fix: reverting change API format to old format

0x0elliot · 0x0elliot · commit cf2f1a74fef3 · 2025-12-19T22:58:38.000+05:30
diff --git a/shared.go b/shared.go
@@ -5520,7 +5520,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {
 		// 3. Make sure it's ONLY changing orgs based on parent org
 
 		// Check which ones the current user has access to
-		if debug { 
+		if debug {
 			log.Printf("[DEBUG] PRE PRE orgs for %s (%s) is len(%d). Input length: %d", foundUser.Username, foundUser.Id, len(foundUser.Orgs), len(t.Suborgs))
 		}
 
@@ -5539,7 +5539,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {
 			}
 
 			if org.CreatorOrg != parentOrgId {
-				if debug { 
+				if debug {
 					log.Printf("[ERROR] Skipping org %s as it is not a suborg of parent org %s for user %s (%s).", suborg, parentOrgId, userInfo.Username, userInfo.Id)
 				}
 
@@ -5560,7 +5560,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {
 			if found {
 				newSuborgs = append(newSuborgs, suborg)
 			} else {
-				if debug { 
+				if debug {
 					log.Printf("[ERROR] Skipping adding to org %s as user %s (%s) can't edit this one.", suborg, userInfo.Username, userInfo.Id)
 				}
 			}
@@ -5612,7 +5612,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {
 		//log.Printf("[DEBUG] Orgs to be added: %s. Existing: %s.", addedOrgs, foundUser.Orgs)
 
 		// Removed for now due to multi-org chain deleting you from other org chains
-		if debug { 
+		if debug {
 			log.Printf("[DEBUG] Pre orgs for %s (%s) is len(%d)", foundUser.Username, foundUser.Id, len(foundUser.Orgs))
 		}
 
@@ -9253,7 +9253,7 @@ func CleanCreds(user *User) *User {
 	//user.Orgs = []string{}
 	handledOrgs := []string{}
 
-	// Quick deduplication. 
+	// Quick deduplication.
 	for _, org := range user.Orgs {
 		if ArrayContains(handledOrgs, org) {
 			continue
@@ -9512,7 +9512,6 @@ func HandleGetUsers(resp http.ResponseWriter, request *http.Request) {
 					orgUser.Orgs = append(orgUser.Orgs, user.ActiveOrg.Id)
 				}
 
-
 				newUsers = append(newUsers, orgUser)
 			}
 		}
@@ -11695,8 +11694,9 @@ func HandleChangeUserOrg(resp http.ResponseWriter, request *http.Request) {
 	type ReturnData struct {
 		OrgId     string `json:"org_id" datastore:"org_id"`
 		RegionUrl string `json:"region_url" datastore:"region_url"`
-		SSO       bool   `json:"sso"`
-		Mode      string `json:"mode"`
+		// SSO       bool   `json:"sso"`
+		SSO  bool   `json:"sso_test"`
+		Mode string `json:"mode"`
 	}
 
 	var tmpData ReturnData
@@ -11802,15 +11802,14 @@ func HandleChangeUserOrg(resp http.ResponseWriter, request *http.Request) {
 			}
 		}
 
-		if !found { 
+		if !found {
 			log.Printf("[WARNING] User swap to the org \"%s\" - access denied", tmpData.OrgId)
 			resp.WriteHeader(403)
 			resp.Write([]byte(`{"success": false, "reason": "No permission to change to this org. Please contact support@shuffler.io if this is unexpected."}`))
 			return
 		}
 	}
 
-
 	if (org.SSOConfig.SSORequired == true && user.UsersLastSession != user.Session && user.SupportAccess == false) || tmpData.SSO {
 
 		// Check if the org is the suborg or not?
@@ -14553,7 +14552,6 @@ func GetOpenIdUrl(request *http.Request, org Org) string {
 		baseSSOUrl += fmt.Sprintf("?client_id=%s&response_type=code&scope=openid email&redirect_uri=%s&state=%s&code_challenge_method=S256&code_challenge=%s", org.SSOConfig.OpenIdClientId, redirectUrl, state, codeChallenge)
 	}
 
