feat(license): enhance license key management and authorization checks

- Added authorization checks to ensure only users with the "owner" role can activate or deactivate license keys.
- Updated the menu item visibility logic to simplify role checks for admin and owner users.
- Commented out the cloud environment redirection logic in the license settings page for future consideration.
This commit is contained in:
Mauricio Siu
2026-01-31 18:03:03 -06:00
parent dc756e2bbb
commit 00ce8cad1b
3 changed files with 26 additions and 11 deletions

View File

@@ -21,6 +21,7 @@ import {
Key,
KeyRound,
Loader2,
LogIn,
type LucideIcon,
Package,
PieChart,
@@ -30,7 +31,6 @@ import {
Trash2,
User,
Users,
LogIn,
} from "lucide-react";
import Link from "next/link";
import { usePathname } from "next/navigation";
@@ -404,8 +404,8 @@ const MENU: Menu = {
url: "/dashboard/settings/license",
icon: Key,
// Only enabled for admins in non-cloud environments
isEnabled: ({ auth, isCloud }) =>
!!((auth?.role === "owner" || auth?.role === "admin") && !isCloud),
isEnabled: ({ auth }) =>
!!(auth?.role === "owner" || auth?.role === "admin"),
},
{
isSingle: true,

View File

@@ -36,14 +36,14 @@ export async function getServerSideProps(
) {
const { req, res } = ctx;
const locale = await getLocale(req.cookies);
if (IS_CLOUD) {
return {
redirect: {
permanent: true,
destination: "/dashboard/projects",
},
};
}
// if (IS_CLOUD) {
// return {
// redirect: {
// permanent: true,
// destination: "/dashboard/projects",
// },
// };
// }
const { user, session } = await validateRequest(ctx.req);
if (!user) {
return {

View File

@@ -26,6 +26,13 @@ export const licenseKeyRouter = createTRPCRouter({
});
}
if (ctx.user.role !== "owner") {
throw new TRPCError({
code: "FORBIDDEN",
message: "You are not authorized to activate a license key",
});
}
if (!currentUser.enableEnterpriseFeatures) {
throw new TRPCError({
code: "BAD_REQUEST",
@@ -117,6 +124,14 @@ export const licenseKeyRouter = createTRPCRouter({
message: "No license key found",
});
}
if (ctx.user.role !== "owner") {
throw new TRPCError({
code: "FORBIDDEN",
message: "You are not authorized to deactivate a license key",
});
}
await deactivateLicenseKey(currentUser.licenseKey);
await db
.update(user)