mirror of
https://github.com/aykhans/slash-e.git
synced 2025-07-04 20:28:00 +00:00
chore: update license service
This commit is contained in:
Steven
@ -58,6 +58,10 @@ func (s *APIV1Service) SignIn(ctx context.Context, request *v1pb.SignInRequest)
|
||||
}
|
||||
|
||||
func (s *APIV1Service) SignInWithSSO(ctx context.Context, request *v1pb.SignInWithSSORequest) (*v1pb.User, error) {
|
||||
if !s.LicenseService.IsFeatureEnabled(license.FeatureTypeSSO) {
|
||||
return nil, status.Errorf(codes.PermissionDenied, "SSO is not available in the current plan")
|
||||
}
|
||||
|
||||
identityProviderSetting, err := s.Store.GetWorkspaceSetting(ctx, &store.FindWorkspaceSetting{
|
||||
Key: storepb.WorkspaceSettingKey_WORKSPACE_SETTING_IDENTITY_PROVIDER,
|
||||
})
|
||||
@ -105,6 +109,9 @@ func (s *APIV1Service) SignInWithSSO(ctx context.Context, request *v1pb.SignInWi
|
||||
return nil, status.Errorf(codes.Internal, fmt.Sprintf("failed to find user by email %s", email))
|
||||
}
|
||||
if user == nil {
|
||||
if err := s.checkSeatAvailability(ctx); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
userCreate := &store.User{
|
||||
Email: email,
|
||||
Nickname: userInfo.DisplayName,
|
||||
@ -139,15 +146,8 @@ func (s *APIV1Service) SignUp(ctx context.Context, request *v1pb.SignUpRequest)
|
||||
if !s.Profile.Public {
|
||||
return nil, status.Errorf(codes.PermissionDenied, "sign up is not allowed")
|
||||
}
|
||||
|
||||
if !s.LicenseService.IsFeatureEnabled(license.FeatureTypeUnlimitedAccounts) {
|
||||
userList, err := s.Store.ListUsers(ctx, &store.FindUser{})
|
||||
if err != nil {
|
||||
return nil, status.Errorf(codes.Internal, fmt.Sprintf("failed to list users, err: %s", err))
|
||||
}
|
||||
if len(userList) >= 5 {
|
||||
return nil, status.Errorf(codes.InvalidArgument, "maximum number of users reached")
|
||||
}
|
||||
if err := s.checkSeatAvailability(ctx); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
passwordHash, err := bcrypt.GenerateFromPassword([]byte(request.Password), bcrypt.DefaultCost)
|
||||
@ -210,3 +210,17 @@ func (*APIV1Service) SignOut(ctx context.Context, _ *v1pb.SignOutRequest) (*empt
|
||||
}
|
||||
return &emptypb.Empty{}, nil
|
||||
}
|
||||
|
||||
func (s *APIV1Service) checkSeatAvailability(ctx context.Context) error {
|
||||
if !s.LicenseService.IsFeatureEnabled(license.FeatureTypeUnlimitedAccounts) {
|
||||
userList, err := s.Store.ListUsers(ctx, &store.FindUser{})
|
||||
if err != nil {
|
||||
return status.Errorf(codes.Internal, fmt.Sprintf("failed to list users, err: %s", err))
|
||||
}
|
||||
seats := s.LicenseService.GetSubscription().Seats
|
||||
if len(userList) > int(seats) {
|
||||
return status.Errorf(codes.FailedPrecondition, "maximum number of users %d reached", seats)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -22,10 +22,7 @@ func (s *APIV1Service) GetWorkspaceProfile(ctx context.Context, _ *v1pb.GetWorks
|
||||
}
|
||||
|
||||
// Load subscription plan from license service.
