Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[server] try to fix org membership on login #18399

Merged
merged 2 commits into from
Aug 1, 2023
Merged

[server] try to fix org membership on login #18399

merged 2 commits into from
Aug 1, 2023

Conversation

AlexTugarev
Copy link
Member

@AlexTugarev AlexTugarev commented Aug 1, 2023
edited by svenefftinge
Loading

in case it didn't succeed on first attempt this might help during the following ones.

Description

Summary generated by Copilot

🤖 Generated by Copilot at 69f54c6

Refactor iam-session-app.ts to optimize login with OIDC and organization membership. Reduce database queries and check organization validity.

Related Issue(s)

Fixes #

How to test

Documentation

Preview status

gitpod:summary

Build Options

Build
  • /werft with-werft
    Run the build with werft instead of GHA
  • leeway-no-cache
  • /werft no-test
    Run Leeway with --dont-test
Publish
  • /werft publish-to-npm
  • /werft publish-to-jb-marketplace
Installer
  • analytics=segment
  • with-dedicated-emulation
  • workspace-feature-flags
    Add desired feature flags to the end of the line above, space separated
Preview Environment / Integration Tests
  • /werft with-local-preview
    If enabled this will build install/preview
  • /werft with-preview
  • /werft with-large-vm
  • /werft with-gce-vm
    If enabled this will create the environment on GCE infra
  • with-integration-tests=all
    Valid options are all, workspace, webapp, ide, jetbrains, vscode, ssh. If enabled, with-preview and with-large-vm will be enabled.
  • with-monitoring

/hold

@AlexTugarev
[server] try to fix org membership on login
69f54c6 
in case it didn't succeed on first attempt this might help during the following ones.
@AlexTugarev AlexTugarev requested a review from a team as a code owner August 1, 2023 10:35
svenefftinge
svenefftinge approved these changes Aug 1, 2023
View reviewed changes
Copy link
Member

@svenefftinge svenefftinge left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@svenefftinge
Copy link
Member

/unhold

@roboquat roboquat merged commit 0d22d83 into main Aug 1, 2023
37 of 41 checks passed
@roboquat roboquat deleted the at/try-fix-sso-login branch August 1, 2023 14:17
AlexTugarev
AlexTugarev commented Aug 1, 2023
View reviewed changes
components/server/src/orgs/organization-service.ts
orgId: string,
memberId: string,
role: OrgMemberRole,
): Promise<void> {
await this.auth.checkPermissionOnOrganization(userId, "write_members", orgId);
if (userId) {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@svenefftinge, now thinking about that change. This could actually be the fix.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just curious, why this is not happening on dogfood?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The featureflag is disabled. So these checks don't throw

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@svenefftinge svenefftinge svenefftinge approved these changes

Assignees
No one assigned
Labels
size/M team: team-experience
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@AlexTugarev @svenefftinge @roboquat