "0.1.2",
-        "@react-email/ui": "^6.6.4",
-        "@tailwindcss/postcss": "4.3.1",
-        "@tanstack/react-query-devtools": "5.101.1",
+        "@react-email/ui": "^6.5.0",
+        "@tailwindcss/postcss": "4.3.0",
+        "@tanstack/react-query-devtools": "5.100.14",
         "@types/better-sqlite3": "7.6.13",
         "@types/cookie-parser": "1.4.10",
         "@types/cors": "2.8.19",
@@ -151,14 +151,14 @@
         "@types/jmespath": "0.15.2",
         "@types/js-yaml": "4.0.9",
         "@types/jsonwebtoken": "9.0.10",
-        "@types/node": "26.0.0",
-        "@types/nodemailer": "8.0.1",
+        "@types/node": "25.9.1",
+        "@types/nodemailer": "8.0.0",
         "@types/nprogress": "0.2.3",
         "@types/pg": "8.20.0",
-        "@types/react": "19.2.17",
+        "@types/react": "19.2.15",
         "@types/react-dom": "19.2.3",
         "@types/semver": "7.7.1",
-        "@types/sshpk": "1.17.5",
+        "@types/sshpk": "1.17.4",
         "@types/swagger-ui-express": "4.1.8",
         "@types/topojson-client": "3.1.5",
         "@types/ws": "8.18.1",
@@ -166,17 +166,17 @@
         "babel-plugin-react-compiler": "1.0.0",
         "drizzle-kit": "0.31.10",
         "esbuild": "0.28.1",
-        "esbuild-node-externals": "1.23.1",
-        "eslint": "10.5.0",
-        "eslint-config-next": "16.2.9",
+        "esbuild-node-externals": "1.22.0",
+        "eslint": "10.4.0",
+        "eslint-config-next": "16.2.6",
         "postcss": "8.5.15",
-        "prettier": "3.8.4",
-        "react-email": "6.6.4",
-        "tailwindcss": "4.3.1",
+        "prettier": "3.8.3",
+        "react-email": "6.5.0",
+        "tailwindcss": "4.3.0",
         "tsc-alias": "1.8.17",
-        "tsx": "4.22.4",
+        "tsx": "4.22.3",
         "typescript": "6.0.3",
-        "typescript-eslint": "8.62.0"
+        "typescript-eslint": "8.60.0"
     },
     "overrides": {
         "esbuild": "0.28.1",

server/routers/resource/getResource.ts

@@ -9,6 +9,7 @@ import { NextFunction, Request, Response } from "express";
 import createHttpError from "http-errors";
 import { z } from "zod";
 import { fromError } from "zod-validation-error";
+import { applyInlinePolicyFields } from "./inlinePolicyFields";
 
 const getResourceSchema = z.strictObject({
     resourceId: z
@@ -151,13 +152,7 @@ export async function getResource(
             const policy = await queryInlinePolicy(
                 resource.defaultResourcePolicyId!
             );
-            returnData = {
-                ...returnData,
-                sso: policy?.sso || null,
-                emailWhitelistEnabled: policy?.emailWhitelistEnabled || null,
-                applyRules: policy?.applyRules || null,
-                skipToIdpId: policy?.idpId || null
-            };
+            returnData = applyInlinePolicyFields(returnData, policy);
         }
 
         return response<GetResourceResponse>(res, {

server/routers/resource/inlinePolicyFields.test.ts

@@ -0,0 +1,74 @@
+import { assertEquals } from "../../../test/assert";
+import { applyInlinePolicyFields } from "./inlinePolicyFields";
+
+function runTests() {
+    const resource = {
+        resourceId: 1,
+        name: "dashboard",
+        sso: null,
+        emailWhitelistEnabled: null,
+        applyRules: null,
+        skipToIdpId: null
+    } as any;
+
+    const enabledPolicy = {
+        sso: true,
+        emailWhitelistEnabled: true,
+        applyRules: true,
+        idpId: 42
+    };
+
+    const enabledResult = applyInlinePolicyFields(resource, enabledPolicy);
+    assertEquals(enabledResult.sso, true, "sso should mirror policy true");
+    assertEquals(
+        enabledResult.emailWhitelistEnabled,
+        true,
+        "email whitelist should mirror policy true"
+    );
+    assertEquals(
+        enabledResult.applyRules,
+        true,
+        "applyRules should mirror policy true"
+    );
+    assertEquals(
+        enabledResult.skipToIdpId,
+        42,
+        "skipToIdpId should use policy idpId"
+    );
+
+    const disabledPolicy = {
+        sso: false,
+        emailWhitelistEnabled: false,
+        applyRules: false,
+        idpId: null
+    };
+
+    const disabledResult = applyInlinePolicyFields(resource, disabledPolicy);
+    assertEquals(disabledResult.sso, false, "sso false must not become null");
+    assertEquals(
+        disabledResult.emailWhitelistEnabled,
+        false,
+        "email whitelist false must not become null"
+    );
+    assertEquals(
+        disabledResult.applyRules,
+        false,
+        "applyRules false must not become null"
+    );
+    assertEquals(
+        disabledResult.skipToIdpId,
+        null,
+        "missing idp should stay null"
+    );
+
+    const missingPolicyResult = applyInlinePolicyFields(resource, null);
+    assertEquals(
+        missingPolicyResult.sso,
+        null,
+        "missing policy should return nullable resource fields"
+    );
+
+    console.log("PASS: inline policy fields mirror policy values");
+}
+
+runTests();

server/routers/resource/inlinePolicyFields.ts

@@ -0,0 +1,19 @@
+import type { Resource, ResourcePolicy } from "@server/db";
+
+type InlinePolicyFields = Pick<
+    ResourcePolicy,
+    "sso" | "emailWhitelistEnabled" | "applyRules" | "idpId"
+>;
+
+export function applyInlinePolicyFields<T extends Resource>(
+    resource: T,
+    policy: InlinePolicyFields | null | undefined
+): T {
+    return {
+        ...resource,
+        sso: policy?.sso ?? null,
+        emailWhitelistEnabled: policy?.emailWhitelistEnabled ?? null,
+        applyRules: policy?.applyRules ?? null,
+        skipToIdpId: policy?.idpId ?? null
+    };
+}

server/routers/resource/updateResource.ts

@@ -47,6 +47,7 @@ import { build } from "@server/build";
 import { isLicensedOrSubscribed } from "#dynamic/lib/isLicencedOrSubscribed";
 import { tierMatrix } from "@server/lib/billing/tierMatrix";
 import { isSubscribed } from "#dynamic/lib/isSubscribed";
+import { applyInlinePolicyFields } from "./inlinePolicyFields";
 
 const updateResourceParamsSchema = z.strictObject({
     resourceId: z.coerce.number().int().positive()
@@ -682,6 +683,12 @@ async function updateHttpResource(
                 .where(eq(resourcePolicies.resourcePolicyId, policyId));
         }
 
+        const [inlinePolicy] = await db
+            .select()
+            .from(resourcePolicies)
+            .where(eq(resourcePolicies.resourcePolicyId, policyId))
+            .limit(1);
+
         const updatedResource = await db
             .update(resources)
             .set({ ...resourceOnlyData, headers })
@@ -698,7 +705,7 @@ async function updateHttpResource(
         }
 
         return response(res, {
-            data: updatedResource[0],
+            data: applyInlinePolicyFields(updatedResource[0], inlinePolicy),
             success: true,
             error: false,
             message: "HTTP resource updated successfully",