|
||||
subscription, err := s.LicenseService.GetSubscription(ctx)
|
||||
if err != nil {
|
||||
return nil, status.Errorf(codes.Internal, "failed to get subscription: %v", err)
|
||||
}
|
||||
subscription := s.LicenseService.GetSubscription()
|
||||
workspaceProfile.Plan = subscription.Plan
|
||||
|
||||
owner, err := s.GetInstanceOwner(ctx)
|
||||
@ -53,6 +50,10 @@ func (s *APIV1Service) GetWorkspaceProfile(ctx context.Context, _ *v1pb.GetWorks
|
||||
}
|
||||
|
||||
func (s *APIV1Service) GetWorkspaceSetting(ctx context.Context, _ *v1pb.GetWorkspaceSettingRequest) (*v1pb.GetWorkspaceSettingResponse, error) {
|
||||
currentUser, err := getCurrentUser(ctx, s.Store)
|
||||
if err != nil {
|
||||
return nil, status.Errorf(codes.Unauthenticated, "failed to get current user: %v", err)
|
||||
}
|
||||
workspaceSettings, err := s.Store.ListWorkspaceSettings(ctx, &store.FindWorkspaceSetting{})
|
||||
if err != nil {
|
||||
return nil, status.Errorf(codes.Internal, "failed to list workspace settings: %v", err)
|
||||
@ -70,7 +71,14 @@ func (s *APIV1Service) GetWorkspaceSetting(ctx context.Context, _ *v1pb.GetWorks
|
||||
identityProviderSetting := v.GetIdentityProvider()
|
||||
workspaceSetting.IdentityProviders = []*v1pb.IdentityProvider{}
|
||||
for _, identityProvider := range identityProviderSetting.GetIdentityProviders() {
|
||||
workspaceSetting.IdentityProviders = append(workspaceSetting.IdentityProviders, convertIdentityProviderFromStore(identityProvider))
|
||||
identityProviderV1pb := convertIdentityProviderFromStore(identityProvider)
|
||||
if currentUser == nil || currentUser.Role != store.RoleAdmin {
|
||||
oauth2Config := identityProviderV1pb.Config.GetOauth2()
|
||||
if oauth2Config != nil {
|
||||
oauth2Config.ClientSecret = ""
|
||||
}
|
||||
}
|
||||
workspaceSetting.IdentityProviders = append(workspaceSetting.IdentityProviders, identityProviderV1pb)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,24 +1,68 @@
|
||||
package license
|
||||
|
||||
import (
|
||||
v1pb "github.com/yourselfhosted/slash/proto/gen/api/v1"
|
||||
)
|
||||
|
||||
type FeatureType string
|
||||
|
||||
const (
|
||||
// Enterprise features.
|
||||
|
||||
// FeatureTypeSSO allows the user to use SSO.
|
||||
FeatureTypeSSO FeatureType = "ysh.slash.sso"
|
||||
// FeatureTypeAdvancedAnalytics allows the user to use advanced analytics.
|
||||
FeatureTypeAdvancedAnalytics FeatureType = "ysh.slash.advanced-analytics"
|
||||
|
||||
// Usages.
|
||||
|
||||
// FeatureTypeUnlimitedAccounts allows the user to create unlimited accounts.
|
||||
FeatureTypeUnlimitedAccounts FeatureType = "unlimited_accounts"
|
||||
FeatureTypeUnlimitedAccounts FeatureType = "ysh.slash.unlimited-accounts"
|
||||
// FeatureTypeUnlimitedAccounts allows the user to create unlimited collections.
|
||||
FeatureTypeUnlimitedCollections FeatureType = "unlimited_collections"
|
||||
FeatureTypeUnlimitedCollections FeatureType = "ysh.slash.unlimited-collections"
|
||||
|
||||
// Customization.
|
||||
|
||||
// FeatureTypeCustomStyle allows the user to customize the style.
|
||||
FeatureTypeCustomeStyle FeatureType = "custom_style"
|
||||
// FeatureTypeCustomeBranding allows the user to customize the branding.
|
||||
FeatureTypeCustomeBranding FeatureType = "ysh.slash.custom-branding"
|
||||
)
|
||||
|
||||
// FeatureMatrix is a matrix of features in [Free, Pro].
|
||||
var FeatureMatrix = map[FeatureType][2]bool{
|
||||
FeatureTypeUnlimitedAccounts: {false, true},
|
||||
FeatureTypeUnlimitedCollections: {false, true},
|
||||
FeatureTypeCustomeStyle: {false, true},
|
||||
func (f FeatureType) String() string {
|
||||
return string(f)
|
||||
}
|
||||
|
||||
// FeatureMatrix is a matrix of features in [Free, Pro, Enterprise].
|
||||
var FeatureMatrix = map[FeatureType][3]bool{
|
||||
FeatureTypeSSO: {false, false, false},
|
||||
FeatureTypeAdvancedAnalytics: {false, false, false},
|
||||
FeatureTypeUnlimitedAccounts: {false, true, false},
|
||||
FeatureTypeUnlimitedCollections: {false, true, true},
|
||||
FeatureTypeCustomeBranding: {false, true, true},
|
||||
}
|
||||
|
||||
func getDefaultFeatures(plan v1pb.PlanType) []FeatureType {
|
||||
var features []FeatureType
|
||||
for feature, enabled := range FeatureMatrix {
|
||||
if enabled[plan-1] {
|
||||
features = append(features, feature)
|
||||
}
|
||||
}
|
||||
return features
|
||||
}
|
||||
|
||||
func validateFeatureString(feature string) (FeatureType, bool) {
|
||||
