diff --git a/backend/src/ee/services/pki-acme/pki-acme-service.ts b/backend/src/ee/services/pki-acme/pki-acme-service.ts index c217211a02..6e6292c670 100644 --- a/backend/src/ee/services/pki-acme/pki-acme-service.ts +++ b/backend/src/ee/services/pki-acme/pki-acme-service.ts @@ -47,7 +47,6 @@ import { TProjectDALFactory } from "@app/services/project/project-dal"; import { getProjectKmsCertificateKeyId } from "@app/services/project/project-fns"; import { EventType, TAuditLogServiceFactory } from "../audit-log/audit-log-types"; -import { TLicenseServiceFactory } from "../license/license-service"; import { TPkiAcmeAccountDALFactory } from "./pki-acme-account-dal"; import { TPkiAcmeAuthDALFactory } from "./pki-acme-auth-dal"; import { TPkiAcmeChallengeDALFactory } from "./pki-acme-challenge-dal"; @@ -61,7 +60,6 @@ import { AcmeMalformedError, AcmeOrderNotReadyError, AcmeServerInternalError, - AcmeUnauthorizedError, AcmeUnsupportedIdentifierError } from "./pki-acme-errors"; import { buildUrl, extractAccountIdFromKid, validateDnsIdentifier } from "./pki-acme-fns"; @@ -129,7 +127,6 @@ type TPkiAcmeServiceFactoryDep = { TKmsServiceFactory, "decryptWithKmsKey" | "generateKmsKey" | "encryptWithKmsKey" | "createCipherPairWithDataKey" >; - licenseService: Pick; certificateV3Service: Pick; certificateTemplateV2Service: Pick; certificateRequestService: Pick; @@ -152,7 +149,6 @@ export const pkiAcmeServiceFactory = ({ acmeChallengeDAL, keyStore, kmsService, - licenseService, certificateV3Service, certificateTemplateV2Service, certificateRequestService, @@ -169,12 +165,6 @@ export const pkiAcmeServiceFactory = ({ if (profile.enrollmentType !== EnrollmentType.ACME) { throw new NotFoundError({ message: "Certificate profile is not configured for ACME enrollment" }); } - const orgLicensePlan = await licenseService.getPlan(profile.project!.orgId); - if (!orgLicensePlan.pkiAcme) { - throw new AcmeUnauthorizedError({ - message: "Failed to validate ACME profile: Plan restriction. Upgrade plan to continue" - }); - } return profile; }; diff --git a/backend/src/server/routes/index.ts b/backend/src/server/routes/index.ts index f1661a3540..733fe68f5a 100644 --- a/backend/src/server/routes/index.ts +++ b/backend/src/server/routes/index.ts @@ -1227,7 +1227,6 @@ export const registerRoutes = async ( certificateAuthorityDAL, externalCertificateAuthorityDAL, permissionService, - licenseService, kmsService, projectDAL }); @@ -2340,7 +2339,6 @@ export const registerRoutes = async ( acmeChallengeDAL, keyStore, kmsService, - licenseService, certificateV3Service, certificateTemplateV2Service, certificateRequestService, diff --git a/backend/src/services/certificate-profile/certificate-profile-service.test.ts b/backend/src/services/certificate-profile/certificate-profile-service.test.ts index d10188e6f8..184dd1980b 100644 --- a/backend/src/services/certificate-profile/certificate-profile-service.test.ts +++ b/backend/src/services/certificate-profile/certificate-profile-service.test.ts @@ -5,9 +5,8 @@ import { ForbiddenError } from "@casl/ability"; import { afterEach, beforeEach, describe, expect, it, vi } from "vitest"; -import { TLicenseServiceFactory } from "@app/ee/services/license/license-service"; import type { TPermissionServiceFactory } from "@app/ee/services/permission/permission-service-types"; -import { BadRequestError, ForbiddenRequestError, NotFoundError } from "@app/lib/errors"; +import { ForbiddenRequestError, NotFoundError } from "@app/lib/errors"; import { ActorType, AuthMethod } from "../auth/auth-type"; import type { TCertificateBodyDALFactory } from "../certificate/certificate-body-dal"; @@ -175,10 +174,6 @@ describe("CertificateProfileService", () => { }) } as unknown as Pick; - const mockLicenseService = { - getPlan: vi.fn() - } as unknown as Pick; - const mockKmsService = { encryptWithKmsKey: vi .fn() @@ -258,7 +253,6 @@ describe("CertificateProfileService", () => { certificateAuthorityDAL: mockCertificateAuthorityDAL, externalCertificateAuthorityDAL: mockExternalCertificateAuthorityDAL, permissionService: mockPermissionService, - licenseService: mockLicenseService, kmsService: mockKmsService, projectDAL: mockProjectDAL }); @@ -287,9 +281,6 @@ describe("CertificateProfileService", () => { id: "project-123", orgId: "org-123" }); - (mockLicenseService.getPlan as any).mockResolvedValue({ - pkiAcme: true - }); (mockCertificateTemplateV2DAL.findById as any).mockResolvedValue(sampleTemplate); (mockCertificateProfileDAL.findByNameAndProjectId as any).mockResolvedValue(null); (mockCertificateProfileDAL.findBySlugAndProjectId as any).mockResolvedValue(null); @@ -423,30 +414,6 @@ describe("CertificateProfileService", () => { expect(result).toEqual(sampleProfile); expect(mockCertificateTemplateV2DAL.findById).toHaveBeenCalledWith("template-123"); }); - - it("should throw BadRequestError when plan does not support ACME", async () => { - (mockLicenseService.getPlan as any).mockResolvedValue({ - pkiAcme: false - }); - - await expect( - service.createProfile({ - ...mockActor, - projectId: "project-123", - data: { - ...validProfileData, - enrollmentType: EnrollmentType.ACME, - acmeConfig: {}, - apiConfig: undefined, - estConfig: undefined - } - }) - ).rejects.toThrowError( - new BadRequestError({ - message: "Failed to create certificate profile: Plan restriction. Upgrade plan to continue" - }) - ); - }); }); describe("updateProfile", () => { @@ -756,9 +723,6 @@ describe("CertificateProfileService", () => { id: "project-123", orgId: "org-123" }); - (mockLicenseService.getPlan as any).mockResolvedValue({ - pkiAcme: true - }); (mockCertificateTemplateV2DAL.findById as any).mockResolvedValue(sampleTemplate); (mockCertificateProfileDAL.findByNameAndProjectId as any).mockResolvedValue(null); (mockCertificateProfileDAL.findBySlugAndProjectId as any).mockResolvedValue(null); diff --git a/backend/src/services/certificate-profile/certificate-profile-service.ts b/backend/src/services/certificate-profile/certificate-profile-service.ts index 4cb60a5229..bda2367663 100644 --- a/backend/src/services/certificate-profile/certificate-profile-service.ts +++ b/backend/src/services/certificate-profile/certificate-profile-service.ts @@ -2,7 +2,6 @@ import { ForbiddenError, subject } from "@casl/ability"; import * as x509 from "@peculiar/x509"; import { ActionProjectType } from "@app/db/schemas"; -import { TLicenseServiceFactory } from "@app/ee/services/license/license-service"; import { TPermissionServiceFactory } from "@app/ee/services/permission/permission-service-types"; import { ProjectPermissionCertificateActions, @@ -233,7 +232,6 @@ type TCertificateProfileServiceFactoryDep = { certificateAuthorityDAL: Pick; externalCertificateAuthorityDAL: Pick; permissionService: Pick; - licenseService: Pick; kmsService: Pick; projectDAL: Pick; }; @@ -271,7 +269,6 @@ export const certificateProfileServiceFactory = ({ certificateAuthorityDAL, externalCertificateAuthorityDAL, permissionService, - licenseService, kmsService, projectDAL }: TCertificateProfileServiceFactoryDep) => { @@ -309,12 +306,6 @@ export const certificateProfileServiceFactory = ({ if (!project) { throw new NotFoundError({ message: "Project not found" }); } - const plan = await licenseService.getPlan(project.orgId); - if (!plan.pkiAcme && data.enrollmentType === EnrollmentType.ACME) { - throw