feat(oauth/team-memberships): oauth team memberships teaser EE-341 (#5088)

* EE oauth team memberships feature teaser * bugfix: deleting a default team should reset default team id to 0 * error wrapping, refactor team deletion code
2021-07-02 18:20:10 +12:00 · 2021-07-02 18:20:10 +12:00 · f6c5c552aa
parent 90a472c08b
commit f6c5c552aa
2 changed files with 40 additions and 2 deletions
--- a/api/http/handler/teams/team_delete.go
+++ b/api/http/handler/teams/team_delete.go
@ -3,11 +3,12 @@ package teams
 import (
 	"net/http"

+	"github.com/pkg/errors"
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
 	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/bolt/errors"
+	bolterrors "github.com/portainer/portainer/api/bolt/errors"
 )

 // @id TeamDelete
@ -29,7 +30,7 @@ func (handler *Handler) teamDelete(w http.ResponseWriter, r *http.Request) *http
 	}

 	_, err = handler.DataStore.Team().Team(portainer.TeamID(teamID))
-	if err == errors.ErrObjectNotFound {
+	if err == bolterrors.ErrObjectNotFound {
 		return &httperror.HandlerError{http.StatusNotFound, "Unable to find a team with the specified identifier inside the database", err}
 	} else if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a team with the specified identifier inside the database", err}
@ -45,5 +46,27 @@ func (handler *Handler) teamDelete(w http.ResponseWriter, r *http.Request) *http
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to delete associated team memberships from the database", err}
 	}

+	// update default team if deleted team was default
+	err = handler.updateDefaultTeamIfDeleted(portainer.TeamID(teamID))
+	if err != nil {
+		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to reset default team", err}
+	}
+
 	return response.Empty(w)
 }
+
+// updateDefaultTeamIfDeleted resets the default team to nil if default team was the deleted team
+func (handler *Handler) updateDefaultTeamIfDeleted(teamID portainer.TeamID) error {
+	settings, err := handler.DataStore.Settings().Settings()
+	if err != nil {
+		return errors.Wrap(err, "failed to fetch settings")
+	}
+
+	if teamID != settings.OAuthSettings.DefaultTeamID {
+		return nil
+	}
+
+	settings.OAuthSettings.DefaultTeamID = 0
+	err = handler.DataStore.Settings().UpdateSettings(settings)
+	return errors.Wrap(err, "failed to update settings")
+}
--- a/app/portainer/oauth/components/oauth-settings/oauth-settings.html
+++ b/app/portainer/oauth/components/oauth-settings/oauth-settings.html
@ -67,6 +67,21 @@
    </div>
  </div>

+  <div class="col-sm-12 form-section-title">
+    Team membership
+  </div>
+  <div class="form-group">
+    <span class="col-sm-12 text-muted small">
+      Automatic team membership synchronizes the team membership based on a custom claim in the token from the OAuth provider.
+    </span>
+  </div>
+  <div class="form-group">
+    <span class="text-muted small" style="margin-left: 15px;">
+      <i class="fa fa-user" aria-hidden="true"></i>
+      This feature is available in <a href="https://www.portainer.io/business-upsell?from=oauth-group-membership" target="_blank"> Portainer Business Edition</a>.
+    </span>
+  </div>
+
  <div class="col-sm-12 form-section-title">OAuth Configuration</div>

  <div class="form-group">