-
 	return baseSSOUrl
 }
 
@@ -15348,7 +15346,7 @@ func HandleLogin(resp http.ResponseWriter, request *http.Request) {
 
 // FIXME: Do NOT use this yet (May 24th, 2024). It is not ready for production due to being a potential cross-tenant attack vector.
 func HandleSAML(resp http.ResponseWriter, request *http.Request) {
-	resp.Write([]byte("SAML SSO is deprecated. Please use OpenID Connect instead. Contact support@shuffler.io if you need help migrating, or are having trouble logging in to your account.")) 
+	resp.Write([]byte("SAML SSO is deprecated. Please use OpenID Connect instead. Contact support@shuffler.io if you need help migrating, or are having trouble logging in to your account."))
 	return
 }
 
@@ -22188,7 +22186,6 @@ func fixCertificate(parsedX509Key string) string {
 	return parsedX509Key
 }
 
-
 // Example implementation of SSO, including a redirect for the user etc
 // Should make this stuff only possible after login
 func HandleOpenId(resp http.ResponseWriter, request *http.Request) {

Original file line number	Diff line number	Diff line change
`@@ -5520,7 +5520,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {`
`5520`	`5520`	`// 3. Make sure it's ONLY changing orgs based on parent org`
`5521`	`5521`
`5522`	`5522`	`// Check which ones the current user has access to`
`5523`		`- if debug {`
	`5523`	`+ if debug {`
`5524`	`5524`	`log.Printf("[DEBUG] PRE PRE orgs for %s (%s) is len(%d). Input length: %d", foundUser.Username, foundUser.Id, len(foundUser.Orgs), len(t.Suborgs))`
`5525`	`5525`	`}`
`5526`	`5526`
`@@ -5539,7 +5539,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {`
`5539`	`5539`	`}`
`5540`	`5540`
`5541`	`5541`	`if org.CreatorOrg != parentOrgId {`
`5542`		`- if debug {`
	`5542`	`+ if debug {`
`5543`	`5543`	`log.Printf("[ERROR] Skipping org %s as it is not a suborg of parent org %s for user %s (%s).", suborg, parentOrgId, userInfo.Username, userInfo.Id)`
`5544`	`5544`	`}`
`5545`	`5545`
`@@ -5560,7 +5560,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {`
`5560`	`5560`	`if found {`
`5561`	`5561`	`newSuborgs = append(newSuborgs, suborg)`
`5562`	`5562`	`} else {`
`5563`		`- if debug {`
	`5563`	`+ if debug {`
`5564`	`5564`	`log.Printf("[ERROR] Skipping adding to org %s as user %s (%s) can't edit this one.", suborg, userInfo.Username, userInfo.Id)`
`5565`	`5565`	`}`
`5566`	`5566`	`}`
`@@ -5612,7 +5612,7 @@ func HandleUpdateUser(resp http.ResponseWriter, request *http.Request) {`
`5612`	`5612`	`//log.Printf("[DEBUG] Orgs to be added: %s. Existing: %s.", addedOrgs, foundUser.Orgs)`
`5613`	`5613`
`5614`	`5614`	`// Removed for now due to multi-org chain deleting you from other org chains`
`5615`		`- if debug {`
	`5615`	`+ if debug {`
`5616`	`5616`	`log.Printf("[DEBUG] Pre orgs for %s (%s) is len(%d)", foundUser.Username, foundUser.Id, len(foundUser.Orgs))`
`5617`	`5617`	`}`
`5618`	`5618`
`@@ -9253,7 +9253,7 @@ func CleanCreds(user User) User {`
`9253`	`9253`	`//user.Orgs = []string{}`
`9254`	`9254`	`handledOrgs := []string{}`
`9255`	`9255`
`9256`		`- // Quick deduplication.`
	`9256`	`+ // Quick deduplication.`
`9257`	`9257`	`for _, org := range user.Orgs {`
`9258`	`9258`	`if ArrayContains(handledOrgs, org) {`
`9259`	`9259`	`continue`
`@@ -9512,7 +9512,6 @@ func HandleGetUsers(resp http.ResponseWriter, request *http.Request) {`