new BadRequestError({ - message: "Failed to create certificate profile: Plan restriction. Upgrade plan to continue" - }); - } // Validate that certificate template exists and belongs to the same project if (data.certificateTemplateId) { diff --git a/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CertificateProfilesTab.tsx b/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CertificateProfilesTab.tsx index 1045f809ab..9fb7286df2 100644 --- a/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CertificateProfilesTab.tsx +++ b/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CertificateProfilesTab.tsx @@ -30,7 +30,7 @@ export const CertificateProfilesTab = () => { const [selectedProfile, setSelectedProfile] = useState( null ); - const { popUp, handlePopUpOpen, handlePopUpToggle } = usePopUp(["upgradePlan"] as const); + const { popUp, handlePopUpToggle } = usePopUp(["upgradePlan"] as const); const deleteProfile = useDeleteCertificateProfile(); @@ -105,11 +105,7 @@ export const CertificateProfilesTab = () => { onDeleteProfile={handleDeleteProfile} /> - setIsCreateModalOpen(false)} - handlePopUpOpen={handlePopUpOpen} - /> + setIsCreateModalOpen(false)} /> handlePopUpToggle("upgradePlan", isOpen)} @@ -125,7 +121,6 @@ export const CertificateProfilesTab = () => { setIsEditModalOpen(false); setSelectedProfile(null); }} - handlePopUpOpen={handlePopUpOpen} profile={selectedProfile} mode="edit" /> diff --git a/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CreateProfileModal.tsx b/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CreateProfileModal.tsx index 43de8c6b23..39dbcc4587 100644 --- a/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CreateProfileModal.tsx +++ b/frontend/src/pages/cert-manager/PoliciesPage/components/CertificateProfilesTab/CreateProfileModal.tsx @@ -19,7 +19,7 @@ import { TextArea, Tooltip } from "@app/components/v2"; -import { useProject, useSubscription } from "@app/context"; +import { useProject } from "@app/context"; import { CaType } from "@app/hooks/api/ca/enums"; import { useGetAzureAdcsTemplates, useListCasByProjectId } from "@app/hooks/api/ca/queries"; import { @@ -32,7 +32,6 @@ import { useUpdateCertificateProfile } from "@app/hooks/api/certificateProfiles"; import { useListCertificateTemplatesV2 } from "@app/hooks/api/certificateTemplates/queries"; -import { UsePopUpState } from "@app/hooks/usePopUp"; const createSchema = z .object({ @@ -339,25 +338,12 @@ export type FormData = z.infer; interface Props { isOpen: boolean; onClose: () => void; - handlePopUpOpen: ( - popUpName: keyof UsePopUpState<["upgradePlan"]>, - data?: { - isEnterpriseFeature?: boolean; - } - ) => void; profile?: TCertificateProfileWithDetails; mode?: "create" | "edit"; } -export const CreateProfileModal = ({ - isOpen, - onClose, - handlePopUpOpen, - profile, - mode = "create" -}: Props) => { +export const CreateProfileModal = ({ isOpen, onClose, profile, mode = "create" }: Props) => { const { currentProject } = useProject(); - const { subscription } = useSubscription(); const { data: allCaData } = useListCasByProjectId(currentProject?.id || ""); const { data: templateData } = useListCertificateTemplatesV2({ @@ -532,15 +518,6 @@ export const CreateProfileModal = ({ }, [isEdit, profile, isAzureAdcsCa, azureAdcsTemplatesData, setValue]); const onFormSubmit = async (data: FormData) => { - if (!isEdit && !subscription?.pkiAcme && data.enrollmentType === EnrollmentType.ACME) { - reset(); - onClose(); - handlePopUpOpen("upgradePlan", { - isEnterpriseFeature: true - }); - return; - } - if (!currentProject?.id && !isEdit) return; // Validate Azure ADCS template requirement