From 9e60199444a54b68797e31fb755f27f9b3be2649 Mon Sep 17 00:00:00 2001 From: Shaun Warman Date: Sat, 9 Nov 2024 15:04:09 -0600 Subject: [PATCH 1/2] fix: allow admin member of team plan using free plan account to use api --- app/controllers/api/v1/enforce-paid-plan.js | 4 ++++ app/controllers/web/my-account/ensure-upgraded-plan.js | 6 +++++- routes/api/v1/index.js | 10 +++++++++- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/app/controllers/api/v1/enforce-paid-plan.js b/app/controllers/api/v1/enforce-paid-plan.js index c23404b2c9..d13c60fd8c 100644 --- a/app/controllers/api/v1/enforce-paid-plan.js +++ b/app/controllers/api/v1/enforce-paid-plan.js @@ -9,6 +9,10 @@ async function enforcePaidPlan(ctx, next) { if (!ctx.isAuthenticated()) return ctx.throw(Boom.unauthorized(ctx.translateError('LOGIN_REQUIRED'))); + // if the user is a member of a team plan and in the admin group, continue + if (ctx.state?.domain?.group === 'admin' && ctx.state?.domain?.plan === 'team') + return next(); + if (ctx.state.user.plan === 'free') return ctx.throw( Boom.paymentRequired( diff --git a/app/controllers/web/my-account/ensure-upgraded-plan.js b/app/controllers/web/my-account/ensure-upgraded-plan.js index 8276706377..43413359fb 100644 --- a/app/controllers/web/my-account/ensure-upgraded-plan.js +++ b/app/controllers/web/my-account/ensure-upgraded-plan.js @@ -15,7 +15,11 @@ function ensureUpgradedPlan(ctx, next) { ) return next(); - if (!ctx.state.domain && ctx.state.user.plan !== 'free') return next(); + if ( + (!ctx.state.domain && ctx.state.user.plan !== 'free') || + ctx.state?.domain?.plan === 'team' + ) + return next(); const redirectTo = ctx.state.domain ? ctx.state.l( diff --git a/routes/api/v1/index.js b/routes/api/v1/index.js index b575089349..1e4e7e0b58 100644 --- a/routes/api/v1/index.js +++ b/routes/api/v1/index.js @@ -168,7 +168,6 @@ router policies.ensureApiToken, policies.checkVerifiedEmail, web.myAccount.ensureNotBanned, - api.v1.enforcePaidPlan, web.myAccount.ensurePaidToDate, (ctx, next) => { // @@ -200,23 +199,27 @@ router '/domains', web.myAccount.validateDomain, rateLimit(50, 'create domain'), + api.v1.enforcePaidPlan, web.myAccount.createDomain, api.v1.domains.retrieve ) .get( '/domains/:domain_id', web.myAccount.retrieveDomain, + api.v1.enforcePaidPlan, api.v1.domains.retrieve ) .get( '/domains/:domain_id/verify-records', web.myAccount.retrieveDomain, + api.v1.enforcePaidPlan, web.myAccount.verifyRecords ) .put( '/domains/:domain_id', web.myAccount.retrieveDomain, web.myAccount.ensureDomainAdmin, + api.v1.enforcePaidPlan, web.myAccount.ensureUpgradedPlan, web.myAccount.updateDomain, web.myAccount.retrieveDomains, @@ -226,6 +229,7 @@ router '/domains/:domain_id', web.myAccount.retrieveDomain, web.myAccount.ensureDomainAdmin, + api.v1.enforcePaidPlan, web.myAccount.removeDomain, web.myAccount.retrieveDomains, api.v1.domains.retrieve @@ -238,6 +242,7 @@ router web.myAccount.retrieveDomain, web.myAccount.ensureDomainAdmin, web.myAccount.ensureTeamPlan, + api.v1.enforcePaidPlan, web.myAccount.ensureUpgradedPlan, rateLimit(10, 'create invite'), web.myAccount.createInvite, @@ -250,6 +255,7 @@ router web.myAccount.retrieveDomain, web.myAccount.ensureDomainAdmin, web.myAccount.ensureTeamPlan, + api.v1.enforcePaidPlan, web.myAccount.ensureUpgradedPlan, web.myAccount.removeInvite, web.myAccount.retrieveDomains, @@ -264,6 +270,7 @@ router web.myAccount.ensureDomainAdmin, web.myAccount.ensureTeamPlan, web.myAccount.ensureUpgradedPlan, + api.v1.enforcePaidPlan, web.myAccount.retrieveAliases, web.myAccount.updateMember, web.myAccount.retrieveDomains, @@ -276,6 +283,7 @@ router web.myAccount.ensureDomainAdmin, web.myAccount.ensureTeamPlan, web.myAccount.ensureUpgradedPlan, + api.v1.enforcePaidPlan, web.myAccount.retrieveAliases, web.myAccount.removeMember, web.myAccount.retrieveDomains, From 5f7e1f78e82853bc4e060b16cb439e90c41d25c3 Mon Sep 17 00:00:00 2001 From: Shaun Warman Date: Sun, 1 Dec 2024 09:36:32 -0600 Subject: [PATCH 2/2] fix: axe show meta env var for github action --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c900d64b6e..baff5512ec 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,7 +27,7 @@ jobs: SMTP_MESSAGE_MAX_SIZE: ${{ secrets.SMTP_MESSAGE_MAX_SIZE }} DKIM_PRIVATE_KEY_VALUE: ${{ secrets.DKIM_PRIVATE_KEY_VALUE }} AXE_SILENT: ${{ secrets.AXE_SILENT }} - AXE_SHOW_META: ${{ secrets.AXE_SILENT }} + AXE_SHOW_META: ${{ secrets.AXE_SHOW_META }} AXE_SHOW_STACK: ${{ secrets.AXE_SHOW_STACK }} TXT_ENCRYPTION_KEY: ${{ secrets.TXT_ENCRYPTION_KEY }} HELPER_ENCRYPTION_KEY: ${{ secrets.HELPER_ENCRYPTION_KEY }}