`9512`	`9512`	`orgUser.Orgs = append(orgUser.Orgs, user.ActiveOrg.Id)`
`9513`	`9513`	`}`
`9514`	`9514`
`9515`		`-`
`9516`	`9515`	`newUsers = append(newUsers, orgUser)`
`9517`	`9516`	`}`
`9518`	`9517`	`}`
`@@ -11695,8 +11694,9 @@ func HandleChangeUserOrg(resp http.ResponseWriter, request *http.Request) {`
`11695`	`11694`	`type ReturnData struct {`
`11696`	`11695`	OrgId string `json:"org_id" datastore:"org_id"`
`11697`	`11696`	RegionUrl string `json:"region_url" datastore:"region_url"`
`11698`		- SSO bool `json:"sso"`
`11699`		- Mode string `json:"mode"`
	`11697`	+ // SSO bool `json:"sso"`
	`11698`	+ SSO bool `json:"sso_test"`
	`11699`	+ Mode string `json:"mode"`
`11700`	`11700`	`}`
`11701`	`11701`
`11702`	`11702`	`var tmpData ReturnData`
`@@ -11802,15 +11802,14 @@ func HandleChangeUserOrg(resp http.ResponseWriter, request *http.Request) {`
`11802`	`11802`	`}`
`11803`	`11803`	`}`
`11804`	`11804`
`11805`		`- if !found {`
	`11805`	`+ if !found {`
`11806`	`11806`	`log.Printf("[WARNING] User swap to the org \"%s\" - access denied", tmpData.OrgId)`
`11807`	`11807`	`resp.WriteHeader(403)`
`11808`	`11808`	resp.Write([]byte(`{"success": false, "reason": "No permission to change to this org. Please contact [email protected] if this is unexpected."}`))
`11809`	`11809`	`return`
`11810`	`11810`	`}`
`11811`	`11811`	`}`
`11812`	`11812`
`11813`		`-`
`11814`	`11813`	`if (org.SSOConfig.SSORequired == true && user.UsersLastSession != user.Session && user.SupportAccess == false) \|\| tmpData.SSO {`
`11815`	`11814`
`11816`	`11815`	`// Check if the org is the suborg or not?`
`@@ -14553,7 +14552,6 @@ func GetOpenIdUrl(request *http.Request, org Org) string {`
`14553`	`14552`	`baseSSOUrl += fmt.Sprintf("?client_id=%s&response_type=code&scope=openid email&redirect_uri=%s&state=%s&code_challenge_method=S256&code_challenge=%s", org.SSOConfig.OpenIdClientId, redirectUrl, state, codeChallenge)`
`14554`	`14553`	`}`
`14555`	`14554`
`14556`		`-`
`14557`	`14555`	`return baseSSOUrl`
`14558`	`14556`	`}`
`14559`	`14557`
`@@ -15348,7 +15346,7 @@ func HandleLogin(resp http.ResponseWriter, request *http.Request) {`
`15348`	`15346`
`15349`	`15347`	`// FIXME: Do NOT use this yet (May 24th, 2024). It is not ready for production due to being a potential cross-tenant attack vector.`
`15350`	`15348`	`func HandleSAML(resp http.ResponseWriter, request *http.Request) {`
`15351`		`- resp.Write([]byte("SAML SSO is deprecated. Please use OpenID Connect instead. Contact [email protected] if you need help migrating, or are having trouble logging in to your account."))`
	`15349`	`+ resp.Write([]byte("SAML SSO is deprecated. Please use OpenID Connect instead. Contact [email protected] if you need help migrating, or are having trouble logging in to your account."))`
`15352`	`15350`	`return`
`15353`	`15351`	`}`
`15354`	`15352`
`@@ -22188,7 +22186,6 @@ func fixCertificate(parsedX509Key string) string {`
`22188`	`22186`	`return parsedX509Key`
`22189`	`22187`	`}`
`22190`	`22188`
`22191`		`-`
`22192`	`22189`	`// Example implementation of SSO, including a redirect for the user etc`
`22193`	`22190`	`// Should make this stuff only possible after login`
`22194`	`22191`	`func HandleOpenId(resp http.ResponseWriter, request *http.Request) {`