feat(oauth/team-memberships): oauth team memberships teaser EE-341 (#5088)

* EE oauth team memberships feature teaser

* bugfix: deleting a default team should reset default team id to 0

* error wrapping, refactor team deletion code

api/http/handler/teams/team_delete.go

@@ -3,11 +3,12 @@ package teams
 import (
 	"net/http"
 
+	"github.com/pkg/errors"
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
 	portainer "github.com/portainer/portainer/api"
-	"github.com/portainer/portainer/api/bolt/errors"
+	bolterrors "github.com/portainer/portainer/api/bolt/errors"
 )
 
 // @id TeamDelete
@@ -29,7 +30,7 @@ func (handler *Handler) teamDelete(w http.ResponseWriter, r *http.Request) *http
 	}
 
 	_, err = handler.DataStore.Team().Team(portainer.TeamID(teamID))
-	if err == errors.ErrObjectNotFound {
+	if err == bolterrors.ErrObjectNotFound {
 		return &httperror.HandlerError{http.StatusNotFound, "Unable to find a team with the specified identifier inside the database", err}
 	} else if err != nil {
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a team with the specified identifier inside the database", err}
@@ -45,5 +46,27 @@ func (handler *Handler) teamDelete(w http.ResponseWriter, r *http.Request) *http
 		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to delete associated team memberships from the database", err}
 	}
 
+	// update default team if deleted team was default
+	err = handler.updateDefaultTeamIfDeleted(portainer.TeamID(teamID))
+	if err != nil {
+		return &httperror.HandlerError{http.StatusInternalServerError, "Unable to reset default team", err}
+	}
+
 	return response.Empty(w)
 }
+
+// updateDefaultTeamIfDeleted resets the default team to nil if default team was the deleted team
+func (handler *Handler) updateDefaultTeamIfDeleted(teamID portainer.TeamID) error {
+	settings, err := handler.DataStore.Settings().Settings()
+	if err != nil {
+		return errors.Wrap(err, "failed to fetch settings")
+	}
+
+	if teamID != settings.OAuthSettings.DefaultTeamID {
+		return nil
+	}
+
+	settings.OAuthSettings.DefaultTeamID = 0
+	err = handler.DataStore.Settings().UpdateSettings(settings)
+	return errors.Wrap(err, "failed to update settings")
+}

app/portainer/oauth/components/oauth-settings/oauth-settings.html

@@ -67,6 +67,21 @@
     </div>
   </div>
 
+  <div class="col-sm-12 form-section-title">
+    Team membership
+  </div>
+  <div class="form-group">
+    <span class="col-sm-12 text-muted small">
+      Automatic team membership synchronizes the team membership based on a custom claim in the token from the OAuth provider.
+    </span>
+  </div>
+  <div class="form-group">
+    <span class="text-muted small" style="margin-left: 15px;">
+      <i class="fa fa-user" aria-hidden="true"></i>
+      This feature is available in <a href="https://www.portainer.io/business-upsell?from=oauth-group-membership" target="_blank"> Portainer Business Edition</a>.
+    </span>
+  </div>
+
   <div class="col-sm-12 form-section-title">OAuth Configuration</div>
 
   <div class="form-group">