From fdd5c901b653371397256e78852c920fb95aa62f Mon Sep 17 00:00:00 2001 From: yau-wd Date: Fri, 17 Jul 2026 17:12:09 +0800 Subject: [PATCH] fix(flowise-849): sso and role --- .../src/enterprise/controllers/login-method.controller.ts | 5 +++++ packages/server/src/enterprise/services/role.service.ts | 2 ++ 2 files changed, 7 insertions(+) diff --git a/packages/server/src/enterprise/controllers/login-method.controller.ts b/packages/server/src/enterprise/controllers/login-method.controller.ts index bb574a87432..353d91605e7 100644 --- a/packages/server/src/enterprise/controllers/login-method.controller.ts +++ b/packages/server/src/enterprise/controllers/login-method.controller.ts @@ -162,6 +162,11 @@ export class LoginMethodController { public async testConfig(req: Request, res: Response, next: NextFunction) { let queryRunner try { + this.assertEnterprisePlatform() + + const user = getLoggedInUser(req) + assertQueryOrganizationMatchesActiveOrg(user, req.body.organizationId) + const providers = req.body.providers as { config: Record }[] const providerName = req.body.providerName as string const organizationId = req.body.organizationId as string | undefined diff --git a/packages/server/src/enterprise/services/role.service.ts b/packages/server/src/enterprise/services/role.service.ts index e2fed1b814d..ceecb7a0185 100644 --- a/packages/server/src/enterprise/services/role.service.ts +++ b/packages/server/src/enterprise/services/role.service.ts @@ -122,6 +122,8 @@ export class RoleService { const oldRole = await this.readRoleById(newRole.id, queryRunner) if (!oldRole) throw new InternalFlowiseError(StatusCodes.NOT_FOUND, RoleErrorMessage.ROLE_NOT_FOUND) + if (newRole.organizationId !== oldRole.organizationId) + throw new InternalFlowiseError(StatusCodes.NOT_FOUND, RoleErrorMessage.ROLE_NOT_FOUND) const user = await this.userService.readUserById(newRole.updatedBy, queryRunner) if (!user) throw new InternalFlowiseError(StatusCodes.NOT_FOUND, UserErrorMessage.USER_NOT_FOUND) if (newRole.name) this.validateRoleName(newRole.name)