From ed353d3263f9de3bdae30ec6f79c2ea4a32efafa Mon Sep 17 00:00:00 2001
From: Daniel Hougaard <62331820+DanielHougaard@users.noreply.github.com>
Date: Wed, 21 Feb 2024 04:09:46 +0100
Subject: [PATCH] Extra

---
 backend/src/services/org/org-service.ts       |  2 +-
 .../project-membership-service.ts             | 22 +++++++++++++++++--
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/backend/src/services/org/org-service.ts b/backend/src/services/org/org-service.ts
index f499d2309b..f39ac5366d 100644
--- a/backend/src/services/org/org-service.ts
+++ b/backend/src/services/org/org-service.ts
@@ -132,7 +132,7 @@ export const orgServiceFactory = ({
   };
 
   const addGhostUser = async (orgId: string, tx?: Knex) => {
-    const email = `ghost-${alphaNumericNanoId(16)}-${orgId}@infisical.com`; // We add a nanoid because the email is unique. And we have to create a new ghost user each time, so we can have access to the private key.
+    const email = `sudo-${alphaNumericNanoId(16)}-${orgId}@infisical.com`; // We add a nanoid because the email is unique. And we have to create a new ghost user each time, so we can have access to the private key.
     const password = crypto.randomBytes(128).toString("hex");
 
     const user = await userDAL.create(
diff --git a/backend/src/services/project-membership/project-membership-service.ts b/backend/src/services/project-membership/project-membership-service.ts
index 35deb9b2cf..fbaa0bb00a 100644
--- a/backend/src/services/project-membership/project-membership-service.ts
+++ b/backend/src/services/project-membership/project-membership-service.ts
@@ -4,6 +4,7 @@ import { ForbiddenError } from "@casl/ability";
 import {
   OrgMembershipStatus,
   ProjectMembershipRole,
+  ProjectVersion,
   SecretKeyEncoding,
   TableName,
   TProjectMemberships,
@@ -226,6 +227,10 @@ export const projectMembershipServiceFactory = ({
     const project = await projectDAL.findById(projectId);
     if (!project) throw new BadRequestError({ message: "Project not found" });
 
+    if (project.version === ProjectVersion.V1) {
+      throw new BadRequestError({ message: "Please upgrade your project on your dashboard" });
+    }
+
     const { permission } = await permissionService.getProjectPermission(actor, actorId, projectId);
     ForbiddenError.from(permission).throwUnlessCan(ProjectPermissionActions.Create, ProjectPermissionSub.Member);
 
@@ -243,7 +248,7 @@ export const projectMembershipServiceFactory = ({
 
     if (!ghostUser) {
       throw new BadRequestError({
-        message: "Failed to find top-level user"
+        message: "Failed to find sudo user"
       });
     }
 
@@ -251,7 +256,7 @@ export const projectMembershipServiceFactory = ({
 
     if (!ghostUserLatestKey) {
       throw new BadRequestError({
-        message: "Failed to find top-level latest key"
+        message: "Failed to find sudo user latest key"
       });
     }
 
@@ -405,6 +410,19 @@ export const projectMembershipServiceFactory = ({
     const { permission } = await permissionService.getProjectPermission(actor, actorId, projectId, actorOrgId);
     ForbiddenError.from(permission).throwUnlessCan(ProjectPermissionActions.Delete, ProjectPermissionSub.Member);
 
+    const project = await projectDAL.findById(projectId);
+
+    if (!project) {
+      throw new BadRequestError({
+        message: "Project not found",
+        name: "Delete project membership"
+      });
+    }
+
+    if (project.version === ProjectVersion.V1) {
+      throw new BadRequestError({ message: "Please upgrade your project on your dashboard" });
+    }
+
     const projectMembers = await projectMembershipDAL.findMembershipsByEmail(projectId, emails);
 
     if (projectMembers.length !== emails.length) {