0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

fix(core): disable bring your ui feature for admin tenant (#6300)

This commit is contained in:
Charles Zhao 2024-07-23 10:57:12 +08:00 committed by GitHub
parent 3cb3e5f14d
commit 27e0d36e64
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 6 additions and 4 deletions

View file

@ -1,6 +1,6 @@
import { readFile } from 'node:fs/promises'; import { readFile } from 'node:fs/promises';
import { uploadFileGuard, maxUploadFileSize } from '@logto/schemas'; import { uploadFileGuard, maxUploadFileSize, adminTenantId } from '@logto/schemas';
import { generateStandardId } from '@logto/shared'; import { generateStandardId } from '@logto/shared';
import pRetry, { AbortError } from 'p-retry'; import pRetry, { AbortError } from 'p-retry';
import { object, z } from 'zod'; import { object, z } from 'zod';
@ -53,6 +53,10 @@ export default function customUiAssetsRoutes<T extends ManagementApiRouter>(
assertThat(file.size <= maxUploadFileSize, 'guard.file_size_exceeded'); assertThat(file.size <= maxUploadFileSize, 'guard.file_size_exceeded');
assertThat(file.mimetype === 'application/zip', 'guard.mime_type_not_allowed'); assertThat(file.mimetype === 'application/zip', 'guard.mime_type_not_allowed');
const [tenantId] = await getTenantId(ctx.URL);
assertThat(tenantId, 'guard.can_not_get_tenant_id');
assertThat(tenantId !== adminTenantId, 'guard.not_allowed_for_admin_tenant');
const { experienceZipsProviderConfig } = SystemContext.shared; const { experienceZipsProviderConfig } = SystemContext.shared;
assertThat( assertThat(
experienceZipsProviderConfig?.provider === 'AzureStorage', experienceZipsProviderConfig?.provider === 'AzureStorage',
@ -65,9 +69,6 @@ export default function customUiAssetsRoutes<T extends ManagementApiRouter>(
container container
); );
const [tenantId] = await getTenantId(ctx.URL);
assertThat(tenantId, 'guard.can_not_get_tenant_id');
const customUiAssetId = generateStandardId(8); const customUiAssetId = generateStandardId(8);
const objectKey = `${tenantId}/${customUiAssetId}/assets.zip`; const objectKey = `${tenantId}/${customUiAssetId}/assets.zip`;
const errorLogObjectKey = `${tenantId}/${customUiAssetId}/error.log`; const errorLogObjectKey = `${tenantId}/${customUiAssetId}/error.log`;

View file

@ -4,6 +4,7 @@ const guard = {
can_not_get_tenant_id: 'Unable to get tenant id from request.', can_not_get_tenant_id: 'Unable to get tenant id from request.',
file_size_exceeded: 'File size exceeded.', file_size_exceeded: 'File size exceeded.',
mime_type_not_allowed: 'MIME type is not allowed.', mime_type_not_allowed: 'MIME type is not allowed.',
not_allowed_for_admin_tenant: 'Not allowed for admin tenant.',
}; };
export default Object.freeze(guard); export default Object.freeze(guard);