diff --git a/backend/account_v2/dto.py b/backend/account_v2/dto.py
index 20ff4ba5f4..4ac2731f58 100644
--- a/backend/account_v2/dto.py
+++ b/backend/account_v2/dto.py
@@ -62,6 +62,7 @@ class UserSessionInfo:
role: str
provider: str
is_staff: bool = False
+ disable_sso_idp_authorization: bool = False
@staticmethod
def from_dict(data: dict[str, Any]) -> "UserSessionInfo":
@@ -73,6 +74,9 @@ def from_dict(data: dict[str, Any]) -> "UserSessionInfo":
role=data["role"],
provider=data["provider"],
is_staff=data.get("is_staff", False),
+ disable_sso_idp_authorization=data.get(
+ "disable_sso_idp_authorization", False
+ ),
)
def to_dict(self) -> Any:
@@ -83,6 +87,7 @@ def to_dict(self) -> Any:
"organization_id": self.organization_id,
"role": self.role,
"is_staff": self.is_staff,
+ "disable_sso_idp_authorization": self.disable_sso_idp_authorization,
}
diff --git a/backend/account_v2/serializer.py b/backend/account_v2/serializer.py
index e189b4efe1..b92f9377d0 100644
--- a/backend/account_v2/serializer.py
+++ b/backend/account_v2/serializer.py
@@ -127,3 +127,4 @@ class UserSessionResponseSerializer(serializers.Serializer):
role = serializers.CharField()
provider = serializers.CharField()
is_staff = serializers.BooleanField()
+ disable_sso_idp_authorization = serializers.BooleanField()
diff --git a/backend/account_v2/views.py b/backend/account_v2/views.py
index 30d9e558da..c59cd2beaa 100644
--- a/backend/account_v2/views.py
+++ b/backend/account_v2/views.py
@@ -1,6 +1,7 @@
import logging
from typing import Any
+from django.conf import settings
from rest_framework import status
from rest_framework.decorators import api_view
from rest_framework.request import Request
@@ -151,6 +152,7 @@ def make_session_response(
role=UserSessionUtils.get_organization_member_role(request),
provider=provider,
is_staff=request.user.is_staff,
+ disable_sso_idp_authorization=settings.DISABLE_SSO_IDP_AUTHORIZATION,
)
).data
diff --git a/backend/backend/settings/base.py b/backend/backend/settings/base.py
index d954ab20f7..1da378a770 100644
--- a/backend/backend/settings/base.py
+++ b/backend/backend/settings/base.py
@@ -434,6 +434,8 @@ def filter(self, record):
TENANT_SUBFOLDER_PREFIX = f"{PATH_PREFIX}/unstract"
SHOW_PUBLIC_IF_NO_TENANT_FOUND = True
+DISABLE_SSO_IDP_AUTHORIZATION = False
+
TEMPLATES = [
{
"BACKEND": "django.template.backends.django.DjangoTemplates",
diff --git a/frontend/src/components/settings/users/Users.jsx b/frontend/src/components/settings/users/Users.jsx
index 55efbd5873..4d8dc1af90 100644
--- a/frontend/src/components/settings/users/Users.jsx
+++ b/frontend/src/components/settings/users/Users.jsx
@@ -96,46 +96,51 @@ function Users() {
}
};
- const actionItems = [
- {
- key: "1",
- label: (
-
- navigate(`/${sessionDetails?.orgName}/users/edit`, {
- state: selectedUserEmail,
- })
- }
- >
-
-
-
-
- Edit
-
-
- ),
- },
- {
- key: "2",
- label: (
-
-
-
-
-
- Delete
-
-
- ),
- },
- ];
+ const isSsoLocalAuthz =
+ !!sessionDetails?.provider && !!sessionDetails?.disableSsoIdpAuthorization;
+
+ const editItem = {
+ key: "1",
+ label: (
+
+ navigate(`/${sessionDetails?.orgName}/users/edit`, {
+ state: selectedUserEmail,
+ })
+ }
+ >
+
+
+
+
+ Edit
+
+
+ ),
+ };
+
+ const deleteItem = {
+ key: "2",
+ label: (
+
+
+
+
+
+ Delete
+
+
+ ),
+ };
+
+ const actionItems = isSsoLocalAuthz ? [editItem] : [editItem, deleteItem];
+
const baseColumns = [
{
title: "Email",
@@ -165,9 +170,10 @@ function Users() {
),
};
- const columns = !sessionDetails?.provider
- ? [...baseColumns, actionColumn]
- : baseColumns;
+ const columns =
+ !sessionDetails?.provider || isSsoLocalAuthz
+ ? [...baseColumns, actionColumn]
+ : baseColumns;
const handleInviteUsers = () => {
navigate(`/${sessionDetails?.orgName}/users/invite`);
diff --git a/frontend/src/helpers/GetSessionData.js b/frontend/src/helpers/GetSessionData.js
index a25c17821d..9acc7602c9 100644
--- a/frontend/src/helpers/GetSessionData.js
+++ b/frontend/src/helpers/GetSessionData.js
@@ -28,6 +28,7 @@ function getSessionData(sessionData) {
role: sessionData?.role,
provider: sessionData?.provider,
isStaff: sessionData?.is_staff,
+ disableSsoIdpAuthorization: sessionData?.disable_sso_idp_authorization,
};
}
diff --git a/frontend/src/hooks/useSessionValid.js b/frontend/src/hooks/useSessionValid.js
index 13e146c159..a2c2c0e092 100644
--- a/frontend/src/hooks/useSessionValid.js
+++ b/frontend/src/hooks/useSessionValid.js
@@ -167,6 +167,8 @@ function useSessionValid() {
}
userAndOrgDetails["role"] = userSessionData.role;
userAndOrgDetails["provider"] = userSessionData.provider;
+ userAndOrgDetails["disable_sso_idp_authorization"] =
+ userSessionData.disable_sso_idp_authorization;
} catch (err) {
// TODO: Throw popup error message
// REVIEW: Add condition to check for trial period status