switch feature {
|
||||
case "ysh.slash.sso":
|
||||
return FeatureTypeSSO, true
|
||||
case "ysh.slash.advanced-analytics":
|
||||
return FeatureTypeAdvancedAnalytics, true
|
||||
case "ysh.slash.unlimited-accounts":
|
||||
return FeatureTypeUnlimitedAccounts, true
|
||||
case "ysh.slash.unlimited-collections":
|
||||
return FeatureTypeUnlimitedCollections, true
|
||||
case "ysh.slash.custom-branding":
|
||||
return FeatureTypeCustomeBranding, true
|
||||
default:
|
||||
return "", false
|
||||
}
|
||||
}
|
||||
|
||||
@ -3,6 +3,7 @@ package license
|
||||
import (
|
||||
"context"
|
||||
_ "embed"
|
||||
"slices"
|
||||
"time"
|
||||
|
||||
"github.com/golang-jwt/jwt/v5"
|
||||
@ -64,6 +65,10 @@ func (s *LicenseService) LoadSubscription(ctx context.Context) (*v1pb.Subscripti
|
||||
}
|
||||
subscription.Plan = result.Plan
|
||||
subscription.ExpiresTime = timestamppb.New(result.ExpiresTime)
|
||||
subscription.Seats = int32(result.Seats)
|
||||
for _, feature := range result.Features {
|
||||
subscription.Features = append(subscription.Features, feature.String())
|
||||
}
|
||||
s.cachedSubscription = subscription
|
||||
return subscription, nil
|
||||
}
|
||||
@ -104,28 +109,20 @@ func (s *LicenseService) UpdateSubscription(ctx context.Context, licenseKey stri
|
||||
return s.LoadSubscription(ctx)
|
||||
}
|
||||
|
||||
func (s *LicenseService) GetSubscription(ctx context.Context) (*v1pb.Subscription, error) {
|
||||
subscription, err := s.LoadSubscription(ctx)
|
||||
if err != nil || subscription.Plan == v1pb.PlanType_PLAN_TYPE_UNSPECIFIED {
|
||||
// nolint
|
||||
return &v1pb.Subscription{
|
||||
Plan: v1pb.PlanType_FREE,
|
||||
}, nil
|
||||
}
|
||||
return subscription, nil
|
||||
func (s *LicenseService) GetSubscription() *v1pb.Subscription {
|
||||
return s.cachedSubscription
|
||||
}
|
||||
|
||||
func (s *LicenseService) IsFeatureEnabled(feature FeatureType) bool {
|
||||
matrix, ok := FeatureMatrix[feature]
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
return matrix[s.cachedSubscription.Plan-1]
|
||||
return slices.Contains(s.cachedSubscription.Features, feature.String())
|
||||
}
|
||||
|
||||
type ValidateResult struct {
|
||||
Plan v1pb.PlanType
|
||||
ExpiresTime time.Time
|
||||
Trial bool
|
||||
Seats int
|
||||
Features []FeatureType
|
||||
}
|
||||
|
||||
type Claims struct {
|
||||
@ -134,20 +131,34 @@ type Claims struct {
|
||||
Owner string `json:"owner"`
|
||||
Plan string `json:"plan"`
|
||||
Trial bool `json:"trial"`
|
||||
// The number of seats in the license key. Leave it empty if the license key does not have a seat limit.
|
||||
Seats int `json:"seats"`
|
||||
// The available features in the license key.
|
||||
Features []string `json:"features"`
|
||||
}
|
||||
|
||||
func validateLicenseKey(licenseKey string) (*ValidateResult, error) {
|
||||
// Try to parse the license key as a JWT token.
|
||||
claims, _ := parseLicenseKey(licenseKey)
|
||||
if claims != nil {
|
||||
result := &ValidateResult{
|
||||
Plan: v1pb.PlanType(v1pb.PlanType_value[claims.Plan]),
|
||||
ExpiresTime: claims.ExpiresAt.Time,
|
||||
Trial: claims.Trial,
|
||||
Seats: claims.Seats,
|
||||
}
|
||||
result.Features = getDefaultFeatures(result.Plan)
|
||||
for _, feature := range claims.Features {
|
||||
featureType, ok := validateFeatureString(feature)
|
||||
if ok {
|
||||
result.Features = append(result.Features, featureType)
|
||||
}
|
||||
}
|
||||
plan := v1pb.PlanType(v1pb.PlanType_value[claims.Plan])
|
||||
if plan == v1pb.PlanType_PLAN_TYPE_UNSPECIFIED {
|
||||
return nil, errors.New("invalid plan")
|
||||
}
|
||||
return &ValidateResult{
|
||||
Plan: v1pb.PlanType(v1pb.PlanType_value[claims.Plan]),
|
||||
ExpiresTime: claims.ExpiresAt.Time,
|
||||
}, nil
|
||||
return result, nil
|
||||
}
|
||||
|
||||
// Try to validate the license key with the license server.
|
||||
@ -158,6 +169,11 @@ func validateLicenseKey(licenseKey string) (*ValidateResult, error) {
|
||||
if validateResponse.Valid {
|
||||
result := &ValidateResult{
|
||||
Plan: v1pb.PlanType_PRO,
|
||||
Features: []FeatureType{
|
||||
FeatureTypeUnlimitedAccounts,
|
||||
FeatureTypeUnlimitedCollections,
|
||||
FeatureTypeCustomeBranding,
|
||||
},
|
||||
}
|
||||
if validateResponse.LicenseKey.ExpiresAt != nil && *validateResponse.LicenseKey.ExpiresAt != "" {
|
||||
expiresTime, err := time.Parse(time.RFC3339Nano, *validateResponse.LicenseKey.ExpiresAt)
|
||||
|
||||
Reference in New Issue
Block a user